Ticket #1906 (new defect) — at Initial Version

Opened 15 years ago

Last modified 15 years ago

edit: crash on file open whoen some Syntax files are absent (reported by pavlinux)

Reported by: slyfox Owned by: slyfox
Priority: major Milestone: 4.7.0.1
Component: mcedit Version: master
Keywords: syntax, crash Cc:
Blocked By: Blocking:
Branch state: Votes for changeset:

Description

valgrind log snippet: (from here http://pavlinux.ru/vgmc.log)

==26750== Memcheck, a memory error detector
==26750== Copyright (C) 2002-2009, and GNU GPL'd, by Julian Seward et al.
==26750== Using Valgrind-3.5.0 and LibVEX; rerun with -h for copyright info
==26750== Command: /usr/libexec/mc/cons.saver /dev/pts/0
==26750== Parent PID: 26749
==26750== 
==26750== 
==26750== HEAP SUMMARY:
==26750==     in use at exit: 0 bytes in 0 blocks
==26750==   ==26749== Invalid free() / delete / delete[]
==26749==    at 0x4A06DD8: free (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==26749==    by 0x48B5F9: edit_read_syntax_rules (syntax.c:766)
==26749==    by 0x48CDA7: edit_read_syntax_file (syntax.c:1140)
==26749==    by 0x48D06D: edit_load_syntax (syntax.c:1219)
==26749==    by 0x4762F6: edit_init (edit.c:834)
==26749==    by 0x4858FC: edit_file (editwidget.c:241)
==26749==    by 0x44D017: do_edit_at_line (cmd.c:304)
==26749==    by 0x44D098: do_edit (cmd.c:324)
==26749==    by 0x44D10E: edit_cmd (cmd.c:331)
==26749==    by 0x46C2E4: midnight_execute_cmd (main.c:1193)
==26749==    by 0x46CD41: midnight_callback (main.c:1690)
==26749==    by 0x4353F4: buttonbar_call (widget.c:2654)
==26749==  Address 0x60f8e10 is 0 bytes inside a block of size 30 free'd
==26749==    at 0x4A06DD8: free (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==26749==    by 0x48B32C: open_include_file (syntax.c:705)
==26749==    by 0x48B6E8: edit_read_syntax_rules (syntax.c:784)
==26749==    by 0x48CDA7: edit_read_syntax_file (syntax.c:1140)
==26749==    by 0x48D06D: edit_load_syntax (syntax.c:1219)
==26749==    by 0x4762F6: edit_init (edit.c:834)
==26749==    by 0x4858FC: edit_file (editwidget.c:241)
==26749==    by 0x44D017: do_edit_at_line (cmd.c:304)
==26749==    by 0x44D098: do_edit (cmd.c:324)
==26749==    by 0x44D10E: edit_cmd (cmd.c:331)
==26749==    by 0x46C2E4: midnight_execute_cmd (main.c:1193)
==26749==    by 0x46CD41: midnight_callback (main.c:1690)

We see doublefree memory corruption here, introduced by spurious g_free(error_file_name) of changeset:0c17219b2ab5cb5fe2e73f8d7cc9c11c755a3ae4 (syntax.c file)

The rest of code seems to store real syntax file name there.

Note: See TracTickets for help on using tickets.