diff --git a/cve/vim/2022/CVE-2022-3591/README.md b/cve/vim/2022/CVE-2022-3591/README.md
index e69de29b..c99086d0 100644
--- a/cve/vim/2022/CVE-2022-3591/README.md
+++ b/cve/vim/2022/CVE-2022-3591/README.md
@@ -0,0 +1,372 @@
+ **描述** 
+Use After Free in function qf_get_curlist at quickfix.c:1932
+ 
+**vim 版本** 
+
+```
+git log
+commit bf72e0c67f26ea7c8fd941fdd1533c24c7b6cb43 (grafted, HEAD -> master, tag: v9.0.0792, origin/master, origin/HEAD)
+```
+
+ **POC** 
+
+
+```
+./vim -u NONE -i NONE -n -m -X -Z -e -s -S /home/fuzz/test/poc14_huaf.dat -c :qa!
+=================================================================
+==147326==ERROR: AddressSanitizer: heap-use-after-free on address 0x61b00005be88 at pc 0x55f4ac3e895f bp 0x7ffe39fa57b0 sp 0x7ffe39fa57a0
+READ of size 4 at 0x61b00005be88 thread T0
+    #0 0x55f4ac3e895e in qf_get_curlist /home/fuzz/vim/src/quickfix.c:1932
+    #1 0x55f4ac3f4422 in qf_win_pos_update /home/fuzz/vim/src/quickfix.c:4446
+    #2 0x55f4ac3f4f99 in qf_update_buffer /home/fuzz/vim/src/quickfix.c:4609
+    #3 0x55f4ac3f1e4a in qf_age /home/fuzz/vim/src/quickfix.c:3902
+    #4 0x55f4ac17bec2 in do_one_cmd /home/fuzz/vim/src/ex_docmd.c:2578
+    #5 0x55f4ac17302d in do_cmdline /home/fuzz/vim/src/ex_docmd.c:990
+    #6 0x55f4ac60adaa in do_ucmd /home/fuzz/vim/src/usercmd.c:1912
+    #7 0x55f4ac17be2c in do_one_cmd /home/fuzz/vim/src/ex_docmd.c:2571
+    #8 0x55f4ac17302d in do_cmdline /home/fuzz/vim/src/ex_docmd.c:990
+    #9 0x55f4ac49d19f in do_source_ext /home/fuzz/vim/src/scriptfile.c:1667
+    #10 0x55f4ac49acce in cmd_source /home/fuzz/vim/src/scriptfile.c:1146
+    #11 0x55f4ac49aef7 in ex_source /home/fuzz/vim/src/scriptfile.c:1189
+    #12 0x55f4ac17bec2 in do_one_cmd /home/fuzz/vim/src/ex_docmd.c:2578
+    #13 0x55f4ac17302d in do_cmdline /home/fuzz/vim/src/ex_docmd.c:990
+    #14 0x55f4ac49d19f in do_source_ext /home/fuzz/vim/src/scriptfile.c:1667
+    #15 0x55f4ac49acce in cmd_source /home/fuzz/vim/src/scriptfile.c:1146
+    #16 0x55f4ac49aef7 in ex_source /home/fuzz/vim/src/scriptfile.c:1189
+    #17 0x55f4ac17bec2 in do_one_cmd /home/fuzz/vim/src/ex_docmd.c:2578
+    #18 0x55f4ac17302d in do_cmdline /home/fuzz/vim/src/ex_docmd.c:990
+    #19 0x55f4ac49d19f in do_source_ext /home/fuzz/vim/src/scriptfile.c:1667
+    #20 0x55f4ac49acce in cmd_source /home/fuzz/vim/src/scriptfile.c:1146
+    #21 0x55f4ac49aef7 in ex_source /home/fuzz/vim/src/scriptfile.c:1189
+    #22 0x55f4ac17bec2 in do_one_cmd /home/fuzz/vim/src/ex_docmd.c:2578
+    #23 0x55f4ac17302d in do_cmdline /home/fuzz/vim/src/ex_docmd.c:990
+    #24 0x55f4ac49d19f in do_source_ext /home/fuzz/vim/src/scriptfile.c:1667
+    #25 0x55f4ac49acce in cmd_source /home/fuzz/vim/src/scriptfile.c:1146
+    #26 0x55f4ac49aef7 in ex_source /home/fuzz/vim/src/scriptfile.c:1189
+    #27 0x55f4ac17bec2 in do_one_cmd /home/fuzz/vim/src/ex_docmd.c:2578
+    #28 0x55f4ac17302d in do_cmdline /home/fuzz/vim/src/ex_docmd.c:990
+    #29 0x55f4ac49d19f in do_source_ext /home/fuzz/vim/src/scriptfile.c:1667
+    #30 0x55f4ac49acce in cmd_source /home/fuzz/vim/src/scriptfile.c:1146
+    #31 0x55f4ac49aef7 in ex_source /home/fuzz/vim/src/scriptfile.c:1189
+    #32 0x55f4ac17bec2 in do_one_cmd /home/fuzz/vim/src/ex_docmd.c:2578
