mcedit segfault

[gv]

mcedit segfault on Ctrl-A Ctrl-N key combination:

1. start mcedit

$ mcedit

2. Press Ctrl-A Ctrl-N and see the segfault message:

Segmentation fault (core dumped)
$

$ mc -V
GNU Midnight Commander 4.8.32
Built with GLib 2.68.4
Built with S-Lang 2.3.2 with terminfo database
With builtin editor and aspell support
With optional subshell support
With support for background operations
With mouse support on xterm and Linux console
With internationalization support
With multiple codepages support
With ext2fs attributes support
Virtual File Systems:
 cpiofs, tarfs, sfs, extfs, ftpfs, shell
Data types:
 char: 8; int: 32; long: 64; void *: 64; size_t: 64; off_t: 64;

gdb backtrace:

(gdb) bt full
#0  0x000000000045645d in edit_init (edit=0x6bf220, r=0x7fffffffdeb0, arg=0x0) at edit.c:2167
        to_free = 1
        line = 4239753
#1  0x000000000046a979 in edit_add_window (h=0x69de10, r=0x7fffffffdeb0, arg=0x0) at editwidget.c:1369
        edit = 0x7fffffffdeb0
        w = 0xffffffff00000000
#2  0x000000000045ecd1 in edit_load_file_from_filename (h=0x69de10, arg=0x0) at editcmd.c:1091
        r = {y = 1, x = 0, lines = 68, cols = 248}
#3  0x0000000000468c91 in edit_dialog_command_execute (h=0x69de10, command=45) at editwidget.c:408
        g = 0x69de10
        ret = MSG_HANDLED
#4  0x0000000000469986 in edit_dialog_callback (w=0x69de10, sender=0x0, msg=MSG_KEY, parm=16398, data=0x0) at editwidget.c:813
        ext_mode = 0
        command = 45
        we = 0x6a8cd0
        ret = MSG_NOT_HANDLED
        g = 0x69de10
        h = 0x69de10
#5  0x00000000004cedf8 in send_message (w=0x69de10, sender=0x0, msg=MSG_KEY, parm=16398, data=0x0) at ../../lib/widget/widget-common.h:255
        ret = MSG_NOT_HANDLED
#6  0x00000000004cf2eb in dlg_key_event (h=0x69de10, d_key=16398) at dialog.c:249
        w = 0x69de10
        g = 0x69de10
        handled = (unknown: 0xe)
#7  0x00000000004cfc88 in dlg_process_event (h=0x69de10, key=16398, event=0x7fffffffe040) at dialog.c:539
No locals.
#8  0x00000000004cf4f7 in frontend_dlg_run (h=0x69de10) at dialog.c:321
        d_key = 16398
        wh = 0x69de10
        event = {buttons = 112 'p', modifiers = 224 '\340', vc = 65535, dx = 32767, dy = 0, x = -1, y = 76, type = 0, clicks = 6982864, margin = 0, wdx = -8688, wdy = 105}
#9  0x00000000004cfd5b in dlg_run (h=0x69de10) at dialog.c:573
No locals.
#10 0x000000000046a7b9 in edit_files (files=0x586c00 = {...}) at editwidget.c:1279
        made_directory = 1
        edit_dlg = 0x69de10
        g = 0x69de10
        menubar = 0x69e900
        w = 0x6a0160
        wd = 0x69de10
        file = 0x0
        ok = 1
#11 0x000000000041c1f5 in mc_maybe_editor_or_viewer () at filemanager.c:963
        ret = 0
#12 0x000000000041d91b in do_nc () at filemanager.c:1802
        ret = 32767
#13 0x000000000040b605 in main (argc=1, argv=0x7fffffffe2e8) at main.c:469
        mcerror = 0x0
        exit_code = 1
        tmpdir = 0x561540 <buffer> "/tmp/mc-VIZCT2"
(gdb) where
#0  0x000000000045645d in edit_init (edit=0x6bf220, r=0x7fffffffdeb0, arg=0x0) at edit.c:2167
#1  0x000000000046a979 in edit_add_window (h=0x69de10, r=0x7fffffffdeb0, arg=0x0) at editwidget.c:1369
#2  0x000000000045ecd1 in edit_load_file_from_filename (h=0x69de10, arg=0x0) at editcmd.c:1091
#3  0x0000000000468c91 in edit_dialog_command_execute (h=0x69de10, command=45) at editwidget.c:408
#4  0x0000000000469986 in edit_dialog_callback (w=0x69de10, sender=0x0, msg=MSG_KEY, parm=16398, data=0x0) at editwidget.c:813
#5  0x00000000004cedf8 in send_message (w=0x69de10, sender=0x0, msg=MSG_KEY, parm=16398, data=0x0) at ../../lib/widget/widget-common.h:255
#6  0x00000000004cf2eb in dlg_key_event (h=0x69de10, d_key=16398) at dialog.c:249
#7  0x00000000004cfc88 in dlg_process_event (h=0x69de10, key=16398, event=0x7fffffffe040) at dialog.c:539
#8  0x00000000004cf4f7 in frontend_dlg_run (h=0x69de10) at dialog.c:321
#9  0x00000000004cfd5b in dlg_run (h=0x69de10) at dialog.c:573
#10 0x000000000046a7b9 in edit_files (files=0x586c00 = {...}) at editwidget.c:1279
#11 0x000000000041c1f5 in mc_maybe_editor_or_viewer () at filemanager.c:963
#12 0x000000000041d91b in do_nc () at filemanager.c:1802
#13 0x000000000040b605 in main (argc=1, argv=0x7fffffffe2e8) at main.c:469
(gdb)

Fix (works for me):

--- mc-4.8.32/src/editor/edit.c.orig<-->2024-08-08 10:49:18.000000000 +0300
+++ mc-4.8.32/src/editor/edit.c>2024-08-29 14:07:04.368500527 +0300
@@ -2164,7 +2164,10 @@
     edit->stat1.st_gid = getgid ();
     edit->stat1.st_mtime = 0;
.
-    edit->attrs_ok = (mc_fgetflags (arg->file_vpath, &edit->attrs) == 0);
+    if (arg != NULL)
+        edit->attrs_ok = (mc_fgetflags (arg->file_vpath, &edit->attrs) == 0);
+    else
+        edit->attrs_ok = 0;
.
     edit->over_col = 0;
     edit->bracket = -1;

[gv]

Fix (works for me):

--- mc-4.8.32/src/editor/edit.c.orig<-->2024-08-08 10:49:18.000000000 +0300
+++ mc-4.8.32/src/editor/edit.c>2024-08-29 14:07:04.368500527 +0300
@@ -2164,7 +2164,10 @@
     edit->stat1.st_gid = getgid ();
     edit->stat1.st_mtime = 0;

-    edit->attrs_ok = (mc_fgetflags (arg->file_vpath, &edit->attrs) == 0);
+    if (arg != NULL)
+        edit->attrs_ok = (mc_fgetflags (arg->file_vpath, &edit->attrs) == 0);
+    else
+        edit->attrs_ok = 0;
.
     edit->over_col = 0;
     edit->bracket = -1;

[zaytsev]

Can reproduce on macOS, thanks for reporting!

[andrew_b]

Branch: 4580_mcedit_segfault
changeset:66bfefbf1adce31e83fd0ad1305013877f5fce04

[andrew_b]

Merged to master: [242c413d808eea45073037f1dc945c9270a493d0].