Zsh Mailing List Archive Messages sorted by: Reverse Date, Date, Thread, Author

Re: Segfault on "task <Tab><Tab>" with zsh 5.0.2

X-seq: zsh-workers 31719
From: Axel Beckert <abe@xxxxxxxxxxxxxxx>
To: zsh-workers@xxxxxxx
Subject: Re: Segfault on "task <Tab><Tab>" with zsh 5.0.2
Date: Fri, 13 Sep 2013 13:34:12 +0200
Face: iVBORw0KGgoAAAANSUhEUgAAADAAAAAwBAAAAAC3mUtaAAAABGdBTUEAALGPC/xhBQAAADh0RVh0U29mdHdhcmUAWFYgVmVyc2lvbiAzLjEwYSAgUmV2OiAxMi8yOS85NCAoUE5HIHBhdGNoIDEuMindFS5JAAACGElEQVQ4jXXQMU8UYRDG8f8shNjdDH4AbpfGDjAWlKiJiZ0ajL1aGCvsNCbGaCGG1koLaztaTYz6ATy+gOyehYmF3MxVxgg3FnDsHcTpJr/M+8w7Rf6nCsaVTTDqxbg9hoOXmw83H71+Eyfg4E1d7/Z2fG9rGkZbTQiu+K+3U/C+76lmkvAhJuDndnoAiftou4V84okAGclop4U/jYACZDTxrYWP0gkxVfAm/W//GLZpxIzwIN0Hn8dw0B+IWkZmQmRsj2HfhwokEklHfNCCiQCRgAR7YyhQVRVTCKCzP4Y5zBBE0t0zY3Q8oQaBqqAMlVEcgVQd9706zGirAFium8HXumlMIeMwqQCInju+2+uB6MRENupdpMt8pRlHZyuAW0F+Mb6XSIVqtxjD+iVmVqqystLEzFTGT92YqRaXpNT5eTVjeJhbALPnrTxLUZUKZsgxcNm64hAOYisT/xhF+oKTGU5RegtC3Rt6eEDi/QnIevdTx9Md2EMmYBRmCQR1026FCGQQJJExsRUqgkMGaWSbwYLnoO4T6VgpbQbdELPMBAHWWrhYrcxXnYgAsatPWygkFCBD4K62MAsOTqA6szYRPpsu6e6Y8mPiVrBMNuGIMrgwBUu4p2DgG1Ownu6hpuTv7hScefHAzAC/yRRw5U5pALMbJ4AUALvHSZhxgHPXTsHcdWD1GadAHr9avP+c0wCr7263Df8ASLwXWHWs+KIAAAAHdElNRQfYBQEBODPr
In-reply-to: <20130913093732.25326b25@pwslap01u.europe.root.pri>
List-help: <mailto:zsh-workers-help@zsh.org>
List-id: Zsh Workers List <zsh-workers.zsh.org>
List-post: <mailto:zsh-workers@zsh.org>
Mail-followup-to: zsh-workers@xxxxxxx
Mailing-list: contact zsh-workers-help@xxxxxxx; run by ezmlm
Organization: DeuxChevaux.org -- The Citroën 2CV Database
References: <20130912221812.GY19439@sym.noone.org> <20130913093732.25326b25@pwslap01u.europe.root.pri>

Hi Peter,

On Fri, Sep 13, 2013 at 09:37:32AM +0100, Peter Stephenson wrote:
> On Fri, 13 Sep 2013 00:18:13 +0200
> Axel Beckert <abe@xxxxxxxxxxxxxxx> wrote:
> > I managed to get my zsh 5.0.2 to segfault on entering "task " and then
> > pressing the tabulator key twice.
> > First few lines of the backtrace:
> > 
> > Program received signal SIGSEGV, Segmentation fault.
> > freecvdef (d=0x100000001) at ../../../Src/Zle/computil.c:2799
> > 2799    ../../../Src/Zle/computil.c: No such file or directory.
> > #0  freecvdef (d=0x100000001) at ../../../Src/Zle/computil.c:2799
> > #1  0x00007ffff599f8a4 in get_cvdef (args=<optimized out>, nam=<optimized out>) at ../../../Src/Zle/computil.c:2998
> > #2  bin_compvalues (nam=<optimized out>, args=<optimized out>, ops=<optimized out>, func=<optimized out>) at ../../../Src/Zle/computil.c:3347
> 
> Looks like a memory error.  Does valgrind give any extra hints?

Not sure if used valgrind properly, but it looks as if it found
something:

