[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Octave-bug-tracker] [bug #52021] Memory problems detected by Address Sa
|
From: |
Rik |
|
Subject: |
[Octave-bug-tracker] [bug #52021] Memory problems detected by Address Sanitizer in Variable Editor |
|
Date: |
Thu, 14 Sep 2017 15:35:41 -0400 (EDT) |
|
User-agent: |
Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:55.0) Gecko/20100101 Firefox/55.0 |
URL:
<http://savannah.gnu.org/bugs/?52021>
Summary: Memory problems detected by Address Sanitizer in
Variable Editor
Project: GNU Octave
Submitted by: rik5
Submitted on: Thu 14 Sep 2017 12:35:39 PM PDT
Category: GUI
Severity: 3 - Normal
Priority: 5 - Normal
Item Group: Segfault, Bus Error, etc.
Status: None
Assigned to: None
Originator Name:
Originator Email:
Open/Closed: Open
Discussion Lock: Any
Release: dev
Operating System: Any
_______________________________________________________
Details:
After compiling a version of Octave with the AddressSanitizer enabled (see
http://wiki.octave.org/Finding_Memory_Leaks), I tried using the Variable
Editor which produced a nasty warning and termination of the program. The
Octave code was
x = magic (3);
openvar x
# Now double-click on a value in the Variable Editor and change it to -1.
The warning was:
==21699==WARNING: AddressSanitizer failed to allocate 0x7f713ac5617d bytes
==21699==AddressSanitizer's allocator is terminating the process instead of
returning 0
==21699==If you don't like this behavior set allocator_may_return_null=1
==21699==AddressSanitizer CHECK failed:
../../../../src/libsanitizer/sanitizer_common/sanitizer_allocator.cc:147
"((0)) != (0)" (0x0, 0x0)
#0 0x7f714014d631 (/usr/lib/x86_64-linux-gnu/libasan.so.2+0xa0631)
#1 0x7f7140152613 in __sanitizer::CheckFailed(char const*, int, char
const*, unsigned long long, unsigned long long)
(/usr/lib/x86_64-linux-gnu/libasan.so.2+0xa5613)
#2 0x7f71400ca425 (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x1d425)
#3 0x7f7140150865 (/usr/lib/x86_64-linux-gnu/libasan.so.2+0xa3865)
#4 0x7f71400cfb4d (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x22b4d)
#5 0x7f71401464fe in operator new(unsigned long)
(/usr/lib/x86_64-linux-gnu/libasan.so.2+0x994fe)
#6 0x7f713bfc396c in void std::__cxx11::basic_string<char,
std::char_traits<char>, std::allocator<char> >::_M_construct<char*>(char*,
char*, std::forward_iterator_tag)
(/usr/lib/x86_64-linux-gnu/libstdc++.so.6+0x12196c)
#7 0x7f713bfc39ce in std::__cxx11::basic_string<char,
std::char_traits<char>, std::allocator<char>
>::basic_string(std::__cxx11::basic_string<char, std::char_traits<char>,
std::allocator<char> > const&)
(/usr/lib/x86_64-linux-gnu/libstdc++.so.6+0x1219ce)
#8 0x7f713e8c2a23 in
octave::eval_string_reader::eval_string_reader(std::__cxx11::basic_string<char,
std::char_traits<char>, std::allocator<char> > const&, octave::base_lexer*)
libinterp/corefcn/input.h:188
#9 0x7f713e8c2a7e in
octave::input_reader::input_reader(std::__cxx11::basic_string<char,
std::char_traits<char>, std::allocator<char> > const&, octave::base_lexer*)
libinterp/corefcn/input.h:217
#10 0x7f713e8c3d86 in
octave::lexer::lexer(std::__cxx11::basic_string<char, std::char_traits<char>,
std::allocator<char> > const&, octave::interpreter*)
libinterp/parse-tree/lex.h:741
#11 0x7f713e8c3ddd in
octave::parser::parser(std::__cxx11::basic_string<char,
std::char_traits<char>, std::allocator<char> > const&)
libinterp/parse-tree/parse.h:494
#12 0x7f713e93adc7 in octave::eval_string(std::__cxx11::basic_string<char,
std::char_traits<char>, std::allocator<char> > const&, bool, int&, int)
libinterp/parse-tree/oct-parse.yy:5316
#13 0x7f713e93b5b7 in octave::eval_string(std::__cxx11::basic_string<char,
std::char_traits<char>, std::allocator<char> > const&, bool, int&)
libinterp/parse-tree/oct-parse.yy:5385
#14 0x7f713fbee561 in
variable_editor_model::set_data_oct(std::__cxx11::basic_string<char,
std::char_traits<char>, std::allocator<char> > const&, int, int,
std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>
> const&) libgui/src/variable-editor-model.cc:592
#15 0x7f713fbf4e66 in
octave::action_container::method_arg4_elem<variable_editor_model,
std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>
> const&, int, int, std::__cxx11::basic_string<char, std::char_traits<char>,
std::allocator<char> > const&>::run() liboctave/util/action-container.h:282
#16 0x7f713efa5f4e in octave::event_queue::run_first()
libinterp/corefcn/event-queue.h:66
#17 0x7f713facf778 in octave::action_container::run(unsigned long)
(/home/rik/wip/Projects_Mine/octave-dbg/libgui/.libs/liboctgui.so.2+0x249778)
#18 0x7f713facf7f9 in octave::action_container::run()
(/home/rik/wip/Projects_Mine/octave-dbg/libgui/.libs/liboctgui.so.2+0x2497f9)
#19 0x7f713efa263c in octave_link::do_process_events()
libinterp/corefcn/octave-link.cc:105
#20 0x7f713ee0ea01 in octave_link::process_events(bool)
libinterp/corefcn/octave-link.h:82
#21 0x7f713efa2001 in octave_readline_hook
libinterp/corefcn/octave-link.cc:45
#22 0x7f713d2f0ed4 in octave::command_editor::event_handler()
liboctave/util/cmd-edit.cc:1143
#23 0x7f7134fb11c3 in rl_read_key
(/lib/x86_64-linux-gnu/libreadline.so.6+0x2a1c3)
#24 0x7f7134f9add1 in readline_internal_char
(/lib/x86_64-linux-gnu/libreadline.so.6+0x13dd1)
#25 0x7f7134f9b544 in readline
(/lib/x86_64-linux-gnu/libreadline.so.6+0x14544)
#26 0x7f713d36ca27 in octave_rl_readline liboctave/util/oct-rl-edit.c:215
#27 0x7f713d2ee29b in
octave::gnu_readline::do_readline(std::__cxx11::basic_string<char,
std::char_traits<char>, std::allocator<char> > const&, bool&)
liboctave/util/cmd-edit.cc:292
#28 0x7f713d2f1295 in
octave::command_editor::readline(std::__cxx11::basic_string<char,
std::char_traits<char>, std::allocator<char> > const&, bool&)
liboctave/util/cmd-edit.cc:1174
#29 0x7f713edf5a98 in gnu_readline libinterp/corefcn/input.cc:144
#30 0x7f713edf5d01 in interactive_input libinterp/corefcn/input.cc:189
#31 0x7f713edf6122 in octave::base_reader::octave_gets[abi:cxx11](bool&)
libinterp/corefcn/input.cc:231
#32 0x7f713edf8cf5 in octave::terminal_reader::get_input[abi:cxx11](bool&)
libinterp/corefcn/input.cc:708
#33 0x7f713e90a0a8 in octave::input_reader::get_input[abi:cxx11](bool&)
libinterp/corefcn/input.h:255
#34 0x7f713e909187 in octave::lexer::fill_flex_buffer(char*, unsigned int)
libinterp/parse-tree/lex.ll:3655
#35 0x7f713e8f9a1b in yy_get_next_buffer libinterp/parse-tree/lex.cc:3451
#36 0x7f713e8f8742 in octave_lex(OCTAVE_STYPE*, void*)
libinterp/parse-tree/lex.cc:3291
#37 0x7f713e913972 in octave_pull_parse(octave_pstate*,
octave::base_parser&) libinterp/parse-tree/oct-parse.cc:2992
#38 0x7f713e93417b in octave::parser::run()
libinterp/parse-tree/oct-parse.yy:4314
#39 0x7f713ee086a7 in octave::interpreter::main_loop()
libinterp/corefcn/interpreter.cc:968