+    #33 0x55f4ac17302d in do_cmdline /home/fuzz/vim/src/ex_docmd.c:990
+    #34 0x55f4ac49d19f in do_source_ext /home/fuzz/vim/src/scriptfile.c:1667
+    #35 0x55f4ac49acce in cmd_source /home/fuzz/vim/src/scriptfile.c:1146
+    #36 0x55f4ac49aef7 in ex_source /home/fuzz/vim/src/scriptfile.c:1189
+    #37 0x55f4ac17bec2 in do_one_cmd /home/fuzz/vim/src/ex_docmd.c:2578
+    #38 0x55f4ac17302d in do_cmdline /home/fuzz/vim/src/ex_docmd.c:990
+    #39 0x55f4ac49d19f in do_source_ext /home/fuzz/vim/src/scriptfile.c:1667
+    #40 0x55f4ac49acce in cmd_source /home/fuzz/vim/src/scriptfile.c:1146
+    #41 0x55f4ac49aef7 in ex_source /home/fuzz/vim/src/scriptfile.c:1189
+    #42 0x55f4ac17bec2 in do_one_cmd /home/fuzz/vim/src/ex_docmd.c:2578
+    #43 0x55f4ac17302d in do_cmdline /home/fuzz/vim/src/ex_docmd.c:990
+    #44 0x55f4ac49d19f in do_source_ext /home/fuzz/vim/src/scriptfile.c:1667
+    #45 0x55f4ac49acce in cmd_source /home/fuzz/vim/src/scriptfile.c:1146
+    #46 0x55f4ac49aef7 in ex_source /home/fuzz/vim/src/scriptfile.c:1189
+    #47 0x55f4ac17bec2 in do_one_cmd /home/fuzz/vim/src/ex_docmd.c:2578
+    #48 0x55f4ac17302d in do_cmdline /home/fuzz/vim/src/ex_docmd.c:990
+    #49 0x55f4ac49d19f in do_source_ext /home/fuzz/vim/src/scriptfile.c:1667
+    #50 0x55f4ac49acce in cmd_source /home/fuzz/vim/src/scriptfile.c:1146
+    #51 0x55f4ac49aef7 in ex_source /home/fuzz/vim/src/scriptfile.c:1189
+    #52 0x55f4ac17bec2 in do_one_cmd /home/fuzz/vim/src/ex_docmd.c:2578
+    #53 0x55f4ac17302d in do_cmdline /home/fuzz/vim/src/ex_docmd.c:990
+    #54 0x55f4ac49d19f in do_source_ext /home/fuzz/vim/src/scriptfile.c:1667
+    #55 0x55f4ac49acce in cmd_source /home/fuzz/vim/src/scriptfile.c:1146
+    #56 0x55f4ac49aef7 in ex_source /home/fuzz/vim/src/scriptfile.c:1189
+    #57 0x55f4ac17bec2 in do_one_cmd /home/fuzz/vim/src/ex_docmd.c:2578
+    #58 0x55f4ac17302d in do_cmdline /home/fuzz/vim/src/ex_docmd.c:990
+    #59 0x55f4ac49d19f in do_source_ext /home/fuzz/vim/src/scriptfile.c:1667
+    #60 0x55f4ac49acce in cmd_source /home/fuzz/vim/src/scriptfile.c:1146
+    #61 0x55f4ac49aef7 in ex_source /home/fuzz/vim/src/scriptfile.c:1189
+    #62 0x55f4ac17bec2 in do_one_cmd /home/fuzz/vim/src/ex_docmd.c:2578
+    #63 0x55f4ac17302d in do_cmdline /home/fuzz/vim/src/ex_docmd.c:990
+    #64 0x55f4ac49d19f in do_source_ext /home/fuzz/vim/src/scriptfile.c:1667
+    #65 0x55f4ac49acce in cmd_source /home/fuzz/vim/src/scriptfile.c:1146
+    #66 0x55f4ac49aef7 in ex_source /home/fuzz/vim/src/scriptfile.c:1189
+    #67 0x55f4ac17bec2 in do_one_cmd /home/fuzz/vim/src/ex_docmd.c:2578
+    #68 0x55f4ac17302d in do_cmdline /home/fuzz/vim/src/ex_docmd.c:990
+    #69 0x55f4ac49d19f in do_source_ext /home/fuzz/vim/src/scriptfile.c:1667
+    #70 0x55f4ac49acce in cmd_source /home/fuzz/vim/src/scriptfile.c:1146
+    #71 0x55f4ac49aef7 in ex_source /home/fuzz/vim/src/scriptfile.c:1189
+    #72 0x55f4ac17bec2 in do_one_cmd /home/fuzz/vim/src/ex_docmd.c:2578
+    #73 0x55f4ac17302d in do_cmdline /home/fuzz/vim/src/ex_docmd.c:990
+    #74 0x55f4ac49d19f in do_source_ext /home/fuzz/vim/src/scriptfile.c:1667
+    #75 0x55f4ac49acce in cmd_source /home/fuzz/vim/src/scriptfile.c:1146
+    #76 0x55f4ac49aef7 in ex_source /home/fuzz/vim/src/scriptfile.c:1189
