Hi
gVim crashes when operating as follows.
gvim -u NONE -U NONE --noplugin --nofork -c "set guifont=Sans\ 10" -
c vnew
qa
:tabnew
:q
q
1...@a
The cause of the crash is as follows.
* tab_close_othertab
* win_free_mem
(A) vim_free(frp) <- Here, the memory area is freed.
* win_free
(B) gui_mch_destroy_scrollbar <- After this function is called,
frame_minheight() is called from another context.
(C) remove deleted tabpage from first_tabpage list.
The value might be written in memory area (tp->fr_win) freed in (A)
during the processing of (C) as (A), and frame_minheight() is called
after the function of (B), and it becomes the violation of the memory
by topfrp->fr_win->w_status_height and it crashes in that.
Crash doesn't do easily according to the font, but it seems to be easy
for crash to do comparatively in the Sans font.
It hardly crashes by correcting it as follows.
vim_free(frp);
win_free(win, tp);
to
win_free(win, tp);
vim_free(frp);
Please fix this bug.
Regards,
ryo7000
--
You received this message from the "vim_dev" maillist.
Do not top-post! Type your reply below the text you are replying to.
For more information, visit http://www.vim.org/maillist.php
