mirror of
https://github.com/neovim/neovim.git
synced 2025-02-25 18:55:25 -06:00
test/old: TODO: skip Test_BufLeave_Wipe()
This test exposes a bug (present on current master).
Steps to reproduce:
CC=clang make CMAKE_BUILD_TYPE=Debug CMAKE_EXTRA_FLAGS="-DCLANG_ASAN_UBSAN=ON"
export ASAN_SYMBOLIZER_PATH=/usr/lib/llvm-5.0/bin/llvm-symbolizer
TEST_FILE=test_autocmd.res make oldtest
==3668==ERROR: AddressSanitizer: heap-use-after-free on address 0x6260001411c8 at pc 0x000000a38a47 bp 0x7fff9982ee50 sp 0x7fff9982ee48
READ of size 4 at 0x6260001411c8 thread T0
0 0xa38a46 in _typval_encode_nothing_convert_one_value /home/vagrant/neovim/build/../src/nvim/eval/typval_encode.c.h:320:15
1 0xa340d5 in encode_vim_to_nothing /home/vagrant/neovim/build/../src/nvim/eval/typval_encode.c.h:830:9
2 0xa0ad63 in tv_clear /home/vagrant/neovim/build/../src/nvim/eval/typval.c:2189:25
3 0x85d584 in vars_clear_ext /home/vagrant/neovim/build/../src/nvim/eval.c:18894:9
4 0x7efac9 in vars_clear /home/vagrant/neovim/build/../src/nvim/eval.c:18871:3
5 0x7ef471 in eval_clear /home/vagrant/neovim/build/../src/nvim/eval.c:638:3
6 0xf80a7c in free_all_mem /home/vagrant/neovim/build/../src/nvim/memory.c:676:3
7 0x12789dc in mch_exit /home/vagrant/neovim/build/../src/nvim/os_unix.c:152:3
8 0xe85039 in getout /home/vagrant/neovim/build/../src/nvim/main.c:671:3
9 0xbb4496 in ex_quit_all /home/vagrant/neovim/build/../src/nvim/ex_docmd.c:6051:5
10 0xb4ba9c in do_one_cmd /home/vagrant/neovim/build/../src/nvim/ex_docmd.c:2242:5
11 0xb2dd03 in do_cmdline /home/vagrant/neovim/build/../src/nvim/ex_docmd.c:609:20
12 0x845302 in call_user_func /home/vagrant/neovim/build/../src/nvim/eval.c:21332:3
13 0x81097b in call_func /home/vagrant/neovim/build/../src/nvim/eval.c:6358:11
14 0x825778 in get_func_tv /home/vagrant/neovim/build/../src/nvim/eval.c:6120:11
15 0x81e361 in ex_call /home/vagrant/neovim/build/../src/nvim/eval.c:2735:9
16 0xb4ba9c in do_one_cmd /home/vagrant/neovim/build/../src/nvim/ex_docmd.c:2242:5
17 0xb2dd03 in do_cmdline /home/vagrant/neovim/build/../src/nvim/ex_docmd.c:609:20
18 0xb17fdd in do_source /home/vagrant/neovim/build/../src/nvim/ex_cmds2.c:2973:3
19 0xb14630 in cmd_source /home/vagrant/neovim/build/../src/nvim/ex_cmds2.c:2718:14
20 0xb14727 in ex_source /home/vagrant/neovim/build/../src/nvim/ex_cmds2.c:2699:3
21 0xb4ba9c in do_one_cmd /home/vagrant/neovim/build/../src/nvim/ex_docmd.c:2242:5
22 0xb2dd03 in do_cmdline /home/vagrant/neovim/build/../src/nvim/ex_docmd.c:609:20
23 0xb34015 in do_cmdline_cmd /home/vagrant/neovim/build/../src/nvim/ex_docmd.c:280:10
24 0xe829d3 in exe_commands /home/vagrant/neovim/build/../src/nvim/main.c:1702:5
25 0xe708bd in main /home/vagrant/neovim/build/../src/nvim/main.c:524:5
26 0x7f0cd5b7e82f in __libc_start_main /build/glibc-Cl5G7W/glibc-2.23/csu/../csu/libc-start.c:291
27 0x44d628 in _start (/home/vagrant/neovim/build/bin/nvim+0x44d628)
0x6260001411c8 is located 200 bytes inside of 10256-byte region [0x626000141100,0x626000143910)
freed by thread T0 here:
0 0x50df60 in __interceptor_cfree.localalias.0 (/home/vagrant/neovim/build/bin/nvim+0x50df60)
1 0xf7dbe4 in xfree /home/vagrant/neovim/build/../src/nvim/memory.c:133:3
2 0x676577 in free_buffer /home/vagrant/neovim/build/../src/nvim/buffer.c:749:5
