[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Octave-bug-tracker] [bug #51948] GUI fails to start when Address Saniti
From: |
Rik |
Subject: |
[Octave-bug-tracker] [bug #51948] GUI fails to start when Address Sanitizer is compiled in |
Date: |
Tue, 12 Sep 2017 01:03:15 -0400 (EDT) |
User-agent: |
Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:55.0) Gecko/20100101 Firefox/55.0 |
Update of bug #51948 (project octave):
Status: None => Confirmed
_______________________________________________________
Follow-up Comment #2:
Thanks for the pointer. I commented out three lines in QUnixTerminalImpl.cpp
beginning at 264 and it now produces a stack trace.
/*
dup2 (fds, STDIN_FILENO);
dup2 (fds, STDOUT_FILENO);
dup2 (fds, STDERR_FILENO);
*/
The stack trace is
#0 0x7f149575b934 in __asan_memcpy
(/usr/lib/x86_64-linux-gnu/libasan.so.2+0x8c934)
#1 0x7f14950aaf24 in TerminalView::updateImage()
libgui/qterminal/libqterminal/unix/TerminalView.cpp:973
#2 0x7f149509407a in QUnixTerminalImpl::resizeEvent(QResizeEvent*)
libgui/qterminal/libqterminal/unix/QUnixTerminalImpl.cpp:228
#3 0x7f14902092ed in QWidget::event(QEvent*)
(/usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5+0x1a22ed)
#4 0x7f14901c3afb in QApplicationPrivate::notify_helper(QObject*, QEvent*)
(/usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5+0x15cafb)
#5 0x7f14901c9035 in QApplication::notify(QObject*, QEvent*)
(/usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5+0x162035)
#6 0x7f148f88e2a7 in QCoreApplication::notifyInternal2(QObject*, QEvent*)
(/usr/lib/x86_64-linux-gnu/libQt5Core.so.5+0x2822a7)
#7 0x7f1490201ca1 in QWidgetPrivate::sendPendingMoveAndResizeEvents(bool,
bool) (/usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5+0x19aca1)
#8 0x7f1490205a42 in QWidgetPrivate::show_helper()
(/usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5+0x19ea42)
#9 0x7f14902059c6 in QWidgetPrivate::showChildren(bool)
(/usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5+0x19e9c6)
#10 0x7f1490205a5e in QWidgetPrivate::show_helper()
(/usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5+0x19ea5e)
#11 0x7f14902059c6 in QWidgetPrivate::showChildren(bool)
(/usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5+0x19e9c6)
#12 0x7f1490205a5e in QWidgetPrivate::show_helper()
(/usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5+0x19ea5e)
#13 0x7f149020887c in QWidget::setVisible(bool)
(/usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5+0x1a187c)
#14 0x7f1495131936 in main_window::set_window_layout(QSettings*)
libgui/src/main-window.cc:1317
#15 0x7f1495130eb8 in main_window::read_settings()
libgui/src/main-window.cc:1247
#16 0x7f149515125d in octave::gui_application::execute()
libgui/src/octave-gui.cc:232
#17 0x401e8d in main src/main-gui.cc:104
#18 0x7f1490f0282f in __libc_start_main
(/lib/x86_64-linux-gnu/libc.so.6+0x2082f)
#19 0x401828 in _start
(/home/rik/wip/Projects_Mine/octave-dbg/src/.libs/lt-octave-gui+0x401828)
0x61900018be40 is located 0 bytes to the right of 960-byte region
[0x61900018ba80,0x61900018be40)
allocated by thread T0 here:
#0 0x7f14957686b2 in operator new[](unsigned long)
(/usr/lib/x86_64-linux-gnu/libasan.so.2+0x996b2)
#1 0x7f149509c19b in ScreenWindow::getImage()
libgui/qterminal/libqterminal/unix/ScreenWindow.cpp:67
#2 0x7f14950aa53a in TerminalView::updateImage()
libgui/qterminal/libqterminal/unix/TerminalView.cpp:835
#3 0x7f149509407a in QUnixTerminalImpl::resizeEvent(QResizeEvent*)
libgui/qterminal/libqterminal/unix/QUnixTerminalImpl.cpp:228
#4 0x7f14902092ed in QWidget::event(QEvent*)
(/usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5+0x1a22ed)
SUMMARY: AddressSanitizer: heap-buffer-overflow ??:0 __asan_memcpy
Shadow bytes around the buggy address:
0x0c3280029770: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0c3280029780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0c3280029790: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0c32800297a0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0c32800297b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
=>0x0c32800297c0: 00 00 00 00 00 00 00 00[fa]fa fa fa fa fa fa fa
0x0c32800297d0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c32800297e0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c32800297f0: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
0x0c3280029800: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
0x0c3280029810: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
Shadow byte legend (one shadow byte represents 8 application bytes):
Addressable: 00
Partially addressable: 01 02 03 04 05 06 07
Heap left redzone: fa
Heap right redzone: fb
Freed heap region: fd
Stack left redzone: f1
Stack mid redzone: f2
Stack right redzone: f3
Stack partial redzone: f4
Stack after return: f5
Stack use after scope: f8
Global redzone: f9
Global init order: f6
Poisoned by user: f7
Container overflow: fc
Array cookie: ac
Intra object redzone: bb
ASan internal: fe
==23669==ABORTING
_______________________________________________________
Reply to this item at:
<http://savannah.gnu.org/bugs/?51948>
_______________________________________________
Message sent via/by Savannah
http://savannah.gnu.org/