View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0030978 | Open CASCADE | OCCT:Visualization | public | 2019-09-18 03:37 | 2019-09-22 11:41 |
| Reporter | Assigned To | bugmaster | |||
| Priority | normal | Severity | minor | ||
| Status | closed | Resolution | fixed | ||
| Product Version | 7.3.0 | ||||
| Target Version | 7.4.0 | Fixed in Version | 7.4.0 | ||
| Summary | 0030978: Visualization - stack-use-after-scope reported by Clang address sanitizer in OpenGl_Text.cxx | ||||
| Description | When running tests with OCCT built with address sanitizer (see 0030557:0087181), the problem is reported on test 3rdparty fonts A7: vdrawtext td Overlay Test Decal -height 16 -font SansFont -2d -persPos -1 1 -subColor BLUE1 -pos 20 -100 0 -color WHITE -dispType decal ================================================================= ==18975==ERROR: AddressSanitizer: stack-use-after-scope on address 0x7ffefd07f550 at pc 0x7f77851c1e62 bp 0x7ffefd07f180 sp 0x7ffefd07f178 READ of size 8 at 0x7ffefd07f550 thread T0 # 0 0x7f77851c1e61 in opencascade::handle::IsNull() const /home/abv/occt/src/Standard/Standard_Handle.hxx:94:34 # 1 0x7f7784bb8831 in (anonymous namespace)::BackPolygonOffsetSentry::~BackPolygonOffsetSentry() /home/abv/occt/src/OpenGl/OpenGl_Text.cxx:56:18 # 2 0x7f7784bb5218 in OpenGl_Text::render(opencascade::handle const&, OpenGl_Aspects const&, NCollection_Vec4 const&, NCollection_Vec4 const&, unsigned int) const /home/abv/occt/src/OpenGl/OpenGl_Text.cxx:764:5 # 3 0x7f7784bb41b3 in OpenGl_Text::Render(opencascade::handle const&) const /home/abv/occt/src/OpenGl/OpenGl_Text.cxx:300:3 # 4 0x7f7784ba83ab in (anonymous namespace)::renderFiltered(opencascade::handle const&, OpenGl_Element*) /home/abv/occt/src/OpenGl/OpenGl_Group.cxx:50:17 # 5 0x7f7784ba8312 in OpenGl_Group::Render(opencascade::handle const&) const /home/abv/occt/src/OpenGl/OpenGl_Group.cxx:295:5 # 6 0x7f7784babb5b in OpenGl_Structure::renderGeometry(opencascade::handle const&, bool&) const /home/abv/occt/src/OpenGl/OpenGl_Structure.cxx:394:25 # 7 0x7f7784bac567 in OpenGl_Structure::Render(opencascade::handle const&) const /home/abv/occt/src/OpenGl/OpenGl_Structure.cxx:555:5 # 8 0x7f7784c8085e in OpenGl_LayerList::renderLayer(opencascade::handle const&, OpenGl_GlobalLayerSettings const&, Graphic3d_Layer const&) const /home/abv/occt/src/OpenGl/OpenGl_LayerList.cxx:662:16 # 9 0x7f7784c81527 in OpenGl_LayerList::Render(opencascade::handle const&, bool, OpenGl_LayerFilter, OpenGl_FrameBuffer*, OpenGl_FrameBuffer*) const /home/abv/occt/src/OpenGl/OpenGl_LayerList.cxx:806:9 # 10 0x7f7784c27409 in OpenGl_View::renderStructs(Graphic3d_Camera::Projection, OpenGl_FrameBuffer*, OpenGl_FrameBuffer*, bool) /home/abv/occt/src/OpenGl/OpenGl_View_Redraw.cxx:1179:15 # 11 0x7f7784c27a41 in OpenGl_View::renderScene(Graphic3d_Camera::Projection, OpenGl_FrameBuffer*, OpenGl_FrameBuffer*, bool) /home/abv/occt/src/OpenGl/OpenGl_View_Redraw.cxx:1240:3 # 12 0x7f7784c26c52 in