+    #77 0x55f4ac17bec2 in do_one_cmd /home/fuzz/vim/src/ex_docmd.c:2578
+    #78 0x55f4ac17302d in do_cmdline /home/fuzz/vim/src/ex_docmd.c:990
+    #79 0x55f4ac49d19f in do_source_ext /home/fuzz/vim/src/scriptfile.c:1667
+    #80 0x55f4ac49acce in cmd_source /home/fuzz/vim/src/scriptfile.c:1146
+    #81 0x55f4ac49aef7 in ex_source /home/fuzz/vim/src/scriptfile.c:1189
+    #82 0x55f4ac17bec2 in do_one_cmd /home/fuzz/vim/src/ex_docmd.c:2578
+    #83 0x55f4ac17302d in do_cmdline /home/fuzz/vim/src/ex_docmd.c:990
+    #84 0x55f4ac49d19f in do_source_ext /home/fuzz/vim/src/scriptfile.c:1667
+    #85 0x55f4ac49acce in cmd_source /home/fuzz/vim/src/scriptfile.c:1146
+    #86 0x55f4ac49aef7 in ex_source /home/fuzz/vim/src/scriptfile.c:1189
+    #87 0x55f4ac17bec2 in do_one_cmd /home/fuzz/vim/src/ex_docmd.c:2578
+    #88 0x55f4ac17302d in do_cmdline /home/fuzz/vim/src/ex_docmd.c:990
+    #89 0x55f4ac49d19f in do_source_ext /home/fuzz/vim/src/scriptfile.c:1667
+    #90 0x55f4ac49acce in cmd_source /home/fuzz/vim/src/scriptfile.c:1146
+    #91 0x55f4ac49aef7 in ex_source /home/fuzz/vim/src/scriptfile.c:1189
+    #92 0x55f4ac17bec2 in do_one_cmd /home/fuzz/vim/src/ex_docmd.c:2578
+    #93 0x55f4ac17302d in do_cmdline /home/fuzz/vim/src/ex_docmd.c:990
+    #94 0x55f4ac49d19f in do_source_ext /home/fuzz/vim/src/scriptfile.c:1667
+    #95 0x55f4ac49acce in cmd_source /home/fuzz/vim/src/scriptfile.c:1146
+    #96 0x55f4ac49aef7 in ex_source /home/fuzz/vim/src/scriptfile.c:1189
+    #97 0x55f4ac17bec2 in do_one_cmd /home/fuzz/vim/src/ex_docmd.c:2578
+    #98 0x55f4ac17302d in do_cmdline /home/fuzz/vim/src/ex_docmd.c:990
+    #99 0x55f4ac49d19f in do_source_ext /home/fuzz/vim/src/scriptfile.c:1667
+    #100 0x55f4ac49acce in cmd_source /home/fuzz/vim/src/scriptfile.c:1146
+    #101 0x55f4ac49aef7 in ex_source /home/fuzz/vim/src/scriptfile.c:1189
+    #102 0x55f4ac17bec2 in do_one_cmd /home/fuzz/vim/src/ex_docmd.c:2578
+    #103 0x55f4ac17302d in do_cmdline /home/fuzz/vim/src/ex_docmd.c:990
+    #104 0x55f4ac49d19f in do_source_ext /home/fuzz/vim/src/scriptfile.c:1667
+    #105 0x55f4ac49acce in cmd_source /home/fuzz/vim/src/scriptfile.c:1146
+    #106 0x55f4ac49aef7 in ex_source /home/fuzz/vim/src/scriptfile.c:1189
+    #107 0x55f4ac17bec2 in do_one_cmd /home/fuzz/vim/src/ex_docmd.c:2578
+    #108 0x55f4ac17302d in do_cmdline /home/fuzz/vim/src/ex_docmd.c:990
+    #109 0x55f4ac49d19f in do_source_ext /home/fuzz/vim/src/scriptfile.c:1667
+    #110 0x55f4ac49acce in cmd_source /home/fuzz/vim/src/scriptfile.c:1146
+    #111 0x55f4ac49aef7 in ex_source /home/fuzz/vim/src/scriptfile.c:1189
+    #112 0x55f4ac17bec2 in do_one_cmd /home/fuzz/vim/src/ex_docmd.c:2578
+    #113 0x55f4ac17302d in do_cmdline /home/fuzz/vim/src/ex_docmd.c:990
+    #114 0x55f4ac49d19f in do_source_ext /home/fuzz/vim/src/scriptfile.c:1667
+    #115 0x55f4ac49acce in cmd_source /home/fuzz/vim/src/scriptfile.c:1146
+    #116 0x55f4ac49aef7 in ex_source /home/fuzz/vim/src/scriptfile.c:1189
+    #117 0x55f4ac17bec2 in do_one_cmd /home/fuzz/vim/src/ex_docmd.c:2578
+    #118 0x55f4ac17302d in do_cmdline /home/fuzz/vim/src/ex_docmd.c:990
+    #119 0x55f4ac49d19f in do_source_ext /home/fuzz/vim/src/scriptfile.c:1667
+    #120 0x55f4ac49acce in cmd_source /home/fuzz/vim/src/scriptfile.c:1146
