[vim/vim] Fix use after free when autocmd changes the location list (#6946)
18 views
Skip to first unread message
erw7
Sep 12, 2020, 4:34:52 PM9/12/20
to vim/vim, Subscribed
" minimum.vim call setline(1, ['test1', 'test2', 'test3', 'test4', 'test5']) function! s:setloclist() abort call setloclist(1, [ \ {'bufnr': 1, 'lnum': 1, 'col': 1, 'nr': 1, 'text': 'test error 1', 'type': 'E'}, \ {'bufnr': 1, 'lnum': 4, 'col': 1, 'nr': 2, 'text': 'test error 2', 'type': 'E'} \], 'r') endfunction augroup Test_LocList autocmd! autocmd BufEnter * call s:setloclist() augroup END
vim -Nu minimum.vim
:lopen
<C-w>j<Return>
==17337== Memcheck, a memory error detector
==17337== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al.
==17337== Using Valgrind-3.13.0 and LibVEX; rerun with -h for copyright info
==17337== Command: src/vim -Nu /home/erw7/minimum.vim
==17337==
==17337== Memcheck, a memory error detector
==17337== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al.
==17337== Using Valgrind-3.13.0 and LibVEX; rerun with -h for copyright info
==17337== Command: src/vim -Nu /home/erw7/minimum.vim
==17337==
==17337== Invalid read of size 4
==17337== at 0x2CB6CB: qf_jump_to_buffer (quickfix.c:3317)
==17337== by 0x2CB94C: qf_jump_newwin (quickfix.c:3425)
==17337== by 0x2CB7A9: qf_jump (quickfix.c:3351)
==17337== by 0x2CEE29: ex_cc (quickfix.c:5178)
==17337== by 0x1F4355: do_one_cmd (ex_docmd.c:2537)
==17337== by 0x1F1590: do_cmdline (ex_docmd.c:983)
==17337== by 0x1F0AA5: do_cmdline_cmd (ex_docmd.c:591)
==17337== Invalid read of size 4
==17337== at 0x2CB6CB: qf_jump_to_buffer (quickfix.c:3317)
==17337== by 0x2CB94C: qf_jump_newwin (quickfix.c:3425)
==17337== by 0x2CB7A9: qf_jump (quickfix.c:3351)
==17337== by 0x2CEE29: ex_cc (quickfix.c:5178)
==17337== by 0x1F4355: do_one_cmd (ex_docmd.c:2537)
==17337== by 0x1F1590: do_cmdline (ex_docmd.c:983)
==17337== by 0x1F0AA5: do_cmdline_cmd (ex_docmd.c:591)
==17337== by 0x2CCB96: qf_view_result (quickfix.c:3959)
==17337== by 0x28D304: nv_down (normal.c:4136)
==17337== by 0x287A29: normal_cmd (normal.c:1097)
==17337== by 0x427117: main_loop (main.c:1478)
==17337== by 0x426583: vim_main2 (main.c:868)
==17337== Address 0x6115fc8 is 24 bytes inside a block of size 72 free'd
==17337== at 0x4C30D3B: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==17337== by 0x278ABA: vim_free (misc2.c:1807)
==17337== by 0x2CC5FC: qf_free_items (quickfix.c:3786)
==17337== by 0x2D26FB: qf_add_entries (quickfix.c:7134)
==17337== by 0x2D3305: set_errorlist (quickfix.c:7537)
==17337== by 0x2D4942: set_qf_ll_list (quickfix.c:8262)
==17337== by 0x2D49C5: f_setloclist (quickfix.c:8283)
==17337== by 0x1CCFC8: call_internal_func (evalfunc.c:1260)
==17337== by 0x394149: call_func (userfunc.c:2197)
==17337== by 0x390BBF: get_func_tv (userfunc.c:690)
==17337== by 0x399032: ex_call (userfunc.c:4083)
==17337== by 0x1F4355: do_one_cmd (ex_docmd.c:2537)
==17337== Block was alloc'd at
==17337== at 0x4C2FB0F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==17337== by 0x277C90: lalloc (misc2.c:925)
==17337== by 0x277B3B: alloc (misc2.c:828)
==17337== by 0x2C9735: qf_add_entry (quickfix.c:2062)
==17337== by 0x2D25D2: qf_add_entry_from_dict (quickfix.c:7077)
==17337== by 0x2D275F: qf_add_entries (quickfix.c:7147)
==17337== by 0x2D3305: set_errorlist (quickfix.c:7537)
==17337== by 0x2D4942: set_qf_ll_list (quickfix.c:8262)
==17337== by 0x2D49C5: f_setloclist (quickfix.c:8283)
==17337== by 0x1CCFC8: call_internal_func (evalfunc.c:1260)
==17337== by 0x394149: call_func (userfunc.c:2197)
==17337== by 0x390BBF: get_func_tv (userfunc.c:690)
==17337==
==17337== Invalid read of size 1
==17337== at 0x2CB193: qf_jump_edit_buffer (quickfix.c:3116)
==17337== by 0x2CB6EE: qf_jump_to_buffer (quickfix.c:3319)
==17337== by 0x2CB94C: qf_jump_newwin (quickfix.c:3425)
==17337== by 0x2CB7A9: qf_jump (quickfix.c:3351)
==17337== by 0x2CEE29: ex_cc (quickfix.c:5178)
==17337== by 0x1F4355: do_one_cmd (ex_docmd.c:2537)
==17337== by 0x1F1590: do_cmdline (ex_docmd.c:983)
==17337== by 0x1F0AA5: do_cmdline_cmd (ex_docmd.c:591)
==17337== by 0x2CCB96: qf_view_result (quickfix.c:3959)
==17337== by 0x28D304: nv_down (normal.c:4136)
==17337== by 0x287A29: normal_cmd (normal.c:1097)
==17337== by 0x427117: main_loop (main.c:1478)
==17337== Address 0x6115ff2 is 66 bytes inside a block of size 72 free'd
==17337== at 0x4C30D3B: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==17337== by 0x278ABA: vim_free (misc2.c:1807)
==17337== by 0x2CC5FC: qf_free_items (quickfix.c:3786)
==17337== by 0x2D26FB: qf_add_entries (quickfix.c:7134)
==17337== by 0x2D3305: set_errorlist (quickfix.c:7537)
==17337== by 0x2D4942: set_qf_ll_list (quickfix.c:8262)
==17337== by 0x2D49C5: f_setloclist (quickfix.c:8283)
==17337== by 0x1CCFC8: call_internal_func (evalfunc.c:1260)
==17337== by 0x394149: call_func (userfunc.c:2197)
==17337== by 0x390BBF: get_func_tv (userfunc.c:690)
==17337== by 0x399032: ex_call (userfunc.c:4083)
==17337== by 0x1F4355: do_one_cmd (ex_docmd.c:2537)
==17337== Block was alloc'd at
==17337== at 0x4C2FB0F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==17337== by 0x277C90: lalloc (misc2.c:925)
