forked from pxscene/pxCore2
-
Notifications
You must be signed in to change notification settings - Fork 20
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Windows Installer - Installer location #4
Comments
conniefry
pushed a commit
to conniefry/pxExternal
that referenced
this issue
Sep 9, 2017
jmgasper
pushed a commit
that referenced
this issue
Feb 7, 2018
Fixes the following data race: WARNING: ThreadSanitizer: data race (pid=6652) Write of size 1 at 0x7b3400000030 by thread T1: #0 rtMutexNative::unlock() pxCore/src/unix/rtMutexNative.cpp:24 (pxscene+0x0000005954c3) #1 rtThreadPoolNative::startThread() pxCore/src/unix/rtThreadPoolNative.cpp:83 (pxscene+0x000000595ba8) #2 launchThread(void*) pxCore/src/unix/rtThreadPoolNative.cpp:9 (pxscene+0x0000005956a4) #3 <null> <null> (libtsan.so.0+0x0000000257eb) Previous write of size 1 at 0x7b3400000030 by main thread (mutexes: write M516): #0 rtMutexNative::unlock() pxCore/src/unix/rtMutexNative.cpp:24 (pxscene+0x0000005954c3) #1 rtThreadPoolNative::executeTask(rtThreadTask*) pxCore/src/unix/rtThreadPoolNative.cpp:99 (pxscene+0x000000595c60) #2 pxTextureOffscreen::freeOffscreenDataInBackground() pxCore/examples/pxScene2d/src/pxContextGL.cpp:873 (pxscene+0x00000057fd70) #3 pxTextureOffscreen::bindGLTexture(int) pxCore/examples/pxScene2d/src/pxContextGL.cpp:765 (pxscene+0x00000057f576) #4 textureShaderProgram::draw(int, int, float*, float, int, void const*, void const*, rtRef<pxTexture>, int, int) pxCore/examples/pxScene2d/src/pxContextGL.cpp:1619 (pxscene+0x000000582280) #5 drawImageTexture pxCore/examples/pxScene2d/src/pxContextGL.cpp:1959 (pxscene+0x0000005767fa) #6 pxContext::drawImage(float, float, float, float, rtRef<pxTexture>, rtRef<pxTexture>, bool, float*, pxConstantsStretch::constants, pxConstantsStretch::constants, bool) pxCore/examples/pxScene2d/src/pxContextGL.cpp:2649 (pxscene+0x00000057af92) #7 pxImage::draw() pxCore/examples/pxScene2d/src/pxImage.cpp:201 (pxscene+0x00000050e8b3) #8 pxObject::drawInternal(bool) pxCore/examples/pxScene2d/src/pxScene2d.cpp:1355 (pxscene+0x00000053d11e) #9 pxObject::drawInternal(bool) pxCore/examples/pxScene2d/src/pxScene2d.cpp:1367 (pxscene+0x00000053d1ca) #10 pxScene2d::draw() pxCore/examples/pxScene2d/src/pxScene2d.cpp:2190 (pxscene+0x0000005420a4) #11 pxScene2d::onDraw() pxCore/examples/pxScene2d/src/pxScene2d.cpp:2376 (pxscene+0x000000542ba9) #12 pxScriptView::onDraw() <null> (pxscene+0x00000055ac4a) #13 pxViewContainer::draw() pxCore/examples/pxScene2d/src/pxScene2d.h:976 (pxscene+0x000000558f7a) #14 pxObject::drawInternal(bool) pxCore/examples/pxScene2d/src/pxScene2d.cpp:1355 (pxscene+0x00000053d11e) #15 pxObject::drawInternal(bool) pxCore/examples/pxScene2d/src/pxScene2d.cpp:1367 (pxscene+0x00000053d1ca) #16 pxScene2d::draw() pxCore/examples/pxScene2d/src/pxScene2d.cpp:2190 (pxscene+0x0000005420a4) #17 pxScene2d::onDraw() pxCore/examples/pxScene2d/src/pxScene2d.cpp:2376 (pxscene+0x000000542ba9) #18 pxScriptView::onDraw() <null> (pxscene+0x00000055ac4a) #19 sceneWindow::onDraw(pxSurfaceNativeDesc*) pxCore/examples/pxScene2d/src/pxScene.cpp:357 (pxscene+0x0000005952b0) #20 pxWindowNative::drawFrame() pxCore/src/wayland_egl/pxWindowNative.cpp:883 (pxscene+0x00000059e685) #21 pxWindowNative::animateAndRender() pxCore/src/wayland_egl/pxWindowNative.cpp:844 (pxscene+0x00000059e3e8) #22 pxWindowNative::runEventLoop() pxCore/src/wayland_egl/pxWindowNative.cpp:595 (pxscene+0x00000059d792) #23 pxEventLoop::run() pxCore/src/wayland_egl/pxEventLoopNative.cpp:19 (pxscene+0x0000005a1969) #24 pxMain(int, char**) pxCore/examples/pxScene2d/src/pxScene.cpp:618 (pxscene+0x000000593e23) #25 main pxCore/src/wayland_egl/pxEventLoopNative.cpp:34 (pxscene+0x0000005a19f7) Location is heap block of size 208 at 0x7b3400000000 allocated by main thread: #0 operator new(unsigned long) <null> (libtsan.so.0+0x00000006f766) #1 __static_initialization_and_destruction_0 pxCore/src/rtThreadPool.cpp:28 (pxscene+0x0000005a3ad5) #2 _GLOBAL__sub_I_rtThreadPool.cpp pxCore/src/rtThreadPool.cpp:50 (pxscene+0x0000005a3b50) #3 __libc_csu_init <null> (pxscene+0x00000068f53c) Mutex M516 (0x00000091cde0) created at: #0 pthread_mutex_lock <null> (libtsan.so.0+0x00000003b62e) #1 rtWrapperSceneUpdateEnter() pxCore/src/rtScript.cpp:108 (pxscene+0x0000005b7501) #2 rtScriptNodeUtils::rtFunctionWrapper::call(v8::FunctionCallbackInfo<v8::Value> const&) pxCore/src/rtScriptNode/rtFunctionWrapper.cpp:225 (pxscene+0x0000005cb967) #3 v8::internal::FunctionCallbackArguments::Call(void (*)(v8::FunctionCallbackInfo<v8::Value> const&)) ../deps/v8/src/api-arguments.cc:16 (libnode.so.48+0x0000005842c2) #4 pxScriptView::pxScriptView(char const*, char const*) pxCore/examples/pxScene2d/src/pxScene2d.cpp:3424 (pxscene+0x0000005497da) #5 sceneWindow::init(int, int, int, int, char const*) pxCore/examples/pxScene2d/src/pxScene.cpp:169 (pxscene+0x000000594716) #6 pxMain(int, char**) pxCore/examples/pxScene2d/src/pxScene.cpp:534 (pxscene+0x000000593dc4) #7 main pxCore/src/wayland_egl/pxEventLoopNative.cpp:34 (pxscene+0x0000005a19f7) Thread T1 (tid=6654, running) created by main thread at: #0 pthread_create <null> (libtsan.so.0+0x000000028e03) #1 rtThreadPoolNative::initialize() pxCore/src/unix/rtThreadPoolNative.cpp:35 (pxscene+0x0000005958dd) #2 rtThreadPoolNative::rtThreadPoolNative(int) pxCore/src/unix/rtThreadPoolNative.cpp:17 (pxscene+0x000000595762) #3 rtThreadPool::rtThreadPool(int) pxCore/src/rtThreadPool.cpp:31 (pxscene+0x0000005a393e) #4 __static_initialization_and_destruction_0 pxCore/src/rtThreadPool.cpp:28 (pxscene+0x0000005a3ae5) #5 _GLOBAL__sub_I_rtThreadPool.cpp pxCore/src/rtThreadPool.cpp:50 (pxscene+0x0000005a3b50) #6 __libc_csu_init <null> (pxscene+0x00000068f53c) SUMMARY: ThreadSanitizer: data race pxCore/src/unix/rtMutexNative.cpp:24 in rtMutexNative::unlock() ================== ================== WARNING: ThreadSanitizer: data race (pid=6652) Write of size 1 at 0x7b3400000030 by thread T2: #0 rtMutexNative::unlock() pxCore/src/unix/rtMutexNative.cpp:24 (pxscene+0x0000005954c3) #1 rtThreadPoolNative::startThread() pxCore/src/unix/rtThreadPoolNative.cpp:83 (pxscene+0x000000595ba8) #2 launchThread(void*) pxCore/src/unix/rtThreadPoolNative.cpp:9 (pxscene+0x0000005956a4) #3 <null> <null> (libtsan.so.0+0x0000000257eb) Previous write of size 1 at 0x7b3400000030 by main thread (mutexes: write M516): #0 rtMutexNative::unlock() pxCore/src/unix/rtMutexNative.cpp:24 (pxscene+0x0000005954c3) #1 rtThreadPoolNative::executeTask(rtThreadTask*) pxCore/src/unix/rtThreadPoolNative.cpp:99 (pxscene+0x000000595c60) #2 pxTextureOffscreen::freeOffscreenDataInBackground() pxCore/examples/pxScene2d/src/pxContextGL.cpp:873 (pxscene+0x00000057fd70) #3 pxTextureOffscreen::bindGLTexture(int) pxCore/examples/pxScene2d/src/pxContextGL.cpp:765 (pxscene+0x00000057f576) #4 textureShaderProgram::draw(int, int, float*, float, int, void const*, void const*, rtRef<pxTexture>, int, int) pxCore/examples/pxScene2d/src/pxContextGL.cpp:1619 (pxscene+0x000000582280) #5 drawImage92 pxCore/examples/pxScene2d/src/pxContextGL.cpp:2076 (pxscene+0x000000577905) #6 pxContext::drawImage9(float, float, float, float, float, float, rtRef<pxTexture>) pxCore/examples/pxScene2d/src/pxContextGL.cpp:2580 (pxscene+0x00000057ab36) #7 pxImage9::draw() pxCore/examples/pxScene2d/src/pxImage9.cpp:121 (pxscene+0x000000510be3) #8 pxObject::drawInternal(bool) pxCore/examples/pxScene2d/src/pxScene2d.cpp:1355 (pxscene+0x00000053d11e) #9 pxObject::createSnapshot(rtRef<pxContextFramebuffer>&, bool, bool) pxCore/examples/pxScene2d/src/pxScene2d.cpp:1554 (pxscene+0x00000053e004) #10 pxObject::drawInternal(bool) pxCore/examples/pxScene2d/src/pxScene2d.cpp:1336 (pxscene+0x00000053ceea) #11 pxObject::drawInternal(bool) pxCore/examples/pxScene2d/src/pxScene2d.cpp:1367 (pxscene+0x00000053d1ca) #12 pxObject::drawInternal(bool) pxCore/examples/pxScene2d/src/pxScene2d.cpp:1367 (pxscene+0x00000053d1ca) #13 pxObject::drawInternal(bool) pxCore/examples/pxScene2d/src/pxScene2d.cpp:1367 (pxscene+0x00000053d1ca) #14 pxScene2d::draw() pxCore/examples/pxScene2d/src/pxScene2d.cpp:2190 (pxscene+0x0000005420a4) #15 pxScene2d::onDraw() pxCore/examples/pxScene2d/src/pxScene2d.cpp:2376 (pxscene+0x000000542ba9) #16 pxScriptView::onDraw() <null> (pxscene+0x00000055ac4a) #17 pxViewContainer::draw() pxCore/examples/pxScene2d/src/pxScene2d.h:976 (pxscene+0x000000558f7a) #18 pxObject::drawInternal(bool) pxCore/examples/pxScene2d/src/pxScene2d.cpp:1355 (pxscene+0x00000053d11e) #19 pxObject::drawInternal(bool) pxCore/examples/pxScene2d/src/pxScene2d.cpp:1367 (pxscene+0x00000053d1ca) #20 pxScene2d::draw() pxCore/examples/pxScene2d/src/pxScene2d.cpp:2190 (pxscene+0x0000005420a4) #21 pxScene2d::onDraw() pxCore/examples/pxScene2d/src/pxScene2d.cpp:2376 (pxscene+0x000000542ba9) #22 pxScriptView::onDraw() <null> (pxscene+0x00000055ac4a) #23 sceneWindow::onDraw(pxSurfaceNativeDesc*) pxCore/examples/pxScene2d/src/pxScene.cpp:357 (pxscene+0x0000005952b0) #24 pxWindowNative::drawFrame() pxCore/src/wayland_egl/pxWindowNative.cpp:883 (pxscene+0x00000059e685) #25 pxWindowNative::animateAndRender() pxCore/src/wayland_egl/pxWindowNative.cpp:844 (pxscene+0x00000059e3e8) #26 pxWindowNative::runEventLoop() pxCore/src/wayland_egl/pxWindowNative.cpp:595 (pxscene+0x00000059d792) #27 pxEventLoop::run() pxCore/src/wayland_egl/pxEventLoopNative.cpp:19 (pxscene+0x0000005a1969) #28 pxMain(int, char**) pxCore/examples/pxScene2d/src/pxScene.cpp:618 (pxscene+0x000000593e23) #29 main pxCore/src/wayland_egl/pxEventLoopNative.cpp:34 (pxscene+0x0000005a19f7) Location is heap block of size 208 at 0x7b3400000000 allocated by main thread: #0 operator new(unsigned long) <null> (libtsan.so.0+0x00000006f766) #1 __static_initialization_and_destruction_0 pxCore/src/rtThreadPool.cpp:28 (pxscene+0x0000005a3ad5) #2 _GLOBAL__sub_I_rtThreadPool.cpp pxCore/src/rtThreadPool.cpp:50 (pxscene+0x0000005a3b50) #3 __libc_csu_init <null> (pxscene+0x00000068f53c) Mutex M516 (0x00000091cde0) created at: #0 pthread_mutex_lock <null> (libtsan.so.0+0x00000003b62e) #1 rtWrapperSceneUpdateEnter() pxCore/src/rtScript.cpp:108 (pxscene+0x0000005b7501) #2 rtScriptNodeUtils::rtFunctionWrapper::call(v8::FunctionCallbackInfo<v8::Value> const&) pxCore/src/rtScriptNode/rtFunctionWrapper.cpp:225 (pxscene+0x0000005cb967) #3 v8::internal::FunctionCallbackArguments::Call(void (*)(v8::FunctionCallbackInfo<v8::Value> const&)) ../deps/v8/src/api-arguments.cc:16 (libnode.so.48+0x0000005842c2) #4 pxScriptView::pxScriptView(char const*, char const*) pxCore/examples/pxScene2d/src/pxScene2d.cpp:3424 (pxscene+0x0000005497da) #5 sceneWindow::init(int, int, int, int, char const*) pxCore/examples/pxScene2d/src/pxScene.cpp:169 (pxscene+0x000000594716) #6 pxMain(int, char**) pxCore/examples/pxScene2d/src/pxScene.cpp:534 (pxscene+0x000000593dc4) #7 main pxCore/src/wayland_egl/pxEventLoopNative.cpp:34 (pxscene+0x0000005a19f7) Thread T2 (tid=6655, running) created by main thread at: #0 pthread_create <null> (libtsan.so.0+0x000000028e03) #1 rtThreadPoolNative::initialize() pxCore/src/unix/rtThreadPoolNative.cpp:35 (pxscene+0x0000005958dd) #2 rtThreadPoolNative::rtThreadPoolNative(int) pxCore/src/unix/rtThreadPoolNative.cpp:17 (pxscene+0x000000595762) #3 rtThreadPool::rtThreadPool(int) pxCore/src/rtThreadPool.cpp:31 (pxscene+0x0000005a393e) #4 __static_initialization_and_destruction_0 pxCore/src/rtThreadPool.cpp:28 (pxscene+0x0000005a3ae5) #5 _GLOBAL__sub_I_rtThreadPool.cpp pxCore/src/rtThreadPool.cpp:50 (pxscene+0x0000005a3b50) #6 __libc_csu_init <null> (pxscene+0x00000068f53c) SUMMARY: ThreadSanitizer: data race pxCore/src/unix/rtMutexNative.cpp:24 in rtMutexNative::unlock() ================== ================== WARNING: ThreadSanitizer: data race (pid=6652) Write of size 1 at 0x000000f3c3b8 by thread T1 (mutexes: write M256): #0 rtMutexNative::lock() pxCore/src/unix/rtMutexNative.cpp:18 (pxscene+0x00000059547f) #1 rtThreadQueue::addTask(void (*)(void*, void*), void*, void*) pxCore/src/rtThreadQueue.cpp:31 (pxscene+0x0000005a3c3c) #2 cleanupOffscreen(void*) pxCore/examples/pxScene2d/src/pxContextGL.cpp:1164 (pxscene+0x000000575614) #3 rtThreadTask::execute() pxCore/src/rtThreadTask.cpp:38 (pxscene+0x0000005a7850) #4 rtThreadPoolNative::startThread() pxCore/src/unix/rtThreadPoolNative.cpp:87 (pxscene+0x000000595bbf) #5 launchThread(void*) pxCore/src/unix/rtThreadPoolNative.cpp:9 (pxscene+0x0000005956a4) #6 <null> <null> (libtsan.so.0+0x0000000257eb) Previous write of size 1 at 0x000000f3c3b8 by main thread (mutexes: write M516): #0 rtMutexNative::unlock() pxCore/src/unix/rtMutexNative.cpp:24 (pxscene+0x0000005954c3) #1 rtThreadQueue::process(double) pxCore/src/rtThreadQueue.cpp:73 (pxscene+0x0000005a3f18) #2 pxScene2d::onUpdate(double) pxCore/examples/pxScene2d/src/pxScene2d.cpp:2264 (pxscene+0x0000005423bf) #3 pxScriptView::onUpdate(double) <null> (pxscene+0x00000055abbc) #4 pxViewContainer::update(double) pxCore/examples/pxScene2d/src/pxScene2d.h:969 (pxscene+0x000000558ece) #5 pxObject::update(double) pxCore/examples/pxScene2d/src/pxScene2d.cpp:1098 (pxscene+0x00000053c063) #6 pxScene2d::update(double) pxCore/examples/pxScene2d/src/pxScene2d.cpp:2406 (pxscene+0x000000542cef) #7 pxScene2d::onUpdate(double) pxCore/examples/pxScene2d/src/pxScene2d.cpp:2273 (pxscene+0x00000054244d) #8 pxScriptView::onUpdate(double) <null> (pxscene+0x00000055abbc) #9 sceneWindow::onAnimationTimer() pxCore/examples/pxScene2d/src/pxScene.cpp:365 (pxscene+0x000000595348) #10 pxWindowNative::onAnimationTimerInternal() pxCore/src/wayland_egl/pxWindowNative.cpp:488 (pxscene+0x00000059d1c6) #11 pxWindowNative::animateAndRender() pxCore/src/wayland_egl/pxWindowNative.cpp:853 (pxscene+0x00000059e49c) #12 pxWindowNative::runEventLoop() pxCore/src/wayland_egl/pxWindowNative.cpp:595 (pxscene+0x00000059d792) #13 pxEventLoop::run() pxCore/src/wayland_egl/pxEventLoopNative.cpp:19 (pxscene+0x0000005a1969) #14 pxMain(int, char**) pxCore/examples/pxScene2d/src/pxScene.cpp:618 (pxscene+0x000000593e23) #15 main pxCore/src/wayland_egl/pxEventLoopNative.cpp:34 (pxscene+0x0000005a19f7) Location is global 'gUIThreadQueue' of size 128 at 0x000000f3c340 (pxscene+0x000000f3c3b8) Mutex M256 (0x000000f3c390) created at: #0 pthread_mutex_init <null> (libtsan.so.0+0x00000002971e) #1 rtMutexNative::rtMutexNative() pxCore/src/unix/rtMutexNative.cpp:6 (pxscene+0x0000005953f8) #2 rtMutex::rtMutex() pxCore/src/unix/../rtMutex.h:30 (pxscene+0x0000004e41d8) #3 rtThreadQueue::rtThreadQueue() pxCore/src/rtThreadQueue.cpp:26 (pxscene+0x0000005a3b98) #4 __static_initialization_and_destruction_0 pxCore/examples/pxScene2d/src/pxContextGL.cpp:127 (pxscene+0x00000057c68a) #5 _GLOBAL__sub_I_pxContextGL.cpp pxCore/examples/pxScene2d/src/pxContextGL.cpp:2994 (pxscene+0x00000057c754) #6 __libc_csu_init <null> (pxscene+0x00000068f53c) Mutex M516 (0x00000091cde0) created at: #0 pthread_mutex_lock <null> (libtsan.so.0+0x00000003b62e) #1 rtWrapperSceneUpdateEnter() pxCore/src/rtScript.cpp:108 (pxscene+0x0000005b7501) #2 rtScriptNodeUtils::rtFunctionWrapper::call(v8::FunctionCallbackInfo<v8::Value> const&) pxCore/src/rtScriptNode/rtFunctionWrapper.cpp:225 (pxscene+0x0000005cb967) #3 v8::internal::FunctionCallbackArguments::Call(void (*)(v8::FunctionCallbackInfo<v8::Value> const&)) ../deps/v8/src/api-arguments.cc:16 (libnode.so.48+0x0000005842c2) #4 pxScriptView::pxScriptView(char const*, char const*) pxCore/examples/pxScene2d/src/pxScene2d.cpp:3424 (pxscene+0x0000005497da) #5 sceneWindow::init(int, int, int, int, char const*) pxCore/examples/pxScene2d/src/pxScene.cpp:169 (pxscene+0x000000594716) #6 pxMain(int, char**) pxCore/examples/pxScene2d/src/pxScene.cpp:534 (pxscene+0x000000593dc4) #7 main pxCore/src/wayland_egl/pxEventLoopNative.cpp:34 (pxscene+0x0000005a19f7) Thread T1 (tid=6654, running) created by main thread at: #0 pthread_create <null> (libtsan.so.0+0x000000028e03) #1 rtThreadPoolNative::initialize() pxCore/src/unix/rtThreadPoolNative.cpp:35 (pxscene+0x0000005958dd) #2 rtThreadPoolNative::rtThreadPoolNative(int) pxCore/src/unix/rtThreadPoolNative.cpp:17 (pxscene+0x000000595762) #3 rtThreadPool::rtThreadPool(int) pxCore/src/rtThreadPool.cpp:31 (pxscene+0x0000005a393e) #4 __static_initialization_and_destruction_0 pxCore/src/rtThreadPool.cpp:28 (pxscene+0x0000005a3ae5) #5 _GLOBAL__sub_I_rtThreadPool.cpp pxCore/src/rtThreadPool.cpp:50 (pxscene+0x0000005a3b50) #6 __libc_csu_init <null> (pxscene+0x00000068f53c) SUMMARY: ThreadSanitizer: data race pxCore/src/unix/rtMutexNative.cpp:18 in rtMutexNative::lock() ================== rt: WARN pxScene2d.cpp:2323 -- Thread-6652: pxScene fps: 12 (below warn threshold of 25) ================== WARNING: ThreadSanitizer: lock-order-inversion (potential deadlock) (pid=6652) Cycle in lock order graph: M359 (0x7b1400000550) => M516 (0x00000091cde0) => M359 Mutex M516 acquired here while holding mutex M359 in main thread: #0 pthread_mutex_lock <null> (libtsan.so.0+0x00000003b62e) #1 rtWrapperSceneUpdateEnter() pxCore/src/rtScript.cpp:108 (pxscene+0x0000005b7501) #2 rtScriptNodeUtils::rtFunctionWrapper::call(v8::FunctionCallbackInfo<v8::Value> const&) pxCore/src/rtScriptNode/rtFunctionWrapper.cpp:225 (pxscene+0x0000005cb967) #3 v8::internal::FunctionCallbackArguments::Call(void (*)(v8::FunctionCallbackInfo<v8::Value> const&)) ../deps/v8/src/api-arguments.cc:16 (libnode.so.48+0x0000005842c2) #4 pxScriptView::pxScriptView(char const*, char const*) pxCore/examples/pxScene2d/src/pxScene2d.cpp:3424 (pxscene+0x0000005497da) #5 sceneWindow::init(int, int, int, int, char const*) pxCore/examples/pxScene2d/src/pxScene.cpp:169 (pxscene+0x000000594716) #6 pxMain(int, char**) pxCore/examples/pxScene2d/src/pxScene.cpp:534 (pxscene+0x000000593dc4) #7 main pxCore/src/wayland_egl/pxEventLoopNative.cpp:34 (pxscene+0x0000005a19f7) Hint: use TSAN_OPTIONS=second_deadlock_stack=1 to get more informative warning message Mutex M359 acquired here while holding mutex M516 in main thread: #0 pthread_mutex_lock <null> (libtsan.so.0+0x00000003b62e) #1 v8::internal::ThreadManager::Lock() ../deps/v8/src/v8threads.cc:154 (libnode.so.48+0x000000b3f610) #2 rtEmit::Send(int, rtValue const*, rtValue*) pxCore/src/rtObject.cpp:130 (pxscene+0x00000060620c) #3 rtEmitRef::Send(int, rtValue const*, rtValue*) pxCore/src/rtObject.cpp:163 (pxscene+0x0000006063a8) #4 rtFunctionBase::Send(int, rtValue const*) pxCore/src/rtObject.h:220 (pxscene+0x000000609109) #5 rtFunctionBase::send(rtValue const&, rtValue const&) pxCore/src/rtObject.cpp:510 (pxscene+0x000000607ebb) #6 pxScene2d::onUpdate(double) pxCore/examples/pxScene2d/src/pxScene2d.cpp:2343 (pxscene+0x000000542992) #7 pxScriptView::onUpdate(double) <null> (pxscene+0x00000055abbc) #8 sceneWindow::onAnimationTimer() pxCore/examples/pxScene2d/src/pxScene.cpp:365 (pxscene+0x000000595348) #9 pxWindowNative::onAnimationTimerInternal() pxCore/src/wayland_egl/pxWindowNative.cpp:488 (pxscene+0x00000059d1c6) #10 pxWindowNative::animateAndRender() pxCore/src/wayland_egl/pxWindowNative.cpp:853 (pxscene+0x00000059e49c) #11 pxWindowNative::runEventLoop() pxCore/src/wayland_egl/pxWindowNative.cpp:595 (pxscene+0x00000059d792) #12 pxEventLoop::run() pxCore/src/wayland_egl/pxEventLoopNative.cpp:19 (pxscene+0x0000005a1969) #13 pxMain(int, char**) pxCore/examples/pxScene2d/src/pxScene.cpp:618 (pxscene+0x000000593e23) #14 main pxCore/src/wayland_egl/pxEventLoopNative.cpp:34 (pxscene+0x0000005a19f7) SUMMARY: ThreadSanitizer: lock-order-inversion (potential deadlock) (/lib64/libtsan.so.0+0x3b62e) in pthread_mutex_lock
jiangliwu
pushed a commit
to jiangliwu/pxCore
that referenced
this issue
Feb 28, 2018
…xscene#879) Fixes the following data race: WARNING: ThreadSanitizer: data race (pid=10382) Write of size 1 at 0x7b44001817aa by thread T31 (mutexes: write M68656): #0 pxWayland::connectToRemoteObject() pxCore/examples/pxScene2d/src/pxWayland.cpp:713 (pxscene+0x00000058ea65) topcoderinc#1 pxWayland::findRemoteThread(void*) pxCore/examples/pxScene2d/src/pxWayland.cpp:643 (pxscene+0x00000058e625) topcoderinc#2 <null> <null> (libtsan.so.0+0x0000000257eb) Previous write of size 1 at 0x7b44001817aa by main thread (mutexes: write M357): #0 pxWayland::terminateClient() pxCore/examples/pxScene2d/src/pxWayland.cpp:579 (pxscene+0x00000058e2c4) topcoderinc#1 pxWayland::~pxWayland() pxCore/examples/pxScene2d/src/pxWayland.cpp:94 (pxscene+0x00000058bd42) topcoderinc#2 pxWayland::~pxWayland() pxCore/examples/pxScene2d/src/pxWayland.cpp:96 (pxscene+0x00000058bdef) topcoderinc#3 pxWayland::Release() pxCore/examples/pxScene2d/src/pxWayland.h:66 (pxscene+0x00000058f8d7) topcoderinc#4 rtRef<pxIView>::asn(pxIView const*) pxCore/examples/pxScene2d/src/../../../src/rtRef.h:74 (pxscene+0x000000567ed3) topcoderinc#5 rtRef<pxIView>::operator=(pxIView const*) pxCore/examples/pxScene2d/src/../../../src/rtRef.h:58 (pxscene+0x000000564221) topcoderinc#6 pxViewContainer::setView(pxIView*) <null> (pxscene+0x000000559f65) topcoderinc#7 pxWaylandContainer::setView(pxWayland*) pxCore/examples/pxScene2d/src/pxWaylandContainer.cpp:295 (pxscene+0x000000592128) topcoderinc#8 pxWaylandContainer::dispose() pxCore/examples/pxScene2d/src/pxWaylandContainer.cpp:68 (pxscene+0x000000590605) topcoderinc#9 pxObject::dispose() pxCore/examples/pxScene2d/src/pxScene2d.cpp:529 (pxscene+0x00000053beb1) topcoderinc#10 pxScene2d::dispose() pxCore/examples/pxScene2d/src/pxScene2d.cpp:1832 (pxscene+0x000000541d21) topcoderinc#11 pxScene2d::dispose_thunk(int, rtValue const*, rtValue&) <null> (pxscene+0x00000055ff69) topcoderinc#12 rtObjectFunction::Send(int, rtValue const*, rtValue*) pxCore/src/rtObject.cpp:581 (pxscene+0x00000060e36e) topcoderinc#13 rtObjectBase::Send(char const*, int, rtValue const*) pxCore/src/rtObject.cpp:444 (pxscene+0x00000060cc80) topcoderinc#14 rtObjectBase::send(char const*) pxCore/src/rtObject.cpp:460 (pxscene+0x00000060cdf0) topcoderinc#15 pxScriptView::~pxScriptView() <null> (pxscene+0x00000055befe) topcoderinc#16 pxScriptView::~pxScriptView() <null> (pxscene+0x00000055c015) topcoderinc#17 pxScriptView::Release() <null> (pxscene+0x00000055c0ea) topcoderinc#18 rtRef<pxIView>::asn(pxIView const*) pxCore/examples/pxScene2d/src/../../../src/rtRef.h:74 (pxscene+0x000000567ed3) topcoderinc#19 rtRef<pxIView>::operator=(pxIView const*) pxCore/examples/pxScene2d/src/../../../src/rtRef.h:58 (pxscene+0x000000564221) topcoderinc#20 pxViewContainer::setView(pxIView*) <null> (pxscene+0x000000559f65) topcoderinc#21 pxSceneContainer::setScriptView(pxScriptView*) pxCore/examples/pxScene2d/src/pxScene2d.cpp:3374 (pxscene+0x00000054b2ff) topcoderinc#22 pxSceneContainer::dispose() pxCore/examples/pxScene2d/src/pxScene2d.cpp:3405 (pxscene+0x00000054b4d8) topcoderinc#23 pxObject::releaseResources() pxCore/examples/pxScene2d/src/pxScene2d.h:700 (pxscene+0x000000557e12) topcoderinc#24 pxObject::releaseResources_thunk(int, rtValue const*, rtValue&) pxCore/examples/pxScene2d/src/pxScene2d.h:207 (pxscene+0x000000552dfb) topcoderinc#25 rtObjectFunction::Send(int, rtValue const*, rtValue*) pxCore/src/rtObject.cpp:581 (pxscene+0x00000060e36e) topcoderinc#26 rtObjectBase::Send(char const*, int, rtValue const*) pxCore/src/rtObject.cpp:444 (pxscene+0x00000060cc80) topcoderinc#27 rtObjectBase::send(char const*) pxCore/src/rtObject.cpp:460 (pxscene+0x00000060cdf0) topcoderinc#28 WeakCallback pxCore/src/rtScriptNode/rtWrapperUtils.cpp:91 (pxscene+0x0000005db766) topcoderinc#29 v8::internal::GlobalHandles::PendingPhantomCallback::Invoke(v8::internal::Isolate*) ../deps/v8/src/global-handles.cc:1072 (libnode.so.48+0x00000083af5e) topcoderinc#30 rtScriptNodeUtils::rtFunctionWrapper::call(v8::FunctionCallbackInfo<v8::Value> const&) pxCore/src/rtScriptNode/rtFunctionWrapper.cpp:261 (pxscene+0x0000005d0b74) topcoderinc#31 v8::internal::FunctionCallbackArguments::Call(void (*)(v8::FunctionCallbackInfo<v8::Value> const&)) ../deps/v8/src/api-arguments.cc:16 (libnode.so.48+0x0000005844f2) topcoderinc#32 rtScript::pump() pxCore/src/rtScript.cpp:221 (pxscene+0x0000005bc24c) topcoderinc#33 sceneWindow::onAnimationTimer() pxCore/examples/pxScene2d/src/pxScene.cpp:373 (pxscene+0x000000599b87) topcoderinc#34 pxWindowNative::onAnimationTimerInternal() pxCore/src/wayland_egl/pxWindowNative.cpp:488 (pxscene+0x0000005a199a) topcoderinc#35 pxWindowNative::animateAndRender() pxCore/src/wayland_egl/pxWindowNative.cpp:853 (pxscene+0x0000005a2c70) topcoderinc#36 pxWindowNative::runEventLoop() pxCore/src/wayland_egl/pxWindowNative.cpp:595 (pxscene+0x0000005a1f66) topcoderinc#37 pxEventLoop::run() pxCore/src/wayland_egl/pxEventLoopNative.cpp:19 (pxscene+0x0000005a613d) topcoderinc#38 pxMain(int, char**) pxCore/examples/pxScene2d/src/pxScene.cpp:623 (pxscene+0x00000059860c) topcoderinc#39 main pxCore/src/wayland_egl/pxEventLoopNative.cpp:34 (pxscene+0x0000005a61cb) Location is heap block of size 320 at 0x7b4400181780 allocated by main thread: #0 operator new(unsigned long) <null> (libtsan.so.0+0x00000006f766) topcoderinc#1 pxScene2d::createWayland(rtObjectRef, rtObjectRef&) pxCore/examples/pxScene2d/src/pxScene2d.cpp:2142 (pxscene+0x000000543fa9) topcoderinc#2 pxScene2d::create(rtObjectRef, rtObjectRef&) pxCore/examples/pxScene2d/src/pxScene2d.cpp:1919 (pxscene+0x000000542614) topcoderinc#3 pxScene2d::create_thunk(int, rtValue const*, rtValue&) <null> (pxscene+0x00000055d9d8) topcoderinc#4 rtObjectFunction::Send(int, rtValue const*, rtValue*) pxCore/src/rtObject.cpp:581 (pxscene+0x00000060e36e) topcoderinc#5 rtScriptNodeUtils::rtFunctionWrapper::call(v8::FunctionCallbackInfo<v8::Value> const&) pxCore/src/rtScriptNode/rtFunctionWrapper.cpp:226 (pxscene+0x0000005d0665) topcoderinc#6 v8::internal::FunctionCallbackArguments::Call(void (*)(v8::FunctionCallbackInfo<v8::Value> const&)) ../deps/v8/src/api-arguments.cc:16 (libnode.so.48+0x0000005844f2) topcoderinc#7 uv__queue_done <null> (pxscene+0x00000067b1da) topcoderinc#8 rtScript::pump() pxCore/src/rtScript.cpp:221 (pxscene+0x0000005bc24c) topcoderinc#9 sceneWindow::onAnimationTimer() pxCore/examples/pxScene2d/src/pxScene.cpp:373 (pxscene+0x000000599b87) topcoderinc#10 pxWindowNative::onAnimationTimerInternal() pxCore/src/wayland_egl/pxWindowNative.cpp:488 (pxscene+0x0000005a199a) topcoderinc#11 pxWindowNative::animateAndRender() pxCore/src/wayland_egl/pxWindowNative.cpp:853 (pxscene+0x0000005a2c70) topcoderinc#12 pxWindowNative::runEventLoop() pxCore/src/wayland_egl/pxWindowNative.cpp:595 (pxscene+0x0000005a1f66) topcoderinc#13 pxEventLoop::run() pxCore/src/wayland_egl/pxEventLoopNative.cpp:19 (pxscene+0x0000005a613d) topcoderinc#14 pxMain(int, char**) pxCore/examples/pxScene2d/src/pxScene.cpp:623 (pxscene+0x00000059860c) topcoderinc#15 main pxCore/src/wayland_egl/pxEventLoopNative.cpp:34 (pxscene+0x0000005a61cb) Mutex M68656 (0x7b4400181898) created at: #0 pthread_mutex_init <null> (libtsan.so.0+0x00000002971e) topcoderinc#1 rtMutexNative::rtMutexNative() pxCore/src/unix/rtMutexNative.cpp:6 (pxscene+0x000000599c10) topcoderinc#2 rtMutex::rtMutex() pxCore/src/unix/../rtMutex.h:30 (pxscene+0x0000004e6fea) topcoderinc#3 pxWayland::pxWayland(bool) pxCore/examples/pxScene2d/src/pxWayland.cpp:73 (pxscene+0x00000058baed) topcoderinc#4 pxScene2d::createWayland(rtObjectRef, rtObjectRef&) pxCore/examples/pxScene2d/src/pxScene2d.cpp:2142 (pxscene+0x000000543fb9) topcoderinc#5 pxScene2d::create(rtObjectRef, rtObjectRef&) pxCore/examples/pxScene2d/src/pxScene2d.cpp:1919 (pxscene+0x000000542614) topcoderinc#6 pxScene2d::create_thunk(int, rtValue const*, rtValue&) <null> (pxscene+0x00000055d9d8) topcoderinc#7 rtObjectFunction::Send(int, rtValue const*, rtValue*) pxCore/src/rtObject.cpp:581 (pxscene+0x00000060e36e) topcoderinc#8 rtScriptNodeUtils::rtFunctionWrapper::call(v8::FunctionCallbackInfo<v8::Value> const&) pxCore/src/rtScriptNode/rtFunctionWrapper.cpp:226 (pxscene+0x0000005d0665) topcoderinc#9 v8::internal::FunctionCallbackArguments::Call(void (*)(v8::FunctionCallbackInfo<v8::Value> const&)) ../deps/v8/src/api-arguments.cc:16 (libnode.so.48+0x0000005844f2) topcoderinc#10 uv__queue_done <null> (pxscene+0x00000067b1da) topcoderinc#11 rtScript::pump() pxCore/src/rtScript.cpp:221 (pxscene+0x0000005bc24c) topcoderinc#12 sceneWindow::onAnimationTimer() pxCore/examples/pxScene2d/src/pxScene.cpp:373 (pxscene+0x000000599b87) topcoderinc#13 pxWindowNative::onAnimationTimerInternal() pxCore/src/wayland_egl/pxWindowNative.cpp:488 (pxscene+0x0000005a199a) topcoderinc#14 pxWindowNative::animateAndRender() pxCore/src/wayland_egl/pxWindowNative.cpp:853 (pxscene+0x0000005a2c70) topcoderinc#15 pxWindowNative::runEventLoop() pxCore/src/wayland_egl/pxWindowNative.cpp:595 (pxscene+0x0000005a1f66) topcoderinc#16 pxEventLoop::run() pxCore/src/wayland_egl/pxEventLoopNative.cpp:19 (pxscene+0x0000005a613d) topcoderinc#17 pxMain(int, char**) pxCore/examples/pxScene2d/src/pxScene.cpp:623 (pxscene+0x00000059860c) topcoderinc#18 main pxCore/src/wayland_egl/pxEventLoopNative.cpp:34 (pxscene+0x0000005a61cb) Mutex M357 (0x7b1400000550) created at: #0 pthread_mutex_init <null> (libtsan.so.0+0x00000002971e) topcoderinc#1 v8::internal::ThreadManager::ThreadManager() ../deps/v8/src/v8threads.cc:245 (libnode.so.48+0x000000b3fa1e) topcoderinc#2 rtScriptNode::init() pxCore/src/rtScriptNode/rtScriptNode.cpp:1025 (pxscene+0x0000005c9a49) topcoderinc#3 rtScript::init() pxCore/src/rtScript.cpp:203 (pxscene+0x0000005bc118) topcoderinc#4 pxMain(int, char**) pxCore/examples/pxScene2d/src/pxScene.cpp:526 (pxscene+0x000000598491) topcoderinc#5 main pxCore/src/wayland_egl/pxEventLoopNative.cpp:34 (pxscene+0x0000005a61cb) Thread T31 (tid=11324, running) created by main thread at: #0 pthread_create <null> (libtsan.so.0+0x000000028e03) topcoderinc#1 pxWayland::startRemoteObjectDetection() pxCore/examples/pxScene2d/src/pxWayland.cpp:628 (pxscene+0x00000058e597) topcoderinc#2 pxWayland::createDisplay(rtString) pxCore/examples/pxScene2d/src/pxWayland.cpp:197 (pxscene+0x00000058c514) topcoderinc#3 pxWayland::onInit() pxCore/examples/pxScene2d/src/pxWayland.cpp:107 (pxscene+0x00000058bf09) topcoderinc#4 pxWaylandContainer::onInit() pxCore/examples/pxScene2d/src/pxWaylandContainer.cpp:376 (pxscene+0x000000592763) topcoderinc#5 rtObject::init() pxCore/src/rtObject.cpp:321 (pxscene+0x00000060c4cf) topcoderinc#6 rtObject::init_thunk(int, rtValue const*, rtValue&) pxCore/src/rtObject.h:292 (pxscene+0x00000060ed31) topcoderinc#7 rtObjectFunction::Send(int, rtValue const*, rtValue*) pxCore/src/rtObject.cpp:581 (pxscene+0x00000060e36e) topcoderinc#8 rtObjectBase::Send(char const*, int, rtValue const*) pxCore/src/rtObject.cpp:444 (pxscene+0x00000060cc80) topcoderinc#9 rtObjectBase::send(char const*) pxCore/src/rtObject.cpp:460 (pxscene+0x00000060cdf0) topcoderinc#10 pxScene2d::createWayland(rtObjectRef, rtObjectRef&) pxCore/examples/pxScene2d/src/pxScene2d.cpp:2145 (pxscene+0x00000054402f) topcoderinc#11 pxScene2d::create(rtObjectRef, rtObjectRef&) pxCore/examples/pxScene2d/src/pxScene2d.cpp:1919 (pxscene+0x000000542614) topcoderinc#12 pxScene2d::create_thunk(int, rtValue const*, rtValue&) <null> (pxscene+0x00000055d9d8) topcoderinc#13 rtObjectFunction::Send(int, rtValue const*, rtValue*) pxCore/src/rtObject.cpp:581 (pxscene+0x00000060e36e) topcoderinc#14 rtScriptNodeUtils::rtFunctionWrapper::call(v8::FunctionCallbackInfo<v8::Value> const&) pxCore/src/rtScriptNode/rtFunctionWrapper.cpp:226 (pxscene+0x0000005d0665) topcoderinc#15 v8::internal::FunctionCallbackArguments::Call(void (*)(v8::FunctionCallbackInfo<v8::Value> const&)) ../deps/v8/src/api-arguments.cc:16 (libnode.so.48+0x0000005844f2) topcoderinc#16 uv__queue_done <null> (pxscene+0x00000067b1da) topcoderinc#17 rtScript::pump() pxCore/src/rtScript.cpp:221 (pxscene+0x0000005bc24c) topcoderinc#18 sceneWindow::onAnimationTimer() pxCore/examples/pxScene2d/src/pxScene.cpp:373 (pxscene+0x000000599b87) topcoderinc#19 pxWindowNative::onAnimationTimerInternal() pxCore/src/wayland_egl/pxWindowNative.cpp:488 (pxscene+0x0000005a199a) topcoderinc#20 pxWindowNative::animateAndRender() pxCore/src/wayland_egl/pxWindowNative.cpp:853 (pxscene+0x0000005a2c70) topcoderinc#21 pxWindowNative::runEventLoop() pxCore/src/wayland_egl/pxWindowNative.cpp:595 (pxscene+0x0000005a1f66) topcoderinc#22 pxEventLoop::run() pxCore/src/wayland_egl/pxEventLoopNative.cpp:19 (pxscene+0x0000005a613d) topcoderinc#23 pxMain(int, char**) pxCore/examples/pxScene2d/src/pxScene.cpp:623 (pxscene+0x00000059860c) topcoderinc#24 main pxCore/src/wayland_egl/pxEventLoopNative.cpp:34 (pxscene+0x0000005a61cb) SUMMARY: ThreadSanitizer: data race pxCore/examples/pxScene2d/src/pxWayland.cpp:713 in pxWayland::connectToRemoteObject()
jiangliwu
pushed a commit
to jiangliwu/pxCore
that referenced
this issue
Feb 28, 2018
…ator delete) (pxscene#892) ==14719==ERROR: AddressSanitizer: alloc-dealloc-mismatch (operator new [] vs operator delete) on 0x626000021100 #0 0x7f45904e5fd0 in operator delete(void*) (/lib64/libasan.so.4+0xe0fd0) topcoderinc#1 0x4e1b95 in pxContextTest::textureMemoryOverflowTrueTest() pxCore/tests/pxScene2d/test_pxcontext.cpp:179 topcoderinc#2 0x4e1b95 in pxContextTest_pxContextTests_Test::TestBody() pxCore/tests/pxScene2d/test_pxcontext.cpp:315 topcoderinc#3 0x80ccbe in void testing::internal::HandleSehExceptionsInMethodIfSupported<testing::Test, void>(testing::Test*, void (testing::Test::*)(), char const*) pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:2402 topcoderinc#4 0x80ccbe in void testing::internal::HandleExceptionsInMethodIfSupported<testing::Test, void>(testing::Test*, void (testing::Test::*)(), char const*) pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:2438 topcoderinc#5 0x7d2bad in testing::Test::Run() pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:2474 topcoderinc#6 0x7d2d92 in testing::TestInfo::Run() pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:2656 topcoderinc#7 0x7d3266 in testing::TestCase::Run() pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:2774 topcoderinc#8 0x7d7c85 in testing::internal::UnitTestImpl::RunAllTests() pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:4649 topcoderinc#9 0x7d82cf in bool testing::internal::HandleSehExceptionsInMethodIfSupported<testing::internal::UnitTestImpl, bool>(testing::internal::UnitTestImpl*, bool (testing::internal::UnitTestImpl::*)(), char const*) pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:2402 topcoderinc#10 0x7d82cf in bool testing::internal::HandleExceptionsInMethodIfSupported<testing::internal::UnitTestImpl, bool>(testing::internal::UnitTestImpl*, bool (testing::internal::UnitTestImpl::*)(), char const*) pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:2438 topcoderinc#11 0x7d82cf in testing::UnitTest::Run() pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:4257 topcoderinc#12 0x4b627a in RUN_ALL_TESTS() pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/include/gtest/gtest.h:2233 topcoderinc#13 0x4b627a in main pxCore/tests/pxScene2d/pxscene2dtestsmain.cpp:101 topcoderinc#14 0x7f458a716009 in __libc_start_main (/lib64/libc.so.6+0x21009) topcoderinc#15 0x4c6df9 in _start (pxCore/tests/pxScene2d/pxscene2dtests+0x4c6df9) 0x626000021100 is located 0 bytes inside of 10000-byte region [0x626000021100,0x626000023810) allocated by thread T0 here: #0 0x7f45904e5318 in operator new[](unsigned long) (/lib64/libasan.so.4+0xe0318) topcoderinc#1 0x4e182d in pxContextTest::textureMemoryOverflowTrueTest() pxCore/tests/pxScene2d/test_pxcontext.cpp:176 topcoderinc#2 0x4e182d in pxContextTest_pxContextTests_Test::TestBody() pxCore/tests/pxScene2d/test_pxcontext.cpp:315 topcoderinc#3 0x80ccbe in void testing::internal::HandleSehExceptionsInMethodIfSupported<testing::Test, void>(testing::Test*, void (testing::Test::*)(), char const*) pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:2402 topcoderinc#4 0x80ccbe in void testing::internal::HandleExceptionsInMethodIfSupported<testing::Test, void>(testing::Test*, void (testing::Test::*)(), char const*) pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:2438 topcoderinc#5 0x7d2bad in testing::Test::Run() pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:2474 topcoderinc#6 0x7d2d92 in testing::TestInfo::Run() pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:2656 topcoderinc#7 0x7d3266 in testing::TestCase::Run() pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:2774 topcoderinc#8 0x7d7c85 in testing::internal::UnitTestImpl::RunAllTests() pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:4649 topcoderinc#9 0x7d82cf in bool testing::internal::HandleSehExceptionsInMethodIfSupported<testing::internal::UnitTestImpl, bool>(testing::internal::UnitTestImpl*, bool (testing::internal::UnitTestImpl::*)(), char const*) pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:2402 topcoderinc#10 0x7d82cf in bool testing::internal::HandleExceptionsInMethodIfSupported<testing::internal::UnitTestImpl, bool>(testing::internal::UnitTestImpl*, bool (testing::internal::UnitTestImpl::*)(), char const*) pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:2438 topcoderinc#11 0x7d82cf in testing::UnitTest::Run() pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:4257 topcoderinc#12 0x4b627a in RUN_ALL_TESTS() pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/include/gtest/gtest.h:2233 topcoderinc#13 0x4b627a in main pxCore/tests/pxScene2d/pxscene2dtestsmain.cpp:101 topcoderinc#14 0x7f458a716009 in __libc_start_main (/lib64/libc.so.6+0x21009) SUMMARY: AddressSanitizer: alloc-dealloc-mismatch (/lib64/libasan.so.4+0xe0fd0) in operator delete(void*)
jiangliwu
pushed a commit
to jiangliwu/pxCore
that referenced
this issue
Feb 28, 2018
