Path: csiph.com!goblin1!goblin.stu.neva.ru!usenet.stanford.edu!not-for-mail
From: fireshen <shenyining@huawei.com>
Newsgroups: gnu.bash.bug
Subject: memleak in execute_function?
Date: Wed, 31 Jul 2019 08:26:52 -0700 (MST)
Lines: 44
Approved: bug-bash@gnu.org
Message-ID: <mailman.354.1564586779.1985.bug-bash@gnu.org>
References: <1564586812344-0.post@n7.nabble.com>
NNTP-Posting-Host: lists.gnu.org
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
X-Trace: usenet.stanford.edu 1564586780 22355 209.51.188.17 (31 Jul 2019 15:26:20 GMT)
X-Complaints-To: action@cs.stanford.edu
To: Bug-bash@gnu.org
Envelope-to: Bug-bash@gnu.org
X-detected-operating-system: by eggs.gnu.org: Mac OS X  [generic]
X-Received-From: 162.253.133.57
X-BeenThere: bug-bash@gnu.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: Bug reports for the GNU Bourne Again SHell <bug-bash.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/bug-bash>, <mailto:bug-bash-request@gnu.org?subject=unsubscribe>
List-Archive: <https://lists.gnu.org/archive/html/bug-bash>
List-Post: <mailto:bug-bash@gnu.org>
List-Help: <mailto:bug-bash-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/bug-bash>, <mailto:bug-bash-request@gnu.org?subject=subscribe>
X-Mailman-Original-Message-ID: <1564586812344-0.post@n7.nabble.com>
Xref: csiph.com gnu.bash.bug:15283

Hey all, 

I suspect there is a memleak in bash.

I use the bash 4.4.23 (fedora Linux) with ASAN. Then I run some testcases
and find a memleak.

<http://gnu-bash.2382.n7.nabble.com/file/t3069/gs.png> 

I think we need to free this "gs" in execute_cmd.c

*gs* = sh_getopt_save_istate ();
  if (subshell == 0)
    {
      begin_unwind_frame ("function_calling");
      push_context (var->name, subshell, temporary_env);
      /* This has to be before the pop_context(), because the unwinding of
	 local variables may cause the restore of a local declaration of
	 OPTIND to force a getopts state reset. */
      add_unwind_protect (maybe_restore_getopt_state, *gs*);
      add_unwind_protect (pop_context, (char *)NULL);
      unwind_protect_int (line_number);
      unwind_protect_int (line_number_for_err_trap);
      unwind_protect_int (function_line_number);
      unwind_protect_int (return_catch_flag);
      unwind_protect_jmp_buf (return_catch);
      add_unwind_protect (dispose_command, (char *)tc);
      unwind_protect_pointer (this_shell_function);
      unwind_protect_int (funcnest);
      unwind_protect_int (loop_level);
    }
  else
    push_context (var->name, subshell, temporary_env);	/* don't
unwind-protect for subshells */

Is this a bug? Just analyze the code.





--
Sent from: http://gnu-bash.2382.n7.nabble.com/