From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on inbox.vuxu.org X-Spam-Level: X-Spam-Status: No, score=-3.4 required=5.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED autolearn=ham autolearn_force=no version=3.4.4 Received: (qmail 13432 invoked from network); 14 Apr 2023 08:29:40 -0000 Received: from zero.zsh.org (2a02:898:31:0:48:4558:7a:7368) by inbox.vuxu.org with ESMTPUTF8; 14 Apr 2023 08:29:40 -0000 ARC-Seal: i=1; cv=none; a=rsa-sha256; d=zsh.org; s=rsa-20210803; t=1681460980; b=Po1hDyiuNf1uwTaO8rU+zGtkkY3fD+Yc9zNLC6Bv7VoL5N18CVjgVB0WU4kYomPAYRBXQH+2Kt Va3Q2iMxUR4+7w4M5L659vYfpN6Ixt/ZbDz2FiyQHLkd/znMLHS0QONkArVzxmBw+FdCLm/L4K So9qCQSLM52L89GOhqgSJ0HfqkDVaJXJQX3jz+SDKyybdVgYhZG1YxLNBJ12Mrhor4MsnIKQBt GfuVz16Un1WtMa0wn0w2eAeOQo6QqBGLhTazX4ovdhwhLfs7gbrBc3hZMQgO7mhvKcfPIy3uAW //nj6+4SE6lE/KNzHn2dJ3P1JpCAdjEQxROaQ1883ZFhog==; ARC-Authentication-Results: i=1; zsh.org; iprev=pass (smtpq2.tb.ukmail.iss.as9143.net) smtp.remote-ip=212.54.57.97; dkim=pass header.d=ntlworld.com header.s=meg.feb2017 header.a=rsa-sha256; dmarc=pass header.from=ntlworld.com; arc=none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed; d=zsh.org; s=rsa-20210803; t=1681460980; bh=Vw7NOVYd5PCsR9XeB5uelpJIzOtnVzeLGRnrt51O3Ws=; h=List-Archive:List-Owner:List-Post:List-Unsubscribe:List-Subscribe:List-Help: List-Id:Sender:Content-Transfer-Encoding:Content-Type:MIME-Version:Subject: References:In-Reply-To:Message-ID:To:From:Date:DKIM-Signature: DKIM-Signature; b=Amk/66AgGMgp7fC02woPkoH87vrUorbXHs2/gwOhOe8YDeVavXS3u9vO/osjYRg5Wz1L4d1q9T 4eD+JX3HXQ6vrvI5a8e8dN0od5BsKsnNaNwkM7kKg9+FGv+sm91OPk0Eb3jkxLN2vG84Mu7XS/ 4M8iMhIUlosi2BYQTFFyMHQN/AcAYrEuZwP0blJWODokbTvFeDVAVOoTTI9vZQRFa+HxD63Dmq +tUUhM1YSAxJgoOdStHUR2xZrrtjgZmR6WeUmD4zxplgbkVbhjHLCDqYbfbC5vHwWw97WQc+7S rh2v1T3bLAzHW8ONyMixYBBb2xUpAf3UeqIFIv5zjjhJqw==; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=zsh.org; s=rsa-20210803; h=List-Archive:List-Owner:List-Post:List-Unsubscribe: List-Subscribe:List-Help:List-Id:Sender:Content-Transfer-Encoding: Content-Type:MIME-Version:Subject:References:In-Reply-To:Message-ID:To:From: Date:Reply-To:Cc:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID; bh=INmaSJ3ggrgHbOn6atENM8aEH6HS/CJeHaNxua+TA9s=; b=l/LXuV28QC2hZ2PJSuYgRwT4/n kDhTMplX0DDNa4GF3ys4a6s9rXasQH0hjXAOLjxKPLyyZoW4UZ2Pa6ayLhBy8d7KsOvR0+0gRnTIP lfAxRFXCv9H2QCPltyLISxiKegn+1zNeVaNItUPxFSPS0T9zafN702YMkNYLChC0wv6VrfDgUeriA fSvpdSDmvy2cYb8hJ++a+uFkee++Okv9YzjPhVzv7KGw3AqR5wHHbSQ1BQdMJHAmecITzKXjGKRpJ LwsGADNEGo//0op3zpoiSAAP91JQlVIOeEAEnBrxiaohtoi24bK4X1tew9VZ000YFgmVaj33bPlzY NpY9FxRA==; Received: by zero.zsh.org with local id 1pnEoN-0004mN-0f; Fri, 14 Apr 2023 08:29:39 +0000 Authentication-Results: zsh.org; iprev=pass (smtpq2.tb.ukmail.iss.as9143.net) smtp.remote-ip=212.54.57.97; dkim=pass header.d=ntlworld.com header.s=meg.feb2017 header.a=rsa-sha256; dmarc=pass header.from=ntlworld.com; arc=none Received: from smtpq2.tb.ukmail.iss.as9143.net ([212.54.57.97]:47880) by zero.zsh.org with esmtps (TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256) id 1pnEo3-0004TQ-8n; Fri, 14 Apr 2023 08:29:20 +0000 Received: from [212.54.57.80] (helo=smtp1.tb.ukmail.iss.as9143.net) by smtpq2.tb.ukmail.iss.as9143.net with esmtp (Exim 4.90_1) (envelope-from ) id 1pnEo2-00033n-L1 for zsh-workers@zsh.org; Fri, 14 Apr 2023 10:29:18 +0200 Received: from oxbe10.tb.ukmail.iss.as9143.net ([172.25.160.141]) by smtp1.tb.ukmail.iss.as9143.net with ESMTP id nEo2p9OqFtFi3nEo2pNMRb; Fri, 14 Apr 2023 10:29:18 +0200 X-Env-Mailfrom: p.w.stephenson@ntlworld.com X-Env-Rcptto: zsh-workers@zsh.org X-SourceIP: 172.25.160.141 X-CNFS-Analysis: v=2.4 cv=cdQU7FPM c=1 sm=1 tr=0 ts=64390ede cx=a_exe a=f70ZRucvQZHi2l2hbwz5vQ==:117 a=wbvTLvLwOfMA:10 a=IkcTkHD0fZMA:10 a=NLZqzBF-AAAA:8 a=4-Eq7aVR7yN-GEL0mYsA:9 a=QEXdDO2ut3YA:10 a=AnZXeGk1a-v7Jkat-oex:22 a=RchoEgWomvYJfgJ0MydD:22 X-Authenticated-Sender: p.w.stephenson@ntlworld.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ntlworld.com; s=meg.feb2017; t=1681460958; bh=Vw7NOVYd5PCsR9XeB5uelpJIzOtnVzeLGRnrt51O3Ws=; h=Date:From:To:In-Reply-To:References:Subject; b=HyGeN5qbEmqq3hDiqLx9T3mZyxsCFrrF9AEmt0ho+U9U2R5dE1LzIqgG3X7Go2nsw gBOkAEogqlSMJRXnKPe06hNMRPGOndfG107L6hpvcC9r+mmOWRQN/SDuzNh3xRwgvl EtJ8vK58PI2RQjCs07taTy+JHmelSKde7bHBa4lCmHXcBIylNuS4DU670J6uEjOpw5 UBcJCbp7VI+zvm75SW2h4bvzfZ3iBA0CYSLODRKBVh+d8kBtmDK1VXNekcN7iOx5bh rJUkg3hLVGomFJFWbAfUjLuA5Z9beE405rsmd7rpgtWJ490hsC2SFl1a+dhMYB4aCU 3WN7n9o4hlrQQ== Date: Fri, 14 Apr 2023 09:29:18 +0100 (BST) From: Peter Stephenson To: zsh-workers@zsh.org Message-ID: <300454748.2058336.1681460958361@mail.virginmedia.com> In-Reply-To: <2002382304.4711947.1681404930419@mail.virginmedia.com> References: <48A7DCE2-AEC1-4777-949C-50917EDCECB1@kba.biglobe.ne.jp> <5C4788C8-4E40-4565-AFE8-84D57949BC8C@ntlworld.com> <267594676.4158370.1681382869709@mail.virginmedia.com> <1621107110.4161180.1681384345108@mail.virginmedia.com> <78EBC2C7-5645-4D35-B285-F140228D444C@kba.biglobe.ne.jp> <1865187346.2010280.1681391961060@mail.virginmedia.com> <2083513891.2014577.1681394631032@mail.virginmedia.com> <852F8278-39A7-4305-91C1-B9788352E061@kba.biglobe.ne.jp> <2002382304.4711947.1681404930419@mail.virginmedia.com> Subject: Re: Probabilistic crash on zsh 5.9 on x86_64 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-Priority: 3 Importance: Normal X-Mailer: Open-Xchange Mailer X-Originating-IP: 147.161.167.85 X-Originating-Client: open-xchange-appsuite X-CMAE-Envelope: MS4xfKQUJ3HbFeY85YBDWji3tcUaNCL3AJ81BQUh/PxwMNN0MEi7IpuYscxv8HiSeqpJ9x5+ooeAJOM/flFAAz2IrLxB3e9lsu5SSheojIf6/VlAVDRlBYLe ch9nu5V32JxD9HCK1IfE+p2abjk1TkYtWdbG/dyrCjCVToSrgVnGnY24NnZeT95pyu4iWf60dg4gNj9Wb7jCUev+xKsXuJ3e0xtdaWkoAzm0NS46COXo/PmH X-Seq: 51652 Archived-At: X-Loop: zsh-workers@zsh.org Errors-To: zsh-workers-owner@zsh.org Precedence: list Precedence: bulk Sender: zsh-workers-request@zsh.org X-no-archive: yes List-Id: List-Help: , List-Subscribe: , List-Unsubscribe: , List-Post: List-Owner: List-Archive: > On 13/04/2023 17:55 Peter Stephenson wrote: > > On 13/04/2023 17:40 Jun. T wrote: > > Even with this, shfunc is still freed, although shfunc->funcdef is not freed. > > But doshfunc() continues to use shfunc, at lines 5854, 5954, 5957, etc. > > If it doesn't crash, it means the freed memory is not yet used by others. > > But I think this is unsafe, and valgrind gives lots of warnings. > > OK, so the starttrapscope() just above that point is pulling the rug out > from under the function's