…cene#893) Fixex attempt to allocate 0xffffffff833db0fe bytes of data: ==18628==WARNING: AddressSanitizer failed to allocate 0xffffffff833db0fe bytes ==18628==AddressSanitizer CHECK failed: ../../../../libsanitizer/sanitizer_common/sanitizer_allocator.cc:218 "((0)) != (0)" (0x0, 0x0) #0 0x7f939d46a902 (/lib64/libasan.so.4+0xe9902) topcoderinc#1 0x7f939d489295 in __sanitizer::CheckFailed(char const*, int, char const*, unsigned long long, unsigned long long) (/lib64/libasan.so.4+0x108295) topcoderinc#2 0x7f939d470042 (/lib64/libasan.so.4+0xef042) topcoderinc#3 0x7f939d3a8b46 (/lib64/libasan.so.4+0x27b46) topcoderinc#4 0x7f939d45f81a in malloc (/lib64/libasan.so.4+0xde81a) topcoderinc#5 0x81fc71 in pxLoadJPGImageTurbo(char const*, unsigned long, pxOffscreen&) pxCore/src/pxUtil.cpp:711 topcoderinc#6 0x81dea4 in pxLoadImage(char const*, unsigned long, pxOffscreen&) pxCore/src/pxUtil.cpp:49 topcoderinc#7 0x63a942 in pxUtilTest::pxLoadImage3ArgsLessLengthFailureTest() pxCore/tests/pxScene2d/test_pxUtil.cpp:142 topcoderinc#8 0x638975 in pxUtilTest_pxutilsTest_Test::TestBody() pxCore/tests/pxScene2d/test_pxUtil.cpp:327 topcoderinc#9 0x7ad278 in void testing::internal::HandleSehExceptionsInMethodIfSupported<testing::Test, void>(testing::Test*, void (testing::Test::*)(), char const*) (pxCore/tests/pxScene2d/pxscene2dtests+0x7ad278) topcoderinc#10 0x7a0938 in void testing::internal::HandleExceptionsInMethodIfSupported<testing::Test, void>(testing::Test*, void (testing::Test::*)(), char const*) pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:2438 topcoderinc#11 0x75d4cd in testing::Test::Run() pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:2474 topcoderinc#12 0x75e7b9 in testing::TestInfo::Run() pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:2656 topcoderinc#13 0x75f332 in testing::TestCase::Run() pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:2774 topcoderinc#14 0x76fed0 in testing::internal::UnitTestImpl::RunAllTests() pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:4649 topcoderinc#15 0x7afcb7 in bool testing::internal::HandleSehExceptionsInMethodIfSupported<testing::internal::UnitTestImpl, bool>(testing::internal::UnitTestImpl*, bool (testing::internal::UnitTestImpl::*)(), char const*) pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:2402 topcoderinc#16 0x7a2a97 in bool testing::internal::HandleExceptionsInMethodIfSupported<testing::internal::UnitTestImpl, bool>(testing::internal::UnitTestImpl*, bool (testing::internal::UnitTestImpl::*)(), char const*) (pxCore/tests/pxScene2d/pxscene2dtests+0x7a2a97) topcoderinc#17 0x76d0d9 in testing::UnitTest::Run() pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:4257 topcoderinc#18 0x5299db in RUN_ALL_TESTS() (pxCore/tests/pxScene2d/pxscene2dtests+0x5299db) topcoderinc#19 0x5295c7 in main pxCore/tests/pxScene2d/pxscene2dtestsmain.cpp:101 topcoderinc#20 0x7f9397692009 in __libc_start_main (/lib64/libc.so.6+0x21009) topcoderinc#21 0x5293c9 in _start (pxCore/tests/pxScene2d/pxscene2dtests+0x5293c9)
jiangliwu
pushed a commit
to jiangliwu/pxCore
that referenced
this issue
Feb 28, 2018
pxscene#894) Fixes the followg memory overflow eror: ==14924==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x602000114f2f at pc 0x7f9a07e6aed2 bp 0x7fff38e88bb0 sp 0x7fff38e88ba0 READ of size 1 at 0x602000114f2f thread T0 #0 0x7f9a07e6aed1 in base64_decode(unsigned char const*, unsigned long, unsigned long*) pxCore/examples/pxScene2d/src/pxScene2d.cpp:345 topcoderinc#1 0x627b36 in screenshotTest::test_base64_encode_decode() pxCore/tests/pxScene2d/test_screenshot.cpp:60 topcoderinc#2 0x627b36 in screenshotTest_screenshotTests_Test::TestBody() pxCore/tests/pxScene2d/test_screenshot.cpp:183 topcoderinc#3 0x80ccbe in void testing::internal::HandleSehExceptionsInMethodIfSupported<testing::Test, void>(testing::Test*, void (testing::Test::*)(), char const*) pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:2402 topcoderinc#4 0x80ccbe in void testing::internal::HandleExceptionsInMethodIfSupported<testing::Test, void>(testing::Test*, void (testing::Test::*)(), char const*) pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:2438 topcoderinc#5 0x7d2bad in testing::Test::Run() pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:2474 topcoderinc#6 0x7d2d92 in testing::TestInfo::Run() pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:2656 topcoderinc#7 0x7d3266 in testing::TestCase::Run() pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:2774 topcoderinc#8 0x7d7c85 in testing::internal::UnitTestImpl::RunAllTests() pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:4649 topcoderinc#9 0x7d82cf in bool testing::internal::HandleSehExceptionsInMethodIfSupported<testing::internal::UnitTestImpl, bool>(testing::internal::UnitTestImpl*, bool (testing::internal::UnitTestImpl::*)(), char const*) pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:2402 topcoderinc#10 0x7d82cf in bool testing::internal::HandleExceptionsInMethodIfSupported<testing::internal::UnitTestImpl, bool>(testing::internal::UnitTestImpl*, bool (testing::internal::UnitTestImpl::*)(), char const*) pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:2438 topcoderinc#11 0x7d82cf in testing::UnitTest::Run() pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:4257 topcoderinc#12 0x4b627a in RUN_ALL_TESTS() pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/include/gtest/gtest.h:2233 topcoderinc#13 0x4b627a in main pxCore/tests/pxScene2d/pxscene2dtestsmain.cpp:101 topcoderinc#14 0x7f9a02ab4009 in __libc_start_main (/lib64/libc.so.6+0x21009) topcoderinc#15 0x4c6df9 in _start (pxCore/tests/pxScene2d/pxscene2dtests+0x4c6df9) 0x602000114f2f is located 1 bytes to the left of 1-byte region [0x602000114f30,0x602000114f31) allocated by thread T0 here: #0 0x7f9a08881850 in malloc (/lib64/libasan.so.4+0xde850) topcoderinc#1 0x7f9a07e6a915 in base64_encode(unsigned char const*, unsigned long, unsigned long*) pxCore/examples/pxScene2d/src/pxScene2d.cpp:311 topcoderinc#2 0x627809 in screenshotTest::test_base64_encode_decode() pxCore/tests/pxScene2d/test_screenshot.cpp:55 topcoderinc#3 0x627809 in screenshotTest_screenshotTests_Test::TestBody() pxCore/tests/pxScene2d/test_screenshot.cpp:183 topcoderinc#4 0x80ccbe in void testing::internal::HandleSehExceptionsInMethodIfSupported<testing::Test, void>(testing::Test*, void (testing::Test::*)(), char const*) pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:2402 topcoderinc#5 0x80ccbe in void testing::internal::HandleExceptionsInMethodIfSupported<testing::Test, void>(testing::Test*, void (testing::Test::*)(), char const*) pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:2438 topcoderinc#6 0x7d2bad in testing::Test::Run() pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:2474 topcoderinc#7 0x7d2d92 in testing::TestInfo::Run() pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:2656 topcoderinc#8 0x7d3266 in testing::TestCase::Run() pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:2774 topcoderinc#9 0x7d7c85 in testing::internal::UnitTestImpl::RunAllTests() pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:4649 topcoderinc#10 0x7d82cf in bool testing::internal::HandleSehExceptionsInMethodIfSupported<testing::internal::UnitTestImpl, bool>(testing::internal::UnitTestImpl*, bool (testing::internal::UnitTestImpl::*)(), char const*) pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:2402 topcoderinc#11 0x7d82cf in bool testing::internal::HandleExceptionsInMethodIfSupported<testing::internal::UnitTestImpl, bool>(testing::internal::UnitTestImpl*, bool (testing::internal::UnitTestImpl::*)(), char const*) pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:2438 topcoderinc#12 0x7d82cf in testing::UnitTest::Run() pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:4257 topcoderinc#13 0x4b627a in RUN_ALL_TESTS() pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/include/gtest/gtest.h:2233 topcoderinc#14 0x4b627a in main pxCore/tests/pxScene2d/pxscene2dtestsmain.cpp:101 topcoderinc#15 0x7f9a02ab4009 in __libc_start_main (/lib64/libc.so.6+0x21009) SUMMARY: AddressSanitizer: heap-buffer-overflow pxCore/examples/pxScene2d/src/pxScene2d.cpp:345 in base64_decode(unsigned char const*, unsigned long, unsigned long*) Shadow bytes around the buggy address: 0x0c048001a990: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0c048001a9a0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0c048001a9b0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0c048001a9c0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0c048001a9d0: fa fa fa fa fa fa fd fd fa fa fa fa fa fa fa fa =>0x0c048001a9e0: fa fa fa fa fa[fa]01 fa fa fa fd fd fa fa fa fa 0x0c048001a9f0: fa fa 01 fa fa fa fd fd fa fa fd fd fa fa fd fd 0x0c048001aa00: fa fa fd fa fa fa fd fd fa fa fd fd fa fa fd fd 0x0c048001aa10: fa fa fd fa fa fa fd fa fa fa fd fa fa fa^[[0m fd fa 0x0c048001aa20: fa fa fd fa fa fa fd fa fa fa fd fa fa fa fd fa 0x0c048001aa30: fa fa fd fa fa fa fd fa fa fa fd fa fa fa fd fa Shadow byte legend (one shadow byte represents 8 application bytes): Addressable: 00 Partially addressable: 01 02 03 04 05 06 07 Heap left redzone: fa Freed heap region: fd Stack left redzone: f1 Stack mid redzone: f2 Stack right redzone: f3 Stack after return: f5 Stack use after scope: f8 Global redzone: f9 Global init order: f6 Poisoned by user: f7 Container overflow: fc Array cookie: ac Intra object redzone: bb ASan internal: fe Left alloca redzone: ca Right alloca redzone: cb ==14924==ABORTING
jiangliwu
pushed a commit
to jiangliwu/pxCore
that referenced
this issue
Feb 28, 2018
…pxscene#895) Fixes the following heap-use-after-free crash: ==21739==ERROR: AddressSanitizer: heap-use-after-free on address 0x61400003c8f1 at pc 0x000000825f62 bp 0x7fffc21a8990 sp 0x7fffc21a8980 READ of size 1 at 0x61400003c8f1 thread T0 #0 0x825f61 in rtFileDownloadRequest::isDataCached() /home/sw/projects/pxscene/pxCore/src/rtFileDownloader.cpp:366 topcoderinc#1 0x665424 in rtFileDownloaderTest::disableCacheTest() /home/sw/projects/pxscene/pxCore/tests/pxScene2d/test_imagecache.cpp:893 topcoderinc#2 0x64dd3b in rtFileDownloaderTest_checkCacheTests_Test::TestBody() /home/sw/projects/pxscene/pxCore/tests/pxScene2d/test_imagecache.cpp:1229 topcoderinc#3 0x7ad278 in void testing::internal::HandleSehExceptionsInMethodIfSupported<testing::Test, void>(testing::Test*, void (testing::Test::*)(), char const*) (/home/sw/projects/pxscene/pxCore/tests/pxScene2d/pxscene2dtests+0x7ad278) topcoderinc#4 0x7a0938 in void testing::internal::HandleExceptionsInMethodIfSupported<testing::Test, void>(testing::Test*, void (testing::Test::*)(), char const*) /home/sw/projects/pxscene/pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:2438 topcoderinc#5 0x75d4cd in testing::Test::Run() /home/sw/projects/pxscene/pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:2474 topcoderinc#6 0x75e7b9 in testing::TestInfo::Run() /home/sw/projects/pxscene/pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:2656 topcoderinc#7 0x75f332 in testing::TestCase::Run() /home/sw/projects/pxscene/pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:2774 topcoderinc#8 0x76fed0 in testing::internal::UnitTestImpl::RunAllTests() /home/sw/projects/pxscene/pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:4649 topcoderinc#9 0x7afcb7 in bool testing::internal::HandleSehExceptionsInMethodIfSupported<testing::internal::UnitTestImpl, bool>(testing::internal::UnitTestImpl*, bool (testing::internal::UnitTestImpl::*)(), char const*) /home/sw/projects/pxscene/pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:2402 topcoderinc#10 0x7a2a97 in bool testing::internal::HandleExceptionsInMethodIfSupported<testing::internal::UnitTestImpl, bool>(testing::internal::UnitTestImpl*, bool (testing::internal::UnitTestImpl::*)(), char const*) (/home/sw/projects/pxscene/pxCore/tests/pxScene2d/pxscene2dtests+0x7a2a97) topcoderinc#11 0x76d0d9 in testing::UnitTest::Run() /home/sw/projects/pxscene/pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:4257 topcoderinc#12 0x5299db in RUN_ALL_TESTS() (/home/sw/projects/pxscene/pxCore/tests/pxScene2d/pxscene2dtests+0x5299db) topcoderinc#13 0x5295c7 in main /home/sw/projects/pxscene/pxCore/tests/pxScene2d/pxscene2dtestsmain.cpp:101 topcoderinc#14 0x7f1b7c57f009 in __libc_start_main (/lib64/libc.so.6+0x21009) topcoderinc#15 0x5293c9 in _start (/home/sw/projects/pxscene/pxCore/tests/pxScene2d/pxscene2dtests+0x5293c9) 0x61400003c8f1 is located 177 bytes inside of 448-byte region [0x61400003c840,0x61400003ca00) freed by thread T0 here: #0 0x7f1b8234efd0 in operator delete(void*) (/lib64/libasan.so.4+0xe0fd0) topcoderinc#1 0x8272ca in rtFileDownloader::downloadFile(rtFileDownloadRequest*) /home/sw/projects/pxscene/pxCore/src/rtFileDownloader.cpp:630 topcoderinc#2 0x665415 in rtFileDownloaderTest::disableCacheTest() /home/sw/projects/pxscene/pxCore/tests/pxScene2d/test_imagecache.cpp:892 topcoderinc#3 0x64dd3b in rtFileDownloaderTest_checkCacheTests_Test::TestBody() /home/sw/projects/pxscene/pxCore/tests/pxScene2d/test_imagecache.cpp:1229 topcoderinc#4 0x7ad278 in void testing::internal::HandleSehExceptionsInMethodIfSupported<testing::Test, void>(testing::Test*, void (testing::Test::*)(), char const*) (/home/sw/projects/pxscene/pxCore/tests/pxScene2d/pxscene2dtests+0x7ad278) topcoderinc#5 0x7a0938 in void testing::internal::HandleExceptionsInMethodIfSupported<testing::Test, void>(testing::Test*, void (testing::Test::*)(), char