* [MAYBE BUG] resetting `$0' in sourced script causes zsh to crash on Debian
@ 2009-11-06 18:49 Stefano Lattarini
2009-11-06 19:59 ` Dan Nelson
2009-11-06 21:30 ` Peter Stephenson
0 siblings, 2 replies; 5+ messages in thread
From: Stefano Lattarini @ 2009-11-06 18:49 UTC (permalink / raw)
To: zsh-workers
[-- Attachment #1: Type: text/plain, Size: 2577 bytes --]
Hi everybody.
I have recently found a problem in resetting `$0' inside a script "sourced"
with the `.' builtin.
Not sure if it's a bug or if it's just me doing something that should not
be done; hopefully you can tell.
Here are some minimal examples exposing the problem:
-*-*-*-
$ cat main1.zsh
0=x
v1=$0
v2=`echo "$0" | sed 's/x/y/g'`
echo 0="$0"
echo v1="$v1"
echo v2="$v2"
$ zsh main1.zsh; echo e=$? # this behaves OK
0=x
v1=x
v2=y
e=0
-*-*-*-
$ cat main2.zsh
. ./inc2.zsh
echo 0="$0"'
echo v="$v"
$ cat inc2.zsh
0=x
v=$0
$ zsh main2.zsh; echo e=$? # this causes zsh to crash
*** glibc detected *** zsh: double free or corruption (!prev): 0x08d91a18 ***
======= Backtrace: =========
/lib/i686/cmov/libc.so.6[0xb7dd98f4]
/lib/i686/cmov/libc.so.6(cfree+0x96)[0xb7ddb896]
zsh[0x80804ba]
zsh(ingetc+0x1a2)[0x8080cc2]
... [CUT] (see the attachement)
b7f87000-b7f88000 rw-p 0001c000 03:47 3156250 /lib/ld-2.9.so
bff71000-bff87000 rw-p bffea000 00:00 0 [stack]
Abortito
e=134
-*-*-*-
$ cat main3.zsh
. ./inc3.zsh
echo 0="$0"'
echo v="$v"
$ cat inc3.zsh
0=x
v=`echo "$0"`
$ zsh main3.zsh; echo e=$? # I'd expect $v to be "x", but...
0=main3.zsh
v=
e=0
-*-*-*-
$ cat main4.zsh
. ./inc4.zsh
echo 0="$0"'
echo v="$v"
$ cat inc4.zsh
setopt no_function_argzero
0=x
v=`echo "$0"`
$ zsh main4.zsh; echo e=$? # this causes zsh to crash
*** glibc detected *** zsh: corrupted double-linked list: 0x0813aa20 ***
======= Backtrace: =========
/lib/i686/cmov/libc.so.6[0xb7dc836f]
/lib/i686/cmov/libc.so.6[0xb7dc9e6d]
/lib/i686/cmov/libc.so.6(__libc_malloc+0x95)[0xb7dcbcd5]
zsh(zalloc+0x24)[0x808de44]
zsh[0x809e347]
zsh(parse_event+0x2f)[0x80a3fff]
... [CUT] (see the attachement)
b7f75000-b7f76000 rw-p 0001c000 03:47 3156250 /lib/ld-2.9.so
bfb60000-bfb76000 rw-p bffea000 00:00 0 [stack]
-*-*-*-
System information:
$ uname -a
Linux bigio 2.6.26-1-686 #1 SMP Sat Jan 10 18:29:31 UTC 2009 i686 GNU/Linux
$ cat /etc/debian_version
squeeze/sid
$ zsh --version
zsh 4.3.10 (i686-pc-linux-gnu)
$ dpkg -l zsh
ii zsh 4.3.10-5 A shell with lots of features
$ dpkg -l libc6
ii libc6 2.9-25 GNU C Library: Shared libraries
Regards,
Stefano
[-- Attachment #2: main2-btrace.txt --]
[-- Type: text/plain, Size: 4174 bytes --]
*** glibc detected *** zsh: double free or corruption (!prev): 0x08d91a18 ***
======= Backtrace: =========
/lib/i686/cmov/libc.so.6[0xb7dd98f4]
/lib/i686/cmov/libc.so.6(cfree+0x96)[0xb7ddb896]
zsh[0x80804ba]
zsh(ingetc+0x1a2)[0x8080cc2]
zsh[0x8086bdb]
