[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Various small leaks
|
From: |
Grisha Levit |
|
Subject: |
Re: Various small leaks |
|
Date: |
Wed, 21 Jun 2023 23:07:54 -0400 |
On Wed, Jun 21, 2023 at 3:09 PM Chet Ramey <chet.ramey@case.edu> wrote:
> Have you considered running `make tests' on a bash binary built with this
> configuration? I'd be interested in those results.
I have, but unfortunately this generates quite a few reports that are
a little tricky to chase down. The main difficulty is that lsan looks
for unreachable blocks (only) when the process exits so we only know
that there's a leak somewhere in e.g. the alias tests or the arith
tests but not at which line. There's also a lot of duplication
because once a leak has occurred, lsan will end up generating the same
report for every subsequently invoked subshell. The latter fact makes
it easy to see leaks in an interactive shell though, by putting '$(:)'
in PS1 for example.
Anyway, most of the leaks reported from running the test suite seem to
stem from longjmp's due to expansion/arithmetic/syntax errors, like:
$ ./bash -c 'let x='
bash: line 1: let: x=: arithmetic syntax error: operand expected
(error token is "=")
Direct leak of 2 byte(s) in 1 object(s) allocated from:
#1 0xaaaadf1604ac in xmalloc xmalloc.c:107:10
#2 0xaaaadf0ebb64 in expassign expr.c:528:13
#3 0xaaaadf0eacd8 in expcomma expr.c:487:11
#4 0xaaaadf0e9d3c in subexpr expr.c:468:9
#5 0xaaaadf0e9a2c in evalexp expr.c:434:9
#6 0xaaaadf174dac in let_builtin builtins/let.def:102:13
$ ./bash -c 'eval ": a=()"'
bash: eval: line 1: syntax error near unexpected token `('
bash: eval: line 1: `: a=()'
Direct leak of 32 byte(s) in 1 object(s) allocated from:
#1 0xaaaae69604ac in xmalloc xmalloc.c:107:10
#2 0xaaaae68c464c in make_bare_simple_command make_cmd.c:457:24
#3 0xaaaae68c46f0 in make_simple_command make_cmd.c:482:17
#4 0xaaaae68ac320 in yyparse parse.y:813:45
#5 0xaaaae68aaea8 in parse_command eval.c:354:7
#6 0xaaaae696c3a4 in parse_and_execute builtins/evalstring.c:440:11
#7 0xaaaae696d4a0 in evalstring builtins/evalstring.c:831:9
#8 0xaaaae696a638 in eval_builtin builtins/eval.def:55:18
Though here's one that's not error-related:
$ ./bash -O globstar -c 'echo **/foo*'
**/foo*
Direct leak of 8 byte(s) in 1 object(s) allocated from:
#1 0xaaaac3320ca8 in glob_vector lib/glob/glob.c:958:31
#2 0xaaaac3321ff8 in glob_filename lib/glob/glob.c:1328:21
#3 0xaaaac32c0038 in shell_glob_filename pathexp.c:416:13
#4 0xaaaac32b5448 in glob_expand_word_list subst.c:12422:17
#5 0xaaaac32a0ac0 in expand_word_list_internal subst.c:13081:13
#6 0xaaaac32a0914 in expand_words subst.c:12374:11
#7 0xaaaac325dc60 in execute_simple_command execute_cmd.c:4501:15
There's quite a few others but they mostly seem harmless, things like
the case command not being freed in `case x in *) exit;; esac'.