[Bug 656175] New: reproducable vim crash (deadly signal ABRT)
![](https://seccdn.libravatar.org/avatar/3035b38ff33cf86f480bb169b8500b80.jpg?s=120&d=mm&r=g)
https://bugzilla.novell.com/show_bug.cgi?id=656175 https://bugzilla.novell.com/show_bug.cgi?id=656175#c0 Summary: reproducable vim crash (deadly signal ABRT) Classification: openSUSE Product: openSUSE 11.3 Version: Final Platform: Other OS/Version: openSUSE 11.3 Status: NEW Severity: Normal Priority: P5 - None Component: Basesystem AssignedTo: hvogel@novell.com ReportedBy: suse-beta@cboltz.de QAContact: qa@suse.de Found By: Beta-Customer Blocker: --- Created an attachment (id=402353) --> (http://bugzilla.novell.com/attachment.cgi?id=402353) common.php - open this file in vi I'm using vim with some plugins, and found a reproducable crash :-( Reproducer: 0a. copy the attached .vimrc as ~/.vimrc 0b. copy the attached phpfolding.vim to ~/vim/plugin/ 0c. copy the attached common.php anywhere 1. vi common.php 2. go to line 113 (":113") 3. press enter to un-fold the block 4. go to line 251 (":251") 5. press enter to un-fold the block 6. if 5. did not do anything, press enter once more Result: # vi common.php # with LANG=C Vim: Erhielt tödliches Signal ABRT Vim: Caught deadly signal ABRT Vim: Beendet. Vim: Finished. Abgebrochen In one case, I additionally got this message (after the "signal ABRT" line): *** glibc detected *** vi: corrupted double-linked list: 0x00000000009478b0 *** Expected result: no crash ;-) -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
![](https://seccdn.libravatar.org/avatar/3035b38ff33cf86f480bb169b8500b80.jpg?s=120&d=mm&r=g)
https://bugzilla.novell.com/show_bug.cgi?id=656175 https://bugzilla.novell.com/show_bug.cgi?id=656175#c1 --- Comment #1 from Christian Boltz <suse-beta@cboltz.de> 2010-11-27 22:19:14 CET --- Created an attachment (id=402354) --> (http://bugzilla.novell.com/attachment.cgi?id=402354) vimrc - copy to ~/ -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
![](https://seccdn.libravatar.org/avatar/3035b38ff33cf86f480bb169b8500b80.jpg?s=120&d=mm&r=g)
https://bugzilla.novell.com/show_bug.cgi?id=656175 https://bugzilla.novell.com/show_bug.cgi?id=656175#c2 --- Comment #2 from Christian Boltz <suse-beta@cboltz.de> 2010-11-27 22:20:03 CET --- Created an attachment (id=402355) --> (http://bugzilla.novell.com/attachment.cgi?id=402355) phpfolding.vim - copy this to ~/.vim/plugin/ -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
![](https://seccdn.libravatar.org/avatar/3035b38ff33cf86f480bb169b8500b80.jpg?s=120&d=mm&r=g)
https://bugzilla.novell.com/show_bug.cgi?id=656175 https://bugzilla.novell.com/show_bug.cgi?id=656175#c3 Christian Boltz <suse-beta@cboltz.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Component|Basesystem |Basesystem Version|Final |Factory AssignedTo|hvogel@novell.com |bnc-team-screening@forge.pr | |ovo.novell.com Product|openSUSE 11.3 |openSUSE 11.4 --- Comment #3 from Christian Boltz <suse-beta@cboltz.de> 2011-02-01 16:16:12 CET --- This still happens in 11.4 Factory (2011-01-26, around M6), but the error message changed to a segfault: Vim: Caught deadly signal SEGV Vim: Finished. Speicherzugriffsfehler -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
![](https://seccdn.libravatar.org/avatar/3035b38ff33cf86f480bb169b8500b80.jpg?s=120&d=mm&r=g)
https://bugzilla.novell.com/show_bug.cgi?id=656175 https://bugzilla.novell.com/show_bug.cgi?id=656175#c Christian Boltz <suse-beta@cboltz.de> changed: What |Removed |Added ---------------------------------------------------------------------------- AssignedTo|bnc-team-screening@forge.pr |hvogel@novell.com |ovo.novell.com | -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
![](https://seccdn.libravatar.org/avatar/3035b38ff33cf86f480bb169b8500b80.jpg?s=120&d=mm&r=g)
https://bugzilla.novell.com/show_bug.cgi?id=656175 https://bugzilla.novell.com/show_bug.cgi?id=656175#c4 Christian Boltz <suse-beta@cboltz.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Version|Factory |Final --- Comment #4 from Christian Boltz <suse-beta@cboltz.de> 2011-03-25 22:43:39 CET --- In 11.4 final, we are back to ABRT in the error message like on 11.3... -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
![](https://seccdn.libravatar.org/avatar/3035b38ff33cf86f480bb169b8500b80.jpg?s=120&d=mm&r=g)
