Bug#665832: gnuplot: Crashes with "Segmentation fault" on every command

Anton Gladky gladky.anton at gmail.com
Mon Mar 26 18:43:48 UTC 2012 

I confirm the bug on i386.

=================
gnuplot

	G N U P L O T
	Version 4.6 patchlevel 0    last modified 2012-03-04 
	Build System: Linux i686

	Copyright (C) 1986-1993, 1998, 2004, 2007-2012
	Thomas Williams, Colin Kelley and many others

	gnuplot home:     http://www.gnuplot.info
	faq, bugs, etc:   type "help FAQ"
	immediate help:   type "help"  (plot window: hit 'h')

Terminal type set to 'wxt'
gnuplot> help
Segmentation fault

=================

valgrind --leak-check=full gnuplot
==3293== Memcheck, a memory error detector
==3293== Copyright (C) 2002-2011, and GNU GPL'd, by Julian Seward et al.
==3293== Using Valgrind-3.7.0 and LibVEX; rerun with -h for copyright 
info
==3293== Command: gnuplot
==3293== 

	G N U P L O T
	Version 4.6 patchlevel 0    last modified 2012-03-04 
	Build System: Linux i686

	Copyright (C) 1986-1993, 1998, 2004, 2007-2012
	Thomas Williams, Colin Kelley and many others

	gnuplot home:     http://www.gnuplot.info
	faq, bugs, etc:   type "help FAQ"
	immediate help:   type "help"  (plot window: hit 'h')