OpenGl_View::render(Graphic3d_Camera::Projection, OpenGl_FrameBuffer*, OpenGl_FrameBuffer*, bool) /home/abv/occt/src/OpenGl/OpenGl_View_Redraw.cxx:1029:3 # 13 0x7f7784c25c43 in OpenGl_View::redrawImmediate(Graphic3d_Camera::Projection, OpenGl_FrameBuffer*, OpenGl_FrameBuffer*, OpenGl_FrameBuffer*, bool) /home/abv/occt/src/OpenGl/OpenGl_View_Redraw.cxx:879:3 # 14 0x7f7784c1fb07 in OpenGl_View::Redraw() /home/abv/occt/src/OpenGl/OpenGl_View_Redraw.cxx:543:10 # 15 0x7f7787e244a8 in V3d_View::Redraw() const /home/abv/occt/src/V3d/V3d_View.cxx:262:13 # 16 0x7f7787e490c4 in V3d_Viewer::Redraw() const /home/abv/occt/src/V3d/V3d_Viewer.cxx:185:27 # 17 0x7f7788037f88 in V3d_Viewer::Update() /home/abv/occt/src/V3d/V3d_Viewer.hxx:105:19 # 18 0x7f778802d918 in AIS_InteractiveContext::UpdateCurrentViewer() /home/abv/occt/src/AIS/AIS_InteractiveContext.cxx:221:16 # 19 0x7f778514fa35 in ViewerTest_AutoUpdater::Update() /home/abv/occt/src/ViewerTest/ViewerTest_AutoUpdater.cxx:110:20 # 20 0x7f778514f90e in ViewerTest_AutoUpdater::~ViewerTest_AutoUpdater() /home/abv/occt/src/ViewerTest/ViewerTest_AutoUpdater.cxx:41:3 # 21 0x7f778517b21f in VDrawText(Draw_Interpretor&, int, char const**) /home/abv/occt/src/ViewerTest/ViewerTest_ObjectCommands.cxx:2709:1 # 22 0x7f7796ee7349 in Draw_Interpretor::CallBackDataFunc::Invoke(Draw_Interpretor&, int, char const**) /home/abv/occt/src/Draw/Draw_Interpretor.hxx:81:31 # 23 0x7f7796ef4b7d in CommandCmd(void*, Tcl_Interp*, int, char const**) /home/abv/occt/src/Draw/Draw_Interpretor.cxx:154:40 # 24 0x7f77912a9b95 in TclInvokeStringCommand (/usr/lib/x86_64-linux-gnu/libtcl8.6.so+0x38b95) # 25 0x7f77912abfa6 in TclNRRunCallbacks (/usr/lib/x86_64-linux-gnu/libtcl8.6.so+0x3afa6) # 26 0x7f779134a87a in Tcl_RecordAndEvalObj (/usr/lib/x86_64-linux-gnu/libtcl8.6.so+0xd987a) # 27 0x7f779134a756 in Tcl_RecordAndEval (/usr/lib/x86_64-linux-gnu/libtcl8.6.so+0xd9756) # 28 0x7f7796ef60bf in Draw_Interpretor::RecordAndEval(char const*, int) /home/abv/occt/src/Draw/Draw_Interpretor.cxx:496:10 # 29 0x7f7796edcdad in Draw_Interprete(char const*) /home/abv/occt/src/Draw/Draw.cxx:608:19 # 30 0x7f7796eddb90 in interpreteTclCommand(TCollection_AsciiString const&) /home/abv/occt/src/Draw/Draw.cxx:110:5 # 31 0x7f7796edb37b in ReadInitFile(TCollection_AsciiString const&) /home/abv/occt/src/Draw/Draw.cxx:121:3 # 32 0x7f7796eda973 in Draw_Appli(int, char**, void (*)(Draw_Interpretor&)) /home/abv/occt/src/Draw/Draw.cxx:497:5 # 33 0x7f7796ef7328 in Draw_Main(int, char**, void (*)(Draw_Interpretor&)) /home/abv/occt/src/Draw/Draw_Main.cxx:113:3 # 34 0x51aaef in main /home/abv/occt/src/DRAWEXE/DRAWEXE.cxx:33:1 # 35 0x7f778fcd582f in __libc_start_main /build/glibc-Cl5G7W/glibc-2.23/csu/../csu/libc-start.c:291 # 36 0x41aac8 in _start (/home/abv/tmp/occt-clang/lin64/clang/bini/DRAWEXE-7.4.0+0x41aac8) Address 0x7ffefd07f550 is located in stack of thread T0 at offset 912 in frame # 0 0x7f7784bb434f in OpenGl_Text::render(opencascade::handle const&, OpenGl_Aspects const&, NCollection_Vec4 const&, NCollection_Vec4 const&, unsigned