zsh[0x8087595]
zsh(zshlex+0x190)[0x8088340]
zsh[0x80a3229]
zsh[0x80a1d86]
zsh[0x80a2bde]
zsh[0x80a2df7]
zsh[0x80a2e74]
zsh[0x80a3eae]
zsh(parse_event+0x34)[0x80a4004]
zsh(loop+0x6c)[0x807f5bc]
zsh(zsh_main+0x1ce)[0x808036e]
zsh(main+0x22)[0x8054c92]
/lib/i686/cmov/libc.so.6(__libc_start_main+0xe5)[0xb7d817a5]
zsh[0x8054bd1]
======= Memory map: ========
08048000-080ca000 r-xp 00000000 03:47 2940818 /bin/zsh4
080ca000-080ce000 rw-p 00081000 03:47 2940818 /bin/zsh4
080ce000-080e1000 rw-p 080ce000 00:00 0
08d83000-08da4000 rw-p 08d83000 00:00 0 [heap]
b7900000-b7921000 rw-p b7900000 00:00 0
b7921000-b7a00000 ---p b7921000 00:00 0
b7a9c000-b7ac6000 r-xp 00000000 03:47 3154466 /lib/libgcc_s.so.1
b7ac6000-b7ac7000 rw-p 00029000 03:47 3154466 /lib/libgcc_s.so.1
b7af1000-b7afb000 r-xp 00000000 03:47 3170741 /lib/i686/cmov/libnss_files-2.9.so
b7afb000-b7afc000 r--p 00009000 03:47 3170741 /lib/i686/cmov/libnss_files-2.9.so
b7afc000-b7afd000 rw-p 0000a000 03:47 3170741 /lib/i686/cmov/libnss_files-2.9.so
b7afd000-b7b06000 r-xp 00000000 03:47 3170754 /lib/i686/cmov/libnss_nis-2.9.so
b7b06000-b7b07000 r--p 00008000 03:47 3170754 /lib/i686/cmov/libnss_nis-2.9.so
b7b07000-b7b08000 rw-p 00009000 03:47 3170754 /lib/i686/cmov/libnss_nis-2.9.so
b7b29000-b7b2e000 rw-p b7b29000 00:00 0
b7b2e000-b7b30000 r-xp 00000000 03:47 1901992 /usr/lib/gconv/ISO8859-15.so
b7b30000-b7b31000 r--p 00001000 03:47 1901992 /usr/lib/gconv/ISO8859-15.so
b7b31000-b7b32000 rw-p 00002000 03:47 1901992 /usr/lib/gconv/ISO8859-15.so
b7b32000-b7b69000 r--p 001f5000 03:47 3367552 /usr/lib/locale/locale-archive
b7b69000-b7d69000 r--p 00000000 03:47 3367552 /usr/lib/locale/locale-archive
b7d69000-b7d6b000 rw-p b7d69000 00:00 0
b7d6b000-b7ec3000 r-xp 00000000 03:47 3170597 /lib/i686/cmov/libc-2.9.so
b7ec3000-b7ec4000 ---p 00158000 03:47 3170597 /lib/i686/cmov/libc-2.9.so
b7ec4000-b7ec6000 r--p 00158000 03:47 3170597 /lib/i686/cmov/libc-2.9.so
b7ec6000-b7ec7000 rw-p 0015a000 03:47 3170597 /lib/i686/cmov/libc-2.9.so
b7ec7000-b7eca000 rw-p b7ec7000 00:00 0
b7eca000-b7eee000 r-xp 00000000 03:47 3170714 /lib/i686/cmov/libm-2.9.so
b7eee000-b7eef000 r--p 00023000 03:47 3170714 /lib/i686/cmov/libm-2.9.so
b7eef000-b7ef0000 rw-p 00024000 03:47 3170714 /lib/i686/cmov/libm-2.9.so
b7ef0000-b7f32000 r-xp 00000000 03:47 3156539 /lib/libncursesw.so.5.7
b7f32000-b7f35000 rw-p 00041000 03:47 3156539 /lib/libncursesw.so.5.7
b7f35000-b7f37000 r-xp 00000000 03:47 3170758 /lib/i686/cmov/libdl-2.9.so
b7f37000-b7f38000 r--p 00001000 03:47 3170758 /lib/i686/cmov/libdl-2.9.so
b7f38000-b7f39000 rw-p 00002000 03:47 3170758 /lib/i686/cmov/libdl-2.9.so
b7f39000-b7f3c000 r-xp 00000000 03:47 3152851 /lib/libcap.so.2.16
b7f3c000-b7f3d000 rw-p 00002000 03:47 3152851 /lib/libcap.so.2.16
b7f3d000-b7f3e000 rw-p b7f3d000 00:00 0
