bug-ncurses
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

delscreen problem with ncurses 6.4

From: Frédéric BOITEUX
Subject: delscreen problem with ncurses 6.4
Date: Mon, 18 Sep 2023 16:12:17 +0000 
        Hello,

I've recently upgraded a server from Debian 11 to Debian 12, and rebuilt an 
application using ncurses on it, using now Debian package in version 6.4-4, 
instead of 6.2+20201114-2+deb11u1 with previous system version.

I've rebuilt the application, without problem, but now I'm facing memory error 
(going to a core dump).
This application uses multiple terminal, using newterm() / delscreen() calls. 
It can work correctly with some terminals, but as soon as one is closed (using 
delscreen() ), all other ones can't work anymore : trying to access to any of 
their windows lead to a crash !

I tried to debug it with Address Sanitizer or Valgrind, and all gave the same 
conclusion : the windows of other [remaining] terminals have been freed when 
the first terminal liberation has be done !
Here is the log of AddressSanitizer :
=================================================================
==18648==ERROR: AddressSanitizer: heap-use-after-free on address 0x6120000784d0 
a
t pc 0x557b5ba38061 bp 0x7ffe3caebe10 sp 0x7ffe3caebe08
READ of size 2 at 0x6120000784d0 thread T0
    #0 0x557b5ba38060 in mdte /opt/mmx/sys.d/ecran.c:6262
    #1 0x557b5b9df2ba in main /opt/mmx/sys.d/ecran.c:756
    #2 0x7f25c96461c9 in __libc_start_call_main 
../sysdeps/nptl/libc_start_call_m
ain.h:58
    #3 0x7f25c9646284 in __libc_start_main_impl ../csu/libc-start.c:360
    #4 0x557b5b9deb90 in _start (/opt/mmx/exe.d/ecran+0xb9b90)
 
0x6120000784d0 is located 16 bytes inside of 296-byte region 
[0x6120000784c0,0x61
20000785e8)
freed by thread T0 here:
    #0 0x7f25caab76a8 in __interceptor_free 
../../../../src/libsanitizer/asan/asa
n_malloc_linux.cpp:52
    #1 0x7f25cb0d530d in _nc_freewin ../../ncurses/base/lib_newwin.c:124
 
previously allocated by thread T0 here:
    #0 0x7f25caab83b7 in __interceptor_calloc 
../../../../src/libsanitizer/asan/a
san_malloc_linux.cpp:77
    #1 0x7f25cb0d5407 in _nc_makenew_sp ../../ncurses/base/lib_newwin.c:287
 
SUMMARY: AddressSanitizer: heap-use-after-free /opt/mmx/sys.d/ecran.c:6262 in 
mdte

I've looked at the code, and rebuilt the library with « trace » mode, adding 
some more traces, and it seems that the window list walked by delscreen is a 
global one, instead of each screen having a specific one : this latter behavior 
seems to be activated only when compiling with --enable-term-driver, used on 
MinGW platform but not on Linux Debian .

  Do you have some clues to help me resolve this problem ?

        Thanks,
                Fred.
reply via email to
[Prev in Thread] Current Thread [Next in Thread]