Re: readline: double free when using PageDown

2023-11-26 Thread Matthias Klose 

On 26.11.23 02:19, Grisha Levit wrote:

On Sat, Nov 25, 2023, 14:03 Chet Ramey  wrote:


On 11/25/23 11:41 AM, Matthias Klose wrote:

[forwarded from https://bugs.debian.org/1056314]

"""
I am getting a crash in the Python REPL in this scenario:

1. start "python3" in a terminal
2. type "2+2", enter
3. type (or copy-paste) "1234+5678", enter
4. arrow-up, remove "234", page-down, arrow-up, enter
5. arrow-up, arrow-up, add "000" (or whatever) after the 1, enter.

this results in:

free(): double free detected in tcache 2
   [1]2319820 IOT instruction  python3


I can reproduce this in bash-5.2, but not in the devel branch.



I believe this is fixed by
https://git.savannah.gnu.org/cgit/bash.git/commit/?h=devel=277c21d2


thanks, I can confirm that this fixes the issue.

Re: readline: double free when using PageDown

2023-11-26 Thread Chet Ramey 

On 11/25/23 8:19 PM, Grisha Levit wrote:



On Sat, Nov 25, 2023, 14:03 Chet Ramey > wrote:


On 11/25/23 11:41 AM, Matthias Klose wrote:
 > [forwarded from https://bugs.debian.org/1056314
]
 >
 > """
 > I am getting a crash in the Python REPL in this scenario:
 >
 > 1. start "python3" in a terminal
 > 2. type "2+2", enter
 > 3. type (or copy-paste) "1234+5678", enter
 > 4. arrow-up, remove "234", page-down, arrow-up, enter
 > 5. arrow-up, arrow-up, add "000" (or whatever) after the 1, enter.
 >
 > this results in:
 >
 > free(): double free detected in tcache 2
 >   [1]    2319820 IOT instruction  python3

I can reproduce this in bash-5.2, but not in the devel branch.


I believe this is fixed by 
https://git.savannah.gnu.org/cgit/bash.git/commit/?h=devel=277c21d2 



Yes, that fixes the core dump. There are a bunch of subsequent changes to
non-incremental searching from late April that really fix it.

--
``The lyf so short, the craft so long to lerne.'' - Chaucer
 ``Ars longa, vita brevis'' - Hippocrates
Chet Ramey, UTech, CWRUc...@case.eduhttp://tiswww.cwru.edu/~chet/