const*) /home/sw/projects/pxscene/pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:2438 topcoderinc#6 0x75d4cd in testing::Test::Run() /home/sw/projects/pxscene/pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:2474 topcoderinc#7 0x75e7b9 in testing::TestInfo::Run() /home/sw/projects/pxscene/pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:2656 topcoderinc#8 0x75f332 in testing::TestCase::Run() /home/sw/projects/pxscene/pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:2774 topcoderinc#9 0x76fed0 in testing::internal::UnitTestImpl::RunAllTests() /home/sw/projects/pxscene/pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:4649 topcoderinc#10 0x7afcb7 in bool testing::internal::HandleSehExceptionsInMethodIfSupported<testing::internal::UnitTestImpl, bool>(testing::internal::UnitTestImpl*, bool (testing::internal::UnitTestImpl::*)(), char const*) /home/sw/projects/pxscene/pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:2402 topcoderinc#11 0x7a2a97 in bool testing::internal::HandleExceptionsInMethodIfSupported<testing::internal::UnitTestImpl, bool>(testing::internal::UnitTestImpl*, bool (testing::internal::UnitTestImpl::*)(), char const*) (/home/sw/projects/pxscene/pxCore/tests/pxScene2d/pxscene2dtests+0x7a2a97) topcoderinc#12 0x76d0d9 in testing::UnitTest::Run() /home/sw/projects/pxscene/pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:4257 topcoderinc#13 0x5299db in RUN_ALL_TESTS() (/home/sw/projects/pxscene/pxCore/tests/pxScene2d/pxscene2dtests+0x5299db) topcoderinc#14 0x5295c7 in main /home/sw/projects/pxscene/pxCore/tests/pxScene2d/pxscene2dtestsmain.cpp:101 topcoderinc#15 0x7f1b7c57f009 in __libc_start_main (/lib64/libc.so.6+0x21009) previously allocated by thread T0 here: #0 0x7f1b8234e158 in operator new(unsigned long) (/lib64/libasan.so.4+0xe0158) topcoderinc#1 0x6653b0 in rtFileDownloaderTest::disableCacheTest() /home/sw/projects/pxscene/pxCore/tests/pxScene2d/test_imagecache.cpp:889 topcoderinc#2 0x64dd3b in rtFileDownloaderTest_checkCacheTests_Test::TestBody() /home/sw/projects/pxscene/pxCore/tests/pxScene2d/test_imagecache.cpp:1229 topcoderinc#3 0x7ad278 in void testing::internal::HandleSehExceptionsInMethodIfSupported<testing::Test, void>(testing::Test*, void (testing::Test::*)(), char const*) (/home/sw/projects/pxscene/pxCore/tests/pxScene2d/pxscene2dtests+0x7ad278) topcoderinc#4 0x7a0938 in void testing::internal::HandleExceptionsInMethodIfSupported<testing::Test, void>(testing::Test*, void (testing::Test::*)(), char const*) /home/sw/projects/pxscene/pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:2438 topcoderinc#5 0x75d4cd in testing::Test::Run() /home/sw/projects/pxscene/pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:2474 topcoderinc#6 0x75e7b9 in testing::TestInfo::Run() /home/sw/projects/pxscene/pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:2656 topcoderinc#7 0x75f332 in testing::TestCase::Run() /home/sw/projects/pxscene/pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:2774 topcoderinc#8 0x76fed0 in testing::internal::UnitTestImpl::RunAllTests() /home/sw/projects/pxscene/pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:4649 topcoderinc#9 0x7afcb7 in bool testing::internal::HandleSehExceptionsInMethodIfSupported<testing::internal::UnitTestImpl, bool>(testing::internal::UnitTestImpl*, bool (testing::internal::UnitTestImpl::*)(), char const*) /home/sw/projects/pxscene/pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:2402 topcoderinc#10 0x7a2a97 in bool testing::internal::HandleExceptionsInMethodIfSupported<testing::internal::UnitTestImpl, bool>(testing::internal::UnitTestImpl*, bool (testing::internal::UnitTestImpl::*)(), char const*) (/home/sw/projects/pxscene/pxCore/tests/pxScene2d/pxscene2dtests+0x7a2a97) topcoderinc#11 0x76d0d9 in testing::UnitTest::Run() /home/sw/projects/pxscene/pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:4257 topcoderinc#12 0x5299db in RUN_ALL_TESTS() (/home/sw/projects/pxscene/pxCore/tests/pxScene2d/pxscene2dtests+0x5299db) topcoderinc#13 0x5295c7 in main /home/sw/projects/pxscene/pxCore/tests/pxScene2d/pxscene2dtestsmain.cpp:101 topcoderinc#14 0x7f1b7c57f009 in __libc_start_main (/lib64/libc.so.6+0x21009) SUMMARY: AddressSanitizer: heap-use-after-free /home/sw/projects/pxscene/pxCore/src/rtFileDownloader.cpp:366 in rtFileDownloadRequest::isDataCached() Shadow bytes around the buggy address: 0x0c287ffff8c0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0c287ffff8d0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0c287ffff8e0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0c287ffff8f0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0c287ffff900: fa fa fa fa fa fa fa fa fd fd fd fd fd fd fd fd =>0x0c287ffff910: fd fd fd fd fd fd fd fd fd fd fd fd fd fd[fd]fd 0x0c287ffff920: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd 0x0c287ffff930: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd 0x0c287ffff940: fa fa fa fa fa fa fa fa fd fd fd fd fd fd fd fd 0x0c287ffff950: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd 0x0c287ffff960: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd Shadow byte legend (one shadow byte represents 8 application bytes): Addressable: 00 Partially addressable: 01 02 03 04 05 06 07 Heap left redzone: fa Freed heap region: fd Stack left redzone: f1 Stack mid redzone: f2 Stack right redzone: f3 Stack after return: f5 Stack use after scope: f8 Global redzone: f9 Global init order: f6 Poisoned by user: f7 Container overflow: fc Array cookie: ac Intra object redzone: bb ASan internal: fe Left alloca redzone: ca Right alloca redzone: cb ==21739==ABORTING
jiangliwu
pushed a commit
to jiangliwu/pxCore
that referenced
this issue
Feb 28, 2018
This fixes the following crash: Thread 3 "pxscene2dtests" received signal SIGSEGV, Segmentation fault. [Switching to Thread 0x7f0703aff700 (LWP 6252)] 0x00007f070eea114c in __tsan_func_entry () from /lib64/libtsan.so.0 (gdb) bt #0 0x00007f070eea114c in __tsan_func_entry () from /lib64/libtsan.so.0 topcoderinc#1 0x00000000005af843 in realloc (ptr=0x0, size=32) at pxCore/tests/pxScene2d/test_imagecache.cpp:43 topcoderinc#2 0x00007f070a988645 in pthread_getattr_np (thread_id=<optimized out>, attr=<optimized out>) at pthread_getattr_np.c:176 topcoderinc#3 0x00007f070eeba185 in __sanitizer::GetThreadStackTopAndBottom(bool, unsigned long*, unsigned long*) () from /lib64/libtsan.so.0 topcoderinc#4 0x00007f070eeba617 in __sanitizer::GetThreadStackAndTls(bool, unsigned long*, unsigned long*, unsigned long*, unsigned long*) () from /lib64/libtsan.so.0 topcoderinc#5 0x00007f070eea8be6 in __tsan::ThreadStart(__tsan::ThreadState*, int, unsigned long) () from /lib64/libtsan.so.0 topcoderinc#6 0x00007f070ee4b7d6 in __tsan_thread_start_func () from /lib64/libtsan.so.0 topcoderinc#7 0x00007f070a98661b in start_thread (arg=0x7f0703aff700) at pthread_create.c:465 topcoderinc#8 0x00007f07092db98f in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95
jiangliwu
pushed a commit
to jiangliwu/pxCore
that referenced
this issue
Feb 28, 2018
…onNullTest() (pxscene#897) Fixes the following heap-use-after-free crash: ==5418==ERROR: AddressSanitizer: heap-use-after-free on address 0x6140000794f1 at pc 0x000000825a0a bp 0x7fff539d2fb0 sp 0x7fff539d2fa0 READ of size 1 at 0x6140000794f1 thread T0 #0 0x825a09 in rtFileDownloadRequest::isDataCached() pxCore/src/rtFileDownloader.cpp:366 topcoderinc#1 0x6680e5 in rtFileDownloaderTest::setDefaultCallbackFunctionNullTest() pxCore/tests/pxScene2d/test_imagecache.cpp:985 topcoderinc#2 0x64ddef in rtFileDownloaderTest_checkCacheTests_Test::TestBody() pxCore/tests/pxScene2d/test_imagecache.cpp:1250 topcoderinc#3 0x7acd20 in void testing::internal::HandleSehExceptionsInMethodIfSupported<testing::Test, void>(testing::Test*, void (testing::Test::*)(), char const*) (pxCore/tests/pxScene2d/pxscene2dtests+0x7acd20) topcoderinc#4 0x7a03e0 in void testing::internal::HandleExceptionsInMethodIfSupported<testing::Test, void>(testing::Test*, void (testing::Test::*)(), char const*) pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:2438 topcoderinc#5 0x75cf75 in testing::Test::Run() pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:2474 topcoderinc#6 0x75e261 in testing::TestInfo::Run() pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:2656 topcoderinc#7 0x75edda in testing::TestCase::Run() pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:2774 topcoderinc#8 0x76f978 in testing::internal::UnitTestImpl::RunAllTests() pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:4649 topcoderinc#9 0x7af75f in bool testing::internal::HandleSehExceptionsInMethodIfSupported<testing::internal::UnitTestImpl, bool>(testing::internal::UnitTestImpl*, bool (testing::internal::UnitTestImpl::*)(), char const*) pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:2402 topcoderinc#10 0x7a253f in bool testing::internal::HandleExceptionsInMethodIfSupported<testing::internal::UnitTestImpl, bool>(testing::internal::UnitTestImpl*, bool (testing::internal::UnitTestImpl::*)(), char const*) (pxCore/tests/pxScene2d/pxscene2dtests+0x7a253f) topcoderinc#11 0x76cb81 in testing::UnitTest::Run() pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:4257 topcoderinc#12 0x5299db in RUN_ALL_TESTS() (pxCore/tests/pxScene2d/pxscene2dtests+0x5299db) topcoderinc#13 0x5295c7 in main pxCore/tests/pxScene2d/pxscene2dtestsmain.cpp:101 topcoderinc#14 0x7f7b361a7009 in __libc_start_main (/lib64/libc.so.6+0x21009) topcoderinc#15 0x5293c9 in _start (pxCore/tests/pxScene2d/pxscene2dtests+0x5293c9) 0x6140000794f1 is located 177 bytes inside of 448-byte region [0x614000079440,0x614000079600) freed by thread T0 here: #0 0x7f7b3bf76fd0 in operator delete(void*) (/lib64/libasan.so.4+0xe0fd0) topcoderinc#1 0x826d72 in rtFileDownloader::downloadFile(rtFileDownloadRequest*) pxCore/src/rtFileDownloader.cpp:630 topcoderinc#2 0x6680d6 in rtFileDownloaderTest::setDefaultCallbackFunctionNullTest() pxCore/tests/pxScene2d/test_imagecache.cpp:984 topcoderinc#3 0x64ddef in rtFileDownloaderTest_checkCacheTests_Test::TestBody() pxCore/tests/pxScene2d/test_imagecache.cpp:1250 topcoderinc#4 0x7acd20 in void testing::internal::HandleSehExceptionsInMethodIfSupported<testing::Test, void>(testing::Test*, void (testing::Test::*)(), char const*) (pxCore/tests/pxScene2d/pxscene2dtests+0x7acd20) topcoderinc#5 0x7a03e0 in void testing::internal::HandleExceptionsInMethodIfSupported<testing::Test, void>(testing::Test*, void (testing::Test::*)(), char const*) pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:2438 topcoderinc#6 0x75cf75 in testing::Test::Run() pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:2474 topcoderinc#7 0x75e261 in testing::TestInfo::Run() pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:2656 topcoderinc#8 0x75edda in testing::TestCase::Run() pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:2774 topcoderinc#9 0x76f978 in testing::internal::UnitTestImpl::RunAllTests() pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:4649 topcoderinc#10 0x7af75f in bool testing::internal::HandleSehExceptionsInMethodIfSupported<testing::internal::UnitTestImpl, bool>(testing::internal::UnitTestImpl*, bool (testing::internal::UnitTestImpl::*)(), char const*) pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:2402 topcoderinc#11 0x7a253f in bool testing::internal::HandleExceptionsInMethodIfSupported<testing::internal::UnitTestImpl, bool>(testing::internal::UnitTestImpl*, bool (testing::internal::UnitTestImpl::*)(), char const*) (pxCore/tests/pxScene2d/pxscene2dtests+0x7a253f) topcoderinc#12 0x76cb81 in testing::UnitTest::Run() pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:4257 topcoderinc#13 0x5299db in RUN_ALL_TESTS() (pxCore/tests/pxScene2d/pxscene2dtests+0x5299db) topcoderinc#14 0x5295c7 in main pxCore/tests/pxScene2d/pxscene2dtestsmain.cpp:101 topcoderinc#15 0x7f7b361a7009 in __libc_start_main (/lib64/libc.so.6+0x21009) previously allocated by thread T0 here: #0 0x7f7b3bf76158 in operator new(unsigned long) (/lib64/libasan.so.4+0xe0158) topcoderinc#1 0x668073 in rtFileDownloaderTest::setDefaultCallbackFunctionNullTest() pxCore/tests/pxScene2d/test_imagecache.cpp:981 topcoderinc#2 0x64ddef in rtFileDownloaderTest_checkCacheTests_Test::TestBody() pxCore/tests/pxScene2d/test_imagecache.cpp:1250 topcoderinc#3 0x7acd20 in void testing::internal::HandleSehExceptionsInMethodIfSupported<testing::Test, void>(testing::Test*, void (testing::Test::*)(), char const*) (pxCore/tests/pxScene2d/pxscene2dtests+0x7acd20) topcoderinc#4 0x7a03e0 in void testing::internal::HandleExceptionsInMethodIfSupported<testing::Test, void>(testing::Test*, void (testing::Test::*)(), char const*) pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:2438 topcoderinc#5 0x75cf75 