Bug 840947 - vim SIGSEGVs while adding comments to C source file
vim SIGSEGVs while adding comments to C source file
Status: CLOSED ERRATA
Product: Fedora
Classification: Fedora
Component: vim (Show other bugs)
17
i686 Linux
unspecified Severity high
: ---
: ---
Assigned To: Karsten Hopp
Fedora Extras Quality Assurance
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2012-07-17 12:54 EDT by Philippe Vouters
Modified: 2012-08-31 17:23 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2012-08-31 17:23:31 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Philippe Vouters 2012-07-17 12:54:47 EDT
Description of problem:
vim SIGSEGVs while adding comments to C source file

Version-Release number of selected component (if applicable):
[philippe@victor ~]$ vim --version
VIM - Vi IMproved 7.3 (2010 Aug 15, compiled Jun 18 2012 09:16:58)
Included patches: 1-415, 417-556
Modified by <bugzilla@redhat.com>
Compiled by <bugzilla@redhat.com>
Huge version without GUI.  Features included (+) or not (-):
+arabic +autocmd -balloon_eval -browse ++builtin_terms +byte_offset +cindent 
-clientserver -clipboard +cmdline_compl +cmdline_hist +cmdline_info +comments 
+conceal +cryptv +cscope +cursorbind +cursorshape +dialog_con +diff +digraphs 
-dnd -ebcdic +emacs_tags +eval +ex_extra +extra_search +farsi +file_in_path 
+find_in_path +float +folding -footer +fork() +gettext -hangul_input +iconv 
+insert_expand +jumplist +keymap +langmap +libcall +linebreak +lispindent 
+listcmds +localmap -lua +menu +mksession +modify_fname +mouse -mouseshape 
+mouse_dec +mouse_gpm -mouse_jsbterm +mouse_netterm -mouse_sysmouse 
+mouse_xterm +mouse_urxvt +multi_byte +multi_lang -mzscheme +netbeans_intg 
+path_extra +perl +persistent_undo +postscript +printer +profile +python 
-python3 +quickfix +reltime +rightleft +ruby +scrollbind +signs +smartindent 
-sniff +startuptime +statusline -sun_workshop +syntax +tag_binary 
+tag_old_static -tag_any_white -tcl +terminfo +termresponse +textobjects +title
 -toolbar +user_commands +vertsplit +virtualedit +visual +visualextra +viminfo 
+vreplace +wildignore +wildmenu +windows +writebackup -X11 -xfontset -xim -xsmp
 -xterm_clipboard -xterm_save 
   system vimrc file: "/etc/vimrc"
     user vimrc file: "$HOME/.vimrc"
      user exrc file: "$HOME/.exrc"
  fall-back for $VIM: "/etc"
 f-b for $VIMRUNTIME: "/usr/share/vim/vim73"
Compilation: gcc -c -I. -Iproto -DHAVE_CONFIG_H   -I/usr/local/include  -O2 -g -pipe -Wall  -fexceptions -fstack-protector --param=ssp-buffer-size=4  -m32 -march=i686 -mtune=atom -fasynchronous-unwind-tables -D_GNU_SOURCE -D_FILE_OFFSET_BITS=64  -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=1      
Linking: gcc   -L. -Wl,-z,relro -rdynamic -Wl,-export-dynamic  -Wl,--enable-new-dtags -Wl,-rpath,/usr/lib/perl5/CORE  -Wl,-z,relro  -L/usr/local/lib -Wl,--as-needed -o vim       -lm -lnsl  -lselinux  -lncurses -lacl -lattr -lgpm -ldl    -Wl,--enable-new-dtags -Wl,-rpath,/usr/lib/perl5/CORE  -fstack-protector -L/usr/local/lib  -L/usr/lib/perl5/CORE -lperl -lresolv -lnsl -ldl -lm -lcrypt -lutil -lpthread -lc -L/usr/lib/python2.7/config -lpython2.7 -lpthread -ldl -lutil -lm -Xlinker -export-dynamic   -lruby -lpthread -lrt -ldl -lcrypt -lm    


How reproducible:
Almost reproducible at will. Started recently with the Jun 29 04:05 yum update:

May 17 04:37:27 Updated: 2:vim-filesystem-7.3.515-1.fc16.i686
May 17 04:37:35 Updated: 2:vim-common-7.3.515-1.fc16.i686
May 17 04:38:08 Updated: 2:vim-enhanced-7.3.515-1.fc16.i686
May 17 04:38:29 Updated: 2:vim-X11-7.3.515-1.fc16.i686
May 17 04:38:33 Updated: 2:vim-minimal-7.3.515-1.fc16.i686
Jun 29 03:57:28 Updated: 2:vim-filesystem-7.3.556-1.fc17.i686
Jun 29 03:59:44 Updated: 2:vim-common-7.3.556-1.fc17.i686
Jun 29 04:05:19 Updated: 2:vim-X11-7.3.556-1.fc17.i686
Jun 29 04:05:20 Updated: 2:vim-enhanced-7.3.556-1.fc17.i686
Jun 29 04:06:17 Updated: 2:vim-minimal-7.3.556-1.fc17.i686
Jul 17 18:31:42 Installed: 2:vim-debuginfo-7.3.556-1.fc17.i686

Steps to Reproduce:
1. vi a C source file.
2. Add C (not C++) style comments to your code.
3.
  