b7f3e000-b7f45000 r--s 00000000 03:47 1896378 /usr/lib/gconv/gconv-modules.cache
b7f45000-b7f5a000 r-xp 00000000 03:47 3170743 /lib/i686/cmov/libnsl-2.9.so
b7f5a000-b7f5b000 r--p 00014000 03:47 3170743 /lib/i686/cmov/libnsl-2.9.so
b7f5b000-b7f5c000 rw-p 00015000 03:47 3170743 /lib/i686/cmov/libnsl-2.9.so
b7f5c000-b7f5e000 rw-p b7f5c000 00:00 0
b7f5e000-b7f65000 r-xp 00000000 03:47 3170735 /lib/i686/cmov/libnss_compat-2.9.so
b7f65000-b7f66000 r--p 00006000 03:47 3170735 /lib/i686/cmov/libnss_compat-2.9.so
b7f66000-b7f67000 rw-p 00007000 03:47 3170735 /lib/i686/cmov/libnss_compat-2.9.so
b7f67000-b7f68000 r--p 0035f000 03:47 3367552 /usr/lib/locale/locale-archive
b7f68000-b7f69000 rw-p b7f68000 00:00 0
b7f69000-b7f6a000 r-xp b7f69000 00:00 0 [vdso]
b7f6a000-b7f86000 r-xp 00000000 03:47 3156250 /lib/ld-2.9.so
b7f86000-b7f87000 r--p 0001b000 03:47 3156250 /lib/ld-2.9.so
b7f87000-b7f88000 rw-p 0001c000 03:47 3156250 /lib/ld-2.9.so
bff71000-bff87000 rw-p bffea000 00:00 0 [stack]
[-- Attachment #3: main4-btrace.txt --]
[-- Type: text/plain, Size: 4064 bytes --]
*** glibc detected *** zsh: corrupted double-linked list: 0x0813aa20 ***
======= Backtrace: =========
/lib/i686/cmov/libc.so.6[0xb7dc836f]
/lib/i686/cmov/libc.so.6[0xb7dc9e6d]
/lib/i686/cmov/libc.so.6(__libc_malloc+0x95)[0xb7dcbcd5]
zsh(zalloc+0x24)[0x808de44]
zsh[0x809e347]
zsh(parse_event+0x2f)[0x80a3fff]
zsh(loop+0x6c)[0x807f5bc]
zsh(zsh_main+0x1ce)[0x808036e]
zsh(main+0x22)[0x8054c92]
/lib/i686/cmov/libc.so.6(__libc_start_main+0xe5)[0xb7d6f7a5]
zsh[0x8054bd1]
======= Memory map: ========
08048000-080ca000 r-xp 00000000 03:47 2940818 /bin/zsh4
080ca000-080ce000 rw-p 00081000 03:47 2940818 /bin/zsh4
080ce000-080e1000 rw-p 080ce000 00:00 0
0812c000-0814d000 rw-p 0812c000 00:00 0 [heap]
b7900000-b7921000 rw-p b7900000 00:00 0
b7921000-b7a00000 ---p b7921000 00:00 0
b7a8a000-b7ab4000 r-xp 00000000 03:47 3154466 /lib/libgcc_s.so.1
b7ab4000-b7ab5000 rw-p 00029000 03:47 3154466 /lib/libgcc_s.so.1
b7adf000-b7ae9000 r-xp 00000000 03:47 3170741 /lib/i686/cmov/libnss_files-2.9.so
b7ae9000-b7aea000 r--p 00009000 03:47 3170741 /lib/i686/cmov/libnss_files-2.9.so
b7aea000-b7aeb000 rw-p 0000a000 03:47 3170741 /lib/i686/cmov/libnss_files-2.9.so
b7aeb000-b7af4000 r-xp 00000000 03:47 3170754 /lib/i686/cmov/libnss_nis-2.9.so
b7af4000-b7af5000 r--p 00008000 03:47 3170754 /lib/i686/cmov/libnss_nis-2.9.so
b7af5000-b7af6000 rw-p 00009000 03:47 3170754 /lib/i686/cmov/libnss_nis-2.9.so
b7b17000-b7b1c000 rw-p b7b17000 00:00 0
b7b1c000-b7b1e000 r-xp 00000000 03:47 1901992 /usr/lib/gconv/ISO8859-15.so
b7b1e000-b7b1f000 r--p 00001000 03:47 1901992 /usr/lib/gconv/ISO8859-15.so
b7b1f000-b7b20000 rw-p 00002000 03:47 1901992 /usr/lib/gconv/ISO8859-15.so
b7b20000-b7b57000 r--p 001f5000 03:47 3367552 /usr/lib/locale/locale-archive
