Segfault on compound assignment to a variable whose name is set in the e

bug-bash

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Segfault on compound assignment to a variable whose name is set in the e

From:	Dan Douglas
Subject:	Segfault on compound assignment to a variable whose name is set in the environment of a declaration builtin.
Date:	Fri, 18 May 2012 13:08:51 -0500
User-agent:	KMail/4.8.3 (Linux/3.3.4-pf+; KDE/4.8.3; x86_64; ; )

Hi Chet, segfault occurs during array assignment if an attempt is made to 
modify a
variable of the same name from the environment. It appears to only occur in the 
global scope.
I imagine the expected result should be either an error, or to evaluate in a 
mannar similar to
`x=1 let "x[x++]=x"', for example.

One way to reproduce below:

 ~ $ ( rm core; ulimit -c unlimited; bash -c 'x=1 declare -a x=( [x++]= )'; gdb 
-q "$(type -P bash)" -c core )
Reading symbols from /bin/bash...Reading symbols from 
/usr/lib64/debug/bin/bash.debug...done.
done.
[New LWP 20493]

warning: Could not load shared library symbols for linux-vdso.so.1.
Do you need "set solib-search-path" or "set sysroot"?
Core was generated by `bash -c x=1 declare -a x=( [x++]= )'.
Program terminated with signal 11, Segmentation fault.
#0  0x00000000004630a0 in array_insert (a=0x8e03c0, i=0, v=0x8dfe50 "") at 
array.c:633
633             for (ae = element_forw(a->head); ae != a->head; ae = 
element_forw(ae)) {
(gdb) bt full
#0  0x00000000004630a0 in array_insert (a=0x8e03c0, i=0, v=0x8dfe50 "") at 
array.c:633
        new = 0x8e0240
        ae = 0x8e0070
#1  0x00000000004640fe in bind_array_var_internal (entry=0x8dff30, ind=0, 
key=0x0, value=0x8e0306 "", flags=0) at arrayfunc.c:163
        dentry = 0x1f333b550
        newval = 0x8dfe50 ""
#2  0x0000000000464b86 in assign_compound_array_list (var=0x8dff30, 
nlist=0x8dfe70, flags=0) at arrayfunc.c:529
        a = 0x8e01e0
        h = 0x0
        list = 0x8dfe70
        w = 0x8e0300 "[x++]="
        val = 0x8e0306 ""
        nval = 0x8dfff0 "x=([x++]=)"
        len = 4
        iflags = 0
        ind = 0
        last_ind = 0
        akey = 0x0
#3  0x0000000000464bfb in assign_array_var_from_string (var=0x8dff30, 
value=0x8dfcd2 "([x++]=)", flags=0) at arrayfunc.c:548
        nlist = 0x8dfe70
#4  0x000000000047cbd7 in declare_internal (list=0x8e0070, local_var=0) at 
./declare.def:509
        value = 0x8dfcd2 "([x++]=)"
        aflags = 0
        compound_array_assign = 1
        name = 0x8dfcd0 "x"
        offset = 1
        making_array_special = 0
        simple_array_assign = 0
        flags_on = 4
        flags_off = 0
        flags = 0x7ffff333b654
        any_failed = 0
        assign_error = 0
        pflag = 0
        nodefs = 0
        opt = -1
        mkglobal = 0
        t = 0x0
        subscript_start = 0x0
        var = 0x8dff30
        shell_fn = 0x0
#5  0x000000000047c004 in declare_builtin (list=0x21) at ./declare.def:98
No locals.
#6  0x0000000000433278 in execute_builtin (builtin=0x47bff0 <declare_builtin>, 
words=0x8dffb0, flags=64, subshell=0) at execute_cmd.c:4113
        old_e_flag = 0
        result = 0
        eval_unwind = 0
        isbltinenv = 0
        error_trap = 0x0
#7  0x0000000000433eb8 in execute_builtin_or_function (words=0x8dffb0, 
builtin=0x47bff0 <declare_builtin>, var=0x0, redirects=0x0,
    fds_to_close=0x8dfbc0, flags=64) at execute_cmd.c:4538
        result = 0
        saved_undo_list = 0x0
        ofifo = 0
        nfifo = 0
        osize = 0
        ofifo_list = 0x0
#8  0x0000000000432d8f in execute_simple_command (simple_command=0x8ddd30, 
pipe_in=-1, pipe_out=-1, async=0, fds_to_close=0x8dfbc0)
    at execute_cmd.c:3948
        words = 0x8dffb0
        lastword = 0x8e0070
        command_line = 0x0
        lastarg = 0x8dfff0 "x=([x++]=)"
        temp = 0x0
        first_word_quoted = 0
        result = 0
        builtin_is_special = 0
        already_forked = 0
        dofork = 0
        old_last_async_pid = -1
        builtin = 0x47bff0 <declare_builtin>
        func = 0x0
        old_builtin = 0
        old_command_builtin = 0
#9  0x000000000042d26f in execute_command_internal (command=0x8ddd00, 
asynchronous=0, pipe_in=-1, pipe_out=-1, fds_to_close=0x8dfbc0)
    at execute_cmd.c:735
        exec_result = 0
        user_subshell = 0
        invert = 0
        ignore_return = 0
        was_error_trap = 0
        my_undo_list = 0x0
        exec_undo_list = 0x0
        last_pid = -1
        save_line_number = 0
#10 0x000000000047ec83 in parse_and_execute (string=0x8dd630 "x=1 declare -a 
x=( [x++]= )", from_file=0x49ff30 "-c", flags=4) at evalstring.c:319
        bitmap = 0x8dfbc0
        code = 0
---Type <return> to continue, or q <return> to quit---
        lreset = 0
        should_jump_to_top_level = 0
        last_result = 0
        command = 0x8ddd00
#11 0x0000000000417f9b in run_one_command (command=0x7ffff333d820 "x=1 declare 
-a x=( [x++]= )") at shell.c:1315
        code = 0
#12 0x00000000004172a9 in main (argc=3, argv=0x7ffff333bb38, 
env=0x7ffff333bb58) at shell.c:688
        i = 0
        code = 0
        old_errexit_flag = 0
        saverst = 0
        locally_skip_execution = 0
        arg_index = 3
        top_level_arg_index = 3
(gdb) q
 $ echo $BASH_VERSION
4.2.28(1)-release

Thanks again. (not overly anxious for a fix.)
-- 
Dan Douglas

signature.asc
Description: This is a digitally signed message part.

[Prev in Thread]

Current Thread

[Next in Thread]

Segfault on compound assignment to a variable whose name is set in the environment of a declaration builtin., Dan Douglas <=
- Re: Segfault on compound assignment to a variable whose name is set in the environment of a declaration builtin., Chet Ramey, 2012/05/30

Prev by Date: Make money working at home in India
Next by Date: A small error in the Russian translation
Previous by thread: Make money working at home in India
Next by thread: Re: Segfault on compound assignment to a variable whose name is set in the environment of a declaration builtin.
Index(es):
- Date
- Thread