Zsh Mailing List Archive Messages sorted by: Reverse Date, Date, Thread, Author

Re: segfault via completion menu

X-seq: zsh-workers 44351
From: Peter Stephenson <p.stephenson@xxxxxxxxxxx>
To: <zsh-workers@xxxxxxx>
Subject: Re: segfault via completion menu
Date: Wed, 22 May 2019 09:49:21 +0100
Cms-type: 201P
Dkim-filter: OpenDKIM Filter v2.11.0 mailout2.w1.samsung.com 20190522084924euoutp026a3e035cb61bf6d74204efdf98c39361~g9RpJF7x_1661616616euoutp026
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=samsung.com; s=mail20170921; t=1558514964; bh=+4qk6Ctj6otkbCC5RHgy9KJiDYXoEfGxUMw1/8SO9TU=; h=Subject:From:To:Date:In-Reply-To:References:From; b=gfjVOiG5K9+1byyVscFN/rdTez2xEUWODtKBrn/alhIlZatovlCnD5ptbcdXXAVvV EWuRBRs7imoWy2jRFf2qvDyrAB8kdU6nZvDxkZPSnH6fTU80Q4RghO85rvfvwSvZIP 2pkbUyIS8SYwhXw8zyk2iYbE3ciBRPyOqbEDaNf0=
In-reply-to: <CAH+w=7Z2yT_SeyjE=ObXJw-yFW71rfSn3iv+WqvcmX6VLJY1-A@mail.gmail.com>
List-help: <mailto:zsh-workers-help@zsh.org>
List-id: Zsh Workers List <zsh-workers.zsh.org>
List-post: <mailto:zsh-workers@zsh.org>
List-unsubscribe: <mailto:zsh-workers-unsubscribe@zsh.org>
Mailing-list: contact zsh-workers-help@xxxxxxx; run by ezmlm
References: <CAEpdsiaGRHHZMnV1Aq7+9wwZpE3qH9dV4c-jVfTxMRO810TyHg@mail.gmail.com> <92606-1558385755.382793@sll5.5oha.0as1> <90e15b90-14bb-4ef0-9aef-cc15c0fa0935@www.fastmail.com> <CGME20190521222035epcas2p295fe9ea74a0ef2c74752ee1c6ecf5351@epcas2p2.samsung.com> <CAH+w=7Z2yT_SeyjE=ObXJw-yFW71rfSn3iv+WqvcmX6VLJY1-A@mail.gmail.com>

On Tue, 2019-05-21 at 15:19 -0700, Bart Schaefer wrote:
> On Tue, May 21, 2019 at 2:59 PM Daniel Shahaf <d.s@xxxxxxxxxxxxxxxxxx> wrote:
> If an error occurs as a result of NEWHEAPS()/OLDHEAPS() in the context
> of workers/36853, it ought to be traceable to something leaking
> heap-allocated storage across boundaries, and probably means there was
> a memory leak when interrupting a pattern match before, which this has
> turned into an error by freeing the previously leaked space.

This is really just saying the same thing a different way, but ---
the original crash was in patmatch() when looking at the pattern code,
which is set up when we compile a pattern in a different
function.  So there's probably some path where it's possible not to
recompile a pattern or reuse a pattern without recompiling, or simply
hang on to it too long.

It'll be something in the prog passed into pattry() from evalcond() and
I'm guesing in this case the pprog in that function came from
stat->prog->pats[npat] so was fished out of the existing programme
rather than compiled locally.

In general (and fairly obviously), anything stored long term in compiled
code is in permanent (i.e. explicitly freed) storage and if the value is
on the heap it should only have been parsed or copied from permanent
storage for immediate use.

pws

Follow-Ups:
- Re: segfault via completion menu
  - From: Peter Stephenson

References:
- segfault via completion menu
  - From: Wesley Schwengle
- Re: segfault via completion menu
  - From: Oliver Kiddle
- Re: segfault via completion menu
  - From: Daniel Shahaf
- Re: segfault via completion menu
  - From: Bart Schaefer

Messages sorted by: Reverse Date, Date, Thread, Author