Bug 1111149

Summary: git crash when format-patch with --cover-letter
Product: Red Hat Enterprise Linux 6 Reporter: Jincheng Miao <jmiao>
Component: gitAssignee: Ondrej Oprala <ooprala>
Status: CLOSED DUPLICATE QA Contact: qe-baseos-daemons
Severity: high Docs Contact:
Priority: medium    
Version: 6.4CC: mzhan, ovasik
Target Milestone: rc   
Target Release: ---   
Hardware: x86_64   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2014-06-19 13:39:03 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
the abrt generated files none

Description Jincheng Miao 2014-06-19 11:22:39 UTC 
Description of problem:
git crash when format-patch with --cover-letter 

Version-Release number of selected component (if applicable):
git-1.7.1-3.el6_4.1.x86_64

How reproducible:


Steps to Reproduce:
1. $ git format-patch -2 --cover-letter
0000-cover-letter.patch
*** glibc detected *** git: double free or corruption (fasttop): 0x0000000000b8b890 ***
======= Backtrace: =========
/lib64/libc.so.6[0x32b0676156]
git[0x489785]
git[0x4b61e8]
git[0x456db2]
git[0x4337e7]
git[0x4041a1]
git[0x404382]
/lib64/libc.so.6(__libc_start_main+0xfd)[0x32b061ed1d]
git[0x403ba9]
======= Memory map: ========
00400000-00510000 r-xp 00000000 08:01 1719075                            /usr/bin/git
00710000-00716000 rw-p 00110000 08:01 1719075                            /usr/bin/git
00716000-00761000 rw-p 00000000 00:00 0 
00b73000-00bc5000 rw-p 00000000 00:00 0                                  [heap]
32b0200000-32b0220000 r-xp 00000000 08:01 2243781                        /lib64/ld-2.12.so
32b041f000-32b0420000 r--p 0001f000 08:01 2243781                        /lib64/ld-2.12.so
32b0420000-32b0421000 rw-p 00020000 08:01 2243781                        /lib64/ld-2.12.so
32b0421000-32b0422000 rw-p 00000000 00:00 0 
32b0600000-32b078b000 r-xp 00000000 08:01 2243782                        /lib64/libc-2.12.so
32b078b000-32b098a000 ---p 0018b000 08:01 2243782                        /lib64/libc-2.12.so
32b098a000-32b098e000 r--p 0018a000 08:01 2243782                        /lib64/libc-2.12.so
32b098e000-32b098f000 rw-p 0018e000 08:01 2243782                        /lib64/libc-2.12.so
32b098f000-32b0994000 rw-p 00000000 00:00 0 
32b0e00000-32b0e17000 r-xp 00000000 08:01 2243784                        /lib64/libpthread-2.12.so
32b0e17000-32b1017000 ---p 00017000 08:01 2243784                        /lib64/libpthread-2.12.so
32b1017000-32b1018000 r--p 00017000 08:01 2243784                        /lib64/libpthread-2.12.so
32b1018000-32b1019000 rw-p 00018000 08:01 2243784                        /lib64/libpthread-2.12.so
32b1019000-32b101d000 rw-p 00000000 00:00 0 
32b1600000-32b1615000 r-xp 00000000 08:01 2243789                        /lib64/libz.so.1.2.3
32b1615000-32b1814000 ---p 00015000 08:01 2243789                        /lib64/libz.so.1.2.3
32b1814000-32b1815000 r--p 00014000 08:01 2243789                        /lib64/libz.so.1.2.3
32b1815000-32b1816000 rw-p 00015000 08:01 2243789                        /lib64/libz.so.1.2.3
32baa00000-32baa16000 r-xp 00000000 08:01 2243797                        /lib64/libgcc_s-4.4.7-20120601.so.1
32baa16000-32bac15000 ---p 00016000 08:01 2243797                        /lib64/libgcc_s-4.4.7-20120601.so.1
32bac15000-32bac16000 rw-p 00015000 08:01 2243797                        /lib64/libgcc_s-4.4.7-20120601.so.1
7f4f54aa8000-7f4f54e87000 r--p 00000000 08:07 2621468                    /home/ryan/workspace/virt/libvirt/.git/objects/pack/pack-9ce3154d1a64b1f2d3fea8a74783ee436515b959.idx
7f4f54e87000-7f4f54e8a000 rw-p 00000000 00:00 0 
7f4f54e90000-7f4f54e93000 rw-p 00000000 00:00 0 
7f4f54e93000-7f4f54e97000 r--p 00000000 08:07 2621882                    /home/ryan/workspace/virt/libvirt/.git/objects/pack/pack-8a5dad0f6d3298383109a542f86da6ce1d31986f.idx
7f4f54e97000-7f4f54e9b000 r--p 00000000 08:07 2630457                    /home/ryan/workspace/virt/libvirt/.git/objects/pack/pack-bd5db30bf170abd66cde3bf62ae6edd9fabebf90.idx
7f4f54e9b000-7f4f54e9e000 r--p 00000000 08:07 2629990                    /home/ryan/workspace/virt/libvirt/.git/objects/pack/pack-cf70235d0a795e1f88cfcf33349daf3996ab10f6.idx
7f4f54e9e000-7f4f54ea1000 r--p 00000000 08:07 2629997                    /home/ryan/workspace/virt/libvirt/.git/objects/pack/pack-1944def9e5c7e17a431147b5f547a8a133304e15.idx
7f4f54ea1000-7f4f54ea2000 rw-p 00000000 00:00 0 
7fff96ab3000-7fff96ac8000 rw-p 00000000 00:00 0                          [stack]
7fff96bff000-7fff96c00000 r-xp 00000000 00:00 0                          [vdso]
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0                  [vsyscall]
Aborted (core dumped)


2. the backtrace from gdb is:

Core was generated by `git format-patch -2 --cover-letter'.
Program terminated with signal 6, Aborted.
#0  0x00000032b0632915 in raise (sig=6)
    at ../nptl/sysdeps/unix/sysv/linux/raise.c:64
64	  return INLINE_SYSCALL (tgkill, 3, pid, selftid, sig);
Missing separate debuginfos, use: debuginfo-install libgcc-4.4.7-4.el6.x86_64 zlib-1.2.3-29.el6.x86_64
(gdb) bt
#0  0x00000032b0632915 in raise (sig=6)
    at ../nptl/sysdeps/unix/sysv/linux/raise.c:64
#1  0x00000032b06340f5 in abort () at abort.c:92
#2  0x00000032b0670827 in __libc_message (do_abort=2, 
    fmt=0x32b0758ae0 "*** glibc detected *** %s: %s: 0x%s ***\n")
    at ../sysdeps/unix/sysv/linux/libc_fatal.c:198
#3  0x00000032b0676156 in malloc_printerr (action=3, 
    str=0x32b0758db8 "double free or corruption (fasttop)", 
    ptr=<value optimized out>) at malloc.c:6336
#4  0x0000000000489785 in free_mailmap_entry (p=<value optimized out>, 
    s=<value optimized out>) at mailmap.c:42
#5  0x00000000004b61e8 in string_list_clear_func (list=0x7fffa43846a8, 
    clearfunc=0x489770 <free_mailmap_entry>) at string-list.c:129
#6  0x0000000000456db2 in shortlog_output (log=0x7fffa4384660)
    at builtin/shortlog.c:355
#7  0x00000000004337e7 in make_cover_letter (argc=<value optimized out>, 
    argv=<value optimized out>, prefix=<value optimized out>)
    at builtin/log.c:745
#8  cmd_format_patch (argc=<value optimized out>, argv=<value optimized out>, 
    prefix=<value optimized out>) at builtin/log.c:1215
#9  0x00000000004041a1 in run_builtin (argc=3, argv=0x7fffa4384ed0)
    at git.c:260
#10 handle_internal_command (argc=3, argv=0x7fffa4384ed0) at git.c:416
---Type <return> to continue, or q <return> to quit---
#11 0x0000000000404382 in run_argv (argc=3, argv=0x7fffa4384ed0) at git.c:458
#12 main (argc=3, argv=0x7fffa4384ed0) at git.c:529


Actual results:
Oops

Expected results:
No crash

Additional info:
The 0000-cover-letter.patch is generated incompletely, it lacks the statics infomation, like:
```
 docs/formatdomain.html.in | 4 ++--
 src/qemu/qemu_command.c   | 8 ++++++++
 2 files changed, 10 insertions(+), 2 deletions(-)
```
Comment 1 Jincheng Miao 2014-06-19 11:25:21 UTC 
Created attachment 910350 [details]
the abrt generated files
Comment 3 Ondrej Oprala 2014-06-19 13:39:03 UTC 

*** This bug has been marked as a duplicate of bug 874659 ***