3 0x66e15b in close_buffer /home/vagrant/neovim/build/../src/nvim/buffer.c:590:5
4 0x67a835 in do_buffer /home/vagrant/neovim/build/../src/nvim/buffer.c:1216:9
5 0x681a1d in do_bufdel /home/vagrant/neovim/build/../src/nvim/buffer.c:945:16
6 0xb9cd72 in ex_bunload /home/vagrant/neovim/build/../src/nvim/ex_docmd.c:4585:17
7 0xb4ba9c in do_one_cmd /home/vagrant/neovim/build/../src/nvim/ex_docmd.c:2242:5
8 0xb2dd03 in do_cmdline /home/vagrant/neovim/build/../src/nvim/ex_docmd.c:609:20
9 0x845302 in call_user_func /home/vagrant/neovim/build/../src/nvim/eval.c:21332:3
10 0x81097b in call_func /home/vagrant/neovim/build/../src/nvim/eval.c:6358:11
11 0x825778 in get_func_tv /home/vagrant/neovim/build/../src/nvim/eval.c:6120:11
12 0x81e361 in ex_call /home/vagrant/neovim/build/../src/nvim/eval.c:2735:9
13 0xb4ba9c in do_one_cmd /home/vagrant/neovim/build/../src/nvim/ex_docmd.c:2242:5
14 0xb2dd03 in do_cmdline /home/vagrant/neovim/build/../src/nvim/ex_docmd.c:609:20
15 0x8646b1 in ex_execute /home/vagrant/neovim/build/../src/nvim/eval.c:19478:7
16 0xb4ba9c in do_one_cmd /home/vagrant/neovim/build/../src/nvim/ex_docmd.c:2242:5
17 0xb2dd03 in do_cmdline /home/vagrant/neovim/build/../src/nvim/ex_docmd.c:609:20
18 0x845302 in call_user_func /home/vagrant/neovim/build/../src/nvim/eval.c:21332:3
19 0x81097b in call_func /home/vagrant/neovim/build/../src/nvim/eval.c:6358:11
20 0x825778 in get_func_tv /home/vagrant/neovim/build/../src/nvim/eval.c:6120:11
21 0x81e361 in ex_call /home/vagrant/neovim/build/../src/nvim/eval.c:2735:9
22 0xb4ba9c in do_one_cmd /home/vagrant/neovim/build/../src/nvim/ex_docmd.c:2242:5
23 0xb2dd03 in do_cmdline /home/vagrant/neovim/build/../src/nvim/ex_docmd.c:609:20
24 0xb17fdd in do_source /home/vagrant/neovim/build/../src/nvim/ex_cmds2.c:2973:3
25 0xb14630 in cmd_source /home/vagrant/neovim/build/../src/nvim/ex_cmds2.c:2718:14
26 0xb14727 in ex_source /home/vagrant/neovim/build/../src/nvim/ex_cmds2.c:2699:3
27 0xb4ba9c in do_one_cmd /home/vagrant/neovim/build/../src/nvim/ex_docmd.c:2242:5
28 0xb2dd03 in do_cmdline /home/vagrant/neovim/build/../src/nvim/ex_docmd.c:609:20
29 0xb34015 in do_cmdline_cmd /home/vagrant/neovim/build/../src/nvim/ex_docmd.c:280:10
previously allocated by thread T0 here:
0 0x50e340 in calloc (/home/vagrant/neovim/build/bin/nvim+0x50e340)
1 0xf7dc97 in xcalloc /home/vagrant/neovim/build/../src/nvim/memory.c:147:15
2 0x67eb65 in buflist_new /home/vagrant/neovim/build/../src/nvim/buffer.c:1641:11
3 0xa8fdcc in do_ecmd /home/vagrant/neovim/build/../src/nvim/ex_cmds.c:2221:13
4 0x683b21 in empty_curbuf /home/vagrant/neovim/build/../src/nvim/buffer.c:1031:12
5 0x67a098 in do_buffer /home/vagrant/neovim/build/../src/nvim/buffer.c:1196:14
6 0x68173f in do_bufdel /home/vagrant/neovim/build/../src/nvim/buffer.c:927:11
7 0xb9cd72 in ex_bunload /home/vagrant/neovim/build/../src/nvim/ex_docmd.c:4585:17
8 0xb4ba9c in do_one_cmd /home/vagrant/neovim/build/../src/nvim/ex_docmd.c:2242:5
9 0xb2dd03 in do_cmdline /home/vagrant/neovim/build/../src/nvim/ex_docmd.c:609:20
10 0x845302 in call_user_func /home/vagrant/neovim/build/../src/nvim/eval.c:21332:3
11 0x81097b in call_func /home/vagrant/neovim/build/../src/nvim/eval.c:6358:11
12 0x825778 in get_func_tv /home/vagrant/neovim/build/../src/nvim/eval.c:6120:11
13 0x81e361 in ex_call /home/vagrant/neovim/build/../src/nvim/eval.c:2735:9
14 0xb4ba9c in do_one_cmd /home/vagrant/neovim/build/../src/nvim/ex_docmd.c:2242:5
15 0xb2dd03 in do_cmdline /home/vagrant/neovim/build/../src/nvim/ex_docmd.c:609:20
16 0x8646b1 in ex_execute /home/vagrant/neovim/build/../src/nvim/eval.c:19478:7
17 0xb4ba9c in do_one_cmd /home/vagrant/neovim/build/../src/nvim/ex_docmd.c:2242:5
18 0xb2dd03 in do_cmdline /home/vagrant/neovim/build/../src/nvim/ex_docmd.c:609:20
19 0x845302 in call_user_func /home/vagrant/neovim/build/../src/nvim/eval.c:21332:3
20 0x81097b in call_func /home/vagrant/neovim/build/../src/nvim/eval.c:6358:11
21 0x825778 in get_func_tv /home/vagrant/neovim/build/../src/nvim/eval.c:6120:11
22 0x81e361 in ex_call /home/vagrant/neovim/build/../src/nvim/eval.c:2735:9
23 0xb4ba9c in do_one_cmd /home/vagrant/neovim/build/../src/nvim/ex_docmd.c:2242:5
24 0xb2dd03 in do_cmdline /home/vagrant/neovim/build/../src/nvim/ex_docmd.c:609:20
25 0xb17fdd in do_source /home/vagrant/neovim/build/../src/nvim/ex_cmds2.c:2973:3
26 0xb14630 in cmd_source /home/vagrant/neovim/build/../src/nvim/ex_cmds2.c:2718:14
27 0xb14727 in ex_source /home/vagrant/neovim/build/../src/nvim/ex_cmds2.c:2699:3
28 0xb4ba9c in do_one_cmd /home/vagrant/neovim/build/../src/nvim/ex_docmd.c:2242:5
29 0xb2dd03 in do_cmdline /home/vagrant/neovim/build/../src/nvim/ex_docmd.c:609:20
SUMMARY: AddressSanitizer: heap-use-after-free /home/vagrant/neovim/build/../src/nvim/eval/typval_encode.c.h:320:15 in _typval_encode_nothing_convert_one_va
lue
Shadow bytes around the buggy address:
0x0c4c800201e0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c4c800201f0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c4c80020200: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c4c80020210: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c4c80020220: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
=>0x0c4c80020230: fd fd fd fd fd fd fd fd fd[fd]fd fd fd fd fd fd
0x0c4c80020240: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
0x0c4c80020250: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
0x0c4c80020260: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
0x0c4c80020270: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
0x0c4c80020280: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
Shadow byte legend (one shadow byte represents 8 application bytes):
Addressable: 00
Partially addressable: 01 02 03 04 05 06 07
Heap left redzone: fa
Freed heap region: fd
Stack left redzone: f1
Stack mid redzone: f2
Stack right redzone: f3
Stack after return: f5
Stack use after scope: f8
Global redzone: f9
Global init order: f6
Poisoned by user: f7
Container overflow: fc
Array cookie: ac
Intra object redzone: bb
ASan internal: fe
Left alloca redzone: ca
Right alloca redzone: cb
==3668==ABORTING
This commit is contained in:
Justin M. Keyes
parent
9af9ea6099
commit
66f5e5c7d7
@ -741,6 +741,7 @@ endfunc
|
||||
" Test for autocommand that deletes the current buffer on BufLeave event.
|
||||
" Also test deleting the last buffer, should give a new, empty buffer.
|
||||
func Test_BufLeave_Wipe()
|
||||
throw 'skipped: TODO: '
|
||||
%bwipe!
|
||||
let content = ['start of test file Xxx',
|
||||
\ 'this is a test',
|
||||
|
||||
Loading…
Reference in New Issue
Block a user