Zsh Mailing List Archive
Messages sorted by: Reverse Date, Date, Thread, Author

[hamer@xxxxxxxxxxxx: Bug#590736: zsh: Segmentation fault in completion]

----- Forwarded message from ÐÐÐÐÑÐÐÐÑ ÐÐÐÐÑÐÐÐÐ <hamer@xxxxxxxxxxxx> -----

Date: Thu, 29 Jul 2010 01:12:48 +0300
From: ÐÐÐÐÑÐÐÐÑ ÐÐÐÐÑÐÐÐÐ <hamer@xxxxxxxxxxxx>
To: Debian Bug Tracking System <submit@xxxxxxxxxxxxxxx>
Subject: Bug#590736: zsh: Segmentation fault in completion

Package: zsh
Version: 4.3.10-14

To reproduce this bug, mpc (an MPD client) is needed.
~/.zshrc must contain lines:
        setopt recexact
        autoload -U compinit
After adding some songs to current playlist od MPD, type
"mpc play " in zsh and press <TAB>.

Probably, segfaults like this may appear in other cases too.

Debugger session around this bug:
(gdb) run
Starting program: /usr/local/bin/zsh
hamer# mpc play
Program received signal SIGSEGV, Segmentation fault.
0x00007ffff64fe9bb in matcheq (a=0x7ffff7ff6af8, b=0x0) at compcore.c:3070
3070        return matchstreq(a->ipre, b->ipre) &&
(gdb) list
3066    /**/
3067    static int
3068    matcheq(Cmatch a, Cmatch b)
3069    {
3070        return matchstreq(a->ipre, b->ipre) &&
3071            matchstreq(a->pre, b->pre) &&
3072            matchstreq(a->ppre, b->ppre) &&
3073            matchstreq(a->psuf, b->psuf) &&
3074            matchstreq(a->suf, b->suf) &&
(gdb) print a
$1 = (Cmatch) 0x7ffff7ff6af8
(gdb) print b
$2 = (Cmatch) 0x0
(gdb) up
#1  0x00007ffff64fe395 in add_match_data (alt=0, str=0x7ffff7ff6af0 "",
orig=0x75cc10 "", line=0x7ffff7ff6970, ipre=0x7ffff7ff67b8 "", ripre=0x0,
isuf=0x7ffff7ff67c0 "", pre=0x0, prpre=0x0, ppre=0x0, pline=0x0, psuf=0x0,
    sline=0x0, suf=0x0, flags=64, exact=1) at compcore.c:2935
2935            } else if (useexact && !matcheq(cm, ai->exactm)) {

As you can see, problem is in spelling NULL-pointer in matcheq().

For resolving ths bug, i propose use this patch:

diff -Naur zsh-4.3.10.orig/Src/Zle/compcore.c zsh-4.3.10/Src/Zle/compcore.c
--- zsh-4.3.10.orig/Src/Zle/compcore.c  2009-01-13 12:15:38.000000000 +0000
+++ zsh-4.3.10/Src/Zle/compcore.c       2010-07-27 22:58:40.726692827 +0000
@@ -2932,7 +2932,7 @@
                comp_setunset(0, 0, CP_EXACTSTR, 0);
            ai->exactm = cm;
-       } else if (useexact && !matcheq(cm, ai->exactm)) {
+       } else if (useexact && (!ai->exactm || !matcheq(cm, ai->exactm))) {
            ai->exact = 2;
            ai->exactm = NULL;
            if (incompfunc)

P.S.: I have already reported this bug to devepolers of zsh

-- System Information:
Debian Release: squeeze/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: i386 (i686)

Kernel: Linux 2.6.32-5-686 (SMP w/1 CPU core)
Locale: LANG=ru_RU.UTF-8, LC_CTYPE=ru_RU.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages zsh depends on:
ii  libc6                     2.11.2-2       Embedded GNU C Library:  
Shared lib
ii  libcap2                   1:2.17-2       support for getting/setting  
ii  libncursesw5              5.7+20100313-2 shared libraries for terminal 

Versions of packages zsh recommends:
ii  libc6                         2.11.2-2   Embedded GNU C Library:  
Shared lib
ii  libpcre3                      7.8-3      Perl 5 Compatible Regular  

Versions of packages zsh suggests:
ii  zsh-doc                       4.3.10-14  zsh documentation - info/HTML 

-- no debconf information

----- End forwarded message -----

Messages sorted by: Reverse Date, Date, Thread, Author