Sometime in the last week or so, vim started segfaulting
78 views
Skip to first unread message
Christian J. Robinson
Jul 25, 2025, 7:54:35 PM7/25/25
to vim_dev
I really don't know what I'm doing when it comes to gdb, but this is the backtrace:
#0 0x0000000100637cf2 in class_unref.part ()
#1 0x000000010063c466 in get_member_tv ()
#2 0x000000010063c8a3 in class_object_index ()
#3 0x0000000100459fd9 in handle_subscript ()
#4 0x000000010045b005 in eval9 ()
#5 0x000000010045b703 in eval7 ()
#6 0x000000010045ba94 in eval6 ()
#7 0x000000010045c46e in eval4 ()
#8 0x000000010045c7d1 in eval3 ()
#9 0x000000010045cbc8 in eval1 ()
#10 0x000000010045dca2 in eval0_retarg ()
#11 0x000000010045e692 in eval_to_string_eap ()
#12 0x0000000100473738 in eval_one_expr_in_str ()
#13 0x000000010061ef58 in eval_interp_string ()
#14 0x000000010045b35d in eval9 ()
#15 0x000000010045b703 in eval7 ()
#16 0x000000010045bc50 in eval6 ()
#17 0x000000010045c46e in eval4 ()
#18 0x000000010045c7d1 in eval3 ()
#19 0x000000010045cbc8 in eval1 ()
#20 0x00000001004eea76 in eval_list ()
#21 0x000000010045b09d in eval9 ()
#22 0x000000010045b703 in eval7 ()
#23 0x000000010045ba94 in eval6 ()
#24 0x000000010045c46e in eval4 ()
#25 0x000000010045c7d1 in eval3 ()
#26 0x000000010045cbc8 in eval1 ()
#27 0x000000010045dca2 in eval0_retarg ()
#28 0x000000010045e43f in eval_expr_ext ()
#29 0x000000010063aba4 in ex_class ()
#30 0x0000000100495066 in do_cmdline ()
#31 0x00000001005ac2d2 in do_source_ext ()
#32 0x00000001005ae97a in do_source ()
#33 0x0000000100661cbf in ex_import ()
#34 0x0000000100495066 in do_cmdline ()
#35 0x00000001005ac2d2 in do_source_ext ()
#36 0x00000001005ae97a in do_source ()
#37 0x0000000100642dc9 in find_imported ()
#38 0x00000001004766e1 in eval_variable ()
#39 0x000000010045b38a in eval9 ()
#40 0x000000010045b703 in eval7 ()
#41 0x000000010045ba94 in eval6 ()
#42 0x000000010045c46e in eval4 ()
#43 0x000000010045c7d1 in eval3 ()
#44 0x000000010045cbc8 in eval1 ()
#45 0x000000010045dca2 in eval0_retarg ()
#46 0x000000010045de52 in eval0 ()
#1 0x000000010063c466 in get_member_tv ()
#2 0x000000010063c8a3 in class_object_index ()
#3 0x0000000100459fd9 in handle_subscript ()
#4 0x000000010045b005 in eval9 ()
#5 0x000000010045b703 in eval7 ()
#6 0x000000010045ba94 in eval6 ()
#7 0x000000010045c46e in eval4 ()
#8 0x000000010045c7d1 in eval3 ()
#9 0x000000010045cbc8 in eval1 ()
#10 0x000000010045dca2 in eval0_retarg ()
#11 0x000000010045e692 in eval_to_string_eap ()
#12 0x0000000100473738 in eval_one_expr_in_str ()
#13 0x000000010061ef58 in eval_interp_string ()
#14 0x000000010045b35d in eval9 ()
#15 0x000000010045b703 in eval7 ()
#16 0x000000010045bc50 in eval6 ()
#17 0x000000010045c46e in eval4 ()
#18 0x000000010045c7d1 in eval3 ()
#19 0x000000010045cbc8 in eval1 ()
#20 0x00000001004eea76 in eval_list ()
#21 0x000000010045b09d in eval9 ()
#22 0x000000010045b703 in eval7 ()
#23 0x000000010045ba94 in eval6 ()
#24 0x000000010045c46e in eval4 ()
#25 0x000000010045c7d1 in eval3 ()
#26 0x000000010045cbc8 in eval1 ()
#27 0x000000010045dca2 in eval0_retarg ()
#28 0x000000010045e43f in eval_expr_ext ()
#29 0x000000010063aba4 in ex_class ()
#30 0x0000000100495066 in do_cmdline ()
#31 0x00000001005ac2d2 in do_source_ext ()
#32 0x00000001005ae97a in do_source ()
#33 0x0000000100661cbf in ex_import ()
#34 0x0000000100495066 in do_cmdline ()
#35 0x00000001005ac2d2 in do_source_ext ()
#36 0x00000001005ae97a in do_source ()
#37 0x0000000100642dc9 in find_imported ()
#38 0x00000001004766e1 in eval_variable ()
#39 0x000000010045b38a in eval9 ()
#40 0x000000010045b703 in eval7 ()
#41 0x000000010045ba94 in eval6 ()
#42 0x000000010045c46e in eval4 ()
#43 0x000000010045c7d1 in eval3 ()
#44 0x000000010045cbc8 in eval1 ()
#45 0x000000010045dca2 in eval0_retarg ()
#46 0x000000010045de52 in eval0 ()
[...]
I have tried to create a reproducible scenario with a short script or set of scripts, unsuccessfully.
Christian J. Robinson <hep...@gmail.com>
Yegappan Lakshmanan
Jul 25, 2025, 8:22:05 PM7/25/25
to vim...@googlegroups.com
Hi,
Can you build VIM with debug information (argument values) and collect the traceback?
Thanks,
Yegappan
--
--
You received this message from the "vim_dev" maillist.
Do not top-post! Type your reply below the text you are replying to.
For more information, visit http://www.vim.org/maillist.php
---
You received this message because you are subscribed to the Google Groups "vim_dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to vim_dev+u...@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/vim_dev/CAK14FZJFYQqPqVfFv-ers8L9xspusBHDAk50ZTa0iqLj9bmOHQ%40mail.gmail.com.
Christian J. Robinson
Jul 25, 2025, 8:44:53 PM7/25/25
to vim...@googlegroups.com
New backtrace attached.
To view this discussion visit https://groups.google.com/d/msgid/vim_dev/CAAW7x7nbVDC6PRQ1j%3Dw4rSTD8YQy913HDE2RJo0BUC-D6nk%3Dmg%40mail.gmail.com.
Yegappan Lakshmanan
Jul 25, 2025, 9:11:35 PM7/25/25
to vim...@googlegroups.com
On Fri, Jul 25, 2025 at 5:44 PM Christian J. Robinson <hep...@gmail.com> wrote:
New backtrace attached.
Thanks for the traceback. Is it possible for you to run Vim under valgrind and collect the
log file or enable ASAN and collect the ASAN output?
To run Vim under valgrind:
1. Edit src/Makefile and uncomment the following line:
LEAK_CFLAGS = -DEXITFREE
2. Rebuild Vim with debug information.
3. Run Valgrind
valgrind --tool=memcheck --leak-check=yes --num-callers=45 --log-file=valgrind.log ./vim
4. After Vim crashes, the valgrind.log file should have the memory related information.
Thanks,
Yegappan
To view this discussion visit https://groups.google.com/d/msgid/vim_dev/CAK14FZJ7%3DHS-GKVEq-yn_Cbjo0Cx-RT_adTh625u77ZPH5LnGg%40mail.gmail.com.
Christian Brabandt
Jul 26, 2025, 2:29:59 AM7/26/25
to vim...@googlegroups.com, vim...@googlegroups.com
Hmm, this crashes in class_get_selfrefs() indicating perhaps patch v9.1.1566. Can you attach gdb to Vim, cause the crash and when you are back in gdb, print the values of the variables at line 3717?
Thanks
Chris
Am 26.07.2025 um 02:44 schrieb Christian J. Robinson <hep...@gmail.com>:
To view this discussion visit https://groups.google.com/d/msgid/vim_dev/CAK14FZJ7%3DHS-GKVEq-yn_Cbjo0Cx-RT_adTh625u77ZPH5LnGg%40mail.gmail.com.
<gdb.txt>
Christian J. Robinson
Jul 26, 2025, 9:47:10 AM7/26/25
to vim...@googlegroups.com
(gdb) p tv->v_type
$1 = VAR_OBJECT
(gdb) p tv->vval.v_object->obj_class
Cannot access memory at address 0x0
(gdb) p cl
$2 = (class_T *) 0xa006c15e0
(gdb) p tv->vval.v_object->obj_refcount
Cannot access memory at address 0x8
$1 = VAR_OBJECT
(gdb) p tv->vval.v_object->obj_class
Cannot access memory at address 0x0
(gdb) p cl
$2 = (class_T *) 0xa006c15e0
(gdb) p tv->vval.v_object->obj_refcount
Cannot access memory at address 0x8
To view this discussion visit https://groups.google.com/d/msgid/vim_dev/31BD27D4-B95A-4FF3-A9CF-3A3090A3894B%40256bit.org.
Yegappan Lakshmanan
Jul 26, 2025, 12:18:57 PM7/26/25
to vim...@googlegroups.com
On Sat, Jul 26, 2025 at 6:47 AM Christian J. Robinson <hep...@gmail.com> wrote:
(gdb) p tv->v_type
$1 = VAR_OBJECT
(gdb) p tv->vval.v_object->obj_class
Cannot access memory at address 0x0
(gdb) p cl
$2 = (class_T *) 0xa006c15e0
(gdb) p tv->vval.v_object->obj_refcount
Cannot access memory at address 0x8
The class is most probably already freed by garbage collection. Is it possible for you to collect
the valgrind or asan output? or is it possible for you to share the
/cygdrive/c/Users/hepti/vimfiles/pack/cjr/start/HTML/autoload/HTML plugin and some sample
file where you see the crash?
