[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kde-multimedia
Subject:    Re: Review Request 120433: Fix alloc-dealloc-mismatch in StreamReader
From:       "Uwe L. Korn" <uwelk () xhochy ! com>
Date:       2014-09-30 10:37:04
Message-ID: 20140930103704.15675.29981 () probe ! kde ! org
[Download RAW message or body]

--===============8669755469543019666==
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit


-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://git.reviewboard.kde.org/r/120433/
-----------------------------------------------------------

(Updated Sept. 30, 2014, 10:37 a.m.)


Status
------

This change has been marked as submitted.


Review request for Phonon and Harald Sitter.


Repository: phonon-vlc


Description
-------

StreamReader::readCallback always allocates buffer using new[] but the
deletion was done in StreamReader::readDoneCallback with a mismatching
delete.

related AddressSanitizer output:

```
=================================================================
==28275==ERROR: AddressSanitizer: alloc-dealloc-mismatch (operator new [] vs operator \
delete) on 0x62d001450400  #0 0x46310b in operator delete(void*) \
(/home/xhochy/Development/tomahawk-player/build/tomahawk-asan-qt5/tomahawk+0x46310b)  \
#1 0x7f3a925dd56b in Phonon::VLC::StreamReader::readDoneCallback(void*, char const*, \
unsigned long, void*) \
/var/tmp/notmpfs/portage/media-libs/phonon-vlc-9999/work/phonon-vlc-9999/src/streamreader.cpp:112
  #2 0x7f3a84e5d06f in Block \
/var/tmp/portage/media-video/vlc-9999/work/vlc-9999/modules/access/imem.c:389  #3 \
0x7f3a924f4210 in AReadBlock \
/var/tmp/portage/media-video/vlc-9999/work/vlc-9999/src/input/stream.c:1749  #4 \
0x7f3a924f45d3 in AStreamPrebufferBlock \
/var/tmp/portage/media-video/vlc-9999/work/vlc-9999/src/input/stream.c:706  #5 \
0x7f3a924f5edf in stream_AccessNew \
/var/tmp/portage/media-video/vlc-9999/work/vlc-9999/src/input/stream.c:389  #6 \
0x7f3a924ed189 in InputSourceInit \
/var/tmp/portage/media-video/vlc-9999/work/vlc-9999/src/input/input.c:2347  #7 \
0x7f3a924ee0d3 in Init \
/var/tmp/portage/media-video/vlc-9999/work/vlc-9999/src/input/input.c:1204  #8 \
0x7f3a924f1055 in Run \
/var/tmp/portage/media-video/vlc-9999/work/vlc-9999/src/input/input.c:518  #9 \
0x7f3aa6e07202 in start_thread \
/var/tmp/portage/sys-libs/glibc-2.19-r1/work/glibc-2.19/nptl/pthread_create.c:309  \
#10 0x7f3aa5a319ac in clone \
/var/tmp/portage/sys-libs/glibc-2.19-r1/work/glibc-2.19/misc/../sysdeps/unix/sysv/linux/x86_64/clone.S:111


0x62d001450400 is located 0 bytes inside of 32768-byte region \
[0x62d001450400,0x62d001458400) allocated by thread T42 here:
    #0 0x462d1b in operator new[](unsigned long) \
(/home/xhochy/Development/tomahawk-player/build/tomahawk-asan-qt5/tomahawk+0x462d1b)  \
#1 0x7f3a925dd893 in Phonon::VLC::StreamReader::readCallback(void*, char const*, \
long*, long*, unsigned int*, unsigned long*, void**) \
/var/tmp/notmpfs/portage/media-libs/phonon-vlc-9999/work/phonon-vlc-9999/src/streamreader.cpp:96


Thread T42 created by T0 here:
    #0 0x4b209f in __interceptor_pthread_create \
(/home/xhochy/Development/tomahawk-player/build/tomahawk-asan-qt5/tomahawk+0x4b209f)  \
#1 0x7f3a9252ecf0 in vlc_clone_attr \
/var/tmp/portage/media-video/vlc-9999/work/vlc-9999/src/posix/thread.c:653

SUMMARY: AddressSanitizer: alloc-dealloc-mismatch ??:0 operator delete(void*)
==28275==HINT: if you don't care about these warnings you may set \
ASAN_OPTIONS=alloc_dealloc_mismat ```


Diffs
-----

  src/streamreader.cpp dac45456ee0228267aec3732cf617def0ef9db3d 

Diff: https://git.reviewboard.kde.org/r/120433/diff/


Testing
-------

Plays successfully in Tomahawk-git.


