Commit Graph

537 Commits

Author SHA1 Message Date
Jilles Tjoelker
e1ef314121 Fix some cases where file descriptors from redirections leak to programs.
- Redirecting fds that were not open before kept two copies of the
  redirected file.
    sh -c '{ :; } 7>/dev/null; fstat -p $$; true'
    (both fd 7 and 10 remained open)
- File descriptors used to restore things after redirection were not
  set close-on-exec, instead they were explicitly closed before executing
  a program normally and before executing a shell procedure. The latter
  must remain but the former is replaced by close-on-exec.
    sh -c 'exec 7</; { exec fstat -p $$; } 7>/dev/null; true'
    (fd 10 remained open)

The examples above are simpler than the testsuite because I do not want to
use fstat or procstat in the testsuite.
2009-11-29 22:33:59 +00:00
Jilles Tjoelker
9922c6d2d5 Fix various things about SIGINT handling:
* exception handlers are now run with interrupts disabled, which avoids
  many race conditions
* fix some cases where SIGINT only aborts one command and continues the
  script, in particular if a SIGINT causes an EINTR error which trumped the
  interrupt.

Example:
  sh -c 'echo < /some/fifo; echo This should not be printed'
The fifo should not have writers. When pressing ctrl+c to abort the open,
the shell used to continue with the next command.

Example:
  sh -c '/bin/echo < /some/fifo; echo This should not be printed'
Similar. Note, however, that this particular case did not and does not work
in interactive mode with job control enabled.
2009-11-22 18:23:30 +00:00
Jilles Tjoelker
eaa3489312 sh: Ensure the same command input file is on top after executing a builtin.
This avoids weirdness when 'fc -e vi' or the like is done and there is a
syntax error in the file. Formerly an interactive shell tried to execute
stuff after the syntax error and exited.

This should also avoid similar issues with 'command eval' and 'command .'
when 'command' is implemented properly as in NetBSD sh.

Special builtins did not have this problem since errors in them cause the
shell to exit or to reset various state such as the current command input
file.
2009-11-22 14:04:20 +00:00
Jilles Tjoelker
e3c2cd7237 trap: do not consider a bad signal name a fatal error.
POSIX explicitly prescribes this.
Continue processing any other signals and return status 1.
2009-11-21 20:44:34 +00:00
Stefan Farfeleder
1c645e0f5b Handle current work directories of arbitrary length. The argument to cd
continues to be limited by PATH_MAX (1024).

Obtained from:	NetBSD
PR:		104456
2009-11-21 14:53:22 +00:00
Jilles Tjoelker
c6204d4a81 sh: Some changes to stderr flushing:
* increase buffer size from 100 to 256 bytes
* remove implied flush from out2str(), in particular this avoids unnecessary
  flushing in the middle of a -x tracing line
* rename dprintf() to out2fmt_flush(), make it flush out2 and use this
  function in various places where flushing is desired after an error
  message
2009-11-21 14:28:32 +00:00
Jilles Tjoelker
7ab07e8ada sh: Allow a newline before "in" in a for command, as required by POSIX. 2009-11-14 22:08:32 +00:00
Jilles Tjoelker
3f228d7484 sh: Use sigaction instead of signal/siginterrupt combination. 2009-11-11 23:13:24 +00:00
Jilles Tjoelker
663c61a35b sh: Fix memory leak when using a variable in arithmetic like $((x)).
MFC after:	3 weeks
2009-11-05 20:44:39 +00:00
Jilles Tjoelker
64254a667a sh: Exempt $@ and $* from set -u
This seems more useful and will likely be in the next POSIX standard.

