Configuration Information [Automatically generated, do not change]: Machine: x86_64 OS: linux-gnu Compiler: gcc Compilation CFLAGS: -DPROGRAM='bash' -DCONF_HOSTTYPE='x86_64' -DCONF_OSTYPE='linux-gnu' -DCONF_MACHTYPE='x86_64-pc-linux-gnu' -DCONF_VENDOR='pc' -DLOCALEDIR='/usr/share/locale' -DPACKAGE='bash' -DSHELL -DHAVE_CONFIG_H -I. -I../. -I.././include -I.././lib -D_FORTIFY_SOURCE=2 -g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Werror=format-security -Wall uname output: Linux muffin 3.13.0-66-generic #108-Ubuntu SMP Wed Oct 7 15:20:27 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux Machine Type: x86_64-pc-linux-gnu
Bash Version: 4.3 Patch Level: 11 Release Status: release Description: Weird trap debug and signal handling problem in bashdb in running test test/integration/test-sig..sh. I've tried to narrow to scope of the problem by reducing the debugger commands that are invoked as well as the script that gets debugged. Attempts to write a small standalone program though elude me. Gdb show that bash is attempting to free memory from discard_pipeline() inside a restore_pipeline() which is in running run_debug_trap(). See the attached gdb backtrace. See also https://sourceforge.net/p/bashdb/bugs/36/ https://sourceforge.net/p/bashdb/bugs/37/ for where this was first reported. Repeat-By: Save attached sig-bug.cmd-ok and sig-bug.sh files and then run: bashdb -q --no-init -x sig-bug.cmd-ok sig-bug.sh
sig-bug.cmd-ok
Description: Binary data
sig-bug.sh
Description: Bourne shell script
$ gdb ./bash GNU gdb (Ubuntu 7.7.1-0ubuntu5~14.04.2) 7.7.1 Copyright (C) 2014 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html> This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "x86_64-linux-gnu". Type "show configuration" for configuration details. For bug reporting instructions, please see: <http://www.gnu.org/software/gdb/bugs/>. Find the GDB manual and other documentation resources online at: <http://www.gnu.org/software/gdb/documentation/>. For help, type "help". Type "apropos word" to search for commands related to "word"... Reading symbols from ./bash...done. (gdb) run /usr/bin/bashdb -q --no-init -x sig-bug.cmd sig-bug.sh Starting program: /src/build/bash-4.3.30/bash /usr/bin/bashdb -q --no-init -x sig-bug.cmd sig-bug.sh (/src/build/bash-4.3.30/sig-bug.sh:2): 2: x=1 +eval kill -TERM $$ Program received signal SIGTERM, Terminated. 0x00007ffff761efb7 in kill () at ../sysdeps/unix/syscall-template.S:81 81 ../sysdeps/unix/syscall-template.S: No such file or directory. (gdb) continue Continuing. Program received signal SIGTERM (15)... ->0 in file `/tmp/bashdb_eval_31721' at line 2 ##1 source("/tmp/bashdb_eval_31721") called from file `/usr/share/bashdb/command/eval.sh' at line 98 ##2 _Dbg_do_eval("kill", "-TERM", "$$") called from file `/usr/share/bashdb/lib/processor.sh' at line 293 ##3 _Dbg_onecmd("eval", "kill -TERM $$") called from file `/usr/share/bashdb/lib/processor.sh' at line 202 ##4 _Dbg_process_commands() called from file `/usr/share/bashdb/lib/hook.sh' at line 266 ##5 _Dbg_hook_enter_debugger("after being stepped") called from file `/usr/share/bashdb/lib/hook.sh' at line 182 ##6 _Dbg_debug_trap_handler("0", "x=1") called from file `sig-bug.sh' at line 2 ##7 source("sig-bug.sh") called from file `/usr/bin/bashdb' at line 97 ##8 main() called from file `/usr/bin/bashdb' at line 0 +eval kill -TERM $$ Program received signal SIGTERM, Terminated. 