John Beckett wrote:
> Mike Williams:
> > I'll look some more into it to make the defaults on Windows
> > more sensible and if the code can be simplified.
>
> Thanks all for the interesting progress. I'm trying to set up a test
> system where I might be able to join in but it's a long time since I
> worked in C. I don't know anything about the HAVE_xxx settings, but it
> appears there is a condition where Vim's data can be corrupted and
> that condition is being exposed by the particular tests being run.
> However, the problem is potentially more general, and conceivably
> corruptions could occur in other circumstances.
>
> Have you reached a conclusion about whether the problem is related to
> a compiler optimisation bug? My guess would be that it is not since I
> don't think Steve Hall uses Visual Studio to build the
> Vim-without-Cream that I mentioned, and it also shows the corruption.
>
> There has to be a clue in the fact that I have only ever seen
> corrupted text after executing :sort. Presumably Vim makes an array of
> pointers and sorts them. That array is being clobbered, or Vim's
> pointer to the array is being overwritten. Are any unchecked memory
> allocations done in Vim's sort?
I can think of one reason for the corruption: When inserting the lines
in the sorted order, the pointer from ml_get() is passed to ml_append.
If the line is far away from where it came from, the pointer may become
invalid. Copying the line into sortbuf1 would avoid that. That's
already done when "unique" is true, but only afterwards.
It would be good to first be able to reproduce the problem, otherwise
we don't know if this change will actually fix the it.
--- ../../b/src/ex_cmds.c 2015-11-10 21:05:45.309028557 +0100
+++ ex_cmds.c 2015-12-17 13:00:53.896995875 +0100
@@ -540,10 +540,11 @@
if (!unique || i == 0
|| (sort_ic ? STRICMP(s, sortbuf1) : STRCMP(s, sortbuf1)) != 0)
{
- if (ml_append(lnum++, s, (colnr_T)0, FALSE) == FAIL)
+ /* Copy the line into a buffer, it may become invalid in
+ * ml_append(). And it's needed for "unique". */
+ STRCPY(sortbuf1, s);
+ if (ml_append(lnum++, sortbuf1, (colnr_T)0, FALSE) == FAIL)
break;
- if (unique)
- STRCPY(sortbuf1, s);
}
fast_breakcheck();
if (got_int)
--
This is an airconditioned room, do not open Windows.
/// Bram Moolenaar -- [email protected] -- http://www.Moolenaar.net \\\
/// sponsor Vim, vote for features -- http://www.Vim.org/sponsor/ \\\
\\\ an exciting new programming language -- http://www.Zimbu.org ///
\\\ help me help AIDS victims -- http://ICCF-Holland.org ///
--
--
You received this message from the "vim_dev" maillist.
Do not top-post! Type your reply below the text you are replying to.
For more information, visit http://www.vim.org/maillist.php
---
You received this message because you are subscribed to the Google Groups
"vim_dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