Regards,
Yegappan
To view this discussion visit https://groups.google.com/d/msgid/vim_dev/CAK14FZKvRdAdsVdL4cWgvbMn4gTP8w%2BN-AWbto4qgMaJZ8QnKA%40mail.gmail.com.
Yegappan Lakshmanan
Jul 26, 2025, 12:24:23 PM7/26/25
to vim...@googlegroups.com
Hi,
On Sat, Jul 26, 2025 at 6:47 AM Christian J. Robinson <hep...@gmail.com> wrote:
(gdb) p tv->v_type
$1 = VAR_OBJECT
(gdb) p tv->vval.v_object->obj_class
Cannot access memory at address 0x0
(gdb) p cl
$2 = (class_T *) 0xa006c15e0
(gdb) p tv->vval.v_object->obj_refcount
Cannot access memory at address 0x8
Can you try this patch?
diff --git a/src/vim9class.c b/src/vim9class.c
index aa68a6dc8..40b594af7 100644
--- a/src/vim9class.c
+++ b/src/vim9class.c
@@ -3714,7 +3714,8 @@ class_get_selfrefs(class_T *cl)
for (int i = 0; i < cl->class_class_member_count; ++i)
{
tv = &cl->class_members_tv[i];
- if (tv->v_type == VAR_OBJECT && tv->vval.v_object->obj_class == cl
+ if (tv->v_type == VAR_OBJECT && tv->vval.v_object != NULL
+ && tv->vval.v_object->obj_class == cl
&& (tv->vval.v_object->obj_refcount == 1
|| (IS_ENUM(cl) && tv->vval.v_object->obj_refcount == 2)))
self_refs++;
index aa68a6dc8..40b594af7 100644
--- a/src/vim9class.c
+++ b/src/vim9class.c
@@ -3714,7 +3714,8 @@ class_get_selfrefs(class_T *cl)
for (int i = 0; i < cl->class_class_member_count; ++i)
{
tv = &cl->class_members_tv[i];
- if (tv->v_type == VAR_OBJECT && tv->vval.v_object->obj_class == cl
+ if (tv->v_type == VAR_OBJECT && tv->vval.v_object != NULL
+ && tv->vval.v_object->obj_class == cl
&& (tv->vval.v_object->obj_refcount == 1
|| (IS_ENUM(cl) && tv->vval.v_object->obj_refcount == 2)))
self_refs++;
Thanks,
Yegappan
Christian J. Robinson
Jul 26, 2025, 3:06:58 PM7/26/25
to vim...@googlegroups.com
The patch fixes the problem for me. Thank you.
--
--
You received this message from the "vim_dev" maillist.
Do not top-post! Type your reply below the text you are replying to.
For more information, visit http://www.vim.org/maillist.php
---
You received this message because you are subscribed to the Google Groups "vim_dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to vim_dev+u...@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/vim_dev/CAAW7x7n8MUq6LDzH1H-grZVA8de%3DuUAYUfbrxf%3DCdOvovG0Euw%40mail.gmail.com.
Yegappan Lakshmanan
Jul 26, 2025, 4:11:26 PM7/26/25
to vim...@googlegroups.com
Hi,
On Sat, Jul 26, 2025 at 12:06 PM Christian J. Robinson <hep...@gmail.com> wrote:
The patch fixes the problem for me. Thank you.
Thanks for validating the patch. I will create a PR for this. But I want to add a test that
reproduces this issue. Is it possible for you to reproduce this issue with a small test script?
Christian J. Robinson
Jul 26, 2025, 4:32:44 PM7/26/25
to vim...@googlegroups.com
I haven't been able to reproduce it with a small test script.
--
--
You received this message from the "vim_dev" maillist.
Do not top-post! Type your reply below the text you are replying to.
For more information, visit http://www.vim.org/maillist.php
---
You received this message because you are subscribed to the Google Groups "vim_dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to vim_dev+u...@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/vim_dev/CAAW7x7%3DDh847hQbG-k4YXLMV_j4RfR95v6SqtrX2diTxsjQLCQ%40mail.gmail.com.
Christian Brabandt
Aug 6, 2025, 3:34:10 AM8/6/25
to vim...@googlegroups.com
Hi,
this issue should have been fixed by patch v9.1.1592. Thanks Yegappan.
Sorry, I couldn't merge it earlier as I was away for vacation.
Thanks,
Chris
Mit freundlichen Grüßen
Christian
--
The sheep that fly over your head are soon to land.
this issue should have been fixed by patch v9.1.1592. Thanks Yegappan.
Sorry, I couldn't merge it earlier as I was away for vacation.
Thanks,
Chris
Christian
--
The sheep that fly over your head are soon to land.
Reply all
Reply to author
Forward
0 new messages