Bug 452127 - grep segfaults when using -m and -A
grep segfaults when using -m and -A
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: grep (Show other bugs)
i386 Linux
low Severity medium
: rc
: ---
Assigned To: Stepan Kasal
Depends On:
  Show dependency treegraph
Reported: 2008-06-19 11:04 EDT by Bart Dopheide
Modified: 2013-04-12 15:46 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2009-05-14 03:32:34 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Bart Dopheide 2008-06-19 11:04:57 EDT
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv: Gecko/20080404 Iceweasel/ (Debian-

Description of problem:
I can get grep to crash (segfault) when using a certain combination of
* -m
* -A
* .*

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1. echo -en "X\nX" | /bin/grep -m 1 -A 1 '.*X'

Actual Results:
Segmentation fault

Expected Results:
It should not segfault.

Additional info:

When running with grep-debuginfo-2.5.1-54.2.el5 installed and using grep:
$ echo -en "X\nX" > /tmp/testinput.txt
$ gdb /bin/grep
GNU gdb Red Hat Linux (6.5-37.el5rh)
Copyright (C) 2006 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "i386-redhat-linux-gnu"...Using host libthread_db library "/lib/libthread_db.so.1".

(gdb) run -m 1 -A 1 '.*X' /tmp/testinput.txt
Starting program: /bin/grep -m 1 -A 1 '.*X' /tmp/testinput.txt

Program received signal SIGSEGV, Segmentation fault.
0x001e4d89 in memchr () from /lib/libc.so.6
(gdb) bt
#0  0x001e4d89 in memchr () from /lib/libc.so.6
#1  0x08052e15 in kwsexec (kws=0x98d8ff8, 
    text=0x1 <Address 0x1 out of bounds>, size=160280578, kwsmatch=0xbf9fbadc)
    at kwset.c:509
#2  0x08055112 in EGexecute (buf=0x98db002 "X\n", size=1, 
    match_size=0xbf9fbb38, exact=0) at search.c:386
#3  0x0804a68c in prpending (lim=0x98db004 "") at grep.c:598
#4  0x0804b45d in grepfile (file=0xbf9fcc4b "/tmp/testinput.txt", 
    stats=0x805b2e0) at grep.c:846
#5  0x0804c2cd in main (argc=7, argv=0xbf9fbd14) at grep.c:1745
#6  0x0018adec in __libc_start_main () from /lib/libc.so.6
#7  0x080497f1 in _start ()
Comment 1 Stepan Kasal 2009-01-29 10:09:07 EST
The issue is fixed upstream by the following patch
Comment 3 RHEL Product and Program Management 2009-03-26 12:48:30 EDT
This request was evaluated by Red Hat Product Management for
inclusion, but this component is not scheduled to be updated in
the current Red Hat Enterprise Linux release. If you would like
this request to be reviewed for the next minor release, ask your
support representative to set the next rhel-x.y flag to "?".
Comment 8 errata-xmlrpc 2009-05-14 03:32:34 EDT
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.


Note You need to log in before you can comment on or make changes to this bug.