Aloxaf / fzf-tab

Replace zsh's default completion selection menu with fzf!
MIT License
3.35k stars 97 forks source link

[BUG] zsh crashes when completing `ffmpeg -i` with p10k as the theme #176

Open Aloxaf opened 3 years ago

Aloxaf commented 3 years ago

Describe the bug

zsh crashes when completing ffmpeg -i with p10k as the theme

The code that causes the bug: https://github.com/Aloxaf/fzf-tab/blob/78b4cefb27dc2bef5e4c9ac3bf2bd28413620fcd/fzf-tab.zsh#L102

https://github.com/romkatv/powerlevel10k/blob/7b0698debf56c80f4e805164537c6401cb88ab2e/internal/p10k.zsh#L3208-L3211

https://github.com/zsh-users/zsh/blob/ce0660b7ba283e3208db28a8763796816a587259/Completion/Unix/Command/_ffmpeg#L109

https://github.com/zsh-users/zsh/blob/ce0660b7ba283e3208db28a8763796816a587259/Completion/Base/Utility/_call_program#L32

xfzv commented 3 years ago

I finally came across this after experimenting with my .zshrc to find out what was the culprit.

  • Set POWERLEVEL9K_PROMPT_CHAR_OVERWRITE_STATE=false can fix this bug

This one doesn't make any difference for me, zsh still crashes.

  • Remove COLUMNS=500 can fix this bug
  • Replace eval $clocale withexec can fix this bug

Any of these work.

lljbash commented 2 years ago

I recently came across the problem of garbage printout with p10k like https://github.com/romkatv/powerlevel10k/issues/1251. Removing COLUMNS=500 fixed this for me. I wonder if there would be any side effects?

beyond9thousand commented 2 years ago

Wouldn't removing that line manually cause problem with updates? Is there a better way to handle this issue perhaps?

xfzv commented 10 months ago

As a workaround, I use <CTRL-T> keybinding from fzf instead of <TAB>.

cwrau commented 10 months ago

This happens for me for kinda every completion, even just $HOME> vi .conf<TAB>

I recently came across the problem of garbage printout with p10k like romkatv/powerlevel10k#1251. Removing COLUMNS=500 fixed this for me. I wonder if there would be any side effects?

Removing COLUMNS=500 also fixed this problem for me

Aloxaf commented 8 months ago

seems to be fixed in zsh 5.9

cwrau commented 8 months ago

seems to be fixed in zsh 5.9

Still crashes for me, and removing COLUMNS=500 also still fixes it

xfzv commented 8 months ago

seems to be fixed in zsh 5.9

Still crashes for me, and removing COLUMNS=500 also still fixes it

Same here, still crashes with 5.9 and this workaround is still valid.

% zsh --version
zsh 5.9 (x86_64-pc-linux-gnu)
memchr commented 5 months ago

I have debugged some core dumps generated by this segfault and observed the following behaviour

the segfault is always triggered by this line

    next = PATNEXT(scan);

This code is from patmatch(), a pattern matching routing.

PATNEXT is a marco. It is equivalent to:

        rn_offs = (scan->l >> 8);
        if (rn_offs) {
            if ((scan->l & 0xff) == 0x03) {
                next = scan - rn_offs;
            } else {
                next = scan + rn_offs;
            }
        } else {
            next = (void *)0;
        }

Segfault occurs at rn_offs = (scan->l >> 8) Debugger reports that memory cannot be read from the address specified in scan. I'm not familiar with the zsh codebase, so I can't say what's going on there.

The above routing pattern-matched the output of ffmpeg --help.

And it seems that the pattern matching was done on the output of ffmpeg --help, if you look at the parameters of this callstack.

#0  0x0000614ca26050ab in patmatch (prog=prog@entry=0xc2975b1202e3) at /Src/pattern.c:2723
#1  0x0000614ca26072c3 in pattryrefs (prog=<optimized out>, string=<optimized out>, stringlen=<optimized out>, unmetalenin=<optimized out>, patstralloc=<optimized out>, patoffset=1, nump=0x0, begp=0x0, endp=0x0)
    at /Src/pattern.c:2495
#2  0x0000614ca25b5e8d in pattrylen (offset=1, patstralloc=<optimized out>, unmetalen=0, len=47, string=0x73b79b3f5c19 "ac channels        set number of audio channels", prog=0x614ca32a3d50)
    at /Src/pattern.c:2238
#3  igetmatch (sp=0x7ffed37d52e0, p=<optimized out>, fl=19, n=<optimized out>, replstr=<optimized out>, repllistp=<optimized out>) at /Src/glob.c:2974
#4  0x0000614ca261dbaf in getmatch (replstr=0x0, n=1, fl=19, pat=<optimized out>, sp=0x7ffed37d52e0) at /Src/glob.c:2700
#5  paramsubst (l=<optimized out>, n=<optimized out>, str=<optimized out>, qt=<optimized out>, pf_flags=<optimized out>, ret_flags=<optimized out>) at /Src/subst.c:3193
#6  0x0000614ca260f62b in stringsubst (list=list@entry=0x7ffed37d56f0, node=node@entry=0x7ffed37d56d0, pf_flags=pf_flags@entry=4, ret_flags=ret_flags@entry=0x7ffed37d56cc, asssub=asssub@entry=0)
    at /Src/subst.c:322
#7  0x0000614ca2610701 in prefork (list=0x7ffed37d56f0, flags=6, ret_flags=0x7ffed37d56cc) at /Src/subst.c:142
#8  0x0000614ca259e101 in addvars (state=0x7ffed37da560, pc=<optimized out>, addflags=addflags@entry=0) at /Src/exec.c:2488
#9  0x0000614ca259ea8d in execsimple (state=state@entry=0x7ffed37da560) at /Src/exec.c:1264

note: built from commit 9dcaf78

xfzv commented 1 month ago

No longer crashes here since https://github.com/Aloxaf/fzf-tab/commit/0b49f3e8a3fdb546636ff2157925d32e8936b415

Reverting https://github.com/Aloxaf/fzf-tab/commit/0b49f3e8a3fdb546636ff2157925d32e8936b415 reintroduces the issue for me.

cwrau commented 1 month ago

No longer crashes here since 0b49f3e

Reverting 0b49f3e reintroduces the issue for me.

For me this is still happening with commit cf57116 ( the one after 0b49f3e)

Only fix I know of is to remove COLUMNS=500

xfzv commented 1 month ago

Indeed, spoke too soon. Sometimes,

% ffmpeg -i<space> <TAB>

doesn't result in zsh crashing but it seems completely random. Even if it doesn't crash the first time, closing fzf-tab with <ESC> and pressing <TAB> again makes zsh also crash.