Here's another interesting crash: $ base64 < 53 MBgFEBAQMBgFEBAfEA==
$ gdb -batch -ex=r -ex=bt --args ./bash --noprofile --norc -c 'PATH=; set -o emacs; IFS= read -re' < 53 [Thread debugging using libthread_db enabled] Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1". 0 [Detaching after fork from child process 30991] /home/dualbus/src/gnu/bash/bash: vim: No such file or directory 0 [Detaching after fork from child process 30992] /home/dualbus/src/gnu/bash/bash: vim: No such file or directory malloc: unknown:0: assertion botched malloc: 0x630808: allocated: last allocated from unknown:0 free: called with already freed block argument Aborting... Program received signal SIGABRT, Aborted. __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50 50 ../sysdeps/unix/sysv/linux/raise.c: No such file or directory. #0 __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50 #1 0x00007ffff79a7535 in __GI_abort () at abort.c:79 #2 0x00000000004597bb in programming_error (format=0x5557be "free: called with already freed block argument") at error.c:175 #3 0x00000000005322c2 in xbotch (mem=0x630808, e=1, s=0x5557be "free: called with already freed block argument", file=0x0, line=0) at malloc.c:354 #4 0x000000000053155c in internal_free (mem=0x630808, file=0x0, line=0, flags=0) at malloc.c:931 #5 0x0000000000531d4f in free (mem=0x630808) at malloc.c:1388 #6 0x00000000004b5150 in xfree (string=0x630808) at xmalloc.c:150 #7 0x000000000051e94c in rl_do_undo () at undo.c:240 #8 0x000000000051eb23 in rl_revert_line (count=1, key=0) at undo.c:312 #9 0x00000000004fa7f9 in readline_internal_teardown (eof=1) at readline.c:471 #10 0x00000000004fa591 in readline_internal () at readline.c:672 #11 0x00000000004fa440 in readline (prompt=0x55466f "") at readline.c:377 #12 0x00000000004caa16 in edit_line (p=0x55466f "", itext=0x0) at ./read.def:1104 #13 0x00000000004c94ba in read_builtin (list=0x0) at ./read.def:563 #14 0x000000000044b599 in execute_builtin (builtin=0x4c8560 <read_builtin>, words=0x628f88, flags=0, subshell=0) at execute_cmd.c:4677 #15 0x000000000044a96f in execute_builtin_or_function (words=0x628f88, builtin=0x4c8560 <read_builtin>, var=0x0, redirects=0x0, fds_to_close=0x628ce8, flags=0) at execute_cmd.c:5185 #16 0x00000000004437c9 in execute_simple_command (simple_command=0x628c08, pipe_in=-1, pipe_out=-1, async=0, fds_to_close=0x628ce8) at execute_cmd.c:4449 #17 0x00000000004412ab in execute_command_internal (command=0x628bc8, asynchronous=0, pipe_in=-1, pipe_out=-1, fds_to_close=0x628ce8) at execute_cmd.c:840 #18 0x0000000000445208 in execute_connection (command=0x628d48, asynchronous=0, pipe_in=-1, pipe_out=-1, fds_to_close=0x628ce8) at execute_cmd.c:2689 #19 0x0000000000441681 in execute_command_internal (command=0x628d48, asynchronous=0, pipe_in=-1, pipe_out=-1, fds_to_close=0x628ce8) at execute_cmd.c:1013 #20 0x00000000004bf527 in parse_and_execute (string=0x628408 "PATH=; set -o emacs; IFS= read -re", from_file=0x5353fb "-c", flags=4) at evalstring.c:436 #21 0x0000000000423845 in run_one_command (command=0x7fffffffea92 "PATH=; set -o emacs; IFS= read -re") at shell.c:1416 #22 0x0000000000421920 in main (argc=5, argv=0x7fffffffe758, env=0x7fffffffe788) at shell.c:735 Bash compiled with: `CC=clang CFLAGS='-O0 -ggdb' ./configure && make -j4' from `devel' (b52e30b8dd5bba5aed7b13040c9d4f7a0c1990cc) on Linux (Ubuntu 18.04)
