/bin/zsh crashes running simple shell script
| Originator: | shmlchr | ||
| Number: | rdar://10036406 | Date Originated: | 28-Aug-2011 07:10 PM |
| Status: | Open | Resolved: | |
| Product: | Mac OS X | Product Version: | 10.7.3 |
| Classification: | Crash/Hang/Data Loss | Reproducible: | Always |
Summary:
/bin/zsh crashes with a segmentation fault when running the attached shell script.
Steps to Reproduce:
Save the attached script "zsh-crash.zsh" to ~/Desktop/zsh-crash.zsh.
Open Terminal and make script executable:
chmod +x ~/zsh-crash.zsh
Then run script:
~/zsh-crash.zsh
Expected Results: Script finishes without a segmentation fault.
Actual Results:/bin/zsh crashes with a segmentation fault
Regression:
If run in GDB, crash does not occur.
Using a zsh 4.3.11 or 4.3.12 compiled via homebrew fixes the problem.
Running the same script on Debian Stable with the same ZSH version 4.3.11, the script returns 1 and does not print anything. It does not crash, either.
I have made a fresh installation of Lion to an external USB hard drive and the crash occurs with that as well. In fact, the attached crash report is front that installation, not my main installation.
Notes:
Removing a single line from the script may fix the problem -- even if the removed line is a comment line. So it clearly is rather unrelated to the actual contents of the script.
I have previously had zsh crashing in different circumstances when calling a function recursively. The same script led zsh on Debian to not crash but report an error. So there is definitely something wrong in the zsh that shipped with Lion.
UPDATE 7 March 2012:
This issue still exists in 10.7.3.
How to reproduce: Download the attached shell script and make it executable. Become root and run the file.
# sudo -s
# uname -a
Darwin simac.srvr.ch 11.3.0 Darwin Kernel Version 11.3.0: Thu Jan 12 18:47:41 PST 2012; root:xnu-1699.24.23~1/RELEASE_X86_64 x86_64
# /Users/shz/Downloads/zsh-crash.zsh
***
*** Number of arguments: 0
[1] 37746 segmentation fault /Users/shz/Downloads/zsh-crash.zsh
To run in LLDB (from Xcode 4.3):
# lldb /bin/zsh
Current executable set to '/bin/zsh' (x86_64).
(lldb) run /Users/shz/Downloads/zsh-crash.zsh
Process 37530 launched: '/bin/zsh' (x86_64)
***
*** Number of arguments: 0
Process 37530 stopped
* thread #1: tid = 0x1c03, 0x00007fff9ae5f4f0 libsystem_c.dylib`strlen + 16, stop reason = EXC_BAD_ACCESS (code=1, address=0x122cde630)
frame #0: 0x00007fff9ae5f4f0 libsystem_c.dylib`strlen + 16
libsystem_c.dylib`strlen + 16:
-> 0x7fff9ae5f4f0: pcmpeqb (%rdi), %xmm0
0x7fff9ae5f4f4: andl $15, %ecx
0x7fff9ae5f4f7: shll %cl, %eax
0x7fff9ae5f4f9: pmovmskb %xmm0, %ecx
(lldb) bt
* thread #1: tid = 0x1c03, 0x00007fff9ae5f4f0 libsystem_c.dylib`strlen + 16, stop reason = EXC_BAD_ACCESS (code=1, address=0x122cde630)
frame #0: 0x00007fff9ae5f4f0 libsystem_c.dylib`strlen + 16
frame #1: 0x0000000100058494 zsh`getpermtext + 412
frame #2: 0x0000000100058804 zsh`getredirs + 690
frame #3: 0x0000000100058ef3 zsh`getredirs + 2465
frame #4: 0x000000010005980a zsh`getjobtext + 122
frame #5: 0x0000000100015de4 zsh`execlist + 2058
frame #6: 0x000000010001623b zsh`execlist + 3169
frame #7: 0x00000001000158d6 zsh`execlist + 764
frame #8: 0x000000010001237d zsh`execode + 229
frame #9: 0x000000010002668a zsh`loop + 753
frame #10: 0x00000001000278b9 zsh`zsh_main + 2304
frame #11: 0x0000000100000ae0 zsh`start + 52
(lldb)
Comments
Please note: Reports posted here will not necessarily be seen by Apple. All problems should be submitted at bugreport.apple.com before they are posted here. Please only post information for Radars that you have filed yourself, and please do not include Apple confidential information in your posts. Thank you!