Hello,
Sebastian Humenda, le lun. 25 nov. 2024 13:12:23 +0100, a ecrit:
> Samuel Thibault schrieb am 15.11.2024, 0:36 +0100:
> >> The backtrace is below.
> >> How would the backtraces change if the sanitizer is active?
> >
> >It wouldn't, the sanitizer prints its debugging on stderr during the
> >execution.
>
> Alright. Before I could reproduce the crash in X, I got earlier crashes with
> the sanitiser enabled. The first one (log no. 1) occured a few seconds after
> starting BRLTTY. The 2nd when activating the English language profile using
> ShiftLeft + ShiftRight + E.
There is fishy code in endItem_files: it sets gl_pathv elements to
NULL before calling globfree. It happens that for glibc it's fine, but
address sanitizer is right in crashing because the gl_pathc elements
are supposed to be non-NULL. I don't see why this is doing that, one is
not supposed to assume how this is allocated, so setting it to NULL is
either a memory leak, or potential mis-free later on.
For the time being, you can try to exchange these two lines, which will
avoid the issue in asan.
globfree(&files->glob);
files->glob.gl_pathc = 0;
Samuel
_______________________________________________
This message was sent via the BRLTTY mailing list.
To post a message, send an e-mail to: [email protected]
For general information, go to: http://brltty.app/mailman/listinfo/brltty
