Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 260639 - app-editors/vim-7.2.108 and app-editors/gvim-7.2.108 crash while editing
Summary: app-editors/vim-7.2.108 and app-editors/gvim-7.2.108 crash while editing
Status: RESOLVED NEEDINFO
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Current packages (show other bugs)
Hardware: x86 Linux
: High critical (vote)
Assignee: Vim Maintainers
URL:
Whiteboard:
Keywords:
Depends on:
Blocks: 269508
  Show dependency tree
 
Reported: 2009-02-28 17:19 UTC by Nico R.
Modified: 2009-07-14 15:53 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Nico R. 2009-02-28 17:19:18 UTC 
When I use vim or gvim in version 7.2.108 to edit an XML Schema document, syntax highlighting is enabled, I can reproducibly make it crash. I have to do the following steps for that:

1. insert the string “<!--FIXME: -->”,
2. move the cursor on the space after the colon,
3. use the ‘r’ command and <ENTER> to replace the space by a newline,
4. repeat steps 1 to 3 about one to four times a line further down.

Result: editor crashes.
Expected result: editor does not crash. ;-)

The problem can even be reproduced when starting the editor with a fake $HOME (so that it does not read plugins etc.) and the following minimal .vimrc:

"-----BEGIN .vimrc-----
set nocompatible
set encoding=utf-8
set background=dark
syntax on
"-----END .vimrc-----


Here is a stacktrace created by gdb while running vim:

Program received signal SIGSEGV, Segmentation fault.
0xb7e42927 in malloc_consolidate (av=0xb7f17140) at malloc.c:4903
4903                if (!nextinuse) {
(gdb) where
#0  0xb7e42927 in malloc_consolidate (av=0xb7f17140) at malloc.c:4903
#1  0xb7e449e5 in _int_malloc (av=0xb7f17140, bytes=1304) at malloc.c:4229
#2  0xb7e469e6 in *__GI___libc_malloc (bytes=1304) at malloc.c:3551
#3  0x08113d28 in lalloc (size=1304, message=1) at misc2.c:859
#4  0x08113fc9 in alloc (size=1304) at misc2.c:758
#5  0x08091fac in call_user_func (fp=0x8b0e398, argcount=0, argvars=0xbfaeb70c, rettv=0xbfaeb864, firstline=50, lastline=50, selfdict=0x0) at eval.c:21166
#6  0x08092ef3 in call_func (name=0x8b1eb20 "\200�P25_Highlight_Matching_Pair", len=<value optimized out>, rettv=0xbfaeb864, argcount=0, argvars=0xbfaeb70c, firstline=50, 
    lastline=50, doesrange=0xbfaeb870, evaluate=1, selfdict=0x0) at eval.c:8069
#7  0x080965ec in get_func_tv (name=0x8b1eb20 "\200�P25_Highlight_Matching_Pair", len=29, rettv=0xbfaeb864, arg=0xbfaeb878, firstline=50, lastline=50, doesrange=0xbfaeb870, 
    evaluate=1, selfdict=0x0) at eval.c:7916
#8  0x0809ba39 in ex_call (eap=0xbfaeb93c) at eval.c:3331
#9  0x080baad1 in do_one_cmd (cmdlinep=0xbfaebd98, sourcing=1, cstack=0xbfaeba3c, fgetline=0x80cbbd0 <getnextac>, cookie=0xbfaebe0c) at ex_docmd.c:2622
#10 0x080b8f6e in do_cmdline (cmdline=0x0, getline=0x80cbbd0 <getnextac>, cookie=0xbfaebe0c, flags=7) at ex_docmd.c:1096
#11 0x080cb679 in apply_autocmds_group (event=EVENT_CURSORMOVED, fname=0x8b28e60 "/tmp/debug-vim/test.xsd", fname_io=0x0, force=0, group=-3, buf=0x8a816f0, eap=0x0)
    at fileio.c:8853
#12 0x080ee54e in main_loop (cmdwin=0, noexmode=0) at main.c:1063
#13 0x080f0aae in main (argc=-1208942551, argv=0x19) at main.c:939


glibc, vim-core, vim, and gvim have been installed with the following compiler and linker flags:
# emerge --info | grep FLAGS
CFLAGS="-O2 -march=native -pipe -ggdb"
CXXFLAGS="-O2 -march=native -pipe -ggdb -ffor-scope -fno-nonansi-builtins -fuse-cxa-atexit"
LDFLAGS="-Wl,-O1 -Wl,--sort-common -Wl,--as-needed"


If I can further help with testing or tracking this bug, please tell me how. Thanks.
Comment 1 Jim Ramsay (lack) (RETIRED) gentoo-dev 2009-05-18 15:05:36 UTC 
I haven't been able to reproduce this bug yet.  Here's how I tried:

I started inside an empty directory, then started vim with 'vim test.xsd' (obviously this gave me an empty file since there is no such file yet), and entered the following characters, with '^]' standing in for the "escape" key and "^M" for the "enter" key.

i<!--FIXME: -->^]bhr^M
o<!--FIXME: -->^]bhr^M
o<!--FIXME: -->^]bhr^M
o<!--FIXME: -->^]bhr^M
o<!--FIXME: -->^]bhr^M
... and so on ...

No crash after about 8 iterations so far.

Here are some things to try:

- Turn off syntax highlighting.  Does the problem still occur?

- What does the following vim command return:
  set mps
  I ask this because the stacktrace you provided points at the code which highlights matching bracket pairs, but by default the <...> pairs are NOT matched in vim, unless you manually add them to mps.  That said, after adding these pairs to my own mps setting, I could still not replicate the crash.

- Can you replicate this with an empty file like I tried to do, using my exact keystrokes?  Or do you need other valid XML around this FIXME comment tag?  Please attach a file with which you can replicate the error, and send me the exact keys you press to initiate the crash.
Comment 2 Jim Ramsay (lack) (RETIRED) gentoo-dev 2009-05-18 19:29:40 UTC 
Could you also please try to replicate this in 7.2.182 which I have just added to the tree.  I didn't see any patches which looked *directly* related to this sort of crash, but best to test with the bleeding edge.

Thanks!
Comment 3 Jim Ramsay (lack) (RETIRED) gentoo-dev 2009-07-14 15:53:47 UTC 
Please provide more information on how to replicate this crash.

This may also be fixed in 7.2.182, please test there as well, and reopen if the crash persists.

Thank you!