Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Segfault when used a combination of keys #19521

New issue
New issue
Open
Open
Segfault when used a combination of keys#19521
Labels
bug
@stefanos82

Description

@stefanos82
stefanos82
opened on Feb 26, 2026

Steps to reproduce

I have updated vim-go and have noticed they introduced a new GoCallers; I tested it via :GoCallers and opened a window with findings (as expected).

When I press, if I'm not mistaken, Ctrl+w and ArrowDown, it segfaulted (Core Dump).

Expected behaviour

To switch from popup window to main buffer window.

Version of Vim

9.1.2141

Environment

GNU / Linux Debian testing 64-bit
Terminal: qterminal
Value of $TERM: xterm-256color
Shell: No idea; whatever the terminal uses by default...

Logs and stack traces

Program terminated with signal SIGSEGV, Segmentation fault.
#0  0x00007f1e09cb0d91 in tcache_get_n (tc_idx=21, ep=0x5569acb0f150, mangled=false) at ./malloc/malloc.c:3228

⚠️ warning: 3228 ./malloc/malloc.c: No such file or directory
[Current thread is 1 (Thread 0x7f1e08c5af40 (LWP 33761))]
(gdb) bt
#0  0x00007f1e09cb0d91 in tcache_get_n (tc_idx=21, ep=0x5569acb0f150, mangled=false) at ./malloc/malloc.c:3228
#1  tcache_get (tc_idx=21) at ./malloc/malloc.c:3247
#2  __libc_calloc (n=<optimized out>, elem_size=<optimized out>) at ./malloc/malloc.c:3946
#3  0x0000556978777b8a in alloc_clear ()
#4  0x00005569789cdda5 in get_lambda_tv ()
#5  0x00005569787daa08 in ??? ()
#6  0x00005569787db04a in ??? ()
#7  0x00005569787db442 in ??? ()
#8  0x00005569787dbffa in ??? ()
#9  0x00005569787dc360 in ??? ()
#10 0x00005569787dc84b in eval1 ()
#11 0x00005569789c9784 in get_func_arguments ()
#12 0x00005569789d27f8 in get_func_tv ()
#13 0x00005569789d388f in ex_call ()
#14 0x0000556978818d59 in do_cmdline ()
#15 0x00005569789d16ee in ??? ()
#16 0x00005569789d1a85 in call_user_func_check ()
#17 0x00005569789d209c in call_func ()
#18 0x00005569789d299a in get_func_tv ()
#19 0x00005569789d388f in ex_call ()
#20 0x0000556978818d59 in do_cmdline ()
#21 0x000055697877e1d3 in ??? ()
#22 0x000055697877f358 in apply_autocmds ()
#23 0x0000556978a80ace in getout ()
#24 0x00007f1e09c4aa70 in <signal handler called> () at /usr/lib/x86_64-linux-gnu/libc.so.6
#25 0x00007f1e09cb0d91 in tcache_get_n (tc_idx=21, ep=0x5569acb0f150, mangled=false) at ./malloc/malloc.c:3228
#26 tcache_get (tc_idx=21) at ./malloc/malloc.c:3247
#27 __libc_calloc (n=<optimized out>, elem_size=<optimized out>) at ./malloc/malloc.c:3946
#28 0x0000556978777b8a in alloc_clear ()
#29 0x00005569787aede2 in dict_alloc ()
#30 0x00005569787b0347 in eval_dict ()
#31 0x00005569787daaf8 in ??? ()
#32 0x00005569787db04a in ??? ()
#33 0x00005569787db442 in ??? ()
#34 0x00005569787dbffa in ??? ()
#35 0x00005569787dc360 in ??? ()
#36 0x00005569787dc84b in eval1 ()
#37 0x00005569787ddb9a in eval0_retarg ()
--Type <RET> for more, q to quit, c to continue without paging-- 
#38 0x00005569787f8e6a in ex_let ()
#39 0x0000556978818d59 in do_cmdline ()
#40 0x00005569789d16ee in ??? ()
#41 0x00005569789d1a85 in call_user_func_check ()
#42 0x00005569789d209c in call_func ()
#43 0x00005569789d299a in get_func_tv ()
#44 0x00005569787d4d3c in ??? ()
#45 0x00005569787daabb in ??? ()
#46 0x00005569787db04a in ??? ()
#47 0x00005569787db442 in ??? ()
#48 0x00005569787dbffa in ??? ()
#49 0x00005569787dc360 in ??? ()
#50 0x00005569787dc84b in eval1 ()
#51 0x00005569787ddb9a in eval0_retarg ()
#52 0x00005569789d3fd7 in ex_return ()
#53 0x0000556978818d59 in do_cmdline ()
#54 0x00005569789d16ee in ??? ()
#55 0x00005569789d1a85 in call_user_func_check ()
#56 0x00005569789d209c in call_func ()
#57 0x00005569789d299a in get_func_tv ()
#58 0x00005569787d4d3c in ??? ()
#59 0x00005569787daabb in ??? ()
#60 0x00005569787db04a in ??? ()
#61 0x00005569787db442 in ??? ()
#62 0x00005569787dbffa in ??? ()
#63 0x00005569787dc360 in ??? ()
#64 0x00005569787dc84b in eval1 ()
#65 0x00005569787e87ec in ??? ()
#66 0x00005569787efcf8 in call_internal_func ()
#67 0x00005569789d252f in call_func ()
#68 0x00005569789d299a in get_func_tv ()
#69 0x00005569787d4d3c in ??? ()
#70 0x00005569787daabb in ??? ()
#71 0x00005569787db04a in ??? ()
#72 0x00005569787db442 in ??? ()
#73 0x00005569787dbffa in ??? ()
#74 0x00005569787dc360 in ??? ()
#75 0x00005569787dc84b in eval1 ()
--Type <RET> for more, q to quit, c to continue without paging--
#76 0x00005569787ddb9a in eval0_retarg ()
#77 0x00005569787ddf3b in eval_to_string_eap ()
#78 0x0000556978920e9f in ??? ()
#79 0x00005569789306b5 in vim_regsub ()
#80 0x00005569787e117c in do_string_sub ()
#81 0x00005569787e4789 in ??? ()
#82 0x00005569787efcf8 in call_internal_func ()
#83 0x00005569789d252f in call_func ()
#84 0x00005569789d299a in get_func_tv ()
#85 0x00005569787d4d3c in ??? ()
#86 0x00005569787daabb in ??? ()
#87 0x00005569787db04a in ??? ()
#88 0x00005569787db442 in ??? ()
#89 0x00005569787dbffa in ??? ()
#90 0x00005569787dc360 in ??? ()
#91 0x00005569787dc84b in eval1 ()
#92 0x00005569787ddb9a in eval0_retarg ()
#93 0x00005569787f8e6a in ex_let ()
#94 0x0000556978818d59 in do_cmdline ()
#95 0x00005569789d16ee in ??? ()
#96 0x00005569789d1a85 in call_user_func_check ()
#97 0x00005569789d209c in call_func ()
#98 0x00005569789d299a in get_func_tv ()
#99 0x00005569787d4d3c in ??? ()
#100 0x00005569787daabb in ??? ()
#101 0x00005569787db04a in ??? ()
#102 0x00005569787db442 in ??? ()
#103 0x00005569787dbffa in ??? ()
#104 0x00005569787dc360 in ??? ()
#105 0x00005569787dc84b in eval1 ()
#106 0x00005569789c9784 in get_func_arguments ()
#107 0x00005569789d27f8 in get_func_tv ()
#108 0x00005569787d4d3c in ??? ()
#109 0x00005569787daabb in ??? ()
#110 0x00005569787db04a in ??? ()
#111 0x00005569787db442 in ??? ()
#112 0x00005569787dbffa in ??? ()
#113 0x00005569787dc360 in ??? ()
--Type <RET> for more, q to quit, c to continue without paging--
#114 0x00005569787dc84b in eval1 ()
#115 0x00005569787ddb9a in eval0_retarg ()
#116 0x00005569789d3fd7 in ex_return ()
#117 0x0000556978818d59 in do_cmdline ()
#118 0x00005569789d16ee in ??? ()
#119 0x00005569789d1a85 in call_user_func_check ()
#120 0x00005569789d209c in call_func ()
#121 0x00005569789d299a in get_func_tv ()
#122 0x00005569787d4d3c in ??? ()
#123 0x00005569787daabb in ??? ()
#124 0x00005569787db04a in ??? ()
#125 0x00005569787db442 in ??? ()
#126 0x00005569787dbffa in ??? ()
#127 0x00005569787dc360 in ??? ()
#128 0x00005569787dc84b in eval1 ()
#129 0x00005569787ddb9a in eval0_retarg ()
#130 0x00005569787f8e6a in ex_let ()
#131 0x0000556978818d59 in do_cmdline ()
#132 0x00005569789d16ee in ??? ()
#133 0x00005569789d1a85 in call_user_func_check ()
#134 0x00005569789d209c in call_func ()
#135 0x00005569789d299a in get_func_tv ()
#136 0x00005569787d4e96 in ??? ()
#137 0x00005569787d95fd in handle_subscript ()
#138 0x00005569787da904 in ??? ()
#139 0x00005569787db04a in ??? ()
#140 0x00005569787db442 in ??? ()
#141 0x00005569787dbffa in ??? ()
#142 0x00005569787dc360 in ??? ()
#143 0x00005569787dc84b in eval1 ()
#144 0x00005569787ddb9a in eval0_retarg ()
#145 0x00005569787f8e6a in ex_let ()
#146 0x0000556978818d59 in do_cmdline ()
#147 0x00005569789d16ee in ??? ()
#148 0x00005569789d1a85 in call_user_func_check ()
#149 0x00005569789d209c in call_func ()
#150 0x00005569789d299a in get_func_tv ()
#151 0x00005569787d4e96 in ??? ()
--Type <RET> for more, q to quit, c to continue without paging--
#152 0x00005569787d95fd in handle_subscript ()
#153 0x00005569787da904 in ??? ()
#154 0x00005569787db04a in ??? ()
#155 0x00005569787db442 in ??? ()
#156 0x00005569787dbffa in ??? ()
#157 0x00005569787dc360 in ??? ()
#158 0x00005569787dc84b in eval1 ()
#159 0x00005569787ddb9a in eval0_retarg ()
#160 0x00005569787f8e6a in ex_let ()
#161 0x0000556978818d59 in do_cmdline ()
#162 0x00005569789d16ee in ??? ()
#163 0x00005569789d1a85 in call_user_func_check ()
#164 0x00005569789d209c in call_func ()
#165 0x00005569789d299a in get_func_tv ()
#166 0x00005569787d4d3c in ??? ()
#167 0x00005569787daabb in ??? ()
#168 0x00005569787db04a in ??? ()
#169 0x00005569787db442 in ??? ()
#170 0x00005569787dbffa in ??? ()
#171 0x00005569787dc360 in ??? ()
#172 0x00005569787dc84b in eval1 ()
#173 0x00005569787ddb9a in eval0_retarg ()
#174 0x00005569789d3fd7 in ex_return ()
#175 0x0000556978818d59 in do_cmdline ()
#176 0x00005569789d16ee in ??? ()
#177 0x00005569789d1a85 in call_user_func_check ()
#178 0x00005569789d209c in call_func ()
#179 0x00005569789d299a in get_func_tv ()
#180 0x00005569787d4d3c in ??? ()
#181 0x00005569787daabb in ??? ()
#182 0x00005569787db04a in ??? ()
#183 0x00005569787db442 in ??? ()
#184 0x00005569787dbffa in ??? ()
#185 0x00005569787dc360 in ??? ()
#186 0x00005569787dc84b in eval1 ()
#187 0x00005569787ddb9a in eval0_retarg ()
#188 0x00005569787ddf3b in eval_to_string_eap ()
#189 0x00005569787de054 in eval_to_string_safe ()
--Type <RET> for more, q to quit, c to continue without paging--
#190 0x0000556978787a64 in build_stl_str_hl ()
#191 0x000055697893b5e5 in ??? ()
#192 0x000055697893e171 in draw_tabline ()
#193 0x00005569787ca1a5 in update_screen ()
#194 0x0000556978a805ec in main_loop ()
#195 0x0000556978a817cf in vim_main2 ()
#196 0x00007f1e09c33f75 in __libc_start_call_main (main=main@entry=0x556978775b50 <main>, argc=argc@entry=2, argv=argv@entry=0x7ffdf460aff8) at ../sysdeps/nptl/libc_start_call_main.h:58
#197 0x00007f1e09c34027 in __libc_start_main_impl
    (main=0x556978775b50 <main>, argc=2, argv=0x7ffdf460aff8, init=<optimized out>, fini=<optimized out>, rtld_fini=<optimized out>, stack_end=0x7ffdf460afe8) at ../csu/libc-start.c:360
#198 0x00005569787778e1 in _start ()

Metadata

Metadata

Assignees

No one assigned

    Labels

    bug

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions