From owner-freebsd-bugs@FreeBSD.ORG Tue May 4 02:10:26 2004 Return-Path: Delivered-To: freebsd-bugs@hub.freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7CE8416A4D0 for ; Tue, 4 May 2004 02:10:26 -0700 (PDT) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 1F7A243D39 for ; Tue, 4 May 2004 02:10:25 -0700 (PDT) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) i449APOm037020 for ; Tue, 4 May 2004 02:10:25 -0700 (PDT) (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.12.11/8.12.11/Submit) id i449AP69037019; Tue, 4 May 2004 02:10:25 -0700 (PDT) (envelope-from gnats) Resent-Date: Tue, 4 May 2004 02:10:25 -0700 (PDT) Resent-Message-Id: <200405040910.i449AP69037019@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-bugs@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, Dmitry Sivachenko Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E9B0816A4CE for ; Tue, 4 May 2004 02:03:44 -0700 (PDT) Received: from mitya.mitya.static.dol.ru (mitya.mitya.static.dol.ru [194.87.5.172]) by mx1.FreeBSD.org (Postfix) with ESMTP id 4A86E43D1F for ; Tue, 4 May 2004 02:03:42 -0700 (PDT) (envelope-from mitya@mitya.mitya.static.dol.ru) Received: from mitya.mitya.static.dol.ru (localhost [127.0.0.1]) i448RvpW000698 for ; Tue, 4 May 2004 12:27:58 +0400 (MSD) (envelope-from mitya@mitya.mitya.static.dol.ru) Received: (from mitya@localhost)i448Rvum000697; Tue, 4 May 2004 12:27:57 +0400 (MSD) (envelope-from mitya) Message-Id: <200405040827.i448Rvum000697@mitya.mitya.static.dol.ru> Date: Tue, 4 May 2004 12:27:57 +0400 (MSD) From: Dmitry Sivachenko To: FreeBSD-gnats-submit@FreeBSD.org X-Send-Pr-Version: 3.113 Subject: bin/66242: endless loop in sh(1) X-BeenThere: freebsd-bugs@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: Dmitry Sivachenko List-Id: Bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 04 May 2004 09:10:26 -0000 >Number: 66242 >Category: bin >Synopsis: endless loop in sh(1) >Confidential: no >Severity: serious >Priority: medium >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Tue May 04 02:10:25 PDT 2004 >Closed-Date: >Last-Modified: >Originator: Dmitry Sivachenko >Release: FreeBSD 5.2-CURRENT i386 >Organization: >Environment: System: FreeBSD mitya.mitya.static.dol.ru 5.2-CURRENT FreeBSD 5.2-CURRENT #1: Sun Apr 18 17:57:01 MSD 2004 mitya@mitya.mitya.static.dol.ru:/usr/obj/usr/src/sys/CAVIA i386 The following sh(1) behaviour can be observed on both -CURRENT and -STABLE. >Description: Consider the following script: #!/bin/sh -T trap 'echo TRAP!; ps; exit 1' HUP; echo 'Started...' read a Run it and send HUP signal to sh(1) while it is waiting for 'read' command. You reach trap handler, ps(1) output appears but the script does NOT exit and sh(1) process starts to eat 100% of CPU. Here is truss output: wait4(0xffffffff,0xbfbfe9d8,0x2,0x0) ERR#10 'No child processes' wait4(0xffffffff,0xbfbfe9d8,0x2,0x0) ERR#10 'No child processes' wait4(0xffffffff,0xbfbfe9d8,0x2,0x0) ERR#10 'No child processes' wait4(0xffffffff,0xbfbfe9d8,0x2,0x0) ERR#10 'No child processes' wait4(0xffffffff,0xbfbfe9d8,0x2,0x0) ERR#10 'No child processes' wait4(0xffffffff,0xbfbfe9d8,0x2,0x0) ERR#10 'No child processes' ...... Here is backtrace: (gdb) bt #0 0x80763fc in wait4 () #1 0x8075941 in wait3 () #2 0x8051f8a in waitproc (block=1, status=0xbfbffa0c) at /mnt/backup/releng_4/src/bin/sh/jobs.c:1025 #3 0x8051cbd in dowait (block=1, job=0x80c6000) at /mnt/backup/releng_4/src/bin/sh/jobs.c:926 #4 0x8051b8a in waitforjob (jp=0x80c6000, origstatus=0xbfbffa88) at /mnt/backup/releng_4/src/bin/sh/jobs.c:870 #5 0x804be33 in evalcommand (cmd=0x80b6d6c, flags=0, backcmd=0x0) at /mnt/backup/releng_4/src/bin/sh/eval.c:904 #6 0x804acc0 in evaltree (n=0x80b6d6c, flags=0) at /mnt/backup/releng_4/src/bin/sh/eval.c:281 #7 0x804aafa in evaltree (n=0x80b6e04, flags=0) at /mnt/backup/releng_4/src/bin/sh/eval.c:199 #8 0x804aafa in evaltree (n=0x80b6e38, flags=0) at /mnt/backup/releng_4/src/bin/sh/eval.c:199 #9 0x804aa73 in evalstring ( s=0x80c5100 "rm -f /tmp/st28742.box221.zecke.demos.su; _clean SIGHUP /dev/tt yph.28742.zecke.demos.su 28742; exit") at /mnt/backup/releng_4/src/bin/sh/eval.c:171 #10 0x80598da in dotrap () at /mnt/backup/releng_4/src/bin/sh/trap.c:401 #11 0x804acf6 in evaltree (n=0x80b6d00, flags=0) at /mnt/backup/releng_4/src/bin/sh/eval.c:290 #12 0x80528f4 in cmdloop (top=1) at /mnt/backup/releng_4/src/bin/sh/main.c:250 The waitproc() at jobs.c:926 returns -1 and sets errno to ECHILD (because the child does not exist at that time). Since (pid <= 0) condition is true at jobs.c:935, -1 is returned and we are entering dotrap() at jobs.c:870. dotrap() never alters 'state' field of struct job. >How-To-Repeat: See above. >Fix: >Release-Note: >Audit-Trail: >Unformatted: