Re: D04parameter.ztst crashes if USE_MMAP is not defined

[Bart Schaefer <schaefer@xxxxxxxxxxxxxxxx>]

On Wed, Feb 28, 2024 at 8:23 AM Jun. T <takimoto-j@xxxxxxxxxxxxxxxxx> wrote:
>
> [2] The crash occurs in the test chunk
> "Unsetting and recreation of tied normal parameters".
> The chunk has 8 "print $STRING $string", and it crashes
> at the 6th of them.

valgrind says, after the 5th "print":

==608496== Conditional jump or move depends on uninitialised value(s)
==608496==    at 0x1D144A: paramsubst (subst.c:3822)
==608496==    by 0x1C93E2: stringsubst (subst.c:322)
==608496==    by 0x1C86BE: prefork (subst.c:142)
==608496==    by 0x152CAB: execcmd_exec (exec.c:3282)
==608496==    by 0x14F4FA: execpline2 (exec.c:2016)
==608496==    by 0x14E081: execpline (exec.c:1741)
==608496==    by 0x14D2D7: execlist (exec.c:1495)
==608496==    by 0x14C905: execode (exec.c:1276)
==608496==    by 0x15B53B: runshfunc (exec.c:6164)
==608496==    by 0x15AA51: doshfunc (exec.c:6010)
==608496==    by 0x1596FE: execshfunc (exec.c:5548)
==608496==    by 0x1590D0: execfuncdef (exec.c:5408)

Line 3822 is:
   3822     if (isarr > 0 && !plan9 && (!aval || !aval[0])) {

That would be during one of the expansions ...

  STRING=a:b
  typeset -T STRING string
  print $STRING $string
  unset string
  STRING=x:y:z
  print $STRING $string  # ... here

Minimally reproducible from Src/zsh -f with

() {
  local STRING=a:b
  typeset -T STRING string
  unset string
  STRING=x:y:z
  print $STRING $string
}

BUT!  Only the first time after shell startup.  Repeated calls do not
produce repeated warnings from valgrind.

> Maybe the crash is related with
> some state of the heap?

That must be it, because the heap uses mapped memory when it can and I
don't see any other way HAVE_MMAP could be involved.