Hi Vim-7.4.1841 (and older) built with ubsan (undefined sanitizer) on x86 shows a multiplication overflow when clicking in the vim terminal for the first time:
term.c:5039:37: runtime error: signed integer overflow: 1464114431 * 1000 cannot be represented in type 'long int' Steps to reproduce: 1) build vim with ubsan. It can be done by uncommenting this line in vim/src/Makefile SANITIZER_CFLAGS = -g -O0 -fsanitize=undefined -fno-omit-frame-pointer 2) start vim with: $ vim -u NONE --noplugin -c 'set mouse=a' 2> log 3) left-click in the terminal with the mouse 4) observe the error in 'log' file. It happens only on the first click. It also only happens on 32-bits Linux x86 and not on x86_64. Code at term.c:5039: 5030 /* 5031 * Compute the time elapsed since the previous mouse click. 5032 */ 5033 gettimeofday(&mouse_time, NULL); 5034 timediff = (mouse_time.tv_usec 5035 - orig_mouse_time.tv_usec) / 1000; 5036 if (timediff < 0) 5037 --orig_mouse_time.tv_sec; 5038 timediff += (mouse_time.tv_sec !!5039 - orig_mouse_time.tv_sec) * 1000; Adding printf, I can see that: * mouse_time.tv_sec is 1464115088 (this value changes slightly every time I reproduce the bug, as it depends on time) * orig_mouse_time.tv_sec is 0 So the multiplication by 1000 at line 5039 overflows in 32-bits on x86. Overflow does not happen on x86_64 as tv_sec is then a 64-bits number. Attached patch fixes it. Regards Dominique -- -- You received this message from the "vim_dev" maillist. Do not top-post! Type your reply below the text you are replying to. For more information, visit http://www.vim.org/maillist.php --- You received this message because you are subscribed to the Google Groups "vim_dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
