Package: zsh Version: 5.4.2-2 zsh crashes when checking syntax of the attached file:
$ zsh -n nullptr.sh Segmentation fault GDB says that it's a null pointer dereference: Program received signal SIGSEGV, Segmentation fault. 0x565e1443 in paramsubst (ret_flags=<optimized out>, pf_flags=<optimized out>, qt=<optimized out>, str=0xffffbb74, n=<optimized out>, l=<optimized out>) at ../../Src/subst.c:3223 3223 if (*check_offset2 && *check_offset2 != ':') { (gdb) print check_offset2 $2 = 0x0 (gdb) bt #0 0x565e1443 in paramsubst (ret_flags=<optimized out>, pf_flags=<optimized out>, qt=<optimized out>, str=0xffffbb74, n=<optimized out>, l=<optimized out>) at ../../Src/subst.c:3223 #1 stringsubst (list=list@entry=0xffffbd70, node=<optimized out>, pf_flags=<optimized out>, pf_flags@entry=0, ret_flags=<optimized out>, asssub=<optimized out>) at ../../Src/subst.c:247 #2 0x565e1649 in prefork (list=0xffffbd70, flags=0, ret_flags=0xffffbcb4) at ../../Src/subst.c:85 #3 0x5657aaea in execcmd_getargs (preargs=preargs@entry=0xf7fcd4b0, args=args@entry=0xf7fcd488, expand=<optimized out>) at ../../Src/exec.c:2676 #4 0x5657f00a in execcmd_exec (state=state@entry=0xffffd430, eparams=eparams@entry=0xffffd05c, input=input@entry=0, output=0, how=<optimized out>, last1=2) at ../../Src/exec.c:2782 #5 0x565826ca in execpline2 (state=state@entry=0xffffd430, pcode=<optimized out>, how=how@entry=18, input=0, output=0, last1=0) at ../../Src/exec.c:1887 #6 0x56582ac0 in execpline (state=state@entry=0xffffd430, slcode=<optimized out>, how=how@entry=18, last1=0) at ../../Src/exec.c:1616 #7 0x565840c1 in execlist (state=0xffffd430, dont_change_job=0, exiting=0) at ../../Src/exec.c:1371 #8 0x565846e2 in execode (p=0xf7fcd438, dont_change_job=0, exiting=0, context=0x565f55c1 "toplevel") at ../../Src/exec.c:1152 #9 0x5659a45b in loop (toplevel=1, justonce=0) at ../../Src/init.c:208 #10 0x5659d9d2 in zsh_main (argc=3, argv=0xffffd754) at ../../Src/init.c:1692 #11 0x56564ac7 in main (argc=3, argv=0xffffd754) at ../../Src/main.c:93 -- System Information: Architecture: i386 Versions of packages zsh depends on: ii zsh-common 5.4.2-2 ii libc6 2.25-1 ii libcap2 1:2.25-1.1 ii libtinfo5 6.0+20170902-1 Versions of packages zsh recommends: ii libncursesw5 6.0+20170902-1 ii libpcre3 2:8.39-5 -- Jakub Wilk
nullptr.sh
Description: Bourne shell script