http://bugzilla.novell.com/show_bug.cgi?id=540647 http://bugzilla.novell.com/show_bug.cgi?id=540647#c22 Michael Matz <matz@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEEDINFO |ASSIGNED Info Provider|matz@novell.com | AssignedTo|crrodriguez@novell.com |pbaudis@novell.com --- Comment #22 from Michael Matz <matz@novell.com> 2009-12-02 11:32:05 UTC --- I know the problem. It's a glibc bug in strncmp, which leads to a free of a data structure that is accessed later (the search history, if anyone is interested). This doesn't happen under valgrind because that has it's own implementation of strncmp. To demonstrate the problem: % cat bug.c #include <string.h> extern void abort (void); static __attribute__((noinline)) mycmp (const char *a, const char *b) { return strncmp (a, b, (size_t)-1); } int main () { if (mycmp ("", "bla") == 0) abort (); return 0; } % gcc bug.c % ./a.out Aborted The problem is the very large size given to strncmp, this triggers a bug in the AMD64 assembler implementation, which was always there. That's why we removed strncmp.S after applying the patch since 2006. It seems this part got lost. Petr, please look at e.g. /work/SRC/old-versions/11.1/all/glibc/glibc.spec (search for strncmp). Needs an update in 11.2 . -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.