octave-bug-tracker
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Octave-bug-tracker] [bug #51948] GUI fails to start when Address Saniti

From: Rik
Subject: [Octave-bug-tracker] [bug #51948] GUI fails to start when Address Sanitizer is compiled in
Date: Tue, 12 Sep 2017 01:03:15 -0400 (EDT)
User-agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:55.0) Gecko/20100101 Firefox/55.0 
Update of bug #51948 (project octave):

                  Status:                    None => Confirmed              

    _______________________________________________________

Follow-up Comment #2:

Thanks for the pointer.  I commented out three lines in QUnixTerminalImpl.cpp
beginning at 264 and it now produces a stack trace.


    /*
    dup2 (fds, STDIN_FILENO);
    dup2 (fds, STDOUT_FILENO);
    dup2 (fds, STDERR_FILENO);
    */


The stack trace is



    #0 0x7f149575b934 in __asan_memcpy
(/usr/lib/x86_64-linux-gnu/libasan.so.2+0x8c934)
    #1 0x7f14950aaf24 in TerminalView::updateImage()
libgui/qterminal/libqterminal/unix/TerminalView.cpp:973
    #2 0x7f149509407a in QUnixTerminalImpl::resizeEvent(QResizeEvent*)
libgui/qterminal/libqterminal/unix/QUnixTerminalImpl.cpp:228
    #3 0x7f14902092ed in QWidget::event(QEvent*)
(/usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5+0x1a22ed)
    #4 0x7f14901c3afb in QApplicationPrivate::notify_helper(QObject*, QEvent*)
(/usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5+0x15cafb)
    #5 0x7f14901c9035 in QApplication::notify(QObject*, QEvent*)
(/usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5+0x162035)
    #6 0x7f148f88e2a7 in QCoreApplication::notifyInternal2(QObject*, QEvent*)
(/usr/lib/x86_64-linux-gnu/libQt5Core.so.5+0x2822a7)
    #7 0x7f1490201ca1 in QWidgetPrivate::sendPendingMoveAndResizeEvents(bool,
bool) (/usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5+0x19aca1)
    #8 0x7f1490205a42 in QWidgetPrivate::show_helper()
(/usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5+0x19ea42)
    #9 0x7f14902059c6 in QWidgetPrivate::showChildren(bool)
(/usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5+0x19e9c6)
    #10 0x7f1490205a5e in QWidgetPrivate::show_helper()
(/usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5+0x19ea5e)
    #11 0x7f14902059c6 in QWidgetPrivate::showChildren(bool)
(/usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5+0x19e9c6)
    #12 0x7f1490205a5e in QWidgetPrivate::show_helper()
(/usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5+0x19ea5e)
    #13 0x7f149020887c in QWidget::setVisible(bool)
(/usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5+0x1a187c)
    #14 0x7f1495131936 in main_window::set_window_layout(QSettings*)
libgui/src/main-window.cc:1317
    #15 0x7f1495130eb8 in main_window::read_settings()
libgui/src/main-window.cc:1247
    #16 0x7f149515125d in octave::gui_application::execute()
libgui/src/octave-gui.cc:232
    #17 0x401e8d in main src/main-gui.cc:104
    #18 0x7f1490f0282f in __libc_start_main
(/lib/x86_64-linux-gnu/libc.so.6+0x2082f)
    #19 0x401828 in _start
(/home/rik/wip/Projects_Mine/octave-dbg/src/.libs/lt-octave-gui+0x401828)

0x61900018be40 is located 0 bytes to the right of 960-byte region
[0x61900018ba80,0x61900018be40)
allocated by thread T0 here:
    #0 0x7f14957686b2 in operator new[](unsigned long)
(/usr/lib/x86_64-linux-gnu/libasan.so.2+0x996b2)
    #1 0x7f149509c19b in ScreenWindow::getImage()
libgui/qterminal/libqterminal/unix/ScreenWindow.cpp:67
    #2 0x7f14950aa53a in TerminalView::updateImage()
libgui/qterminal/libqterminal/unix/TerminalView.cpp:835
    #3 0x7f149509407a in QUnixTerminalImpl::resizeEvent(QResizeEvent*)
libgui/qterminal/libqterminal/unix/QUnixTerminalImpl.cpp:228
    #4 0x7f14902092ed in QWidget::event(QEvent*)
(/usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5+0x1a22ed)

SUMMARY: AddressSanitizer: heap-buffer-overflow ??:0 __asan_memcpy
Shadow bytes around the buggy address:
  0x0c3280029770: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x0c3280029780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x0c3280029790: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x0c32800297a0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x0c32800297b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
=>0x0c32800297c0: 00 00 00 00 00 00 00 00[fa]fa fa fa fa fa fa fa
  0x0c32800297d0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x0c32800297e0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x0c32800297f0: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
  0x0c3280029800: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
  0x0c3280029810: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
Shadow byte legend (one shadow byte represents 8 application bytes):
  Addressable:           00
  Partially addressable: 01 02 03 04 05 06 07 
  Heap left redzone:       fa
  Heap right redzone:      fb
  Freed heap region:       fd
  Stack left redzone:      f1
  Stack mid redzone:       f2
  Stack right redzone:     f3
  Stack partial redzone:   f4
  Stack after return:      f5
  Stack use after scope:   f8
  Global redzone:          f9
  Global init order:       f6
  Poisoned by user:        f7
  Container overflow:      fc
  Array cookie:            ac
  Intra object redzone:    bb
  ASan internal:           fe
==23669==ABORTING






    _______________________________________________________

Reply to this item at:

  <http://savannah.gnu.org/bugs/?51948>

_______________________________________________
  Message sent via/by Savannah
  http://savannah.gnu.org/
reply via email to
[Prev in Thread] Current Thread [Next in Thread]