Loading ...
Sorry, an error occurred while loading the content.

67224Re: Patch 7.3.715

Expand Messages
  • Dominique PellĂ©
    Nov 22, 2012
    • 0 Attachment
      Ike Devolder wrote:

      >> i attach a minimum configuration + testfile where i have consistent
      >> segfaults on.
      >>
      >> within the archive you can find index.php, it has a syntax error, the
      >> following steps lead to segfault:
      >>
      >> vim index.php
      >> - :w (with the syntax error, syntastic kicks in)
      >> - goto end of phpinfo() and add ; :w (error is gone)
      >> - undo u
      >> - :w -> segfault
      >>
      >> uname -a:
      >> Linux 3.6.7 #1 SMP PREEMPT Sun Nov 18 09:53:58 CET 2012 x86_64 GNU/Linux
      >> distribution Arch Linux
      >>
      >> configure:
      >> ./configure --prefix=/usr --localstatedir=/var/lib/vim \
      >> --mandir=/usr/share/man --with-compiledby=BlackEagle \
      >> --with-features=huge --enable-gpm --enable-acl --with-x=no \
      >> --disable-gui --enable-multibyte --enable-cscope \
      >> --disable-netbeans --enable-perlinterp=dynamic \
      >> --enable-pythoninterp=dynamic --enable-python3interp=dynamic \
      >> --enable-rubyinterp=dynamic --enable-luainterp=dynamic
      >>
      >> now tested with version 7.3.725, first noticed with 7.3.718 and then
      >> detected that the problem went away when going back to 7.3.714
      >>
      >> to be able to build ruby dynamic on my machine i also needed the patch
      >> of Ken Takata in the 7.3.721 thread:
      >> https://groups.google.com/forum/?fromgroups=#!topic/vim_dev/-pxkvVyWZdo
      >>
      >> thx for looking into this
      >
      > ok i forgot on pre-requisite: you must have php installed so the syntastic
      > plugin can run php -l to get the syntax error showing.
      >
      > --Ike


      Hi Ike

      I can reproduce the crash using your description with
      Vim-7.3.725 on Linux x86_64.

      Valgrind gives the following error:

      ==6815== Invalid read of size 4
      ==6815== at 0x58ED64: ex_make (quickfix.c:2869)
      ==6815== by 0x4888F1: do_cmdline (ex_docmd.c:2677)
      ==6815== by 0x4468BF: call_func (eval.c:22540)
      ==6815== by 0x449722: get_func_tv (eval.c:8322)
      ==6815== by 0x46A24E: eval7 (eval.c:5158)
      ==6815== by 0x468F27: eval6 (eval.c:4810)
      ==6815== by 0x468A77: eval5 (eval.c:4626)
      ==6815== by 0x4682D0: eval4 (eval.c:4319)
      ==6815== by 0x468166: eval3 (eval.c:4231)
      ==6815== by 0x444AD4: eval1 (eval.c:4160)
      ==6815== by 0x4445D8: eval0 (eval.c:4042)
      ==6815== by 0x44769D: ex_let (eval.c:1897)
      ==6815== by 0x4888F1: do_cmdline (ex_docmd.c:2677)
      ==6815== by 0x4468BF: call_func (eval.c:22540)
      ==6815== by 0x449722: get_func_tv (eval.c:8322)
      ==6815== by 0x46A24E: eval7 (eval.c:5158)
      ==6815== by 0x468F27: eval6 (eval.c:4810)
      ==6815== by 0x468A77: eval5 (eval.c:4626)
      ==6815== by 0x4682D0: eval4 (eval.c:4319)
      ==6815== by 0x468166: eval3 (eval.c:4231)
      ==6815== by 0x444AD4: eval1 (eval.c:4160)
      ==6815== by 0x4445D8: eval0 (eval.c:4042)
      ==6815== by 0x44769D: ex_let (eval.c:1897)
      ==6815== by 0x4888F1: do_cmdline (ex_docmd.c:2677)
      ==6815== by 0x4468BF: call_func (eval.c:22540)
      ==6815== by 0x449722: get_func_tv (eval.c:8322)
      ==6815== by 0x448AFD: ex_call (eval.c:3465)
      ==6815== by 0x4888F1: do_cmdline (ex_docmd.c:2677)
      ==6815== by 0x4468BF: call_func (eval.c:22540)
      ==6815== by 0x449722: get_func_tv (eval.c:8322)
      ==6815== by 0x448AFD: ex_call (eval.c:3465)
      ==6815== by 0x4888F1: do_cmdline (ex_docmd.c:2677)
      ==6815== by 0x4BFFE4: apply_autocmds_group (fileio.c:9435)
      ==6815== by 0x4BAF27: buf_write (fileio.c:9049)
      ==6815== by 0x47355D: do_write (ex_cmds.c:2692)
      ==6815== by 0x4888F1: do_cmdline (ex_docmd.c:2677)
      ==6815== by 0x54D9DA: nv_colon (normal.c:5417)
      ==6815== by 0x543C95: normal_cmd (normal.c:1198)
      ==6815== by 0x685ADE: main_loop (main.c:1294)
      ==6815== by 0x6854EA: main (main.c:998)
      ==6815== Address 0x8 is not stack'd, malloc'd or (recently) free'd


      quickfix.c:

      2861 if (wp != NULL)
      2862 qi = GET_LOC_LIST(wp);
      2863 #ifdef FEAT_AUTOCMD
      2864 if (au_name != NULL)
      2865 {
      2866 apply_autocmds(EVENT_QUICKFIXCMDPOST, au_name,
      2867 curbuf->b_fname,
      TRUE, curbuf);
      2868 if (qi->qf_curlist < qi->qf_listcount)
      2869 res = qi->qf_lists[qi->qf_curlist].qf_count;
      2870 else
      2871 res = 0;
      2872 }

      Printing a few pointers just before line quickfix.c:2868, I get this:

      *** wp=0xb4bf10 qi=0xdd76d0 wp->w_llist=0xdd76d0 wp->w_llist_ref=(nil)
      *** wp=0xb4bf10 qi=0xdd76d0 wp->w_llist=0xdd76d0 wp->w_llist_ref=(nil)
      *** wp=0xb4bf10 qi=0xdd76d0 wp->w_llist=0xdd76d0 wp->w_llist_ref=(nil)
      *** wp=0xb4bf10 qi=0xdd76d0 wp->w_llist=0xdd76d0 wp->w_llist_ref=(nil)
      *** wp=0xb4bf10 qi=(nil) wp->w_llist=(nil) wp->w_llist_ref=(nil)
      Vim: Caught deadly signal SEGV
      Vim: Finished.
      Segmentation fault (core dumped)

      I don't know yet why some pointers are NULL but perhaps someone
      can make sense of it.

      I don't need to do 'undo' to reproduce the crash. This also crashes:

      - vim index.php
      - :w (with the syntax error, syntastic kicks in)
      - goto end of phpinfo() and add ; :w (error is gone)
      - remove previously added ; (by pressing x on ; character in command mode)
      - :w to save again -> crash

      Regards
      -- Dominique

      --
      You received this message from the "vim_dev" maillist.
      Do not top-post! Type your reply below the text you are replying to.
      For more information, visit http://www.vim.org/maillist.php
    • Show all 16 messages in this topic