Zsh Mailing List Archive
Messages sorted by: Reverse Date, Date, Thread, Author

Re: "crash: free invalid next size (fast)" on completion

On 2022-03-24 10:58, Peter Stephenson wrote:

On 24 March 2022 at 07:31 Johan Ström <johan@xxxxxxxxxxx> wrote:

Do other completions crash, or only completions that involve file names?

Not sure, will check with some known completion if I see it again
(typically have a bunch of terminal open, and at least previously
multiple of them seemed to break)

Could you leave something running with "valgrind zsh" and see if that crashes
and gives a bit more information?

Like Bart I'm hard pressed to work out what might be going on while it's
idle, but it does look like the corruption has already happened when you
come back to it.

pws


Launched one now. Quickly noticed this:

1. Execute ls
2. Use up-arrow, triggers warning:
 ==2157023== Invalid read of size 32
==2157023==    at 0x4B7709D: __wmemcmp_avx2_movbe (in /usr/lib/libc.so.6)
==2157023==    by 0x5863FDC: mkundoent (in /usr/lib/zsh/5.8.1/zsh/zle.so)
==2157023==    by 0x5865555: handleundo (in /usr/lib/zsh/5.8.1/zsh/zle.so)
==2157023==    by 0x58516F1: zlecore (in /usr/lib/zsh/5.8.1/zsh/zle.so)
==2157023==    by 0x5852586: zleread (in /usr/lib/zsh/5.8.1/zsh/zle.so)
==2157023==    by 0x1738A2: zleentry (in /usr/bin/zsh)
==2157023==    by 0x1741AC: ingetc (in /usr/bin/zsh)
==2157023==    by 0x166A93: ??? (in /usr/bin/zsh)
==2157023==    by 0x1824CE: ??? (in /usr/bin/zsh)
==2157023==    by 0x1A6F87: parse_event (in /usr/bin/zsh)
==2157023==    by 0x16CC4D: loop (in /usr/bin/zsh)
==2157023==    by 0x175A34: zsh_main (in /usr/bin/zsh)
==2157023==  Address 0x5c2de50 is 0 bytes inside a block of size 8 alloc'd
==2157023==    at 0x484ACD3: realloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) 
==2157023==    by 0x586404F: setlastline (in /usr/lib/zsh/5.8.1/zsh/zle.so)
==2157023==    by 0x5849799: zle_setline (in /usr/lib/zsh/5.8.1/zsh/zle.so)
==2157023==    by 0x5849F10: zle_goto_hist (in /usr/lib/zsh/5.8.1/zsh/zle.so) 
==2157023==    by 0x5849F5A: uphistory (in /usr/lib/zsh/5.8.1/zsh/zle.so)
==2157023==    by 0x5849FDC: uplineorhistory (in /usr/lib/zsh/5.8.1/zsh/zle.so) 
==2157023==    by 0x584F265: execzlefunc (in /usr/lib/zsh/5.8.1/zsh/zle.so)
==2157023==    by 0x585183B: zlecore (in /usr/lib/zsh/5.8.1/zsh/zle.so)
==2157023==    by 0x5852586: zleread (in /usr/lib/zsh/5.8.1/zsh/zle.so)
==2157023==    by 0x1738A2: zleentry (in /usr/bin/zsh)
==2157023==    by 0x1741AC: ingetc (in /usr/bin/zsh)
==2157023==    by 0x166A93: ??? (in /usr/bin/zsh)
==2157023==
Using up/down arrows a bit triggers the same thing again, but after a few ups/downs it stops. Can reproduce 100% it seems. 

Will leave valgrinds running.
Messages sorted by: Reverse Date, Date, Thread, Author