On Thu, Jan 10, 2019 at 02:18:50AM -0700, Anthony J. Bentley wrote:
> Hi,
>
> I have a vi test case that reliably crashes.
>
> It consists of two files. To crash in a 80x24 terminal, the files should
> be as follows:
>
> foo.txt should be 27 lines long. The fifth line should consist of 81
> characters, and the others 80 or below.
>
> bar.txt should be 5 lines or more, each line of less than 80 characters.
>
> Example foo.txt:
> a
> b
> c
> d
> 123456789012345678901234567890123456789012345678901234567890123456789012345678901
> f
> g
> h
> i
> j
> k
> l
> m
> n
> o
> p
> q
> r
> s
> t
> u
> v
> w
> x
> y
> z
> A
>
> Example bar.txt:
> 1
> 2
> 3
> 4
> 5
> 6
>
> Start with "vi foo.txt bar.txt".
> In foo, hit ^F once, then :n to switch files.
> In bar, line 6 is not visible (bug). Hitting ^F here will crash vi.
>
> This might be related to the fact that after the first ^F, foo's long
> line is split, with only the second half shown on screen. The crash
> occurs when trying to return the logical column of the cursor:
>
> #0 0x00000733ac5cbda6 in vs_column (sp=0x73623e317b0, colp=0x73623e31850)
> at /usr/src/usr.bin/vi/build/../vi/vs_relative.c:40
> #1 0x00000733ac5c5c15 in vi (spp=0x7f7ffffbfdc0)
> at /usr/src/usr.bin/vi/build/../vi/vi.c:110
> #2 0x00000733ac5ae0b4 in editor (gp=0x7363966e5f0, argc=<optimized out>,
> argv=<optimized out>) at /usr/src/usr.bin/vi/build/../common/main.c:427
> #3 0x00000733ac58e6ce in main (argc=3, argv=0x7f7ffffc0008)
> at /usr/src/usr.bin/vi/build/../cl/cl_main.c:93
>
> --
> Anthony J. Bentley
>
If you enable DEBUG, the abort in vs_refresh.c:695 gets triggered.
Note that not only line 6 is not drawn, also the ~ lines are missing.
Not hitting ^F but walking to the end or going to the last line with G
in bar works...
No further clue yet.
-Otto
