[Bug 1337826] [NEW] Bash crashes with a segmentation fault on "trap 'kill 0' SIGTERM EXIT"

Michael Wisheu wisheu at google.com
Fri Jul 4 11:59:54 UTC 2014 

Public bug reported:

Trusty's bash (4.3-7ubuntu1) crashes with a segmentation fault on the following trap statement:
trap 'kill 0' SIGTERM EXIT

Apport doesn't react to this crash and so I wasn't able to submit this
bug via Apport. :-/


$ dpkg-query --show --showformat '${Package}\t${Version}\t${Architecture}\n' bash
bash	4.3-7ubuntu1	amd64


$ cat test.sh 
#!/bin/bash
trap 'kill 0' SIGTERM EXIT


$ ./test.sh ; echo $?
Segmentation fault (core dumped)
139


$ gdb --args /bin/bash test.sh   (with nostrip and noopt bash build)
(gdb) bt
#0  0x00007ffff761e267 in kill () at ../sysdeps/unix/syscall-template.S:81
#1  0x000000000044fbf2 in kill_pid (pid=0, sig=15, group=0) at .././jobs.c:3158
#2  0x0000000000494a09 in kill_builtin (list=0x7388a8) at ../.././builtins/../.././builtins/kill.def:186
#3  0x000000000043c7c0 in execute_builtin (builtin=0x494601 <kill_builtin>, words=0x738908, flags=0, subshell=0) at .././execute_cmd.c:4337
#4  0x000000000043d3d0 in execute_builtin_or_function (words=0x738908, builtin=0x494601 <kill_builtin>, var=0x0, redirects=0x0, fds_to_close=0x738808, flags=0)
    at .././execute_cmd.c:4758
#5  0x000000000043c271 in execute_simple_command (simple_command=0x73a0c8, pipe_in=-1, pipe_out=-1, async=0, fds_to_close=0x738808) at .././execute_cmd.c:4161
#6  0x0000000000435fe1 in execute_command_internal (command=0x73a088, asynchronous=0, pipe_in=-1, pipe_out=-1, fds_to_close=0x738808) at .././execute_cmd.c:787
#7  0x0000000000490123 in parse_and_execute (string=0x737588 "kill 0", from_file=0x4e275f "exit trap", flags=21) at ../.././builtins/evalstring.c:367
#8  0x00000000004697ef in run_exit_trap () at .././trap.c:846
#9  0x000000000041ef9e in exit_shell (s=0) at .././shell.c:915
#10 0x000000000041eacf in main (argc=2, argv=0x7fffffffdef8, env=0x7fffffffdf10) at .././shell.c:756

** Affects: bash (Ubuntu)
     Importance: Undecided
         Status: New


** Tags: trusty

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to bash in Ubuntu.
https://bugs.launchpad.net/bugs/1337826

Title:
  Bash crashes with a segmentation fault on "trap 'kill 0' SIGTERM EXIT"

Status in “bash” package in Ubuntu:
  New

Bug description:
  Trusty's bash (4.3-7ubuntu1) crashes with a segmentation fault on the following trap statement:
  trap 'kill 0' SIGTERM EXIT

  Apport doesn't react to this crash and so I wasn't able to submit this
  bug via Apport. :-/


  $ dpkg-query --show --showformat '${Package}\t${Version}\t${Architecture}\n' bash
  bash	4.3-7ubuntu1	amd64

  
  $ cat test.sh 
  #!/bin/bash
  trap 'kill 0' SIGTERM EXIT

  
  $ ./test.sh ; echo $?
  Segmentation fault (core dumped)
  139

  
  $ gdb --args /bin/bash test.sh   (with nostrip and noopt bash build)
  (gdb) bt
  #0  0x00007ffff761e267 in kill () at ../sysdeps/unix/syscall-template.S:81
  #1  0x000000000044fbf2 in kill_pid (pid=0, sig=15, group=0) at .././jobs.c:3158
  #2  0x0000000000494a09 in kill_builtin (list=0x7388a8) at ../.././builtins/../.././builtins/kill.def:186
  #3  0x000000000043c7c0 in execute_builtin (builtin=0x494601 <kill_builtin>, words=0x738908, flags=0, subshell=0) at .././execute_cmd.c:4337
  #4  0x000000000043d3d0 in execute_builtin_or_function (words=0x738908, builtin=0x494601 <kill_builtin>, var=0x0, redirects=0x0, fds_to_close=0x738808, flags=0)
      at .././execute_cmd.c:4758
  #5  0x000000000043c271 in execute_simple_command (simple_command=0x73a0c8, pipe_in=-1, pipe_out=-1, async=0, fds_to_close=0x738808) at .././execute_cmd.c:4161
  #6  0x0000000000435fe1 in execute_command_internal (command=0x73a088, asynchronous=0, pipe_in=-1, pipe_out=-1, fds_to_close=0x738808) at .././execute_cmd.c:787
  #7  0x0000000000490123 in parse_and_execute (string=0x737588 "kill 0", from_file=0x4e275f "exit trap", flags=21) at ../.././builtins/evalstring.c:367
  #8  0x00000000004697ef in run_exit_trap () at .././trap.c:846
  #9  0x000000000041ef9e in exit_shell (s=0) at .././shell.c:915
  #10 0x000000000041eacf in main (argc=2, argv=0x7fffffffdef8, env=0x7fffffffdf10) at .././shell.c:756

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/bash/+bug/1337826/+subscriptions

More information about the foundations-bugs mailing list