Thanks,

Uwe L. Korn


--===============8669755469543019666==
MIME-Version: 1.0
Content-Type: text/html; charset="utf-8"
Content-Transfer-Encoding: 7bit




<html>
 <body>
  <div style="font-family: Verdana, Arial, Helvetica, Sans-Serif;">
   <table bgcolor="#f9f3c9" width="100%" cellpadding="12" style="border: 1px #c9c399 \
solid; border-radius: 6px; -moz-border-radius: 6px; -webkit-border-radius: 6px;">  \
<tr>  <td>
      This is an automatically generated e-mail. To reply, visit:
      <a href="https://git.reviewboard.kde.org/r/120433/">https://git.reviewboard.kde.org/r/120433/</a>
  </td>
    </tr>
   </table>
   <br />




<table bgcolor="#e0e0e0" width="100%" cellpadding="12" style="border: 1px gray solid; \
border-radius: 6px; -moz-border-radius: 6px; -webkit-border-radius: 6px;">  <tr>
  <td>
   <h1 style="margin: 0; padding: 0; font-size: 10pt;">This change has been marked as \
submitted.</h1>  </td>
 </tr>
</table>
<br />


<table bgcolor="#fefadf" width="100%" cellspacing="0" cellpadding="12" style="border: \
1px #888a85 solid; border-radius: 6px; -moz-border-radius: 6px; \
-webkit-border-radius: 6px;">  <tr>
  <td>

<div>Review request for Phonon and Harald Sitter.</div>
<div>By Uwe L. Korn.</div>


<p style="color: grey;"><i>Updated Sept. 30, 2014, 10:37 a.m.</i></p>









<div style="margin-top: 1.5em;">
 <b style="color: #575012; font-size: 10pt;">Repository: </b>
phonon-vlc
</div>


<h1 style="color: #575012; font-size: 10pt; margin-top: 1.5em;">Description </h1>
 <table width="100%" bgcolor="#ffffff" cellspacing="0" cellpadding="10" \
style="border: 1px solid #b8b5a0">  <tr>
  <td>
   <pre style="margin: 0; padding: 0; white-space: pre-wrap; white-space: \
-moz-pre-wrap; white-space: -pre-wrap; white-space: -o-pre-wrap; word-wrap: \
break-word;"><p style="padding: 0;text-rendering: inherit;margin: 0;line-height: \
inherit;white-space: inherit;">StreamReader::readCallback always allocates buffer \
using new[] but the<br style="padding: 0;text-rendering: inherit;margin: \
0;line-height: inherit;white-space: normal;" /> deletion was done in \
StreamReader::readDoneCallback with a mismatching<br style="padding: \
0;text-rendering: inherit;margin: 0;line-height: inherit;white-space: normal;" /> \
delete.</p> <p style="padding: 0;text-rendering: inherit;margin: 0;line-height: \
inherit;white-space: inherit;">related AddressSanitizer output:</p> <p \
style="padding: 0;text-rendering: inherit;margin: 0;line-height: inherit;white-space: \
inherit;"><div class="codehilite" style="background: #f8f8f8"><pre \
style="line-height: 125%"><span style="color: \
#666666">=================================================================</span> \
<span style="color: #666666">==28275==</span>ERROR<span style="color: \
#666666">:</span> AddressSanitizer<span style="color: #666666">:</span> alloc<span \
style="color: #666666">-</span>dealloc<span style="color: #666666">-</span>mismatch \
(operator new [] vs operator delete) on <span style="color: \
#666666">0x62d001450400</span>  <span style="border: 1px solid #FF0000">#</span><span \
style="color: #666666">0</span> <span style="color: #666666">0x46310b</span> in \
operator delete(<span style="color: #B00040">void</span><span style="color: \
#666666">*</span>) (<span style="color: #666666">/</span>home<span style="color: \
#666666">/</span>xhochy<span style="color: #666666">/</span>Development<span \
style="color: #666666">/</span>tomahawk<span style="color: \
