widelands

Pressing Tab in message window leads to stack-overflow

Bug #1791527 reported by Notabilis on 2018-09-09

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	widelands	Fix Released	Undecided	Unassigned	widelands build20-rc1

Bug Description

Starting a new game, opening the messages window and pressing the tab key leads to ASAN aborting the game:

AddressSanitizer:DEADLYSIGNAL
=================================================================
==15067==ERROR: AddressSanitizer: stack-overflow on address 0x7ffc017f9f98 (pc 0x563d5c63fab4 bp 0x7ffc017fa030 sp 0x7ffc017f9f80 T0)
    #0 0x563d5c63fab3 in UI::Table<void*>::handle_key(bool, SDL_Keysym) ../src/ui_basic/table.cc:336
    #1 0x563d5c942dbd in GameMessageMenu::handle_key(bool, SDL_Keysym) ../src/wui/game_message_menu.cc:421
[...]
   #248 0x563d5c63fcb0 in UI::Table<void*>::handle_key(bool, SDL_Keysym) ../src/ui_basic/table.cc:345
    #249 0x563d5c942dbd in GameMessageMenu::handle_key(bool, SDL_Keysym) ../src/wui/game_message_menu.cc:421

SUMMARY: AddressSanitizer: stack-overflow ../src/ui_basic/table.cc:336 in UI::Table<void*>::handle_key(bool, SDL_Keysym)
==15067==ABORTING

Tags:

Related branches

lp:~widelands-dev/widelands/bugfix_game_message_menu (Merged)

lp:widelands

Merged into lp:~mmrxyz/widelands/scenario_tutorial01_typo_fix

GunChleoc (community): Disapprove on 2019-02-09

Murtaza: Pending requested 2019-02-03

Diff: 17571 lines (+10874/-1966)