+    #121 0x55f4ac49aef7 in ex_source /home/fuzz/vim/src/scriptfile.c:1189
+    #122 0x55f4ac17bec2 in do_one_cmd /home/fuzz/vim/src/ex_docmd.c:2578
+    #123 0x55f4ac17302d in do_cmdline /home/fuzz/vim/src/ex_docmd.c:990
+    #124 0x55f4ac49d19f in do_source_ext /home/fuzz/vim/src/scriptfile.c:1667
+    #125 0x55f4ac49acce in cmd_source /home/fuzz/vim/src/scriptfile.c:1146
+    #126 0x55f4ac49aef7 in ex_source /home/fuzz/vim/src/scriptfile.c:1189
+    #127 0x55f4ac17bec2 in do_one_cmd /home/fuzz/vim/src/ex_docmd.c:2578
+    #128 0x55f4ac17302d in do_cmdline /home/fuzz/vim/src/ex_docmd.c:990
+    #129 0x55f4ac49d19f in do_source_ext /home/fuzz/vim/src/scriptfile.c:1667
+    #130 0x55f4ac49acce in cmd_source /home/fuzz/vim/src/scriptfile.c:1146
+    #131 0x55f4ac49aef7 in ex_source /home/fuzz/vim/src/scriptfile.c:1189
+    #132 0x55f4ac17bec2 in do_one_cmd /home/fuzz/vim/src/ex_docmd.c:2578
+    #133 0x55f4ac17302d in do_cmdline /home/fuzz/vim/src/ex_docmd.c:990
+    #134 0x55f4ac49d19f in do_source_ext /home/fuzz/vim/src/scriptfile.c:1667
+    #135 0x55f4ac49acce in cmd_source /home/fuzz/vim/src/scriptfile.c:1146
+    #136 0x55f4ac49aef7 in ex_source /home/fuzz/vim/src/scriptfile.c:1189
+    #137 0x55f4ac17bec2 in do_one_cmd /home/fuzz/vim/src/ex_docmd.c:2578
+    #138 0x55f4ac17302d in do_cmdline /home/fuzz/vim/src/ex_docmd.c:990
+    #139 0x55f4ac49d19f in do_source_ext /home/fuzz/vim/src/scriptfile.c:1667
+    #140 0x55f4ac49acce in cmd_source /home/fuzz/vim/src/scriptfile.c:1146
+    #141 0x55f4ac49aef7 in ex_source /home/fuzz/vim/src/scriptfile.c:1189
+    #142 0x55f4ac17bec2 in do_one_cmd /home/fuzz/vim/src/ex_docmd.c:2578
+    #143 0x55f4ac17302d in do_cmdline /home/fuzz/vim/src/ex_docmd.c:990
+    #144 0x55f4ac49d19f in do_source_ext /home/fuzz/vim/src/scriptfile.c:1667
+    #145 0x55f4ac49acce in cmd_source /home/fuzz/vim/src/scriptfile.c:1146
+    #146 0x55f4ac49aef7 in ex_source /home/fuzz/vim/src/scriptfile.c:1189
+    #147 0x55f4ac17bec2 in do_one_cmd /home/fuzz/vim/src/ex_docmd.c:2578
+    #148 0x55f4ac17302d in do_cmdline /home/fuzz/vim/src/ex_docmd.c:990
+    #149 0x55f4ac49d19f in do_source_ext /home/fuzz/vim/src/scriptfile.c:1667
+    #150 0x55f4ac49acce in cmd_source /home/fuzz/vim/src/scriptfile.c:1146
+    #151 0x55f4ac49aef7 in ex_source /home/fuzz/vim/src/scriptfile.c:1189
+    #152 0x55f4ac17bec2 in do_one_cmd /home/fuzz/vim/src/ex_docmd.c:2578
+    #153 0x55f4ac17302d in do_cmdline /home/fuzz/vim/src/ex_docmd.c:990
+    #154 0x55f4ac49d19f in do_source_ext /home/fuzz/vim/src/scriptfile.c:1667
+    #155 0x55f4ac49acce in cmd_source /home/fuzz/vim/src/scriptfile.c:1146
+    #156 0x55f4ac49aef7 in ex_source /home/fuzz/vim/src/scriptfile.c:1189
+    #157 0x55f4ac17bec2 in do_one_cmd /home/fuzz/vim/src/ex_docmd.c:2578
+    #158 0x55f4ac17302d in do_cmdline /home/fuzz/vim/src/ex_docmd.c:990
+    #159 0x55f4ac49d19f in do_source_ext /home/fuzz/vim/src/scriptfile.c:1667
+    #160 0x55f4ac49acce in cmd_source /home/fuzz/vim/src/scriptfile.c:1146
+    #161 0x55f4ac49aef7 in ex_source /home/fuzz/vim/src/scriptfile.c:1189
+    #162 0x55f4ac17bec2 in do_one_cmd /home/fuzz/vim/src/ex_docmd.c:2578
+    #163 0x55f4ac17302d in do_cmdline /home/fuzz/vim/src/ex_docmd.c:990
+    #164 0x55f4ac49d19f in do_source_ext /home/fuzz/vim/src/scriptfile.c:1667
+    #165 0x55f4ac49acce in cmd_source /home/fuzz/vim/src/scriptfile.c:1146
+    #166 0x55f4ac49aef7 in ex_source /home/fuzz/vim/src/scriptfile.c:1189
+    #167 0x55f4ac17bec2 in do_one_cmd /home/fuzz/vim/src/ex_docmd.c:2578
+    #168 0x55f4ac17302d in do_cmdline /home/fuzz/vim/src/ex_docmd.c:990
+    #169 0x55f4ac49d19f in do_source_ext /home/fuzz/vim/src/scriptfile.c:1667
+    #170 0x55f4ac49acce in cmd_source /home/fuzz/vim/src/scriptfile.c:1146
+    #171 0x55f4ac49aef7 in ex_source /home/fuzz/vim/src/scriptfile.c:1189
+    #172 0x55f4ac17bec2 in do_one_cmd /home/fuzz/vim/src/ex_docmd.c:2578
+    #173 0x55f4ac17302d in do_cmdline /home/fuzz/vim/src/ex_docmd.c:990
+    #174 0x55f4ac49d19f in do_source_ext /home/fuzz/vim/src/scriptfile.c:1667
+    #175 0x55f4ac49acce in cmd_source /home/fuzz/vim/src/scriptfile.c:1146
+    #176 0x55f4ac49aef7 in ex_source /home/fuzz/vim/src/scriptfile.c:1189
+    #177 0x55f4ac17bec2 in do_one_cmd /home/fuzz/vim/src/ex_docmd.c:2578
+    #178 0x55f4ac17302d in do_cmdline /home/fuzz/vim/src/ex_docmd.c:990
+    #179 0x55f4ac49d19f in do_source_ext /home/fuzz/vim/src/scriptfile.c:1667
+    #180 0x55f4ac49acce in cmd_source /home/fuzz/vim/src/scriptfile.c:1146
+    #181 0x55f4ac49aef7 in ex_source /home/fuzz/vim/src/scriptfile.c:1189
+    #182 0x55f4ac17bec2 in do_one_cmd /home/fuzz/vim/src/ex_docmd.c:2578
+    #183 0x55f4ac17302d in do_cmdline /home/fuzz/vim/src/ex_docmd.c:990
+    #184 0x55f4ac49d19f in do_source_ext /home/fuzz/vim/src/scriptfile.c:1667
+    #185 0x55f4ac49acce in cmd_source /home/fuzz/vim/src/scriptfile.c:1146
+    #186 0x55f4ac49aef7 in ex_source /home/fuzz/vim/src/scriptfile.c:1189
+    #187 0x55f4ac17bec2 in do_one_cmd /home/fuzz/vim/src/ex_docmd.c:2578
+    #188 0x55f4ac17302d in do_cmdline /home/fuzz/vim/src/ex_docmd.c:990
+    #189 0x55f4ac49d19f in do_source_ext /home/fuzz/vim/src/scriptfile.c:1667
+    #190 0x55f4ac49acce in cmd_source /home/fuzz/vim/src/scriptfile.c:1146
+    #191 0x55f4ac49aef7 in ex_source /home/fuzz/vim/src/scriptfile.c:1189
+    #192 0x55f4ac17bec2 in do_one_cmd /home/fuzz/vim/src/ex_docmd.c:2578
+    #193 0x55f4ac17302d in do_cmdline /home/fuzz/vim/src/ex_docmd.c:990
+    #194 0x55f4ac49d19f in do_source_ext /home/fuzz/vim/src/scriptfile.c:1667
+    #195 0x55f4ac49acce in cmd_source /home/fuzz/vim/src/scriptfile.c:1146
+    #196 0x55f4ac49aef7 in ex_source /home/fuzz/vim/src/scriptfile.c:1189
+    #197 0x55f4ac17bec2 in do_one_cmd /home/fuzz/vim/src/ex_docmd.c:2578
+    #198 0x55f4ac17302d in do_cmdline /home/fuzz/vim/src/ex_docmd.c:990
+    #199 0x55f4ac49d19f in do_source_ext /home/fuzz/vim/src/scriptfile.c:1667
+    #200 0x55f4ac49acce in cmd_source /home/fuzz/vim/src/scriptfile.c:1146
+    #201 0x55f4ac49aef7 in ex_source /home/fuzz/vim/src/scriptfile.c:1189
+    #202 0x55f4ac17bec2 in do_one_cmd /home/fuzz/vim/src/ex_docmd.c:2578
+    #203 0x55f4ac17302d in do_cmdline /home/fuzz/vim/src/ex_docmd.c:990
+    #204 0x55f4ac49d19f in do_source_ext /home/fuzz/vim/src/scriptfile.c:1667
+    #205 0x55f4ac49acce in cmd_source /home/fuzz/vim/src/scriptfile.c:1146
+    #206 0x55f4ac49aef7 in ex_source /home/fuzz/vim/src/scriptfile.c:1189
