Dominique Pellé wrote:
> The attached script causes vim-7.4.2305 to crash:
>
> $ cat crash.vim
> new
> tabedit
> tabfirst
> au BufUnload <buffer> tabnext
> q
>
> $ vim -u NONE -S crash.vim
> Vim: Caught deadly signal SEGV
> Vim: Finished.
> Segmentation fault (core dumped)
>
> 3518│ int
> 3519│ bufIsChanged(buf_T *buf)
> 3520│ {
> 3521│ return
> 3522│ #ifdef FEAT_QUICKFIX
> 3523│ !bt_dontwrite(buf) &&
> 3524│ #endif
> 3525├> (buf->b_changed || file_ff_differs(buf, TRUE));
> 3526│ }
>
> Program received signal SIGSEGV, Segmentation fault.
> 0x00000000005eee37 in bufIsChanged (buf=0x0) at undo.c:3525
> (gdb) bt
> #0 0x00000000005eee37 in bufIsChanged (buf=0x0) at undo.c:3525
> #1 0x000000000058cd9b in draw_tabline () at screen.c:10407
> #2 0x0000000000579548 in update_screen (type=40) at screen.c:638
> #3 0x00000000006416dd in main_loop (cmdwin=0, noexmode=0) at main.c:1211
> #4 0x00000000006410b7 in vim_main2 () at main.c:877
> #5 0x00000000006407ed in main (argc=5, argv=0x7fffffffd7d8) at main.c:415
>
> (gdb) p buf
> $1 = (buf_T *) 0x0
>
> It's a regression since vim-7.4.712 that comes with Ubuntu-15.10
> does not crash. git bisect found that the bug was introduced in:
>
> ==
> e59215c7dcae17b03daf39517560cfaa03314f5a is the first bad commit
> commit e59215c7dcae17b03daf39517560cfaa03314f5a
> Author: Bram Moolenaar <[email protected]>
> Date: Sun Aug 14 19:08:45 2016 +0200
>
> patch 7.4.2212
> Problem: Mark " is not set when closing a window in another tab.
> (Guraga)
> Solution: Check all tabs for the window to be valid. (based on patch by
> Hirohito Higashi, closes #974)
> ==
>
> Crash was found by fuzzing with American fuzzy lop.
Easy to reproduce, thanks.
--
hundred-and-one symptoms of being an internet addict:
135. You cut classes or miss work so you can stay home and browse the web.
/// Bram Moolenaar -- [email protected] -- http://www.Moolenaar.net \\\
/// sponsor Vim, vote for features -- http://www.Vim.org/sponsor/ \\\
\\\ an exciting new programming language -- http://www.Zimbu.org ///
\\\ help me help AIDS victims -- http://ICCF-Holland.org ///
--
--
You received this message from the "vim_dev" maillist.
Do not top-post! Type your reply below the text you are replying to.
For more information, visit http://www.vim.org/maillist.php
---
You received this message because you are subscribed to the Google Groups
"vim_dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
