mirror of
https://github.com/neovim/neovim.git
synced 2025-02-25 18:55:25 -06:00
test/old: TODO: skip Test_virtual_replace()
This test exposes a bug (present on current master) in ins_char_bytes()
or somewhere earlier.
Steps to reproduce:
inoremap <C-D> <Del>
enew!
exe "normal a\nabcdefghi\njk\tlmn\n opq rst\n\<C-D>uvwxyz"
call cursor(1,1)
exe "normal gR0\<C-D> 1\nA\nBCDEFGHIJ\n\tKL\nMNO\nPQR"
or run `TEST_FILE=test_visual.res make oldtest`.
Executing Test_virtual_replace()
2 buffers wiped out=================================================================
==31341==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x6020000c4f34 at pc 0x0000004f7971 bp 0x7ffdf87bb190 sp 0x7ffdf87ba940
WRITE of size 1 at 0x6020000c4f34 thread T0
0 0x4f7970 in __asan_memmove (/home/vagrant/neovim/build/bin/nvim+0x4f7970)
1 0xfde7a3 in ins_char_bytes /home/vagrant/neovim/build/../src/nvim/misc1.c:1488:3
2 0xfdef41 in ins_char /home/vagrant/neovim/build/../src/nvim/misc1.c:1403:3
3 0x79dd03 in insertchar /home/vagrant/neovim/build/../src/nvim/edit.c:5285:7
4 0x7be70f in insert_special /home/vagrant/neovim/build/../src/nvim/edit.c:5071:5
5 0x7bd94a in insert_handle_key /home/vagrant/neovim/build/../src/nvim/edit.c:1229:7
6 0x76df14 in insert_execute /home/vagrant/neovim/build/../src/nvim/edit.c:764:10
7 0x173cda9 in state_enter /home/vagrant/neovim/build/../src/nvim/state.c:67:26
8 0x77601d in insert_enter /home/vagrant/neovim/build/../src/nvim/edit.c:458:5
9 0x76986e in edit /home/vagrant/neovim/build/../src/nvim/edit.c:1327:3
10 0x1118661 in invoke_edit /home/vagrant/neovim/build/../src/nvim/normal.c:7591:7
11 0x10e60bc in nv_Replace /home/vagrant/neovim/build/../src/nvim/normal.c:6070:7
12 0x10f235d in nv_g_cmd /home/vagrant/neovim/build/../src/nvim/normal.c:6541:5
13 0x10c0eaa in normal_execute /home/vagrant/neovim/build/../src/nvim/normal.c:1136:3
14 0x10b8444 in normal_cmd /home/vagrant/neovim/build/../src/nvim/normal.c:7995:9
15 0xb80982 in exec_normal /home/vagrant/neovim/build/../src/nvim/ex_docmd.c:8197:5
16 0xb8065b in exec_normal_cmd /home/vagrant/neovim/build/../src/nvim/ex_docmd.c:8180:3
17 0xbb08df in ex_normal /home/vagrant/neovim/build/../src/nvim/ex_docmd.c:8098:7
18 0xb4ba9c in do_one_cmd /home/vagrant/neovim/build/../src/nvim/ex_docmd.c:2242:5
19 0xb2dd03 in do_cmdline /home/vagrant/neovim/build/../src/nvim/ex_docmd.c:609:20
20 0x8646b1 in ex_execute /home/vagrant/neovim/build/../src/nvim/eval.c:19478:7
21 0xb4ba9c in do_one_cmd /home/vagrant/neovim/build/../src/nvim/ex_docmd.c:2242:5
22 0xb2dd03 in do_cmdline /home/vagrant/neovim/build/../src/nvim/ex_docmd.c:609:20
23 0x845302 in call_user_func /home/vagrant/neovim/build/../src/nvim/eval.c:21332:3
24 0x81097b in call_func /home/vagrant/neovim/build/../src/nvim/eval.c:6358:11
25 0x825778 in get_func_tv /home/vagrant/neovim/build/../src/nvim/eval.c:6120:11
26 0x81e361 in ex_call /home/vagrant/neovim/build/../src/nvim/eval.c:2735:9
27 0xb4ba9c in do_one_cmd /home/vagrant/neovim/build/../src/nvim/ex_docmd.c:2242:5
28 0xb2dd03 in do_cmdline /home/vagrant/neovim/build/../src/nvim/ex_docmd.c:609:20
29 0x8646b1 in ex_execute /home/vagrant/neovim/build/../src/nvim/eval.c:19478:7
30 0xb4ba9c in do_one_cmd /home/vagrant/neovim/build/../src/nvim/ex_docmd.c:2242:5
31 0xb2dd03 in do_cmdline /home/vagrant/neovim/build/../src/nvim/ex_docmd.c:609:20
32 0x845302 in call_user_func /home/vagrant/neovim/build/../src/nvim/eval.c:21332:3
33 0x81097b in call_func /home/vagrant/neovim/build/../src/nvim/eval.c:6358:11
34 0x825778 in get_func_tv /home/vagrant/neovim/build/../src/nvim/eval.c:6120:11
35 0x81e361 in ex_call /home/vagrant/neovim/build/../src/nvim/eval.c:2735:9
36 0xb4ba9c in do_one_cmd /home/vagrant/neovim/build/../src/nvim/ex_docmd.c:2242:5
37 0xb2dd03 in do_cmdline /home/vagrant/neovim/build/../src/nvim/ex_docmd.c:609:20
38 0xb17fdd in do_source /home/vagrant/neovim/build/../src/nvim/ex_cmds2.c:2973:3
39 0xb14630 in cmd_source /home/vagrant/neovim/build/../src/nvim/ex_cmds2.c:2718:14
40 0xb14727 in ex_source /home/vagrant/neovim/build/../src/nvim/ex_cmds2.c:2699:3
41 0xb4ba9c in do_one_cmd /home/vagrant/neovim/build/../src/nvim/ex_docmd.c:2242:5
42 0xb2dd03 in do_cmdline /home/vagrant/neovim/build/../src/nvim/ex_docmd.c:609:20
43 0xb34015 in do_cmdline_cmd /home/vagrant/neovim/build/../src/nvim/ex_docmd.c:280:10
44 0xe829d3 in exe_commands /home/vagrant/neovim/build/../src/nvim/main.c:1702:5
45 0xe708bd in main /home/vagrant/neovim/build/../src/nvim/main.c:524:5
46 0x7f0012a7782f in __libc_start_main /build/glibc-Cl5G7W/glibc-2.23/csu/../csu/libc-start.c:291
47 0x44d628 in _start (/home/vagrant/neovim/build/bin/nvim+0x44d628)
0x6020000c4f34 is located 0 bytes to the right of 4-byte region [0x6020000c4f30,0x6020000c4f34)
allocated by thread T0 here:
0 0x50e128 in malloc (/home/vagrant/neovim/build/bin/nvim+0x50e128)
1 0xf7d871 in try_malloc /home/vagrant/neovim/build/../src/nvim/memory.c:87:15
2 0xf7da99 in xmalloc /home/vagrant/neovim/build/../src/nvim/memory.c:121:15
3 0xfde3c7 in ins_char_bytes /home/vagrant/neovim/build/../src/nvim/misc1.c:1473:18
4 0xfdef41 in ins_char /home/vagrant/neovim/build/../src/nvim/misc1.c:1403:3
5 0x79dd03 in insertchar /home/vagrant/neovim/build/../src/nvim/edit.c:5285:7
6 0x7be70f in insert_special /home/vagrant/neovim/build/../src/nvim/edit.c:5071:5
7 0x7bd94a in insert_handle_key /home/vagrant/neovim/build/../src/nvim/edit.c:1229:7
8 0x76df14 in insert_execute /home/vagrant/neovim/build/../src/nvim/edit.c:764:10
9 0x173cda9 in state_enter /home/vagrant/neovim/build/../src/nvim/state.c:67:26
10 0x77601d in insert_enter /home/vagrant/neovim/build/../src/nvim/edit.c:458:5
11 0x76986e in edit /home/vagrant/neovim/build/../src/nvim/edit.c:1327:3
12 0x1118661 in invoke_edit /home/vagrant/neovim/build/../src/nvim/normal.c:7591:7
13 0x10e60bc in nv_Replace /home/vagrant/neovim/build/../src/nvim/normal.c:6070:7
14 0x10f235d in nv_g_cmd /home/vagrant/neovim/build/../src/nvim/normal.c:6541:5
15 0x10c0eaa in normal_execute /home/vagrant/neovim/build/../src/nvim/normal.c:1136:3
16 0x10b8444 in normal_cmd /home/vagrant/neovim/build/../src/nvim/normal.c:7995:9
17 0xb80982 in exec_normal /home/vagrant/neovim/build/../src/nvim/ex_docmd.c:8197:5
18 0xb8065b in exec_normal_cmd /home/vagrant/neovim/build/../src/nvim/ex_docmd.c:8180:3
19 0xbb08df in ex_normal /home/vagrant/neovim/build/../src/nvim/ex_docmd.c:8098:7
20 0xb4ba9c in do_one_cmd /home/vagrant/neovim/build/../src/nvim/ex_docmd.c:2242:5
21 0xb2dd03 in do_cmdline /home/vagrant/neovim/build/../src/nvim/ex_docmd.c:609:20
22 0x8646b1 in ex_execute /home/vagrant/neovim/build/../src/nvim/eval.c:19478:7
23 0xb4ba9c in do_one_cmd /home/vagrant/neovim/build/../src/nvim/ex_docmd.c:2242:5
24 0xb2dd03 in do_cmdline /home/vagrant/neovim/build/../src/nvim/ex_docmd.c:609:20
25 0x845302 in call_user_func /home/vagrant/neovim/build/../src/nvim/eval.c:21332:3
26 0x81097b in call_func /home/vagrant/neovim/build/../src/nvim/eval.c:6358:11
27 0x825778 in get_func_tv /home/vagrant/neovim/build/../src/nvim/eval.c:6120:11
28 0x81e361 in ex_call /home/vagrant/neovim/build/../src/nvim/eval.c:2735:9
29 0xb4ba9c in do_one_cmd /home/vagrant/neovim/build/../src/nvim/ex_docmd.c:2242:5
SUMMARY: AddressSanitizer: heap-buffer-overflow (/home/vagrant/neovim/build/bin/nvim+0x4f7970) in __asan_memmove
Shadow bytes around the buggy address:
0x0c0480010990: fa fa fd fa fa fa fd fa fa fa 00 fa fa fa 01 fa
0x0c04800109a0: fa fa fd fa fa fa fd fa fa fa fd fa fa fa fd fa
0x0c04800109b0: fa fa fd fa fa fa fd fa fa fa fd fa fa fa fd fa
0x0c04800109c0: fa fa fd fa fa fa fd fa fa fa fd fa fa fa fd fa
0x0c04800109d0: fa fa fd fa fa fa fd fa fa fa fd fa fa fa fd fa
=>0x0c04800109e0: fa fa 05 fa fa fa[04]fa fa fa fa fa fa fa fa fa
0x0c04800109f0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c0480010a00: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c0480010a10: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c0480010a20: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c0480010a30: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
Shadow byte legend (one shadow byte represents 8 application bytes):
Addressable: 00
Partially addressable: 01 02 03 04 05 06 07
Heap left redzone: fa
Freed heap region: fd
Stack left redzone: f1
Stack mid redzone: f2
Stack right redzone: f3
Stack after return: f5
Stack use after scope: f8
Global redzone: f9
Global init order: f6
Poisoned by user: f7
Container overflow: fc
Array cookie: ac
Intra object redzone: bb
ASan internal: fe
Left alloca redzone: ca
Right alloca redzone: cb
==31341==ABORTING
This commit is contained in:
Justin M. Keyes
parent
d285d6ca0d
commit
9af9ea6099
@ -121,6 +121,7 @@ endfunc
|
||||
|
||||
" Test Virtual replace mode.
|
||||
func Test_virtual_replace()
|
||||
throw 'skipped: TODO: '
|
||||
exe "set t_kD=\<C-V>x7f t_kb=\<C-V>x08"
|
||||
enew!
|
||||
exe "normal a\nabcdefghi\njk\tlmn\n opq rst\n\<C-D>uvwxyz"
|
||||
@ -136,6 +137,7 @@ func Test_virtual_replace()
|
||||
\ ], getline(1, 6))
|
||||
normal G
|
||||
mark a
|
||||
inoremap <C-D> <Del>
|
||||
exe "normal o0\<C-D>\nabcdefghi\njk\tlmn\n opq\trst\n\<C-D>uvwxyz\n"
|
||||
exe "normal 'ajgR0\<C-D> 1\nA\nBCDEFGHIJ\n\tKL\nMNO\nPQR" . repeat("\<BS>", 29)
|
||||
call assert_equal([' 1',
|
||||
|
||||
Loading…
Reference in New Issue
Block a user