[BRLTTY] Crash of BRLTTY in X sessionudo systemctl edit brlpulse
Samuel Thibault
samuel.thibault at ens-lyon.org
Mon Mar 3 10:26:45 UTC 2025
Hello,
Sebastian Humenda, le lun. 03 mars 2025 11:20:03 +0100, a ecrit:
> Dave Mielke schrieb am 01.03.2025, 7:41 -0500:
> >[quoted lines by Samuel Thibault on 2025/02/27 at 21:54 +0100]
> >
> >>I believe we have the information:
> >>
> >>> ==208649==ERROR: AddressSanitizer: heap-use-after-free on address 0x60c0019f8101 at pc 0x55de2ae390a3 bp 0x7fff172e34a0 sp 0x7fff172e3498
> >>> READ of size 1 at 0x60c0019f8101 thread T0
> >>> #0 0x55de2ae390a2 in usbCancelRequest ??:?
> >>
> >>This is the urb->endpoint read. We are trying to cancel a request but it
> >>was already freed.
> >
> >Sebastian: Please test the attached patch.
>
> The ASAN output is below. It might be unrelated, as I saw the behaviour on the
> TTY.
Is unrelated indeed.
It seems that debugging symbols are missing. Did you use
--disable-stripping to make sure they get installed?
Samuel
> brltty[529799]: Braille Driver: ht [HandyTech] Version:0.6
> brltty[529799]: brltty: Braille Driver: ht [HandyTech] Version:0.6
> brltty[529799]: AddressSanitizer:DEADLYSIGNAL
> brltty[529799]: =================================================================
> brltty[529799]: ==529799==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x7f33836d0d66 bp 0x7ffff7b30bb0 sp 0x7ffff7b30338 T0)
> brltty[529799]: ==529799==The signal is caused by a READ memory access.
> brltty[529799]: ==529799==Hint: address points to the zero page.
> brltty[529799]: #0 0x7f33836d0d66 in __sanitizer::internal_strlen(char const*) ../../../../src/libsanitizer/sanitizer_common/sanitizer_libc.cpp:167
> brltty[529799]: #1 0x7f338366dc9f in unpoison_glob_t ../../../../src/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc:2304
> brltty[529799]: #2 0x7f338366e292 in __interceptor_glob ../../../../src/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc:2380
> brltty[529799]: #3 0x55f3f6a1fd9b (/usr/bin/brltty+0x109d9b)
> brltty[529799]: #4 0x55f3f6a1e0dd (/usr/bin/brltty+0x1080dd)
> brltty[529799]: #5 0x55f3f6a23009 in getCurrentMenuItem (/usr/bin/brltty+0x10d009)
> brltty[529799]: #6 0x55f3f6a22b72 in changeMenuSettingScaled (/usr/bin/brltty+0x10cb72)
> brltty[529799]: #7 0x55f3f6a4b2ad (/usr/bin/brltty+0x1352ad)
> brltty[529799]: #8 0x55f3f6a3a0f8 in handleCommand (/usr/bin/brltty+0x1240f8)
> brltty[529799]: #9 0x55f3f6a3a388 in handleCommandAlarm (/usr/bin/brltty+0x124388)
> brltty[529799]: #10 0x55f3f69f2205 in asyncExecuteAlarmCallback (/usr/bin/brltty+0xdc205)
> brltty[529799]: #11 0x55f3f69f0a72 (/usr/bin/brltty+0xdaa72)
> brltty[529799]: #12 0x55f3f69f0f06 (/usr/bin/brltty+0xdaf06)
> brltty[529799]: #13 0x55f3f69f11ef in asyncAwaitCondition (/usr/bin/brltty+0xdb1ef)
> brltty[529799]: #14 0x55f3f69ca47b in brlttyWait (/usr/bin/brltty+0xb447b)
> brltty[529799]: #15 0x55f3f69c2ad7 (/usr/bin/brltty+0xacad7)
> brltty[529799]: #16 0x55f3f69c2b10 in main (/usr/bin/brltty+0xacb10)
> brltty[529799]: #17 0x7f3380e46249 in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
> brltty[529799]: #18 0x7f3380e46304 in __libc_start_main_impl ../csu/libc-start.c:360
> brltty[529799]: #19 0x55f3f69c2a00 in _start (/usr/bin/brltty+0xaca00)
> brltty[529799]: AddressSanitizer can not provide additional info.
> brltty[529799]: SUMMARY: AddressSanitizer: SEGV ../../../../src/libsanitizer/sanitizer_common/sanitizer_libc.cpp:167 in __sanitizer::internal_strlen(char const*)
> brltty[529799]: ==529799==ABORTING
> _______________________________________________
> This message was sent via the BRLTTY mailing list.
> To post a message, send an e-mail to: BRLTTY at brltty.app
> For general information, go to: http://brltty.app/mailman/listinfo/brltty
>
--
Samuel
Be warned that typing \fBkillall \fIname\fP may not have the desired
effect on non-Linux systems, especially when done by a privileged user.
(From the killall manual page)
More information about the BRLTTY
mailing list