Graphviz Issue Tracker
Mantis Bug Tracker

View Issue Details Jump to Notes ] Issue History ] Print ]
IDProjectCategoryView StatusDate SubmittedLast Update
0000418graphvizDotpublic2004-06-21 13:272011-04-28 04:02
ReporterWillem de Bruijn 
Assigned Toerg 
PrioritynormalSeverityminorReproducibilityalways
StatusclosedResolutionsuspended 
PlatformOSx86-Linux-gentoo ebuild; kernel OS Version
Summary0000418: crash during free()
Description



dot crashed with the following output (using gdb) :
<CD>
gdb dot
GNU gdb 6.0
Copyright 2003 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB. Type "show warranty" for details.
This GDB was configured as "i686-pc-linux-gnu"...(no debugging symbols found)...Using host libthread_db library "/lib/libthread_db.so.1".



(gdb) set args -Tps testgraph.dot -o testgraph.ps
(gdb) run
Starting program: /usr/bin/dot -Tps testgraph.dot -o testgraph.ps
(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...
(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...
(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...
(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...
(no debugging symbols found)...(no debugging symbols found)...free(): invalid pointer 0x402ec000!



Program received signal SIGSEGV, Segmentation fault.
0x401c3449 in _IO_file_overflow () from /lib/libc.so.6
(gdb) bt
#0 0x401c3449 in _IO_file_overflow () from /lib/libc.so.6
0000001 0x401c492a in __overflow () from /lib/libc.so.6
0000002 0x401a2a10 in vfprintf () from /lib/libc.so.6
0000003 0x401a7fef in fprintf () from /lib/libc.so.6
0000004 0x0808ed41 in toggle ()
0000005 0x0807c269 in toggle ()
0000006 0x0806b3d9 in ordercmpf ()
0000007 0x0804c18d in ?? ()
0000008 0x080f9f18 in ?? ()
0000009 0x0804c1a0 in ?? ()
0000010 0xbffff4b8 in ?? ()
#11 0x4016ec0c in __libc_start_main () from /lib/libc.so.6
Previous frame identical to this frame (corrupt stack?)
</CD>
Steps To Reproduce

digraph All {
        17 [label="bytecount"]
        17 -> 5323979
        17 [label="accept"]
        17 -> 5323979
        428816497 [label="accept"]
        428816497 -> 2622095648
        2622095648 [label="bytecount"]
        2622095648 -> 428816497
        5323979 [label="accept"]
        5323979 -> 2622095648
        17 [label="fpl1"]
        17 -> 5323979
        17 [label="fpl1"]
        17 -> 5323979
}
Additional Information
perhaps it has to do with the large identifiers given?

[erg] I could not replicate the bug. Given that version 1.9 is involved,
it has probably been fixed.
TagsNo tags attached.
AUXILLARY-FILES
DATE-FIXED
FIX-COMMENT sorry, I didn't build the debug version of dot
FORMER-ID477
INPUT-FILE
OUTPUT-FILE
STATUS-COMMENTInactive
VERSION     1.9
Attached Files

- Relationships

-  Notes
There are no notes attached to this issue.

- Issue History
Date Modified Username Field Change
2011-04-28 04:02 user1 New Issue
2011-04-28 04:02 user1 Assigned To => erg


MantisBT 1.2.5[^]
Copyright © 2000 - 2011 MantisBT Group
Powered by Mantis Bugtracker