bug-bash
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Crash on large brace expansion

From: Gabríel Arthúr Pétursson
Subject: Crash on large brace expansion
Date: Thu, 15 Jul 2021 14:36:46 +0000
User-agent: Evolution 3.40.2 (3.40.2-1.fc34) 
Hi all,

Executing the following results in a fierce crash:

   $ bash -c '{0..255}.{0..255}.{0..255}.{0..255}'
   malloc(): unaligned fastbin chunk detected 2
   Aborted (core dumped)

Backtrace:

   #0  0x00007f8999dd22a2 in raise () from /lib64/libc.so.6
   #1  0x00007f8999dbb8a4 in abort () from /lib64/libc.so.6
   #2  0x00007f8999e14a97 in __libc_message () from /lib64/libc.so.6
   #3  0x00007f8999e1c70c in malloc_printerr () from /lib64/libc.so.6
   #4  0x00007f8999e1ff6c in _int_malloc () from /lib64/libc.so.6
   #5  0x00007f8999e21177 in malloc () from /lib64/libc.so.6
   #6  0x0000559e8c77e2ad in xmalloc (bytes=9) at 
/usr/src/debug/bash-5.1.0-2.fc34.x86_64/xmalloc.c:114
   #7  array_concat (arr2=0x7f89847e0010, arr1=0x559e8c9415b0) at 
/usr/src/debug/bash-5.1.0-2.fc34.x86_64/braces.c:770
   #8  array_concat (arr1=arr1@entry=0x559e8c9415b0, 
arr2=arr2@entry=0x7f89847e0010) at 
/usr/src/debug/bash-5.1.0-2.fc34.x86_64/braces.c:732
   #9  0x0000559e8c785243 in brace_expand (text=<optimized out>) at 
/usr/src/debug/bash-5.1.0-2.fc34.x86_64/braces.c:272
   #10 0x0000559e8c779d2a in brace_expand_word_list (eflags=<optimized out>, 
tlist=0x559e8c930ee0) at /usr/src/debug/bash-5.1.0-2.fc34.x86_64/subst.c:11516
   #11 expand_word_list_internal (list=<optimized out>, eflags=31) at 
/usr/src/debug/bash-5.1.0-2.fc34.x86_64/subst.c:11988
   #12 0x0000559e8c73e9bf in expand_words (list=0x559e8c93e9a0) at 
/usr/src/debug/bash-5.1.0-2.fc34.x86_64/subst.c:11350
   #13 execute_simple_command (simple_command=<optimized out>, pipe_in=-1, 
pipe_out=-1, async=0, fds_to_close=<optimized out>) at 
/usr/src/debug/bash-5.1.0-2.fc34.x86_64/execute_cmd.c:4389
   #14 0x0000559e8c740408 in execute_command_internal (command=0x559e8c93d810, 
asynchronous=<optimized out>, pipe_in=-1, pipe_out=-1, 
fds_to_close=0x559e8c93ea20) at 
/usr/src/debug/bash-5.1.0-2.fc34.x86_64/execute_cmd.c:857
   #15 0x0000559e8c79ebdc in parse_and_execute (string=<optimized out>, 
from_file=0x559e8c7fd270 "-c", flags=20) at builtins/evalstring.c:489
   #16 0x0000559e8c7fc15c in run_one_command.isra.0 (command=0x7ffdd51d4a9b 
"{0..255}.{0..255}.{0..255}.{0..255}") at 
/usr/src/debug/bash-5.1.0-2.fc34.x86_64/shell.c:1450
   #17 0x0000559e8c725040 in main (argc=3, argv=0x7ffdd51d3088, 
env=0x7ffdd51d30a8) at /usr/src/debug/bash-5.1.0-2.fc34.x86_64/shell.c:751

This is bash 5.1 running on Fedora 34 (x86-64).

   $ bash --version
   GNU bash, version 5.1.0(1)-release (x86_64-redhat-linux-gnu)

   Machine: x86_64
   OS: linux-gnu
   Compiler: gcc
   Compilation CFLAGS: -O2 -flto=auto -ffat-lto-objects -fexceptions -g 
-grecord-gcc-switches -pipe -Wall -Werror=format-security 
-Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS 
-specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong 
-specs=/usr/lib/rpm/redhat/redhat-annobin-cc1  -m64  -mtune=generic 
-fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection
   uname output: Linux nyaa 5.12.12-300.fc34.x86_64 #1 SMP Fri Jun 18 14:30:51 
UTC 2021 x86_64 x86_64 x86_64 GNU/Linux
   Machine Type: x86_64-redhat-linux-gnu
   
   Bash Version: 5.1
   Patch Level: 0
   Release Status: release

Thanks in advance,
~~ Gabríel
reply via email to
[Prev in Thread] Current Thread [Next in Thread]