bin/137640: [PATCH] sh(1) crash when redefining current function
Jilles Tjoelker
jilles at stack.nl
Fri Aug 14 14:20:05 UTC 2009
The following reply was made to PR bin/137640; it has been noted by GNATS.
From: Jilles Tjoelker <jilles at stack.nl>
To: bug-followup at FreeBSD.org, jilles at stack.nl
Cc:
Subject: Re: bin/137640: [PATCH] sh(1) crash when redefining current
function
Date: Fri, 14 Aug 2009 16:17:24 +0200
--azLHFNyN32YCQGCU
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
That patch does not work, try this.
--azLHFNyN32YCQGCU
Content-Type: text/x-diff; charset=us-ascii
Content-Disposition: attachment; filename="func-redef-fix.patch"
Fix crash when undefining or redefining a currently executing function.
Memory may leak if multiple SIGINTs arrive in interactive mode,
this will be fixed later by changing SIGINT handling.
diff --git a/eval.c b/eval.c
--- a/eval.c
+++ b/eval.c
@@ -791,6 +791,7 @@ evalcommand(union node *cmd, int flags,
INTOFF;
savelocalvars = localvars;
localvars = NULL;
+ reffunc(cmdentry.u.func);
INTON;
savehandler = handler;
if (setjmp(jmploc.loc)) {
@@ -800,6 +801,7 @@ evalcommand(union node *cmd, int flags,
freeparam(&shellparam);
shellparam = saveparam;
}
+ unreffunc(cmdentry.u.func);
poplocalvars();
localvars = savelocalvars;
handler = savehandler;
@@ -811,11 +813,12 @@ evalcommand(union node *cmd, int flags,
funcnest++;
exitstatus = oexitstatus;
if (flags & EV_TESTED)
- evaltree(cmdentry.u.func, EV_TESTED);
+ evaltree(&cmdentry.u.func->n, EV_TESTED);
else
- evaltree(cmdentry.u.func, 0);
+ evaltree(&cmdentry.u.func->n, 0);
funcnest--;
INTOFF;
+ unreffunc(cmdentry.u.func);
poplocalvars();
localvars = savelocalvars;
freeparam(&shellparam);
diff --git a/exec.c b/exec.c
--- a/exec.c
+++ b/exec.c
@@ -286,7 +286,7 @@ printentry(struct tblentry *cmdp, int ve
out1fmt("function %s", cmdp->cmdname);
if (verbose) {
INTOFF;
- name = commandtext(cmdp->param.func);
+ name = commandtext(&cmdp->param.func->n);
out1c(' ');
out1str(name);
ckfree(name);
@@ -583,7 +583,7 @@ deletefuncs(void)
while ((cmdp = *pp) != NULL) {
if (cmdp->cmdtype == CMDFUNCTION) {
*pp = cmdp->next;
- freefunc(cmdp->param.func);
+ unreffunc(cmdp->param.func);
ckfree(cmdp);
} else {
pp = &cmdp->next;
@@ -670,7 +670,7 @@ addcmdentry(char *name, struct cmdentry
INTOFF;
cmdp = cmdlookup(name, 1);
if (cmdp->cmdtype == CMDFUNCTION) {
- freefunc(cmdp->param.func);
+ unreffunc(cmdp->param.func);
}
cmdp->cmdtype = entry->cmdtype;
cmdp->param = entry->u;
@@ -705,7 +705,7 @@ unsetfunc(char *name)
struct tblentry *cmdp;
if ((cmdp = cmdlookup(name, 0)) != NULL && cmdp->cmdtype == CMDFUNCTION) {
- freefunc(cmdp->param.func);
+ unreffunc(cmdp->param.func);
delete_cmd_entry();
return (0);
}
diff --git a/exec.h b/exec.h
--- a/exec.h
+++ b/exec.h
@@ -46,11 +46,12 @@ enum {
TYPECMD_TYPE /* type */
};
+union node;
struct cmdentry {
int cmdtype;
union param {
int index;
- union node *func;
+ struct funcdef *func;
} u;
int special;
};
diff --git a/mknodes.c b/mknodes.c
--- a/mknodes.c
+++ b/mknodes.c
@@ -248,8 +248,13 @@ output(char *file)
fputs("\tstruct nodelist *next;\n", hfile);
fputs("\tunion node *n;\n", hfile);
fputs("};\n\n\n", hfile);
- fputs("union node *copyfunc(union node *);\n", hfile);
- fputs("void freefunc(union node *);\n", hfile);
+ fputs("struct funcdef {\n", hfile);
+ fputs("\tunsigned int refcount;\n", hfile);
+ fputs("\tunion node n;\n", hfile);
+ fputs("};\n\n\n", hfile);
+ fputs("struct funcdef *copyfunc(union node *);\n", hfile);
+ fputs("void reffunc(struct funcdef *);\n", hfile);
+ fputs("void unreffunc(struct funcdef *);\n", hfile);
fputs(writer, cfile);
while (fgets(line, sizeof line, patfile) != NULL) {
diff --git a/nodes.c.pat b/nodes.c.pat
--- a/nodes.c.pat
+++ b/nodes.c.pat
@@ -35,6 +35,7 @@
#include <sys/param.h>
#include <stdlib.h>
+#include <stddef.h>
/*
* Routine for dealing with parsed shell commands.
*/
@@ -65,17 +66,22 @@ STATIC char *nodesavestr(char *);
* Make a copy of a parse tree.
*/
-union node *
+struct funcdef *
copyfunc(union node *n)
{
+ struct funcdef *fn;
+
if (n == NULL)
return NULL;
- funcblocksize = 0;
+ funcblocksize = offsetof(struct funcdef, n);
funcstringsize = 0;
calcsize(n);
- funcblock = ckmalloc(funcblocksize + funcstringsize);
- funcstring = (char *)funcblock + funcblocksize;
- return copynode(n);
+ fn = ckmalloc(funcblocksize + funcstringsize);
+ fn->refcount = 1;
+ funcblock = (char *)fn + offsetof(struct funcdef, n);
+ funcstring = (char *)fn + funcblocksize;
+ copynode(n);
+ return fn;
}
@@ -144,14 +150,25 @@ nodesavestr(char *s)
}
+void
+reffunc(struct funcdef *fn)
+{
+ fn->refcount++;
+}
+
/*
- * Free a parse tree.
+ * Decrement the reference count of a function definition, freeing it
+ * if it falls to 0.
*/
void
-freefunc(union node *n)
+unreffunc(struct funcdef *fn)
{
- if (n)
- ckfree(n);
+ if (fn) {
+ fn->refcount--;
+ if (fn->refcount > 0)
+ return;
+ ckfree(fn);
+ }
}
--azLHFNyN32YCQGCU--
More information about the freebsd-bugs
mailing list