Re: Complicated segfault regression

[Peter Stephenson <p.stephenson@xxxxxxxxxxx>]

On Thu, 2 Jul 2015 23:36:56 +0200
Martijn Dekker <martijn@xxxxxxxx> wrote:
> Just for the hell of it I decided to make zsh 5.0.8 run a GNU
> 'configure' script (in sh mode) to see how far it would come with that
> incredibly convoluted code. The result was a segfault. So I tried to
> find the code that triggers it.

Thanks for trying to find this.  Based on Bart's clue that the text
representation is going wrong at some point to do with "case" , I've
narrowed it down a bit further... The following file, crash4.zsh

# --- begin crashing code block ---
fn() {
  case $ac_file in
    *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb \
    | *.bbg | *.map | *.inf | *.dSYM | *.o | *.obj ) ;;
    *.* ) break;;
    * ) break;;
  esac
}
# --- end crashing code block ---

when sourced produces the following output for "which fn"
(I've used "-x 2", only recently made available):

(N.B. there's a long line I haven't attempted to wrap myself...)

fn () {
  case $ac_file in
    (*.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM | *.o | *.obj)  ;;
    (*.*) break
}

which has evidently gone haywiere (though this version wasn't
particularly crash prone), while the slightly further simplified
crash5.zsh:

# --- begin crashing code block ---
fn() {
  case $ac_file in
    *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb ) ;;
    *.* ) break;;
    * ) break;;
  esac
}
# --- end crashing code block ---

doesn't show that effect:

fn () {
  case $ac_file in
    (*.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb)  ;;
    (*.*) break ;;
    (*) break ;;
  esac
}

So the best guess so far is it's do with memory management of the long
case with the continuation line.

pws