#666666">-</span>player<span style="color: #666666">/</span>build<span style="color: \
#666666">/</span>tomahawk<span style="color: #666666">-</span>asan<span style="color: \
#666666">-</span>qt5<span style="color: #666666">/</span>tomahawk<span style="color: \
#666666">+0x46310b</span>)  <span style="border: 1px solid #FF0000">#</span><span \
style="color: #666666">1</span> <span style="color: #666666">0x7f3a925dd56b</span> in \
Phonon<span style="color: #666666">::</span>VLC<span style="color: \
#666666">::</span>StreamReader<span style="color: \
#666666">::</span>readDoneCallback(<span style="color: #B00040">void</span><span \
style="color: #666666">*</span>, <span style="color: #B00040">char</span> <span \
style="color: #008000; font-weight: bold">const</span><span style="color: \
#666666">*</span>, <span style="color: #B00040">unsigned</span> <span style="color: \
#B00040">long</span>, <span style="color: #B00040">void</span><span style="color: \
#666666">*</span>) <span style="color: #666666">/</span>var<span style="color: \
#666666">/</span>tmp<span style="color: #666666">/</span>notmpfs<span style="color: \
#666666">/</span>portage<span style="color: #666666">/</span>media<span style="color: \
#666666">-</span>libs<span style="color: #666666">/</span>phonon<span style="co  lor: \
#666666">-</span>vlc<span style="color: #666666">-9999/</span>work<span style="color: \
#666666">/</span>phonon<span style="color: #666666">-</span>vlc<span style="color: \
#666666">-9999/</span>src<span style="color: #666666">/</span>streamreader.cpp<span \
style="color: #666666">:112</span>  <span style="border: 1px solid \
#FF0000">#</span><span style="color: #666666">2</span> <span style="color: \
#666666">0x7f3a84e5d06f</span> in Block <span style="color: #666666">/</span>var<span \
style="color: #666666">/</span>tmp<span style="color: #666666">/</span>portage<span \
style="color: #666666">/</span>media<span style="color: #666666">-</span>video<span \
style="color: #666666">/</span>vlc<span style="color: #666666">-9999/</span>work<span \
style="color: #666666">/</span>vlc<span style="color: \
#666666">-9999/</span>modules<span style="color: #666666">/</span>access<span \
style="color: #666666">/</span>imem.c<span style="color: #666666">:389</span>  <span \
style="border: 1px solid #FF0000">#</span><span style="color: #666666">3</span> <span \
style="color: #666666">0x7f3a924f4210</span> in AReadBlock <span style="color: \
#666666">/</span>var<span style="color: #666666">/</span>tmp<span style="color: \
#666666">/</span>portage<span style="color: #666666">/</span>media<span style="color: \
#666666">-</span>video<span style="color: #666666">/</span>vlc<span style="color: \
#666666">-9999/</span>work<span style="color: #666666">/</span>vlc<span style="color: \
#666666">-9999/</span>src<span style="color: #666666">/</span>input<span \
style="color: #666666">/</span>stream.c<span style="color: #666666">:1749</span>  \
<span style="border: 1px solid #FF0000">#</span><span style="color: #666666">4</span> \
<span style="color: #666666">0x7f3a924f45d3</span> in AStreamPrebufferBlock <span \
style="color: #666666">/</span>var<span style="color: #666666">/</span>tmp<span \
style="color: #666666">/</span>portage<span style="color: #666666">/</span>media<span \
style="color: #666666">-</span>video<span style="color: #666666">/</span>vlc<span \
style="color: #666666">-9999/</span>work<span style="color: #666666">/</span>vlc<span \
style="color: #666666">-9999/</span>src<span style="color: \
