Description of problem: ksh crashes Version-Release number of selected component (if applicable): ksh-20100202-1.el5 How reproducible: always Steps to Reproduce: n/a Actual results: crash Expected results: should not crash Additional info: When using ksh-20060214-1.7 the scripts worked OK, but after upgrading to ksh-20100202-1.el5 the scripts started to segfault. This happens in a vm and a physical one. Customer cannot provide the reproducer.
Created attachment 441918 [details] first reproducer I have first reproducer. It reproduces fine against 2010-02-02, but does not reproduce against 2010-06-21, so a)reproducer is not trying hard enough b)there are two bugs. I believe this is situation a). Bug is partially position (in memory) dependant, because some fillers like function fun0001 { return 0; } are needed, despite they are never called. Without them it does not reproduce this problem. (Some of them can be removed from this version of reproducer, but not majority of them.) I'll try to prepare better reproducer now
Created attachment 443266 [details] new reproducer new reproducer, crashes also with ksh 2010-06-21
Created attachment 446041 [details] patch to fix this
Technical note added. If any revisions are required, please edit the "Technical Notes" field accordingly. All revisions will be proofread by the Engineering Content Services team. New Contents: Assigning a value to an array variable during the execution of the "typeset" command could cause ksh to terminate unexpectedly with a segmentation fault. This update corrects the array handling in this command and ksh no longer crashes.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHBA-2012-0159.html