+    #207 0x55f4ac17bec2 in do_one_cmd /home/fuzz/vim/src/ex_docmd.c:2578
+    #208 0x55f4ac17302d in do_cmdline /home/fuzz/vim/src/ex_docmd.c:990
+    #209 0x55f4ac49d19f in do_source_ext /home/fuzz/vim/src/scriptfile.c:1667
+    #210 0x55f4ac49acce in cmd_source /home/fuzz/vim/src/scriptfile.c:1146
+    #211 0x55f4ac49aef7 in ex_source /home/fuzz/vim/src/scriptfile.c:1189
+    #212 0x55f4ac17bec2 in do_one_cmd /home/fuzz/vim/src/ex_docmd.c:2578
+    #213 0x55f4ac17302d in do_cmdline /home/fuzz/vim/src/ex_docmd.c:990
+    #214 0x55f4ac49d19f in do_source_ext /home/fuzz/vim/src/scriptfile.c:1667
+    #215 0x55f4ac49acce in cmd_source /home/fuzz/vim/src/scriptfile.c:1146
+    #216 0x55f4ac49aef7 in ex_source /home/fuzz/vim/src/scriptfile.c:1189
+    #217 0x55f4ac17bec2 in do_one_cmd /home/fuzz/vim/src/ex_docmd.c:2578
+    #218 0x55f4ac17302d in do_cmdline /home/fuzz/vim/src/ex_docmd.c:990
+    #219 0x55f4ac49d19f in do_source_ext /home/fuzz/vim/src/scriptfile.c:1667
+    #220 0x55f4ac49acce in cmd_source /home/fuzz/vim/src/scriptfile.c:1146
+    #221 0x55f4ac49aef7 in ex_source /home/fuzz/vim/src/scriptfile.c:1189
+    #222 0x55f4ac17bec2 in do_one_cmd /home/fuzz/vim/src/ex_docmd.c:2578
+    #223 0x55f4ac17302d in do_cmdline /home/fuzz/vim/src/ex_docmd.c:990
+    #224 0x55f4ac49d19f in do_source_ext /home/fuzz/vim/src/scriptfile.c:1667
+    #225 0x55f4ac49acce in cmd_source /home/fuzz/vim/src/scriptfile.c:1146
+    #226 0x55f4ac49aef7 in ex_source /home/fuzz/vim/src/scriptfile.c:1189
+    #227 0x55f4ac17bec2 in do_one_cmd /home/fuzz/vim/src/ex_docmd.c:2578
+    #228 0x55f4ac17302d in do_cmdline /home/fuzz/vim/src/ex_docmd.c:990
+    #229 0x55f4ac49d19f in do_source_ext /home/fuzz/vim/src/scriptfile.c:1667
+    #230 0x55f4ac49acce in cmd_source /home/fuzz/vim/src/scriptfile.c:1146
+    #231 0x55f4ac49aef7 in ex_source /home/fuzz/vim/src/scriptfile.c:1189
+    #232 0x55f4ac17bec2 in do_one_cmd /home/fuzz/vim/src/ex_docmd.c:2578
+    #233 0x55f4ac17302d in do_cmdline /home/fuzz/vim/src/ex_docmd.c:990
+    #234 0x55f4ac49d19f in do_source_ext /home/fuzz/vim/src/scriptfile.c:1667
+    #235 0x55f4ac49acce in cmd_source /home/fuzz/vim/src/scriptfile.c:1146
+    #236 0x55f4ac49aef7 in ex_source /home/fuzz/vim/src/scriptfile.c:1189
+    #237 0x55f4ac17bec2 in do_one_cmd /home/fuzz/vim/src/ex_docmd.c:2578
+    #238 0x55f4ac17302d in do_cmdline /home/fuzz/vim/src/ex_docmd.c:990
+    #239 0x55f4ac49d19f in do_source_ext /home/fuzz/vim/src/scriptfile.c:1667
+    #240 0x55f4ac49acce in cmd_source /home/fuzz/vim/src/scriptfile.c:1146
+    #241 0x55f4ac49aef7 in ex_source /home/fuzz/vim/src/scriptfile.c:1189
+    #242 0x55f4ac17bec2 in do_one_cmd /home/fuzz/vim/src/ex_docmd.c:2578
+    #243 0x55f4ac17302d in do_cmdline /home/fuzz/vim/src/ex_docmd.c:990
+    #244 0x55f4ac49d19f in do_source_ext /home/fuzz/vim/src/scriptfile.c:1667
+    #245 0x55f4ac49acce in cmd_source /home/fuzz/vim/src/scriptfile.c:1146
+    #246 0x55f4ac49aef7 in ex_source /home/fuzz/vim/src/scriptfile.c:1189
+    #247 0x55f4ac17bec2 in do_one_cmd /home/fuzz/vim/src/ex_docmd.c:2578
+    #248 0x55f4ac17302d in do_cmdline /home/fuzz/vim/src/ex_docmd.c:990
+    #249 0x55f4ac49d19f in do_source_ext /home/fuzz/vim/src/scriptfile.c:1667
+    #250 0x55f4ac49acce in cmd_source /home/fuzz/vim/src/scriptfile.c:1146
+
+0x61b00005be88 is located 8 bytes inside of 1464-byte region [0x61b00005be80,0x61b00005c438)
+freed by thread T0 here:
+    #0 0x7f862ee4340f in __interceptor_free ../../../../src/libsanitizer/asan/asan_malloc_linux.cc:122
+    #1 0x55f4abfed596 in vim_free /home/fuzz/vim/src/alloc.c:615
+    #2 0x55f4ac3e91ab in ll_free_all /home/fuzz/vim/src/quickfix.c:2049
+    #3 0x55f4ac4023ee in qf_free_stack /home/fuzz/vim/src/quickfix.c:7714
+    #4 0x55f4ac4024b6 in set_errorlist /home/fuzz/vim/src/quickfix.c:7750
+    #5 0x55f4ac40612e in set_qf_ll_list /home/fuzz/vim/src/quickfix.c:8560
+    #6 0x55f4ac4062a9 in f_setloclist /home/fuzz/vim/src/quickfix.c:8589
+    #7 0x55f4ac111208 in call_internal_func /home/fuzz/vim/src/evalfunc.c:3049
+    #8 0x55f4ac621a2d in call_func /home/fuzz/vim/src/userfunc.c:3681
+    #9 0x55f4ac6181b9 in get_func_tv /home/fuzz/vim/src/userfunc.c:1841
+    #10 0x55f4ac62dd32 in ex_call_inner /home/fuzz/vim/src/userfunc.c:5647
+    #11 0x55f4ac62fb45 in ex_call /home/fuzz/vim/src/userfunc.c:5971
+    #12 0x55f4ac17bec2 in do_one_cmd /home/fuzz/vim/src/ex_docmd.c:2578
+    #13 0x55f4ac17302d in do_cmdline /home/fuzz/vim/src/ex_docmd.c:990
+    #14 0x55f4ac001c18 in apply_autocmds_group /home/fuzz/vim/src/autocmd.c:2232
+    #15 0x55f4ac000401 in apply_autocmds /home/fuzz/vim/src/autocmd.c:1710
+    #16 0x55f4ac3a3fce in did_set_string_option /home/fuzz/vim/src/optionstr.c:2540
+    #17 0x55f4ac399413 in set_string_option /home/fuzz/vim/src/optionstr.c:538
+    #18 0x55f4ac38203f in set_option_value /home/fuzz/vim/src/option.c:4378
+    #19 0x55f4ac382284 in set_option_value_give_err /home/fuzz/vim/src/option.c:4423
+    #20 0x55f4ac3f61df in qf_fill_buffer /home/fuzz/vim/src/quickfix.c:4855
+    #21 0x55f4ac3f4f31 in qf_update_buffer /home/fuzz/vim/src/quickfix.c:4604
+    #22 0x55f4ac3f1e4a in qf_age /home/fuzz/vim/src/quickfix.c:3902
+    #23 0x55f4ac17bec2 in do_one_cmd /home/fuzz/vim/src/ex_docmd.c:2578
+    #24 0x55f4ac17302d in do_cmdline /home/fuzz/vim/src/ex_docmd.c:990
+    #25 0x55f4ac60adaa in do_ucmd /home/fuzz/vim/src/usercmd.c:1912
+    #26 0x55f4ac17be2c in do_one_cmd /home/fuzz/vim/src/ex_docmd.c:2571
+    #27 0x55f4ac17302d in do_cmdline /home/fuzz/vim/src/ex_docmd.c:990
+    #28 0x55f4ac49d19f in do_source_ext /home/fuzz/vim/src/scriptfile.c:1667
+    #29 0x55f4ac49acce in cmd_source /home/fuzz/vim/src/scriptfile.c:1146
+
+previously allocated by thread T0 here:
+    #0 0x7f862ee43808 in __interceptor_malloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cc:144
+    #1 0x55f4abfed2aa in lalloc /home/fuzz/vim/src/alloc.c:246
+    #2 0x55f4abfed140 in alloc_clear /home/fuzz/vim/src/alloc.c:177
+    #3 0x55f4abfed1e1 in alloc_clear_id /home/fuzz/vim/src/alloc.c:193
+    #4 0x55f4ac3e9cec in qf_alloc_stack /home/fuzz/vim/src/quickfix.c:2233
+    #5 0x55f4ac40231d in qf_free_stack /home/fuzz/vim/src/quickfix.c:7707
+    #6 0x55f4ac4024b6 in set_errorlist /home/fuzz/vim/src/quickfix.c:7750
+    #7 0x55f4ac40612e in set_qf_ll_list /home/fuzz/vim/src/quickfix.c:8560
+    #8 0x55f4ac4062a9 in f_setloclist /home/fuzz/vim/src/quickfix.c:8589
+    #9 0x55f4ac111208 in call_internal_func /home/fuzz/vim/src/evalfunc.c:3049
