On Sat, Jan 31, 2015 at 12:57 AM, Jakson Alves de Aquino <[email protected]> wrote: > On Sat, Jan 31, 2015 at 06:30:05AM +0100, Dominique Pellé wrote: >> No, I don't think it's your fault. It should be OK I think >> to enable FEAT_CONCEAL the way you did but it's better >> to build with --with-features=huge anyway. >> >> So it would still be interesting to see why it crashed it you >> can. Unfortunately, you copied only the last lines of >> the address sanitizer, we're missing the most important >> piece of information from asan. Can you try it again with... >> >> $ cd vim/src >> $ ./vim 2> asan.log >> >> ... and send the full output in asan.log > > I configured the build as before: > > CFLAGS=-g ./configure --enable-pythoninterp=yes --enable-multibyte > > And the asan.log is (I removed the first directories from file > paths to make them shorter): > > ================================================================= > ==6353==ERROR: AddressSanitizer: heap-use-after-free on address > 0x6160000fa790 at pc 0x79a090 bp 0x7fff2c094bd0 sp 0x7fff2c094bc0 > READ of size 8 at 0x6160000fa790 thread T0 > #0 0x79a08f in nfa_regmatch src/regexp_nfa.c:5505 > #1 0x7a0c6c in nfa_regtry src/regexp_nfa.c:6860 > #2 0x7a20a9 in nfa_regexec_both src/regexp_nfa.c:7050 > #3 0x7a296a in nfa_regexec_multi src/regexp_nfa.c:7263 > #4 0x7a32a3 in vim_regexec_multi src/regexp.c:8273 > #5 0x866236 in syn_regexec src/syntax.c:3284 > #6 0x8601d4 in syn_current_attr src/syntax.c:2097 > #7 0x85ee2c in get_syntax_attr src/syntax.c:1854 > #8 0x7b9d36 in win_line src/screen.c:4354 > #9 0x7ad9c5 in win_update src/screen.c:2011 > #10 0x7a6e0b in update_screen src/screen.c:678 > #11 0x89a9d7 in set_shellsize src/term.c:3174 > #12 0x89a451 in shell_resized src/term.c:3036 > #13 0x72cf4d in handle_resize src/os_unix.c:487 > #14 0x72cd55 in mch_inchar src/os_unix.c:399 > #15 0x8a5748 in ui_inchar src/ui.c:199 > #16 0x5dbfb7 in inchar src/getchar.c:3098 > #17 0x5db251 in vgetorpeek src/getchar.c:2873 > #18 0x5d5de6 in vpeekc src/getchar.c:1875 > #19 0x5d5fd1 in char_avail src/getchar.c:1925 > #20 0x7da67a in redrawing src/screen.c:10421 > #21 0x7a5963 in update_screen src/screen.c:500 > #22 0x95691b in main_loop src/main.c:1237 > #23 0x95616e in main src/main.c:1034 > #24 0x7f9370260ec4 in __libc_start_main > (/lib/x86_64-linux-gnu/libc.so.6+0x21ec4) > #25 0x431558 (/usr/local/bin/vim+0x431558) > > 0x6160000fa790 is located 528 bytes inside of 640-byte region > [0x6160000fa580,0x6160000fa800) > freed by thread T0 here: > #0 0x7f93731c553f in __interceptor_free > (/usr/lib/x86_64-linux-gnu/libasan.so.1+0x5753f) > #1 0x6728d3 in vim_free src/misc2.c:1741 > #2 0x7a2730 in nfa_regfree src/regexp_nfa.c:7182 > #3 0x7a2c4b in vim_regfree src/regexp.c:8138 > #4 0x868120 in syn_clear_pattern src/syntax.c:3598 > #5 0x867404 in syntax_clear src/syntax.c:3495 > #6 0x86866e in syn_cmd_clear src/syntax.c:3655 > #7 0x87790b in ex_syntax src/syntax.c:6285 > #8 0x544222 in do_one_cmd src/ex_docmd.c:2940 > #9 0x53c708 in do_cmdline src/ex_docmd.c:1133 > #10 0x4ff928 in call_user_func src/eval.c:23618 > #11 0x4ba42f in call_func src/eval.c:8598 > #12 0x4b97a7 in get_func_tv src/eval.c:8434 > #13 0x4a682d in ex_call src/eval.c:3505 > #14 0x544222 in do_one_cmd src/ex_docmd.c:2940 > #15 0x53c708 in do_cmdline src/ex_docmd.c:1133 > #16 0x5ba897 in apply_autocmds_group src/fileio.c:9487 > #17 0x5b95ce in apply_autocmds src/fileio.c:9045 > #18 0x71490a in did_set_string_option src/option.c:7145 > #19 0x70abcc in do_set src/option.c:4892 > #20 0x570bc2 in ex_set src/ex_docmd.c:11972 > #21 0x544222 in do_one_cmd src/ex_docmd.c:2940 > #22 0x53c708 in do_cmdline src/ex_docmd.c:1133 > #23 0x4f5edf in ex_execute src/eval.c:21819 > #24 0x544222 in do_one_cmd src/ex_docmd.c:2940 > #25 0x53c708 in do_cmdline src/ex_docmd.c:1133 > #26 0x5ba897 in apply_autocmds_group src/fileio.c:9487 > #27 0x5b95ce in apply_autocmds src/fileio.c:9045 > #28 0x714a0e in did_set_string_option src/option.c:7153 > #29 0x70abcc in do_set src/option.c:4892 > > previously allocated by thread T0 here: > #0 0x7f93731c57b7 in __interceptor_malloc > (/usr/lib/x86_64-linux-gnu/libasan.so.1+0x577b7) > #1 0x6705fb in lalloc src/misc2.c:921 > #2 0x7a2229 in nfa_regcomp src/regexp_nfa.c:7118 > #3 0x7a2aee in vim_regcomp src/regexp.c:8084 > #4 0x8744d1 in get_syn_pattern src/syntax.c:5667 > #5 0x86fab5 in syn_cmd_match src/syntax.c:4947 > #6 0x87790b in ex_syntax src/syntax.c:6285 > #7 0x544222 in do_one_cmd src/ex_docmd.c:2940 > #8 0x53c708 in do_cmdline src/ex_docmd.c:1133 > #9 0x4f5edf in ex_execute src/eval.c:21819 > #10 0x544222 in do_one_cmd src/ex_docmd.c:2940 > #11 0x53c708 in do_cmdline src/ex_docmd.c:1133 > #12 0x4ff928 in call_user_func src/eval.c:23618 > #13 0x4ba42f in call_func src/eval.c:8598 > #14 0x4b97a7 in get_func_tv src/eval.c:8434 > #15 0x4a682d in ex_call src/eval.c:3505 > #16 0x544222 in do_one_cmd src/ex_docmd.c:2940 > #17 0x53c708 in do_cmdline src/ex_docmd.c:1133 > #18 0x537b06 in do_source src/ex_cmds2.c:3345 > #19 0x535e3b in source_callback src/ex_cmds2.c:2762 > #20 0x5363af in do_in_runtimepath src/ex_cmds2.c:2866 > #21 0x535e65 in source_runtime src/ex_cmds2.c:2776 > #22 0x535e13 in ex_runtime src/ex_cmds2.c:2752 > #23 0x544222 in do_one_cmd src/ex_docmd.c:2940 > #24 0x53c708 in do_cmdline src/ex_docmd.c:1133 > #25 0x537b06 in do_source src/ex_cmds2.c:3345 > #26 0x535e3b in source_callback src/ex_cmds2.c:2762 > #27 0x5363af in do_in_runtimepath src/ex_cmds2.c:2866 > #28 0x535e65 in source_runtime src/ex_cmds2.c:2776 > #29 0x535e13 in ex_runtime src/ex_cmds2.c:2752 > > SUMMARY: AddressSanitizer: heap-use-after-free src/regexp_nfa.c:5505 > nfa_regmatch > Shadow bytes around the buggy address: > 0x0c2c800174a0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa > 0x0c2c800174b0: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd > 0x0c2c800174c0: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd > 0x0c2c800174d0: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd > 0x0c2c800174e0: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd > =>0x0c2c800174f0: fd fd[fd]fd fd fd fd fd fd fd fd fd fd fd fd fd > 0x0c2c80017500: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa > 0x0c2c80017510: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd > 0x0c2c80017520: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd > 0x0c2c80017530: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd > 0x0c2c80017540: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd > Shadow byte legend (one shadow byte represents 8 application bytes): > Addressable: 00 > Partially addressable: 01 02 03 04 05 06 07 > Heap left redzone: fa > Heap right redzone: fb > Freed heap region: fd > Stack left redzone: f1 > Stack mid redzone: f2 > Stack right redzone: f3 > Stack partial redzone: f4 > Stack after return: f5 > Stack use after scope: f8 > Global redzone: f9 > Global init order: f6 > Poisoned by user: f7 > Contiguous container OOB:fc > ASan internal: fe > ==6353==ABORTING
Vim is no longer crashing. I think the bug was fixed by one of the changes of the last few days. Thanks! -- Jakson -- -- You received this message from the "vim_dev" maillist. Do not top-post! Type your reply below the text you are replying to. For more information, visit http://www.vim.org/maillist.php --- You received this message because you are subscribed to the Google Groups "vim_dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