Actual results:

vim crash with a SIGSEGV:

[philippe@victor C]$ gdb vim core.22968 
GNU gdb (GDB) Fedora (7.4.50.20120120-49.fc17)
Copyright (C) 2012 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "i686-redhat-linux-gnu".
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>...
Reading symbols from /usr/bin/vim...Reading symbols from /usr/lib/debug/usr/bin/vim.debug...done.
done.
[New LWP 22968]
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/libthread_db.so.1".
Core was generated by `vim imgid.c'.
Program terminated with signal 6, Aborted.
#0  0xb7774424 in __kernel_vsyscall ()
Missing separate debuginfos, use: debuginfo-install libattr-2.4.46-5.fc17.i686 libgcc-4.7.0-5.fc17.i686 nss-softokn-freebl-3.13.4-2.fc17.i686
(gdb) where
#0  0xb7774424 in __kernel_vsyscall ()
#1  0x42dbac66 in kill () at ../sysdeps/unix/syscall-template.S:82
#2  0x08146da1 in may_core_dump () at os_unix.c:3166
#3  0x08148ae7 in may_core_dump () at os_unix.c:3163
#4  mch_exit (r=1) at os_unix.c:3132
#5  0x081c565e in getout (exitval=<optimized out>, exitval@entry=1)
    at main.c:1466
#6  0x08114550 in preserve_exit () at misc1.c:9053
#7  <signal handler called>
#8  0xb7774424 in __kernel_vsyscall ()
#9  0x42dba95f in __GI_raise (sig=sig@entry=6)
    at ../nptl/sysdeps/unix/sysv/linux/raise.c:64
#10 0x42dbc2b3 in __GI_abort () at abort.c:91
#11 0x42df87b5 in __libc_message (do_abort=do_abort@entry=2, fmt=fmt@entry=
    0x42ef9074 "*** glibc detected *** %s: %s: 0x%s ***\n")
    at ../sysdeps/unix/sysv/linux/libc_fatal.c:198
#12 0x42e00139 in malloc_printerr (ptr=0x84dcf70, str=
    0x42ef9170 "free(): invalid next size (fast)", action=<optimized out>)
    at malloc.c:5027
#13 _int_free (av=0x42f36420, p=0x84dcf68, have_lock=0) at malloc.c:3948
#14 0x0810fac9 in open_line (dir=dir@entry=1, flags=2, 
    second_line_indent=second_line_indent@entry=0) at misc1.c:1600
#15 0x0807e615 in ins_eol (c=<optimized out>) at edit.c:9812
---Type <return> to continue, or q <return> to quit---
#16 ins_eol (c=<optimized out>) at edit.c:9763
#17 0x08086bc7 in edit (cmdchar=cmdchar@entry=105, startln=startln@entry=0, 
    count=<optimized out>) at edit.c:1313
#18 0x08124b12 in invoke_edit (repl=repl@entry=0, cmd=105, 
    startln=startln@entry=0, cap=0xbfdb098c, cap=0xbfdb098c) at normal.c:9143
#19 0x08127188 in nv_edit (cap=0xbfdb098c) at normal.c:9116
#20 nv_edit (cap=0xbfdb098c) at normal.c:9024
#21 0x0812ccc2 in normal_cmd (oap=oap@entry=0xbfdb0a10, 
    toplevel=toplevel@entry=1) at normal.c:1193
#22 0x081c5e4c in main_loop (cmdwin=0, cmdwin@entry=138687048, noexmode=0, 
    noexmode@entry=138687048) at main.c:1294
#23 0x0806942d in main (argc=2, argv=0xbfdb0c34) at main.c:998

So problem in vim's malloc.c source code.

Expected results:

No crash. C file buffer updated and file ready to be saved.

Additional info:
Comment 1 Philippe Vouters 2012-07-17 13:07:08 EDT
My C comments style are:
/*
 * Text.
 */
respecting the code identication.
Comment 2 Philippe Vouters 2012-07-17 13:14:35 EDT
[philippe@victor C]$ ls $HOME/.vimrc
ls: cannot access /home/philippe/.vimrc: No such file or directory
[philippe@victor C]$ ls $HOME/.exrc
ls: cannot access /home/philippe/.exrc: No such file or directory
Comment 3 Fedora Update System 2012-08-28 10:15:47 EDT
vim-7.3.638-2.fc17 has been submitted as an update for Fedora 17.
https://admin.fedoraproject.org/updates/vim-7.3.638-2.fc17
Comment 4 Fedora Update System 2012-08-28 19:25:21 EDT
Package vim-7.3.638-2.fc17:
* should fix your issue,
* was pushed to the Fedora 17 testing repository,
* should be available at your local mirror within two days.
Update it with:
# su -c 'yum update --enablerepo=updates-testing vim-7.3.638-2.fc17'
as soon as you are able to.
Please go to the following url:
https://admin.fedoraproject.org/updates/FEDORA-2012-12869/vim-7.3.638-2.fc17
then log in and leave karma (feedback).
Comment 5 Philippe Vouters 2012-08-29 13:56:54 EDT
Many thanks to Red Hat (meaning you) for his update. However, I can't remember facing any such reported issue with:
[philippe@victor ~]$ sudo rpm -qa | grep vim
vim-filesystem-7.3.556-1.fc17.i686
vim-X11-7.3.556-1.fc17.i686
vim-common-7.3.556-1.fc17.i686
vim-enhanced-7.3.556-1.fc17.i686
vim-minimal-7.3.556-1.fc17.i686
vim-vimoutliner-0.3.6-1.fc17.noarch

Anyhow I shall try as soon as it is available on your mirrors the vim update package you propose me and let you know the outcome.

Yours very truly,
Philippe Vouters (Fontainebleau/France)
Comment 6 Fedora Update System 2012-08-31 17:23:31 EDT
vim-7.3.638-2.fc17 has been pushed to the Fedora 17 stable repository.  If problems still persist, please make note of it in this bug report.

Note You need to log in before you can comment on or make changes to this bug.