b7b57000-b7d57000 r--p 00000000 03:47 3367552 /usr/lib/locale/locale-archive
b7d57000-b7d59000 rw-p b7d57000 00:00 0
b7d59000-b7eb1000 r-xp 00000000 03:47 3170597 /lib/i686/cmov/libc-2.9.so
b7eb1000-b7eb2000 ---p 00158000 03:47 3170597 /lib/i686/cmov/libc-2.9.so
b7eb2000-b7eb4000 r--p 00158000 03:47 3170597 /lib/i686/cmov/libc-2.9.so
b7eb4000-b7eb5000 rw-p 0015a000 03:47 3170597 /lib/i686/cmov/libc-2.9.so
b7eb5000-b7eb8000 rw-p b7eb5000 00:00 0
b7eb8000-b7edc000 r-xp 00000000 03:47 3170714 /lib/i686/cmov/libm-2.9.so
b7edc000-b7edd000 r--p 00023000 03:47 3170714 /lib/i686/cmov/libm-2.9.so
b7edd000-b7ede000 rw-p 00024000 03:47 3170714 /lib/i686/cmov/libm-2.9.so
b7ede000-b7f20000 r-xp 00000000 03:47 3156539 /lib/libncursesw.so.5.7
b7f20000-b7f23000 rw-p 00041000 03:47 3156539 /lib/libncursesw.so.5.7
b7f23000-b7f25000 r-xp 00000000 03:47 3170758 /lib/i686/cmov/libdl-2.9.so
b7f25000-b7f26000 r--p 00001000 03:47 3170758 /lib/i686/cmov/libdl-2.9.so
b7f26000-b7f27000 rw-p 00002000 03:47 3170758 /lib/i686/cmov/libdl-2.9.so
b7f27000-b7f2a000 r-xp 00000000 03:47 3152851 /lib/libcap.so.2.16
b7f2a000-b7f2b000 rw-p 00002000 03:47 3152851 /lib/libcap.so.2.16
b7f2b000-b7f2c000 rw-p b7f2b000 00:00 0
b7f2c000-b7f33000 r--s 00000000 03:47 1896378 /usr/lib/gconv/gconv-modules.cache
b7f33000-b7f48000 r-xp 00000000 03:47 3170743 /lib/i686/cmov/libnsl-2.9.so
b7f48000-b7f49000 r--p 00014000 03:47 3170743 /lib/i686/cmov/libnsl-2.9.so
b7f49000-b7f4a000 rw-p 00015000 03:47 3170743 /lib/i686/cmov/libnsl-2.9.so
b7f4a000-b7f4c000 rw-p b7f4a000 00:00 0
b7f4c000-b7f53000 r-xp 00000000 03:47 3170735 /lib/i686/cmov/libnss_compat-2.9.so
b7f53000-b7f54000 r--p 00006000 03:47 3170735 /lib/i686/cmov/libnss_compat-2.9.so
b7f54000-b7f55000 rw-p 00007000 03:47 3170735 /lib/i686/cmov/libnss_compat-2.9.so
b7f55000-b7f56000 r--p 0035f000 03:47 3367552 /usr/lib/locale/locale-archive
b7f56000-b7f57000 rw-p b7f56000 00:00 0
b7f57000-b7f58000 r-xp b7f57000 00:00 0 [vdso]
b7f58000-b7f74000 r-xp 00000000 03:47 3156250 /lib/ld-2.9.so
b7f74000-b7f75000 r--p 0001b000 03:47 3156250 /lib/ld-2.9.so
b7f75000-b7f76000 rw-p 0001c000 03:47 3156250 /lib/ld-2.9.so
bfb60000-bfb76000 rw-p bffea000 00:00 0 [stack]
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [MAYBE BUG] resetting `$0' in sourced script causes zsh to crash on Debian
2009-11-06 18:49 [MAYBE BUG] resetting `$0' in sourced script causes zsh to crash on Debian Stefano Lattarini
@ 2009-11-06 19:59 ` Dan Nelson
2009-11-06 20:38 ` Mikael Magnusson
2009-11-06 21:30 ` Peter Stephenson
1 sibling, 1 reply; 5+ messages in thread
From: Dan Nelson @ 2009-11-06 19:59 UTC (permalink / raw)
To: Stefano Lattarini; +Cc: zsh-workers
In the last episode (Nov 06), Stefano Lattarini said:
> I have recently found a problem in resetting `$0' inside a script
> "sourced" with the `.' builtin.
