From 12237448499aaeb8c4f2be7a1deda60c0f160627 Mon Sep 17 00:00:00 2001
From: Bram Moolenaar <Bram@vim.org>
Date: Tue, 19 Dec 2017 12:38:52 +0100
Subject: [PATCH] patch 8.0.1412: using free memory using setloclist()

Problem:    Using free memory using setloclist(). (Dominique Pelle)
Solution:   Mark location list context as still in use when needed. (Yegappan
            Lakshmanan, closes #2462)
---
 src/quickfix.c                | 10 ++++++++++
 src/testdir/test_quickfix.vim | 14 ++++++++++++++
 src/version.c                 |  2 ++
 3 files changed, 26 insertions(+)

diff --git a/src/quickfix.c b/src/quickfix.c
index d09a334339..6e80ddfca3 100644
--- a/src/quickfix.c
+++ b/src/quickfix.c
@@ -5486,6 +5486,16 @@ set_ref_in_quickfix(int copyID)
 	    if (abort)
 		return abort;
 	}
+	if (IS_LL_WINDOW(win) && (win->w_llist_ref->qf_refcount == 1))
+	{
+	    /* In a location list window and none of the other windows is
+	     * referring to this location list. Mark the location list
+	     * context as still in use.
+	     */
+	    abort = mark_quickfix_ctx(win->w_llist_ref, copyID);
+	    if (abort)
+		return abort;
+	}
     }
 
     return abort;
diff --git a/src/testdir/test_quickfix.vim b/src/testdir/test_quickfix.vim
index 2204574998..8d0c198ba0 100644
--- a/src/testdir/test_quickfix.vim
+++ b/src/testdir/test_quickfix.vim
@@ -3017,3 +3017,17 @@ func Test_qf_tick()
   call Xqftick_tests('c')
   call Xqftick_tests('l')
 endfunc
+
+" The following test used to crash Vim.
+" Open the location list window and close the regular window associated with
+" the location list. When the garbage collection runs now, it incorrectly
+" marks the location list context as not in use and frees the context.
+func Test_ll_window_ctx()
+  call setloclist(0, [], 'f')
+  call setloclist(0, [], 'a', {'context' : []})
+  lopen | only
+  call test_garbagecollect_now()
+  echo getloclist(0, {'context' : 1}).context
+  enew | only
+endfunc
+
diff --git a/src/version.c b/src/version.c
index ec17e4e672..22df4f924d 100644
--- a/src/version.c
+++ b/src/version.c
@@ -771,6 +771,8 @@ static char *(features[]) =
 
 static int included_patches[] =
 {   /* Add new patch number below this line */
+/**/
+    1412,
 /**/
     1411,
 /**/