==17337== by 0x277B3B: alloc (misc2.c:828)
==17337== by 0x2C9735: qf_add_entry (quickfix.c:2062)
==17337== by 0x2D25D2: qf_add_entry_from_dict (quickfix.c:7077)
==17337== by 0x2D275F: qf_add_entries (quickfix.c:7147)
==17337== by 0x2D3305: set_errorlist (quickfix.c:7537)
==17337== by 0x2D4942: set_qf_ll_list (quickfix.c:8262)
==17337== by 0x2D49C5: f_setloclist (quickfix.c:8283)
==17337== by 0x1CCFC8: call_internal_func (evalfunc.c:1260)
==17337== by 0x394149: call_func (userfunc.c:2197)
==17337== by 0x390BBF: get_func_tv (userfunc.c:690)
==17337==
==17337== by 0x2CCB96: qf_view_result (quickfix.c:3959)
==17337== by 0x28D304: nv_down (normal.c:4136)
==17337== by 0x287A29: normal_cmd (normal.c:1097)
==17337== by 0x427117: main_loop (main.c:1478)
==17337== by 0x426583: vim_main2 (main.c:868)
==17337== Address 0x6115fc8 is 24 bytes inside a block of size 72 free'd
==17337== at 0x4C30D3B: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==17337== by 0x278ABA: vim_free (misc2.c:1807)
==17337== by 0x2CC5FC: qf_free_items (quickfix.c:3786)
==17337== by 0x2D26FB: qf_add_entries (quickfix.c:7134)
==17337== by 0x2D3305: set_errorlist (quickfix.c:7537)
==17337== by 0x2D4942: set_qf_ll_list (quickfix.c:8262)
==17337== by 0x2D49C5: f_setloclist (quickfix.c:8283)
==17337== by 0x1CCFC8: call_internal_func (evalfunc.c:1260)
==17337== by 0x394149: call_func (userfunc.c:2197)
==17337== by 0x390BBF: get_func_tv (userfunc.c:690)
==17337== by 0x399032: ex_call (userfunc.c:4083)
==17337== by 0x1F4355: do_one_cmd (ex_docmd.c:2537)
==17337== Block was alloc'd at
==17337== at 0x4C2FB0F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==17337== by 0x277C90: lalloc (misc2.c:925)
==17337== by 0x277B3B: alloc (misc2.c:828)
==17337== by 0x2C9735: qf_add_entry (quickfix.c:2062)
==17337== by 0x2D25D2: qf_add_entry_from_dict (quickfix.c:7077)
==17337== by 0x2D275F: qf_add_entries (quickfix.c:7147)
==17337== by 0x2D3305: set_errorlist (quickfix.c:7537)
==17337== by 0x2D4942: set_qf_ll_list (quickfix.c:8262)
==17337== by 0x2D49C5: f_setloclist (quickfix.c:8283)
==17337== by 0x1CCFC8: call_internal_func (evalfunc.c:1260)
==17337== by 0x394149: call_func (userfunc.c:2197)
==17337== by 0x390BBF: get_func_tv (userfunc.c:690)
==17337==
==17337== Invalid read of size 1
==17337== at 0x2CB193: qf_jump_edit_buffer (quickfix.c:3116)
==17337== by 0x2CB6EE: qf_jump_to_buffer (quickfix.c:3319)
==17337== by 0x2CB94C: qf_jump_newwin (quickfix.c:3425)
==17337== by 0x2CB7A9: qf_jump (quickfix.c:3351)
==17337== by 0x2CEE29: ex_cc (quickfix.c:5178)
==17337== by 0x1F4355: do_one_cmd (ex_docmd.c:2537)
==17337== by 0x1F1590: do_cmdline (ex_docmd.c:983)
==17337== by 0x1F0AA5: do_cmdline_cmd (ex_docmd.c:591)
==17337== by 0x2CCB96: qf_view_result (quickfix.c:3959)
==17337== by 0x28D304: nv_down (normal.c:4136)
==17337== by 0x287A29: normal_cmd (normal.c:1097)
==17337== by 0x427117: main_loop (main.c:1478)
==17337== Address 0x6115ff2 is 66 bytes inside a block of size 72 free'd
==17337== at 0x4C30D3B: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==17337== by 0x278ABA: vim_free (misc2.c:1807)
==17337== by 0x2CC5FC: qf_free_items (quickfix.c:3786)
==17337== by 0x2D26FB: qf_add_entries (quickfix.c:7134)
==17337== by 0x2D3305: set_errorlist (quickfix.c:7537)
==17337== by 0x2D4942: set_qf_ll_list (quickfix.c:8262)
==17337== by 0x2D49C5: f_setloclist (quickfix.c:8283)
==17337== by 0x1CCFC8: call_internal_func (evalfunc.c:1260)
==17337== by 0x394149: call_func (userfunc.c:2197)
==17337== by 0x390BBF: get_func_tv (userfunc.c:690)
==17337== by 0x399032: ex_call (userfunc.c:4083)
==17337== by 0x1F4355: do_one_cmd (ex_docmd.c:2537)
==17337== Block was alloc'd at
==17337== at 0x4C2FB0F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==17337== by 0x277C90: lalloc (misc2.c:925)
==17337== by 0x277B3B: alloc (misc2.c:828)
==17337== by 0x2C9735: qf_add_entry (quickfix.c:2062)
==17337== by 0x2D25D2: qf_add_entry_from_dict (quickfix.c:7077)
==17337== by 0x2D275F: qf_add_entries (quickfix.c:7147)
==17337== by 0x2D3305: set_errorlist (quickfix.c:7537)
==17337== by 0x2D4942: set_qf_ll_list (quickfix.c:8262)
==17337== by 0x2D49C5: f_setloclist (quickfix.c:8283)
==17337== by 0x1CCFC8: call_internal_func (evalfunc.c:1260)
==17337== by 0x394149: call_func (userfunc.c:2197)
==17337== by 0x390BBF: get_func_tv (userfunc.c:690)
==17337==
==17337== Invalid read of size 4
==17337== at 0x2CB217: qf_jump_edit_buffer (quickfix.c:3131)
==17337== by 0x2CB6EE: qf_jump_to_buffer (quickfix.c:3319)
==17337== by 0x2CB94C: qf_jump_newwin (quickfix.c:3425)
==17337== by 0x2CB7A9: qf_jump (quickfix.c:3351)
==17337== by 0x2CEE29: ex_cc (quickfix.c:5178)
==17337== by 0x1F4355: do_one_cmd (ex_docmd.c:2537)
==17337== by 0x1F1590: do_cmdline (ex_docmd.c:983)
==17337== by 0x1F0AA5: do_cmdline_cmd (ex_docmd.c:591)
==17337== by 0x2CCB96: qf_view_result (quickfix.c:3959)
==17337== by 0x28D304: nv_down (normal.c:4136)
==17337== by 0x287A29: normal_cmd (normal.c:1097)
==17337== by 0x427117: main_loop (main.c:1478)
==17337== Address 0x6115fc8 is 24 bytes inside a block of size 72 free'd