in testing::Test::Run() pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:2474 topcoderinc#6 0x75e261 in testing::TestInfo::Run() pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:2656 topcoderinc#7 0x75edda in testing::TestCase::Run() pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:2774 topcoderinc#8 0x76f978 in testing::internal::UnitTestImpl::RunAllTests() pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:4649 topcoderinc#9 0x7af75f in bool testing::internal::HandleSehExceptionsInMethodIfSupported<testing::internal::UnitTestImpl, bool>(testing::internal::UnitTestImpl*, bool (testing::internal::UnitTestImpl::*)(), char const*) pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:2402 topcoderinc#10 0x7a253f in bool testing::internal::HandleExceptionsInMethodIfSupported<testing::internal::UnitTestImpl, bool>(testing::internal::UnitTestImpl*, bool (testing::internal::UnitTestImpl::*)(), char const*) (pxCore/tests/pxScene2d/pxscene2dtests+0x7a253f) topcoderinc#11 0x76cb81 in testing::UnitTest::Run() pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:4257 topcoderinc#12 0x5299db in RUN_ALL_TESTS() (pxCore/tests/pxScene2d/pxscene2dtests+0x5299db) topcoderinc#13 0x5295c7 in main pxCore/tests/pxScene2d/pxscene2dtestsmain.cpp:101 topcoderinc#14 0x7f7b361a7009 in __libc_start_main (/lib64/libc.so.6+0x21009) SUMMARY: AddressSanitizer: heap-use-after-free pxCore/src/rtFileDownloader.cpp:366 in rtFileDownloadRequest::isDataCached() Shadow bytes around the buggy address: 0x0c2880007240: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0c2880007250: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0c2880007260: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0c2880007270: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0c2880007280: fa fa fa fa fa fa fa fa fd fd fd fd fd fd fd fd =>0x0c2880007290: fd fd fd fd fd fd fd fd fd fd fd fd fd fd[fd]fd 0x0c28800072a0: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd 0x0c28800072b0: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd 0x0c28800072c0: fa fa fa fa fa fa fa fa fd fd fd fd fd fd fd fd 0x0c28800072d0: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd 0x0c28800072e0: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd Shadow byte legend (one shadow byte represents 8 application bytes): Addressable: 00 Partially addressable: 01 02 03 04 05 06 07 Heap left redzone: fa Freed heap region: fd Stack left redzone: f1 Stack mid redzone: f2 Stack right redzone: f3 Stack after return: f5 Stack use after scope: f8 Global redzone: f9 Global init order: f6 Poisoned by user: f7 Container overflow: fc Array cookie: ac Intra object redzone: bb ASan internal: fe Left alloca redzone: ca^[[1m Right alloca redzone: cb ==5418==ABORTING
jiangliwu
pushed a commit
to jiangliwu/pxCore
that referenced
this issue
Feb 28, 2018
Backtrace before (note that it causes stack-overflow): (gdb) bt #0 sincosf (x=-6.16183472, s=s@entry=0x7fffd382066c, c=c@entry=0x7fffd3820668) at pxCore/src/pxMatrix4T.cpp:28 topcoderinc#1 0x00000000004d0a5b in sincosf (x=<optimized out>, s=s@entry=0x7fffd382069c, c=c@entry=0x7fffd3820698) at pxCore/src/pxMatrix4T.cpp:28 topcoderinc#2 0x00000000004d0a5b in sincosf (x=<optimized out>, s=s@entry=0x7fffd38206cc, c=c@entry=0x7fffd38206c8) at pxCore/src/pxMatrix4T.cpp:28 topcoderinc#3 0x00000000004d0a5b in sincosf (x=<optimized out>, s=s@entry=0x7fffd38206fc, c=c@entry=0x7fffd38206f8) at pxCore/src/pxMatrix4T.cpp:28 topcoderinc#4 0x00000000004d0a5b in sincosf (x=<optimized out>, s=s@entry=0x7fffd382072c, c=c@entry=0x7fffd3820728) at pxCore/src/pxMatrix4T.cpp:28 topcoderinc#5 0x00000000004d0a5b in sincosf (x=<optimized out>, s=s@entry=0x7fffd382075c, c=c@entry=0x7fffd3820758) at pxCore/src/pxMatrix4T.cpp:28 topcoderinc#6 0x00000000004d0a5b in sincosf (x=<optimized out>, s=s@entry=0x7fffd382078c, c=c@entry=0x7fffd3820788) at pxCore/src/pxMatrix4T.cpp:28 topcoderinc#7 0x00000000004d0a5b in sincosf (x=<optimized out>, s=s@entry=0x7fffd38207bc, c=c@entry=0x7fffd38207b8) at pxCore/src/pxMatrix4T.cpp:28 topcoderinc#8 0x00000000004d0a5b in sincosf (x=<optimized out>, s=s@entry=0x7fffd38207ec, c=c@entry=0x7fffd38207e8) at pxCore/src/pxMatrix4T.cpp:28 topcoderinc#9 0x00000000004d0a5b in sincosf (x=<optimized out>, s=s@entry=0x7fffd382081c, c=c@entry=0x7fffd3820818) at pxCore/src/pxMatrix4T.cpp:28 topcoderinc#10 0x00000000004d0a5b in sincosf (x=<optimized out>, s=s@entry=0x7fffd382084c, c=c@entry=0x7fffd3820848) at pxCore/src/pxMatrix4T.cpp:28 topcoderinc#11 0x00000000004d0a5b in sincosf (x=<optimized out>, s=s@entry=0x7fffd382087c, c=c@entry=0x7fffd3820878) at pxCore/src/pxMatrix4T.cpp:28 topcoderinc#12 0x00000000004d0a5b in sincosf (x=<optimized out>, s=s@entry=0x7fffd38208ac, c=c@entry=0x7fffd38208a8) at pxCore/src/pxMatrix4T.cpp:28 topcoderinc#13 0x00000000004d0a5b in sincosf (x=<optimized out>, s=s@entry=0x7fffd38208dc, c=c@entry=0x7fffd38208d8) at pxCore/src/pxMatrix4T.cpp:28 topcoderinc#14 0x00000000004d0a5b in sincosf (x=<optimized out>, s=s@entry=0x7fffd382090c, c=c@entry=0x7fffd3820908) at pxCore/src/pxMatrix4T.cpp:28 topcoderinc#15 0x00000000004d0a5b in sincosf (x=<optimized out>, s=s@entry=0x7fffd382094c, c=c@entry=0x7fffd3820948) at pxCore/src/pxMatrix4T.cpp:28 topcoderinc#16 0x00000000004614bc in pxMatrix4T<float>::rotateInRadians (z=1, y=0, x=0, angle=<optimized out>, this=0x7fffd3820a30) at pxCore/examples/pxScene2d/src/../../../ src/pxMatrix4T.h:209 topcoderinc#17 pxMatrix4T<float>::rotateInDegrees (z=1, y=0, x=0, angle=<optimized out>, this=0x7fffd3820a30) at pxCore/examples/pxScene2d/src/../../../src/pxMatrix4T.h:180 topcoderinc#18 pxObject::applyMatrix (this=0x1d3ab80, m=...) at pxCore/examples/pxScene2d/src/pxScene2d.h:499 topcoderinc#19 0x000000000048b9e1 in pxObject::drawInternal (this=0x1d3ab80, maskPass=maskPass@entry=false) at pxCore/examples/pxScene2d/src/pxScene2d.cpp:1253 topcoderinc#20 0x000000000048bf02 in pxObject::drawInternal (this=0x1cdc790, maskPass=<optimized out>) at pxCore/examples/pxScene2d/src/pxScene2d.cpp:1374 topcoderinc#21 0x000000000048c9d8 in non-virtual thunk to pxScene2d::onDraw() () at pxCore/examples/pxScene2d/src/pxScene2d.cpp:2225 topcoderinc#22 0x000000000048bad6 in pxObject::drawInternal (this=0x1d0ed70, maskPass=maskPass@entry=false) at pxCore/examples/pxScene2d/src/pxScene2d.cpp:1362 topcoderinc#23 0x000000000048bf02 in pxObject::drawInternal (this=0x1cdc280, maskPass=<optimized out>) at pxCore/examples/pxScene2d/src/pxScene2d.cpp:1374 topcoderinc#24 0x000000000048c9d8 in non-virtual thunk to pxScene2d::onDraw() () at pxCore/examples/pxScene2d/src/pxScene2d.cpp:2225 topcoderinc#25 0x000000000048bad6 in pxObject::drawInternal (this=0x1c620b0, maskPass=maskPass@entry=false) at pxCore/examples/pxScene2d/src/pxScene2d.cpp:1362 topcoderinc#26 0x000000000048bf02 in pxObject::drawInternal (this=0x1786380, maskPass=<optimized out>) at pxCore/examples/pxScene2d/src/pxScene2d.cpp:1374 topcoderinc#27 0x000000000048c9d8 in non-virtual thunk to pxScene2d::onDraw() () at pxCore/examples/pxScene2d/src/pxScene2d.cpp:2225 topcoderinc#28 0x00000000004b11e1 in pxWindowNative::drawFrame (this=<optimized out>) at pxCore/src/glut/pxWindowNative.cpp:823 topcoderinc#29 0x0000000000486df4 in pxScene2d::onUpdate (this=0x1786190, t=1519218877) at pxCore/examples/pxScene2d/src/pxScene2d.cpp:2289 topcoderinc#30 0x00000000004affb8 in sceneWindow::onAnimationTimer (this=<optimized out>) at pxCore/examples/pxScene2d/src/pxScene.cpp:370 topcoderinc#31 0x00000000004b063a in pxWindowNative::onGlutTimer (v=<optimized out>) at pxCore/src/glut/pxWindowNative.cpp:310 topcoderinc#32 0x00007fba9acf92e3 in fghCheckTimers () at /usr/src/debug/freeglut-3.0.0-6.fc27.x86_64/src/fg_main.c:236 topcoderinc#33 glutMainLoopEvent () at /usr/src/debug/freeglut-3.0.0-6.fc27.x86_64/src/fg_main.c:452 topcoderinc#34 0x00007fba9acf93d4 in glutMainLoop () at /usr/src/debug/freeglut-3.0.0-6.fc27.x86_64/src/fg_main.c:489 topcoderinc#35 0x00000000004afb98 in pxMain (argc=<optimized out>, argv=0x7fffd3821458) at pxCore/examples/pxScene2d/src/pxScene.cpp:623 topcoderinc#36 0x00007fba9a02200a in __libc_start_main (main=0x45b150 <main(int, char**)>, argc=2, argv=0x7fffd3821458, init=<optimized out>, fini=<optimized out>, rtld_fini=<optimized out>, stack_end=0x7fffd3821448) at ../csu/libc-start.c:308 topcoderinc#37 0x000000000045b90a in _start () Backtrace after (x86_64 platform): (gdb) bt #0 sincosf () at ../sysdeps/x86_64/fpu/s_sincosf.S:77 <-- built-in version topcoderinc#1 0x000000000046150c in pxMatrix4T<float>::rotateInRadians (z=1, y=0, x=0, angle=<optimized out>, this=0x7ffe4b7e1ff0) at pxCore/examples/pxScene2d/src/../../../ src/pxMatrix4T.h:209 topcoderinc#2 pxMatrix4T<float>::rotateInDegrees (z=1, y=0, x=0, angle=<optimized out>, this=0x7ffe4b7e1ff0) at pxCore/examples/pxScene2d/src/../../../src/pxMatrix4T.h:180 topcoderinc#3 pxObject::applyMatrix (this=0x340f610, m=...) at pxCore/examples/pxScene2d/src/pxScene2d.h:499 topcoderinc#4 0x000000000048ba31 in pxObject::drawInternal (this=0x340f610, maskPass=maskPass@entry=false) at pxCore/examples/pxScene2d/src/pxScene2d.cpp:1253 topcoderinc#5 0x000000000048bf52 in pxObject::drawInternal (this=0x3458940, maskPass=maskPass@entry=false) at pxCore/examples/pxScene2d/src/pxScene2d.cpp:1374 topcoderinc#6 0x000000000048bf52 in pxObject::drawInternal (this=0x33b5c30, maskPass=<optimized out>) at pxCore/examples/pxScene2d/src/pxScene2d.cpp:1374 topcoderinc#7 0x000000000048ca28 in non-virtual thunk to pxScene2d::onDraw() () at pxCore/examples/pxScene2d/src/pxScene2d.cpp:2225 topcoderinc#8 0x000000000048c5f7 in pxObject::createSnapshot (this=this@entry=0x34a92f0, fbo=..., separateContext=separateContext@entry=false, antiAliasing=antiAliasing@entry=false) at pxCore/examples/pxScene2d/src/pxScene2d.cpp:1556 topcoderinc#9 0x000000000048bdb3 in pxObject::drawInternal (this=0x34a92f0, maskPass=maskPass@entry=false) at pxCore/examples/pxScene2d/src/pxScene2d.cpp:1343 topcoderinc#10 0x000000000048bf52 in pxObject::drawInternal (this=0x3484670, maskPass=maskPass@entry=false) at pxCore/examples/pxScene2d/src/pxScene2d.cpp:1374 topcoderinc#11 0x000000000048bf52 in pxObject::drawInternal (this=0x33b5ab0, maskPass=<optimized out>) at pxCore/examples/pxScene2d/src/pxScene2d.cpp:1374 topcoderinc#12 0x000000000048ca28 in non-virtual thunk to pxScene2d::onDraw() () at pxCore/examples/pxScene2d/src/pxScene2d.cpp:2225 topcoderinc#13 0x000000000048bb26 in pxObject::drawInternal (this=0x3432b50, maskPass=maskPass@entry=false) at pxCore/examples/pxScene2d/src/pxScene2d.cpp:1362 topcoderinc#14 0x000000000048bf52 in pxObject::drawInternal (this=0x33b51a0, maskPass=<optimized out>) at pxCore/examples/pxScene2d/src/pxScene2d.cpp:1374 topcoderinc#15 0x000000000048ca28 in non-virtual thunk to pxScene2d::onDraw() () at pxCore/examples/pxScene2d/src/pxScene2d.cpp:2225 topcoderinc#16 0x000000000048bb26 in pxObject::drawInternal (this=0x3396d60, maskPass=maskPass@entry=false) at pxCore/examples/pxScene2d/src/pxScene2d.cpp:1362 topcoderinc#17 0x000000000048bf52 in pxObject::drawInternal (this=0x2e444b0, maskPass=<optimized out>) at pxCore/examples/pxScene2d/src/pxScene2d.cpp:1374 topcoderinc#18 0x000000000048ca28 in non-virtual thunk to pxScene2d::onDraw() () at pxCore/examples/pxScene2d/src/pxScene2d.cpp:2225 topcoderinc#19 0x00000000004b1231 in pxWindowNative::drawFrame (this=<optimized out>) at pxCore/src/glut/pxWindowNative.cpp:823 topcoderinc#20 0x0000000000486e44 in pxScene2d::onUpdate (this=0x2e5f7b0, t=1519220497) at pxCore/examples/pxScene2d/src/pxScene2d.cpp:2289 topcoderinc#21 0x00000000004b0008 in sceneWindow::onAnimationTimer (this=<optimized out>) at pxCore/examples/pxScene2d/src/pxScene.cpp:370 topcoderinc#22 0x00000000004b068a in pxWindowNative::onGlutTimer (v=<optimized out>) at pxCore/src/glut/pxWindowNative.cpp:310 topcoderinc#23 0x00007f830a0c72e3 in fghCheckTimers () at /usr/src/debug/freeglut-3.0.0-6.fc27.x86_64/src/fg_main.c:236 topcoderinc#24 glutMainLoopEvent () at /usr/src/debug/freeglut-3.0.0-6.fc27.x86_64/src/fg_main.c:452 topcoderinc#25 0x00007f830a0c73d4 in glutMainLoop () at /usr/src/debug/freeglut-3.0.0-6.fc27.x86_64/src/fg_main.c:489 topcoderinc#26 0x00000000004afbe8 in pxMain (argc=<optimized out>, argv=0x7ffe4b7e2de8) at pxCore/examples/pxScene2d/src/pxScene.cpp:623 topcoderinc#27 0x00007f83093f000a in __libc_start_main (main=0x45b1a0 <main(int, char**)>, argc=2, argv=0x7ffe4b7e2de8, init=<optimized out>, fini=<optimized out>, rtld_fini=<optimized out>, stack_end=0x7ffe4b7e2dd8) at ../csu/libc-start.c:308 topcoderinc#28 0x000000000045b95a in _start ()
jmgasper
pushed a commit
that referenced
this issue
Mar 9, 2018
