Date: Mon, 14 Apr 1997 14:00:01 -0700 (PDT) From: Bill Fenner <fenner@parc.xerox.com> To: freebsd-bugs Subject: Re: bin/3170: vi freaks and dump core if user doesn't exist Message-ID: <199704142100.OAA13942@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR bin/3170; it has been noted by GNATS.
From: Bill Fenner <fenner@parc.xerox.com>
To: freebsd-gnats-submit@freebsd.org, fenner@parc.xerox.com, bostic@bostic.com
Cc: Subject: Re: bin/3170: vi freaks and dump core if user doesn't exist
Date: Mon, 14 Apr 1997 13:48:08 PDT
> How-To-Repeat
>
> I don't know if it's as simple as running yp, then killing ypbind > and editing a file. I doubt it.
Surprise, surprise surprise. It is sufficient. Now I'm ashamed that
I'm so lazy that I didn't try it until today =)
The full how-to-repeat is:
- Create a file owned by user foo
- Remove user foo, either by having foo be in NIS and killing ypbind,
or by editing the password file.
- Edit the file owned by user foo
- Move down a couple of lines (the dump sometimes doesn't happen if
you don't do this)
- Modify the file
vi will die when it tries to warn you about the fact that the user
doesn't exist so recovery won't work.
I think the core dump is because we overran the stack. vs_paint()
appears to be involved in infinite recursion (which explains the
delay before the core). There are 74,879 instances of vs_paint() in
the traceback; the rest is:
#74879 0x3b9b7 in vs_paint (sp=0x4a000, flags=3)
at /usr/src/usr.bin/vi/../../contrib/nvi/vi/vs_refresh.c:696
#74880 0x3acb8 in vs_refresh (sp=0x4a000, forcepaint=1)
at /usr/src/usr.bin/vi/../../contrib/nvi/vi/vs_refresh.c:119
#74881 0x3206f in v_txt (sp=0x4a000, vp=0xefbfdb04, tm=0x0, lp=0x603d1
"",
len=0, prompt=0, ai_line=3, rcount=1, flags=75793417)
at /usr/src/usr.bin/vi/../../contrib/nvi/vi/v_txt.c:475
#74882 0x2e156 in io (sp=0x4a000, vp=0xefbfdb04, cmd=o_cmd)
at /usr/src/usr.bin/vi/../../contrib/nvi/vi/v_itxt.c:248
#74883 0x2e018 in v_io (sp=0x4a000, vp=0xefbfdb04)
at /usr/src/usr.bin/vi/../../contrib/nvi/vi/v_itxt.c:204
#74884 0x373ee in vi (spp=0xefbfdbe4)
at /usr/src/usr.bin/vi/../../contrib/nvi/vi/vi.c:235
#74885 0xbbbe in editor (gp=0x48000, argc=2, argv=0xefbfdd5c)
at /usr/src/usr.bin/vi/../../contrib/nvi/common/main.c:419
#74886 0x2544 in main (argc=2, argv=0xefbfdd58)
at /usr/src/usr.bin/vi/../../contrib/nvi/cl/cl_main.c:148
vi does manage to display the
+=+=+=+=+=+=+=+
Information on user id 5275 not found.
Modifications not recoverable if the session fails
messages, but does not get to the point of "press enter to continue".
I think that vi is trying to display the rest of the text here, but
I don't know enough of its architecture to grok what is really
happening.
Bill
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199704142100.OAA13942>