bug-bash
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Segmentation fault when nesting several thousand heredocs


From: Chet Ramey
Subject: Re: Segmentation fault when nesting several thousand heredocs
Date: Fri, 10 Feb 2017 11:05:05 -0500
User-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:45.0) Gecko/20100101 Thunderbird/45.7.1

On 2/10/17 12:15 AM, Tom wrote:

> Bash Version: 4.4
> Patch Level: 11
> Release Status: release
> 
> Description:
>     A segmentation fault occurs when nesting several thousand heredocs, as in
>     the example in the Repeat-By section. I have tested this on several
>     different distros, OSes and versions, all of them are affected. From 
> memory,
>     those were OS X, Linux, Windows (cygwin), and a jailbroken iPad.
> 
>     I did not include it in the title as I'm not knowledgable enough to be 
> sure,
>     but I believe this is a stack overflow, because it dies after creating 
> tens
>     of thousands of stack frames, and changing `ulimit -s` seems to affect how
>     many heredocs trigger the bug.

This isn't what you think it is.  You've constructed a single `for' command
whose body consists of a list containing 40,000 simple commands: a single
instance of `cat' (with a very large here-document) and 39,999 invocations
of a non-existent command named `A'.  Then you have a syntax error
(`done').

The problem with the stack comes in because bash executes the command list
recursively.  The command tree that gets built is left-side-heavy, because
command lists are left-associative.  When bash executes the stuff before
the final `A', it recursively traverses the left side looking for the first
command in the list.  On my machine, it gets about 39,300 levels deep
before exceeding the stack size resource limit trying to execute a function
and getting killed.

I suppose bash could traverse that tree non-recursively, but, since the
command to the left of the `;' or newline can be anything, it's better to
just call the command execution code on that command.

-- 
``The lyf so short, the craft so long to lerne.'' - Chaucer
                 ``Ars longa, vita brevis'' - Hippocrates
Chet Ramey, UTech, CWRU    chet@case.edu    http://cnswww.cns.cwru.edu/~chet/



reply via email to

[Prev in Thread] Current Thread [Next in Thread]