Project

General

Profile

Bug #11270

lighttable keyboard arrows issue

Added by Mark Oteiza almost 3 years ago. Updated almost 3 years ago.

Status:
Confirmed
Priority:
Low
Assignee:
-
Category:
-
Target version:
-
Start date:
10/28/2016
Due date:
% Done:

10%

Estimated time:
Affected Version:
git master branch
System:
other GNU/Linux
bitness:
64-bit
hardware architecture:
amd64/x86

Description

When navigating lighttable with arrow keys, I get following ASAN report:

$ darktable
[imageop_init_presets] updating 'basecurve' preset 'none' from version 3 to version 4 =================================================================
26254ERROR: AddressSanitizer: heap-buffer-overflow on address 0x6040001cd63c at pc 0x7f0317e0df59 bp 0x7fff426f6470 sp 0x7fff426f6460
READ of size 4 at 0x6040001cd63c thread T0
#0 0x7f0317e0df58 in expose_filemanager /tmp/makepkg/darktable-git/src/darktable/src/views/lighttable.c:694
#1 0x7f0317e0df58 in expose /tmp/makepkg/darktable-git/src/darktable/src/views/lighttable.c:1423
#2 0x7f03330b364a in dt_view_manager_expose /tmp/makepkg/darktable-git/src/darktable/src/views/view.c:521
#3 0x7f0332f5c11a in dt_control_expose /tmp/makepkg/darktable-git/src/darktable/src/control/control.c:297
#4 0x7f033306fddd in draw /tmp/makepkg/darktable-git/src/darktable/src/gui/gtk.c:447
#5 0x7f03311285a0 (/usr/lib/libgtk-3.so.0+0x22f5a0)
#6 0x7f03312726ce (/usr/lib/libgtk-3.so.0+0x3796ce)
#7 0x7f032fc7f1a3 (/usr/lib/libgobject-2.0.so.0+0x101a3)
#8 0x7f032fc99390 in g_signal_emit_valist (/usr/lib/libgobject-2.0.so.0+0x2a390)
#9 0x7f032fc99fae in g_signal_emit (/usr/lib/libgobject-2.0.so.0+0x2afae)
#10 0x7f033127f559 (/usr/lib/libgtk-3.so.0+0x386559)
#11 0x7f03310633bf in gtk_container_propagate_draw (/usr/lib/libgtk-3.so.0+0x16a3bf)
#12 0x7f03310634a1 (/usr/lib/libgtk-3.so.0+0x16a4a1)
#13 0x7f0331015763 (/usr/lib/libgtk-3.so.0+0x11c763)
#14 0x7f03310683fc (/usr/lib/libgtk-3.so.0+0x16f3fc)
#15 0x7f033106d23f (/usr/lib/libgtk-3.so.0+0x17423f)
#16 0x7f03310181c0 (/usr/lib/libgtk-3.so.0+0x11f1c0)
#17 0x7f033127f33a (/usr/lib/libgtk-3.so.0+0x38633a)
#18 0x7f03310633bf in gtk_container_propagate_draw (/usr/lib/libgtk-3.so.0+0x16a3bf)
#19 0x7f03310634a1 (/usr/lib/libgtk-3.so.0+0x16a4a1)
#20 0x7f03310e3c63 (/usr/lib/libgtk-3.so.0+0x1eac63)
#21 0x7f03310683fc (/usr/lib/libgtk-3.so.0+0x16f3fc)
#22 0x7f033106d23f (/usr/lib/libgtk-3.so.0+0x17423f)
#23 0x7f03310e4d40 (/usr/lib/libgtk-3.so.0+0x1ebd40)
#24 0x7f033127f33a (/usr/lib/libgtk-3.so.0+0x38633a)
#25 0x7f03310633bf in gtk_container_propagate_draw (/usr/lib/libgtk-3.so.0+0x16a3bf)
#26 0x7f03310634a1 (/usr/lib/libgtk-3.so.0+0x16a4a1)
#27 0x7f0331015763 (/usr/lib/libgtk-3.so.0+0x11c763)
#28 0x7f03310683fc (/usr/lib/libgtk-3.so.0+0x16f3fc)
#29 0x7f033106d23f (/usr/lib/libgtk-3.so.0+0x17423f)
#30 0x7f03310181c0 (/usr/lib/libgtk-3.so.0+0x11f1c0)
#31 0x7f033127f33a (/usr/lib/libgtk-3.so.0+0x38633a)
#32 0x7f03310633bf in gtk_container_propagate_draw (/usr/lib/libgtk-3.so.0+0x16a3bf)
#33 0x7f03310634a1 (/usr/lib/libgtk-3.so.0+0x16a4a1)
#34 0x7f033128d0c0 (/usr/lib/libgtk-3.so.0+0x3940c0)
#35 0x7f033127f33a (/usr/lib/libgtk-3.so.0+0x38633a)
#36 0x7f0331288637 (/usr/lib/libgtk-3.so.0+0x38f637)
#37 0x7f03311275b9 in gtk_main_do_event (/usr/lib/libgtk-3.so.0+0x22e5b9)
#38 0x7f0330c39b84 (/usr/lib/libgdk-3.so.0+0x36b84)
#39 0x7f0330c4a217 (/usr/lib/libgdk-3.so.0+0x47217)
#40 0x7f0330c4b415 (/usr/lib/libgdk-3.so.0+0x48415)
#41 0x7f0330c4b613 (/usr/lib/libgdk-3.so.0+0x48613)
#42 0x7f032fc7ef74 in g_closure_invoke (/usr/lib/libgobject-2.0.so.0+0xff74)
#43 0x7f032fc90f81 (/usr/lib/libgobject-2.0.so.0+0x21f81)
#44 0x7f032fc99bcb in g_signal_emit_valist (/usr/lib/libgobject-2.0.so.0+0x2abcb)
#45 0x7f032fc99fae in g_signal_emit (/usr/lib/libgobject-2.0.so.0+0x2afae)
#46 0x7f0330c431f8 (/usr/lib/libgdk-3.so.0+0x401f8)
#47 0x7f0330c2e457 (/usr/lib/libgdk-3.so.0+0x2b457)
#48 0x7f033184ceb2 (/usr/lib/libglib-2.0.so.0+0x4aeb2)
#49 0x7f033184c439 in g_main_context_dispatch (/usr/lib/libglib-2.0.so.0+0x4a439)
#50 0x7f033184c7ef (/usr/lib/libglib-2.0.so.0+0x4a7ef)
#51 0x7f033184cb11 in g_main_loop_run (/usr/lib/libglib-2.0.so.0+0x4ab11)
#52 0x7f03311267a4 in gtk_main (/usr/lib/libgtk-3.so.0+0x22d7a4)
#53 0x7f03330752f9 in dt_gui_gtk_run /tmp/makepkg/darktable-git/src/darktable/src/gui/gtk.c:981
#54 0x4008d0 in main /tmp/makepkg/darktable-git/src/darktable/src/main.c:25
#55 0x7f03327e4290 in __libc_start_main (/usr/lib/libc.so.6+0x20290)
#56 0x400939 in _start (/usr/bin/darktable+0x400939)

