https://bugzilla.novell.com/show_bug.cgi?id=656175 https://bugzilla.novell.com/show_bug.cgi?id=656175#c5 Nathan Mills <nn.dm55@gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |nn.dm55@gmail.com --- Comment #5 from Nathan Mills <nn.dm55@gmail.com> 2011-08-26 04:29:25 UTC --- I can confirm this on openSUSE 11.3. Vim crashes when opening 113 and then 251 and also when opening 251 first, then 113. Sometimes Vim crashes with SEGV and sometimes ABRT. After it crashed one time, I ran it with GDB and Vim wrote the following line: vim: malloc.c:4631: _int_malloc: Assertion `(unsigned long)(size) >= (unsigned long)(nb)' failed. Relevant frames: #0 0xffffe430 in __kernel_vsyscall () #1 0xb7de97ff in raise () from /lib/libc.so.6 #2 0xb7deb140 in abort () from /lib/libc.so.6 #3 0xb7e2c210 in __malloc_assert () from /lib/libc.so.6 #4 0xb7e2e0fd in _int_malloc () from /lib/libc.so.6 #5 0xb7e3062a in malloc () from /lib/libc.so.6 #6 0x08107a18 in ?? () The previous frame repeats 33 times, so I omitted those frames. #39 0xb7dd4c0e in __libc_start_main () from /lib/libc.so.6 #40 0x0804ab91 in ?? () Another time, using GDB shows nothing except lots of ?? from frame 1 all the way to __libc_start_main I found a way to reproduce the bug without having a ~/.vim/plugin directory: 1. Copy attached .vimrc to ~/ 2. Copy common.php and phpfolding.vim to your home directory 3. Type the following after opening vim: :source ~/phpfolding.vim :e ~/common.php 4. Press enter on line 113. 5. Press enter on line 251. When I try to disassemble any of the addresses, it gives vim --version: VIM - Vi IMproved 7.2 (2008 Aug 9, compiled Jul 5 2010 15:07:41) Included patches: 1-127, 257 Compiled by 'http://www.opensuse.org/' Huge version without GUI. Features included (+) or not (-): +arabic +autocmd -balloon_eval -browse ++builtin_terms +byte_offset +cindent -clientserver -clipboard +cmdline_compl +cmdline_hist +cmdline_info +comments +cryptv +cscope +cursorshape +dialog_con +diff +digraphs -dnd -ebcdic +emacs_tags +eval +ex_extra +extra_search +farsi +file_in_path +find_in_path +float +folding -footer +fork() +gettext -hangul_input +iconv +insert_expand +jumplist +keymap +langmap +libcall +linebreak +lispindent +listcmds +localmap +menu +mksession +modify_fname +mouse -mouseshape +mouse_dec -mouse_gpm -mouse_jsbterm +mouse_netterm -mouse_sysmouse +mouse_xterm +multi_byte +multi_lang -mzscheme -netbeans_intg -osfiletype +path_extra -perl +postscript +printer +profile -python +quickfix +reltime +rightleft -ruby +scrollbind +signs +smartindent +sniff +statusline -sun_workshop +syntax +tag_binary +tag_old_static -tag_any_white -tcl +terminfo +termresponse +textobjects +title -toolbar +user_commands +vertsplit +virtualedit +visual +visualextra +viminfo +vreplace +wildignore +wildmenu +windows +writebackup -X11 -xfontset -xim -xsmp -xterm_clipboard -xterm_save system vimrc file: "/etc/vimrc" user vimrc file: "$HOME/.vimrc" user exrc file: "$HOME/.exrc" fall-back for $VIM: "/etc" f-b for $VIMRUNTIME: "/usr/share/vim/current" Compilation: gcc -c -I. -Iproto -DHAVE_CONFIG_H -fomit-frame-pointer -fmessage-length=0 -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector -funwind-tables -fasynchronous-unwind-tables -g -Wall -pipe -fno-strict-aliasing -fstack-protector-all Linking: gcc -L/usr/local/lib -o vim -lm -lncurses -lacl (In reply to comment #0)
Created an attachment (id=402353) --> (http://bugzilla.novell.com/attachment.cgi?id=402353) [details] common.php - open this file in vi
I'm using vim with some plugins, and found a reproducable crash :-(
Reproducer: 0a. copy the attached .vimrc as ~/.vimrc 0b. copy the attached phpfolding.vim to ~/vim/plugin/ 0c. copy the attached common.php anywhere 1. vi common.php 2. go to line 113 (":113") 3. press enter to un-fold the block 4. go to line 251 (":251") 5. press enter to un-fold the block 6. if 5. did not do anything, press enter once more
Result: # vi common.php # with LANG=C Vim: Erhielt tödliches Signal ABRT Vim: Caught deadly signal ABRT Vim: Beendet. Vim: Finished. Abgebrochen
In one case, I additionally got this message (after the "signal ABRT" line): *** glibc detected *** vi: corrupted double-linked list: 0x00000000009478b0 ***
Expected result: no crash ;-)
-- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.