Dominique Pelle wrote:
> On Fri, Aug 22, 2008 at 3:32 AM, Matt Wozniski wrote:
>
> > Not sure what's going on here, but I've found a crash that's easy to
> > reproduce. First, open two X11 enabled vim (not gvim) processes. In
> > the first, do:
> > :let @+ = repeat('a', 1024*1024)
> > in order to store 1MB of data to the clipboard. The exact amount is
> > irrelevant, but the larger the size, the more often it will lead to a
> > segfault.
> >
> > Then, in the second vim instance, repeatedly do ":reg +" and see what
> > gets displayed. Depending upon the amount of data that you put on the
> > clipboard, as well as upon some other factor I'm not seeing, this will
> > either a) show a bunch of a's in register +, b) not show any
> > registers, as though register + didn't exist, or c) cause the vim in
> > which you copied to segfault, and the vim in which you're trying to
> > display the register to enter a tight loop wasting a lot of CPU and
> > only dying for kill -9. Just try the command 5 or so times and you
> > should see a segfault - as well as the missing-register behavior. If
> > you don't get the segfault at all, try upping the amount of data
> > stored to the clipboard. If you get the segfault, but not the
> > missing-register behavior, try lowering the amount of data stored to
> > the clipboard. And if you can't reproduce either, that might help to
> > pin down what exactly causes this.
> >
> > I can reproduce this on both a vim linked with the GTK2-Gnome gui, and
> > one linked with the X11-Motif gui, so it doesn't seem to be something
> > gnome-specific, either. This is vim 7.2.
> >
> > Let me know if we need more details.
> >
> > ~Matt
>
>
> It does not seem easy to debug. I think there might
> be 2 distinct issues.
>
> 1/ The first thing I notice and which seems to be 100% reproducible
> on my machine):
>
> In #1 instance of vim: :let @+ = repeat('a', 262033)
> In #2 instance of vim: :reg+ (works fine all the time)
>
> In #1 instance of vim: :let @+ = repeat('b', 262034)
> In #2 instance of vim: :reg+ (fails all the time, it shows empty
> content)
>
> clip_x11_request_selection_cb() fails in #2 instance of vim
> because parameter value is NULL and parameter *length is null.
>
> Somehow it happens when number of characters in clipboard
> is >= 262034 (close to 256K).
>
> I change the letter ('a' -> 'b') in the clipboard every time to make
> sure ":reg +" does not show an old value of the clipboard (which
> I have observed sometimes, see below)
>
>
> 2/ The second thing I notice, if I put far more characters in the
> clipboard (say 1000000) then if fails differently:
>
> In #1 instance of vim: :let @+ = repeat('c', 1000*1000)
> In #2 instance of vim: :reg+ (fails, it shows some incorrect
> content, something which I happened copy earlier "33333...."?!)
>
> So with such a big clipboard content, it fails differently:
> In instance #2 of vim, function clip_x11_request_selection()
> retries 5 times until it falls back to calling clip_yank_selection(),
> but somehow that does not work either.
>
> If both instances are gvim rather than vim, then I do not see
> any problem.
>
> I have not been able to come up with a fix yet.
I have a fix, but I'm not sure if this fixes all the problems:
*** ../vim-7.2.014/src/ui.c Sun Sep 7 21:47:51 2008
--- src/ui.c Wed Sep 10 18:05:37 2008
***************
*** 2076,2082 ****
text_prop.value = (unsigned char *)value;
text_prop.encoding = *type;
text_prop.format = *format;
! text_prop.nitems = STRLEN(value);
status = XmbTextPropertyToTextList(X_DISPLAY, &text_prop,
&text_list, &n_text);
if (status != Success || n_text < 1)
--- 2076,2082 ----
text_prop.value = (unsigned char *)value;
text_prop.encoding = *type;
text_prop.format = *format;
! text_prop.nitems = len;
status = XmbTextPropertyToTextList(X_DISPLAY, &text_prop,
&text_list, &n_text);
if (status != Success || n_text < 1)
Please give this a try in your environment. This should fix the problem
with reading beyond allocated memory. For me it does not appear to fix
the problem with pasting lots of 'b' characters. For me the limit is
262041. So there appears to be a maximum size for the clipboard.
--
George: "I just got a new set of golf clubs for my wife!"
John: "Great trade!"
/// Bram Moolenaar -- [EMAIL PROTECTED] -- http://www.Moolenaar.net \\\
/// sponsor Vim, vote for features -- http://www.Vim.org/sponsor/ \\\
\\\ download, build and distribute -- http://www.A-A-P.org ///
\\\ help me help AIDS victims -- http://ICCF-Holland.org ///
--~--~---------~--~----~------------~-------~--~----~
You received this message from the "vim_dev" maillist.
For more information, visit http://www.vim.org/maillist.php
-~----------~----~----~----~------~----~------~--~---
