David Korn
2013-07-17 15:55:34 UTC
cc: vijaikumar.mallikarjuna at oracle.com
Subject: Re: problem in ksh93
--------
David Korn
dgk at research.att.com
Subject: Re: problem in ksh93
--------
Hello,
I found a problem in ksh93 where over-shifting in a function puts the
interpreter into an indeterminate state.
Adding *any* redirection to a function call seems to suppress the
bailout and leads to undefined behavior.
*Here is the test-case:**
*<snip>
#!/usr/bin/ksh
some_func() {
shift 10
}
for i in a b c d e f; do
echo "read $i"
[ "$i" != "c" ] && continue
some_func 2>&1
echo "$i = c"
done
</snip>
*Output on ksh88 (Correct):**
*read a
read b
read c
test.ksh: shift: bad number
*Output on ksh93 (Undefined behavior):**
*read a
read b
read c
test.ksh[4]: shift: 10: bad number
c = c
read d
test.ksh[4]: shift: 10: bad number
d = c
read e
test.ksh[4]: shift: 10: bad number
e = c
read f
test.ksh[4]: shift: 10: bad number
f = c
*Output on ksh93 (Undefined behavior):**
*Redirecting STDERR to /dev/null to show the program flow more clearly.
read a
read b
read c
c = c
read d
d = c
read e
e = c
read f
f = c
*Here is the fix:**
*--- a/src/cmd/ksh93/sh/xec.c Tue Jul 16 12:43:53 2013
+++ b/src/cmd/ksh93/sh/xec.c Tue Jul 16 12:44:07 2013
@@ -1572,7 +1572,7 @@
unset_instance(nq,&node,&nr,mode);
sh_funstaks(slp->slchild,-1);
stkclose(slp->slptr);
- if(jmpval > SH_JMPFUN)
+ if(jmpval > SH_JMPFUN || (io &&
jmpval > SH_JMPIO) )
siglongjmp(*shp->jmplist,jmpval);
goto setexit;
}
I am also attaching the patch file with this email. Please let me know
on the fix.
Thanks,
Vijay
Good catch. The patch is looks correct.I found a problem in ksh93 where over-shifting in a function puts the
interpreter into an indeterminate state.
Adding *any* redirection to a function call seems to suppress the
bailout and leads to undefined behavior.
*Here is the test-case:**
*<snip>
#!/usr/bin/ksh
some_func() {
shift 10
}
for i in a b c d e f; do
echo "read $i"
[ "$i" != "c" ] && continue
some_func 2>&1
echo "$i = c"
done
</snip>
*Output on ksh88 (Correct):**
*read a
read b
read c
test.ksh: shift: bad number
*Output on ksh93 (Undefined behavior):**
*read a
read b
read c
test.ksh[4]: shift: 10: bad number
c = c
read d
test.ksh[4]: shift: 10: bad number
d = c
read e
test.ksh[4]: shift: 10: bad number
e = c
read f
test.ksh[4]: shift: 10: bad number
f = c
*Output on ksh93 (Undefined behavior):**
*Redirecting STDERR to /dev/null to show the program flow more clearly.
read a
read b
read c
c = c
read d
d = c
read e
e = c
read f
f = c
*Here is the fix:**
*--- a/src/cmd/ksh93/sh/xec.c Tue Jul 16 12:43:53 2013
+++ b/src/cmd/ksh93/sh/xec.c Tue Jul 16 12:44:07 2013
@@ -1572,7 +1572,7 @@
unset_instance(nq,&node,&nr,mode);
sh_funstaks(slp->slchild,-1);
stkclose(slp->slptr);
- if(jmpval > SH_JMPFUN)
+ if(jmpval > SH_JMPFUN || (io &&
jmpval > SH_JMPIO) )
siglongjmp(*shp->jmplist,jmpval);
goto setexit;
}
I am also attaching the patch file with this email. Please let me know
on the fix.
Thanks,
Vijay
David Korn
dgk at research.att.com