jeromejj / vim

Automatically exported from code.google.com/p/vim
0 stars 0 forks source link

Vim-7.3.782 crashed (core dump) #106

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago
Vim-7.3.782 (huge, gtk2) crashed (core dump) on Linux-x86_64. I think I 
was using the netrw plugin when it crashes, but I can't remember exactly 
what I did. 

(gdb) bt 
#0  0x00007f2b0191e707 in kill () at ../sysdeps/unix/syscall-template.S:82 
#1  0x0000000000527555 in may_core_dump () at os_unix.c:3166 
#2  0x00000000005274f4 in mch_exit (r=1) at os_unix.c:3132 
#3  0x00000000005dd6de in getout (exitval=1) at main.c:1481 
#4  0x00000000004e2f6d in preserve_exit () at misc1.c:9138 
#5  0x000000000052530c in deathtrap (sigarg=11) at os_unix.c:1097 
#6  <signal handler called> 
#7  0x00000000005048b4 in nv_gomark (cap=0x7fffb59fe8e0) at normal.c:7555 
#8  0x00000000004f949b in normal_cmd (oap=0x7fffb59fe9c0, toplevel=1) at 
normal.c:1198 
#9  0x00000000005dd3cd in main_loop (cmdwin=0, noexmode=0) at main.c:1306 
#10 0x00000000005dcd97 in main (argc=1, argv=0x7fffb59fece8) at main.c:1010 

(gdb) up 
#7  0x00000000005048b4 in nv_gomark (cap=0x7fffb59fe8e0) at normal.c:7555 
(gdb) list 
7550        if (!virtual_active()) 
7551            curwin->w_cursor.coladd = 0; 
7552    #endif 
7553    #ifdef FEAT_FOLDING 
7554        if (cap->oap->op_type == OP_NOP 
7555                && (pos == (pos_T *)-1 || !equalpos(old_cursor, *pos)) 
7556                && (fdo_flags & FDO_MARK) 
7557                && old_KeyTyped) 
7558            foldOpenCursor(); 
7559    #endif 

(gdb) p pos 
$2 = (pos_T *) 0x0 

It crashed at line normal.c:7555 when dereferencing pos which is NULL. 

"hg annotate normal.c" shows that line normal.c:7555 was changed 
in revision 4017 (i.e v7-3-763): 

vimboss    7: #ifdef FEAT_FOLDING 
vimboss    7:     if (cap->oap->op_type == OP_NOP 
   bram 4017:       && (pos == (pos_T *)-1 || !equalpos(old_cursor, *pos)) 
vimboss    7:       && (fdo_flags & FDO_MARK) 
vimboss    7:       && old_KeyTyped) 
vimboss    7:   foldOpenCursor(); 
vimboss    7: #endif 

The line normal.c:7555 was changed in this recent patch: 

============================================================ 
changeset:   4017:b6148e4a9c39 
tag:         v7-3-763 
user:        Bram Moolenaar <bram@vim.org> 
date:        Thu Jan 17 13:24:08 2013 +0100 
files:       src/normal.c src/version.c 
description: 
updated for version 7.3.763 
Problem:    Jumping to a mark does not open a fold if it is in the same line. 
            (Wiktor Ruben) 
Solution:   Also compare the column after the jump. (Christian Brabandt) 
============================================================ 

I can see that line normal.c:7535 in the same function is checking 
whether 'pos' is NULL a few lines above at normal.c:7535, but not
at line normal.c:7555, so that looks wrong.

I don't know yet how to reproduce the bug unfortunately.

What version of the product are you using? On what operating system?

Vim-7.3.782 (huge, gtk2), Linux x86_64.

Original issue reported on code.google.com by dominiqu...@gmail.com on 24 Jan 2013 at 5:14

GoogleCodeExporter commented 9 years ago
Fixed by patch 7.3.783

Original comment by brammool...@gmail.com on 24 Jan 2013 at 8:25