On Sun, Aug 17, 2025 at 1:11 AM Grisha Levit <[email protected]> wrote:
>
> On Sat, Aug 16, 2025 at 10:43 AM penguin p <[email protected]> wrote:
> >
> > Hi,
> >
> > As title, when I press Ctrl + R to search through history, then press Ctrl
> > + C to cancel I get set fault immediately.
> >
> > This issue seems to only happen in my pc. Others cannot reproduce, and the
> > homebrew team? recommended me to report in here.
> >
> > This bug vanished when a debugger is attached. Not sure what to do now
> > (except a factory reset which I prefer not to).
> >
> > Reference Github link:
> > https://github.com/Homebrew/homebrew-core/issues/231067
>
> Further comments in the Github issue clarified that the crash happens
> when ^C is immediately followed by another character (in this case it
> happened to be ESC, but any other character will have the same
> effect).
>
> The problem is that _rl_isearch_cleanup is called by the signal
> handler and frees _rl_iscxt but it is then written to by
> _rl_search_getchar.
>
> Attached patch should address the issue and a few other cases where
> the same thing might occur.
OP reports[1] that this patch does not fix the crash for them.
Moving further discussion to this list.
Following is a crash report excerpt from OP:
0 libsystem_kernel.dylib __kill + 8
1 bash kill_shell + 72
2 bash termsig_handler + 444
3 bash termsig_sighandler + 140
4 libsystem_platform.dylib _sigtramp + 56
5 libreadline.8.3.dylib update_line + 3252 (display.c:2133)
6 libreadline.8.3.dylib rl_redisplay + 6092 (display.c:1368)
7 libreadline.8.3.dylib rl_clear_message + 68 (display.c:3194)
8 libreadline.8.3.dylib _rl_isearch_fini + 200 (isearch.c:311)
9 libreadline.8.3.dylib _rl_isearch_cleanup + 228 (isearch.c:914)
10 libreadline.8.3.dylib rl_free_line_state + 28 (signals.c:616)
11 libreadline.8.3.dylib _rl_handle_signal + 160 (signals.c:221)
12 libreadline.8.3.dylib _rl_signal_handler + 280 (signals.c:152)
13 libreadline.8.3.dylib rl_redisplay + 5560 (display.c:1712)
14 libreadline.8.3.dylib rl_clear_message + 68 (display.c:3194)
15 libreadline.8.3.dylib _rl_isearch_fini + 200 (isearch.c:311)
16 libreadline.8.3.dylib _rl_isearch_cleanup + 228 (isearch.c:914)
17 libreadline.8.3.dylib _rl_dispatch_subseq + 892 (readline.c:941)
18 libreadline.8.3.dylib _rl_dispatch + 4 (readline.c:876)
19 libreadline.8.3.dylib readline_internal_char + 636 (readline.c:690)
20 libreadline.8.3.dylib readline_internal_charloop + 24
(readline.c:737)
21 libreadline.8.3.dylib readline_internal + 28 (readline.c:749)
22 libreadline.8.3.dylib readline + 96 (readline.c:387)
This is different from the crash[2] addressed by my patch. Presumably, there
is some difference in the timing of signal delivery and key input.
Penguin:
Can you try building bash with AddressSanitizer and provide the crash report
printed to the terminal from such a build?
Build bash as follows:
git clone --single-branch --depth=1 git://git.savannah.gnu.org/bash.git
cd bash
./configure -C --without-bash-malloc CFLAGS='-g -O0 -fsanitize=address
-fno-omit-frame-pointer -fno-optimize-sibling-calls'
make -j
Then run:
./bash --norc
[1]
https://github.com/Homebrew/homebrew-core/issues/231067#issuecomment-3194497660
[2]
https://github.com/Homebrew/homebrew-core/issues/231067#issuecomment-3194138639