Also document more precisely in the man page what set -u does (note that
$@, $* and $! are the only special parameters that can ever be unset, all
the others are always set, although they may be empty).
2009-10-24 21:20:04 +00:00
Jilles Tjoelker
f6196ed2d4 sh: Show more information about syntax errors in command substitution:
the line number where the command substitution started.
This applies to both the $() and `` forms but is most useful for ``
because the other line number is relative to the enclosed text there.
(For older versions, -v can be used as a workaround.)
2009-10-16 16:17:57 +00:00
Jilles Tjoelker
b139165ca6 Clarify quoting of word in ${v=word} in sh(1). 2009-10-07 22:21:53 +00:00
Jilles Tjoelker
640b70e414 sh: Send the "xyz: not found" message to redirected fd 2.
This also fixes that trying to execute a non-regular file with a command
name without '/' returns 127 instead of 126.
The fix is rather simplistic: treat CMDUNKNOWN as if the command were found
as an external program. The resulting fork is a bit wasteful but executing
unknown commands should not be very frequent.

PR:		bin/137659
2009-10-06 22:00:14 +00:00
Jilles Tjoelker
47e5ae08a1 sh: Disallow mismatched quotes in backticks (...).
Due to the amount of code removed by this, it seems that allowing unmatched
quotes was a deliberate imitation of System V sh and real ksh. Most other
shells do not allow unmatched quotes (e.g. bash, zsh, pdksh, NetBSD /bin/sh,
dash).

PR:		bin/137657
2009-10-01 21:40:08 +00:00
Jilles Tjoelker
9764aa4157 Mention that NUL characters are not allowed in sh(1) input.
I do not consider this a bug because POSIX permits it and argument strings
and environment variables cannot contain '\0' anyway.

PR:		bin/25542
MFC after:	2 weeks
2009-09-20 21:42:38 +00:00
Jilles Tjoelker
e16947f83d sh: Fix crash with empty functions (f() { }) introduced in r196483
Empty pairs of braces are represented by a NULL node pointer, just like
empty lines at the top level.

Support for empty pairs of braces may be removed later. They make the code
more complex, have inconsistent behaviour (may or may not change $?), are
not specified by POSIX and are not allowed by some other shells like bash,
dash and ksh93.

Reported by:	kan
2009-08-28 22:41:25 +00:00
Jilles Tjoelker
eb33e843b8 sh: Fix crash when undefining or redefining a currently executing function.
Add a reference count to function definitions.
Memory may leak if multiple SIGINTs arrive in interactive mode,
this will be fixed later by changing SIGINT handling.

PR:		bin/137640
2009-08-23 21:09:46 +00:00
Jilles Tjoelker
f19a2f6c57 Fix some weirdnesses in the NetBSD IFS code,
in particular "$@"$ifschar if the final positional parameter is empty.
With the NetBSD code, adding the $ifschar removes a parameter.

PR:		standards/79067
Approved by:	ed (mentor) (implicit)
2009-06-25 17:14:06 +00:00
Jilles Tjoelker
18d56246e9 Improve IFS expansion using code from NetBSD.
We now pass the ifs.sh testsuite.

PR:		standards/79067
Approved by:	ed (mentor) (implicit)
Obtained from:	NetBSD
2009-06-25 17:10:51 +00:00
Jilles Tjoelker
30268dfa3f Designate special builtins as such in command -V and type.
Also document various properties of special builtins that we implement.

Approved by:	ed (mentor) (implicit)
2009-06-24 22:04:04 +00:00
Jilles Tjoelker
689f1cbba5 Quote -x tracing output so it is unambiguous.
It is usually but not always suitable for re-input to the shell.

Approved by:	ed (mentor) (implicit)
2009-06-23 22:53:34 +00:00
Jilles Tjoelker
4f6e4215a0 Do not fork for a subshell if it is the last thing this shell is doing
(EV_EXIT). The fork is still done as normal if any traps are active.

In many cases, the fork can be avoided even without this change by using {}
instead of (), but in practice many scripts use (), likely because the
syntax is simpler.