int) const /home/abv/occt/src/OpenGl/OpenGl_Text.cxx:609 This frame has 21 object(s): [32, 48) 'aFontKey' (line 617) [64, 72) 'ref.tmp' (line 627) [96, 304) 'aFormatter' (line 636) [368, 472) 'aBuilder' (line 644) [512, 576) 'ref.tmp51' (line 668) [608, 632) 'aPnt1' (line 681) [672, 696) 'aPnt2' (line 681) [736, 740) 'aTexEnvParam' (line 714) [752, 776) 'aPolygonOffsetTmp' (line 747) [816, 824) 'ref.tmp134' (line 747) [848, 872) 'aPolygonOffsetTmp136' (line 753) [912, 920) 'ref.tmp137' (line 753) <== Memory access at offset 912 is inside this variable [944, 956) 'ref.tmp140' (line 755) [976, 988) 'ref.tmp141' (line 757) [1008, 1020) 'ref.tmp142' (line 759) [1040, 1052) 'ref.tmp143' (line 761) [1072, 1096) 'aPolygonOffsetTmp144' (line 767) [1136, 1144) 'ref.tmp145' (line 767) [1168, 1180) 'ref.tmp148' (line 769) [1200, 1212) 'ref.tmp150' (line 782) [1232, 1248) 'ref.tmp171' (line 818) HINT: this may be a false positive if your program uses some custom stack unwind mechanism or swapcontext (longjmp and C++ exceptions *are* supported) SUMMARY: AddressSanitizer: stack-use-after-scope /home/abv/occt/src/Standard/Standard_Handle.hxx:94:34 in opencascade::handle::IsNull() const Shadow bytes around the buggy address: 0x10005fa07e50: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f2 f2 0x10005fa07e60: f2 f2 f2 f2 f2 f2 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 0x10005fa07e70: f8 f8 f8 f2 f2 f2 f2 f2 f8 f8 f8 f8 f8 f8 f8 f8 0x10005fa07e80: f2 f2 f2 f2 f8 f8 f8 f2 f2 f2 f2 f2 f8 f8 f8 f2 0x10005fa07e90: f2 f2 f2 f2 04 f2 f8 f8 f8 f2 f2 f2 f2 f2 f8 f2 =>0x10005fa07ea0: f2 f2 00 00 00 f2 f2 f2 f2 f2[f8]f2 f2 f2 f8 f8 0x10005fa07eb0: f2 f2 f8 f8 f2 f2 f8 f8 f2 f2 f8 f8 f2 f2 f8 f8 0x10005fa07ec0: f8 f2 f2 f2 f2 f2 f8 f2 f2 f2 f8 f8 f2 f2 f8 f8 0x10005fa07ed0: f2 f2 f8 f8 f3 f3 f3 f3 00 00 00 00 00 00 00 00 0x10005fa07ee0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x10005fa07ef0: 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 f1 Shadow byte legend (one shadow byte represents 8 application bytes): Addressable: 00 Partially addressable: 01 02 03 04 05 06 07 Heap left redzone: fa Freed heap region: fd Stack left redzone: f1 Stack mid redzone: f2 Stack right redzone: f3 Stack after return: f5 Stack use after scope: f8 Global redzone: f9 Global init order: f6 Poisoned by user: f7 Container overflow: fc Array cookie: ac Intra object redzone: bb ASan internal: fe Left alloca redzone: ca Right alloca redzone: cb ==18975==ABORTING | ||||
| Steps To Reproduce | Build with -sanitize=address then run test 3rdparty fonts A7 | ||||
| Tags | No tags attached. | ||||
| Test case number | Not required | ||||
|
|
Branch CR30978 has been created by abv. SHA-1: 005743b770f1901a7f7e3074c1b76c080d8c0335 Detailed log of new commits: Author: abv Date: Wed Sep 18 03:48:35 2019 +0300 0030978: Visualization - stack-use-after-scope reported by Clang address sanitizer in OpenGl_Text.cxx |
|
|
Branch CR30978 has been updated forcibly by abv. SHA-1: 748f5120d72d5c89a7f11db064c22cc883309392 |
