On 8/20/25 3:36 PM, Chet Ramey wrote:
===================================================================1078506==ERROR: AddressSanitizer: heap-use-after-free on address 0x7c315f7e217c at pc 0x55bc1d03b545 bp 0x7ffdbdb3c920 sp 0x7ffdbdb3c910WRITE of size 4 at 0x7c315f7e217c thread T0#0 0x55bc1d03b544 in _rl_search_getchar /home/arch/works/bash/lib/ readline/isearch.c:322This is probably the same issue Grisha identified initially: handling SIGINT in rl_read_key ends up invalidating the search context, and then rl_read_key returns -1, which _rl_search_getchar tries to assign to cxt->c_lastc. But I'd like to be able to reproduce it.
The real issue is that readline, when reading from its standard input,
which is the keyboard in the vast majority of situations, does not
believe that read(2) can both succeed (return value > 0) *and* get a
signal before it returns to user mode without setting errno. You simply
cannot type that fast, since read returns after reading one character.
You either need to inject it into the input artificially or hit the process
with SIGINT from another process with exquisitely precise timing.
I'll have to think about what to do about that.
Chet
--
``The lyf so short, the craft so long to lerne.'' - Chaucer
``Ars longa, vita brevis'' - Hippocrates
Chet Ramey, UTech, CWRU c...@case.edu http://tiswww.cwru.edu/~chet/
OpenPGP_signature.asc
Description: OpenPGP digital signature
