Zsh Mailing List Archive
Messages sorted by: Reverse Date, Date, Thread, Author

Re: Segfault on "task <Tab><Tab>" with zsh 5.0.2



Hi Peter,

On Fri, Sep 13, 2013 at 09:37:32AM +0100, Peter Stephenson wrote:
> On Fri, 13 Sep 2013 00:18:13 +0200
> Axel Beckert <abe@xxxxxxxxxxxxxxx> wrote:
> > I managed to get my zsh 5.0.2 to segfault on entering "task " and then
> > pressing the tabulator key twice.
> > First few lines of the backtrace:
> > 
> > Program received signal SIGSEGV, Segmentation fault.
> > freecvdef (d=0x100000001) at ../../../Src/Zle/computil.c:2799
> > 2799    ../../../Src/Zle/computil.c: No such file or directory.
> > #0  freecvdef (d=0x100000001) at ../../../Src/Zle/computil.c:2799
> > #1  0x00007ffff599f8a4 in get_cvdef (args=<optimized out>, nam=<optimized out>) at ../../../Src/Zle/computil.c:2998
> > #2  bin_compvalues (nam=<optimized out>, args=<optimized out>, ops=<optimized out>, func=<optimized out>) at ../../../Src/Zle/computil.c:3347
> 
> Looks like a memory error.  Does valgrind give any extra hints?

Not sure if used valgrind properly, but it looks as if it found
something:

