From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 2905 invoked by alias); 21 Jul 2015 16:10:59 -0000 Mailing-List: contact zsh-workers-help@zsh.org; run by ezmlm Precedence: bulk X-No-Archive: yes List-Id: Zsh Workers List List-Post: List-Help: X-Seq: 35842 Received: (qmail 8398 invoked from network); 21 Jul 2015 16:10:55 -0000 X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on f.primenet.com.au X-Spam-Level: X-Spam-Status: No, score=-6.9 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_HI, RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,SPF_HELO_PASS autolearn=ham autolearn_force=no version=3.4.0 From: Kamil Dudka To: zsh-workers@zsh.org Subject: SIGSEGV in patmatch() -- Fedora bug #1245116 Date: Tue, 21 Jul 2015 18:01:05 +0200 Message-ID: <21142543.ltNyFqy7kU@kdudka.brq.redhat.com> User-Agent: KMail/4.14.9 (Linux/4.0.8-304.fc22.x86_64; KDE/4.14.9; x86_64; ; ) MIME-Version: 1.0 Content-Transfer-Encoding: 7Bit Content-Type: text/plain; charset="us-ascii" X-Scanned-By: MIMEDefang 2.68 on 10.5.11.23 A user of Fedora reported a crash of zsh-5.0.8 in patmatch(): https://bugzilla.redhat.com/1245116 The automatically recorded backtrace: https://bugzilla.redhat.com/attachment.cgi?id=1054236 ... shows that 'chrop' and 'chrend' pointed off the allocated memory at this line: http://repo.or.cz/w/zsh/mirror.git/blob/a0862f63:/Src/pattern.c#l2541 My guess is that the invalid addresses were loaded from 'exactpos' and 'exactend' but static variables are not captured in the backtrace to actually confirm it. Unfortunately, I was not successful in reproducing the crash locally, neither the original reporter was able to trigger it on demand. Hence, I am sharing it here in case anybody recognized the actual cause just from the backtrace. Kamil