153 files modified

data/i18n/locales.lua (+383/-383)
data/i18n/translation_stats.conf (+7/-7)
data/scripting/coroutine.lua (+1/-1)
data/scripting/messages.lua (+1/-9)
data/scripting/ui.lua (+4/-2)
data/scripting/win_conditions/collectors.lua (+30/-51)
data/scripting/win_conditions/win_condition_functions.lua (+59/-1)
data/scripting/win_conditions/wood_gnome.lua (+58/-60)
data/tribes/workers/atlanteans/carrier/init.lua (+1/-9)
data/tribes/workers/frisians/baker/init.lua (+1/-0)
data/tribes/workers/frisians/baker_master/init.lua (+1/-0)
data/tribes/workers/frisians/beekeeper/init.lua (+1/-0)
data/tribes/workers/frisians/blacksmith/init.lua (+1/-0)
data/tribes/workers/frisians/blacksmith_master/init.lua (+1/-0)
data/tribes/workers/frisians/brewer/init.lua (+1/-0)
data/tribes/workers/frisians/brewer_master/init.lua (+1/-0)
data/tribes/workers/frisians/brickmaker/init.lua (+1/-0)
data/tribes/workers/frisians/builder/init.lua (+1/-0)
data/tribes/workers/frisians/charcoal_burner/init.lua (+1/-0)
data/tribes/workers/frisians/claydigger/init.lua (+1/-0)
data/tribes/workers/frisians/farmer/init.lua (+1/-0)
data/tribes/workers/frisians/fisher/init.lua (+1/-0)
data/tribes/workers/frisians/fruit_collector/init.lua (+1/-0)
data/tribes/workers/frisians/hunter/init.lua (+1/-0)
data/tribes/workers/frisians/landlady/init.lua (+1/-0)
data/tribes/workers/frisians/miner/init.lua (+1/-0)
data/tribes/workers/frisians/miner_master/init.lua (+1/-0)
data/tribes/workers/frisians/reed_farmer/init.lua (+1/-0)
data/tribes/workers/frisians/reindeer_breeder/init.lua (+1/-0)
data/tribes/workers/frisians/scout/init.lua (+1/-0)
data/tribes/workers/frisians/seamstress/init.lua (+1/-0)
data/tribes/workers/frisians/seamstress_master/init.lua (+1/-0)
data/tribes/workers/frisians/shipwright/init.lua (+1/-0)
data/tribes/workers/frisians/smelter/init.lua (+1/-0)
data/tribes/workers/frisians/smoker/init.lua (+1/-0)
data/tribes/workers/frisians/stonemason/init.lua (+1/-0)
data/tribes/workers/frisians/trainer/init.lua (+1/-0)
data/tribes/workers/frisians/woodcutter/init.lua (+1/-0)
data/txts/developers.json (+5/-3)
data/txts/developers.lua (+1/-1)
data/txts/translators_data.lua (+1/-1)
doc/sphinx/source/lua_tribes_workers.rst.org (+7/-0)
po/map_the_green_plateau.wmf/map_the_green_plateau.wmf.pot (+1/-1)
po/maps/maps.pot (+1/-1)
po/mp_scenario_island_hopping.wmf/mp_scenario_island_hopping.wmf.pot (+1/-1)
po/mp_scenario_smugglers.wmf/mp_scenario_smugglers.wmf.pot (+1/-1)
po/scenario_atl01.wmf/scenario_atl01.wmf.pot (+1/-1)
po/scenario_bar01.wmf/scenario_bar01.wmf.pot (+1/-1)
po/scenario_bar02.wmf/scenario_bar02.wmf.pot (+1/-1)
po/scenario_dummy.wmf/scenario_dummy.wmf.pot (+1/-1)
po/scenario_emp01.wmf/scenario_emp01.wmf.pot (+1/-1)
po/scenario_emp02.wmf/es.po (+122/-116)
po/scenario_emp02.wmf/scenario_emp02.wmf.pot (+1/-1)
po/scenario_emp03.wmf/es.po (+26/-8)
po/scenario_emp03.wmf/scenario_emp03.wmf.pot (+1/-1)
po/scenario_emp04.wmf/scenario_emp04.wmf.pot (+1/-1)
po/scenario_fri01.wmf/scenario_fri01.wmf.pot (+1/-1)
po/scenario_fri02.wmf/scenario_fri02.wmf.pot (+1/-1)
po/scenario_tutorial01_basic_control.wmf/scenario_tutorial01_basic_control.wmf.pot (+1/-1)
po/scenario_tutorial02_warfare.wmf/scenario_tutorial02_warfare.wmf.pot (+1/-1)
po/scenario_tutorial03_seafaring.wmf/scenario_tutorial03_seafaring.wmf.pot (+1/-1)
po/scenario_tutorial04_economy.wmf/scenario_tutorial04_economy.wmf.pot (+1/-1)
po/texts/es.po (+21/-20)
po/texts/texts.pot (+1/-1)
