Segfault on "zmodload -u zsh/parameter"

Segfault on "zmodload -u zsh/parameter"

[Bart Schaefer]

Latest CVS.  Appears to happen when unsetting the "parameters" parameter.

Program received signal SIGSEGV, Segmentation fault.
0x0 in ?? ()
(gdb) up
#1  0x8098563 in unsetparam_pm (pm=0x818c870, altflag=135752632, exp=134802064)
    at ../../zsh-4.0/Src/params.c:2343
2343        pm->gsu.s->unsetfn(pm, exp);
(gdb) p pm->nam
$1 = 0x38 <Address 0x38 out of bounds>
(gdb) up
#2  0x80c8c1f in cleanup_zshQsparameter (m=0x818c870)
    at ../../../zsh-4.0/Src/Modules/parameter.c:1987
1987                unsetparam_pm(pm, 0, 1);
(gdb) p def->name
$3 = 0x81377bb "parameters"

Re: Segfault on "zmodload -u zsh/parameter"

[Bart Schaefer]

On Mar 5,  6:18pm, Bart Schaefer wrote:
} Subject: Segfault on "zmodload -u zsh/parameter"
}
} Latest CVS.

Happens with 4.2.3 as well.

PATCH: Re: Segfault on "zmodload -u zsh/parameter"

[Bart Schaefer]

On Mar 5,  6:18pm, Bart Schaefer wrote:
} Subject: Segfault on "zmodload -u zsh/parameter"
}
} Latest CVS.  Appears to happen when unsetting the "parameters" parameter.

I would have thought this attracted a little more attention.

Anyway, the problem is this:

/**/
mod_export const struct gsu_hash nullsethash_gsu =
{ hashgetfn, nullsethashfn, NULL };

unsetparam_pm() unconditionally calls pm->gsu.s->unsetfn(), but in that
structure (which is duplicated in Src/params.c and Modules/parameter.c
for obscure reasons) the unsetfn is NULL, and boom.

A grep shows that the "parameters" parameter is apparently the only one
that uses this particular structure.

A lot of parameters are using this one:

/**/
mod_export const struct gsu_scalar nullsetscalar_gsu =
{ strgetfn, nullstrsetfn, NULL };

And the zsh/term* modules use:

/**/
mod_export const struct gsu_integer nullsetinteger_gsu =
{ intgetfn, NULL, NULL };

But apparently those are only used for the internal elements of hashes,
and therefore they're not called even when the hashes themselves are
unset.

Thus it doesn't seem desirable to test for null-ness of s->unsetfn in
unsetparam_pm(), but it's also unsuitable to put either nullstrsetfn
or nullintsetfn in that slot.  Hence the patch below.

Other mutterings:

Should nullnullsetfn be used in other places instead of NULL, too?

Why do we have nullstrsetfn and nullintsetfn but nullsethashfn?


Index: Src/params.c
===================================================================
RCS file: /extra/cvsroot/zsh/zsh-4.0/Src/params.c,v
retrieving revision 1.28
diff -c -r1.28 params.c
--- Src/params.c	18 Feb 2005 17:05:17 -0000	1.28
+++ Src/params.c	10 Mar 2005 16:45:52 -0000
@@ -147,7 +147,7 @@
 { hashgetfn, hashsetfn, stdunsetfn };
 /**/
 mod_export const struct gsu_hash nullsethash_gsu =
-{ hashgetfn, nullsethashfn, NULL };
+{ hashgetfn, nullsethashfn, nullnullsetfn };
 
 
 /* Non standard methods (not exported) */
@@ -2604,6 +2604,10 @@
 /**/
 void
 nullintsetfn(UNUSED(Param pm), UNUSED(zlong x))
+{}
+
+/**/
+nullnullsetfn(UNUSED(Param pm), UNUSED(int exp))
 {}
 
 
Index: Src/Modules/parameter.c
===================================================================
RCS file: /extra/cvsroot/zsh/zsh-4.0/Src/Modules/parameter.c,v
retrieving revision 1.11
diff -c -r1.11 parameter.c
--- Src/Modules/parameter.c	18 Feb 2005 17:05:18 -0000	1.11
+++ Src/Modules/parameter.c	10 Mar 2005 16:45:42 -0000
@@ -1817,7 +1817,7 @@
  * in a compile-time initialiser, so we use this instead.
  */
 static const struct gsu_hash pmnullsethash_gsu =
-{ hashgetfn, nullsethashfn, NULL };
+{ hashgetfn, nullsethashfn, nullnullsetfn };
 static const struct gsu_hash pmcommands_gsu =
 { hashgetfn, setpmcommands, stdunsetfn };
 static const struct gsu_hash pmfunctions_gsu =

Re: PATCH: Re: Segfault on "zmodload -u zsh/parameter"

[Peter Stephenson]

Bart Schaefer wrote:
> +/**/
> +nullnullsetfn(UNUSED(Param pm), UNUSED(int exp))
>  {}

Did you mean something like the following?