>
> Not sure if it's a bug or if it's just me doing something that should not
> be done; hopefully you can tell.
>
> Here are some minimal examples exposing the problem:
>
> $ cat main2.zsh
> . ./inc2.zsh
> echo 0="$0"'
> echo v="$v"
>
> $ cat inc2.zsh
> 0=x
> v=$0
>
> $ zsh main2.zsh; echo e=$? # this causes zsh to crash
> *** glibc detected *** zsh: double free or corruption (!prev): 0x08d91a18 ***
Here's valgrind output on a FreeBSD box:
==73378== Memcheck, a memory error detector.
==73378== Copyright (C) 2002-2009, and GNU GPL'd, by Julian Seward et al.
==73378== Using Valgrind-3.5.0.SVN and LibVEX; rerun with -h for copyright info
==73378== Command: /usr/ports/shells/zsh/work/zsh-4.3.10/Src/zsh main2.zsh
==73378==
==73378== Invalid read of size 1
==73378== at 0x80540E5: bin_dot (in /usr/ports/shells/zsh/work/zsh-4.3.10/Src/zsh)
==73378== by 0x805946F: execbuiltin (in /usr/ports/shells/zsh/work/zsh-4.3.10/Src/zsh)
==73378== by 0x8069475: execcmd (in /usr/ports/shells/zsh/work/zsh-4.3.10/Src/zsh)
==73378== by 0x806A284: execpline2 (in /usr/ports/shells/zsh/work/zsh-4.3.10/Src/zsh)
==73378== by 0x806A66E: execpline (in /usr/ports/shells/zsh/work/zsh-4.3.10/Src/zsh)
==73378== by 0x806B609: execlist (in /usr/ports/shells/zsh/work/zsh-4.3.10/Src/zsh)
==73378== by 0x806B739: execode (in /usr/ports/shells/zsh/work/zsh-4.3.10/Src/zsh)
==73378== by 0x807D3BC: loop (in /usr/ports/shells/zsh/work/zsh-4.3.10/Src/zsh)
==73378== by 0x807E168: zsh_main (in /usr/ports/shells/zsh/work/zsh-4.3.10/Src/zsh)
==73378== by 0x8052C01: main (in /usr/ports/shells/zsh/work/zsh-4.3.10/Src/zsh)
==73378== Address 0x31bd51 is 1 bytes inside a block of size 11 free'd
==73378== at 0x48B95: free (in /usr/local/lib/valgrind/vgpreload_memcheck-x86-freebsd.so)
==73378== by 0x8093376: strvarsetfn (in /usr/ports/shells/zsh/work/zsh-4.3.10/Src/zsh)
==73378== by 0x80958B9: setstrvalue (in /usr/ports/shells/zsh/work/zsh-4.3.10/Src/zsh)
==73378== by 0x8099CEE: assignsparam (in /usr/ports/shells/zsh/work/zsh-4.3.10/Src/zsh)
==73378== by 0x806509A: addvars (in /usr/ports/shells/zsh/work/zsh-4.3.10/Src/zsh)
==73378== by 0x80652C6: execsimple (in /usr/ports/shells/zsh/work/zsh-4.3.10/Src/zsh)
==73378== by 0x806B13F: execlist (in /usr/ports/shells/zsh/work/zsh-4.3.10/Src/zsh)
==73378== by 0x806B739: execode (in /usr/ports/shells/zsh/work/zsh-4.3.10/Src/zsh)
==73378== by 0x807D3BC: loop (in /usr/ports/shells/zsh/work/zsh-4.3.10/Src/zsh)
==73378== by 0x807DAE4: source (in /usr/ports/shells/zsh/work/zsh-4.3.10/Src/zsh)
==73378== by 0x80540E1: bin_dot (in /usr/ports/shells/zsh/work/zsh-4.3.10/Src/zsh)
==73378== by 0x805946F: execbuiltin (in /usr/ports/shells/zsh/work/zsh-4.3.10/Src/zsh)
==73378==