% valgrind zsh -f
==6722== Memcheck, a memory error detector
==6722== Copyright (C) 2002-2012, and GNU GPL'd, by Julian Seward et al.
==6722== Using Valgrind-3.8.1 and LibVEX; rerun with -h for copyright info
==6722== Command: zsh -f
==6722== 
==6722== Syscall param capget(data) points to unaddressable byte(s)
==6722==    at 0x584AD77: capget (syscall-template.S:81)
==6722==    by 0x4E34902: cap_init (in /lib/x86_64-linux-gnu/libcap.so.2.22)
==6722==    by 0x4E34995: cap_get_proc (in /lib/x86_64-linux-gnu/libcap.so.2.22)
==6722==    by 0x488184: privasserted (in /bin/zsh5)
==6722==    by 0x46FF92: putpromptchar (in /bin/zsh5)
==6722==    by 0x471178: promptexpand (in /bin/zsh5)
==6722==    by 0x488A21: preprompt (in /bin/zsh5)
==6722==    by 0x43CC97: loop (in /bin/zsh5)
==6722==    by 0x43FD65: zsh_main (in /bin/zsh5)
==6722==    by 0x5783994: (below main) (libc-start.c:260)
==6722==  Address 0x0 is not stack'd, malloc'd or (recently) free'd
==6722== 
kiva6% autoload -Uz compinit
kiva6% compinit
==6726== 
==6726== HEAP SUMMARY:
==6726==     in use at exit: 630,408 bytes in 18,315 blocks
==6726==   total heap usage: 24,460 allocs, 6,145 frees, 5,131,211 bytes allocated
==6726== 
==6726== LEAK SUMMARY:
==6726==    definitely lost: 0 bytes in 0 blocks
==6726==    indirectly lost: 0 bytes in 0 blocks
==6726==      possibly lost: 0 bytes in 0 blocks
==6726==    still reachable: 630,408 bytes in 18,315 blocks
==6726==         suppressed: 0 bytes in 0 blocks
==6726== Rerun with --leak-check=full to see details of leaked memory
==6726== 
==6726== For counts of detected and suppressed errors, rerun with: -v
==6726== ERROR SUMMARY: 5 errors from 1 contexts (suppressed: 2 from 2)
kiva6% task ==6722== Invalid read of size 8
==6722==    at 0x7FF2E8C: freecvdef (in /usr/lib/x86_64-linux-gnu/zsh/5.0.2/zsh/computil.so)
==6722==    by 0x7FF68A3: bin_compvalues (in /usr/lib/x86_64-linux-gnu/zsh/5.0.2/zsh/computil.so)
==6722==    by 0x41C8D5: execbuiltin (in /bin/zsh5)
==6722==    by 0x42A78F: execcmd (in /bin/zsh5)
==6722==    by 0x42ACEC: execpline2 (in /bin/zsh5)
==6722==    by 0x42B213: execpline (in /bin/zsh5)
==6722==    by 0x42C5A1: execlist (in /bin/zsh5)
==6722==    by 0x44C1BF: execif (in /bin/zsh5)
==6722==    by 0x429CAE: execcmd (in /bin/zsh5)
==6722==    by 0x42ACEC: execpline2 (in /bin/zsh5)
==6722==    by 0x42B213: execpline (in /bin/zsh5)
==6722==    by 0x42C5A1: execlist (in /bin/zsh5)
==6722==  Address 0x100000001 is not stack'd, malloc'd or (recently) free'd
==6722== 
==6722== 
==6722== Process terminating with default action of signal 11 (SIGSEGV)
==6722==  Access not within mapped region at address 0x100000001
==6722==    at 0x7FF2E8C: freecvdef (in /usr/lib/x86_64-linux-gnu/zsh/5.0.2/zsh/computil.so)
==6722==    by 0x7FF68A3: bin_compvalues (in /usr/lib/x86_64-linux-gnu/zsh/5.0.2/zsh/computil.so)
==6722==    by 0x41C8D5: execbuiltin (in /bin/zsh5)
==6722==    by 0x42A78F: execcmd (in /bin/zsh5)
==6722==    by 0x42ACEC: execpline2 (in /bin/zsh5)
==6722==    by 0x42B213: execpline (in /bin/zsh5)
==6722==    by 0x42C5A1: execlist (in /bin/zsh5)
==6722==    by 0x44C1BF: execif (in /bin/zsh5)
==6722==    by 0x429CAE: execcmd (in /bin/zsh5)
==6722==    by 0x42ACEC: execpline2 (in /bin/zsh5)
==6722==    by 0x42B213: execpline (in /bin/zsh5)
==6722==    by 0x42C5A1: execlist (in /bin/zsh5)
==6722==  If you believe this happened as a result of a stack
==6722==  overflow in your program's main thread (unlikely but
==6722==  possible), you can try to increase the size of the
==6722==  main thread stack using the --main-stacksize= flag.
==6722==  The main thread stack size used in this run was 8388608.
==6722== 
==6722== HEAP SUMMARY:
==6722==     in use at exit: 893,406 bytes in 22,714 blocks
==6722==   total heap usage: 233,166 allocs, 210,452 frees, 17,418,357 bytes allocated
==6722== 
==6722== LEAK SUMMARY:
==6722==    definitely lost: 0 bytes in 0 blocks
==6722==    indirectly lost: 0 bytes in 0 blocks
==6722==      possibly lost: 0 bytes in 0 blocks
==6722==    still reachable: 893,406 bytes in 22,714 blocks
==6722==         suppressed: 0 bytes in 0 blocks
==6722== Rerun with --leak-check=full to see details of leaked memory
==6722== 
==6722== For counts of detected and suppressed errors, rerun with: -v
==6722== ERROR SUMMARY: 8 errors from 2 contexts (suppressed: 2 from 2)
[1]    6722 segmentation fault (core dumped)  valgrind zsh -f
valgrind zsh -f  14.68s user 1.45s system 26% cpu 1:01.61 total

HTH.

		Kind regards, Axel
-- 
/~\  Plain Text Ribbon Campaign                   | Axel Beckert
\ /  Say No to HTML in E-Mail and News            | abe@xxxxxxxxxxxxxxx  (Mail)
 X   See http://www.asciiribbon.org/              | abe@xxxxxxxxx (Mail+Jabber)
/ \  I love long mails: http://email.is-not-s.ms/ | http://noone.org/abe/ (Web)



Messages sorted by: Reverse Date, Date, Thread, Author