|
|
The fix is pushed to branch CR30978, please review. Jenkins tests are mostly OK, see job CR30978-abv; IFC tests on products on Debian are failing apparently due to some unrelated environment issue. |
|
|
Combination - OCCT branch : WEEK-38 master SHA - 3561f506c83b672cc3e06b77029aafca8d91d5d9 5f5b1aed1c6e139bbd34314eca77ae7abcd8895c Products branch : WEEK-38 SHA - 408582119deba96d291df52766ca720a3059ce71 was compiled on Linux, MacOS and Windows platforms and tested in optimize mode. Number of compiler warnings: No new/fixed warnings Regressions/Differences/Improvements: No regressions/differences CPU differences: Debian80-64: OCCT Total CPU difference: 16813.57000000016 / 16822.810000000067 [-0.05%] Products Total CPU difference: 10542.720000000027 / 10555.120000000048 [-0.12%] Windows-64-VC14: OCCT Total CPU difference: 18271.390625 / 18222.765625 [+0.27%] Products Total CPU difference: 12493.84375 / 12438.984375 [+0.44%] Image differences : No differences that require special attention Memory differences : No differences that require special attention |
|
|
Branch CR30978 has been deleted by inv. SHA-1: 748f5120d72d5c89a7f11db064c22cc883309392 |
|
occt: master 1f44d29a 2019-09-18 00:48:35
Committer: bugmaster Details Diff |
0030978: Visualization - stack-use-after-scope reported by Clang address sanitizer in OpenGl_Text.cxx Implementation of auxiliary class in OpenGl_Text.cxx is corrected to avoid storing reference to temporary object. Off-topic: test parse rules are corrected to recognize situation when test is killed by elapsed time, and report it as such. |
Affected Issues 0030978 |
|
| mod - src/OpenGl/OpenGl_Text.cxx | Diff File | ||
| mod - tests/parse.rules | Diff File | ||
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2019-09-18 03:37 |
|
New Issue | |
| 2019-09-18 03:37 |
|
Assigned To | => kgv |
| 2019-09-18 03:38 |
|
Relationship added | child of 0030557 |
| 2019-09-18 03:38 |
|
Description Updated | |
| 2019-09-18 03:40 |
|
Description Updated | |
| 2019-09-18 03:52 | git | Note Added: 0087232 | |
| 2019-09-18 10:08 | kgv | Relationship added | child of 0029366 |
| 2019-09-18 10:08 | kgv | Product Version | => 7.3.0 |
| 2019-09-18 10:08 | kgv | Target Version | 7.5.0 => 7.4.0 |
| 2019-09-18 22:06 | git | Note Added: 0087281 | |
| 2019-09-19 06:05 |
|
Note Added: 0087283 | |
| 2019-09-19 06:05 |
|
Status | new => resolved |
| 2019-09-19 06:05 |
|
Steps to Reproduce Updated | |
| 2019-09-19 09:28 | kgv | Assigned To | kgv => bugmaster |
| 2019-09-19 09:28 | kgv | Status | resolved => reviewed |
| 2019-09-19 18:45 | bugmaster | Test case number | => Not required |
| 2019-09-20 07:53 | bugmaster | Note Added: 0087338 | |
| 2019-09-20 07:53 | bugmaster | Status | reviewed => tested |
| 2019-09-21 18:13 | bugmaster | Changeset attached | => occt master 1f44d29a |
| 2019-09-21 18:13 | bugmaster | Status | tested => verified |
| 2019-09-21 18:13 | bugmaster | Resolution | open => fixed |
| 2019-09-22 11:41 | git | Note Added: 0087423 |
