Mailinglist Archive: opensuse-bugs (4068 mails)

< Previous Next >
[Bug 656175] reproducable vim crash (deadly signal ABRT)

https://bugzilla.novell.com/show_bug.cgi?id=656175

https://bugzilla.novell.com/show_bug.cgi?id=656175#c5


Nathan Mills <nn.dm55@xxxxxxxxx> changed:

What |Removed |Added
----------------------------------------------------------------------------
CC| |nn.dm55@xxxxxxxxx

--- Comment #5 from Nathan Mills <nn.dm55@xxxxxxxxx> 2011-08-26 04:29:25 UTC ---
I can confirm this on openSUSE 11.3.
Vim crashes when opening 113 and then 251 and also when opening 251 first, then
113. Sometimes Vim crashes with SEGV and sometimes ABRT.

After it crashed one time, I ran it with GDB and Vim wrote the following line:
vim: malloc.c:4631: _int_malloc: Assertion `(unsigned long)(size) >= (unsigned
long)(nb)' failed.
Relevant frames:
#0 0xffffe430 in __kernel_vsyscall ()
#1 0xb7de97ff in raise () from /lib/libc.so.6
#2 0xb7deb140 in abort () from /lib/libc.so.6
#3 0xb7e2c210 in __malloc_assert () from /lib/libc.so.6
#4 0xb7e2e0fd in _int_malloc () from /lib/libc.so.6
#5 0xb7e3062a in malloc () from /lib/libc.so.6
#6 0x08107a18 in ?? ()
The previous frame repeats 33 times, so I omitted those frames.
#39 0xb7dd4c0e in __libc_start_main () from /lib/libc.so.6
#40 0x0804ab91 in ?? ()

Another time, using GDB shows nothing except lots of ?? from frame 1 all the
way to __libc_start_main

I found a way to reproduce the bug without having a ~/.vim/plugin directory:
1. Copy attached .vimrc to ~/
2. Copy common.php and phpfolding.vim to your home directory
3. Type the following after opening vim:
:source ~/phpfolding.vim
:e ~/common.php
4. Press enter on line 113.
5. Press enter on line 251.

When I try to disassemble any of the addresses, it gives
vim --version:

VIM - Vi IMproved 7.2 (2008 Aug 9, compiled Jul 5 2010 15:07:41)
Included patches: 1-127, 257
Compiled by 'http://www.opensuse.org/'
Huge version without GUI. Features included (+) or not (-):
+arabic +autocmd -balloon_eval -browse ++builtin_terms +byte_offset +cindent
-clientserver -clipboard +cmdline_compl +cmdline_hist +cmdline_info +comments
+cryptv +cscope +cursorshape +dialog_con +diff +digraphs -dnd -ebcdic
+emacs_tags +eval +ex_extra +extra_search +farsi +file_in_path +find_in_path
+float +folding -footer +fork() +gettext -hangul_input +iconv +insert_expand
+jumplist +keymap +langmap +libcall +linebreak +lispindent +listcmds +localmap
+menu +mksession +modify_fname +mouse -mouseshape +mouse_dec -mouse_gpm
-mouse_jsbterm +mouse_netterm -mouse_sysmouse +mouse_xterm +multi_byte
+multi_lang -mzscheme -netbeans_intg -osfiletype +path_extra -perl +postscript
+printer +profile -python +quickfix +reltime +rightleft -ruby +scrollbind
+signs +smartindent +sniff +statusline -sun_workshop +syntax +tag_binary
+tag_old_static -tag_any_white -tcl +terminfo +termresponse +textobjects +title
-toolbar +user_commands +vertsplit +virtualedit +visual +visualextra +viminfo
+vreplace +wildignore +wildmenu +windows +writebackup -X11 -xfontset -xim -xsmp
-xterm_clipboard -xterm_save
system vimrc file: "/etc/vimrc"
user vimrc file: "$HOME/.vimrc"
user exrc file: "$HOME/.exrc"
fall-back for $VIM: "/etc"
f-b for $VIMRUNTIME: "/usr/share/vim/current"
Compilation: gcc -c -I. -Iproto -DHAVE_CONFIG_H -fomit-frame-pointer
-fmessage-length=0 -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector
-funwind-tables -fasynchronous-unwind-tables -g -Wall -pipe
-fno-strict-aliasing -fstack-protector-all
Linking: gcc -L/usr/local/lib -o vim -lm -lncurses -lacl

(In reply to comment #0)
Created an attachment (id=402353)
--> (http://bugzilla.novell.com/attachment.cgi?id=402353) [details]
common.php - open this file in vi

I'm using vim with some plugins, and found a reproducable crash :-(

Reproducer:
0a. copy the attached .vimrc as ~/.vimrc
0b. copy the attached phpfolding.vim to ~/vim/plugin/
0c. copy the attached common.php anywhere
1. vi common.php
2. go to line 113 (":113")
3. press enter to un-fold the block
4. go to line 251 (":251")
5. press enter to un-fold the block
6. if 5. did not do anything, press enter once more

Result:
# vi common.php # with LANG=C
Vim: Erhielt tödliches Signal ABRT Vim: Caught deadly signal ABRT
Vim: Beendet. Vim: Finished.
Abgebrochen

In one case, I additionally got this message (after the "signal ABRT" line):
*** glibc detected *** vi: corrupted double-linked list: 0x00000000009478b0
***

Expected result:
no crash ;-)

--
Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
< Previous Next >