#40 0x7f713ee06577 in octave::interpreter::execute()
libinterp/corefcn/interpreter.cc:695
#41 0x7f713fb0430a in octave_interpreter::execute()
libgui/src/main-window.cc:128
#42 0x7f713fc10eda in octave_interpreter::qt_static_metacall(QObject*,
QMetaObject::Call, int, void**) libgui/src/moc-main-window.cc:86
#43 0x7f713a29b718 in QObject::event(QEvent*)
(/usr/lib/x86_64-linux-gnu/libQt5Core.so.5+0x2af718)
#44 0x7f713aba3afb in QApplicationPrivate::notify_helper(QObject*,
QEvent*) (/usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5+0x15cafb)
#45 0x7f713aba9035 in QApplication::notify(QObject*, QEvent*)
(/usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5+0x162035)
#46 0x7f713a26e2a7 in QCoreApplication::notifyInternal2(QObject*, QEvent*)
(/usr/lib/x86_64-linux-gnu/libQt5Core.so.5+0x2822a7)
#47 0x7f713a270169 in QCoreApplicationPrivate::sendPostedEvents(QObject*,
int, QThreadData*) (/usr/lib/x86_64-linux-gnu/libQt5Core.so.5+0x284169)
#48 0x7f713a2c2f52 (/usr/lib/x86_64-linux-gnu/libQt5Core.so.5+0x2d6f52)
#49 0x7f71342b1196 in g_main_context_dispatch
(/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x4a196)
#50 0x7f71342b13ef (/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x4a3ef)
#51 0x7f71342b149b in g_main_context_iteration
(/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x4a49b)
#52 0x7f713a2c335e in
QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>)
(/usr/lib/x86_64-linux-gnu/libQt5Core.so.5+0x2d735e)
#53 0x7f713a26bff9 in
QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>)
(/usr/lib/x86_64-linux-gnu/libQt5Core.so.5+0x27fff9)
#54 0x7f713a0949e3 in QThread::exec()
(/usr/lib/x86_64-linux-gnu/libQt5Core.so.5+0xa89e3)
#55 0x7f713a099807 (/usr/lib/x86_64-linux-gnu/libQt5Core.so.5+0xad807)
#56 0x7f713b6ac6b9 in start_thread
(/lib/x86_64-linux-gnu/libpthread.so.0+0x76b9)
#57 0x7f713b9c93dc in clone (/lib/x86_64-linux-gnu/libc.so.6+0x1073dc)
Since that was only a warning, I did as suggested and set the ASAN_OPTIONS
variable to include allocator_may_return_null=1. When I run again, I get an
even worse error.
==22203==ERROR: AddressSanitizer: memcpy-param-overlap: memory ranges
[0x000000000000,0x7f4cbc41817c) and [0x6020003219d0, 0xdf6cbc739b4c) overlap
#0 0x7f4cc18fb662 in __asan_memcpy
(/usr/lib/x86_64-linux-gnu/libasan.so.2+0x8c662)
#1 0x7f4cbd785986 in void std::__cxx11::basic_string<char,
std::char_traits<char>, std::allocator<char> >::_M_construct<char*>(char*,
char*, std::forward_iterator_tag)
(/usr/lib/x86_64-linux-gnu/libstdc++.so.6+0x121986)
#2 0x7f4cbd7859ce in std::__cxx11::basic_string<char,
std::char_traits<char>, std::allocator<char>
>::basic_string(std::__cxx11::basic_string<char, std::char_traits<char>,
std::allocator<char> > const&)
(/usr/lib/x86_64-linux-gnu/libstdc++.so.6+0x1219ce)
#3 0x7f4cc0084a23 in
octave::eval_string_reader::eval_string_reader(std::__cxx11::basic_string<char,
std::char_traits<char>, std::allocator<char> > const&, octave::base_lexer*)
libinterp/corefcn/input.h:188
#4 0x7f4cc0084a7e in
octave::input_reader::input_reader(std::__cxx11::basic_string<char,
std::char_traits<char>, std::allocator<char> > const&, octave::base_lexer*)
libinterp/corefcn/input.h:217
#5 0x7f4cc0085d86 in octave::lexer::lexer(std::__cxx11::basic_string<char,
std::char_traits<char>, std::allocator<char> > const&, octave::interpreter*)
libinterp/parse-tree/lex.h:741
