Found this bug when adding history to zshdb:
#!/usr/local/bin/zsh -if
history -ap ./$$
fc -l commands
Program received signal SIGSEGV, Segmentation fault.
0x08080fab in up_histent (he=0x0) at hist.c:948
948 return he->up == hist_ring? NULL : he->up;
(gdb) where
where
#0 0x08080fab in up_histent (he=0x0) at hist.c:948
#1 0x08082544 in hcomsearch (str=0xb7ccc388 "commands") at hist.c:1455
#2 0x08059927 in fcgetcomm (s=0xb7ccc388 "commands") at builtin.c:1520
#3 0x0805885e in bin_fc (nam=0xb7ccc378 "fc", argv=0xbfffc1d4,
ops=0xbfffc258, func=16) at builtin.c:1391
#4 0x0805555c in execbuiltin (args=0xb7ccc348, bn=0x80e082c) at builtin.c:438
#5 0x0807184d in execcmd (state=0xbfffc8ec, input=0, output=0, how=18,
last1=2) at exec.c:3061
#6 0x0806d781 in execpline2 (state=0xbfffc8ec, pcode=259, how=18, input=0,
output=0, last1=0) at exec.c:1557
#7 0x0806cb61 in execpline (state=0xbfffc8ec, slcode=5122, how=18, last1=0)
at exec.c:1343
#8 0x0806c3a4 in execlist (state=0xbfffc8ec, dont_change_job=0, exiting=0)
at exec.c:1141
#9 0x0806be79 in execode (p=0xb7ccc2d0, dont_change_job=0, exiting=0)
at exec.c:973
#10 0x08085a2f in loop (toplevel=1, justonce=0) at init.c:181
#11 0x0808855c in zsh_main (argc=4, argv=0xbfffca24) at init.c:1406
#12 0x08054a86 in main (argc=Cannot access memory at address 0x706100
) at ./main.c:93
(gdb) p he
p he
$1 = (Histent) 0x0
(gdb) quit
A possible patch should be attached.