Created attachment 358238 [details] sample backtrace Description of problem: It is possible to set an associative array in such a way that bash segfaults when it is unset. Version-Release number of selected component (if applicable): bash-4.0-7.fc11 How reproducible: Completely Steps to Reproduce: 1. start bash 2. enter these commands: declare -A T T='([a]=1)' unset T 3. [note that the apostrophes are required] Actual results: segfault Expected results: Probably should be the same as if the apostrophes aren't there. Additional info: This is a minimal case derived from attempting to do something more sensible...
T='([a]=1)' will save ([a]=1) at index 0. The problem here is, that index 0 is stored as string (char *) but is not allocated memory for it an in unset this memory is freed. This causes segfault.
bash-4.0-8.fc11 has been submitted as an update for Fedora 11. http://admin.fedoraproject.org/updates/bash-4.0-8.fc11
bash-4.0-8.fc11 has been pushed to the Fedora 11 stable repository. If problems still persist, please make note of it in this bug report.