po/tribes/tribes.pot (+2/-2)
po/tribes_encyclopedia/ar.po (+152/-14)
po/tribes_encyclopedia/ast.po (+152/-14)
po/tribes_encyclopedia/bg.po (+152/-14)
po/tribes_encyclopedia/br.po (+152/-14)
po/tribes_encyclopedia/ca.po (+153/-15)
po/tribes_encyclopedia/cs.po (+152/-14)
po/tribes_encyclopedia/da.po (+152/-14)
po/tribes_encyclopedia/de.po (+154/-16)
po/tribes_encyclopedia/el.po (+152/-14)
po/tribes_encyclopedia/en_CA.po (+152/-14)
po/tribes_encyclopedia/en_GB.po (+152/-14)
po/tribes_encyclopedia/en_US.po (+152/-14)
po/tribes_encyclopedia/eo.po (+152/-14)
po/tribes_encyclopedia/es.po (+160/-21)
po/tribes_encyclopedia/et.po (+152/-14)
po/tribes_encyclopedia/eu.po (+152/-14)
po/tribes_encyclopedia/fa.po (+152/-14)
po/tribes_encyclopedia/fi.po (+154/-16)
po/tribes_encyclopedia/fr.po (+153/-15)
po/tribes_encyclopedia/fy.po (+152/-14)
po/tribes_encyclopedia/ga.po (+152/-14)
po/tribes_encyclopedia/gd.po (+152/-14)
po/tribes_encyclopedia/gl.po (+152/-14)
po/tribes_encyclopedia/he.po (+152/-14)
po/tribes_encyclopedia/hi.po (+152/-14)
po/tribes_encyclopedia/hr.po (+152/-14)
po/tribes_encyclopedia/hu.po (+152/-14)
po/tribes_encyclopedia/ia.po (+152/-14)
po/tribes_encyclopedia/id.po (+152/-14)
po/tribes_encyclopedia/ig.po (+152/-14)
po/tribes_encyclopedia/it.po (+152/-14)
po/tribes_encyclopedia/ja.po (+152/-14)
po/tribes_encyclopedia/jv.po (+152/-14)
po/tribes_encyclopedia/ka.po (+152/-14)
po/tribes_encyclopedia/ko.po (+153/-15)
po/tribes_encyclopedia/krl.po (+152/-14)
po/tribes_encyclopedia/la.po (+152/-14)
po/tribes_encyclopedia/lt.po (+152/-14)
po/tribes_encyclopedia/mr.po (+152/-14)
po/tribes_encyclopedia/ms.po (+152/-14)
po/tribes_encyclopedia/my.po (+152/-14)
po/tribes_encyclopedia/nb.po (+152/-14)
po/tribes_encyclopedia/nds.po (+153/-15)
po/tribes_encyclopedia/nl.po (+152/-14)
po/tribes_encyclopedia/nn.po (+152/-14)
po/tribes_encyclopedia/oc.po (+152/-14)
po/tribes_encyclopedia/pl.po (+152/-14)
po/tribes_encyclopedia/pt.po (+153/-15)
po/tribes_encyclopedia/pt_BR.po (+152/-14)
po/tribes_encyclopedia/ro.po (+152/-14)
po/tribes_encyclopedia/ru.po (+153/-15)
po/tribes_encyclopedia/rw.po (+152/-14)
po/tribes_encyclopedia/si.po (+152/-14)
po/tribes_encyclopedia/sk.po (+152/-14)
po/tribes_encyclopedia/sl.po (+152/-14)
po/tribes_encyclopedia/sr.po (+152/-14)
po/tribes_encyclopedia/sv.po (+153/-15)
po/tribes_encyclopedia/tr.po (+152/-14)
po/tribes_encyclopedia/tribes_encyclopedia.pot (+1/-1)
po/tribes_encyclopedia/uk.po (+152/-14)
po/tribes_encyclopedia/vi.po (+152/-14)
po/tribes_encyclopedia/zh_CN.po (+152/-14)
po/tribes_encyclopedia/zh_TW.po (+152/-14)
po/widelands/widelands.pot (+1/-1)
po/widelands_console/es.po (+19/-18)
po/widelands_console/widelands_console.pot (+1/-1)
po/widelands_editor/widelands_editor.pot (+1/-1)
po/win_conditions/win_conditions.pot (+37/-42)
po/world/world.pot (+1/-1)
src/economy/economy.cc (+5/-0)
src/economy/economy.h (+3/-0)
src/logic/game.cc (+1/-0)
src/scripting/lua_root.cc (+31/-2)
src/scripting/lua_root.h (+1/-0)
src/ui_basic/button.cc (+2/-4)
src/ui_basic/checkbox.cc (+0/-3)
src/ui_basic/panel.cc (+1/-1)
src/ui_basic/slider.cc (+1/-4)
src/ui_fsmenu/internet_lobby.cc (+6/-4)
src/website/CMakeLists.txt (+4/-0)
src/website/json/CMakeLists.txt (+10/-0)
src/website/json/json.cc (+138/-0)
src/website/json/json.h (+97/-0)
src/website/json/value.cc (+58/-0)
src/website/json/value.h (+71/-0)
src/website/map_info.cc (+12/-39)
src/website/map_object_info.cc (+81/-249)
utils/update_authors.py (+71/-16)

