On Wed, Sep 14, 2016 at 05:42:29PM -0700, Jonathon Mah wrote: > Hi git, I've been seeing git segfault over the past few days. I'm on Mac OS X 10.12, 64-bit, compiling with clang (Apple LLVM version 8.0.0 (clang-800.0.40)). > [...] > Bisect says: > > 8261e1f139db3f8aa6f9fd7d98c876cbeb0f927c is the first bad commit > commit 8261e1f139db3f8aa6f9fd7d98c876cbeb0f927c > Author: Jeff King <peff@xxxxxxxx> > Date: Mon Aug 22 18:00:07 2016 -0400 > > delta_base_cache: use hashmap.h Have you tried with the patch in: http://public-inbox.org/git/20160912164616.vg33kldazuthff3d@xxxxxxxxxxxxxxxxxxxxx/ ? > $ lldb /Users/jmah/Documents/Streams/git/git-log -- -u > (lldb) target create "/Users/jmah/Documents/Streams/git/git-log" > Current executable set to '/Users/jmah/Documents/Streams/git/git-log' (x86_64). > (lldb) settings set -- target.run-args "-u" > (lldb) process launch -o /dev/null > Process 92815 launched: '/Users/jmah/Documents/Streams/git/git-log' (x86_64) > Process 92815 stopped > * thread #1: tid = 0x1c30677, 0x00000001001bba80 git-log`release_delta_base_cache(ent=0xffffffffffffffd0) + 16 at sha1_file.c:2171, queue = 'com.apple.main-thread', stop reason = EXC_BAD_ACCESS (code=1, address=0x10) > frame #0: 0x00000001001bba80 git-log`release_delta_base_cache(ent=0xffffffffffffffd0) + 16 at sha1_file.c:2171 > 2168 > 2169 static inline void release_delta_base_cache(struct delta_base_cache_entry *ent) > 2170 { > -> 2171 free(ent->data); > 2172 detach_delta_base_cache_entry(ent); The problems I saw with valgrind weren't here, but would explain this. We free() the previous node, then walk forward from its "next" pointer. On my Linux box, that happens to work, but we could be feeding total junk to the list pointer, which would meant ent->data is junk, and free() notices. -Peff