…scene#898) We had to remove this test: void downloadedDataTest() { rtFileCache::instance()->clearCache(); addDataToCache("http://fileserver/file.jpeg",getHeader(),getBodyData(),fixedData.length()); rtFileDownloadRequest* request = new rtFileDownloadRequest("http://fileserver/file.jpeg",this); expectedStatusCode = 0; expectedCachePresence = true; expectedHttpCode = 200; (1) rtFileDownloader::instance()->downloadFile(request); char *data = new char [1000]; size_t size = 0; memset (data, 0, 1000); (2) request->downloadedData(data, size); //since the data would have been consumed by callback EXPECT_TRUE (size == 0); delete[] data; sem_wait(testSem); } Because it is not possible to invoke (2) after (1) has finished ('request' is being deleted in the end of downloadFile() method). This is where it crashes: ==30599==ERROR: AddressSanitizer: heap-use-after-free on address 0x614000075878 at pc 0x000000825a05 bp 0x7ffe924a7a60 sp 0x7ffe924a7a50 READ of size 8 at 0x614000075878 thread T0 #0 0x825a04 in rtFileDownloadRequest::downloadedData(char*&, unsigned long&) pxCore/src/rtFileDownloader.cpp:265 #1 0x6692e1 in rtFileDownloaderTest::downloadedDataTest() pxCore/tests/pxScene2d/test_imagecache.cpp:1020 #2 0x64ddcb in rtFileDownloaderTest_checkCacheTests_Test::TestBody() pxCore/tests/pxScene2d/test_imagecache.cpp:1245 #3 0x7ad316 in void testing::internal::HandleSehExceptionsInMethodIfSupported<testing::Test, void>(testing::Test*, void (testing::Test::*)(), char const*) (pxCore/tests/pxScene2d/pxscene2dtests+0x7ad316) #4 0x7a09d6 in void testing::internal::HandleExceptionsInMethodIfSupported<testing::Test, void>(testing::Test*, void (testing::Test::*)(), char const*) pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:2438 #5 0x75d56b in testing::Test::Run() pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:2474 #6 0x75e857 in testing::TestInfo::Run() pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:2656 #7 0x75f3d0 in testing::TestCase::Run() pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:2774 #8 0x76ff6e in testing::internal::UnitTestImpl::RunAllTests() pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:4649 #9 0x7afd55 in bool testing::internal::HandleSehExceptionsInMethodIfSupported<testing::internal::UnitTestImpl, bool>(testing::internal::UnitTestImpl*, bool (testing::internal::UnitTestImpl::*)(), char const*) pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:2402 #10 0x7a2b35 in bool testing::internal::HandleExceptionsInMethodIfSupported<testing::internal::UnitTestImpl, bool>(testing::internal::UnitTestImpl*, bool (testing::internal::UnitTestImpl::*)(), char const*) (pxCore/tests/pxScene2d/pxscene2dtests+0x7a2b35) #11 0x76d177 in testing::UnitTest::Run() pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:4257 #12 0x5299db in RUN_ALL_TESTS() (pxCore/tests/pxScene2d/pxscene2dtests+0x5299db) #13 0x5295c7 in main pxCore/tests/pxScene2d/pxscene2dtestsmain.cpp:101 #14 0x7f3562c8d009 in __libc_start_main (/lib64/libc.so.6+0x21009) #15 0x5293c9 in _start (pxCore/tests/pxScene2d/pxscene2dtests+0x5293c9) 0x614000075878 is located 56 bytes inside of 448-byte region [0x614000075840,0x614000075a00) freed by thread T0 here: #0 0x7f3568a5cfd0 in operator delete(void*) (/lib64/libasan.so.4+0xe0fd0) #1 0x827368 in rtFileDownloader::downloadFile(rtFileDownloadRequest*) pxCore/src/rtFileDownloader.cpp:630 #2 0x669241 in rtFileDownloaderTest::downloadedDataTest() pxCore/tests/pxScene2d/test_imagecache.cpp:1016 #3 0x64ddcb in rtFileDownloaderTest_checkCacheTests_Test::TestBody() pxCore/tests/pxScene2d/test_imagecache.cpp:1245 #4 0x7ad316 in void testing::internal::HandleSehExceptionsInMethodIfSupported<testing::Test, void>(testing::Test*, void (testing::Test::*)(), char const*) (pxCore/tests/pxScene2d/pxscene2dtests+0x7ad316) #5 0x7a09d6 in void testing::internal::HandleExceptionsInMethodIfSupported<testing::Test, void>(testing::Test*, void (testing::Test::*)(), char const*) pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:2438 #6 0x75d56b in testing::Test::Run() pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:2474 #7 0x75e857 in testing::TestInfo::Run() pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:2656 #8 0x75f3d0 in testing::TestCase::Run() pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:2774 #9 0x76ff6e in testing::internal::UnitTestImpl::RunAllTests() pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:4649 #10 0x7afd55 in bool testing::internal::HandleSehExceptionsInMethodIfSupported<testing::internal::UnitTestImpl, bool>(testing::internal::UnitTestImpl*, bool (testing::internal::UnitTestImpl::*)(), char const*) pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:2402 #11 0x7a2b35 in bool testing::internal::HandleExceptionsInMethodIfSupported<testing::internal::UnitTestImpl, bool>(testing::internal::UnitTestImpl*, bool (testing::internal::UnitTestImpl::*)(), char const*) (pxCore/tests/pxScene2d/pxscene2dtests+0x7a2b35) #12 0x76d177 in testing::UnitTest::Run() pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:4257 #13 0x5299db in RUN_ALL_TESTS() (pxCore/tests/pxScene2d/pxscene2dtests+0x5299db) #14 0x5295c7 in main pxCore/tests/pxScene2d/pxscene2dtestsmain.cpp:101 #15 0x7f3562c8d009 in __libc_start_main (/lib64/libc.so.6+0x21009) previously allocated by thread T0 here: #0 0x7f3568a5c158 in operator new(unsigned long) (/lib64/libasan.so.4+0xe0158) #1 0x669124 in rtFileDownloaderTest::downloadedDataTest() pxCore/tests/pxScene2d/test_imagecache.cpp:1012 #2 0x64ddcb in rtFileDownloaderTest_checkCacheTests_Test::TestBody() pxCore/tests/pxScene2d/test_imagecache.cpp:1245 #3 0x7ad316 in void testing::internal::HandleSehExceptionsInMethodIfSupported<testing::Test, void>(testing::Test*, void (testing::Test::*)(), char const*) (pxCore/tests/pxScene2d/pxscene2dtests+0x7ad316) #4 0x7a09d6 in void testing::internal::HandleExceptionsInMethodIfSupported<testing::Test, void>(testing::Test*, void (testing::Test::*)(), char const*) pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:2438 #5 0x75d56b in testing::Test::Run() pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:2474 #6 0x75e857 in testing::TestInfo::Run() pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:2656 #7 0x75f3d0 in testing::TestCase::Run() pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:2774 #8 0x76ff6e in testing::internal::UnitTestImpl::RunAllTests() pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:4649 #9 0x7afd55 in bool testing::internal::HandleSehExceptionsInMethodIfSupported<testing::internal::UnitTestImpl, bool>(testing::internal::UnitTestImpl*, bool (testing::internal::UnitTestImpl::*)(), char const*) pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:2402 #10 0x7a2b35 in bool testing::internal::HandleExceptionsInMethodIfSupported<testing::internal::UnitTestImpl, bool>(testing::internal::UnitTestImpl*, bool (testing::internal::UnitTestImpl::*)(), char const*) (pxCore/tests/pxScene2d/pxscene2dtests+0x7a2b35) #11 0x76d177 in testing::UnitTest::Run() pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:4257 #12 0x5299db in RUN_ALL_TESTS() (pxCore/tests/pxScene2d/pxscene2dtests+0x5299db) #13 0x5295c7 in main pxCore/tests/pxScene2d/pxscene2dtestsmain.cpp:101 #14 0x7f3562c8d009 in __libc_start_main (/lib64/libc.so.6+0x21009) SUMMARY: AddressSanitizer: heap-use-after-free pxCore/src/rtFileDownloader.cpp:265 in rtFileDownloadRequest::downloadedData(char*&, unsigned long&) Shadow bytes around the buggy address: 0x0c2880006ab0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0c2880006ac0: fa fa fa fa fa fa fa fa fa fa fa fa ^[1mfa fa fa fa 0x0c2880006ad0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0c2880006ae0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0c2880006af0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa =>0x0c2880006b00: fa fa fa fa fa fa fa fa fd fd fd fd fd fd fd[fd] 0x0c2880006b10: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd 0x0c2880006b20: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd 0x0c2880006b30: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd 0x0c2880006b40: fa fa fa fa fa fa fa fa 00 00 00 00 00 00 00 00 0x0c2880006b50: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Shadow byte legend (one shadow byte represents 8 application bytes): Addressable: 00 Partially addressable: 01 02 03 04 05 06 07 Heap left redzone: fa Freed heap region: fd Stack left redzone: f1 Stack mid redzone: f2 Stack right redzone: f3 Stack after return: f5 Stack use after scope: f8 Global redzone: f9 Global init order: f6 Poisoned by user: f7 Container overflow: fc Array cookie: ac Intra object redzone: bb ASan internal: fe Left alloca redzone: ca Right alloca redzone: cb ==30599==ABORTING
jiangliwu
pushed a commit
to jiangliwu/pxCore
that referenced
this issue
May 10, 2018
Adding parodusclient
jmgasper
pushed a commit
that referenced
this issue
May 16, 2018
…pxscene#1150) Fixes the following stack-buffer-overflow: ==27779==ERROR: AddressSanitizer: stack-buffer-overflow on address 0x7fff59785fa0 at pc 0x7f7b354ffeda bp 0x7fff59785760 sp 0x7fff59784ee8 WRITE of size 17 at 0x7fff59785fa0 thread T0 #0 0x7f7b354ffed9 (/lib64/libasan.so.4+0x62ed9) #1 0x7f7b3550092a in vsscanf (/lib64/libasan.so.4+0x6392a) #2 0x7f7b35500a26 in __interceptor_sscanf (/lib64/libasan.so.4+0x63a26) #3 0x59f20d in pxPath::parsePath(char const*, pxPath*) /home/sw/projects/pxscene/pxCore/examples/pxScene2d/src/rasterizer/pxPath.cpp:591 #4 0x59acf0 in pxPath::setPath(rtString) /home/sw/projects/pxscene/pxCore/examples/pxScene2d/src/rasterizer/pxPath.cpp:201 #5 0x5a3273 in pxPath::setPath_PropSetterThunk(rtValue const&) /home/sw/projects/pxscene/pxCore/examples/pxScene2d/src/rasterizer/pxPath.h:69 #6 0x75c8a5 in rtObject::Set(char const*, rtValue const*) /home/sw/projects/pxscene/pxCore/src/rtObject.cpp:425 #7 0x5ae279 in pxObject::Set(char const*, rtValue const*) /home/sw/projects/pxscene/pxCore/examples/pxScene2d/src/pxScene2d.cpp:683 #8 0x75f4a1 in rtObjectRef::Set(char const*, rtValue const*) /home/sw/projects/pxscene/pxCore/src/rtObject.cpp:589 #9 0x52ab93 in rtObjectBase::set(char const*, rtValue const&) /home/sw/projects/pxscene/pxCore/examples/pxScene2d/src/../../../src/rtObject.h:87 #10 0x75ccc2 in rtObjectBase::set(rtObjectRef) /home/sw/projects/pxscene/pxCore/src/rtObject.cpp:456 #11 0x5bd097 in pxScene2d::createPath(rtObjectRef, rtObjectRef&) /home/sw/projects/pxscene/pxCore/examples/pxScene2d/src/pxScene2d.cpp:2124 #12 0x5bb0eb in pxScene2d::create(rtObjectRef, rtObjectRef&) /home/sw/projects/pxscene/pxCore/examples/pxScene2d/src/pxScene2d.cpp:2010 #13 0x5f2c27 in pxScene2d::create_thunk(int, rtValue const*, rtValue&) (/home/sw/projects/pxscene/pxCore/examples/pxScene2d/src/pxscene+0x5f2c27) #14 0x75f79f in rtObjectFunction::Send(int, rtValue const*, rtValue*) /home/sw/projects/pxscene/pxCore/src/rtObject.cpp:605 #15 0x6eadc7 in rtScriptNodeUtils::rtFunctionWrapper::call(v8::FunctionCallbackInfo<v8::Value> const&) /home/sw/projects/pxscene/pxCore/src/rtScriptNode/rtFunctionWrapper.cpp:245 #16 0x7f7b34158321 in v8::internal::FunctionCallbackArguments::Call(void (*)(v8::FunctionCallbackInfo<v8::Value> const&)) (/lib64/libnode8-shared.so.57+0x6af321) #17 0x7f7b341c25a5 (/lib64/libnode8-shared.so.57+0x7195a5) #18 0x7f7b008042fc (<unknown module>) Address 0x7fff59785fa0 is located in stack of thread T0 at offset 1616 in frame #0 0x59ad69 in pxPath::parsePath(char const*, pxPath*) /home/sw/projects/pxscene/pxCore/examples/pxScene2d/src/rasterizer/pxPath.cpp:219 This frame has 25 object(s): [32, 36) 'x0' [96, 100) 'y0' [160, 164) 'x1' [224, 228) 'y1' [288, 292) 'x2' [352, 356) 'y2' [416, 420) 'rx' [480, 484) 'ry' [544, 548) 'w' [608, 612) 'h' [672, 676) 'xrot' [736, 740) 'r' [800, 804) 'n' [864, 868) 'lflag' [928, 932) 'sflag' [992, 996) 'pt' [1056, 1064) 'it' [1120, 1128) '<unknown>' [1184, 1192) 'end' [1248, 1256) '<unknown>' [1312, 1336) 'points' [1376, 1424) 'c' [1472, 1496) 'ans' [1536, 1538) 'op' [1600, 1616) 'poly_str' <== Memory access at offset 1616 overflows this variable HINT: this may be a false positive if your program uses some custom stack unwind mechanism or swapcontext (longjmp and C++ exceptions *are* supported) SUMMARY: AddressSanitizer: stack-buffer-overflow (/lib64/libasan.so.4+0x62ed9) Shadow bytes around the buggy address: 0x10006b2e8ba0: f2 f2 f2 f2 f2 f2 04 f2 f2 f2 f2 f2 f2 f2 00 f2 0x10006b2e8bb0: f2 f2 f2 f2 f2 f2 00 f2 f2 f2 f2 f2 f2 f2 00 f2 0x10006b2e8bc0: f2 f2 f2 f2 f2 f2 00 f2 f2 f2 f2 f2 f2 f2 00 00 0x10006b2e8bd0: 00 f2 f2 f2 f2 f2 00 00 00 00 00 00 f2 f2 f2 f2 0x10006b2e8be0: f2 f2 00 00 00 f2 f2 f2 f2 f2 02 f2 f2 f2 f2 f2 =>0x10006b2e8bf0: f2 f2 00 00[f2]f2 00 00 00 00 00 00 00 00 00 00 0x10006b2e8c00: 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 f1 00 f2 0x10006b2e8c10: f2 f2 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x10006b2e8c20: 00 00 00 00 00 00 f1 f1 f1 f1 00 00 f2 f2 00 00 0x10006b2e8c30: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x10006b2e8c40: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Shadow byte legend (one shadow byte represents 8 application bytes): Addressable: 00 Partially addressable: 01 02 03 04 05 06 07 Heap left redzone: fa Freed heap region: fd Stack left redzone: f1 Stack mid redzone: f2 Stack right redzone: f3 Stack after return: f5 Stack use after scope: f8 Global redzone: f9 Global init order: f6 Poisoned by user: f7 Container overflow: fc Array cookie: ac Intra object redzone: bb ASan internal: fe Left alloca redzone: ca Right alloca redzone: cb ==27779==ABORTING
