Re: [BUG] Bash segfaults on an infinitely recursive funcion (resend)
Hi all, On Mon, 25 Sep 2017 13:38:01 -0500 Eric Blake wrote: > On 09/24/2017 12:53 PM, Shlomi Fish wrote: > > > > > I see. Well, the general wisdom is that a program should not ever segfault, > > but instead gracefully handle the error and exit. > > This is possible by installing a SIGSEGV handler that is able to > gracefully exit the program when stack overflow is detected (although > such a handler is EXTREMELY limited in what it is able to safely do); in > fact, the GNU libsigsegv library helps in this task, and is used by some > other applications (such as GNU m4 and GNU awk) that also can cause > infinite recursion on poor user input. However, Chet is not obligated to > use it (even though the idea has been mentioned on the list before). > > > Perhaps implement a maximal > > recursion depth like zsh does. > > Bash does, in the form of FUNCNEST, but you have to opt into it, as > otherwise it would be an arbitrary limit, and arbitrary limits go > against the GNU coding standards. > thanks for all the replies! All I can suggest is that FUNCNEST will have a reasonable, but overridable and voidable default by default. Not sure if this is an acceptable solution. Regards, Shlomi Fish > By the way, it is in general IMPOSSIBLE to write bash so that it can > handle ALL possible bad user scripts and still remain responsive to > further input. Note that in my description of handling SIGSEGV above > that I mention that it is only safe to gracefully turn what would > otherwise be the default core dump into a useful error message - but > bash STILL has to exit at that point, because you cannot guarantee what > other resources (including malloc locks) might still be on the stack, > where a longjmp back out to the main parsing loop may cause future > deadlock if you do anything unsafe. If you think you can make bash > gracefully handle ALL possible bad inputs WITHOUT exiting or going into > an infloop itself, then you are claiming that you have solved the > Halting Problem, which any good computer scientist already knows has > been proven to be undecidable. > -- - Shlomi Fish http://www.shlomifish.org/ http://www.shlomifish.org/humour/bits/New-versions-of-the-GPL/ “If it’s not bloat, it’s not us.”, said Richard Stallman, the colourful head of the GNU project, and started to sing the Free Software song. — “The GNU Project Will Integrate GNU Guile into GNU coreutils” Please reply to list if it's a mailing list post - http://shlom.in/reply .
Re: [BUG] Bash segfaults on an infinitely recursive funcion (resend)
Hi all, On Sun, 24 Sep 2017 19:24:10 +0300 Pierre Gaston wrote: > On Sun, Sep 24, 2017 at 5:01 PM, Shlomi Fish wrote: > > > Hi all, > > > > With bash git master on Mageia v7 x86-64, bash on Debian Stable and other > > reported sytems: > > > > shlomif@telaviv1:~$ /home/shlomif/apps/bash/bin/bash -c 'run() { run; } ; > > run' > > Segmentation fault (core dumped) > > shlomif@telaviv1:~$ > > > > This, or some, variant has been reported multiple times. > Like in most programming languages, you can easily write programs that > behave badly, > in this case you are exhausting the stack has there is no tail call > optimization. > I see. Well, the general wisdom is that a program should not ever segfault, but instead gracefully handle the error and exit. Perhaps implement a maximal recursion depth like zsh does. Also see the first item at https://www.joelonsoftware.com/2007/02/19/seven-steps-to-remarkable-customer-service/ about permanently fixing reported problems at their core instead of dealing with user reports and requests time and again. Regards, Shlomi > see for instance > https://lists.gnu.org/archive/html/bug-bash/2012-09/msg00073.html > and the following discussion > https://lists.gnu.org/archive/html/bug-bash/2012-10/threads.html#5 -- - Shlomi Fish http://www.shlomifish.org/ https://youtu.be/GoEn1YfYTBM - Tiffany Alvord - “Fall Together” Chuck Norris does not keep any numbers on his mobile phone’s address book. Instead, he memorised the entire phone directory. — http://www.shlomifish.org/humour/bits/facts/Chuck-Norris/ Please reply to list if it's a mailing list post - http://shlom.in/reply .
[BUG] Bash segfaults on an infinitely recursive funcion (resend)
Hi all, With bash git master on Mageia v7 x86-64, bash on Debian Stable and other reported sytems: shlomif@telaviv1:~$ /home/shlomif/apps/bash/bin/bash -c 'run() { run; } ; run' Segmentation fault (core dumped) shlomif@telaviv1:~$ note that this is not a fork bomb as no processes are spawned, and it is also not an out-of-memory problem. I expect bash to fail on this, but it ought not to segfault. also: shlomif@telaviv1:~$ dash -c 'run() { run; } ; run' Segmentation fault (core dumped) shlomif@telaviv1:~$ zsh -c 'run() { run; } ; run' run: maximum nested function level reached I hereby put the reproducing code under the https://creativecommons.org/choose/zero/ . Credit is due to rosa, ongy, anEpiov and other people of freenode's ##programming channel for inspiring this bug report and helping to diagnose it. Regards, Shlomi
[BUG] Bash segfaults on an infinitely recursive funcion
Hi all, With bash git master on Mageia v7 x86-64, bash on Debian Stable and other reported sytems: shlomif@telaviv1:~$ /home/shlomif/apps/bash/bin/bash -c 'run() { run; } ; run' Segmentation fault (core dumped) shlomif@telaviv1:~$ note that this is not a fork bomb as no processes are spawned, and it is also not an out-of-memory problem. I expect bash to fail on this, but it ought not to segfault. also: shlomif@telaviv1:~$ dash -c 'run() { run; } ; run' Segmentation fault (core dumped) shlomif@telaviv1:~$ zsh -c 'run() { run; } ; run' run: maximum nested function level reached I hereby put the reproducing code under the https://creativecommons.org/choose/zero/ . Credit is due to rosa, ongy, anEpiov and other people of freenode's ##programming channel for inspiring this bug report and helping to diagnose it. Regards, Shlomi m -- --------- Shlomi Fish http://www.shlomifish.org/ Free (Creative Commons) Music Downloads, Reviews and more - http://jamendo.com/ For every A, Chuck Norris is both A and not-A. Chuck Norris is freaking everything. — http://www.shlomifish.org/humour/bits/facts/Chuck-Norris/