We can test for unloading zsh/parameter as long as we load it again; it
doesn't maintain any internal state.

> Should nullnullsetfn be used in other places instead of NULL, too?

I suppose it wouldn't hurt, at least.

> Why do we have nullstrsetfn and nullintsetfn but nullsethashfn?

Presumably it's never been needed.

Index: Src/params.c
===================================================================
RCS file: /cvsroot/zsh/zsh/Src/params.c,v
retrieving revision 1.96
diff -u -r1.96 params.c
--- Src/params.c	21 Jan 2005 11:15:36 -0000	1.96
+++ Src/params.c	10 Mar 2005 17:27:03 -0000
@@ -147,7 +147,7 @@
 { hashgetfn, hashsetfn, stdunsetfn };
 /**/
 mod_export const struct gsu_hash nullsethash_gsu =
-{ hashgetfn, nullsethashfn, NULL };
+{ hashgetfn, nullsethashfn, nullunsetfn };
 
 
 /* Non standard methods (not exported) */
@@ -2604,6 +2604,11 @@
 nullintsetfn(UNUSED(Param pm), UNUSED(zlong x))
 {}
 
+/**/
+mod_export void
+nullunsetfn(UNUSED(Param pm), UNUSED(int exp))
+{}
+
 
 /* Function to get value of generic special integer *
  * parameter.  data is pointer to global variable   *
Index: Src/Modules/parameter.c
===================================================================
RCS file: /cvsroot/zsh/zsh/Src/Modules/parameter.c,v
retrieving revision 1.34
diff -u -r1.34 parameter.c
--- Src/Modules/parameter.c	6 Feb 2005 20:36:44 -0000	1.34
+++ Src/Modules/parameter.c	10 Mar 2005 17:27:03 -0000
@@ -1817,7 +1817,7 @@
  * in a compile-time initialiser, so we use this instead.
  */
 static const struct gsu_hash pmnullsethash_gsu =
-{ hashgetfn, nullsethashfn, NULL };
+{ hashgetfn, nullsethashfn, nullunsetfn };
 static const struct gsu_hash pmcommands_gsu =
 { hashgetfn, setpmcommands, stdunsetfn };
 static const struct gsu_hash pmfunctions_gsu =
Index: Test/V01zmodload.ztst
===================================================================
RCS file: /cvsroot/zsh/zsh/Test/V01zmodload.ztst,v
retrieving revision 1.6
diff -u -r1.6 V01zmodload.ztst
--- Test/V01zmodload.ztst	28 Sep 2001 14:43:13 -0000	1.6
+++ Test/V01zmodload.ztst	10 Mar 2005 17:27:03 -0000
@@ -151,11 +151,12 @@
  zmodload -e example
 1:Delete the module alias again
 
-# Don't unload the two modules that are required by the test system!
+# Don't unload the main module.
+# Do unload zsh/parameter, but reload it as it is needed.
 
  mods[(r)zsh/main]=()
- mods[(r)zsh/parameter]=()
  zmodunload $mods
+ zmodload zsh/parameter
 0d:Unload the modules loaded by this test suite
 
 %clean

-- 
Peter Stephenson <pws@csr.com>                  Software Engineer
CSR PLC, Churchill House, Cambridge Business Park, Cowley Road
Cambridge, CB4 0WZ, UK                          Tel: +44 (0)1223 692070


**********************************************************************
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. If you have received this email in error please notify
the system manager.

**********************************************************************

Re: PATCH: Re: Segfault on "zmodload -u zsh/parameter"

[Bart Schaefer]

On Mar 10,  5:32pm, Peter Stephenson wrote:
} Subject: Re: PATCH: Re: Segfault on "zmodload -u zsh/parameter"
}
} Bart Schaefer wrote:
} > +/**/
} > +nullnullsetfn(UNUSED(Param pm), UNUSED(int exp))
} >  {}
} 
} Did you mean something like the following?

I meant what I posted, but yours is equivalent.
 
} > Why do we have nullstrsetfn and nullintsetfn but nullsethashfn?
} 
} Presumably it's never been needed.

No, you've missed the point: "str set" vs. "set hash".

Both exist and are usd, they just have the middle two words of the name
transposed for no particular (?) reason.  I was grumbling for the sake
of grumbling.