jmgasper
pushed a commit
that referenced
this issue
May 16, 2018
fixes the crash when tracing controller wasn't initialized: Thread 1 "pxscene" received signal SIGSEGV, Segmentation fault. 0x00007fc0537acb76 in node::GetCategoryGroupEnabled (category_group=0x7b080000cba0 "node.async_hooks") at ../src/node_trace_events.cc:22 (gdb) bt #0 0x00007fc0537acb76 in node::GetCategoryGroupEnabled (category_group=0x7b080000cba0 "node.async_hooks") at ../src/node_trace_events.cc:22 #1 0x00007fc0537acf33 in node::CategoryGroupEnabled (args=...) at ../src/node_trace_events.cc:131 #2 0x00007fc053924322 in v8::internal::FunctionCallbackArguments::Call (this=this@entry=0x7ffcdfdbeb70, f=f@entry=0x7fc0537acef0 <node::CategoryGroupEnabled(v8::FunctionCallbackInfo<v8::Value> const&)>) at ../deps/v8/src/api-arguments.cc:25 #3 0x00007fc05398dfb6 in v8::internal::(anonymous namespace)::HandleApiCallHelper<false> (isolate=isolate@entry=0x7ba800000000, function=..., function@entry=..., new_target=..., new_target@entry=..., fun_data=..., receiver=..., receiver@entry=..., args=...) at ../deps/v8/src/builtins/builtins-api.cc:112 #4 0x00007fc05398e7be in v8::internal::Builtin_Impl_HandleApiCall (args=..., isolate=0x7ba800000000) at ../deps/v8/src/builtins/builtins-api.cc:142 #5 0x00007fc021c842fd in ?? ()
jmgasper
pushed a commit
that referenced
this issue
Jun 14, 2018
Fixes the following crash (also observed on Broadcom Nexus implementation): ASAN:DEADLYSIGNAL ================================================================= ==31533==ERROR: AddressSanitizer: SEGV on unknown address 0x7febe91f7148 (pc 0x7febe91f972c bp 0x7ffd07589280 sp 0x7ffd07589248 T0) ==31533==The signal is caused by a WRITE memory access. #0 0x7febe91f972b in wl_egl_window_resize (/lib64/libwayland-egl.so.1+0x72b) #1 0x66c9d4 in shell_surface_configure src/wayland_egl/pxWindowNative.cpp:295 #2 0x7febe3f0ed1d in ffi_call_unix64 (/lib64/libffi.so.6+0x5d1d) #3 0x7febe3f0e68e in ffi_call (/lib64/libffi.so.6+0x568e) #4 0x7febe8ff2d8a (/lib64/libwayland-client.so.0+0x8d8a) #5 0x7febe8fef927 (/lib64/libwayland-client.so.0+0x5927) #6 0x7febe8ff0be3 in wl_display_dispatch_queue_pending (/lib64/libwayland-client.so.0+0x6be3) #7 0x66ea35 in pxWindowNative::runEventLoop() src/wayland_egl/pxWindowNative.cpp:595 #8 0x676ec1 in pxEventLoop::run() src/wayland_egl/pxEventLoopNative.cpp:35 #9 0x65e747 in pxMain(int, char**) examples/pxScene2d/src/pxScene.cpp:659 #10 0x676f3f in main src/wayland_egl/pxEventLoopNative.cpp:50 #11 0x7febe4131f29 in __libc_start_main (/lib64/libc.so.6+0x20f29) #12 0x4fe579 in _start (examples/pxScene2d/src/pxscene+0x4fe579) AddressSanitizer can not provide additional info. SUMMARY: AddressSanitizer: SEGV (/lib64/libwayland-egl.so.1+0x72b) in wl_egl_window_resize ==31533==ABORTING Original code: (1) wl_shell_surface_add_listener(shell_surface, &mShellSurfaceListener, this); // <- user_data (2) wl_shell_surface_set_user_data(shell_surface, surface); // <- user_data The problem is that 'surface' - user_data parameter in (2) overwrites 'this' - user_data parameter passed in (1) as a result 'mShellSurfaceListener' receives pointer to wrong user_data structure.
Merged
jiangliwu
pushed a commit
to jiangliwu/pxCore
that referenced
this issue
Jul 11, 2018
… (pxscene#1253) Fixes the following issue: ================================================================= ==12472==ERROR: AddressSanitizer: alloc-dealloc-mismatch (malloc vs operator delete) on 0x602000057c90 #0 0x7fef91d40748 in operator delete(void*) (/lib64/libasan.so.5+0xf1748) topcoderinc#1 0xa67017 in pxLoadSVGImage(char const*, unsigned long, pxOffscreen&, int, int) pxLoadSVGImage(char const*, unsigned long, pxOffscreen&, int, int) /home/sw/projects/pxscene/pxCore/src/pxUtil.cpp:1005 topcoderinc#2 0xa6879b in pxLoadImage(char const*, unsigned long, pxOffscreen&, int, int) /home/sw/projects/pxscene/pxCore/src/pxUtil.cpp:106 topcoderinc#3 0x6bc75b in pxUtilTest::pxLoadImage3ArgsLessLengthFailureTest() /home/sw/projects/pxscene/pxCore/tests/pxScene2d/test_pxUtil.cpp:160 topcoderinc#4 0x6bc75b in pxUtilTest_pxutilsTest_Test::TestBody() /home/sw/projects/pxscene/pxCore/tests/pxScene2d/test_pxUtil.cpp:372 topcoderinc#5 0x87b623 in void testing::internal::HandleSehExceptionsInMethodIfSupported<testing::Test, void>(testing::Test*, void (testing::Test::*)(), char const*) /home/sw/projects/pxscene/pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:2402 topcoderinc#6 0x87b623 in void testing::internal::HandleExceptionsInMethodIfSupported<testing::Test, void>(testing::Test*, void (testing::Test::*)(), char const*) /home/sw/projects/pxscene/pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:2438 topcoderinc#7 0x84c7d5 in testing::Test::Run() /home/sw/projects/pxscene/pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:2474 topcoderinc#8 0x84cb37 in testing::TestInfo::Run() /home/sw/projects/pxscene/pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:2656 topcoderinc#9 0x84cef4 in testing::TestCase::Run() /home/sw/projects/pxscene/pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:2774 topcoderinc#10 0x84e361 in testing::internal::UnitTestImpl::RunAllTests() /home/sw/projects/pxscene/pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:4649 topcoderinc#11 0x84eddd in bool testing::internal::HandleSehExceptionsInMethodIfSupported<testing::internal::UnitTestImpl, bool>(testing::internal::UnitTestImpl*, bool (testing::internal::UnitTestImpl::*)(), char const*) /home/sw/projects/pxscene/pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:2402 topcoderinc#12 0x84eddd in bool testing::internal::HandleExceptionsInMethodIfSupported<testing::internal::UnitTestImpl, bool>(testing::internal::UnitTestImpl*, bool (testing::internal::UnitTestImpl::*)(), char const*) /home/sw/projects/pxscene/pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:2438 topcoderinc#13 0x84eddd in testing::UnitTest::Run() /home/sw/projects/pxscene/pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:4257 topcoderinc#14 0x4d3591 in RUN_ALL_TESTS() /home/sw/projects/pxscene/pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/include/gtest/gtest.h:2233 topcoderinc#15 0x4d3591 in main /home/sw/projects/pxscene/pxCore/tests/pxScene2d/pxscene2dtestsmain.cpp:119 topcoderinc#16 0x7fef8cb0518a in __libc_start_main ../csu/libc-start.c:308 topcoderinc#17 0x5011a9 in _start (/home/sw/projects/pxscene/pxCore/tests/pxScene2d/pxscene2dtests+0x5011a9) 0x602000057c90 is located 0 bytes inside of 16-byte region [0x602000057c90,0x602000057ca0) allocated by thread T0 here: #0 0x7fef91d3de50 in calloc (/lib64/libasan.so.5+0xeee50) topcoderinc#1 0xa5c705 in nsvg__createParser /home/sw/projects/pxscene/pxCore/src/../examples/pxScene2d/external/nanosvg/src/nanosvg.h:619 topcoderinc#2 0xa5c705 in nsvgParse /home/sw/projects/pxscene/pxCore/src/../examples/pxScene2d/external/nanosvg/src/nanosvg.h:2861 topcoderinc#3 0xa66e0f in pxLoadSVGImage(char const*, unsigned long, pxOffscreen&, int, int) /home/sw/projects/pxscene/pxCore/src/pxUtil.cpp:988 topcoderinc#4 0xa6879b in pxLoadImage(char const*, unsigned long, pxOffscreen&, int, int) /home/sw/projects/pxscene/pxCore/src/pxUtil.cpp:106 topcoderinc#5 0x6bc75b in pxUtilTest::pxLoadImage3ArgsLessLengthFailureTest() /home/sw/projects/pxscene/pxCore/tests/pxScene2d/test_pxUtil.cpp:160 topcoderinc#6 0x6bc75b in pxUtilTest_pxutilsTest_Test::TestBody() /home/sw/projects/pxscene/pxCore/tests/pxScene2d/test_pxUtil.cpp:372 topcoderinc#7 0x87b623 in void testing::internal::HandleSehExceptionsInMethodIfSupported<testing::Test, void>(testing::Test*, void (testing::Test::*)(), char const*) /home/sw/projects/pxscene/pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:2402 topcoderinc#8 0x87b623 in void testing::internal::HandleExceptionsInMethodIfSupported<testing::Test, void>(testing::Test*, void (testing::Test::*)(), char const*) /home/sw/projects/pxscene/pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:2438 topcoderinc#9 0x84c7d5 in testing::Test::Run() /home/sw/projects/pxscene/pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:2474 topcoderinc#10 0x84cb37 in testing::TestInfo::Run() /home/sw/projects/pxscene/pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:2656 topcoderinc#11 0x84cef4 in testing::TestCase::Run() /home/sw/projects/pxscene/pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:2774 topcoderinc#12 0x84e361 in testing::internal::UnitTestImpl::RunAllTests() /home/sw/projects/pxscene/pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:4649 topcoderinc#13 0x84eddd in bool testing::internal::HandleSehExceptionsInMethodIfSupported<testing::internal::UnitTestImpl, bool>(testing::internal::UnitTestImpl*, bool (testing::internal::UnitTestImpl::*)(), char const*) /home/sw/projects/pxscene/pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:2402 topcoderinc#14 0x84eddd in bool testing::internal::HandleExceptionsInMethodIfSupported<testing::internal::UnitTestImpl, bool>(testing::internal::UnitTestImpl*, bool (testing::internal::UnitTestImpl::*)(), char const*) /home/sw/projects/pxscene/pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:2438 topcoderinc#15 0x84eddd in testing::UnitTest::Run() /home/sw/projects/pxscene/pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/src/gtest.cc:4257 topcoderinc#16 0x4d3591 in RUN_ALL_TESTS() /home/sw/projects/pxscene/pxCore/tests/pxScene2d/../../examples/pxScene2d/external/gtest/googletest/include/gtest/gtest.h:2233 topcoderinc#17 0x4d3591 in main /home/sw/projects/pxscene/pxCore/tests/pxScene2d/pxscene2dtestsmain.cpp:119 topcoderinc#18 0x7fef8cb0518a in __libc_start_main ../csu/libc-start.c:308 SUMMARY: AddressSanitizer: alloc-dealloc-mismatch (/lib64/libasan.so.5+0xf1748) in operator delete(void*)
jiangliwu
pushed a commit
to jiangliwu/pxCore
that referenced
this issue
Jul 11, 2018
…xscene#1256) Fixes the following issue: ================================================================= ==9455==ERROR: AddressSanitizer: alloc-dealloc-mismatch (malloc vs operator delete) on 0x60c000000280 #0 0x7f34c8e29748 in operator delete(void*) (/lib64/libasan.so.5+0xf1748) topcoderinc#1 0x7f34c35cf66b in __run_exit_handlers /usr/src/debug/glibc-2.27-56-g50df56ca86/stdlib/exit.c:108 topcoderinc#2 0x7f34c35cf79b in __GI_exit /usr/src/debug/glibc-2.27-56-g50df56ca86/stdlib/exit.c:139 topcoderinc#3 0x7f34c7409e63 in Exit ../src/node.cc:2472 topcoderinc#4 0x7f34c75e5059 in v8::internal::FunctionCallbackArguments::Call(void (*)(v8::FunctionCallbackInfo<v8::Value> const&)) ../deps/v8/src/api-arguments.cc:25 topcoderinc#5 0x7f34c764ddcf in HandleApiCallHelper<false> ../deps/v8/src/builtins/builtins-api.cc:112 topcoderinc#6 0x7f34c764e4a6 in Builtin_Impl_HandleApiCall ../deps/v8/src/builtins/builtins-api.cc:142 topcoderinc#7 0x1e8f838842fc (<unknown module>) 0x60c000000280 is located 0 bytes inside of 128-byte region [0x60c000000280,0x60c000000300) allocated by thread T0 here: #0 0x7f34c8e26e50 in calloc (/lib64/libasan.so.5+0xeee50) topcoderinc#1 0x67c925 in nsvgCreateRasterizer /home/sw/projects/pxscene/pxCore/src/../examples/pxScene2d/external/nanosvg/src/nanosvgrast.h:149 topcoderinc#2 0x499df5 in NSVGrasterizerEx::NSVGrasterizerEx() /home/sw/projects/pxscene/pxCore/src/pxUtil.cpp:63 topcoderinc#3 0x499df5 in __static_initialization_and_destruction_0 /home/sw/projects/pxscene/pxCore/src/pxUtil.cpp:73 topcoderinc#4 0x499df5 in _GLOBAL__sub_I_pxUtil.cpp /home/sw/projects/pxscene/pxCore/src/pxUtil.cpp:1521 topcoderinc#5 0x817944 in __libc_csu_init (/home/sw/projects/pxscene/pxCore/examples/pxScene2d/src/pxscene+0x817944)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
One of the customer requests we have is to have the installer prompt for an installation folder, instead of just going with the default. In the future, the customer may want to have multiple versions of pxscene installed and running for testing, and allowing them to change the default installation folder will help with that.
The text was updated successfully, but these errors were encountered: