* [hamer@hamer.org.ua: Bug#590736: zsh: Segmentation fault in completion]
@ 2010-07-29 4:48 Clint Adams
2010-07-29 9:07 ` Peter Stephenson
0 siblings, 1 reply; 2+ messages in thread
From: Clint Adams @ 2010-07-29 4:48 UTC (permalink / raw)
To: zsh-workers
----- Forwarded message from Александр Новиченко <hamer@hamer.org.ua> -----
Date: Thu, 29 Jul 2010 01:12:48 +0300
From: Александр Новиченко <hamer@hamer.org.ua>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#590736: zsh: Segmentation fault in completion
Package: zsh
Version: 4.3.10-14
To reproduce this bug, mpc (an MPD client) is needed.
~/.zshrc must contain lines:
setopt recexact
autoload -U compinit
compinit
After adding some songs to current playlist od MPD, type
"mpc play " in zsh and press <TAB>.
Probably, segfaults like this may appear in other cases too.
Debugger session around this bug:
(gdb) run
Starting program: /usr/local/bin/zsh
hamer# mpc play
Program received signal SIGSEGV, Segmentation fault.
0x00007ffff64fe9bb in matcheq (a=0x7ffff7ff6af8, b=0x0) at compcore.c:3070
3070 return matchstreq(a->ipre, b->ipre) &&
(gdb) list
3065
3066 /**/
3067 static int
3068 matcheq(Cmatch a, Cmatch b)
3069 {
3070 return matchstreq(a->ipre, b->ipre) &&
3071 matchstreq(a->pre, b->pre) &&
3072 matchstreq(a->ppre, b->ppre) &&
3073 matchstreq(a->psuf, b->psuf) &&
3074 matchstreq(a->suf, b->suf) &&
(gdb) print a
$1 = (Cmatch) 0x7ffff7ff6af8
(gdb) print b
$2 = (Cmatch) 0x0
(gdb) up
#1 0x00007ffff64fe395 in add_match_data (alt=0, str=0x7ffff7ff6af0 "",
orig=0x75cc10 "", line=0x7ffff7ff6970, ipre=0x7ffff7ff67b8 "", ripre=0x0,
isuf=0x7ffff7ff67c0 "", pre=0x0, prpre=0x0, ppre=0x0, pline=0x0, psuf=0x0,
sline=0x0, suf=0x0, flags=64, exact=1) at compcore.c:2935
2935 } else if (useexact && !matcheq(cm, ai->exactm)) {
As you can see, problem is in spelling NULL-pointer in matcheq().
For resolving ths bug, i propose use this patch:
diff -Naur zsh-4.3.10.orig/Src/Zle/compcore.c zsh-4.3.10/Src/Zle/compcore.c
--- zsh-4.3.10.orig/Src/Zle/compcore.c 2009-01-13 12:15:38.000000000 +0000
+++ zsh-4.3.10/Src/Zle/compcore.c 2010-07-27 22:58:40.726692827 +0000
@@ -2932,7 +2932,7 @@
comp_setunset(0, 0, CP_EXACTSTR, 0);
}
ai->exactm = cm;
- } else if (useexact && !matcheq(cm, ai->exactm)) {
+ } else if (useexact && (!ai->exactm || !matcheq(cm, ai->exactm))) {
ai->exact = 2;
ai->exactm = NULL;
if (incompfunc)
P.S.: I have already reported this bug to devepolers of zsh
http://sourceforge.net/tracker/?func=detail&aid=3035629&group_id=4068&atid=104068
-- System Information:
Debian Release: squeeze/sid
APT prefers testing
APT policy: (500, 'testing')
Architecture: i386 (i686)
Kernel: Linux 2.6.32-5-686 (SMP w/1 CPU core)
Locale: LANG=ru_RU.UTF-8, LC_CTYPE=ru_RU.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages zsh depends on:
ii libc6 2.11.2-2 Embedded GNU C Library:
Shared lib
ii libcap2 1:2.17-2 support for getting/setting
POSIX.
ii libncursesw5 5.7+20100313-2 shared libraries for terminal
hand
Versions of packages zsh recommends:
ii libc6 2.11.2-2 Embedded GNU C Library:
Shared lib
ii libpcre3 7.8-3 Perl 5 Compatible Regular
Expressi
Versions of packages zsh suggests:
ii zsh-doc 4.3.10-14 zsh documentation - info/HTML
form
-- no debconf information
----- End forwarded message -----
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: [hamer@hamer.org.ua: Bug#590736: zsh: Segmentation fault in completion]
2010-07-29 4:48 [hamer@hamer.org.ua: Bug#590736: zsh: Segmentation fault in completion] Clint Adams
@ 2010-07-29 9:07 ` Peter Stephenson
0 siblings, 0 replies; 2+ messages in thread
From: Peter Stephenson @ 2010-07-29 9:07 UTC (permalink / raw)
To: zsh-workers
On Thu, 29 Jul 2010 04:48:58 +0000
Александр Новиченко <hamer@hamer.org.ua> wrote:
> As you can see, problem is in spelling NULL-pointer in matcheq().
>
> For resolving ths bug, i propose use this patch:
>
> diff -Naur zsh-4.3.10.orig/Src/Zle/compcore.c
> zsh-4.3.10/Src/Zle/compcore.c --- zsh-4.3.10.orig/Src/Zle/compcore.c
> 2009-01-13 12:15:38.000000000 +0000 +++
> zsh-4.3.10/Src/Zle/compcore.c 2010-07-27 22:58:40.726692827
> +0000 @@ -2932,7 +2932,7 @@ comp_setunset(0, 0, CP_EXACTSTR, 0);
> }
> ai->exactm = cm;
> - } else if (useexact && !matcheq(cm, ai->exactm)) {
> + } else if (useexact && (!ai->exactm || !matcheq(cm, ai->exactm))) {
> ai->exact = 2;
> ai->exactm = NULL;
> if (incompfunc)
Thanks, that looks entirely reasonable. It's clear from the code just
below that ai->exactm can be NULL when ai->exact is non-zero, which appears
to violate the assumption behind the previous code. Given it's a week's
work to understand the completion code in enough detail to test the
assumptions any further, I'll leave it at that.
--
Peter Stephenson <pws@csr.com> Software Engineer
Tel: +44 (0)1223 692070 Cambridge Silicon Radio Limited
Churchill House, Cambridge Business Park, Cowley Road, Cambridge, CB4 0WZ, UK
Member of the CSR plc group of companies. CSR plc registered in England and Wales, registered number 4187346, registered office Churchill House, Cambridge Business Park, Cowley Road, Cambridge, CB4 0WZ, United Kingdom
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2010-07-29 9:07 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2010-07-29 4:48 [hamer@hamer.org.ua: Bug#590736: zsh: Segmentation fault in completion] Clint Adams
2010-07-29 9:07 ` Peter Stephenson
Code repositories for project(s) associated with this public inbox
https://git.vuxu.org/mirror/zsh/
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).