Example:
  sh -c '(/bin/sleep 10)& sleep 1;ps -p $! -o comm='
Now prints "sleep" instead of "sh". $! is more useful this way.
Most shells (dash, bash, pdksh, ksh93, zsh) seem to print "sleep" for this.

Example:
  sh -c '( ( ( (ps jT))))'
Now shows no waiting shell processes instead of four.
Most shells (dash, bash, pdksh, ksh93, zsh) seem to show zero or one.

PR:		bin/74404
Approved by:	ed (mentor) (implicit)
2009-06-23 21:50:06 +00:00
Konstantin Belousov
c9253e931d Usermode portion of the support for swap allocation accounting:
- update for getrlimit(2) manpage;
- support for setting RLIMIT_SWAP in login class;
- addition to the limits(1) and sh and csh limit-setting builtins;
- tuning(7) documentation on the sysctls controlling overcommit.

In collaboration with:	pho
Reviewed by:	alc
Approved by:	re (kensmith)
2009-06-23 20:57:27 +00:00
Jilles Tjoelker
224fbf9fd6 sh: Improve handling of setjmp/longjmp volatile:
- remove ineffective and unnecessary (void) &var; [1]
- remove some unnecessary volatile keywords
- add a necessary volatile keyword
- save the old handler before doing something that could use the saved
  value

Submitted by:	Christoph Mallon [1]
Approved by:	ed (mentor)
2009-06-23 20:45:12 +00:00
Jilles Tjoelker
deb090cba3 Fix race condition in noclobber option.
Formerly, it was possible for the file to be created between the check if it
existed and the open; the contents would then be lost.

Because this must use O_EXCL, noclobber > will not create a file through a
symlink anymore. This agrees with behaviour of other shells.

Approved by:	ed (mentor) (implicit)
2009-06-20 20:44:27 +00:00
Jilles Tjoelker
e68165a6bb Fix some issues with quoted output and shorten it in some cases.
Output quoted suitable for re-input to the shell occurs in
various cases such as 'set', 'trap'.

Bugfix: *, ? and [ must be quoted (except sole [)
Bugfix: ~ and # must be quoted (really only sometimes, but keep it simple)
Bugfix: space, tab and newline must always be quoted
Shortening: other IFS characters do not need quoting
Bugfix: send to correct output file, not hard-coded stdout
Shortening: avoid unnecessary '' with \'

Approved by:	ed (mentor)
2009-06-19 22:09:55 +00:00
Jilles Tjoelker
3055b7c6ff Properly flush input after an error in backquotes in interactive mode.
For parsing an old-style backquote substitution (`...`),
a string "file" is used to store the contents of the
substitution (with the special backslash processing done).
If an error occurs, the shell cleans up all these files
(returning to the top level) and flush the top level
file. Erroneously, it first flushed the current file and
then cleaned up all extra files, so that the top level
file (i.e. the terminal) was not flushed.

Example (in interactive mode):
  echo `for` echo This should not be printed

Also noticeable in (in interactive mode):
  echo `(`
The old version prints an extraneous prompt.

Approved by:	ed (mentor)
2009-06-17 21:58:32 +00:00
Jilles Tjoelker
960da93430 Avoid leaving unnecessary waiting shells in many forms of sh -c COMMAND.
This change only affects strings passed to -c, when the -s
option is not used.

The approach is to check if there may be additional data
in the string after parsing each command. If there is none,
use the EV_EXIT flag so that a fork may be omitted in
specific cases.

If there are empty lines after the command, the check will
not see the end and forks will not be omitted. The same
thing seems to happen in bash.

Example:
  sh -c 'ps lT'
No longer shows a shell process waiting for ps to finish.

PR:		bin/113860
Reviewed by:	stefanf
Approved by:	ed (mentor)
2009-06-13 21:17:45 +00:00
Jilles Tjoelker
6e28dacfda Don't skip forking for an external command if any traps are active.
Example:
  sh -c '(trap "echo trapped" EXIT; sleep 3)'
now correctly prints "trapped".