==17337== at 0x4C30D3B: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==17337== by 0x278ABA: vim_free (misc2.c:1807)
==17337== by 0x2CC5FC: qf_free_items (quickfix.c:3786)
==17337== by 0x2D26FB: qf_add_entries (quickfix.c:7134)
==17337== by 0x2D3305: set_errorlist (quickfix.c:7537)
==17337== by 0x2D4942: set_qf_ll_list (quickfix.c:8262)
==17337== by 0x2D49C5: f_setloclist (quickfix.c:8283)
==17337== by 0x1CCFC8: call_internal_func (evalfunc.c:1260)
==17337== by 0x394149: call_func (userfunc.c:2197)
==17337== by 0x390BBF: get_func_tv (userfunc.c:690)
==17337== by 0x399032: ex_call (userfunc.c:4083)
==17337== by 0x1F4355: do_one_cmd (ex_docmd.c:2537)
==17337== Block was alloc'd at
==17337== at 0x4C2FB0F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==17337== by 0x277C90: lalloc (misc2.c:925)
==17337== by 0x277B3B: alloc (misc2.c:828)
==17337== by 0x2C9735: qf_add_entry (quickfix.c:2062)
==17337== by 0x2D25D2: qf_add_entry_from_dict (quickfix.c:7077)
==17337== by 0x2D275F: qf_add_entries (quickfix.c:7147)
==17337== by 0x2D3305: set_errorlist (quickfix.c:7537)
==17337== by 0x2D4942: set_qf_ll_list (quickfix.c:8262)
==17337== by 0x2D49C5: f_setloclist (quickfix.c:8283)
==17337== by 0x1CCFC8: call_internal_func (evalfunc.c:1260)
==17337== by 0x394149: call_func (userfunc.c:2197)
==17337== by 0x390BBF: get_func_tv (userfunc.c:690)
==17337==
==17337== Invalid read of size 4
==17337== at 0x2CB217: qf_jump_edit_buffer (quickfix.c:3131)
==17337== by 0x2CB6EE: qf_jump_to_buffer (quickfix.c:3319)
==17337== by 0x2CB94C: qf_jump_newwin (quickfix.c:3425)
==17337== by 0x2CB7A9: qf_jump (quickfix.c:3351)
==17337== by 0x2CEE29: ex_cc (quickfix.c:5178)
==17337== by 0x1F4355: do_one_cmd (ex_docmd.c:2537)
==17337== by 0x1F1590: do_cmdline (ex_docmd.c:983)
==17337== by 0x1F0AA5: do_cmdline_cmd (ex_docmd.c:591)
==17337== by 0x2CCB96: qf_view_result (quickfix.c:3959)
==17337== by 0x28D304: nv_down (normal.c:4136)
==17337== by 0x287A29: normal_cmd (normal.c:1097)
==17337== by 0x427117: main_loop (main.c:1478)
==17337== Address 0x6115fc8 is 24 bytes inside a block of size 72 free'd
==17337== at 0x4C30D3B: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==17337== by 0x278ABA: vim_free (misc2.c:1807)
==17337== by 0x2CC5FC: qf_free_items (quickfix.c:3786)
==17337== by 0x2D26FB: qf_add_entries (quickfix.c:7134)
==17337== by 0x2D3305: set_errorlist (quickfix.c:7537)
==17337== by 0x2D4942: set_qf_ll_list (quickfix.c:8262)
==17337== by 0x2D49C5: f_setloclist (quickfix.c:8283)
==17337== by 0x1CCFC8: call_internal_func (evalfunc.c:1260)
==17337== by 0x394149: call_func (userfunc.c:2197)
==17337== by 0x390BBF: get_func_tv (userfunc.c:690)
==17337== by 0x399032: ex_call (userfunc.c:4083)
==17337== by 0x1F4355: do_one_cmd (ex_docmd.c:2537)
==17337== Block was alloc'd at
==17337== at 0x4C2FB0F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==17337== by 0x277C90: lalloc (misc2.c:925)
==17337== by 0x277B3B: alloc (misc2.c:828)
==17337== by 0x2C9735: qf_add_entry (quickfix.c:2062)
==17337== by 0x2D25D2: qf_add_entry_from_dict (quickfix.c:7077)
==17337== by 0x2D275F: qf_add_entries (quickfix.c:7147)
==17337== by 0x2D3305: set_errorlist (quickfix.c:7537)
==17337== by 0x2D4942: set_qf_ll_list (quickfix.c:8262)
==17337== by 0x2D49C5: f_setloclist (quickfix.c:8283)
==17337== by 0x1CCFC8: call_internal_func (evalfunc.c:1260)
==17337== by 0x394149: call_func (userfunc.c:2197)
==17337== by 0x390BBF: get_func_tv (userfunc.c:690)
==17337==
==17337==
==17337==
==17337== HEAP SUMMARY:
==17337== in use at exit: 246,829 bytes in 748 blocks
==17337== total heap usage: 3,206 allocs, 2,458 frees, 1,031,233 bytes allocated
==17337==
==17337== HEAP SUMMARY:
==17337== in use at exit: 246,829 bytes in 748 blocks
==17337== total heap usage: 3,206 allocs, 2,458 frees, 1,031,233 bytes allocated
==17337==
==17337== LEAK SUMMARY:
==17337== definitely lost: 0 bytes in 0 blocks
==17337== indirectly lost: 0 bytes in 0 blocks
==17337== possibly lost: 52 bytes in 2 blocks
==17337== still reachable: 246,777 bytes in 746 blocks
==17337== suppressed: 0 bytes in 0 blocks
==17337== Rerun with --leak-check=full to see details of leaked memory
==17337==
==17337== For counts of detected and suppressed errors, rerun with: -v
==17337== ERROR SUMMARY: 3 errors from 3 contexts (suppressed: 0 from 0)
==17337== LEAK SUMMARY:
==17337== definitely lost: 0 bytes in 0 blocks
==17337== indirectly lost: 0 bytes in 0 blocks
==17337== possibly lost: 52 bytes in 2 blocks
==17337== still reachable: 246,777 bytes in 746 blocks
==17337== suppressed: 0 bytes in 0 blocks
==17337== Rerun with --leak-check=full to see details of leaked memory
==17337==
==17337== For counts of detected and suppressed errors, rerun with: -v
==17337== ERROR SUMMARY: 3 errors from 3 contexts (suppressed: 0 from 0)
You can view, comment on, or merge this pull request online at:
https://github.com/vim/vim/pull/6946
Commit Summary
- Fix use after free when autocmd changes the location list
File Changes
- M src/quickfix.c (26)
Patch Links:
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub, or unsubscribe.