feet. We've looked up the TRAPEXIT function and > now that function's just been undefined. > > So some better save / restore for the shell function is probably needed. I can't think of any major surgery I'd like to do for this special case --- TRAPEXIT being from removed from within an execution of TRAPEXIT so that the trap doesn't go off inside the function being executed. Instead, here's a simple local fix-up which seems to keep valgrind quiet. It's not the most elegant thing I can imagine. diff --git a/Src/exec.c b/Src/exec.c index 3b3d1235e..274800b10 100644 --- a/Src/exec.c +++ b/Src/exec.c @@ -5779,12 +5779,25 @@ doshfunc(Shfunc shfunc, LinkList doshargs, int noreturnval) char *name = shfunc->node.nam; int flags = shfunc->node.flags; char *fname = dupstring(name); - Eprog prog; + Eprog prog, marked_prog; static int oflags; static int funcdepth; Heap funcheap; queue_signals(); /* Lots of memory and global state changes coming */ + /* + * In case this is a special function such as a trap, mark it + * is in use right now, so it doesn't get freed early. The + * worst that can happen is this hangs around in memory a little + * longer than strictly needed. + * + * Classic example of this happening is running TRAPEXIT directly. + * + * Because the shell function's contents may change, we'll ensure + * we use a consistent structure for use / free. + */ + marked_prog = shfunc->funcdef; + useeprog(marked_prog); NEWHEAPS(funcheap) { /* @@ -5818,6 +5831,22 @@ doshfunc(Shfunc shfunc, LinkList doshargs, int noreturnval) memcpy(funcsave->pipestats, pipestats, bytes); } + if (!strcmp(fname, "TRAPEXIT")) { + /* + * If we are executing TRAPEXIT directly, starttrapscope() + * will pull the rug out from under us to ensure the + * exit trap isn't run inside the function. We just need + * the information locally here, so copy it on the heap. + * + * The funcdef is separately handled by reference counting. + */ + Shfunc shcopy = (Shfunc)zhalloc(sizeof(struct shfunc)); + memcpy(shcopy, shfunc, sizeof(struct shfunc)); + shcopy->node.nam = dupstring(shfunc->node.nam); + shfunc = shcopy; + name = shfunc->node.nam; + } + starttrapscope(); startpatternscope(); @@ -5942,6 +5971,8 @@ doshfunc(Shfunc shfunc, LinkList doshargs, int noreturnval) funcsave->fstack.filename = getshfuncfile(shfunc); prog = shfunc->funcdef; + DPUTS1(!prog->nref, "function definition %s has zero reference count", + (fname && *fname) ? fname : ""); if (prog->flags & EF_RUN) { Shfunc shf; @@ -6046,6 +6077,7 @@ doshfunc(Shfunc shfunc, LinkList doshargs, int noreturnval) } } OLDHEAPS; + freeeprog(marked_prog); unqueue_signals(); /* diff --git a/Test/C03traps.ztst b/Test/C03traps.ztst index e0b6afb5f..de57765a0 100644 --- a/Test/C03traps.ztst +++ b/Test/C03traps.ztst @@ -1083,6 +1083,17 @@ F:Must be tested with a top-level script rather than source or function >trap1 # As of 5.7.1-test-2, the output was "out1 fn1 trap1 fn2" (on separate lines). + TRAPEXIT() { echo This is TRAPEXIT; } + TRAPEXIT + TRAPEXIT + TRAPEXIT +0:No memory problems with explicit call to TRAPEXIT. +>This is TRAPEXIT +>This is TRAPEXIT +>This is TRAPEXIT +>This is TRAPEXIT +# Three explicit calls, one implicit call at function exit. + %clean rm -f TRAPEXIT