NetBSD Problem Report #46615

From www@NetBSD.org  Tue Jun 19 04:35:15 2012
Return-Path: <www@NetBSD.org>
Received: from mail.netbsd.org (mail.netbsd.org [149.20.53.66])
	by www.NetBSD.org (Postfix) with ESMTP id DE99F63BED8
	for <gnats-bugs@gnats.NetBSD.org>; Tue, 19 Jun 2012 04:35:14 +0000 (UTC)
Message-Id: <20120619043514.3C44063B955@www.NetBSD.org>
Date: Tue, 19 Jun 2012 04:35:14 +0000 (UTC)
From: cyber@netbsd.org
Reply-To: cyber@netbsd.org
To: gnats-bugs@NetBSD.org
Subject: vi(1) dumps core when paging around with large tabstop sizes
X-Send-Pr-Version: www-1.0

>Number:         46615
>Category:       bin
>Synopsis:       vi(1) dumps core when paging around with large tabstop sizes
>Confidential:   no
>Severity:       critical
>Priority:       medium
>Responsible:    bin-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Tue Jun 19 04:40:00 +0000 2012
>Last-Modified:  Tue Jun 19 06:30:02 +0000 2012
>Originator:     Erik Berls
>Release:        5.1.2 amd64
>Organization:
NetBSD
>Environment:
NetBSD builder 5.1.2 NetBSD 5.1.2 (GENERIC) #0: Thu Feb  2 12:12:28 UTC 2012  builds@b7.netbsd.org:/home/builds/ab/netbsd-5-1-2-RELEASE/amd64/201202021012Z-obj/home/builds/ab/netbsd-5-1-2-RELEASE/src/sys/arch/amd64/compile/GENERIC amd64

>Description:
When setting tabstops (ts=) to large values vi will dump core when paging into (or back up) from areas with multiple tabs.

Program terminated with signal 11, Segmentation fault.
#0  0x0000000000408c1b in default_char2int ()
(gdb) bt
#0  0x0000000000408c1b in default_char2int ()
#1  0x000000000040906a in fe_char2int ()
#2  0x000000000040a458 in db_get ()
#3  0x00000000004404e5 in vs_line ()
#4  0x0000000000442bdf in vs_paint ()
#5  0x000000000044374b in vs_paint ()
#6  0x000000000044374b in vs_paint ()
[stack loops back on itself]


>How-To-Repeat:
1. create a file with enough blank lines to scroll past the bottom of the page. after that point, add several lines that contain tabs. (My test file had 56 lines, then 18 tabs over the course of 14 lines. Some with multiple, others with none.)
2. save file and reopen
3. "set ts=1024"
4. page down (ctrl-f) and then back up (ctrl-b)
5. repeat (4) until core.

>Fix:

>Audit-Trail:
From: David Holland <dholland-bugs@netbsd.org>
To: gnats-bugs@NetBSD.org
Cc: 
Subject: Re: bin/46615: vi(1) dumps core when paging around with large
 tabstop sizes
Date: Tue, 19 Jun 2012 06:29:52 +0000

 On Tue, Jun 19, 2012 at 04:40:00AM +0000, cyber@netbsd.org wrote:
  > When setting tabstops (ts=) to large values vi will dump core when
  > paging into (or back up) from areas with multiple tabs.

 FWIW, this affects the vi in 6.99.7 too, which (for the record) is
 Version nvi-1.81.6nb5 (2009-08-11).

 -- 
 David A. Holland
 dholland@netbsd.org
NetBSD Home
NetBSD PR Database Search
(Contact us) $NetBSD: query-full-pr,v 1.39 2013/11/01 18:47:49 spz Exp $
$NetBSD: gnats_config.sh,v 1.8 2006/05/07 09:23:38 tsutsui Exp $
Copyright © 1994-2007 The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.