GunChleoc (gunchleoc) on 2018-09-12

tags:

added: asan

Revision history for this message

Arty (artydent) wrote on 2018-09-17:

From a quick peak at the code it looks like an endless key handling loop.

The game message window doesn't handle the tab key itself, so it refers handling down to its table:
GameMessageMenu::handle_key(bool, SDL_Keysym) ../src/wui/game_message_menu.cc:421

But tables specifically refer tab key handling up to their parents:
UI::Table<void*>::handle_key(bool, SDL_Keysym) ../src/ui_basic/table.cc:345

Solution: GameMessageMenu::handle_key(bool, SDL_Keysym) should simply handle the tab key with a default
return UI::Panel::handle_key(down, code);

I'll check tomorrow if I find other UI instances with similar handling loops. Not sure if I can already manage to upload a fix, if not someone else can make this small change. (I'll report back here if I find similar instances.)

Revision history for this message

GunChleoc (gunchleoc) wrote on 2018-09-18:

Thanks for your analysis! A branch would be great, but an attachment to this bug will also be fine :)

Changed in widelands:
status:	New → Confirmed

Nasenbaer (nasenbaer) on 2018-09-18

Changed in widelands:
assignee:	nobody → Nasenbaer (nasenbaer)
status:	Confirmed → In Progress

Revision history for this message

Arty (artydent) wrote on 2018-09-18:

Just uploaded a branch to my repository. How do I connect this to this here? (Haven't worked with launchpad before.)

Revision history for this message

Nasenbaer (nasenbaer) wrote on 2018-09-18:

Sorry Arty saw only now that you were working on that bug too.
I checked all occurances and the message window seems to be the only one (seafaring statistic window seems to have the same bug at the first sight, but the table is not initialized with (this,...), so that seems to be okay.

I uploaded a branch for the bug fix. Feel free to merge if the fix is okay for you.

Revision history for this message

Nasenbaer (nasenbaer) wrote on 2018-09-18:

... or use the one of arty... after all he was the first one to answer the bug :).
Sorry for the confusion :-D

Revision history for this message

Arty (artydent) wrote on 2018-09-18:

Bzw, I didn't find any other UI elements with such a handling loop.

Interestingly, the seafaring statistics kinda looks and works similar, but the loop doesn't occur there, because the seafaring statistics uses additional boxes which seve as parents for the table and various buttons. Thus when the table passes tab key handling to its parent, it lands at such a box which then handles it.

Not sure what other advantages/disadvantages those two UI structure approaches have, but maybe we should make them have a similar structure.

Revision history for this message

Nasenbaer (nasenbaer) wrote on 2018-09-18:

@Arty use following option for bzr commit:

bzr commit -m "your message" --fixes lp:1791527
bzr push lp:...your branch

Changed in widelands:
assignee:	Nasenbaer (nasenbaer) → nobody

Revision history for this message

Arty (artydent) wrote on 2018-09-18:

@Nasenbaer It's fine. Doesn't matter to me what branch is used. And I see, we both checked the same thing with the seafaring statistics. :-)

Revision history for this message

Nasenbaer (nasenbaer) wrote on 2018-09-20:

Committed your fix in bzr rev. 8843 - after all you forwarded the key while my fix ignored it so your fix was better :)

Changed in widelands:
status:	In Progress → Fix Committed

Revision history for this message

GunChleoc (gunchleoc) wrote on 2018-09-24:

#10

Thanks for the fix! :)

@Nasenbaer: your changes broke our build environment, and also broke it for everybody who merged trunk and delayed at least 1 other branch. So, Hessenfarmer cleaned up after you:

https://code.launchpad.net/~widelands-dev/widelands/fix-travis

Please use branches and merge requests for your changes, even if they seem trivial.

Revision history for this message

GunChleoc (gunchleoc) wrote on 2019-04-22:

#11

Fixed in build20-rc1

Changed in widelands:
status:	Fix Committed → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.