codecov[bot]
Sep 12, 2020, 4:58:15 PM9/12/20
to vim/vim, Subscribed
Codecov Report
Merging #6946 into master will decrease coverage by
0.00%.
The diff coverage is46.66%.
@@ Coverage Diff @@ ## master #6946 +/- ## ========================================== - Coverage 88.55% 88.55% -0.01% ========================================== Files 148 148 Lines 161340 161355 +15 ========================================== + Hits 142879 142890 +11 - Misses 18461 18465 +4
| Impacted Files | Coverage Δ | |
|---|---|---|
| src/quickfix.c | 94.70% <46.66%> (-0.21%) |
⬇️ |
| src/gui.c | 62.75% <0.00%> (-0.05%) |
⬇️ |
| src/ex_getln.c | 91.34% <0.00%> (+0.04%) |
⬆️ |
| src/gui_gtk_x11.c | 58.88% <0.00%> (+0.04%) |
⬆️ |
| src/search.c | 91.86% <0.00%> (+0.09%) |
⬆️ |
| src/if_xcmdsrv.c | 88.90% <0.00%> (+0.17%) |
⬆️ |
Continue to review full report at Codecov.
Legend - Click here to learn more
Δ = absolute <relative> (impact),ø = not affected,? = missing data
Powered by Codecov. Last update 4a091b9...8b04c23. Read the comment docs.
Bram Moolenaar
Sep 13, 2020, 7:42:10 AM9/13/20
to vim/vim, Subscribed
Can you turn the example into a test? I gave it a try but it didn't trigger the error.
erw7
Sep 13, 2020, 12:30:39 PM9/13/20
to vim/vim, Subscribed
In my environment it looks like following. Would you like to reproduce it in your environment?
valgrind --tool=memcheck vim -Nu ~/minimum.vim 2>& vim_valgrid.log
:lopen
<Return>
:q!
:q!
cat vim_valgrid.log
==3663== Memcheck, a memory error detector
==3663== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al.
==3663== Using Valgrind-3.13.0 and LibVEX; rerun with -h for copyright info
==3663== Command: vim -Nu /home/erw7/minimum.vim
==3663==
==3663== Memcheck, a memory error detector
==3663== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al.
==3663== Using Valgrind-3.13.0 and LibVEX; rerun with -h for copyright info
==3663== Command: vim -Nu /home/erw7/minimum.vim
==3663==
==3663== Invalid read of size 4
==3663== at 0x2CB73B: qf_jump_to_buffer (quickfix.c:3317)
==3663== Invalid read of size 4
==3663== at 0x2CB73B: qf_jump_to_buffer (quickfix.c:3317)
==3663== by 0x2CB9BC: qf_jump_newwin (quickfix.c:3425)
==3663== by 0x2CB819: qf_jump (quickfix.c:3351)
==3663== by 0x2CEE99: ex_cc (quickfix.c:5178)
==3663== by 0x1F43A8: do_one_cmd (ex_docmd.c:2537)
==3663== by 0x1F15E3: do_cmdline (ex_docmd.c:983)
==3663== by 0x1F0AF8: do_cmdline_cmd (ex_docmd.c:591)
==3663== by 0x2CCC06: qf_view_result (quickfix.c:3959)
==3663== by 0x28D36D: nv_down (normal.c:4136)
==3663== by 0x287A92: normal_cmd (normal.c:1097)
==3663== by 0x4272B7: main_loop (main.c:1478)
==3663== by 0x426723: vim_main2 (main.c:868)
==3663== Address 0x61162c8 is 24 bytes inside a block of size 72 free'd
==3663== by 0x2CB9BC: qf_jump_newwin (quickfix.c:3425)
==3663== by 0x2CB819: qf_jump (quickfix.c:3351)
==3663== by 0x2CEE99: ex_cc (quickfix.c:5178)
==3663== by 0x1F43A8: do_one_cmd (ex_docmd.c:2537)
==3663== by 0x1F15E3: do_cmdline (ex_docmd.c:983)
==3663== by 0x1F0AF8: do_cmdline_cmd (ex_docmd.c:591)
==3663== by 0x2CCC06: qf_view_result (quickfix.c:3959)
==3663== by 0x28D36D: nv_down (normal.c:4136)
==3663== by 0x287A92: normal_cmd (normal.c:1097)
==3663== by 0x4272B7: main_loop (main.c:1478)
==3663== by 0x426723: vim_main2 (main.c:868)
==3663== Address 0x61162c8 is 24 bytes inside a block of size 72 free'd
==3663== at 0x4C30D3B: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==3663== by 0x278B23: vim_free (misc2.c:1807)
==3663== by 0x2CC66C: qf_free_items (quickfix.c:3786)
==3663== at 0x4C30D3B: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==3663== by 0x278B23: vim_free (misc2.c:1807)
==3663== by 0x2CC66C: qf_free_items (quickfix.c:3786)
==3663== by 0x2D276B: qf_add_entries (quickfix.c:7134)
==3663== by 0x2D3375: set_errorlist (quickfix.c:7537)
==3663== by 0x2D276B: qf_add_entries (quickfix.c:7134)
==3663== by 0x2D3375: set_errorlist (quickfix.c:7537)
==3663== by 0x2D49B2: set_qf_ll_list (quickfix.c:8262)
==3663== by 0x2D4A35: f_setloclist (quickfix.c:8283)
