trap handling segfault

trap handling segfault

[Clint Adams]

The following snippet will cause 3.1.9 to die with a SEGV (in gdb it dumps
at the blank line just before the declaration of periodic(), without gdb
it dumps when periodic is actually called).

I haven't looked at this in depth, but it's dying in endtrapscope()
when it tries to dereference st->list->funcdef (when st->list happens to
be NULL).  Reversing 11736 smoothes things out.


----8<----
function TRAPEXIT ()
{
  /bin/rm -f /tmp/jobs$HOST$$
}


function set-title ()
{
  if [[ "$1" = "-k" ]]
  then
    shift
    KEPT_TITLE="$* "
  else
    TITLE=$*
  fi
  [[ "$TERM" = "xterm" ]] && print -n -D -P "\033]2;${KEPT_TITLE}${TITLE}\007"
}

function accept-line {
  local cmd=${BUFFER%%" "*}
  local oldtitle=$TITLE

  [[ -n "$cmd" ]] && set-title $TITLE "->" $cmd
  TITLE=$oldtitle
  zle .accept-line
}
zle -N accept-line

function periodic () { }
----8<----

PATCH: trap handling segfault

[Clint Adams]

This patch doesn't crash the snippet I posted, and it prints
BYE after the script in 11735.  I'm going to commit this under the
assumption that someone with a better understanding  will reverse it
if there are horrible side effects.

Index: signals.c
===================================================================
RCS file: /cvsroot/zsh/zsh/Src/signals.c,v
retrieving revision 1.6
diff -u -r1.6 signals.c
--- signals.c	2000/06/03 16:26:47	1.6
+++ signals.c	2000/06/09 14:35:34
@@ -853,7 +853,7 @@
 	    if (sigtrapped[sig])
 		unsettrap(sig);
 	    sigtrapped[sig] = st->flags;
-	    if (st->flags) {
+	    if (st->flags && (st->list != NULL)) {
 		Eprog prog = (st->flags & ZSIG_FUNC) ?
 		    ((Shfunc) st->list)->funcdef : (Eprog) st->list;
 		/* prevent settrap from saving this */

Re: trap handling segfault

[Bart Schaefer]

On Jun 9, 10:02am, Clint Adams wrote:
} Subject: trap handling segfault
}
} I haven't looked at this in depth, but it's dying in endtrapscope()
} when it tries to dereference st->list->funcdef (when st->list happens to
} be NULL).  Reversing 11736 smoothes things out.

If you have a compiled shell with 11736 reversed, please try adding a
`setopt localtraps' at the top level (i.e. above `function TRAPEXIT')
in your snippet and then see if it still dumps core.  I don't think
11736 can really be the cause of this crash.

-- 
Bart Schaefer                                 Brass Lantern Enterprises
http://www.well.com/user/barts              http://www.brasslantern.com

Zsh: http://www.zsh.org | PHPerl Project: http://phperl.sourceforge.net   

Re: trap handling segfault

[Clint Adams]

> If you have a compiled shell with 11736 reversed, please try adding a
> `setopt localtraps' at the top level (i.e. above `function TRAPEXIT')
> in your snippet and then see if it still dumps core.  I don't think
> 11736 can really be the cause of this crash.

Tried with both standard 3.1.9 and 3.1.9 minus 11736: the former crashes,
the latter doesn't.