Hi
The following command results in internal errors
E315 using vim-8.0.124 or older:
$ vim -u NONE -c "2;')"
Error detected while processing command line:
E315: ml_get: invalid lnum: 2
E315: ml_get: invalid lnum: 2
E315: ml_get: invalid lnum: 2
E315: ml_get: invalid lnum: 2
E315: ml_get: invalid lnum: 2
E315: ml_get: invalid lnum: 2
E315: ml_get: invalid lnum: 2
E315: ml_get: invalid lnum: 2
E315: ml_get: invalid lnum: 2
E315: ml_get: invalid lnum: 2
E315: ml_get: invalid lnum: 2
E315: ml_get: invalid lnum: 2
E315: ml_get: invalid lnum: 2
E315: ml_get: invalid lnum: 2
E315: ml_get: invalid lnum: 2
E315: ml_get: invalid lnum: 2
E315: ml_get: invalid lnum: 2
E315: ml_get: invalid lnum: 3
E19: Mark has invalid line number
Press ENTER or type command to continue
E315: ml_get: invalid lnum: 2
Press ENTER or type command to continue
E315: ml_get: invalid lnum: 2
Press ENTER or type command to continue
Running with gdb:
$ cgdb --args ./vim -u NONE -c "2;')"
(gdb) br memline.c:2453
Breakpoint 1 at 0x4b013a: file memline.c, line 2453.
(gdb) run
2448│ if (recursive == 0)
2449│ {
2450│ /* Avoid giving this message for a recursive call,
may happen when
2451│ * the GUI redraws part of the text. */
2452│ ++recursive;
2453├> IEMSGN(_("E315: ml_get: invalid lnum: %ld"), lnum);
2454│ --recursive;
(gdb) bt
#0 ml_get_buf (buf=<optimized out>, lnum=2, will_change=<optimized
out>) at memline.c:2453
#1 0x00000000004b0245 in ml_get_pos (pos=0x7fffffffd070) at memline.c:2407
#2 0x00000000004ba716 in gchar_pos (pos=0x0) at misc1.c:2653
#3 0x000000000055dda9 in findsent (dir=1, count=<optimized out>) at
search.c:2683
#4 0x00000000004a769c in getmark_buf_fnum (buf=<optimized out>,
c=<optimized out>, changefile=<optimized out>, fnum=<optimized out>)
at mark
.c:387
#5 0x00000000004654a5 in get_address (eap=0x7fffffffd3d0,
ptr=0x7fffffffd3e0, addr_type=0, skip=0, to_other_file=0) at
ex_docmd.c:4467
#6 0x000000000045ddb4 in do_one_cmd (cmdlinep=<optimized out>,
sourcing=<optimized out>, cstack=<optimized out>, fgetline=<optimized
out>, c
ookie=<optimized out>) at ex_docmd.c:2177
#7 0x000000000045b244 in do_cmdline (cmdline=<optimized out>,
fgetline=0x0, cookie=0x0, flags=<optimized out>) at ex_docmd.c:1110
#8 0x00000000005cd89d in exe_commands (parmp=<optimized out>) at main.c:2901
#9 vim_main2 () at main.c:781
#10 0x00000000005cc297 in main (argc=<optimized out>, argv=<optimized
out>) at main.c:415
I'm don't really what's going on here.
Bug was found using afl-fuzz and vim compiled
with -DABORT_ON_INTERNAL_ERROR.
Regards
Dominique
--
--
You received this message from the "vim_dev" maillist.
Do not top-post! Type your reply below the text you are replying to.
For more information, visit http://www.vim.org/maillist.php
---
You received this message because you are subscribed to the Google Groups
"vim_dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
