From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <zsh-workers-return-31768-mason-zsh=primenet.com.au@zsh.org>
Received: (qmail 1777 invoked by alias); 26 Sep 2013 21:31:29 -0000
Mailing-List: contact zsh-workers-help@zsh.org; run by ezmlm
Precedence: bulk
X-No-Archive: yes
List-Id: Zsh Workers List <zsh-workers.zsh.org>
List-Post: <mailto:zsh-workers@zsh.org>
List-Help: <mailto:zsh-workers-help@zsh.org>
X-Seq: 31768
Received: (qmail 18244 invoked from network); 26 Sep 2013 21:31:23 -0000
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on f.primenet.com.au
X-Spam-Level: 
X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,HTML_MESSAGE,
	RCVD_IN_DNSWL_LOW autolearn=ham version=3.3.2
Received-SPF: none (ns1.primenet.com.au: domain at brasslantern.com does not designate permitted sender hosts)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20130820;
        h=x-gm-message-state:mime-version:in-reply-to:references:date
         :message-id:subject:from:to:cc:content-type;
        bh=YcI507j6rwA4ywjZRpL99hBLp4Iv6VWGiDgsDQ6AY6M=;
        b=eYOGDipunBDJugrGpX5y1ZXRyABgiCMWngn75K7g9R8tpaRUeHOl2AQWaRy0TUn/AQ
         rDv98OG9IFsw6W0G6Rv92RJNhsBPOexVT/fqdOi1sCuSfKsvsn2wAhlBopbCA0warJs8
         mLapXOsO28mtlLm0Ro4k6rZ8ApWJHTGKhNiTHeOKPN0UYog75CqEmKcMxOLPCGKNgwlY
         yln98Wuf7DcadY7qzofagbo4upG9YWYKNcLJnGL8wzZ6DRYhCH105lmA+KL2VvHU0w6k
         m/dsGoOKpJiY+cJ8HjN/3zsraLZvgHTUMuL6LUd0NaAnkUhd2x92nu8XWYV/c1EBYEA1
         YjDw==
X-Gm-Message-State: ALoCoQmBeiUfFiCAk9mPWhDsWRXTlwy4Ew979RQrHgAwLZLaKGlQTxyjqGHQ+D6alT2+gW0CN0xB
MIME-Version: 1.0
X-Received: by 10.112.146.33 with SMTP id sz1mr5549691lbb.14.1380231076180;
 Thu, 26 Sep 2013 14:31:16 -0700 (PDT)
In-Reply-To: <CAF6rxg==-QKvKC_vBw6kw4ReXE0FAt0B_c7UuWFXSG+km4U00Q@mail.gmail.com>
References: <CAF6rxg==-QKvKC_vBw6kw4ReXE0FAt0B_c7UuWFXSG+km4U00Q@mail.gmail.com>
Date: Thu, 26 Sep 2013 14:31:16 -0700
Message-ID: <CAH+w=7Z4cT4S+1orrB_fdVCmUp5UMOjA8=-YYO1MeYSZOcdwcg@mail.gmail.com>
Subject: Re: coredump on C-c
From: Bart Schaefer <schaefer@brasslantern.com>
To: Eitan Adler <lists@eitanadler.com>
Cc: Zsh hackers list <zsh-workers@zsh.org>
Content-Type: multipart/alternative; boundary=047d7b3441d001048d04e7501718

--047d7b3441d001048d04e7501718
Content-Type: text/plain; charset=ISO-8859-1

On Thu, Sep 26, 2013 at 10:52 AM, Eitan Adler <lists@eitanadler.com> wrote:

> Sometimes, when pressing Ctrl-c to exit a program I get a coredump.  I
> have not been able to isolate the exact case when this happens.
>
> #12 0x000000000053ded6 in zleaftertrap (dummy=0x87ea50 <zshhooks+80>,
> dat=0x0) at zle_main.c:1856

...

> name=0x800930040 "_main_complete") at exec.c:4854
>


If this is an accurate backtrace, and you've accurately described the
circumstances in which you pressed ctrl-c, then it indicates that you've
invoked completion, which then started an external program, which you then
killed with ctrl-c.  This is causing the hook function set by zle to
attempt to delete the scope for the special completion variables from
inside the signal handler, which fails because (if I'm not mistaken) that
parameter scope has already begun to be deleted before the signal handler
was called.

A first question is, is the first sentence of the previous paragraph
correct?  And if so, what are you doing invoking a program that you might
have to kill off with ctrl-c from inside a completion widget?  I'd say that
particular widget is in need of a rewrite.

However, from the "it still shouldn't crash" perspective, there's some kind
of a race condition, the gist of which is that  somewhere in this chain ...

#17 0x000000000049389b in zhandler (sig=0x2) at signals.c:603
#18 0x000000000045ed67 in zfree (p=0x98fbc8, sz=0x0) at mem.c:1481
#19 0x000000000046cc10 in freeparamnode (hn=0x98fbc8) at params.c:4761
#20 0x0000000000435c43 in resizehashtable (ht=0x98d938, newsize=0x110)
at hashtable.c:491
#21 0x0000000000435bcb in emptyhashtable (ht=0x98d938) at hashtable.c:516
#22 0x0000000000434f05 in deletehashtable (ht=0x98d938) at hashtable.c:126
#23 0x000000000046d6ea in deleteparamtable (t=0x98d938) at params.c:516
#24 0x000000000046c931 in hashsetfn (pm=0x988ec0, x=0x0) at params.c:3197
#25 0x000000000046c483 in stdunsetfn (pm=0x988ec0, exp=0x0) at params.c:3076
#26 0x000000000047749c in unsetparam_pm (pm=0x988ec0, altflag=0x0,
exp=0x0) at params.c:2983

... we should be queuing signals.  zfree() does it internally, but that's
not enough to stop corruption in freeparamnode() if the signal arrives
before all the parts of the node are cleaned p, and we probably ought to be
queuing signals around the entire "free all the nodes" loop in
resizehashtable().

--047d7b3441d001048d04e7501718--