View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0000944 | Ecere SDK | ide:parsing | public | 2013-06-29 21:36 | 2013-08-07 03:33 |
Reporter | jerome | Assigned To | jerome | ||
Priority | immediate | Severity | major | Reproducibility | always |
Status | closed | Resolution | fixed | ||
Product Version | 0.44.07 | ||||
Target Version | 0.44.08 | Fixed in Version | 0.44.08 | ||
Summary | 0000944: Crash opening historic ecere.h | ||||
Description | As summarized | ||||
Tags | No tags attached. | ||||
2013-06-29 21:36
|
|
|
Came across a freed memory read in grammar parser while checking under the Valgrind microscope: https://github.com/ecere/sdk/commit/48f24abaf11aa95772c5c7adcfad367ffc0f4ecf That was not however the main issue causing the crash. |
|
Simplified the test case to the following contents: typedef struct { void * first, * last; DWORD offset; BOOL circ; } List; #define LLITEM(t) t * prev, * next #define DECL_ITEM(n) \ typedef struct n n;\ struct n {\ LLITEM(n); #define END_ITEM }; DECL_ITEM(Item) END_ITEM DECL_ITEM(LLVOID) void * data; END_ITEM typedef struct { float a,r,g,b; } Color; typedef struct { Color diffuse, ambient, specular, emissive; float power; Bitmap * baseMap, * bumpMap, * envMap; } Material; |
|
Further simplification (crashes on freeing): typedef int foo; A (B) C A (E) C typedef struct { } G; |
|
==9653== Invalid read of size 8 ==9653== at 0x501BEAA: __ecereMethod___ecereNameSpace__ecere__sys__BinaryTree_Remove (BinaryTree.ec:90) ==9653== by 0x95CCD9D: FreeContext (freeAst.ec:235) ==9653== by 0x4842C3: __ecereMethod_CodeEditor_FreeParser (CodeEditor.ec:2511) ==9653== by 0x48245A: __ecereMethod_CodeEditor_OnDestroy (CodeEditor.ec:2112) ==9653== by 0x4FE7D0E: __ecereMethod___ecereNameSpace__ecere__gui__Window_DestroyEx (Window.ec:5577) ==9653== by 0x4FE7D5F: __ecereMethod___ecereNameSpace__ecere__gui__Window_DestroyEx (Window.ec:5586) ==9653== by 0x4FE7D5F: __ecereMethod___ecereNameSpace__ecere__gui__Window_DestroyEx (Window.ec:5586) ==9653== by 0x4FE7D5F: __ecereMethod___ecereNameSpace__ecere__gui__Window_DestroyEx (Window.ec:5586) ==9653== by 0x4FEB932: __ecereMethod___ecereNameSpace__ecere__gui__Window_Destroy (Window.ec:6409) ==9653== by 0x4E6A09: __ecereInstMeth___ecereNameSpace__ecere__gui__controls__MenuItem_NotifySelect__00000030 (ide.ec:822) ==9653== by 0x4F70EF3: __ecereMethod___ecereNameSpace__ecere__gui__controls__PopupMenu_MenuItemSelection (Menu.ec:891) ==9653== by 0x4F73379: __ecereMethod___ecereNameSpace__ecere__gui__controls__PopupMenu_OnKeyDown (Menu.ec:1279) ==9653== Address 0x92e02e8 is 40 bytes inside a block of size 344 free'd ==9653== at 0x4C2B6A6: free (vg_replace_malloc.c:446) ==9653== by 0x5028437: __ecereNameSpace__ecere__com___myfree (instance.ec:1235) ==9653== by 0x50289FF: __ecereNameSpace__ecere__com_(float, long double,...)(...) (instance.ec:1772) ==9653== by 0x5035028: __ecereNameSpace__ecere__com__eSystem_Delete (instance.ec:5777) ==9653== by 0x95CC5E0: FreeType (freeAst.ec:82) ==9653== by 0x95CC4AE: FreeType (freeAst.ec:54) ==9653== by 0x95CC629: FreeSymbol (freeAst.ec:94) ==9653== by 0x95CCD67: FreeContext (freeAst.ec:231) ==9653== by 0x4842C3: __ecereMethod_CodeEditor_FreeParser (CodeEditor.ec:2511) ==9653== by 0x48245A: __ecereMethod_CodeEditor_OnDestroy (CodeEditor.ec:2112) ==9653== by 0x4FE7D0E: __ecereMethod___ecereNameSpace__ecere__gui__Window_DestroyEx (Window.ec:5577) ==9653== by 0x4FE7D5F: __ecereMethod___ecereNameSpace__ecere__gui__Window_DestroyEx (Window.ec:5586) ==9653== |
|
Fixed by https://github.com/ecere/sdk/commit/79b69b9a135900a02474d1a0cb9493317d382915 |
Date Modified | Username | Field | Change |
---|---|---|---|
2013-06-29 21:36 | jerome | New Issue | |
2013-06-29 21:36 | jerome | Status | new => assigned |
2013-06-29 21:36 | jerome | Assigned To | => jerome |
2013-06-29 21:36 | jerome | File Added: ecere.h | |
2013-07-01 18:35 | jerome | Note Added: 0000916 | |
2013-07-01 18:36 | jerome | Note Added: 0000917 | |
2013-07-01 19:20 | jerome | Note Added: 0000918 | |
2013-07-01 19:21 | jerome | Note Edited: 0000918 | |
2013-07-01 19:22 | jerome | Note Added: 0000919 | |
2013-07-01 19:23 | jerome | Note Edited: 0000919 | |
2013-07-01 20:08 | jerome | Status | assigned => resolved |
2013-07-01 20:08 | jerome | Fixed in Version | => 0.44.10 64 |
2013-07-01 20:08 | jerome | Resolution | open => fixed |
2013-07-01 20:08 | jerome | Note Added: 0000920 | |
2013-07-04 19:43 | jerome | Status | resolved => closed |
2013-08-07 03:33 | jerome | Fixed in Version | 0.44.10 64 => 0.44.08 |
2013-08-07 03:33 | jerome | Target Version | 0.44.10 64 => 0.44.08 |