#666666">/</span>input<span style="color: #666666">/</span>stream.c<span \
style="color: #666666">:706</span>  <span style="border: 1px solid \
#FF0000">#</span><span style="color: #666666">5</span> <span style="color: \
#666666">0x7f3a924f5edf</span> in stream_AccessNew <span style="color: \
#666666">/</span>var<span style="color: #666666">/</span>tmp<span style="color: \
#666666">/</span>portage<span style="color: #666666">/</span>media<span style="color: \
#666666">-</span>video<span style="color: #666666">/</span>vlc<span style="color: \
#666666">-9999/</span>work<span style="color: #666666">/</span>vlc<span style="color: \
#666666">-9999/</span>src<span style="color: #666666">/</span>input<span \
style="color: #666666">/</span>stream.c<span style="color: #666666">:389</span>  \
<span style="border: 1px solid #FF0000">#</span><span style="color: #666666">6</span> \
<span style="color: #666666">0x7f3a924ed189</span> in InputSourceInit <span \
style="color: #666666">/</span>var<span style="color: #666666">/</span>tmp<span \
style="color: #666666">/</span>portage<span style="color: #666666">/</span>media<span \
style="color: #666666">-</span>video<span style="color: #666666">/</span>vlc<span \
style="color: #666666">-9999/</span>work<span style="color: #666666">/</span>vlc<span \
style="color: #666666">-9999/</span>src<span style="color: \
#666666">/</span>input<span style="color: #666666">/</span>input.c<span style="color: \
#666666">:2347</span>  <span style="border: 1px solid #FF0000">#</span><span \
style="color: #666666">7</span> <span style="color: #666666">0x7f3a924ee0d3</span> in \
Init <span style="color: #666666">/</span>var<span style="color: \
#666666">/</span>tmp<span style="color: #666666">/</span>portage<span style="color: \
#666666">/</span>media<span style="color: #666666">-</span>video<span style="color: \
#666666">/</span>vlc<span style="color: #666666">-9999/</span>work<span style="color: \
#666666">/</span>vlc<span style="color: #666666">-9999/</span>src<span style="color: \
#666666">/</span>input<span style="color: #666666">/</span>input.c<span style="color: \
#666666">:1204</span>  <span style="border: 1px solid #FF0000">#</span><span \
style="color: #666666">8</span> <span style="color: #666666">0x7f3a924f1055</span> in \
Run <span style="color: #666666">/</span>var<span style="color: \
#666666">/</span>tmp<span style="color: #666666">/</span>portage<span style="color: \
#666666">/</span>media<span style="color: #666666">-</span>video<span style="color: \
#666666">/</span>vlc<span style="color: #666666">-9999/</span>work<span style="color: \
#666666">/</span>vlc<span style="color: #666666">-9999/</span>src<span style="color: \
#666666">/</span>input<span style="color: #666666">/</span>input.c<span style="color: \
#666666">:518</span>  <span style="border: 1px solid #FF0000">#</span><span \
style="color: #666666">9</span> <span style="color: #666666">0x7f3aa6e07202</span> in \
start_thread <span style="color: #666666">/</span>var<span style="color: \
#666666">/</span>tmp<span style="color: #666666">/</span>portage<span style="color: \
#666666">/</span>sys<span style="color: #666666">-</span>libs<span style="color: \
#666666">/</span>glibc<span style="color: #666666">-2.19-</span>r1<span style="color: \
#666666">/</span>work<span style="color: #666666">/</span>glibc<span style="color: \
#666666">-2.19/</span>nptl<span style="color: #666666">/</span>pthread_create.c<span \
style="color: #666666">:309</span>  <span style="border: 1px solid \
