Ike Devolder wrote:
>> i attach a minimum configuration + testfile where i have consistent
>> segfaults on.
>>
>> within the archive you can find index.php, it has a syntax error, the
>> following steps lead to segfault:
>>
>> vim index.php
>> - :w (with the syntax error, syntastic kicks in)
>> - goto end of phpinfo() and add ; :w (error is gone)
>> - undo u
>> - :w -> segfault
>>
>> uname -a:
>> Linux 3.6.7 #1 SMP PREEMPT Sun Nov 18 09:53:58 CET 2012 x86_64 GNU/Linux
>> distribution Arch Linux
>>
>> configure:
>> ./configure --prefix=/usr --localstatedir=/var/lib/vim \
>> --mandir=/usr/share/man --with-compiledby=BlackEagle \
>> --with-features=huge --enable-gpm --enable-acl --with-x=no \
>> --disable-gui --enable-multibyte --enable-cscope \
>> --disable-netbeans --enable-perlinterp=dynamic \
>> --enable-pythoninterp=dynamic --enable-python3interp=dynamic \
>> --enable-rubyinterp=dynamic --enable-luainterp=dynamic
>>
>> now tested with version 7.3.725, first noticed with 7.3.718 and then
>> detected that the problem went away when going back to 7.3.714
>>
>> to be able to build ruby dynamic on my machine i also needed the patch
>> of Ken Takata in the 7.3.721 thread:
>> https://groups.google.com/forum/?fromgroups=#!topic/vim_dev/-pxkvVyWZdo
>>
>> thx for looking into this
>
> ok i forgot on pre-requisite: you must have php installed so the syntastic
> plugin can run php -l to get the syntax error showing.
>
> --Ike
Hi Ike
I can reproduce the crash using your description with
Vim-7.3.725 on Linux x86_64.
Valgrind gives the following error:
==6815== Invalid read of size 4
==6815== at 0x58ED64: ex_make (quickfix.c:2869)
==6815== by 0x4888F1: do_cmdline (ex_docmd.c:2677)
==6815== by 0x4468BF: call_func (eval.c:22540)
==6815== by 0x449722: get_func_tv (eval.c:8322)
==6815== by 0x46A24E: eval7 (eval.c:5158)
==6815== by 0x468F27: eval6 (eval.c:4810)
==6815== by 0x468A77: eval5 (eval.c:4626)
==6815== by 0x4682D0: eval4 (eval.c:4319)
==6815== by 0x468166: eval3 (eval.c:4231)
==6815== by 0x444AD4: eval1 (eval.c:4160)
==6815== by 0x4445D8: eval0 (eval.c:4042)
==6815== by 0x44769D: ex_let (eval.c:1897)
==6815== by 0x4888F1: do_cmdline (ex_docmd.c:2677)
==6815== by 0x4468BF: call_func (eval.c:22540)
==6815== by 0x449722: get_func_tv (eval.c:8322)
==6815== by 0x46A24E: eval7 (eval.c:5158)
==6815== by 0x468F27: eval6 (eval.c:4810)
==6815== by 0x468A77: eval5 (eval.c:4626)
==6815== by 0x4682D0: eval4 (eval.c:4319)
==6815== by 0x468166: eval3 (eval.c:4231)
==6815== by 0x444AD4: eval1 (eval.c:4160)
==6815== by 0x4445D8: eval0 (eval.c:4042)
==6815== by 0x44769D: ex_let (eval.c:1897)
==6815== by 0x4888F1: do_cmdline (ex_docmd.c:2677)
==6815== by 0x4468BF: call_func (eval.c:22540)
==6815== by 0x449722: get_func_tv (eval.c:8322)
==6815== by 0x448AFD: ex_call (eval.c:3465)
==6815== by 0x4888F1: do_cmdline (ex_docmd.c:2677)
==6815== by 0x4468BF: call_func (eval.c:22540)
==6815== by 0x449722: get_func_tv (eval.c:8322)
==6815== by 0x448AFD: ex_call (eval.c:3465)
==6815== by 0x4888F1: do_cmdline (ex_docmd.c:2677)
==6815== by 0x4BFFE4: apply_autocmds_group (fileio.c:9435)
==6815== by 0x4BAF27: buf_write (fileio.c:9049)
==6815== by 0x47355D: do_write (ex_cmds.c:2692)
==6815== by 0x4888F1: do_cmdline (ex_docmd.c:2677)
==6815== by 0x54D9DA: nv_colon (normal.c:5417)
==6815== by 0x543C95: normal_cmd (normal.c:1198)
==6815== by 0x685ADE: main_loop (main.c:1294)
==6815== by 0x6854EA: main (main.c:998)
==6815== Address 0x8 is not stack'd, malloc'd or (recently) free'd
quickfix.c:
2861 if (wp != NULL)
2862 qi = GET_LOC_LIST(wp);
2863 #ifdef FEAT_AUTOCMD
2864 if (au_name != NULL)
2865 {
2866 apply_autocmds(EVENT_QUICKFIXCMDPOST, au_name,
2867 curbuf->b_fname,
TRUE, curbuf);
2868 if (qi->qf_curlist < qi->qf_listcount)
2869 res = qi->qf_lists[qi->qf_curlist].qf_count;
2870 else
2871 res = 0;
2872 }
Printing a few pointers just before line quickfix.c:2868, I get this:
*** wp=0xb4bf10 qi=0xdd76d0 wp->w_llist=0xdd76d0 wp->w_llist_ref=(nil)
*** wp=0xb4bf10 qi=0xdd76d0 wp->w_llist=0xdd76d0 wp->w_llist_ref=(nil)
*** wp=0xb4bf10 qi=0xdd76d0 wp->w_llist=0xdd76d0 wp->w_llist_ref=(nil)
*** wp=0xb4bf10 qi=0xdd76d0 wp->w_llist=0xdd76d0 wp->w_llist_ref=(nil)
*** wp=0xb4bf10 qi=(nil) wp->w_llist=(nil) wp->w_llist_ref=(nil)
Vim: Caught deadly signal SEGV
Vim: Finished.
Segmentation fault (core dumped)
I don't know yet why some pointers are NULL but perhaps someone
can make sense of it.
I don't need to do 'undo' to reproduce the crash. This also crashes:
- vim index.php
- :w (with the syntax error, syntastic kicks in)
- goto end of phpinfo() and add ; :w (error is gone)
- remove previously added ; (by pressing x on ; character in command mode)
- :w to save again -> crash
Regards
-- Dominique
--
You received this message from the "vim_dev" maillist.
Do not top-post! Type your reply below the text you are replying to.
For more information, visit http://www.vim.org/maillist.php
