Hello,
I have experienced a crash issue between vdebug and the easytags plugin [1],
and came up with the following code to reproduce it.
Test case:
1. Create a file (e.g. /tmp/vimrc) with the following contents.
set nocp
" set rtp=./bundle/vdebug
"
" From easytags: this try block triggers a segfault when
Ctrl-C'ing
" vdebug's VdebugStart.
try
" The point of this code is to do something completely
innocent while making
" sure the vim-misc plug-in is installed. We
specifically don't use Vim's
" exists() function because it doesn't load auto-load
scripts that haven't
" already been loaded yet (last tested on Vim 7.3).
call type(g:xolox#misc#version)
catch
endtry
python << EOF
import time, vim
def eval_loop_getchar():
try:
while True:
vim.eval('getchar(0)')
time.sleep(0.5)
except:
pass
EOF
" Crashes on Ctrl-C
command! EvalLoop python eval_loop_getchar()
2. Start Vim using `vim -u /tmp/vimrc`.
3. Call the EvalLoop command: `:EvalLoop`
4. Press Ctrl-C to cancel it.
The backtrace looks as follows:
0x00007ffff507bf77 in __GI_raise (sig=sig@entry=6) at
../nptl/sysdeps/unix/sysv/linux/raise.c:56
56 ../nptl/sysdeps/unix/sysv/linux/raise.c: No such file or
directory.
(gdb) bt
#0 0x00007ffff507bf77 in __GI_raise (sig=sig@entry=6) at
../nptl/sysdeps/unix/sysv/linux/raise.c:56
#1 0x00007ffff507f5e8 in __GI_abort () at abort.c:90
#2 0x00007ffff50b94fb in __libc_message (do_abort=do_abort@entry=2,
fmt=fmt@entry=0x7ffff51cd240 "*** Error in `%s': %s: 0x%s ***\n")
at ../sysdeps/unix/sysv/linux/libc_fatal.c:199
#3 0x00007ffff50c44c6 in malloc_printerr (action=3, str=0x7ffff51cd5b8
"munmap_chunk(): invalid pointer", ptr=<optimized out>) at malloc.c:4923
#4 0x000000000050b518 in vim_free (x=0x7ffff7fc89c8) at misc2.c:1744
#5 0x00000000004a5fc9 in discard_exception (excp=0x9072e0,
was_finished=0) at ex_eval.c:640
#6 0x00000000004a601f in discard_current_exception () at ex_eval.c:653
#7 0x000000000061977e in VimTryEnd () at if_py_both.h:562
#8 0x000000000061a201 in VimEval (self=0x0, args=0x7ffff7eb3310) at
if_py_both.h:820
#9 0x00007fffef7abad4 in PyEval_EvalFrameEx () from
/usr/lib/x86_64-linux-gnu/libpython2.7.so.1.0
#10 0x00007fffef7aba59 in PyEval_EvalFrameEx () from
/usr/lib/x86_64-linux-gnu/libpython2.7.so.1.0
#11 0x00007fffef7adb4d in PyEval_EvalCodeEx () from
/usr/lib/x86_64-linux-gnu/libpython2.7.so.1.0
#12 0x00007fffef7ade32 in PyEval_EvalCode () from
/usr/lib/x86_64-linux-gnu/libpython2.7.so.1.0
#13 0x00007fffef6da5c9 in PyRun_StringFlags () from
/usr/lib/x86_64-linux-gnu/libpython2.7.so.1.0
#14 0x000000000062275e in run_cmd (cmd=0xa62447 "eval_loop_getchar()",
arg=0x7fffffffb0b0, pygilstate=0x7fffffffafb4) at if_py_both.h:5052
#15 0x000000000062588d in DoPyCommand (cmd=0xa62447
"eval_loop_getchar()", init_range=0x6226d8 <init_range_cmd>, run=0x62272a
<run_cmd>, arg=0x7fffffffb0b0)
at if_python.c:1023
#16 0x000000000062592e in ex_python (eap=0x7fffffffb0b0) at
if_python.c:1067
#17 0x0000000000496441 in do_one_cmd (cmdlinep=0x7fffffffb1d0,
sourcing=1, cstack=0x7fffffffb2c0, fgetline=0x4ac54d <getexline>, cookie=0x0)
at ex_docmd.c:2695
#18 0x00000000004939a4 in do_cmdline (cmdline=0xa62410 "python
eval_loop_getchar()", fgetline=0x4ac54d <getexline>, cookie=0x0, flags=11) at
ex_docmd.c:1127
#19 0x000000000049d0f1 in do_ucmd (eap=0x7fffffffb8c0) at
ex_docmd.c:6325
#20 0x000000000049640b in do_one_cmd (cmdlinep=0x7fffffffb9e0,
sourcing=0, cstack=0x7fffffffbad0, fgetline=0x4ac54d <getexline>, cookie=0x0)
at ex_docmd.c:2686
#21 0x00000000004939a4 in do_cmdline (cmdline=0x0, fgetline=0x4ac54d
<getexline>, cookie=0x0, flags=0) at ex_docmd.c:1127
#22 0x0000000000524836 in nv_colon (cap=0x7fffffffc050) at normal.c:5459
#23 0x000000000051d35e in normal_cmd (oap=0x7fffffffc0f0, toplevel=1)
at normal.c:1197
#24 0x000000000063f0d3 in main_loop (cmdwin=0, noexmode=0) at
main.c:1329
#25 0x000000000063e9df in main (argc=3, argv=0x7fffffffc3f8) at
main.c:1020
While looking at Vim's code I have noticed a separate block for verbose output.
When calling the `VdebugStart` command from vdebug, which also triggers
this, using `99verb VdebugStart`, the backtrace looks slightly
different:
#0 __strlen_sse2_pminub () at
../sysdeps/x86_64/multiarch/strlen-sse2-pminub.S:38
#1 0x00000000004f7074 in vim_vsnprintf (str=0x8fd790 "Exception
discarded: already exists for \200kb", str_m=1025, fmt=0x6536d0 "Exception
discarded: %s",
ap=0x7fffffff9a98, tvs=0x0) at message.c:4371
#2 0x00000000004f11ae in smsg (s=0x6536d0 "Exception discarded: %s")
at message.c:410
#3 0x00000000004a5f35 in discard_exception (excp=0x12cb4d0,
was_finished=0) at ex_eval.c:624
#4 0x00000000004a601f in discard_current_exception () at ex_eval.c:653
#5 0x000000000061977e in VimTryEnd () at if_py_both.h:562
It seems like the try/catch blocks in VimScript/Python conflict somehow,
or rather cause Vim to use invalid excp pointers?!
This is with Vim 7.4.160.
1: https://github.com/joonty/vdebug/issues/134
Best regards,
Daniel.
--
--
You received this message from the "vim_dev" maillist.
Do not top-post! Type your reply below the text you are replying to.
For more information, visit http://www.vim.org/maillist.php
---
You received this message because you are subscribed to the Google Groups
"vim_dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/groups/opt_out.
