Bug 24735

Summary: "nvim -u NORC" crashes / segmentation fault
Product: Mageia Reporter: Shlomi Fish <shlomif>
Component: RPM PackagesAssignee: Stig-Ørjan Smelror <smelror>
Status: RESOLVED FIXED QA Contact:
Severity: critical    
Priority: Normal CC: marja11
Version: 7   
Target Milestone: ---   
Hardware: x86_64   
OS: Linux   
Whiteboard:
Source RPM: neovim-0.3.4-1.mga7.src.rpm CVE:
Status comment:

Description Shlomi Fish 2019-04-29 08:57:51 CEST 
Description of problem:

[shlomif@telaviv1 ~]$ nvim -u NORC
zsh: segmentation fault (core dumped)  nvim -u NORC

also happens in a new user.


How reproducible:

Always.

I tried rebuilding the latest 0.3.5 release and it crashed too.


Steps to Reproduce:
1.
2.
3.
Comment 1 Marja Van Waes 2019-04-29 09:05:45 CEST 
Assigning to our registered neovim maintainer.

Assignee: bugsquad => jani.valimaa
CC: (none) => marja11

Comment 2 Jani Välimaa 2019-04-29 14:37:44 CEST 
I might have pushed neovim first time ever to BS, but I'm not really maintaining it. Reassigning to Stig, who is the de facto maintainer.

I also released neovim and python-neovin in maintdb.

Assignee: jani.valimaa => smelror

Comment 3 Stig-Ørjan Smelror 2019-04-29 17:37:19 CEST 
Getting this when compiled with Clang:

$ gdb /bin/nvim
GNU gdb (GDB) 8.2-7.mga7 (Mageia release 7)
Copyright (C) 2018 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Type "show copying" and "show warranty" for details.
This GDB was configured as "x86_64-mageia-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>.
Find the GDB manual and other documentation resources online at:
    <http://www.gnu.org/software/gdb/documentation/>.

For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from /bin/nvim...Reading symbols from /usr/lib/debug/usr/bin/nvim-0.3.5-1.1.amd64.mga7.x86_64.debug...done.
done.
(gdb) run
Starting program: /usr/bin/nvim
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib64/libthread_db.so.1".
[New Thread 0x7ffff6487700 (LWP 11780)]

Thread 2 "nvim" received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0x7ffff6487700 (LWP 11780)]
__strcmp_sse2 () at ../sysdeps/x86_64/strcmp.S:319
319             movdqa  (%rsi), %xmm1

And this when compiled with GCC:

$ gdb /bin/nvim
GNU gdb (GDB) 8.2-7.mga7 (Mageia release 7)
Copyright (C) 2018 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Type "show copying" and "show warranty" for details.
This GDB was configured as "x86_64-mageia-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>.
Find the GDB manual and other documentation resources online at:
    <http://www.gnu.org/software/gdb/documentation/>.

For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from /bin/nvim...Reading symbols from /usr/lib/debug/usr/bin/nvim-0.3.5-1.2.amd64.mga7.x86_64.debug...done.
done.
(gdb) run
Starting program: /usr/bin/nvim
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib64/libthread_db.so.1".
[New Thread 0x7ffff6487700 (LWP 14519)]

Thread 2 "nvim" received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0x7ffff6487700 (LWP 14519)]
__strcmp_sse2 () at ../sysdeps/x86_64/strcmp.S:1073
1073            movdqa  (%rsi), %xmm1
Comment 4 Stig-Ørjan Smelror 2019-04-29 18:09:17 CEST 
(gdb) bt
#0  __strcmp_sse2 () at ../sysdeps/x86_64/strcmp.S:1073
#1  0x000000000050ceeb in strequal (a=<optimized out>, b=<optimized out>) at ../src/nvim/memory.c:500
#2  0x00000000004587e9 in tui_tk_ti_getstr (name=<optimized out>, value=0xffffffffffffffff <error: Cannot access memory at address 0xffffffffffffffff>, data=<optimized out>) at ../src/nvim/tui/tui.c:1984
#3  0x00007ffff7d8a06b in try_load_terminfo_key (ti=ti@entry=0x7ffff0013440, name=name@entry=0x7ffff6486729 "key_dc", info=info@entry=0x7ffff6486680) at driver-ti.c:264
#4  0x00007ffff7d8a3d0 in load_terminfo (ti=0x7ffff0013440) at driver-ti.c:302
#5  start_driver (tk=0x7ffff0012e50, info=0x7ffff0013440) at driver-ti.c:428
#6  0x00007ffff7d86db5 in termkey_start (tk=0x7ffff0012e50) at termkey.c:537
#7  termkey_start (tk=0x7ffff0012e50) at termkey.c:492
#8  0x000000000045d0cc in term_input_init (input=0x7ffff0010e88, loop=0x7ffff64868e0) at ../src/nvim/tui/input.c:41
#9  0x000000000045a598 in tui_main (bridge=0x8e1b30, ui=0x8e1a50) at ../src/nvim/tui/tui.c:394
#10 0x000000000044da0c in ui_thread_run (data=<optimized out>) at ../src/nvim/ui_bridge.c:102
#11 0x00007ffff7db204c in start_thread (arg=0x7ffff6487700) at pthread_create.c:486
#12 0x00007ffff7efdcaf in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95
Comment 5 Stig-Ørjan Smelror 2019-04-29 18:25:24 CEST 
Thanks to Shlomi and Wally and a little luck, I found the culprit.

Just pushed libtermkey-0.22-2 to Cauldron.

Fix confirmed on 2 machines here and by Shlomi as well.

Cheers,
Stig

Resolution: (none) => FIXED
Status: NEW => RESOLVED