0x6040001cd63c is located 8 bytes to the right of 36-byte region [0x6040001cd610,0x6040001cd634)
allocated by thread T0 here:
#0 0x7f03335f9020 in __interceptor_calloc /build/gcc/src/gcc/libsanitizer/asan/asan_malloc_linux.cc:70
#1 0x7f0317e0d7d2 in expose_filemanager /tmp/makepkg/darktable-git/src/darktable/src/views/lighttable.c:617
#2 0x7f0317e0d7d2 in expose /tmp/makepkg/darktable-git/src/darktable/src/views/lighttable.c:1423

SUMMARY: AddressSanitizer: heap-buffer-overflow /tmp/makepkg/darktable-git/src/darktable/src/views/lighttable.c:694 in expose_filemanager
Shadow bytes around the buggy address:
0x0c0880031a70: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c0880031a80: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c0880031a90: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c0880031aa0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c0880031ab0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
=>0x0c0880031ac0: fa fa 00 00 00 00 04[fa]fa fa fa fa fa fa fa fa
0x0c0880031ad0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c0880031ae0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c0880031af0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c0880031b00: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c0880031b10: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
Shadow byte legend (one shadow byte represents 8 application bytes):
Addressable: 00
Partially addressable: 01 02 03 04 05 06 07
Heap left redzone: fa
Heap right redzone: fb
Freed heap region: fd
Stack left redzone: f1
Stack mid redzone: f2
Stack right redzone: f3
Stack partial redzone: f4
Stack after return: f5
Stack use after scope: f8
Global redzone: f9
Global init order: f6
Poisoned by user: f7
Container overflow: fc
Array cookie: ac
Intra object redzone: bb
ASan internal: fe
Left alloca redzone: ca
Right alloca redzone: cb
26254ABORTING
exit 1

History

#1 Updated by Roman Lebedev almost 3 years ago

  • % Done changed from 0 to 10
  • Status changed from New to Confirmed
  • Subject changed from navigating lighttable to lighttable keyboard arrows issue

Also available in: Atom PDF

Go to top