Subject: bin/3489: fix for occasional vi(1) crash
To: None <>
From: Ross Harvey <>
List: netbsd-bugs
Date: 04/14/1997 01:43:39
>Number:         3489
>Category:       bin
>Synopsis:       vi(1), fix for bad free() leading to occasional cores
>Confidential:   no
>Severity:       serious
>Priority:       high
>Responsible:    bin-bug-people (Utility Bug People)
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Mon Apr 14 01:50:01 1997
>Originator:     Ross Harvey
Avalon Computer Systems, Inc.
>Release:        bug is in vi 1.66
System: NetBSD 1.2D NetBSD 1.2D (e) #15: Wed Apr 9 21:12:42 PDT 1997 alpha

	Patch provided for bad free() involving the tags feature of
	vi(1). Causes occasional cores having something to do with
	switching files.
	It happens every couple of days for me, don't know how to
	repeat.  But I think my fix is right...someone else put
	the same fix into some post-1.66 version.

	Either upgrade the vi version or apply this patch...

	patch -d /usr/src/usr.bin/vi/ex

--- /bsd/base-src/usr.bin/vi/ex/ex_tag.c	Mon May 20 05:19:12 1996
+++ /usr/src/usr.bin/vi/ex/ex_tag.c	Mon Apr 14 01:24:56 1997
@@ -798,7 +798,8 @@
 		CIRCLEQ_REMOVE(&tqp->tagq, tp, q);
-	CIRCLEQ_REMOVE(&exp->tq, tqp, q);
+	if(tqp->q.cqe_next != NULL)
+		CIRCLEQ_REMOVE(&exp->tq, tqp, q);
 	return (0);