Zsh Mailing List Archive
Messages sorted by: Reverse Date, Date, Thread, Author

Re: completion on brace + 4 characters doesn't work



On 2011-04-29 07:20:32 -0700, Bart Schaefer wrote:
> On Apr 29, 10:44am, Vincent Lefevre wrote:
> } > The code there apparently assumes a naive implementation of strcpy()
> } > that goes left-to-right incrementing the source and destination
> } > pointers in lock step.
> } 
> } It also assumes that the length of the string is less than len
> 
> Not really, because if the naive copy is done then the only thing
> that matters is that len >= 0.

Well, you can have a naive strcpy() implementation in the C library,
but still the compiler is allowed to do any optimization, such as
guessing the value of len (or some bounds) from the strcpy() call;
this would not affect the behavior at strcpy(), but may affect the
use of the len variable in some parts of the code.

> } (because the source and the destination may not overlap).  The
> } compiler can use this fact to optimize the code. And as this is
> } not true, the generated code may be incorrect.
> 
> Yes, I was aware of all this, I just didn't think it was worth spelling
> out (it's implicitly not "naive").  Keep in mind that this portion of
> zle_tricky.c was written at least 10 years ago by a college student;
> zsh was rarely if ever built with highly-optimized compilers/libc on
> 64-bit platforms, at the time.
> 
> Which is why I said:
> 
> } > It would not surprise me to
> } > find this assumption made elsewhere in the zsh sources.
> 
> I don't suppose you could run through the entire "make check" test
> suite under valgrind?  Even that won't exercise everything but it'll
> find the ones most likely to bite somebody.

That would be a good idea. There's at least one:

==2490== Invalid read of size 1
==2490==    at 0x430AFE: execcmd (exec.c:3011)
==2490==    by 0x42CAAC: execpline2 (exec.c:1640)
==2490==    by 0x42BC2C: execpline (exec.c:1424)
==2490==    by 0x42B2EA: execlist (exec.c:1207)
==2490==    by 0x431723: execcmd (exec.c:3259)
==2490==    by 0x42CAAC: execpline2 (exec.c:1640)
==2490==    by 0x42BC2C: execpline (exec.c:1424)
==2490==    by 0x42B2EA: execlist (exec.c:1207)
==2490==    by 0x42AD64: execode (exec.c:1028)
==2490==    by 0x4235A5: eval (builtin.c:4908)
==2490==    by 0x423996: bin_eval (builtin.c:5017)
==2490==    by 0x410936: execbuiltin (builtin.c:450)
==2490==  Address 0xc22e213 is not stack'd, malloc'd or (recently) free'd

It occurs in A04redirect.ztst.

-- 
Vincent Lefèvre <vincent@xxxxxxxxxx> - Web: <http://www.vinc17.net/>
100% accessible validated (X)HTML - Blog: <http://www.vinc17.net/blog/>
Work: CR INRIA - computer arithmetic / Arénaire project (LIP, ENS-Lyon)



Messages sorted by: Reverse Date, Date, Thread, Author