Bug 1053938

Summary: [abrt] ksh: sh_assignok(): ksh killed by SIGSEGV
Product: [Fedora] Fedora Reporter: Christian Kujau <redhat>
Component: kshAssignee: Michal Hlavinka <mhlavink>
Status: CLOSED ERRATA QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 20CC: mhlavink, thomas.swan
Target Milestone: ---   
Target Release: ---   
Hardware: x86_64   
OS: Unspecified   
URL: https://retrace.fedoraproject.org/faf/reports/bthash/ca8716543937ddc65873d970994a91d2f1648721
Whiteboard: abrt_hash:42d63f87b9db75810c7fded1a22c5eb156419e06
Fixed In Version: ksh-20120801-17.fc20 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2014-04-14 22:44:19 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
File: backtrace
none
File: cgroup
none
File: core_backtrace
none
File: dso_list
none
File: environ
none
File: exploitable
none
File: limits
none
File: maps
none
File: open_fds
none
File: proc_pid_status
none
File: var_log_messages none

Description Christian Kujau 2014-01-16 02:57:15 UTC 
Description of problem:
ksh executing a script

Version-Release number of selected component:
ksh-20120801-11.fc20

Additional info:
reporter:       libreport-2.1.11
backtrace_rating: 4
cmdline:        ksh /home/christian/bin/fib.sh 25
crash_function: sh_assignok
executable:     /usr/bin/ksh
kernel:         3.12.6-300.fc20.x86_64
runlevel:       5 3
type:           CCpp
uid:            1000

Truncated backtrace:
Thread no. 1 (10 frames)
 #0 sh_assignok at /usr/src/debug/ksh-20120801/src/cmd/ksh93/sh/subshell.c:243
 #1 nv_putval at /usr/src/debug/ksh-20120801/src/cmd/ksh93/sh/name.c:1615
 #2 b_dot_cmd at /usr/src/debug/ksh-20120801/src/cmd/ksh93/bltins/misc.c:316
 #3 sh_funct at /usr/src/debug/ksh-20120801/src/cmd/ksh93/sh/xec.c:3523
 #4 sh_exec at /usr/src/debug/ksh-20120801/src/cmd/ksh93/sh/xec.c:1579
 #5 sh_subshell at /usr/src/debug/ksh-20120801/src/cmd/ksh93/sh/subshell.c:590
 #6 comsubst at /usr/src/debug/ksh-20120801/src/cmd/ksh93/sh/macro.c:2135
 #7 varsub at /usr/src/debug/ksh-20120801/src/cmd/ksh93/sh/macro.c:1168
 #8 copyto at /usr/src/debug/ksh-20120801/src/cmd/ksh93/sh/macro.c:633
 #9 sh_mactrim at /usr/src/debug/ksh-20120801/src/cmd/ksh93/sh/macro.c:183
Comment 1 Christian Kujau 2014-01-16 02:57:19 UTC 
Created attachment 850800 [details]
File: backtrace
Comment 2 Christian Kujau 2014-01-16 02:57:21 UTC 
Created attachment 850801 [details]
File: cgroup
Comment 3 Christian Kujau 2014-01-16 02:57:22 UTC 
Created attachment 850802 [details]
File: core_backtrace
Comment 4 Christian Kujau 2014-01-16 02:57:24 UTC 
Created attachment 850803 [details]
File: dso_list
Comment 5 Christian Kujau 2014-01-16 02:57:25 UTC 
Created attachment 850804 [details]
File: environ
Comment 6 Christian Kujau 2014-01-16 02:57:26 UTC 
Created attachment 850805 [details]
File: exploitable
Comment 7 Christian Kujau 2014-01-16 02:57:28 UTC 
Created attachment 850806 [details]
File: limits
Comment 8 Christian Kujau 2014-01-16 02:57:29 UTC 
Created attachment 850807 [details]
File: maps
Comment 9 Christian Kujau 2014-01-16 02:57:31 UTC 
Created attachment 850808 [details]
File: open_fds
Comment 10 Christian Kujau 2014-01-16 02:57:33 UTC 
Created attachment 850809 [details]
File: proc_pid_status
Comment 11 Christian Kujau 2014-01-16 02:57:34 UTC 
Created attachment 850810 [details]
File: var_log_messages
Comment 12 Christian Kujau 2014-01-16 03:18:01 UTC 
FWIW, this "fib.sh" is a small script to generate Fibonacci numbers, written by someone else: http://stackoverflow.com/a/19624322/2303098

And yeah, it's 100% reproducible with ksh with arguments greater than 24. bash,zsh seem to be fine. Also, ksh on an entirely different system (powerpc, ksh 93u+ 2012-02-29) dumps core as well, so this may be an "upstream" issue, if there is such a thing for "ksh".
Comment 13 Fedora Update System 2014-01-17 15:25:29 UTC 
ksh-20120801-12.fc19 has been submitted as an update for Fedora 19.
https://admin.fedoraproject.org/updates/ksh-20120801-12.fc19
Comment 14 Fedora Update System 2014-01-17 15:25:36 UTC 
ksh-20120801-14.fc20 has been submitted as an update for Fedora 20.
https://admin.fedoraproject.org/updates/ksh-20120801-14.fc20
Comment 15 Fedora Update System 2014-01-18 04:21:55 UTC 
Package ksh-20120801-14.fc20:
* should fix your issue,
* was pushed to the Fedora 20 testing repository,
* should be available at your local mirror within two days.
Update it with:
# su -c 'yum update --enablerepo=updates-testing ksh-20120801-14.fc20'
as soon as you are able to.
Please go to the following url:
https://admin.fedoraproject.org/updates/FEDORA-2014-1035/ksh-20120801-14.fc20
then log in and leave karma (feedback).
Comment 16 thomas.swan 2014-03-01 02:27:02 UTC 
After installing this update, ksh-20120801-14, man ksh inside ksh freezes the shell and it must be killed with SIGKILL.

Running transaction
  Updating   : ksh-20120801-14.fc20.x86_64                                  1/2 
  Cleanup    : ksh-20120801-11.fc20.x86_64                                  2/2 
  Verifying  : ksh-20120801-14.fc20.x86_64                                  1/2 
  Verifying  : ksh-20120801-11.fc20.x86_64                                  2/2 

Updated:
  ksh.x86_64 0:20120801-14.fc20                                                 

Complete!
[sample@example ~]$ ksh
$ man ksh


Killed
Comment 17 Fedora Update System 2014-04-14 22:44:19 UTC 
ksh-20120801-15.fc19 has been pushed to the Fedora 19 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 18 Fedora Update System 2014-04-14 22:48:19 UTC 
ksh-20120801-17.fc20 has been pushed to the Fedora 20 stable repository.  If problems still persist, please make note of it in this bug report.