Tested this against master at commit 3e3e7af1:
$ src/dash -c 'f(){ f;};f'
segfault
Of course this is a pathological command string, but it looks like a clear case
of stack overflow:
Program received signal SIGSEGV, Segmentation fault.
0x0000000000407762 in argstr (p=0x4204b0 "f", flag=flag@entry=3) at
expand.c:249
249 int breakall = (flag & (EXP_WORD | EXP_QUOTED)) == EXP_WORD;
(gdb) info proc mappings
...
0x7ffff7ffe000 0x7ffff7fff000 0x1000 0x0
0x7fffff7ff000 0x7ffffffff000 0x800000 0x0 [stack]
(gdb) p/x $rsp
$1 = 0x7fffff7fef50
(gdb) x/i $rip
=> 0x407762 <argstr+34>: sete 0x7(%rsp)
Is this a bug or have I just stumbled into a known "feature"?
signature.asc
Description: PGP signature
