view level A.
add some obstacles
remove some obstacles
remove level A
undo twice: crash


=================================================================
==8790==ERROR: AddressSanitizer: heap-use-after-free on address 0x7f2cc00f1920
at pc 0x0000006ac8b8 bp 0x7fff28f5ae00 sp 0x7fff28f5adf8
READ of size 4 at 0x7f2cc00f1920 thread T0
ALSA lib pcm.c:7905:(snd_pcm_recover) underrun occurred
    #0 0x6ac8b7 in action_remove_obstacle_user
/home/matthias/vcs/git/freedroid/src/lvledit/lvledit_actions.c:284:2
    #1 0x6b002c in action_do
/home/matthias/vcs/git/freedroid/src/lvledit/lvledit_actions.c:742:3
    #2 0x6b002c in __level_editor_do_action_from_stack
/home/matthias/vcs/git/freedroid/src/lvledit/lvledit_actions.c:831
    #3 0x6afd17 in level_editor_action_undo
/home/matthias/vcs/git/freedroid/src/lvledit/lvledit_actions.c:839:2
    #4 0x68a83c in button_handle_event
/home/matthias/vcs/git/freedroid/src/widgets/widget_button.c:78:7
    #5 0x68ba00 in group_mouse_event
/home/matthias/vcs/git/freedroid/src/widgets/widget_group.c:93:10
    #6 0x68ba00 in widget_group_handle_event
/home/matthias/vcs/git/freedroid/src/widgets/widget_group.c:187
    #7 0x5f4807 in input_handle /home/matthias/vcs/git/freedroid/src/input.c:135:3
    #8 0x6bd55a in leveleditor_process_input
/home/matthias/vcs/git/freedroid/src/lvledit/lvledit_input.c:186:2
    #9 0x6a61e3 in LevelEditor
/home/matthias/vcs/git/freedroid/src/lvledit/lvledit.c:282:3
    #10 0x5fb979 in main /home/matthias/vcs/git/freedroid/src/main.c:188:4
    #11 0x7f2ce11ab7ff in __libc_start_main (/usr/lib/libc.so.6+0x207ff)
    #12 0x4ce8f8 in _start
(/home/matthias/vcs/git/freedroid/src/freedroidRPG+0x4ce8f8)

0x7f2cc00f1920 is located 4384 bytes inside of 131008-byte region
[0x7f2cc00f0800,0x7f2cc01107c0)
freed by thread T0 here:
    #0 0x4b0fdb in __interceptor_free
(/home/matthias/vcs/git/freedroid/src/freedroidRPG+0x4b0fdb)
    #1 0x7f2cd7de6689 (/usr/lib/libdrm_intel.so.1+0x8689)

previously allocated by thread T0 here:
    #0 0x4b125b in malloc
(/home/matthias/vcs/git/freedroid/src/freedroidRPG+0x4b125b)
    #1 0x7f2cd7de4309 (/usr/lib/libdrm_intel.so.1+0x6309)

SUMMARY: AddressSanitizer: heap-use-after-free
/home/matthias/vcs/git/freedroid/src/lvledit/lvledit_actions.c:284
action_remove_obstacle_user
Shadow bytes around the buggy address:
  0x0fe6180162d0: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
  0x0fe6180162e0: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
  0x0fe6180162f0: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
  0x0fe618016300: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
  0x0fe618016310: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
=>0x0fe618016320: fd fd fd fd[fd]fd fd fd fd fd fd fd fd fd fd fd
  0x0fe618016330: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
  0x0fe618016340: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
  0x0fe618016350: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
  0x0fe618016360: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
  0x0fe618016370: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
Shadow byte legend (one shadow byte represents 8 application bytes):
  Addressable:           00
  Partially addressable: 01 02 03 04 05 06 07 
  Heap left redzone:       fa
  Heap right redzone:      fb
  Freed heap region:       fd
  Stack left redzone:      f1
  Stack mid redzone:       f2
  Stack right redzone:     f3
  Stack partial redzone:   f4
  Stack after return:      f5
  Stack use after scope:   f8
  Global redzone:          f9
  Global init order:       f6
  Poisoned by user:        f7
  Container overflow:      fc
  ASan internal:           fe
==8790==ABORTING

Removing a level cannot be undo.
I propose to clear the undo stack when a level is removed.
Do you agree ?

Fix proposed: http://rb.freedroid.org/r/2189/

Fixed in commit 90b0bc7