+    #10 0x55f4ac621a2d in call_func /home/fuzz/vim/src/userfunc.c:3681
+    #11 0x55f4ac6181b9 in get_func_tv /home/fuzz/vim/src/userfunc.c:1841
+    #12 0x55f4ac62dd32 in ex_call_inner /home/fuzz/vim/src/userfunc.c:5647
+    #13 0x55f4ac62fb45 in ex_call /home/fuzz/vim/src/userfunc.c:5971
+    #14 0x55f4ac17bec2 in do_one_cmd /home/fuzz/vim/src/ex_docmd.c:2578
+    #15 0x55f4ac17302d in do_cmdline /home/fuzz/vim/src/ex_docmd.c:990
+    #16 0x55f4ac001c18 in apply_autocmds_group /home/fuzz/vim/src/autocmd.c:2232
+    #17 0x55f4ac000401 in apply_autocmds /home/fuzz/vim/src/autocmd.c:1710
+    #18 0x55f4ac3a3fce in did_set_string_option /home/fuzz/vim/src/optionstr.c:2540
+    #19 0x55f4ac399413 in set_string_option /home/fuzz/vim/src/optionstr.c:538
+    #20 0x55f4ac38203f in set_option_value /home/fuzz/vim/src/option.c:4378
+    #21 0x55f4ac382284 in set_option_value_give_err /home/fuzz/vim/src/option.c:4423
+    #22 0x55f4ac3f61df in qf_fill_buffer /home/fuzz/vim/src/quickfix.c:4855
+    #23 0x55f4ac3f3eea in ex_copen /home/fuzz/vim/src/quickfix.c:4372
+    #24 0x55f4ac17bec2 in do_one_cmd /home/fuzz/vim/src/ex_docmd.c:2578
+    #25 0x55f4ac17302d in do_cmdline /home/fuzz/vim/src/ex_docmd.c:990
+    #26 0x55f4ac49d19f in do_source_ext /home/fuzz/vim/src/scriptfile.c:1667
+    #27 0x55f4ac49acce in cmd_source /home/fuzz/vim/src/scriptfile.c:1146
+    #28 0x55f4ac49aef7 in ex_source /home/fuzz/vim/src/scriptfile.c:1189
+    #29 0x55f4ac17bec2 in do_one_cmd /home/fuzz/vim/src/ex_docmd.c:2578
+
+SUMMARY: AddressSanitizer: heap-use-after-free /home/fuzz/vim/src/quickfix.c:1932 in qf_get_curlist
+Shadow bytes around the buggy address:
+  0x0c3680003780: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
+  0x0c3680003790: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
+  0x0c36800037a0: fd fd fd fd fd fd fd fa fa fa fa fa fa fa fa fa
+  0x0c36800037b0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
+  0x0c36800037c0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
+=>0x0c36800037d0: fd[fd]fd fd fd fd fd fd fd fd fd fd fd fd fd fd
+  0x0c36800037e0: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
+  0x0c36800037f0: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
+  0x0c3680003800: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
+  0x0c3680003810: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
+  0x0c3680003820: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
+Shadow byte legend (one shadow byte represents 8 application bytes):
+  Addressable:           00
+  Partially addressable: 01 02 03 04 05 06 07 
+  Heap left redzone:       fa
+  Freed heap region:       fd
+  Stack left redzone:      f1
+  Stack mid redzone:       f2
+  Stack right redzone:     f3
+  Stack after return:      f5
+  Stack use after scope:   f8
+  Global redzone:          f9
+  Global init order:       f6
+  Poisoned by user:        f7
+  Container overflow:      fc
+  Array cookie:            ac
+  Intra object redzone:    bb
+  ASan internal:           fe
+  Left alloca redzone:     ca
+  Right alloca redzone:    cb
+  Shadow gap:              cc
+==147326==ABORTING
+```
+ **影响** 
+Referencing memory after it has been freed can cause a program to crash, use unexpected values, or execute code.