From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on inbox.vuxu.org
X-Spam-Level: 
X-Spam-Status: No, score=-3.4 required=5.0 tests=DKIM_SIGNED,DKIM_VALID,
	DKIM_VALID_AU,MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED autolearn=ham
	autolearn_force=no version=3.4.4
Received: (qmail 11286 invoked from network); 21 Feb 2023 11:48:11 -0000
Received: from zero.zsh.org (2a02:898:31:0:48:4558:7a:7368)
  by inbox.vuxu.org with ESMTPUTF8; 21 Feb 2023 11:48:11 -0000
ARC-Seal: i=1; cv=none; a=rsa-sha256; d=zsh.org; s=rsa-20210803; t=1676980091;
	 b=hZauOJbOIHqT1wkNi0vAUEpabrYx10Pk37Z6ARkdWwHjoFI/p7BvGsFzvj+HRQQ5RppIlRP6ga
	  Z6bbHG0wZYQIESxjVDBTik+pAo7ed+MhZ5xd3Un2WgUFO/1TDHva90alYbXhvwPMqDeWMcbfI9
	  whsAvongq2FizKxXHMggk5bbxKvrmztSO4Zn/VV7mAq3fWBRLd5BbYKRmUez8A0tRrhAO8HbU0
	  Xx/vN40cWSeNd72jt/3d4GhFkE+QiI8wndFDeuHEAckSsAyjkLQ3mBjvlvhLUkrGB2uIgVqq/d
	  dj75Ha12mn9IReTTOyq7ApvaUNtX+M4ZOxR0UiLo+XOgWA==;
ARC-Authentication-Results: i=1; zsh.org;
	iprev=pass (smtpq2.tb.ukmail.iss.as9143.net) smtp.remote-ip=212.54.57.97;
	dkim=pass header.d=ntlworld.com header.s=meg.feb2017 header.a=rsa-sha256;
	dmarc=pass header.from=ntlworld.com;
	arc=none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed; d=zsh.org; s=rsa-20210803; t=1676980091;
	bh=Io/MDqvd3/tBV+VBtxGsrT7EQV0oxbLL28ei7Q7fFYc=;
	h=List-Archive:List-Owner:List-Post:List-Unsubscribe:List-Subscribe:List-Help:
	  List-Id:Sender:Content-Transfer-Encoding:Content-Type:MIME-Version:Subject:
	  References:In-Reply-To:Message-ID:To:From:Date:DKIM-Signature:
	  DKIM-Signature;
	b=nNcAUP6OvCdwgTC+SPVZHpi2nPYDEz6gEQE5gcG90Lzaxl+7iXjuCpe7eUDuf26sShcF8XlpUQ
	  IqnDLb1gl8lDm7IRTqOBZlKqOGWUOCiX1yc/tyIfnkUX9wT/on8l2K6A3rcN1Q6dTAS5H2BCk5
	  chgkvDU3VgIMl+7dm2i8idKPbQmHA26swP4qNoASKDL25/zl4mEU79W9S1mcxe1QgLgcGFT3Zv
	  EimxxNiKcJmzP0v+FnWS0FWSH0XS41gf0IAFY+Tfs5I8uBR9TfeY5QF+zIEKezYl9DqnduvUAp
	  zA5CRYVHjEIsBqK0Tnybc466fBwX7SqPCOgB4GWOBErpRQ==;
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=zsh.org;
	s=rsa-20210803; h=List-Archive:List-Owner:List-Post:List-Unsubscribe:
	List-Subscribe:List-Help:List-Id:Sender:Content-Transfer-Encoding:
	Content-Type:MIME-Version:Subject:References:In-Reply-To:Message-ID:To:From:
	Date:Reply-To:Cc:Content-ID:Content-Description:Resent-Date:Resent-From:
	Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID;
	bh=judZ8lMB1Sw+/gQ+qNTpd0Ny/VjfpnpQ3MZc+J0q/vQ=; b=BzrQjP3saH08N93mdlP7wb5y6a
	/wzMHyB3nOmITScQhZZEczyGRGMPtdyhYEjuDuOPBhXq9zpGwwQVQtBKN19TBgm6fazWnt35i0JR4
	l+NXEGRDD6GrVw4HrMsUQ5eHup7o4PScW/8kuJ4RpORl0Fs/7AXQL4s+VY1PpTpg0KrHiw5jDgdCS
	7rIKQW+SpThYGOGap/PdBY5INTlTn1I5LIwUEBzJdjQZbpbXVWbBUM7j5YSym1m3Lo7E4mMfiw3oN
	1FDhhtmNUlzGq3JP3WHju2EyA8tcD2QZoQMA1Dqo++rp5PGXF3bYYaavsQEO+TSQnsfT08KyEStyQ
	0MtMatiQ==;
Received: by zero.zsh.org with local
	id 1pUR7x-000H5c-Ch;
	Tue, 21 Feb 2023 11:48:09 +0000
Authentication-Results: zsh.org;
	iprev=pass (smtpq2.tb.ukmail.iss.as9143.net) smtp.remote-ip=212.54.57.97;
	dkim=pass header.d=ntlworld.com header.s=meg.feb2017 header.a=rsa-sha256;
	dmarc=pass header.from=ntlworld.com;
	arc=none
Received: from smtpq2.tb.ukmail.iss.as9143.net ([212.54.57.97]:42106)
	by zero.zsh.org with esmtps (TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256)
	id 1pUR7M-000Goa-IB;
	Tue, 21 Feb 2023 11:47:33 +0000
Received: from [212.54.57.81] (helo=smtp2.tb.ukmail.iss.as9143.net)
	by smtpq2.tb.ukmail.iss.as9143.net with esmtp (Exim 4.90_1)
	(envelope-from <p.w.stephenson@ntlworld.com>)
	id 1pUR7L-0005Z9-VB
	for zsh-workers@zsh.org; Tue, 21 Feb 2023 12:47:32 +0100
Received: from oxbe6.tb.ukmail.iss.as9143.net ([172.25.160.137])
	by smtp2.tb.ukmail.iss.as9143.net with ESMTP
	id UR7Lpf4Oe6AslUR7LpCP57; Tue, 21 Feb 2023 12:47:31 +0100
X-Env-Mailfrom: p.w.stephenson@ntlworld.com
X-Env-Rcptto: zsh-workers@zsh.org
X-SourceIP: 172.25.160.137
X-CNFS-Analysis: v=2.4 cv=c8ttAzxl c=1 sm=1 tr=0 ts=63f4af53 cx=a_exe
 a=wOjQ4in9RKFG6jhXMc4Ghg==:117 a=1DWFKdCB1IcA:10 a=IkcTkHD0fZMA:10
 a=ZjyAdWuDOD4A:10 a=q2GGsy2AAAAA:8 a=NLZqzBF-AAAA:8 a=koEUjfWrs6bB2xz8a64A:9
 a=QEXdDO2ut3YA:10 a=z9dJwno5l634igLiVhy-:22
X-Authenticated-Sender: p.w.stephenson@ntlworld.com
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ntlworld.com;
	s=meg.feb2017; t=1676980051;
	bh=Io/MDqvd3/tBV+VBtxGsrT7EQV0oxbLL28ei7Q7fFYc=;
	h=Date:From:To:In-Reply-To:References:Subject;
	b=WFaA3uoVmv0Xz1Y69nQwu452anpGDHGDL66G5q7KixI5OmMjLvq4CcxKoszfKjzZn
	 RTQxd6PB6mzd2/DMry9+sR5EWsJo3zKXaa5WYzYlATdvgzKepZ5HwwHQvcU31igJld
	 XUsfsspmUL0SHlsQNecZkklRpXe/f/p0kEnOEkEzeM9zzL4P0foRtCh1ayGmT3+tpA
	 5IqBoBHCSG05wUh3sVCDLZp8LC32bFDJaWnkgeF7sbxzi0n9crYPZh8TWivl5rz5vu
	 cjCTqfdow0CkhBzT0W0k3rL9MyK9arRslp4aDQaH6ZIvWSBAg0mvoC/CE6hBmeih8/
	 aSvSaN+Msnn5g==
Date: Tue, 21 Feb 2023 11:47:31 +0000 (GMT)
From: Peter Stephenson <p.w.stephenson@ntlworld.com>
To: Zsh hackers list <zsh-workers@zsh.org>
Message-ID: <338705584.2294040.1676980051672@mail.virginmedia.com>
In-Reply-To: <CAH+w=7YE1TiDjczd7v3VR37B7g6paD7qu_hVLM5FUc=Wj34AyA@mail.gmail.com>
References: <CAH+w=7YRxyV6sj4eobpgo3aEgw3MOZj6jJ9bhi+acJn=ywbVAA@mail.gmail.com>
 <1249162537.4244630.1676386019653@mail.virginmedia.com>
 <CAH+w=7Y5=OvRTCCHahaMc9+n8XFrOSiSwrkXd86AdToU4N7QNA@mail.gmail.com>
 <1911575874.92635.1676392609186@mail.virginmedia.com>
 <CAH+w=7aRann+SXDjNwQP3dh=_-e9etrhms5cL-MQp-03KWtp1Q@mail.gmail.com>
 <CAH+w=7Yp3O+n5M_G5JkdUBXegz_EpzjCXe54rWoqUv+++xL84A@mail.gmail.com>
 <CAH+w=7b2dKFHtosBCKkaS27BAUXJo_q-zdLXeAE5MzqjdB1apQ@mail.gmail.com>
 <1919749331.2020682.1676562737303@mail.virginmedia.com>
 <CAH+w=7YE1TiDjczd7v3VR37B7g6paD7qu_hVLM5FUc=Wj34AyA@mail.gmail.com>
Subject: Re: zmodload (-u?) changing options (was Re: [PATCH] Named
 reference typos & misc.)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
X-Priority: 3
Importance: Normal
X-Mailer: Open-Xchange Mailer
X-Originating-IP: 147.161.224.167
X-Originating-Client: open-xchange-appsuite
X-CMAE-Envelope: MS4xfBeJakbKV0R4Fkzw07LS2clKWzyaui9vY8P5m+DT1IlENsFAwXESAkRcQBKzGO1AUTfFrDlVGLxdMzYZcYyGCy35PefYiHlvlcYKYC4yeqSWw4DVO4yC
 RVwt1bmRTVLxzuiKJ8L85WuiCPwWYChm2zjejyLbAe9lTtOgXmdiIOisXLbhnEUdvBSD5Ic9AITfDrlK+4nPK5W41DuuqsUA/ARzbVXLf+bsWAozD+tpxKUL
X-Seq: 51465
Archived-At: <https://zsh.org/workers/51465>
X-Loop: zsh-workers@zsh.org
Errors-To: zsh-workers-owner@zsh.org
Precedence: list
Precedence: bulk
Sender: zsh-workers-request@zsh.org
X-no-archive: yes
List-Id: <zsh-workers.zsh.org>
List-Help: <http://www.zsh.org/sympa/help>, <mailto:sympa@zsh.org?subject=HELP>
List-Subscribe: <http://www.zsh.org/sympa/subscribe/zsh-workers>, <mailto:sympa@zsh.org?subject=SUB%20zsh-workers>
List-Unsubscribe: <http://www.zsh.org/sympa/signoff/zsh-workers>, <mailto:sympa@zsh.org?subject=SIG%20zsh-workers>
List-Post: <mailto:zsh-workers@zsh.org>
List-Owner: <mailto:zsh-workers-request@zsh.org>
List-Archive: <http://www.zsh.org/sympa/arc/zsh-workers>

> On 16/02/2023 18:17 Bart Schaefer <schaefer@brasslantern.com> wrote:
> On Thu, Feb 16, 2023 at 7:53 AM Peter Stephenson
> <p.w.stephenson@ntlworld.com> wrote:
> >
> > Might be something valgrind could help with, it's hard to see how
> > this could be deliberate even as an obscure side effect.
> 
> I rigged up a script as Src/zsh so that I could invoke valgrind from
> the test harness.  Got multiple invalid reads for this block:
> 
> ==746398==  Block was alloc'd at
> ==746398==    at 0x483B7F3: malloc (in /usr/lib/x86_64-linux-gnu/valgrind/vgprel
> oad_memcheck-amd64-linux.so)
> ==746398==    by 0x190208: zalloc (mem.c:966)
> ==746398==    by 0x1903B9: zshcalloc (mem.c:979)
> ==746398==    by 0x19B2CD: createparam (params.c:1061)
> ==746398==    by 0x1A1048: assignsparam (params.c:3130)
> ==746398==    by 0x1A1D02: setsparam (params.c:3240)
> ==746398==    by 0x19270F: add_autoparam (module.c:1215)
> ==746398==    by 0x19862A: autofeatures (module.c:3612)
> ==746398==    by 0x19686F: unload_module (module.c:2902)
> ==746398==    by 0x196A04: unload_named_module (module.c:2949)
> ==746398==    by 0x196ABD: bin_zmodload_load (module.c:2971)
> ==746398==    by 0x1957AD: bin_zmodload (module.c:2499)

This means that when we unloaded the module we restored a list
of autoloadable parameters so it could be automatically reloaded.
However, someone has subsequently freed the memory associated
with that autoloadable parameter stub...
 
> ==746398==  Address 0x643b030 is 16 bytes inside a block of size 80 free'd
> ==746398==    at 0x483CA3F: free (in /usr/lib/x86_64-linux-gnu/valgrind/vgpreloa
> d_memcheck-amd64-linux.so)
> ==746398==    by 0x1907C9: zfree (mem.c:1871)
> ==746398==    by 0x1A80C3: freeparamnode (params.c:5818)
> ==746398==    by 0x1A4681: unsetparam_pm (params.c:3779)
> ==746398==    by 0x19206F: checkaddparam (module.c:1052)
> ==746398==    by 0x19209A: addparamdef (module.c:1065)
> ==746398==    by 0x192463: setparamdefs (module.c:1174)
> ==746398==    by 0x197E48: setfeatureenables (module.c:3367)
> ==746398==    by 0x197EC3: handlefeatures (module.c:3385)
> ==746398==    by 0x1F7CC5: enables_zshQsparameter (parameter.c:2333)
> ==746398==    by 0x193164: enables_module (module.c:1948)
> ==746398==    by 0x1936C6: do_module_features (module.c:2109)

This is a normal module load sequence.  I would imagine what it's
doing is taking out the parameters marked as autoloads because it's
putting in real parameters instead.

The point where the invalid memory is being accessed is therefore
apparently using an autoload stub when the full parameter has
already been loaded.  So is the code in question hanging onto
a parameter pointer that it should instead be looking up again
after some complicated intervening operation that happens to do
the autoload?

pws