https://bugzilla.novell.com/show_bug.cgi?id=656175 https://bugzilla.novell.com/show_bug.cgi?id=656175#c5 Nathan Mills <nn.dm55@gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |nn.dm55@gmail.com --- Comment #5 from Nathan Mills <nn.dm55@gmail.com> 2011-08-26 04:29:25 UTC --- I can confirm this on openSUSE 11.3. Vim crashes when opening 113 and then 251 and also when opening 251 first, then 113. Sometimes Vim crashes with SEGV and sometimes ABRT. After it crashed one time, I ran it with GDB and Vim wrote the following line: vim: malloc.c:4631: _int_malloc: Assertion `(unsigned long)(size) >= (unsigned long)(nb)' failed. Relevant frames: #0 0xffffe430 in __kernel_vsyscall () #1 0xb7de97ff in raise () from /lib/libc.so.6 #2 0xb7deb140 in abort () from /lib/libc.so.6 #3 0xb7e2c210 in __malloc_assert () from /lib/libc.so.6 #4 0xb7e2e0fd in _int_malloc () from /lib/libc.so.6 #5 0xb7e3062a in malloc () from /lib/libc.so.6 #6 0x08107a18 in ?? () The previous frame repeats 33 times, so I omitted those frames. #39 0xb7dd4c0e in __libc_start_main () from /lib/libc.so.6 #40 0x0804ab91 in ?? () Another time, using GDB shows nothing except lots of ?? from frame 1 all the way to __libc_start_main I found a way to reproduce the bug without having a ~/.vim/plugin directory: 1. Copy attached .vimrc to ~/ 2. Copy common.php and phpfolding.vim to your home directory 3. Type the following after opening vim: :source ~/phpfolding.vim :e ~/common.php 4. Press enter on line 113. 5. Press enter on line 251. When I try to disassemble any of the addresses, it gives vim --version: VIM - Vi IMproved 7.2 (2008 Aug 9, compiled Jul 5 2010 15:07:41) Included patches: 1-127, 257 Compiled by 'http://www.opensuse.org/' Huge version without GUI. Features included (+) or not (-): +arabic +autocmd -balloon_eval -browse ++builtin_terms +byte_offset +cindent -clientserver -clipboard +cmdline_compl +cmdline_hist +cmdline_info +comments +cryptv +cscope +cursorshape +dialog_con +diff +digraphs -dnd -ebcdic +emacs_tags +eval +ex_extra +extra_search +farsi +file_in_path +find_in_path +float +folding -footer +fork() +gettext -hangul_input +iconv +insert_expand +jumplist +keymap +langmap +libcall +linebreak +lispindent +listcmds +localmap +menu +mksession +modify_fname +mouse -mouseshape +mouse_dec -mouse_gpm -mouse_jsbterm +mouse_netterm -mouse_sysmouse +mouse_xterm +multi_byte +multi_lang -mzscheme -netbeans_intg -osfiletype +path_extra -perl +postscript +printer +profile -python +quickfix +reltime +rightleft -ruby +scrollbind +signs +smartindent +sniff +statusline -sun_workshop +syntax +tag_binary +tag_old_static -tag_any_white -tcl +terminfo +termresponse +textobjects +title -toolbar +user_commands +vertsplit +virtualedit +visual +visualextra +viminfo +vreplace +wildignore +wildmenu +windows +writebackup -X11 -xfontset -xim -xsmp -xterm_clipboard -xterm_save system vimrc file: "/etc/vimrc" user vimrc file: "$HOME/.vimrc" user exrc file: "$HOME/.exrc" fall-back for $VIM: "/etc" f-b for $VIMRUNTIME: "/usr/share/vim/current" Compilation: gcc -c -I. -Iproto -DHAVE_CONFIG_H -fomit-frame-pointer -fmessage-length=0 -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector -funwind-tables -fasynchronous-unwind-tables -g -Wall -pipe -fno-strict-aliasing -fstack-protector-all Linking: gcc -L/usr/local/lib -o vim -lm -lncurses -lacl (In reply to comment #0)
Created an attachment (id=402353) --> (http://bugzilla.novell.com/attachment.cgi?id=402353) [details] common.php - open this file in vi
I'm using vim with some plugins, and found a reproducable crash :-(
Reproducer: 0a. copy the attached .vimrc as ~/.vimrc 0b. copy the attached phpfolding.vim to ~/vim/plugin/ 0c. copy the attached common.php anywhere 1. vi common.php 2. go to line 113 (":113") 3. press enter to un-fold the block 4. go to line 251 (":251") 5. press enter to un-fold the block 6. if 5. did not do anything, press enter once more
Result: # vi common.php # with LANG=C Vim: Erhielt tödliches Signal ABRT Vim: Caught deadly signal ABRT Vim: Beendet. Vim: Finished. Abgebrochen
In one case, I additionally got this message (after the "signal ABRT" line): *** glibc detected *** vi: corrupted double-linked list: 0x00000000009478b0 ***
Expected result: no crash ;-)
-- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
![](https://seccdn.libravatar.org/avatar/3035b38ff33cf86f480bb169b8500b80.jpg?s=120&d=mm&r=g)
https://bugzilla.novell.com/show_bug.cgi?id=656175 https://bugzilla.novell.com/show_bug.cgi?id=656175#c6 Nathan Mills <nn.dm55@gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Resolution| |FIXED --- Comment #6 from Nathan Mills <nn.dm55@gmail.com> 2011-08-26 23:43:04 UTC --- This bug seems to have been fixed in Vim 7.3 in Mercurial. The hash of the revision is 3029:6ca6a42b3cc7. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
![](https://seccdn.libravatar.org/avatar/3035b38ff33cf86f480bb169b8500b80.jpg?s=120&d=mm&r=g)
https://bugzilla.novell.com/show_bug.cgi?id=656175 https://bugzilla.novell.com/show_bug.cgi?id=656175#c7 Christian Boltz <suse-beta@cboltz.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|CLOSED |REOPENED Resolution|FIXED | --- Comment #7 from Christian Boltz <suse-beta@cboltz.de> 2011-08-27 12:40:58 CEST --- (In reply to comment #6)
This bug seems to have been fixed in Vim 7.3 in Mercurial. The hash of the revision is 3029:6ca6a42b3cc7.
I can still reproduce this bug with the latest vim package from the "Editors" repo (= devel repo for Factory) on 11.4 :-( -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
![](https://seccdn.libravatar.org/avatar/3035b38ff33cf86f480bb169b8500b80.jpg?s=120&d=mm&r=g)
https://bugzilla.novell.com/show_bug.cgi?id=656175 https://bugzilla.novell.com/show_bug.cgi?id=656175#c8 Nathan Mills <nn.dm55@gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #402353|text/plain |text/x-php mime type| | --- Comment #8 from Nathan Mills <nn.dm55@gmail.com> 2011-08-27 15:36:59 UTC --- (From update of attachment 402353) Changed mime type of common.php. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
![](https://seccdn.libravatar.org/avatar/3035b38ff33cf86f480bb169b8500b80.jpg?s=120&d=mm&r=g)
https://bugzilla.novell.com/show_bug.cgi?id=656175 https://bugzilla.novell.com/show_bug.cgi?id=656175#c9 --- Comment #9 from Nathan Mills <nn.dm55@gmail.com> 2011-08-27 16:53:09 UTC --- I just tested Vim version 7.3.266 from 11.4 Factory, and it crashes. For some reason I can't make Vim 7.3.287 from Mercurial crash. (In reply to comment #7)
(In reply to comment #6)
This bug seems to have been fixed in Vim 7.3 in Mercurial. The hash of the revision is 3029:6ca6a42b3cc7.
I can still reproduce this bug with the latest vim package from the "Editors" repo (= devel repo for Factory) on 11.4 :-(
-- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
![](https://seccdn.libravatar.org/avatar/3035b38ff33cf86f480bb169b8500b80.jpg?s=120&d=mm&r=g)
https://bugzilla.novell.com/show_bug.cgi?id=656175 https://bugzilla.novell.com/show_bug.cgi?id=656175#c10 Nathan Mills <nn.dm55@gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Severity|Normal |Critical --- Comment #10 from Nathan Mills <nn.dm55@gmail.com> 2011-08-27 16:59:57 UTC --- Since this is crashing, I'm setting importance to Critical. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
![](https://seccdn.libravatar.org/avatar/3035b38ff33cf86f480bb169b8500b80.jpg?s=120&d=mm&r=g)
https://bugzilla.novell.com/show_bug.cgi?id=656175 https://bugzilla.novell.com/show_bug.cgi?id=656175#c11 --- Comment #11 from Nathan Mills <nn.dm55@gmail.com> 2011-08-27 17:11:28 UTC --- I have reproduced the crash on both a 32-bit machine and a 64-bit machine both running openSUSE 11.3. As for lack of crashing, the Mercurial version refused to crash on both machines. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
![](https://seccdn.libravatar.org/avatar/3035b38ff33cf86f480bb169b8500b80.jpg?s=120&d=mm&r=g)
https://bugzilla.novell.com/show_bug.cgi?id=656175 https://bugzilla.novell.com/show_bug.cgi?id=656175#c12 Christian Boltz <suse-beta@cboltz.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|REOPENED |RESOLVED Resolution| |FIXED --- Comment #12 from Christian Boltz <suse-beta@cboltz.de> 2011-09-18 22:36:45 CEST --- I can't reproduce this crash anymore after updating to the latest vim from the "editors" repo. Latest .changes entry: * Mi Aug 31 2011 idonmez@suse.com - Update to official patchlevel 289 * python3 fixes * Fix: Crash when using "zd" on a large number of folds. [...] -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
participants (1)
-
bugzilla_noreply@novell.com