octave-bug-tracker
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Octave-bug-tracker] [bug #47914] segfault with OpenGL patches and addre

From: Dmitri A. Sergatskov
Subject: [Octave-bug-tracker] [bug #47914] segfault with OpenGL patches and address sanitizer
Date: Thu, 28 Jul 2016 06:14:05 +0000 (UTC)
User-agent: Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:47.0) Gecko/20100101 Firefox/47.0 
Follow-up Comment #13, bug #47914 (project octave):

I can reproduce this problem if i set LIBGL_ALWAYS_SOFTWARE=1:

ASAN_OPTIONS=alloc_dealloc_mismatch=0 LIBGL_ALWAYS_SOFTWARE=1 ./run-octave
--no-gui

octave:1> demo patch 2
patch example 2:
 %% Unclosed patch
 clf;
 t1 = (1/16:1/8:1)' * 2*pi;
 t2 = ((1/16:1/16:1)' + 1/32) * 2*pi;
 x1 = sin (t1) - 0.8;
 y1 = cos (t1);
 x2 = sin (t2) + 0.8;
 y2 = cos (t2);
 patch ([[x1;NaN(8,1)],x2], [[y1;NaN(8,1)],y2], 'r');

octave:2> =================================================================
==22330==ERROR: AddressSanitizer: heap-buffer-overflow on address
0x6160004418c0 at pc 0x7fd08ca29ccf bp 0x7ffe8b3cd320 sp 0x7ffe8b3ccac8
READ of size 52 at 0x6160004418c0 thread T0
    #0 0x7fd08ca29cce  (/lib64/libasan.so.3+0x5ecce)
    #1 0x7fd0576d9d23  (/usr/lib64/dri/swrast_dri.so+0x36bd23)
....
SUMMARY: AddressSanitizer: heap-buffer-overflow (/lib64/libasan.so.3+0x5ecce)

Shadow bytes around the buggy address:
  0x0c2c800802c0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x0c2c800802d0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x0c2c800802e0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x0c2c800802f0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x0c2c80080300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
=>0x0c2c80080310: 00 00 00 00 00 00 00 00[fa]fa fa fa fa fa fa fa
  0x0c2c80080320: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x0c2c80080330: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
  0x0c2c80080340: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
  0x0c2c80080350: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
  0x0c2c80080360: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
Shadow byte legend (one shadow byte represents 8 application bytes):
  Addressable:           00
  Partially addressable: 01 02 03 04 05 06 07 
  Heap left redzone:       fa
  Heap right redzone:      fb
  Freed heap region:       fd
  Stack left redzone:      f1
  Stack mid redzone:       f2
  Stack right redzone:     f3
  Stack partial redzone:   f4
  Stack after return:      f5
  Stack use after scope:   f8
  Global redzone:          f9
  Global init order:       f6
  Poisoned by user:        f7
  Container overflow:      fc
  Array cookie:            ac
  Intra object redzone:    bb
  ASan internal:           fe
  Left alloca redzone:     ca
  Right alloca redzone:    cb
==22330==ABORTING



    _______________________________________________________

Reply to this item at:

  <http://savannah.gnu.org/bugs/?47914>

_______________________________________________
  Message sent via/by Savannah
  http://savannah.gnu.org/
reply via email to
[Prev in Thread] Current Thread [Next in Thread]