Bug 1247383
Summary: | Serious problem with correction of #1117404 | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
Product: | Red Hat Enterprise Linux 6 | Reporter: | Paulo Andrade <pandrade> | ||||||||
Component: | ksh | Assignee: | Michal Hlavinka <mhlavink> | ||||||||
Status: | CLOSED ERRATA | QA Contact: | Martin Kyral <mkyral> | ||||||||
Severity: | urgent | Docs Contact: | Milan Navratil <mnavrati> | ||||||||
Priority: | urgent | ||||||||||
Version: | 6.7 | CC: | anrussel, asanders, avaddara, btotty, bugproxy, byodlows, darroch_royden, david_m_scott, edanilch, fhirtz, fkrska, hannsj_uhl, hartsjc, hvyas, jherrman, jindrich.novy, jkurik, jwalter, kristof.van.damme.ext, linux26port, magoldma, mhlavink, mkolbas, mnavrati, msaxena, ovasik, pablo.iranzo, pandrade, pdwyer, richard.brittain, Saket_Pusalkar, srandhaw, tushii012, vyonkov, wburrows, zpytela | ||||||||
Target Milestone: | rc | Keywords: | Patch, Regression, Reproducer, ZStream | ||||||||
Target Release: | --- | ||||||||||
Hardware: | All | ||||||||||
OS: | All | ||||||||||
Whiteboard: | |||||||||||
Fixed In Version: | ksh-20120801-31.el6 | Doc Type: | Bug Fix | ||||||||
Doc Text: |
KornShell now resets and modifies signal traps as expected and no longer crashes
Previously, KornShell (ksh) terminated unexpectedly with a segmentation fault when attempting to reset or modify certain signal traps. With this update, ksh does not attempt to free memory used for a string literal. As a result, ksh no longer crashes in the described situation.
|
Story Points: | --- | ||||||||
Clone Of: | |||||||||||
: | 1252896 1298641 (view as bug list) | Environment: | |||||||||
Last Closed: | 2016-05-11 00:46:37 UTC | Type: | Bug | ||||||||
Regression: | --- | Mount Type: | --- | ||||||||
Documentation: | --- | CRM: | |||||||||
Verified Versions: | Category: | --- | |||||||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||||
Cloudforms Team: | --- | Target Upstream Version: | |||||||||
Embargoed: | |||||||||||
Bug Depends On: | |||||||||||
Bug Blocks: | 1145214, 1172231, 1200114, 1239105, 1252896, 1298641 | ||||||||||
Attachments: |
|
Description
Paulo Andrade
2015-07-27 20:48:45 UTC
Setting priority/severity to urgent because I believe this will affect a lot of users. Reproducer fixed by experimental package at http://people.redhat.com/pandrade/ksh-20120801-28.el6.1.sfdc01482714/x86_64/ $ cat nohup.ksh.segv #!/bin/ksh trap '' 1 HIVAR=`echo hi` $ nohup ksh nohup.ksh.segv *** Bug 1246815 has been marked as a duplicate of this bug. *** *** Bug 1248134 has been marked as a duplicate of this bug. *** *** Bug 1239105 has been marked as a duplicate of this bug. *** Hi, we have tried to rerun the same steps and it reproduced again, adding core here. This shell script was invoked from a c program. Thanks Tushar Created attachment 1062682 [details] core of ksh Faced the same issue with the experimental package at http://people.redhat.com/pandrade/ksh-20120801-28.el6.1.sfdc01482714/x86_64/ [root@l111054 CVMVolDg]# ksh --version version sh (AT&T Research) 93u+ 2012-08-01 [root@l111054 CVMVolDg]# rpm -qa |grep ksh ksh-20120801-28.el6.x86_64 [root@l111054 CVMVolDg]# ls -al core.9976 -rw------- 1 root root 983040 Jul 21 19:50 core.9976 (In reply to Saket Pusalkar from comment #35) > Created attachment 1062682 [details] > core of ksh > > Faced the same issue with the experimental package at > > http://people.redhat.com/pandrade/ksh-20120801-28.el6.1.sfdc01482714/x86_64/ > > [root@l111054 CVMVolDg]# ksh --version > version sh (AT&T Research) 93u+ 2012-08-01 > [root@l111054 CVMVolDg]# rpm -qa |grep ksh > ksh-20120801-28.el6.x86_64 It should be: $ rpm -q ksh ksh-20120801-28.el6.1.sfdc01482714.x86_64 > [root@l111054 CVMVolDg]# ls -al core.9976 > -rw------- 1 root root 983040 Jul 21 19:50 core.9976 The core is from the package without the correction. UPDATE: If you are testing any of the packages at people.redhat.com/pandrade, please switch to testing the ones, for the proper architecture under http://people.redhat.com/pandrade/bz1247383/ We were told about a variant test where the original problem at https://bugzilla.redhat.com/show_bug.cgi?id=1117404 could still be triggered on nested ksh shell functions. The problem basically is that ksh has a vector of information about traps, and when running a subshell, or a shell function, it would save the contents of this vector, and once finished, would restore the vector of pointers. The problem is that the contents of the vector of pointers could be changed during the subshell of function, and when restoring, it could have dangling pointers, pointing to released memory. (In reply to Paulo Andrade from comment #42) > UPDATE: > > If you are testing any of the packages at people.redhat.com/pandrade, > please switch to testing the ones, for the proper architecture under > http://people.redhat.com/pandrade/bz1247383/ > > We were told about a variant test where the original problem at > https://bugzilla.redhat.com/show_bug.cgi?id=1117404 could still > be triggered on nested ksh shell functions. The problem basically > is that ksh has a vector of information about traps, and when > running a subshell, or a shell function, it would save the > contents of this vector, and once finished, would restore the > vector of pointers. > The problem is that the contents of the vector of pointers could > be changed during the subshell of function, and when restoring, > it could have dangling pointers, pointing to released memory. We can confirm that we cannot reproduce the issue with the new ksh (version ksh-20120801-28.el6.1.sfdc01482714.x86_64). Please let us know which new update will incorporate this fix. *** Bug 1217682 has been marked as a duplicate of this bug. *** Created attachment 1062980 [details]
core generate by ksh script
Created attachment 1062981 [details]
files for reproducing bug under staf/stax
*** Bug 1247268 has been marked as a duplicate of this bug. *** *** Bug 1261314 has been marked as a duplicate of this bug. *** Tested with the package suggested in Comment 42: https://people.redhat.com/pandrade/bz1247383/x86_64/ksh-20120801-30.el6.bz1247383.x86_64 and the problem described in Bug 1261314 no longer appears. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://rhn.redhat.com/errata/RHBA-2016-0932.html |