==3663== by 0x2D49B2: set_qf_ll_list (quickfix.c:8262)
==3663== by 0x2D4A35: f_setloclist (quickfix.c:8283)
==3663== by 0x1CD006: call_internal_func (evalfunc.c:1260)
==3663== by 0x1CD006: call_internal_func (evalfunc.c:1260)
==3663== by 0x3941D7: call_func (userfunc.c:2206)
==3663== by 0x3941D7: call_func (userfunc.c:2206)
==3663== by 0x390C2F: get_func_tv (userfunc.c:690)
==3663== by 0x390C2F: get_func_tv (userfunc.c:690)
==3663== by 0x3990C0: ex_call (userfunc.c:4092)
==3663== by 0x1F43A8: do_one_cmd (ex_docmd.c:2537)
==3663== Block was alloc'd at
==3663== by 0x3990C0: ex_call (userfunc.c:4092)
==3663== by 0x1F43A8: do_one_cmd (ex_docmd.c:2537)
==3663== Block was alloc'd at
==3663== at 0x4C2FB0F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==3663== by 0x277CF9: lalloc (misc2.c:925)
==3663== at 0x4C2FB0F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==3663== by 0x277CF9: lalloc (misc2.c:925)
==3663== by 0x277BA4: alloc (misc2.c:828)
==3663== by 0x2C97A5: qf_add_entry (quickfix.c:2062)
==3663== by 0x277BA4: alloc (misc2.c:828)
==3663== by 0x2C97A5: qf_add_entry (quickfix.c:2062)
==3663== by 0x2D2642: qf_add_entry_from_dict (quickfix.c:7077)
==3663== by 0x2D27CF: qf_add_entries (quickfix.c:7147)
==3663== by 0x2D2642: qf_add_entry_from_dict (quickfix.c:7077)
==3663== by 0x2D27CF: qf_add_entries (quickfix.c:7147)
==3663== by 0x2D3375: set_errorlist (quickfix.c:7537)
==3663== by 0x2D49B2: set_qf_ll_list (quickfix.c:8262)
==3663== by 0x2D4A35: f_setloclist (quickfix.c:8283)
==3663== by 0x1CD006: call_internal_func (evalfunc.c:1260)
==3663== by 0x3941D7: call_func (userfunc.c:2206)
==3663== by 0x390C2F: get_func_tv (userfunc.c:690)
==3663==
==3663== by 0x2D3375: set_errorlist (quickfix.c:7537)
==3663== by 0x2D49B2: set_qf_ll_list (quickfix.c:8262)
==3663== by 0x2D4A35: f_setloclist (quickfix.c:8283)
==3663== by 0x1CD006: call_internal_func (evalfunc.c:1260)
==3663== by 0x3941D7: call_func (userfunc.c:2206)
==3663== by 0x390C2F: get_func_tv (userfunc.c:690)
==3663==
==3663== Invalid read of size 1
==3663== at 0x2CB203: qf_jump_edit_buffer (quickfix.c:3116)
==3663== by 0x2CB75E: qf_jump_to_buffer (quickfix.c:3319)
==3663== by 0x2CB9BC: qf_jump_newwin (quickfix.c:3425)
==3663== Invalid read of size 1
==3663== at 0x2CB203: qf_jump_edit_buffer (quickfix.c:3116)
==3663== by 0x2CB75E: qf_jump_to_buffer (quickfix.c:3319)
==3663== by 0x2CB9BC: qf_jump_newwin (quickfix.c:3425)
==3663== by 0x2CB819: qf_jump (quickfix.c:3351)
==3663== by 0x2CEE99: ex_cc (quickfix.c:5178)
==3663== by 0x1F43A8: do_one_cmd (ex_docmd.c:2537)
==3663== by 0x1F15E3: do_cmdline (ex_docmd.c:983)
==3663== by 0x1F0AF8: do_cmdline_cmd (ex_docmd.c:591)
==3663== by 0x2CB819: qf_jump (quickfix.c:3351)
==3663== by 0x2CEE99: ex_cc (quickfix.c:5178)
==3663== by 0x1F43A8: do_one_cmd (ex_docmd.c:2537)
==3663== by 0x1F15E3: do_cmdline (ex_docmd.c:983)
==3663== by 0x1F0AF8: do_cmdline_cmd (ex_docmd.c:591)
==3663== by 0x2CCC06: qf_view_result (quickfix.c:3959)
==3663== by 0x28D36D: nv_down (normal.c:4136)
==3663== by 0x2CCC06: qf_view_result (quickfix.c:3959)
==3663== by 0x28D36D: nv_down (normal.c:4136)
==3663== by 0x287A92: normal_cmd (normal.c:1097)
==3663== by 0x4272B7: main_loop (main.c:1478)
==3663== by 0x287A92: normal_cmd (normal.c:1097)
==3663== by 0x4272B7: main_loop (main.c:1478)
==3663== Address 0x61162f2 is 66 bytes inside a block of size 72 free'd
==3663== Address 0x61162f2 is 66 bytes inside a block of size 72 free'd
==3663== at 0x4C30D3B: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==3663== by 0x278B23: vim_free (misc2.c:1807)
==3663== at 0x4C30D3B: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==3663== by 0x278B23: vim_free (misc2.c:1807)
==3663== by 0x2CC66C: qf_free_items (quickfix.c:3786)
==3663== by 0x2D276B: qf_add_entries (quickfix.c:7134)
==3663== by 0x2CC66C: qf_free_items (quickfix.c:3786)
==3663== by 0x2D276B: qf_add_entries (quickfix.c:7134)
==3663== by 0x2D3375: set_errorlist (quickfix.c:7537)
==3663== by 0x2D49B2: set_qf_ll_list (quickfix.c:8262)
==3663== by 0x2D3375: set_errorlist (quickfix.c:7537)
