From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on inbox.vuxu.org X-Spam-Level: X-Spam-Status: No, score=-1.0 required=5.0 tests=FREEMAIL_FROM, MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE autolearn=ham autolearn_force=no version=3.4.2 Received: from primenet.com.au (ns1.primenet.com.au [203.24.36.2]) by inbox.vuxu.org (OpenSMTPD) with ESMTP id db979ff3 for ; Thu, 12 Dec 2019 18:29:49 +0000 (UTC) Received: (qmail 22186 invoked by alias); 12 Dec 2019 18:29:42 -0000 Mailing-List: contact zsh-workers-help@zsh.org; run by ezmlm Precedence: bulk X-No-Archive: yes List-Id: Zsh Workers List List-Post: List-Help: List-Unsubscribe: X-Seq: 45011 Received: (qmail 15890 invoked by uid 1010); 12 Dec 2019 18:29:42 -0000 X-Qmail-Scanner-Diagnostics: from smtp2-g21.free.fr by f.primenet.com.au (envelope-from , uid 7791) with qmail-scanner-2.11 (clamdscan: 0.102.1/25656. spamassassin: 3.4.2. Clear:RC:0(212.27.42.2):SA:0(-1.9/5.0):. Processed in 2.374057 secs); 12 Dec 2019 18:29:42 -0000 X-Envelope-From: acalando@free.fr X-Qmail-Scanner-Mime-Attachments: | X-Qmail-Scanner-Zip-Files: | Received-SPF: none (ns1.primenet.com.au: domain at free.fr does not designate permitted sender hosts) Date: Thu, 12 Dec 2019 19:28:59 +0100 (CET) From: "Antoine C." To: Zsh Workers List Message-ID: <2022943386.989309814.1576175339554.JavaMail.root@zimbra62-e11.priv.proxad.net> Subject: [BUG] Crash due to malloc call in signal handler MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-Originating-IP: [138.21.12.24] X-Mailer: Zimbra 7.2.0-GA2598 (zclient/7.2.0-GA2598) X-Authenticated-User: acalando@free.fr Hello, I finally found the cause of the frequent crashes I reported one year ago ( https://www.zsh.org/mla/workers/2019/msg00059.html ). This is due to malloc calls from signal handler, for instance: #0 tcache_get (tc_idx=17) at malloc.c:2943 #1 __GI___libc_malloc (bytes=296) at malloc.c:3050 #2 0x000055c2217b27b5 in malloc (size=8) at ./main.c:255 #3 0x000055c2218166f9 in zalloc (size=8) at mem.c:966 #4 0x000055c221806da2 in addbgstatus (pid=11959, status=0) at jobs.c:2192 #5 0x000055c2218478e7 in wait_for_processes () at signals.c:583 #6 0x000055c221847cdc in zhandler (sig=17) at signals.c:648 #7 #8 0x00007f8895b69209 in __GI___sigsuspend (set=0x7ffe759b7160) at ../sysdeps/unix/sysv/linux/sigsuspend.c:26 #9 0x000055c221847376 in signal_suspend (sig=17, wait_cmd=1) at signals.c:393 #10 0x000055c2218054e8 in waitforpid (pid=11953, wait_cmd=1) at jobs.c:1551 #11 0x000055c221807a10 in bin_fg (name=0x7f8896af4798 "wait", argv=0x7f8896af4830, ops=0x7ffe759b75c0, func=4) at jobs.c:2371 All the backtraces I get does not always show a signal, and I get a lot a various errors occuring either in a malloc or a free; however, I have been debugging this problem by enabling mcheck(), and in this very case, all the crashes occur within freehook() and when tracing back the associated malloc() I can find it always occurs during double interlaced malloc() calls from the main and signal contexts. I can provide more info to reproduce the problem. Antoine