#6 0x7f4cc0085ddd in
octave::parser::parser(std::__cxx11::basic_string<char,
std::char_traits<char>, std::allocator<char> > const&)
libinterp/parse-tree/parse.h:494
#7 0x7f4cc00fcdc7 in octave::eval_string(std::__cxx11::basic_string<char,
std::char_traits<char>, std::allocator<char> > const&, bool, int&, int)
libinterp/parse-tree/oct-parse.yy:5316
#8 0x7f4cc00fd5b7 in octave::eval_string(std::__cxx11::basic_string<char,
std::char_traits<char>, std::allocator<char> > const&, bool, int&)
libinterp/parse-tree/oct-parse.yy:5385
#9 0x7f4cc13b0561 in
variable_editor_model::set_data_oct(std::__cxx11::basic_string<char,
std::char_traits<char>, std::allocator<char> > const&, int, int,
std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>
> const&) libgui/src/variable-editor-model.cc:592
#10 0x7f4cc13b6e66 in
octave::action_container::method_arg4_elem<variable_editor_model,
std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>
> const&, int, int, std::__cxx11::basic_string<char, std::char_traits<char>,
std::allocator<char> > const&>::run() liboctave/util/action-container.h:282
#11 0x7f4cc0767f4e in octave::event_queue::run_first()
libinterp/corefcn/event-queue.h:66
#12 0x7f4cc1291778 in octave::action_container::run(unsigned long)
(/home/rik/wip/Projects_Mine/octave-dbg/libgui/.libs/liboctgui.so.2+0x249778)
#13 0x7f4cc12917f9 in octave::action_container::run()
(/home/rik/wip/Projects_Mine/octave-dbg/libgui/.libs/liboctgui.so.2+0x2497f9)
#14 0x7f4cc076463c in octave_link::do_process_events()
libinterp/corefcn/octave-link.cc:105
#15 0x7f4cc05d0a01 in octave_link::process_events(bool)
libinterp/corefcn/octave-link.h:82
#16 0x7f4cc0764001 in octave_readline_hook
libinterp/corefcn/octave-link.cc:45
#17 0x7f4cbeab2ed4 in octave::command_editor::event_handler()
liboctave/util/cmd-edit.cc:1143
#18 0x7f4cb67731c3 in rl_read_key
(/lib/x86_64-linux-gnu/libreadline.so.6+0x2a1c3)
#19 0x7f4cb675cdd1 in readline_internal_char
(/lib/x86_64-linux-gnu/libreadline.so.6+0x13dd1)
#20 0x7f4cb675d544 in readline
(/lib/x86_64-linux-gnu/libreadline.so.6+0x14544)
#21 0x7f4cbeb2ea27 in octave_rl_readline liboctave/util/oct-rl-edit.c:215
#22 0x7f4cbeab029b in
octave::gnu_readline::do_readline(std::__cxx11::basic_string<char,
std::char_traits<char>, std::allocator<char> > const&, bool&)
liboctave/util/cmd-edit.cc:292
#23 0x7f4cbeab3295 in
octave::command_editor::readline(std::__cxx11::basic_string<char,
std::char_traits<char>, std::allocator<char> > const&, bool&)
liboctave/util/cmd-edit.cc:1174
#24 0x7f4cc05b7a98 in gnu_readline libinterp/corefcn/input.cc:144
#25 0x7f4cc05b7d01 in interactive_input libinterp/corefcn/input.cc:189
#26 0x7f4cc05b8122 in octave::base_reader::octave_gets[abi:cxx11](bool&)
libinterp/corefcn/input.cc:231
#27 0x7f4cc05bacf5 in octave::terminal_reader::get_input[abi:cxx11](bool&)
libinterp/corefcn/input.cc:708
#28 0x7f4cc00cc0a8 in octave::input_reader::get_input[abi:cxx11](bool&)
libinterp/corefcn/input.h:255
#29 0x7f4cc00cb187 in octave::lexer::fill_flex_buffer(char*, unsigned int)
libinterp/parse-tree/lex.ll:3655
#30 0x7f4cc00bba1b in yy_get_next_buffer libinterp/parse-tree/lex.cc:3451
#31 0x7f4cc00ba742 in octave_lex(OCTAVE_STYPE*, void*)
libinterp/parse-tree/lex.cc:3291
#32 0x7f4cc00d5972 in octave_pull_parse(octave_pstate*,
octave::base_parser&) libinterp/parse-tree/oct-parse.cc:2992
#33 0x7f4cc00f617b in octave::parser::run()