==3663== by 0x2D49B2: set_qf_ll_list (quickfix.c:8262)
==3663== by 0x2D4A35: f_setloclist (quickfix.c:8283)
==3663== by 0x1CD006: call_internal_func (evalfunc.c:1260)
==3663== by 0x2D4A35: f_setloclist (quickfix.c:8283)
==3663== by 0x1CD006: call_internal_func (evalfunc.c:1260)
==3663== by 0x3941D7: call_func (userfunc.c:2206)
==3663== by 0x3941D7: call_func (userfunc.c:2206)
==3663== by 0x390C2F: get_func_tv (userfunc.c:690)
==3663== by 0x3990C0: ex_call (userfunc.c:4092)
==3663== by 0x390C2F: get_func_tv (userfunc.c:690)
==3663== by 0x3990C0: ex_call (userfunc.c:4092)
==3663== by 0x1F43A8: do_one_cmd (ex_docmd.c:2537)
==3663== Block was alloc'd at
==3663== by 0x1F43A8: do_one_cmd (ex_docmd.c:2537)
==3663== Block was alloc'd at
==3663== at 0x4C2FB0F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==3663== by 0x277CF9: lalloc (misc2.c:925)
==3663== at 0x4C2FB0F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==3663== by 0x277CF9: lalloc (misc2.c:925)
==3663== by 0x277BA4: alloc (misc2.c:828)
==3663== by 0x2C97A5: qf_add_entry (quickfix.c:2062)
==3663== by 0x2D2642: qf_add_entry_from_dict (quickfix.c:7077)
==3663== by 0x2D27CF: qf_add_entries (quickfix.c:7147)
==3663== by 0x2D3375: set_errorlist (quickfix.c:7537)
==3663== by 0x2D49B2: set_qf_ll_list (quickfix.c:8262)
==3663== by 0x277BA4: alloc (misc2.c:828)
==3663== by 0x2C97A5: qf_add_entry (quickfix.c:2062)
==3663== by 0x2D2642: qf_add_entry_from_dict (quickfix.c:7077)
==3663== by 0x2D27CF: qf_add_entries (quickfix.c:7147)
==3663== by 0x2D3375: set_errorlist (quickfix.c:7537)
==3663== by 0x2D49B2: set_qf_ll_list (quickfix.c:8262)
==3663== by 0x2D4A35: f_setloclist (quickfix.c:8283)
==3663== by 0x1CD006: call_internal_func (evalfunc.c:1260)
==3663== by 0x2D4A35: f_setloclist (quickfix.c:8283)
==3663== by 0x1CD006: call_internal_func (evalfunc.c:1260)
==3663== by 0x3941D7: call_func (userfunc.c:2206)
==3663== by 0x390C2F: get_func_tv (userfunc.c:690)
==3663==
==3663== by 0x3941D7: call_func (userfunc.c:2206)
==3663== by 0x390C2F: get_func_tv (userfunc.c:690)
==3663==
==3663== Invalid read of size 4
==3663== at 0x2CB287: qf_jump_edit_buffer (quickfix.c:3131)
==3663== by 0x2CB75E: qf_jump_to_buffer (quickfix.c:3319)
==3663== by 0x2CB9BC: qf_jump_newwin (quickfix.c:3425)
==3663== by 0x2CB819: qf_jump (quickfix.c:3351)
==3663== Invalid read of size 4
==3663== at 0x2CB287: qf_jump_edit_buffer (quickfix.c:3131)
==3663== by 0x2CB75E: qf_jump_to_buffer (quickfix.c:3319)
==3663== by 0x2CB9BC: qf_jump_newwin (quickfix.c:3425)
==3663== by 0x2CB819: qf_jump (quickfix.c:3351)
==3663== by 0x2CEE99: ex_cc (quickfix.c:5178)
==3663== by 0x1F43A8: do_one_cmd (ex_docmd.c:2537)
==3663== by 0x1F15E3: do_cmdline (ex_docmd.c:983)
==3663== by 0x1F0AF8: do_cmdline_cmd (ex_docmd.c:591)
==3663== by 0x2CCC06: qf_view_result (quickfix.c:3959)
==3663== by 0x2CEE99: ex_cc (quickfix.c:5178)
==3663== by 0x1F43A8: do_one_cmd (ex_docmd.c:2537)
==3663== by 0x1F15E3: do_cmdline (ex_docmd.c:983)
==3663== by 0x1F0AF8: do_cmdline_cmd (ex_docmd.c:591)
==3663== by 0x2CCC06: qf_view_result (quickfix.c:3959)
==3663== by 0x28D36D: nv_down (normal.c:4136)
==3663== by 0x287A92: normal_cmd (normal.c:1097)
==3663== by 0x28D36D: nv_down (normal.c:4136)
==3663== by 0x287A92: normal_cmd (normal.c:1097)
==3663== by 0x4272B7: main_loop (main.c:1478)
==3663== Address 0x61162c8 is 24 bytes inside a block of size 72 free'd
==3663== by 0x4272B7: main_loop (main.c:1478)
==3663== Address 0x61162c8 is 24 bytes inside a block of size 72 free'd
==3663== at 0x4C30D3B: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==3663== at 0x4C30D3B: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==3663== by 0x278B23: vim_free (misc2.c:1807)
==3663== by 0x2CC66C: qf_free_items (quickfix.c:3786)
==3663== by 0x278B23: vim_free (misc2.c:1807)
==3663== by 0x2CC66C: qf_free_items (quickfix.c:3786)
==3663== by 0x2D276B: qf_add_entries (quickfix.c:7134)
==3663== by 0x2D3375: set_errorlist (quickfix.c:7537)
==3663== by 0x2D276B: qf_add_entries (quickfix.c:7134)
==3663== by 0x2D3375: set_errorlist (quickfix.c:7537)
