Message2873

Issues
Show Not Resolved
Show All
Search

Login




Register
Lost your login?

Help
Roundup docs

Author matthiaskrgr
Recipients
Date 2014-08-15.23:56:53
Content
update trace:

Found robot that seems really stuck on position: 41.325642/42.310719/8.
More details on this robot:  Type=8.
Short Description=476 Coward.
Private Pathway[0]: 41.325642/42.310719.
Private Pathway[1]:
-1.000000/-1.000000.=================================================================
==898==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x6250003868e4
at pc 0x4b8e80 bp 0x7fff5aa221b0 sp 0x7fff5aa221a0
READ of size 4 at 0x6250003868e4 thread T0
    #0 0x4b8e7f in enemy_handle_stuck_in_walls
(/home/matthias/vcs/git/freedroid/src/freedroidRPG+0x4b8e7f)
    #1 0x4ba13c in state_machine_inconditional_updates
(/home/matthias/vcs/git/freedroid/src/freedroidRPG+0x4ba13c)
    #2 0x4be496 in update_enemy
(/home/matthias/vcs/git/freedroid/src/freedroidRPG+0x4be496)
    #3 0x4beff0 in move_enemies
(/home/matthias/vcs/git/freedroid/src/freedroidRPG+0x4beff0)
    #4 0x4cbbe1 in Game (/home/matthias/vcs/git/freedroid/src/freedroidRPG+0x4cbbe1)
    #5 0x525add in TestMap
(/home/matthias/vcs/git/freedroid/src/freedroidRPG+0x525add)
    #6 0x53e83b in DoLevelEditorMainMenu
(/home/matthias/vcs/git/freedroid/src/freedroidRPG+0x53e83b)
    #7 0x533a09 in leveleditor_process_input
(/home/matthias/vcs/git/freedroid/src/freedroidRPG+0x533a09)
    #8 0x525bb3 in LevelEditor
(/home/matthias/vcs/git/freedroid/src/freedroidRPG+0x525bb3)
    #9 0x4c9b39 in input_key
(/home/matthias/vcs/git/freedroid/src/freedroidRPG+0x4c9b39)
    #10 0x4cb7af in input_key_event
(/home/matthias/vcs/git/freedroid/src/freedroidRPG+0x4cb7af)
    #11 0x4cb8b1 in input_key_press
(/home/matthias/vcs/git/freedroid/src/freedroidRPG+0x4cb8b1)
    #12 0x4c63cc in input_handle
(/home/matthias/vcs/git/freedroid/src/freedroidRPG+0x4c63cc)
    #13 0x4cbb89 in Game
(/home/matthias/vcs/git/freedroid/src/freedroidRPG+0x4cbb89)
    #14 0x525add in TestMap
(/home/matthias/vcs/git/freedroid/src/freedroidRPG+0x525add)
    #15 0x53e83b in DoLevelEditorMainMenu
(/home/matthias/vcs/git/freedroid/src/freedroidRPG+0x53e83b)
    #16 0x533a09 in leveleditor_process_input
(/home/matthias/vcs/git/freedroid/src/freedroidRPG+0x533a09)
    #17 0x525bb3 in LevelEditor
(/home/matthias/vcs/git/freedroid/src/freedroidRPG+0x525bb3)
    #18 0x4cbf1f in main
(/home/matthias/vcs/git/freedroid/src/freedroidRPG+0x4cbf1f)
    #19 0x7f59fbc65fff in __libc_start_main (/usr/lib/libc.so.6+0x1ffff)
    #20 0x4162db (/home/matthias/vcs/git/freedroid/src/freedroidRPG+0x4162db)

0x6250003868e4 is located 28 bytes to the left of 8128-byte region
[0x625000386900,0x6250003888c0)
allocated by thread T0 here:
    #0 0x7f59fd776e56 in __interceptor_realloc (/usr/lib/libasan.so.1+0x57e56)
    #1 0x442dce in dynarray_resize
(/home/matthias/vcs/git/freedroid/src/freedroidRPG+0x442dce)
    #2 0x443000 in dynarray_add
(/home/matthias/vcs/git/freedroid/src/freedroidRPG+0x443000)
    #3 0x46ac8b in decode_waypoints
(/home/matthias/vcs/git/freedroid/src/freedroidRPG+0x46ac8b)
    #4 0x46bfac in decode_level
(/home/matthias/vcs/git/freedroid/src/freedroidRPG+0x46bfac)
    #5 0x46ca85 in LoadShip
(/home/matthias/vcs/git/freedroid/src/freedroidRPG+0x46ca85)
    #6 0x478c1a in prepare_level_editor
(/home/matthias/vcs/git/freedroid/src/freedroidRPG+0x478c1a)
    #7 0x41a241 in Startup_handle
(/home/matthias/vcs/git/freedroid/src/freedroidRPG+0x41a241)
    #8 0x419e5a in RunSubMenu
(/home/matthias/vcs/git/freedroid/src/freedroidRPG+0x419e5a)
    #9 0x41a122 in RunMenu
(/home/matthias/vcs/git/freedroid/src/freedroidRPG+0x41a122)
    #10 0x41a137 in StartupMenu
(/home/matthias/vcs/git/freedroid/src/freedroidRPG+0x41a137)
    #11 0x4cbeb7 in main
(/home/matthias/vcs/git/freedroid/src/freedroidRPG+0x4cbeb7)
    #12 0x7f59fbc65fff in __libc_start_main (/usr/lib/libc.so.6+0x1ffff)

SUMMARY: AddressSanitizer: heap-buffer-overflow ??:0 enemy_handle_stuck_in_walls
Shadow bytes around the buggy address:
  0x0c4a80068cc0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x0c4a80068cd0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x0c4a80068ce0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x0c4a80068cf0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x0c4a80068d00: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
=>0x0c4a80068d10: fa fa fa fa fa fa fa fa fa fa fa fa[fa]fa fa fa
  0x0c4a80068d20: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x0c4a80068d30: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x0c4a80068d40: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x0c4a80068d50: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x0c4a80068d60: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Shadow byte legend (one shadow byte represents 8 application bytes):
  Addressable:           00
  Partially addressable: 01 02 03 04 05 06 07 
  Heap left redzone:       fa
  Heap right redzone:      fb
  Freed heap region:       fd
  Stack left redzone:      f1
  Stack mid redzone:       f2
  Stack right redzone:     f3
  Stack partial redzone:   f4
  Stack after return:      f5
  Stack use after scope:   f8
  Global redzone:          f9
  Global init order:       f6
  Poisoned by user:        f7
  Contiguous container OOB:fc
  ASan internal:           fe
==898==ABORTING
History
Date User Action Args
2014-08-15 23:56:53matthiaskrgrsetmessageid: <1408147013.42.0.984768663871.issue687@freedroid.org>
2014-08-15 23:56:53matthiaskrgrlinkissue687 messages
2014-08-15 23:56:53matthiaskrgrcreate