From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 2595 invoked by alias); 21 Jan 2013 21:37:28 -0000 Mailing-List: contact zsh-workers-help@zsh.org; run by ezmlm Precedence: bulk X-No-Archive: yes List-Id: Zsh Workers List List-Post: List-Help: X-Seq: 30992 Received: (qmail 28344 invoked from network); 21 Jan 2013 21:37:25 -0000 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on f.primenet.com.au X-Spam-Level: X-Spam-Status: No, score=-1.0 required=5.0 tests=BAYES_00,DKIM_ADSP_CUSTOM_MED, FREEMAIL_FROM,NML_ADSP_CUSTOM_MED,RCVD_IN_DNSWL_NONE,SPF_HELO_PASS, T_TO_NO_BRKTS_FREEMAIL autolearn=no version=3.3.2 Received-SPF: pass (ns1.primenet.com.au: SPF record at m.gmane.org designates 80.91.229.3 as permitted sender) X-Injected-Via-Gmane: http://gmane.org/ To: zsh-workers@zsh.org From: Christian Neukirchen Subject: An amusing way to crash zsh Date: Mon, 21 Jan 2013 22:37:04 +0100 Sender: chris@juno Message-ID: <87a9s2cj5r.fsf@gmail.com> Mime-Version: 1.0 Content-Type: text/plain X-Complaints-To: usenet@ger.gmane.org X-Gmane-NNTP-Posting-Host: dhcp-138-246-85-119.dynamic.eduroam.mwn.de User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.2 (gnu/linux) Hi, toying around on #zsh derf0 and I found the following commands which crash zsh: zsh --version zsh 5.0.2 (x86_64-unknown-linux-gnu) juno% ${:wq} Program received signal SIGSEGV, Segmentation fault. 0x00007ffff721aaa1 in __strlen_sse2_pminub () from /usr/lib/libc.so.6 (gdb) bt #0 0x00007ffff721aaa1 in __strlen_sse2_pminub () from /usr/lib/libc.so.6 #1 0x000000000047ac6a in ?? () #2 0x000000000047ddad in prefork () #3 0x00000000004290e8 in ?? () #4 0x000000000042b866 in ?? () #5 0x000000000042bdaf in ?? () #6 0x000000000042cf5f in execlist () #7 0x000000000042d47d in execode () #8 0x000000000043d972 in loop () #9 0x0000000000440b1e in zsh_main () #10 0x00007ffff70eca15 in __libc_start_main () from /usr/lib/libc.so.6 #11 0x000000000040f3d1 in _start () This is the stripped down version of the next command, probably segfaulting for the same reason: juno% setopt histsubstpattern; echo ${:wF:3:s/%/foo} Program received signal SIGSEGV, Segmentation fault. 0x00000000004864a0 in findword () (gdb) bt #0 0x00000000004864a0 in findword () #1 0x000000000047841f in modify () #2 0x000000000047b916 in ?? () #3 0x000000000047ddad in prefork () #4 0x00000000004290e8 in ?? () #5 0x000000000042b866 in ?? () #6 0x000000000042bdaf in ?? () #7 0x000000000042cf5f in execlist () #8 0x000000000042d47d in execode () #9 0x000000000043d972 in loop () #10 0x0000000000440b1e in zsh_main () #11 0x00007ffff70eca15 in __libc_start_main () from /usr/lib/libc.so.6 #12 0x000000000040f3d1 in _start () the bug also has been reproduced with zsh 5.0.2-dev-0 (x86_64-unknown-linux-gnu) at GIT checkout 27c5a0d77. and zsh 4.3.10 (i686-pc-linux-gnu) :wq, -- Christian Neukirchen http://chneukirchen.org