Project

General

Profile

Bug #11557

asan info for gui/accelerators.c:521

Added by David Schaefer over 1 year ago.

Status:
New
Priority:
Low
Assignee:
-
Category:
-
Target version:
-
Start date:
03/30/2017
Due date:
% Done:

0%

Affected Version:
git master branch
System:
Ubuntu
bitness:
64-bit
hardware architecture:
amd64/x86

Description

david@Tower ~> env LC_ALL=C ~/unstable/darktable/bin/darktable
[[A[[B[imageop_init_presets] updating 'basecurve' preset 'MYNIKON D750' from version 2 to version 5
try+ wait time 0.110838s mode r =================================================================
28998ERROR: AddressSanitizer: heap-use-after-free on address 0x6180000ff388 at pc 0x7f508d8cdcd6 bp 0x7ffdf93f6590 sp 0x7ffdf93f6580
READ of size 8 at 0x6180000ff388 thread T0
#0 0x7f508d8cdcd5 in dt_accel_disconnect_list /home/david/workspace/darktable.git/src/gui/accelerators.c:521
#1 0x7f506d475c97 in dt_dev_cleanup_module_accels /home/david/workspace/darktable.git/src/views/darkroom.c:495
#2 0x7f506d475c97 in leave /home/david/workspace/darktable.git/src/views/darkroom.c:1982
#3 0x7f508d91d706 in dt_view_manager_switch /home/david/workspace/darktable.git/src/views/view.c:266
#4 0x7f508d7b74e7 in _dt_ctl_switch_mode_to /home/david/workspace/darktable.git/src/control/control.c:406
#5 0x7f508c3e579c in g_main_context_invoke_full (/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x4b79c)
#6 0x7f508d6f93f1 in dt_cleanup /home/david/workspace/darktable.git/src/common/darktable.c:1055
#7 0x7f508d8d96eb in dt_gui_gtk_run /home/david/workspace/darktable.git/src/gui/gtk.c:1065
#8 0x55a85a750a0b in main /home/david/workspace/darktable.git/src/main.c:25
#9 0x7f508cffa3f0 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x203f0)
#10 0x55a85a750a59 in _start (/home/david/unstable/darktable/bin/darktable+0xa59)

0x6180000ff388 is located 776 bytes inside of 816-byte region [0x6180000ff080,0x6180000ff3b0)
freed by thread T0 here:
#0 0x7f508de91b50 in __interceptor_free (/usr/lib/x86_64-linux-gnu/libasan.so.3+0xc6b50)
#1 0x7f508b0dfd64 (/usr/lib/x86_64-linux-gnu/libcairo.so.2+0x7fd64)

previously allocated by thread T0 here:
#0 0x7f508de91eb0 in __interceptor_malloc (/usr/lib/x86_64-linux-gnu/libasan.so.3+0xc6eb0)
#1 0x7f508b0fb879 (/usr/lib/x86_64-linux-gnu/libcairo.so.2+0x9b879)

SUMMARY: AddressSanitizer: heap-use-after-free /home/david/workspace/darktable.git/src/gui/accelerators.c:521 in dt_accel_disconnect_list
Shadow bytes around the buggy address:
0x0c3080017e20: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
0x0c3080017e30: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
0x0c3080017e40: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
0x0c3080017e50: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
0x0c3080017e60: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
=>0x0c3080017e70: fd[fd]fd fd fd fd fa fa fa fa fa fa fa fa fa fa
0x0c3080017e80: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c3080017e90: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0c3080017ea0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0c3080017eb0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0c3080017ec0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Shadow byte legend (one shadow byte represents 8 application bytes):
Addressable: 00
Partially addressable: 01 02 03 04 05 06 07
Heap left redzone: fa
Heap right redzone: fb
Freed heap region: fd
Stack left redzone: f1
Stack mid redzone: f2
Stack right redzone: f3
Stack partial redzone: f4
Stack after return: f5
Stack use after scope: f8
Global redzone: f9
Global init order: f6
Poisoned by user: f7
Container overflow: fc
Array cookie: ac
Intra object redzone: bb
ASan internal: fe
Left alloca redzone: ca
Right alloca redzone: cb
28998ABORTING

Also available in: Atom PDF