bug-bash
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: readline: double free when using PageDown

From: Chet Ramey
Subject: Re: readline: double free when using PageDown
Date: Sun, 26 Nov 2023 11:20:18 -0500
User-agent: Mozilla Thunderbird 
On 11/25/23 8:19 PM, Grisha Levit wrote:
On Sat, Nov 25, 2023, 14:03 Chet Ramey <chet.ramey@case.edu <mailto:chet.ramey@case.edu>> wrote: 

    On 11/25/23 11:41 AM, Matthias Klose wrote:
     > [forwarded from https://bugs.debian.org/1056314
    <https://bugs.debian.org/1056314>]
     >
     > """
     > I am getting a crash in the Python REPL in this scenario:
     >
     > 1. start "python3" in a terminal
     > 2. type "2+2", enter
     > 3. type (or copy-paste) "1234+5678", enter
     > 4. arrow-up, remove "234", page-down, arrow-up, enter
     > 5. arrow-up, arrow-up, add "000" (or whatever) after the 1, enter.
     >
     > this results in:
     >
     > free(): double free detected in tcache 2
     >   [1]    2319820 IOT instruction  python3

    I can reproduce this in bash-5.2, but not in the devel branch.
I believe this is fixed by https://git.savannah.gnu.org/cgit/bash.git/commit/?h=devel&id=277c21d2 <https://git.savannah.gnu.org/cgit/bash.git/commit/?h=devel&id=277c21d2> 

Yes, that fixes the core dump. There are a bunch of subsequent changes to
non-incremental searching from late April that really fix it.

--
``The lyf so short, the craft so long to lerne.'' - Chaucer
                 ``Ars longa, vita brevis'' - Hippocrates
Chet Ramey, UTech, CWRU    chet@case.edu    http://tiswww.cwru.edu/~chet/
reply via email to
[Prev in Thread] Current Thread [Next in Thread]