I've managed to get a segfault in haskell! And without even using the FFI... actually my code uses the FFI, but the changes that triggered the segfault don't involve that, they just use Text.Regex. The code that triggers the segfault is the function produced by: filetype_function :: IO (FilePath -> FileType) filetype_function = do binsfile <- def_prefval "binariesfile" "_darcs/prefs/binaries" bins <- (liftM lines $ readFile binsfile) `catch` (\e-> if isDoesNotExistError e then return [] else ioError e) let rs = map (mkRegex.fixregex) bins isbin f = or $ map (\r-> matchRegex r f /= Nothing) rs ftf f = if isbin f then BinaryFile else TextFile in return ftf and the valgrind report on the segfault is: ==8705== Invalid free() / delete / delete[] ==8705== at 0x4015D6A4: free (vg_clientfuncs.c:185) ==8705== by 0x40399A34: (within /lib/libc-2.3.1.so) ==8705== by 0x40399C13: regfree (in /lib/libc-2.3.1.so) ==8705== by 0x8117683: s67U_entry (in /home/droundy/darcs/darcs) ==8705== Address 0x1 is not stack'd, malloc'd or free'd ==8705== ==8705== Invalid read of size 4 ==8705== at 0x40399A58: (within /lib/libc-2.3.1.so) ==8705== by 0x40399C13: regfree (in /lib/libc-2.3.1.so) ==8705== by 0x8117683: s67U_entry (in /home/droundy/darcs/darcs) ==8705== Address 0x22 is not stack'd, malloc'd or free'd Unfortunately inserting a "trace f $" before the isbin f shows that it is segfaulting on the string "Patch.lhs". This looks to me like a bug in either Text.Regex or glibc (with my bet being on Text.Regex. Any ideas how to track it down and/or work around it? Oh yeah, and I'm running ghc 6.0. Maybe this is fixed in CVS? -- David Roundy http://www.abridgegame.org