Terminal type set to 'wxt'
==3293== Warning: ignored attempt to set SIGSTOP handler in sigaction();
==3293==          the SIGSTOP signal is uncatchable
gnuplot> help
==3293== Invalid read of size 4
==3293==    at 0x8062FD8: ??? (in /usr/bin/gnuplot)
==3293==    by 0x4979E45: (below main) (libc-start.c:228)
==3293==  Address 0x0 is not stack'd, malloc'd or (recently) free'd
==3293== 
==3293== 
==3293== Process terminating with default action of signal 11 (SIGSEGV)
==3293==  Access not within mapped region at address 0x0
==3293==    at 0x8062FD8: ??? (in /usr/bin/gnuplot)
==3293==    by 0x4979E45: (below main) (libc-start.c:228)
==3293==  If you believe this happened as a result of a stack
==3293==  overflow in your program's main thread (unlikely but
==3293==  possible), you can try to increase the size of the
==3293==  main thread stack using the --main-stacksize= flag.
==3293==  The main thread stack size used in this run was 8388608.
==3293== 
==3293== HEAP SUMMARY:
==3293==     in use at exit: 106,392 bytes in 1,007 blocks
==3293==   total heap usage: 1,206 allocs, 199 frees, 133,788 bytes 
allocated
==3293== 
==3293== 92 bytes in 1 blocks are possibly lost in loss record 708 of 
832
==3293==    at 0x4026208: malloc (in 
/usr/lib/valgrind/vgpreload_memcheck-x86-linux.so)
==3293==    by 0x44E45EB: wxStringBase::AllocBuffer(unsigned int) (in 
/usr/lib/i386-linux-gnu/libwx_baseu-2.8.so.0.8.0)
==3293==    by 0x44E4683: wxStringBase::InitWith(wchar_t const*, 
unsigned int, unsigned int) (in 
/usr/lib/i386-linux-gnu/libwx_baseu-2.8.so.0.8.0)
==3293==    by 0x448EFB8: ??? (in 
/usr/lib/i386-linux-gnu/libwx_baseu-2.8.so.0.8.0)
==3293==    by 0x400DF81: call_init (dl-init.c:85)
==3293==    by 0x400E058: _dl_init (dl-init.c:134)
==3293==    by 0x400087E: ??? (in /lib/i386-linux-gnu/ld-2.13.so)
==3293== 
==3293== 92 bytes in 1 blocks are possibly lost in loss record 709 of 
832
==3293==    at 0x4026208: malloc (in 
/usr/lib/valgrind/vgpreload_memcheck-x86-linux.so)
==3293==    by 0x44E494B: wxStringBase::Alloc(unsigned int) (in 
/usr/lib/i386-linux-gnu/libwx_baseu-2.8.so.0.8.0)
==3293==    by 0x44E49C9: wxStringBase::append(unsigned int, wchar_t) 
(in /usr/lib/i386-linux-gnu/libwx_baseu-2.8.so.0.8.0)
==3293==    by 0x44E4A64: wxStringBase::wxStringBase(unsigned int, 
wchar_t) (in /usr/lib/i386-linux-gnu/libwx_baseu-2.8.so.0.8.0)
==3293==    by 0x448EFF4: ??? (in 
/usr/lib/i386-linux-gnu/libwx_baseu-2.8.so.0.8.0)
==3293==    by 0x400DF81: call_init (dl-init.c:85)
==3293==    by 0x400E058: _dl_init (dl-init.c:134)
==3293==    by 0x400087E: ??? (in /lib/i386-linux-gnu/ld-2.13.so)
==3293== 
==3293== 92 bytes in 1 blocks are possibly lost in loss record 710 of 
832
==3293==    at 0x4026208: malloc (in 
/usr/lib/valgrind/vgpreload_memcheck-x86-linux.so)
==3293==    by 0x44E45EB: wxStringBase::AllocBuffer(unsigned int) (in 
/usr/lib/i386-linux-gnu/libwx_baseu-2.8.so.0.8.0)
==3293==    by 0x44E47F0: wxStringBase::AllocBeforeWrite(unsigned int) 
(in /usr/lib/i386-linux-gnu/libwx_baseu-2.8.so.0.8.0)
==3293==    by 0x44E57B1: wxStringBase::AssignCopy(unsigned int, 
wchar_t const*) (in /usr/lib/i386-linux-gnu/libwx_baseu-2.8.so.0.8.0)
==3293==    by 0x44E587F: wxStringBase::operator=(wchar_t const*) (in 
/usr/lib/i386-linux-gnu/libwx_baseu-2.8.so.0.8.0)
==3293==    by 0x4209BEC: ??? (in 
/usr/lib/i386-linux-gnu/libwx_gtk2u_core-2.8.so.0.8.0)
==3293==    by 0x400DF81: call_init (dl-init.c:85)
==3293==    by 0x400E058: _dl_init (dl-init.c:134)
==3293==    by 0x400087E: ??? (in /lib/i386-linux-gnu/ld-2.13.so)
==3293== 
==3293== 92 bytes in 1 blocks are possibly lost in loss record 711 of 
832
==3293==    at 0x4026208: malloc (in 
/usr/lib/valgrind/vgpreload_memcheck-x86-linux.so)
==3293==    by 0x44E45EB: wxStringBase::AllocBuffer(unsigned int) (in 
/usr/lib/i386-linux-gnu/libwx_baseu-2.8.so.0.8.0)
==3293==    by 0x44E47F0: wxStringBase::AllocBeforeWrite(unsigned int) 
(in /usr/lib/i386-linux-gnu/libwx_baseu-2.8.so.0.8.0)
==3293==    by 0x44E57B1: wxStringBase::AssignCopy(unsigned int, 
wchar_t const*) (in /usr/lib/i386-linux-gnu/libwx_baseu-2.8.so.0.8.0)
==3293==    by 0x44E587F: wxStringBase::operator=(wchar_t const*) (in 
/usr/lib/i386-linux-gnu/libwx_baseu-2.8.so.0.8.0)
==3293==    by 0x4209C08: ??? (in 
/usr/lib/i386-linux-gnu/libwx_gtk2u_core-2.8.so.0.8.0)
==3293==    by 0x400DF81: call_init (dl-init.c:85)
==3293==    by 0x400E058: _dl_init (dl-init.c:134)
==3293==    by 0x400087E: ??? (in /lib/i386-linux-gnu/ld-2.13.so)
==3293== 
==3293== 156 bytes in 1 blocks are possibly lost in loss record 775 of 
832
==3293==    at 0x4026208: malloc (in 
/usr/lib/valgrind/vgpreload_memcheck-x86-linux.so)
==3293==    by 0x44E45EB: wxStringBase::AllocBuffer(unsigned int) (in 
/usr/lib/i386-linux-gnu/libwx_baseu-2.8.so.0.8.0)
==3293==    by 0x44E47F0: wxStringBase::AllocBeforeWrite(unsigned int) 
(in /usr/lib/i386-linux-gnu/libwx_baseu-2.8.so.0.8.0)
==3293==    by 0x44E57B1: wxStringBase::AssignCopy(unsigned int, 
wchar_t const*) (in /usr/lib/i386-linux-gnu/libwx_baseu-2.8.so.0.8.0)
==3293==    by 0x44E587F: wxStringBase::operator=(wchar_t const*) (in 
/usr/lib/i386-linux-gnu/libwx_baseu-2.8.so.0.8.0)
==3293==    by 0x4209BD7: ??? (in 
/usr/lib/i386-linux-gnu/libwx_gtk2u_core-2.8.so.0.8.0)
==3293==    by 0x400DF81: call_init (dl-init.c:85)
==3293==    by 0x400E058: _dl_init (dl-init.c:134)
==3293==    by 0x400087E: ??? (in /lib/i386-linux-gnu/ld-2.13.so)
==3293== 
==3293== 160 (40 direct, 120 indirect) bytes in 1 blocks are definitely 
lost in loss record 776 of 832
==3293==    at 0x4026208: malloc (in 
/usr/lib/valgrind/vgpreload_memcheck-x86-linux.so)
==3293==    by 0x4A43EA3: nss_parse_service_list (nsswitch.c:626)
==3293==    by 0x4A445D4: __nss_database_lookup (nsswitch.c:167)
==3293==    by 0x5C70DAB: ???
==3293==    by 0x5C719BC: ???
==3293==    by 0x49FCEA4: getpwuid_r@@GLIBC_2.1.2 (getXXbyYY_r.c:256)
==3293==    by 0x405C8CA: ??? (in 
/usr/lib/i386-linux-gnu/libedit.so.2.11)
==3293==    by 0x40534BA: tilde_expand (in 
/usr/lib/i386-linux-gnu/libedit.so.2.11)
==3293==    by 0x4979E45: (below main) (libc-start.c:228)
==3293== 
==3293== LEAK SUMMARY:
==3293==    definitely lost: 40 bytes in 1 blocks
==3293==    indirectly lost: 120 bytes in 10 blocks
==3293==      possibly lost: 524 bytes in 5 blocks
==3293==    still reachable: 105,708 bytes in 991 blocks
==3293==         suppressed: 0 bytes in 0 blocks
==3293== Reachable blocks (those to which a pointer was found) are not 
shown.
==3293== To see them, rerun with: --leak-check=full --show-reachable=yes
==3293== 
==3293== For counts of detected and suppressed errors, rerun with: -v
==3293== ERROR SUMMARY: 7 errors from 7 contexts (suppressed: 137 from 
10)
Segmentation fault

=================


Anton

More information about the debian-science-maintainers mailing list