Dominique Pellé wrote: > Hi > > Here is one more bug found by afl-fuzz in vim-7.4.2330 > an older: > > $ cat bug.vim > new > call append(0, [" a", "b"]) > norm kVdggViw > bw! > %d > > $ valgrind --num-callers=20 vim -u NONE -S bug.vim -c q 2> log > > $ cat log > ==7787== Memcheck, a memory error detector > ==7787== Copyright (C) 2002-2015, and GNU GPL'd, by Julian Seward et al. > ==7787== Using Valgrind-3.12.0.SVN and LibVEX; rerun with -h for copyright > info > ==7787== Command: vim -u NONE -S bug.vim -c q > ==7787== > ==7787== Invalid read of size 1 > ==7787== at 0x4D881C: do_pending_operator (normal.c:1700) > ==7787== by 0x4E39F8: clip_get_selection (ops.c:6428) > ==7787== by 0x59F800: clip_copy_selection (ui.c:544) > ==7787== by 0x59F7A3: clip_auto_select (ui.c:614) > ==7787== by 0x4D7E06: end_visual_mode (normal.c:3281) > ==7787== by 0x465A6E: ex_operators (ex_docmd.c:9243) > ==7787== by 0x45EC77: do_one_cmd (ex_docmd.c:2962) > ==7787== by 0x45A9F2: do_cmdline (ex_docmd.c:1110) > ==7787== by 0x458ADC: do_source (ex_cmds2.c:4097) > ==7787== by 0x4582D3: cmd_source (ex_cmds2.c:3710) > ==7787== by 0x45EC77: do_one_cmd (ex_docmd.c:2962) > ==7787== by 0x45A9F2: do_cmdline (ex_docmd.c:1110) > ==7787== by 0x5CEEEC: exe_commands (main.c:2896) > ==7787== by 0x5CEEEC: vim_main2 (main.c:781) > ==7787== by 0x5CD91C: main (main.c:415) > ==7787== Address 0x76b0b80 is 0 bytes after a block of size 4,096 alloc'd > ==7787== at 0x4C2ABF5: malloc (vg_replace_malloc.c:299) > ==7787== by 0x4C81D7: lalloc (misc2.c:942) > ==7787== by 0x5D127E: mf_alloc_bhdr (memfile.c:907) > ==7787== by 0x5D127E: mf_new (memfile.c:381) > ==7787== by 0x4AC6F1: ml_new_data (memline.c:3513) > ==7787== by 0x4AC6F1: ml_open (memline.c:400) > ==7787== by 0x406373: open_buffer (buffer.c:160) > ==7787== by 0x5CEA44: create_windows (main.c:2668) > ==7787== by 0x5CEA44: vim_main2 (main.c:704) > ==7787== by 0x5CD91C: main (main.c:415) > > Regards > Dominique
Patch 7.4.2347 fixed this bug. Good. Bug was still happening up to patch 7.4.2346. Thanks! Dominique -- -- You received this message from the "vim_dev" maillist. Do not top-post! Type your reply below the text you are replying to. For more information, visit http://www.vim.org/maillist.php --- You received this message because you are subscribed to the Google Groups "vim_dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
