Hi Dave Dave Mielke schrieb am 01.03.2025, 7:41 -0500: >[quoted lines by Samuel Thibault on 2025/02/27 at 21:54 +0100] > >>I believe we have the information: >> >>> ==208649==ERROR: AddressSanitizer: heap-use-after-free on address >>> 0x60c0019f8101 at pc 0x55de2ae390a3 bp 0x7fff172e34a0 sp 0x7fff172e3498 >>> READ of size 1 at 0x60c0019f8101 thread T0 >>> #0 0x55de2ae390a2 in usbCancelRequest ??:? >> >>This is the urb->endpoint read. We are trying to cancel a request but it >>was already freed. > >Sebastian: Please test the attached patch.
The ASAN output is below. It might be unrelated, as I saw the behaviour on the TTY. Thanks Sebastian === brltty[529799]: Braille Driver: ht [HandyTech] Version:0.6 brltty[529799]: brltty: Braille Driver: ht [HandyTech] Version:0.6 brltty[529799]: AddressSanitizer:DEADLYSIGNAL brltty[529799]: ================================================================= brltty[529799]: ==529799==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x7f33836d0d66 bp 0x7ffff7b30bb0 sp 0x7ffff7b30338 T0) brltty[529799]: ==529799==The signal is caused by a READ memory access. brltty[529799]: ==529799==Hint: address points to the zero page. brltty[529799]: #0 0x7f33836d0d66 in __sanitizer::internal_strlen(char const*) ../../../../src/libsanitizer/sanitizer_common/sanitizer_libc.cpp:167 brltty[529799]: #1 0x7f338366dc9f in unpoison_glob_t ../../../../src/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc:2304 brltty[529799]: #2 0x7f338366e292 in __interceptor_glob ../../../../src/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc:2380 brltty[529799]: #3 0x55f3f6a1fd9b (/usr/bin/brltty+0x109d9b) brltty[529799]: #4 0x55f3f6a1e0dd (/usr/bin/brltty+0x1080dd) brltty[529799]: #5 0x55f3f6a23009 in getCurrentMenuItem (/usr/bin/brltty+0x10d009) brltty[529799]: #6 0x55f3f6a22b72 in changeMenuSettingScaled (/usr/bin/brltty+0x10cb72) brltty[529799]: #7 0x55f3f6a4b2ad (/usr/bin/brltty+0x1352ad) brltty[529799]: #8 0x55f3f6a3a0f8 in handleCommand (/usr/bin/brltty+0x1240f8) brltty[529799]: #9 0x55f3f6a3a388 in handleCommandAlarm (/usr/bin/brltty+0x124388) brltty[529799]: #10 0x55f3f69f2205 in asyncExecuteAlarmCallback (/usr/bin/brltty+0xdc205) brltty[529799]: #11 0x55f3f69f0a72 (/usr/bin/brltty+0xdaa72) brltty[529799]: #12 0x55f3f69f0f06 (/usr/bin/brltty+0xdaf06) brltty[529799]: #13 0x55f3f69f11ef in asyncAwaitCondition (/usr/bin/brltty+0xdb1ef) brltty[529799]: #14 0x55f3f69ca47b in brlttyWait (/usr/bin/brltty+0xb447b) brltty[529799]: #15 0x55f3f69c2ad7 (/usr/bin/brltty+0xacad7) brltty[529799]: #16 0x55f3f69c2b10 in main (/usr/bin/brltty+0xacb10) brltty[529799]: #17 0x7f3380e46249 in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58 brltty[529799]: #18 0x7f3380e46304 in __libc_start_main_impl ../csu/libc-start.c:360 brltty[529799]: #19 0x55f3f69c2a00 in _start (/usr/bin/brltty+0xaca00) brltty[529799]: AddressSanitizer can not provide additional info. brltty[529799]: SUMMARY: AddressSanitizer: SEGV ../../../../src/libsanitizer/sanitizer_common/sanitizer_libc.cpp:167 in __sanitizer::internal_strlen(char const*) brltty[529799]: ==529799==ABORTING _______________________________________________ This message was sent via the BRLTTY mailing list. To post a message, send an e-mail to: [email protected] For general information, go to: http://brltty.app/mailman/listinfo/brltty