libinterp/parse-tree/oct-parse.yy:4314
#34 0x7f4cc05ca6a7 in octave::interpreter::main_loop()
libinterp/corefcn/interpreter.cc:968
#35 0x7f4cc05c8577 in octave::interpreter::execute()
libinterp/corefcn/interpreter.cc:695
#36 0x7f4cc12c630a in octave_interpreter::execute()
libgui/src/main-window.cc:128
#37 0x7f4cc13d2eda in octave_interpreter::qt_static_metacall(QObject*,
QMetaObject::Call, int, void**) libgui/src/moc-main-window.cc:86
#38 0x7f4cbba5d718 in QObject::event(QEvent*)
(/usr/lib/x86_64-linux-gnu/libQt5Core.so.5+0x2af718)
#39 0x7f4cbc365afb in QApplicationPrivate::notify_helper(QObject*,
QEvent*) (/usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5+0x15cafb)
#40 0x7f4cbc36b035 in QApplication::notify(QObject*, QEvent*)
(/usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5+0x162035)
#41 0x7f4cbba302a7 in QCoreApplication::notifyInternal2(QObject*, QEvent*)
(/usr/lib/x86_64-linux-gnu/libQt5Core.so.5+0x2822a7)
#42 0x7f4cbba32169 in QCoreApplicationPrivate::sendPostedEvents(QObject*,
int, QThreadData*) (/usr/lib/x86_64-linux-gnu/libQt5Core.so.5+0x284169)
#43 0x7f4cbba84f52 (/usr/lib/x86_64-linux-gnu/libQt5Core.so.5+0x2d6f52)
#44 0x7f4cb5a73196 in g_main_context_dispatch
(/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x4a196)
#45 0x7f4cb5a733ef (/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x4a3ef)
#46 0x7f4cb5a7349b in g_main_context_iteration
(/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x4a49b)
#47 0x7f4cbba8535e in
QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>)
(/usr/lib/x86_64-linux-gnu/libQt5Core.so.5+0x2d735e)
#48 0x7f4cbba2dff9 in
QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>)
(/usr/lib/x86_64-linux-gnu/libQt5Core.so.5+0x27fff9)
#49 0x7f4cbb8569e3 in QThread::exec()
(/usr/lib/x86_64-linux-gnu/libQt5Core.so.5+0xa89e3)
#50 0x7f4cbb85b807 (/usr/lib/x86_64-linux-gnu/libQt5Core.so.5+0xad807)
#51 0x7f4cbce6e6b9 in start_thread
(/lib/x86_64-linux-gnu/libpthread.so.0+0x76b9)
#52 0x7f4cbd18b3dc in clone (/lib/x86_64-linux-gnu/libc.so.6+0x1073dc)
AddressSanitizer can not describe address in more detail (wild memory access
suspected).
0x6020003219e0 is located 0 bytes to the right of 16-byte region
[0x6020003219d0,0x6020003219e0)
freed by thread T0 here:
#0 0x7f4cc1909132 in operator delete(void*, unsigned long)
(/usr/lib/x86_64-linux-gnu/libasan.so.2+0x9a132)
#1 0x7f4cbc37397a
(/usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5+0x16a97a)
#2 0x7f4cbc41817b
(/usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5+0x20f17b)
previously allocated by thread T0 here:
#0 0x7f4cc1908532 in operator new(unsigned long)
(/usr/lib/x86_64-linux-gnu/libasan.so.2+0x99532)
#1 0x7f4cbc021ece in QRegion::copy() const
(/usr/lib/x86_64-linux-gnu/libQt5Gui.so.5+0x3a2ece)
Thread T5 (QThread) created by T0 here:
#0 0x7f4cc18a5253 in pthread_create
(/usr/lib/x86_64-linux-gnu/libasan.so.2+0x36253)
#1 0x7f4cbb85ad58 in QThread::start(QThread::Priority)
(/usr/lib/x86_64-linux-gnu/libQt5Core.so.5+0xacd58)
SUMMARY: AddressSanitizer: memcpy-param-overlap ??:0 __asan_memcpy
_______________________________________________________
Reply to this item at:
<http://savannah.gnu.org/bugs/?52021>
_______________________________________________
Message sent via/by Savannah
http://savannah.gnu.org/
- [Octave-bug-tracker] [bug #52021] Memory problems detected by Address Sanitizer in Variable Editor,
Rik <=