#FF0000">#</span><span style="color: #666666">10</span> <span style="color: \
#666666">0x7f3aa5a319ac</span> in clone <span style="color: #666666">/</span>var<span \
style="color: #666666">/</span>tmp<span style="color: #666666">/</span>portage<span \
style="color: #666666">/</span>sys<span style="color: #666666">-</span>libs<span \
style="color: #666666">/</span>glibc<span style="color: #666666">-2.19-</span>r1<span \
style="color: #666666">/</span>work<span style="color: #666666">/</span>glibc<span \
style="color: #666666">-2.19/</span>misc<span style="color: #666666">/</span>..<span \
style="color: #666666">/</span>sysdeps<span style="color: #666666">/</span>unix<span \
style="color: #666666">/</span>sysv<span style="color: #666666">/</span>linux<span \
style="color: #666666">/</span>x86_64<span style="color: \
#666666">/</span>clone.S<span style="color: #666666">:111</span>

<span style="color: #666666">0x62d001450400</span> is located <span style="color: \
#666666">0</span> bytes inside of <span style="color: #666666">32768-</span>byte \
region [<span style="color: #666666">0x62d001450400</span>,<span style="color: \
#666666">0x62d001458400</span>) allocated by <span style="color: #008000; \
font-weight: bold">thread</span> T42 here<span style="color: #666666">:</span>  <span \
style="border: 1px solid #FF0000">#</span><span style="color: #666666">0</span> <span \
style="color: #666666">0x462d1b</span> in operator new[](<span style="color: \
#B00040">unsigned</span> <span style="color: #B00040">long</span>) (<span \
style="color: #666666">/</span>home<span style="color: #666666">/</span>xhochy<span \
style="color: #666666">/</span>Development<span style="color: \
#666666">/</span>tomahawk<span style="color: #666666">-</span>player<span \
style="color: #666666">/</span>build<span style="color: \
#666666">/</span>tomahawk<span style="color: #666666">-</span>asan<span style="color: \
#666666">-</span>qt5<span style="color: #666666">/</span>tomahawk<span style="color: \
#666666">+0x462d1b</span>)  <span style="border: 1px solid #FF0000">#</span><span \
style="color: #666666">1</span> <span style="color: #666666">0x7f3a925dd893</span> in \
Phonon<span style="color: #666666">::</span>VLC<span style="color: \
#666666">::</span>StreamReader<span style="color: \
#666666">::</span>readCallback(<span style="color: #B00040">void</span><span \
style="color: #666666">*</span>, <span style="color: #B00040">char</span> <span \
style="color: #008000; font-weight: bold">const</span><span style="color: \
#666666">*</span>, <span style="color: #B00040">long</span><span style="color: \
#666666">*</span>, <span style="color: #B00040">long</span><span style="color: \
#666666">*</span>, <span style="color: #B00040">unsigned</span> <span style="color: \
#B00040">int</span><span style="color: #666666">*</span>, <span style="color: \
#B00040">unsigned</span> <span style="color: #B00040">long</span><span style="color: \
#666666">*</span>, <span style="color: #B00040">void</span><span style="color: \
#666666">**</s  pan>) <span style="color: #666666">/</span>var<span style="color: \
#666666">/</span>tmp<span style="color: #666666">/</span>notmpfs<span style="color: \
#666666">/</span>portage<span style="color: #666666">/</span>media<span style="color: \
#666666">-</span>libs<span style="color: #666666">/</span>phonon<span style="color: \
#666666">-</span>vlc<span style="color: #666666">-9999/</span>work<span style="color: \
#666666">/</span>phonon<span style="color: #666666">-</span>vlc<span style="color: \