==3663== by 0x2D49B2: set_qf_ll_list (quickfix.c:8262)
==3663== by 0x2D4A35: f_setloclist (quickfix.c:8283)
==3663== by 0x2D49B2: set_qf_ll_list (quickfix.c:8262)
==3663== by 0x2D4A35: f_setloclist (quickfix.c:8283)
==3663== by 0x1CD006: call_internal_func (evalfunc.c:1260)
==3663== by 0x3941D7: call_func (userfunc.c:2206)
==3663== by 0x1CD006: call_internal_func (evalfunc.c:1260)
==3663== by 0x3941D7: call_func (userfunc.c:2206)
==3663== by 0x390C2F: get_func_tv (userfunc.c:690)
==3663== by 0x3990C0: ex_call (userfunc.c:4092)
==3663== by 0x390C2F: get_func_tv (userfunc.c:690)
==3663== by 0x3990C0: ex_call (userfunc.c:4092)
==3663== by 0x1F43A8: do_one_cmd (ex_docmd.c:2537)
==3663== Block was alloc'd at
==3663== by 0x1F43A8: do_one_cmd (ex_docmd.c:2537)
==3663== Block was alloc'd at
==3663== at 0x4C2FB0F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==3663== by 0x277CF9: lalloc (misc2.c:925)
==3663== by 0x277BA4: alloc (misc2.c:828)
==3663== by 0x2C97A5: qf_add_entry (quickfix.c:2062)
==3663== by 0x2D2642: qf_add_entry_from_dict (quickfix.c:7077)
==3663== by 0x2D27CF: qf_add_entries (quickfix.c:7147)
==3663== at 0x4C2FB0F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==3663== by 0x277CF9: lalloc (misc2.c:925)
==3663== by 0x277BA4: alloc (misc2.c:828)
==3663== by 0x2C97A5: qf_add_entry (quickfix.c:2062)
==3663== by 0x2D2642: qf_add_entry_from_dict (quickfix.c:7077)
==3663== by 0x2D27CF: qf_add_entries (quickfix.c:7147)
==3663== by 0x2D3375: set_errorlist (quickfix.c:7537)
==3663== by 0x2D49B2: set_qf_ll_list (quickfix.c:8262)
==3663== by 0x2D3375: set_errorlist (quickfix.c:7537)
==3663== by 0x2D49B2: set_qf_ll_list (quickfix.c:8262)
==3663== by 0x2D4A35: f_setloclist (quickfix.c:8283)
==3663== by 0x1CD006: call_internal_func (evalfunc.c:1260)
==3663== by 0x3941D7: call_func (userfunc.c:2206)
==3663== by 0x2D4A35: f_setloclist (quickfix.c:8283)
==3663== by 0x1CD006: call_internal_func (evalfunc.c:1260)
==3663== by 0x3941D7: call_func (userfunc.c:2206)
==3663== by 0x390C2F: get_func_tv (userfunc.c:690)
==3663==
==3663== by 0x390C2F: get_func_tv (userfunc.c:690)
==3663==
==3663==
==3663==
==3663== HEAP SUMMARY:
==3663== in use at exit: 247,085 bytes in 749 blocks
==3663== total heap usage: 3,217 allocs, 2,468 frees, 1,031,896 bytes allocated
==3663==
==3663== HEAP SUMMARY:
==3663== in use at exit: 247,085 bytes in 749 blocks
==3663== total heap usage: 3,217 allocs, 2,468 frees, 1,031,896 bytes allocated
==3663==
==3663== LEAK SUMMARY:
==3663== definitely lost: 0 bytes in 0 blocks
==3663== indirectly lost: 0 bytes in 0 blocks
==3663== possibly lost: 52 bytes in 2 blocks
==3663== still reachable: 247,033 bytes in 747 blocks
==3663== suppressed: 0 bytes in 0 blocks
==3663== Rerun with --leak-check=full to see details of leaked memory
==3663==
==3663== For counts of detected and suppressed errors, rerun with: -v
==3663== ERROR SUMMARY: 3 errors from 3 contexts (suppressed: 0 from 0)
==3663== LEAK SUMMARY:
==3663== definitely lost: 0 bytes in 0 blocks
==3663== indirectly lost: 0 bytes in 0 blocks
==3663== possibly lost: 52 bytes in 2 blocks
==3663== still reachable: 247,033 bytes in 747 blocks
==3663== suppressed: 0 bytes in 0 blocks
==3663== Rerun with --leak-check=full to see details of leaked memory
==3663==
==3663== For counts of detected and suppressed errors, rerun with: -v
==3663== ERROR SUMMARY: 3 errors from 3 contexts (suppressed: 0 from 0)
If a breakpoint is set to apply_autocmds, qf_jump_open_window > qf_jump_to_usable_window calls apply_autocmds as follows. This path should cause the same phenomenon as b6f1480.
(gdb) break apply_autocmds if event == EVENT_BUFENTER
(gdb) run -Nu ~/minimum.vim
...
Breakpoint 1 at 0x7008f: file autocmd.c, line 1615.
Starting program: vim -Nu ~/minimum.vim
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
Breakpoint 1, apply_autocmds (event=EVENT_BUFENTER, fname=0x0, fname_io=0x0, force=0, buf=0x555555b38d20) at autocmd.c:1615
1615 return apply_autocmds_group(event, fname, fname_io, force,
Continuing.
Breakpoint 1, apply_autocmds (event=EVENT_BUFENTER, fname=0x0, fname_io=0x0, force=0, buf=0x555555b38d20) at autocmd.c:1615
1615 return apply_autocmds_group(event, fname, fname_io, force,
#0 apply_autocmds (event=EVENT_BUFENTER, fname=0x0, fname_io=0x0, force=0, buf=0x555555b38d20) at autocmd.c:1615
#1 0x00005555558124ce in win_enter_ext (wp=0x555555b36720, undo_sync=1, curwin_invalid=0, trigger_new_autocmds=0, trigger_enter_autocmds=1,
trigger_leave_autocmds=1) at window.c:4757
#2 0x0000555555812124 in win_enter (wp=0x555555b36720, undo_sync=1) at window.c:4644
#3 0x0000555555811c19 in win_goto (wp=0x555555b36720) at window.c:4420
#4 0x0000555555716f08 in qf_goto_win_with_ll_file (use_win=0x555555b36720, qf_fnum=1, ll_ref=0x555555b780e0) at quickfix.c:2981
#5 0x000055555571719e in qf_jump_to_usable_window (qf_fnum=1, newwin=0, opened_window=0x7fffffffd8ac) at quickfix.c:3088
#6 0x00005555557176e6 in qf_jump_open_window (qi=0x555555b780e0, qf_ptr=0x555555b78720, newwin=0, opened_window=0x7fffffffd8ac) at quickfix.c:3281
#7 0x0000555555717980 in qf_jump_newwin (qi=0x555555b780e0, dir=0, errornr=1, forceit=0, newwin=0) at quickfix.c:3419
#8 0x000055555571781a in qf_jump (qi=0x555555b780e0, dir=0, errornr=1, forceit=0) at quickfix.c:3351
#9 0x000055555571ae9a in ex_cc (eap=0x7fffffffd9f0) at quickfix.c:5178
#10 0x00005555556403a9 in do_one_cmd (cmdlinep=0x7fffffffdc28, sourcing=1, cstack=0x7fffffffdd20, fgetline=0x0, cookie=0x0) at ex_docmd.c:2537
#11 0x000055555563d5e4 in do_cmdline (cmdline=0x5555558962ce ".ll", fgetline=0x0, cookie=0x0, flags=11) at ex_docmd.c:983
#12 0x000055555563caf9 in do_cmdline_cmd (cmd=0x5555558962ce ".ll") at ex_docmd.c:591
#13 0x0000555555718c07 in qf_view_result (split=0) at quickfix.c:3959
#14 0x00005555556d936e in nv_down (cap=0x7fffffffe2d0) at normal.c:4136
#15 0x00005555556d3a93 in normal_cmd (oap=0x7fffffffe370, toplevel=1) at normal.c:1097
#16 0x00005555558732b8 in main_loop (cmdwin=0, noexmode=0) at main.c:1478
#17 0x0000555555872724 in vim_main2 () at main.c:868
#18 0x0000555555871f3a in main (argc=3, argv=0x7fffffffe568) at main.c:412
Yegappan Lakshmanan
Sep 13, 2020, 12:56:47 PM9/13/20
to vim_dev, reply+ACY5DGGAYNS64L7I4I...@reply.github.com, vim/vim, Subscribed
Hi Bram,
On Sun, Sep 13, 2020 at 4:42 AM Bram Moolenaar <vim-dev...@256bit.org> wrote:
Can you turn the example into a test? I gave it a try but it didn't trigger the error.
I am able to reproduce this error with the following function:
===============================================
func Test()call writefile(['test1', 'test2'], 'Xfile')
edit Xfile
let s:bufnr = bufnr()
call setloclist(1, [{'bufnr' : s:bufnr, 'lnum' : 1, 'text' : 'test1'},
\ {'bufnr' : s:bufnr, 'lnum' : 2, 'text' : 'test2'}])
augroup Test_LocList
au!
autocmd BufEnter * call setloclist(1,
\ [{'bufnr' : s:bufnr, 'lnum' : 1, 'text' : 'test1'},
\ {'bufnr' : s:bufnr, 'lnum' : 2, 'text' : 'test2'}], 'r')
augroup END
lopen
exe "normal j\<CR>"
augroup Test_LocList
au!
augroup END
call delete('Xfile')
endfunc
===============================================
- Yegappan
vim-dev ML
Sep 13, 2020, 12:57:09 PM9/13/20
to vim/vim, vim-dev ML, Your activity
Bram Moolenaar
Sep 13, 2020, 2:44:28 PM9/13/20
to vim...@googlegroups.com, Yegappan Lakshmanan, reply+ACY5DGGAYNS64L7I4I...@reply.github.com
with the normal command to catch the E926 error, which makes sense:
call assert_fails('exe "normal j\<CR>"', 'E926:')
However, when not using valgrind it reports "command did not fail".
Thus there must still be something wrong.
--
Close your shells, or I'll kill -9 you
Tomorrow I'll quota you
Remember the disks'll always be full
And then while I'm away
I'll write ~ everyday
And I'll send-pr all my buggings to you.
[ CVS log "Beatles style" for FreeBSD ports/INDEX, Satoshi Asami ]
/// Bram Moolenaar -- Br...@Moolenaar.net -- http://www.Moolenaar.net \\\
/// sponsor Vim, vote for features -- http://www.Vim.org/sponsor/ \\\
\\\ an exciting new programming language -- http://www.Zimbu.org ///
\\\ help me help AIDS victims -- http://ICCF-Holland.org ///
vim-dev ML
Sep 13, 2020, 2:44:45 PM9/13/20
to vim/vim, vim-dev ML, Your activity
Bram Moolenaar
Sep 13, 2020, 3:55:29 PM9/13/20
to vim...@googlegroups.com, Yegappan Lakshmanan, reply+ACY5DGGAYNS64L7I4I...@reply.github.com
I wrote:
> Strangely, when running this under valgrind I have to change the line
> with the normal command to catch the E926 error, which makes sense:
>
> call assert_fails('exe "normal j\<CR>"', 'E926:')
>
> However, when not using valgrind it reports "command did not fail".
> Thus there must still be something wrong.
Running with ASAN has a similar effect: The test passes and no errors
> with the normal command to catch the E926 error, which makes sense:
>
> call assert_fails('exe "normal j\<CR>"', 'E926:')
>
> However, when not using valgrind it reports "command did not fail".
> Thus there must still be something wrong.
are reported. I suspect both Valgrind and ASAN initialize pointers
in some way, and when not doing that the error is not caught.
--
A parent can be arrested if his child cannot hold back a burp during a church
service.
[real standing law in Nebraska, United States of America]
vim-dev ML
Sep 13, 2020, 3:55:50 PM9/13/20
to vim/vim, vim-dev ML, Your activity
Bram Moolenaar
Sep 13, 2020, 4:47:19 PM9/13/20
to vim...@googlegroups.com, vim-dev ML
I suspect that valgrind and ASAN never re-use previously used memory,
while in practice recently freed memory of the same size is used again.
Thus even though the entries were replaced, the pointers can be
unchanged.
--
Beer & pretzels can't be served at the same time in any bar or restaurant.
[real standing law in North Dakota, United States of America]
Reply all
Reply to author
Forward
0 new messages