==73378== Invalid free() / delete / delete[]
==73378== at 0x48B95: free (in /usr/local/lib/valgrind/vgpreload_memcheck-x86-freebsd.so)
==73378== by 0x8054065: bin_dot (in /usr/ports/shells/zsh/work/zsh-4.3.10/Src/zsh)
==73378== by 0x805946F: execbuiltin (in /usr/ports/shells/zsh/work/zsh-4.3.10/Src/zsh)
==73378== by 0x8069475: execcmd (in /usr/ports/shells/zsh/work/zsh-4.3.10/Src/zsh)
==73378== by 0x806A284: execpline2 (in /usr/ports/shells/zsh/work/zsh-4.3.10/Src/zsh)
==73378== by 0x806A66E: execpline (in /usr/ports/shells/zsh/work/zsh-4.3.10/Src/zsh)
==73378== by 0x806B609: execlist (in /usr/ports/shells/zsh/work/zsh-4.3.10/Src/zsh)
==73378== by 0x806B739: execode (in /usr/ports/shells/zsh/work/zsh-4.3.10/Src/zsh)
==73378== by 0x807D3BC: loop (in /usr/ports/shells/zsh/work/zsh-4.3.10/Src/zsh)
==73378== by 0x807E168: zsh_main (in /usr/ports/shells/zsh/work/zsh-4.3.10/Src/zsh)
==73378== by 0x8052C01: main (in /usr/ports/shells/zsh/work/zsh-4.3.10/Src/zsh)
==73378== Address 0x31bd50 is 0 bytes inside a block of size 11 free'd
==73378== at 0x48B95: free (in /usr/local/lib/valgrind/vgpreload_memcheck-x86-freebsd.so)
==73378== by 0x8093376: strvarsetfn (in /usr/ports/shells/zsh/work/zsh-4.3.10/Src/zsh)
==73378== by 0x80958B9: setstrvalue (in /usr/ports/shells/zsh/work/zsh-4.3.10/Src/zsh)
==73378== by 0x8099CEE: assignsparam (in /usr/ports/shells/zsh/work/zsh-4.3.10/Src/zsh)
==73378== by 0x806509A: addvars (in /usr/ports/shells/zsh/work/zsh-4.3.10/Src/zsh)
==73378== by 0x80652C6: execsimple (in /usr/ports/shells/zsh/work/zsh-4.3.10/Src/zsh)
==73378== by 0x806B13F: execlist (in /usr/ports/shells/zsh/work/zsh-4.3.10/Src/zsh)
==73378== by 0x806B739: execode (in /usr/ports/shells/zsh/work/zsh-4.3.10/Src/zsh)
==73378== by 0x807D3BC: loop (in /usr/ports/shells/zsh/work/zsh-4.3.10/Src/zsh)
==73378== by 0x807DAE4: source (in /usr/ports/shells/zsh/work/zsh-4.3.10/Src/zsh)
==73378== by 0x80540E1: bin_dot (in /usr/ports/shells/zsh/work/zsh-4.3.10/Src/zsh)
==73378== by 0x805946F: execbuiltin (in /usr/ports/shells/zsh/work/zsh-4.3.10/Src/zsh)
0=main2.zsh
v=x
--
Dan Nelson
dnelson@allantgroup.com
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [MAYBE BUG] resetting `$0' in sourced script causes zsh to crash on Debian
2009-11-06 19:59 ` Dan Nelson
@ 2009-11-06 20:38 ` Mikael Magnusson
2009-11-08 12:05 ` Stefano Lattarini
0 siblings, 1 reply; 5+ messages in thread
From: Mikael Magnusson @ 2009-11-06 20:38 UTC (permalink / raw)
To: Dan Nelson; +Cc: Stefano Lattarini, zsh-workers
2009/11/6 Dan Nelson <dnelson@allantgroup.com>:
> In the last episode (Nov 06), Stefano Lattarini said:
>> I have recently found a problem in resetting `$0' inside a script
>> "sourced" with the `.' builtin.
>>
>> Not sure if it's a bug or if it's just me doing something that should not
>> be done; hopefully you can tell.
>>
>> Here are some minimal examples exposing the problem:
>>
>> $ cat main2.zsh
>> . ./inc2.zsh
>> echo 0="$0"'
>> echo v="$v"
>>
>> $ cat inc2.zsh
>> 0=x
>> v=$0
>>
>> $ zsh main2.zsh; echo e=$? # this causes zsh to crash
>> *** glibc detected *** zsh: double free or corruption (!prev): 0x08d91a18 ***
>
> Here's valgrind output on a FreeBSD box:
>
> 0=main2.zsh
> v=x
Are you sure? I get
2:4: unmatched '
If you modify the script you should say so. That said, I get the crash
both with and without the extraneous quote, and your output with the
quote removed. If you get that output with it left, something is
really really strange though.
With MALLOC_CHECK_ set to show errors, I get the slightly more useful
*** glibc detected *** zsh: free(): invalid pointer: 0x08102c90 ***
(than the "double free or corruption")
With MALLOC_CHECK_ set to ignore errors, I get the output as under valgrind.
My valgrind output has line numbers so I'll include it too.
==1260== Invalid read of size 1
==1260== at 0x8063D84: bin_dot (builtin.c:4771)
==1260== by 0x8055D9F: execbuiltin (builtin.c:439)
==1260== by 0x8070836: execcmd (exec.c:3104)
==1260== by 0x806C4CB: execpline2 (exec.c:1579)
==1260== by 0x806B8DD: execpline (exec.c:1364)
==1260== by 0x806B14B: execlist (exec.c:1161)
==1260== by 0x806ABE2: execode (exec.c:988)
==1260== by 0x8084761: loop (init.c:185)
==1260== by 0x8087322: zsh_main (init.c:1454)
==1260== by 0x80553D5: main (main.c:93)
==1260== Address 0x40a5fb9 is 1 bytes inside a block of size 11 free'd
==1260== at 0x40071EA: free (in
/usr/lib/valgrind/vgpreload_memcheck-x86-linux.so)
==1260== by 0x8098BBB: zsfree (mem.c:1508)
==1260== by 0x80A809C: strvarsetfn (params.c:3215)
==1260== by 0x80A535B: setstrvalue (params.c:2227)
==1260== by 0x80A686D: assignsparam (params.c:2647)
==1260== by 0x806D85A: addvars (exec.c:2136)
==1260== by 0x806ACBD: execsimple (exec.c:1015)
==1260== by 0x806B00E: execlist (exec.c:1129)
==1260== by 0x806ABE2: execode (exec.c:988)
==1260== by 0x8084761: loop (init.c:185)
==1260== by 0x8086630: source (init.c:1156)
==1260== by 0x8063D6E: bin_dot (builtin.c:4768)
==1260==
==1260== Invalid free() / delete / delete[]
==1260== at 0x40071EA: free (in
/usr/lib/valgrind/vgpreload_memcheck-x86-linux.so)
==1260== by 0x8098BBB: zsfree (mem.c:1508)
==1260== by 0x8063EFE: bin_dot (builtin.c:4801)
==1260== by 0x8055D9F: execbuiltin (builtin.c:439)
==1260== by 0x8070836: execcmd (exec.c:3104)
==1260== by 0x806C4CB: execpline2 (exec.c:1579)
==1260== by 0x806B8DD: execpline (exec.c:1364)
==1260== by 0x806B14B: execlist (exec.c:1161)
==1260== by 0x806ABE2: execode (exec.c:988)
==1260== by 0x8084761: loop (init.c:185)
==1260== by 0x8087322: zsh_main (init.c:1454)
==1260== by 0x80553D5: main (main.c:93)
==1260== Address 0x40a5fb8 is 0 bytes inside a block of size 11 free'd
==1260== at 0x40071EA: free (in
/usr/lib/valgrind/vgpreload_memcheck-x86-linux.so)
==1260== by 0x8098BBB: zsfree (mem.c:1508)
==1260== by 0x80A809C: strvarsetfn (params.c:3215)
==1260== by 0x80A535B: setstrvalue (params.c:2227)
==1260== by 0x80A686D: assignsparam (params.c:2647)
==1260== by 0x806D85A: addvars (exec.c:2136)
==1260== by 0x806ACBD: execsimple (exec.c:1015)
==1260== by 0x806B00E: execlist (exec.c:1129)
==1260== by 0x806ABE2: execode (exec.c:988)
==1260== by 0x8084761: loop (init.c:185)
==1260== by 0x8086630: source (init.c:1156)
==1260== by 0x8063D6E: bin_dot (builtin.c:4768)
==1260==
2:4: unmatched '
line 4771 for that invalid read is
ret = source(arg0);
and line 4768 is
else if (arg0[1] == '.' && arg0 + 2 == s)
(Doesn't it seem like valgrind confused these two? Or am I really
stupid? 4771 is the one calling source, yet the backtrace says it is
called by 4768. I don't think I changed that file since compiling last
time, but maybe I have.)
--
Mikael Magnusson
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [MAYBE BUG] resetting `$0' in sourced script causes zsh to crash on Debian
2009-11-06 18:49 [MAYBE BUG] resetting `$0' in sourced script causes zsh to crash on Debian Stefano Lattarini
2009-11-06 19:59 ` Dan Nelson
@ 2009-11-06 21:30 ` Peter Stephenson
1 sibling, 0 replies; 5+ messages in thread
From: Peter Stephenson @ 2009-11-06 21:30 UTC (permalink / raw)
To: zsh-workers
On Fri, 6 Nov 2009 19:49:31 +0100
Stefano Lattarini <stefano.lattarini@gmail.com> wrote:
> I have recently found a problem in resetting `$0' inside a script "sourced"
> with the `.' builtin.
>
> Not sure if it's a bug or if it's just me doing something that should not
> be done; hopefully you can tell.
Yep, that's a bug. Thanks for the clear instructions. The patch makes
valgrind happy, and fits with your description.
(If the shell didn't want you to set $0, it would declare it readonly
and tell you to go it way when you set it. Since it doesn't you should
be able to set it, and in either case there shouldn't be a memory error.)
By the way, anyone running valgrind is invited to look at the errors in
the code reported.
Index: Src/builtin.c
===================================================================
RCS file: /cvsroot/zsh/zsh/Src/builtin.c,v
retrieving revision 1.235
diff -u -r1.235 builtin.c
--- Src/builtin.c 2 Sep 2009 15:27:35 -0000 1.235
+++ Src/builtin.c 6 Nov 2009 21:26:06 -0000
@@ -4747,7 +4747,7 @@
enam = arg0 = ztrdup(*argv);
if (isset(FUNCTIONARGZERO)) {
old0 = argzero;
- argzero = arg0;
+ argzero = ztrdup(arg0);
}
s = unmeta(enam);
errno = ENOENT;
@@ -4802,8 +4802,10 @@
if (ret == SOURCE_NOT_FOUND)
zwarnnam(name, "%e: %s", errno, enam);
zsfree(arg0);
- if (old0)
+ if (old0) {
+ zsfree(argzero);
argzero = old0;
+ }
return ret == SOURCE_OK ? lastval : 128 - ret;
}
--
Peter Stephenson <p.w.stephenson@ntlworld.com>
Web page now at http://homepage.ntlworld.com/p.w.stephenson/
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [MAYBE BUG] resetting `$0' in sourced script causes zsh to crash on Debian
2009-11-06 20:38 ` Mikael Magnusson
@ 2009-11-08 12:05 ` Stefano Lattarini
0 siblings, 0 replies; 5+ messages in thread
From: Stefano Lattarini @ 2009-11-08 12:05 UTC (permalink / raw)
To: Mikael Magnusson; +Cc: Dan Nelson, zsh-workers
At Friday 06 November 2009, Mikael Magnusson <mikachu@gmail.com>
wrote:
> >> $ cat main2.zsh
> >> . ./inc2.zsh
> >> echo 0="$0"'
Sorry, the extra trailing single quote is a typo. I probably messed
something up when doing cut & paste from the terminal window.
Regards,
Stefano
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2009-11-08 12:06 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2009-11-06 18:49 [MAYBE BUG] resetting `$0' in sourced script causes zsh to crash on Debian Stefano Lattarini
2009-11-06 19:59 ` Dan Nelson
2009-11-06 20:38 ` Mikael Magnusson
2009-11-08 12:05 ` Stefano Lattarini
2009-11-06 21:30 ` Peter Stephenson
Code repositories for project(s) associated with this public inbox
https://git.vuxu.org/mirror/zsh/
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).