% valgrind zsh -f
==6722== Memcheck, a memory error detector
==6722== Copyright (C) 2002-2012, and GNU GPL'd, by Julian Seward et al.
==6722== Using Valgrind-3.8.1 and LibVEX; rerun with -h for copyright info
==6722== Command: zsh -f
==6722== 
==6722== Syscall param capget(data) points to unaddressable byte(s)
==6722==    at 0x584AD77: capget (syscall-template.S:81)
==6722==    by 0x4E34902: cap_init (in /lib/x86_64-linux-gnu/libcap.so.2.22)
==6722==    by 0x4E34995: cap_get_proc (in /lib/x86_64-linux-gnu/libcap.so.2.22)
==6722==    by 0x488184: privasserted (in /bin/zsh5)
==6722==    by 0x46FF92: putpromptchar (in /bin/zsh5)
==6722==    by 0x471178: promptexpand (in /bin/zsh5)
==6722==    by 0x488A21: preprompt (in /bin/zsh5)
==6722==    by 0x43CC97: loop (in /bin/zsh5)
==6722==    by 0x43FD65: zsh_main (in /bin/zsh5)
==6722==    by 0x5783994: (below main) (libc-start.c:260)
==6722==  Address 0x0 is not stack'd, malloc'd or (recently) free'd
==6722== 
kiva6% autoload -Uz compinit
kiva6% compinit
==6726== 
==6726== HEAP SUMMARY:
==6726==     in use at exit: 630,408 bytes in 18,315 blocks
==6726==   total heap usage: 24,460 allocs, 6,145 frees, 5,131,211 bytes allocated
==6726== 
==6726== LEAK SUMMARY:
==6726==    definitely lost: 0 bytes in 0 blocks
==6726==    indirectly lost: 0 bytes in 0 blocks
==6726==      possibly lost: 0 bytes in 0 blocks
==6726==    still reachable: 630,408 bytes in 18,315 blocks
==6726==         suppressed: 0 bytes in 0 blocks
==6726== Rerun with --leak-check=full to see details of leaked memory
==6726== 
==6726== For counts of detected and suppressed errors, rerun with: -v
==6726== ERROR SUMMARY: 5 errors from 1 contexts (suppressed: 2 from 2)
kiva6% task ==6722== Invalid read of size 8
==6722==    at 0x7FF2E8C: freecvdef (in /usr/lib/x86_64-linux-gnu/zsh/5.0.2/zsh/computil.so)
==6722==    by 0x7FF68A3: bin_compvalues (in /usr/lib/x86_64-linux-gnu/zsh/5.0.2/zsh/computil.so)
==6722==    by 0x41C8D5: execbuiltin (in /bin/zsh5)
==6722==    by 0x42A78F: execcmd (in /bin/zsh5)
==6722==    by 0x42ACEC: execpline2 (in /bin/zsh5)
==6722==    by 0x42B213: execpline (in /bin/zsh5)
==6722==    by 0x42C5A1: execlist (in /bin/zsh5)
==6722==    by 0x44C1BF: execif (in /bin/zsh5)
==6722==    by 0x429CAE: execcmd (in /bin/zsh5)
==6722==    by 0x42ACEC: execpline2 (in /bin/zsh5)
==6722==    by 0x42B213: execpline (in /bin/zsh5)
==6722==    by 0x42C5A1: execlist (in /bin/zsh5)
==6722==  Address 0x100000001 is not stack'd, malloc'd or (recently) free'd
==6722== 
==6722== 
==6722== Process terminating with default action of signal 11 (SIGSEGV)
==6722==  Access not within mapped region at address 0x100000001
==6722==    at 0x7FF2E8C: freecvdef (in /usr/lib/x86_64-linux-gnu/zsh/5.0.2/zsh/computil.so)
==6722==    by 0x7FF68A3: bin_compvalues (in /usr/lib/x86_64-linux-gnu/zsh/5.0.2/zsh/computil.so)
==6722==    by 0x41C8D5: execbuiltin (in /bin/zsh5)
==6722==    by 0x42A78F: execcmd (in /bin/zsh5)
==6722==    by 0x42ACEC: execpline2 (in /bin/zsh5)
==6722==    by 0x42B213: execpline (in /bin/zsh5)
==6722==    by 0x42C5A1: execlist (in /bin/zsh5)
==6722==    by 0x44C1BF: execif (in /bin/zsh5)
==6722==    by 0x429CAE: execcmd (in /bin/zsh5)
==6722==    by 0x42ACEC: execpline2 (in /bin/zsh5)
==6722==    by 0x42B213: execpline (in /bin/zsh5)
==6722==    by 0x42C5A1: execlist (in /bin/zsh5)
==6722==  If you believe this happened as a result of a stack
==6722==  overflow in your program's main thread (unlikely but
==6722==  possible), you can try to increase the size of the
==6722==  main thread stack using the --main-stacksize= flag.
==6722==  The main thread stack size used in this run was 8388608.
==6722== 
==6722== HEAP SUMMARY:
==6722==     in use at exit: 893,406 bytes in 22,714 blocks
==6722==   total heap usage: 233,166 allocs, 210,452 frees, 17,418,357 bytes allocated
==6722== 
==6722== LEAK SUMMARY:
==6722==    definitely lost: 0 bytes in 0 blocks
==6722==    indirectly lost: 0 bytes in 0 blocks
==6722==      possibly lost: 0 bytes in 0 blocks
==6722==    still reachable: 893,406 bytes in 22,714 blocks
==6722==         suppressed: 0 bytes in 0 blocks
==6722== Rerun with --leak-check=full to see details of leaked memory
==6722== 
==6722== For counts of detected and suppressed errors, rerun with: -v
==6722== ERROR SUMMARY: 8 errors from 2 contexts (suppressed: 2 from 2)
[1]    6722 segmentation fault (core dumped)  valgrind zsh -f
valgrind zsh -f  14.68s user 1.45s system 26% cpu 1:01.61 total

HTH.

		Kind regards, Axel
-- 
/~\  Plain Text Ribbon Campaign                   | Axel Beckert
\ /  Say No to HTML in E-Mail and News            | abe@xxxxxxxxxxxxxxx  (Mail)
 X   See http://www.asciiribbon.org/              | abe@xxxxxxxxx (Mail+Jabber)
/ \  I love long mails: http://email.is-not-s.ms/ | http://noone.org/abe/ (Web)

Follow-Ups:
- Re: Segfault on "task <Tab><Tab>" with zsh 5.0.2
  - From: Peter Stephenson

References:
- Segfault on "task <Tab><Tab>" with zsh 5.0.2
  - From: Axel Beckert
- Re: Segfault on "task <Tab><Tab>" with zsh 5.0.2
  - From: Peter Stephenson

Messages sorted by: Reverse Date, Date, Thread, Author