#666666">-9999/</span>src<span style="color: #666666">/</span>streamreader.cpp<span \
style="color: #666666">:96</span>

Thread T42 created by T0 here<span style="color: #666666">:</span>
    <span style="border: 1px solid #FF0000">#</span><span style="color: \
#666666">0</span> <span style="color: #666666">0x4b209f</span> in \
__interceptor_pthread_create (<span style="color: #666666">/</span>home<span \
style="color: #666666">/</span>xhochy<span style="color: \
#666666">/</span>Development<span style="color: #666666">/</span>tomahawk<span \
style="color: #666666">-</span>player<span style="color: #666666">/</span>build<span \
style="color: #666666">/</span>tomahawk<span style="color: #666666">-</span>asan<span \
style="color: #666666">-</span>qt5<span style="color: #666666">/</span>tomahawk<span \
style="color: #666666">+0x4b209f</span>)  <span style="border: 1px solid \
#FF0000">#</span><span style="color: #666666">1</span> <span style="color: \
#666666">0x7f3a9252ecf0</span> in vlc_clone_attr <span style="color: \
#666666">/</span>var<span style="color: #666666">/</span>tmp<span style="color: \
#666666">/</span>portage<span style="color: #666666">/</span>media<span style="color: \
#666666">-</span>video<span style="color: #666666">/</span>vlc<span style="color: \
#666666">-9999/</span>work<span style="color: #666666">/</span>vlc<span style="color: \
#666666">-9999/</span>src<span style="color: #666666">/</span>posix<span \
style="color: #666666">/</span><span style="color: #008000; font-weight: \
bold">thread</span>.c<span style="color: #666666">:653</span>

<span style="color: #A0A000">SUMMARY:</span> AddressSanitizer<span style="color: \
#666666">:</span> alloc<span style="color: #666666">-</span>dealloc<span \
style="color: #666666">-</span>mismatch <span style="color: #666666">??:0</span> \
operator delete(<span style="color: #B00040">void</span><span style="color: \
#666666">*</span>) <span style="color: #666666">==28275==</span>HINT<span \
style="color: #666666">:</span> <span style="color: #008000; font-weight: \
bold">if</span> you don<span style="border: 1px solid #FF0000">&#39;</span>t care \
about these warnings you may set ASAN_OPTIONS<span style="color: \
#666666">=</span>alloc_dealloc_mismat </pre></div>
</p></pre>
  </td>
 </tr>
</table>


<h1 style="color: #575012; font-size: 10pt; margin-top: 1.5em;">Testing </h1>
<table width="100%" bgcolor="#ffffff" cellspacing="0" cellpadding="10" style="border: \
1px solid #b8b5a0">  <tr>
  <td>
   <pre style="margin: 0; padding: 0; white-space: pre-wrap; white-space: \
-moz-pre-wrap; white-space: -pre-wrap; white-space: -o-pre-wrap; word-wrap: \
break-word;"><p style="padding: 0;text-rendering: inherit;margin: 0;line-height: \
inherit;white-space: inherit;">Plays successfully in Tomahawk-git.</p></pre>  </td>
 </tr>
</table>


<h1 style="color: #575012; font-size: 10pt; margin-top: 1.5em;">Diffs</b> </h1>
<ul style="margin-left: 3em; padding-left: 0;">

 <li>src/streamreader.cpp <span style="color: \
grey">(dac45456ee0228267aec3732cf617def0ef9db3d)</span></li>

</ul>

<p><a href="https://git.reviewboard.kde.org/r/120433/diff/" style="margin-left: \
3em;">View Diff</a></p>






  </td>
 </tr>
</table>




  </div>
 </body>
</html>


--===============8669755469543019666==--



_______________________________________________
kde-multimedia mailing list
kde-multimedia@kde.org
https://mail.kde.org/mailman/listinfo/kde-multimedia


[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic