There's a really dumb think-o in a commit of mine in the recently landed ccafbbfb4ee (Merge branch 'ab/plug-random-leaks', 2022-03-13), sorry about that, and thanks a lot to Michael J Gruber for the report. This "v2" series is re-roll of his addition of a regression test in the "v1"[1]. As the range-diff shows I took the libertay of adjusting the commit message a bit, mainly noting the regression, re-wording a bit, and replacing the (presumably glibc?) output with the better SANITIZE=address report. The 2/2 then fixes the issue, and changes the relevant regression tests to run under SANITIZE=leak (i.e. the "linux-leaks" job). 1. https://lore.kernel.org/git/a5e5cdd4658d457ffbd80f7263e352cbf3141a1a.1647520853.git.git@xxxxxxxxx/ Michael J Gruber (1): tests: demonstrate "show --word-diff --color-moved" regression Ævar Arnfjörð Bjarmason (1): diff.c: fix a double-free regression in a18d66cefb diff.c | 11 +++++++++-- t/t4015-diff-whitespace.sh | 12 ++++++++++-- 2 files changed, 19 insertions(+), 4 deletions(-) Range-diff against v1: 1: f6e7318b418 ! 1: 7f6a6450259 tests: test show --word-diff --color-moved @@ Metadata Author: Michael J Gruber <git@xxxxxxxxx> ## Commit message ## - tests: test show --word-diff --color-moved + tests: demonstrate "show --word-diff --color-moved" regression - a18d66cefb ("diff.c: free "buf" in diff_words_flush()", 2022-03-04) - introduced a breakage to `show --word-diff --color-moved` which gives + Add a failing test which demonstrates a regression in + a18d66cefb ("diff.c: free "buf" in diff_words_flush()", 2022-03-04), + the regression is discussed in detail in the subsequent commit. With + it running `git show --word-diff --color-moved` with SANITIZE=address + would emit: - free(): double free detected in tcache 2 - Aborted (core dumped) + ==31191==ERROR: AddressSanitizer: attempting double-free on 0x617000021100 in thread T0: + #0 0x49f0a2 in free (git+0x49f0a2) + #1 0x9b0e4d in diff_words_flush diff.c:2153:3 + #2 0x9aed5d in fn_out_consume diff.c:2354:3 + #3 0xe092ab in consume_one xdiff-interface.c:43:9 + #4 0xe072eb in xdiff_outf xdiff-interface.c:76:10 + #5 0xec7014 in xdl_emit_diffrec xdiff/xutils.c:53:6 + [...] - on every incarnation. This was not caught by the test suite because we - test `diff --word-diff --color-moved` only so far. + 0x617000021100 is located 0 bytes inside of 768-byte region [0x617000021100,0x617000021400) + freed by thread T0 here: + #0 0x49f0a2 in free (git+0x49f0a2) + [...(same stacktrace)...] - Therefore, add a test for `show`, too. + previously allocated by thread T0 here: + #0 0x49f603 in __interceptor_realloc (git+0x49f603) + #1 0xde4da4 in xrealloc wrapper.c:126:8 + #2 0x995dc5 in append_emitted_diff_symbol diff.c:794:2 + #3 0x96c44a in emit_diff_symbol diff.c:1527:3 + [...] + + This was not caught by the test suite because we test `diff + --word-diff --color-moved` only so far. - Reverting a18d66cefb makes the test pass, but there might be a better - fix. + Therefore, add a test for `show`, too. Signed-off-by: Michael J Gruber <git@xxxxxxxxx> + Signed-off-by: Ævar Arnfjörð Bjarmason <avarab@xxxxxxxxx> ## t/t4015-diff-whitespace.sh ## @@ t/t4015-diff-whitespace.sh: test_expect_success 'cmd option assumes configured colored-moved' ' -: ----------- > 2: cae11491599 diff.c: fix a double-free regression in a18d66cefb -- 2.35.1.1384.g7d2906948a1
