Re: Issue 106 in vim: Vim-7.3.782 crashed (core dump)

Joachim Schmitz Thu, 24 Jan 2013 09:45:01 -0800

v...@googlecode.com wrote:

Status: New
Owner: ----
Labels: Type-Defect Priority-Medium


New issue 106 by dominiqu...@gmail.com: Vim-7.3.782 crashed (core
dump) http://code.google.com/p/vim/issues/detail?id=106

Vim-7.3.782 (huge, gtk2) crashed (core dump) on Linux-x86_64. I think
I was using the netrw plugin when it crashes, but I can't remember
exactly what I did.

(gdb) bt
#0  0x00007f2b0191e707 in kill () at
../sysdeps/unix/syscall-template.S:82 #1  0x0000000000527555 in
may_core_dump () at os_unix.c:3166 #2  0x00000000005274f4 in mch_exit
(r=1) at os_unix.c:3132 #3  0x00000000005dd6de in getout (exitval=1)
at main.c:1481 #4  0x00000000004e2f6d in preserve_exit () at
misc1.c:9138 #5  0x000000000052530c in deathtrap (sigarg=11) at
os_unix.c:1097 #6  <signal handler called>
#7  0x00000000005048b4 in nv_gomark (cap=0x7fffb59fe8e0) at
normal.c:7555 #8  0x00000000004f949b in normal_cmd
(oap=0x7fffb59fe9c0, toplevel=1) at normal.c:1198
#9  0x00000000005dd3cd in main_loop (cmdwin=0, noexmode=0) at
main.c:1306 #10 0x00000000005dcd97 in main (argc=1,
argv=0x7fffb59fece8) at main.c:1010
(gdb) up
#7  0x00000000005048b4 in nv_gomark (cap=0x7fffb59fe8e0) at
normal.c:7555 (gdb) list
7550        if (!virtual_active())
7551            curwin->w_cursor.coladd = 0;
7552    #endif
7553    #ifdef FEAT_FOLDING
7554        if (cap->oap->op_type == OP_NOP
7555                && (pos == (pos_T *)-1 || !equalpos(old_cursor,
*pos)) 7556                && (fdo_flags & FDO_MARK)
7557                && old_KeyTyped)
7558            foldOpenCursor();
7559    #endif

(gdb) p pos
$2 = (pos_T *) 0x0


It crashed at line normal.c:7555 when dereferencing pos which is NULL.

"hg annotate normal.c" shows that line normal.c:7555 was changed
in revision 4017 (i.e v7-3-763):

vimboss    7: #ifdef FEAT_FOLDING
vimboss    7:     if (cap->oap->op_type == OP_NOP
   bram 4017:       && (pos == (pos_T *)-1 || !equalpos(old_cursor,
*pos)) vimboss    7:       && (fdo_flags & FDO_MARK)
vimboss    7:       && old_KeyTyped)
vimboss    7:   foldOpenCursor();
vimboss    7: #endif

The line normal.c:7555 was changed in this recent patch:

============================================================
changeset:   4017:b6148e4a9c39
tag:         v7-3-763
user:        Bram Moolenaar <b...@vim.org>
date:        Thu Jan 17 13:24:08 2013 +0100
files:       src/normal.c src/version.c
description:
updated for version 7.3.763
Problem:    Jumping to a mark does not open a fold if it is in the
same line.
            (Wiktor Ruben)
Solution:   Also compare the column after the jump. (Christian
Brabandt) ============================================================

I can see that line normal.c:7535 in the same function is checking
whether 'pos' is NULL a few lines above at normal.c:7535, but not
at line normal.c:7555, so that looks wrong.

I don't know yet how to reproduce the bug unfortunately.

What version of the product are you using? On what operating system?

Vim-7.3.782 (huge, gtk2), Linux x86_64.

I have it crashing after having applied patches 773-782, so I have my doubtswhether the culprit is 763...

Bye, Jojo


--
--
You received this message from the "vim_dev" maillist.
Do not top-post! Type your reply below the text you are replying to.
For more information, visit http://www.vim.org/maillist.php

Re: Issue 106 in vim: Vim-7.3.782 crashed (core dump)

Raspunde prin e-mail lui