0x00007ffff761efb7 in kill () at ../sysdeps/unix/syscall-template.S:81 81 in ../sysdeps/unix/syscall-template.S (gdb) continue Continuing. Program received signal SIGTERM (15)... ->0 in file `/tmp/bashdb_eval_31721' at line 1 ##1 source("/tmp/bashdb_eval_31721") called from file `/usr/share/bashdb/command/eval.sh' at line 98 ##2 _Dbg_do_eval("kill", "-TERM", "$$") called from file `/usr/share/bashdb/lib/processor.sh' at line 293 ##3 _Dbg_onecmd("eval", "kill -TERM $$") called from file `/usr/share/bashdb/lib/processor.sh' at line 202 ##4 _Dbg_process_commands() called from file `/usr/share/bashdb/lib/hook.sh' at line 266 ##5 _Dbg_hook_enter_debugger("on receiving a signal", "noprint") called from file `/usr/share/bashdb/lib/sig.sh' at line 202 ##6 _Dbg_sig_handler("15", "x=1") called from file `/tmp/bashdb_eval_31721' at line 1 ##7 source("/tmp/bashdb_eval_31721") called from file `/usr/share/bashdb/command/eval.sh' at line 98 ##8 _Dbg_do_eval("kill", "-TERM", "$$") called from file `/usr/share/bashdb/lib/processor.sh' at line 293 ##9 _Dbg_onecmd("eval", "kill -TERM $$") called from file `/usr/share/bashdb/lib/processor.sh' at line 202 ##10 _Dbg_process_commands() called from file `/usr/share/bashdb/lib/hook.sh' at line 266 ##11 _Dbg_hook_enter_debugger("after being stepped") called from file `/usr/share/bashdb/lib/hook.sh' at line 182 ##12 _Dbg_debug_trap_handler("0", "x=1") called from file `sig-bug.sh' at line 2 ##13 source("sig-bug.sh") called from file `/usr/bin/bashdb' at line 97 ##14 main() called from file `/usr/bin/bashdb' at line 0 +continue $? is 0 $? is 0 Program received signal SIGSEGV, Segmentation fault. internal_free (mem=0xcfcfcfcfcfcfcfcf, file=0x4d0d1e "jobs.c", line=1090, flags=<optimized out>) at malloc.c:863 863 if (p->mh_alloc == ISMEMALIGN) (gdb) where #0 internal_free (mem=0xcfcfcfcfcfcfcfcf, file=0x4d0d1e "jobs.c", line=1090, flags=<optimized out>) at malloc.c:863 #1 0x000000000048a02e in sh_xfree (string=0xcfcfcfcfcfcfcfcf, file=0x4d0d1e "jobs.c", line=1090) at xmalloc.c:221 #2 0x000000000044c630 in discard_pipeline (chain=0xae7348) at jobs.c:1090 #3 0x000000000044b2ce in restore_pipeline (discard=1) at jobs.c:451 #4 0x000000000046a525 in run_debug_trap () at trap.c:1008 #5 0x000000000043bec7 in execute_simple_command (simple_command=0x72a488, pipe_in=-1, pipe_out=-1, async=0, fds_to_close=0x725e48) at execute_cmd.c:3906 #6 0x0000000000436474 in execute_command_internal (command=0x72a0c8, asynchronous=0, pipe_in=-1, pipe_out=-1, fds_to_close=0x725e48) at execute_cmd.c:787 #7 0x000000000048f8ef in parse_and_execute (string=<optimized out>, from_file=from_file@entry=0x729668 "sig-bug.sh", flags=flags@entry=20) at evalstring.c:388 #8 0x000000000048efc3 in _evalfile (filename=0x729668 "sig-bug.sh", flags=<optimized out>) at evalfile.c:272 #9 0x000000000048f23d in source_file (filename=filename@entry=0x729668 "sig-bug.sh", sflags=<optimized out>) at evalfile.c:352 #10 0x0000000000498579 in source_builtin (list=0xad21e8) at ./source.def:192 #11 0x000000000043ccb5 in execute_builtin (builtin=0x498440 <source_builtin>, words=0xad2f28, flags=0, subshell=0) at execute_cmd.c:4346 #12 0x000000000043d8c5 in execute_builtin_or_function (words=0xad2f28, builtin=0x498440 <source_builtin>, var=0x0, redirects=0x0, fds_to_close=0x76c1a8, flags=0) at execute_cmd.c:4767 #13 0x000000000043c766 in execute_simple_command (simple_command=0x729c88, pipe_in=-1, pipe_out=-1, async=0, fds_to_close=0x76c1a8) at execute_cmd.c:4170 #14 0x0000000000436474 in execute_command_internal (command=0x729e88, asynchronous=0, pipe_in=-1, pipe_out=-1, fds_to_close=0x76c1a8) at execute_cmd.c:787 #15 0x0000000000435ade in execute_command (command=0x729e88) at execute_cmd.c:390 #16 0x00000000004211a5 in reader_loop () at eval.c:160 #17 0x000000000041ef28 in main (argc=7, argv=0x7fffffffdf28, env=0x7fffffffdf68) at shell.c:755 (gdb) frame 2 #2 0x000000000044c630 in discard_pipeline (chain=0xae7348) at jobs.c:1090 1090 FREE (this->command); (gdb) print this->command $1 = 0xcfcfcfcfcfcfcfcf <error: Cannot access memory at address 0xcfcfcfcfcfcfcfcf> (gdb) print *this $2 = {next = 0xaee340, pid = -808464433, status = -808464433, running = -808464433, command = 0xcfcfcfcfcfcfcfcf <error: Cannot access memory at address 0xcfcfcfcfcfcfcfcf>} (gdb)