With this check, it is no longer necessary to check for -T
explicitly in that case.

This is a useful bugfix by itself and also important because I plan to
skip forking more often.

PR:		bin/113860 (part of)
PR:		bin/74404 (part of)
Reviewed by:	stefanf
Approved by:	ed (mentor)
2009-06-13 21:10:41 +00:00
Jilles Tjoelker
a68fbc44ee Mention the range for the exit status for the exit special builtin.
The exit status may exceed 255 in some cases (return); even though it seems
unwise to rely on this, it is also unwise to assume that $? is always
between 0 and 255.

This resolves bin/124748 by documenting that 'exit -1' is not valid.

PR:		bin/124748
Approved by:	ed (mentor)
2009-06-07 15:04:43 +00:00
Ralf S. Engelschall
f001f89625 use explicit 'unsigned int' instead of just the implicit-style 'unsigned' to make linting tools (e.g. FlexeLint) happy, too 2009-06-01 11:38:38 +00:00
Ralf S. Engelschall
35f2d3b6b1 align coding style with style(9) to avoid misunderstandings 2009-06-01 11:11:46 +00:00
Ralf S. Engelschall
26286b8acf correctly test for __GNUC__ macro (non-GCC compilers do not have it defined at all) 2009-06-01 11:02:09 +00:00
Ralf S. Engelschall
ac08b88250 be more type correct and align local ckmalloc() with its underlying malloc(3) by using a "size_t" instead of an "int" argument 2009-06-01 10:50:17 +00:00
Jilles Tjoelker
fe40d6d3b1 sh: Make read's timeout (-t) apply to the entire line, not only the first
character.

This avoids using non-standard behaviour of the old (upto FreeBSD 7) TTY
layer: it reprocesses the input queue when switching to canonical mode. The
new TTY layer does not provide this functionality and so read -t worked
very poorly (first character is not echoed, cannot be backspaced but is
still read).

This also agrees with what most other shells with read -t do.

PR:		bin/129566
Reviewed by:	stefanf
Approved by:	ed (mentor)
2009-05-31 19:37:06 +00:00
Stefan Farfeleder
cb806389db Fix the eval command in combination with set -e. Before this change the shell
would always terminate if eval returned with a non-zero exit status regardless
if the status was actually tested.  Unfortunately a new file-scope variable
is needed, the alternative would only be to add a new parameter to all
built-ins.

PR:	134881
2009-05-31 12:36:14 +00:00
Stefan Farfeleder
515c60105d Parse 'cmd1 && ! cmd2 | cmd3' correctly, the bang should apply to the entire
pipeline cmd2 | cmd3 and not just cmd2.

PR:		130298
Submitted by:	Jilles Tjoelker
2009-04-13 19:10:56 +00:00
Stefan Farfeleder
8403b16a59 Don't let trailing empty lines overwrite the result of the last command with 0.
This affects the built-ins eval, fc, and trap and also the string passed to sh
with the -c option.

Submitted by:	Jilles Tjoelker
2009-04-04 19:06:52 +00:00
Stefan Farfeleder
86d8da5d5b Fix the behaviour of the read built-in when IFS is unset.
Obtained from:	NetBSD
2009-03-22 22:57:53 +00:00
Stefan Farfeleder
b6748ec20c Improve the IFS handling of the read built-in.
Obtained from:	NetBSD
Submitted by:	Jilles Tjoelker
2009-03-22 22:09:12 +00:00
Stefan Farfeleder
d4b1e37429 - Apply the r190270 changes to printing of single aliases too.
- Sort the aliases before printing them.
2009-03-22 21:09:22 +00:00
Stefan Farfeleder
0de913c328 Make the output of the alias built-in POSIX-compliant: Drop the leading 'alias'
and suppress printing the trailing space which is added for internal purposes.
2009-03-22 17:20:42 +00:00
Ed Schouten
ae46d95884 Don't disable CR-to-NL translation when waiting for data to arrive.
A difference between the old and the new TTY layer is that the new
implementation does not perform any post-processing before returning
data back to userspace when calling read().

sh(1)'s read turns the TTY into a raw mode before calling select(). This
means that the first character will not receive any ICRNL processing.
Inherit this flag from the original terminal attributes.

Even though this issue is not present on RELENG_*, I'm MFCing it to make
sh(1) in jails behave better.

PR:		bin/129566
MFC after:	2 weeks
2009-03-08 19:09:55 +00:00
Stefan Farfeleder
f7bbf3ffcf Report error messages of the builtins 'type' and 'command -V' to stderr instead
of stdout.

Noticed by:	Zajcev Evgeny
2008-11-28 18:55:42 +00:00
Stefan Farfeleder
94c53a0811 Fix $? at the first command of a function. The previous exit status was saved
twice and thus lost.
2008-11-23 20:23:57 +00:00
Ed Schouten
331773cd07 Document the ulimit -p option in the sh(1) manual page.
When I imported the MPSAFE TTY code, I added the -p flag to sh(1)'s
ulimit, but I forgot to document it in the appropriate manual page.

Requested by:	stefanf
2008-08-30 22:35:21 +00:00
Stefan Farfeleder
9144fae127 Fix a bug in r177497 which caused the getopts state to be reset when 'set'
was used to set a shell option (and not to change the positional parameters).

Submitted by:	Martin Kammerhofer
2008-08-27 20:16:06 +00:00
Ed Schouten
bc093719ca Integrate the new MPSAFE TTY layer to the FreeBSD operating system.
The last half year I've been working on a replacement TTY layer for the
FreeBSD kernel. The new TTY layer was designed to improve the following:

- Improved driver model:

  The old TTY layer has a driver model that is not abstract enough to
  make it friendly to use. A good example is the output path, where the
  device drivers directly access the output buffers. This means that an
  in-kernel PPP implementation must always convert network buffers into
  TTY buffers.

  If a PPP implementation would be built on top of the new TTY layer
  (still needs a hooks layer, though), it would allow the PPP
  implementation to directly hand the data to the TTY driver.

- Improved hotplugging:

  With the old TTY layer, it isn't entirely safe to destroy TTY's from
  the system. This implementation has a two-step destructing design,
  where the driver first abandons the TTY. After all threads have left
  the TTY, the TTY layer calls a routine in the driver, which can be
  used to free resources (unit numbers, etc).

  The pts(4) driver also implements this feature, which means
  posix_openpt() will now return PTY's that are created on the fly.

- Improved performance:

  One of the major improvements is the per-TTY mutex, which is expected
  to improve scalability when compared to the old Giant locking.
  Another change is the unbuffered copying to userspace, which is both
  used on TTY device nodes and PTY masters.

Upgrading should be quite straightforward. Unlike previous versions,
existing kernel configuration files do not need to be changed, except
when they reference device drivers that are listed in UPDATING.

Obtained from:		//depot/projects/mpsafetty/...
Approved by:		philip (ex-mentor)
Discussed:		on the lists, at BSDCan, at the DevSummit
Sponsored by:		Snow B.V., the Netherlands
dcons(4) fixed by:	kan
2008-08-20 08:31:58 +00:00
Colin Percival
f9bcf9cabf Mark functions as __dead2 in order to help the LLVM static checker
understand which code paths aren't possible.

This commit eliminates 117 false positive bug reports of the form
"allocate memory; error out if pointer is NULL; use pointer".
2008-08-04 01:25:48 +00:00
Stefan Farfeleder
497157a78a Pass the correct flags to expandarg() for NFROMFD and NTOFD. This fixes a
segmentation fault when the argument expands to an empty string.

Reported by:	simon
MFC after:	3 weeks
2008-07-30 21:07:04 +00:00