Address Sanitize failure in Combo() #8450
Description
Version/Branch of Dear ImGui:
docking, commit: 15b96fd
Back-ends:
imgui_impl_opengls3.cpp
Compiler, OS:
Linux Ubuntu 24, g++ (Ubuntu 13.3.0-6ubuntu2~24.04) 13.3.0
Full config/build information:
No response
Details:
Hey.
You have new templates for problems, so hopefully I won't get anything wrong here.
I wanted to check out the bugs in my code but I came across a problem that I do not understand. The Program, when normally used, works without a problem, but when I want to perform some tests with the fsanitize=address it crashes.
Is there a problem in ImGui?
- build with flags:
-std=c++23 -DIMGUI_DEFINE_MATH_OPERATORS=1 -DIMGUI_IMPL_OPENGL_ES2=1 -fsanitize=address - link with
-lGLESv2 -lGL -lglfw -ldl -lasan - run as
$ LD_PRELOAD=libasan.so.8 ./serviceLocation_gui
Screenshots/Video:
==16585==ERROR: AddressSanitizer: stack-use-after-scope on address 0x76afae5e6b10 at pc 0x5c2e4db59f16 bp 0x7ffe5c470d30 sp 0x7ffe5c470d20
READ of size 1 at 0x76afae5e6b10 thread T0
#0 0x5c2e4db59f15 in ImGui::FindRenderedTextEnd(char const*, char const*) ../components/imgui/imgui.cpp:3652
#1 0x5c2e4db5afde in ImGui::RenderTextClipped(ImVec2 const&, ImVec2 const&, char const*, char const*, ImVec2 const*, ImVec2 const&, ImRect const*) ../components/imgui/imgui.cpp:3737
#2 0x5c2e4dd69fb3 in ImGui::BeginCombo(char const*, char const*, int) ../components/imgui/imgui_widgets.cpp:1919
#3 0x5c2e4dd6c191 in ImGui::Combo(char const*, int*, char const* (*)(void*, int), void*, int, int) ../components/imgui/imgui_widgets.cpp:2093
#4 0x5c2e4dd6c659 in ImGui::Combo(char const*, int*, char const* const*, int, int) ../components/imgui/imgui_widgets.cpp:2130
#5 0x5c2e4da71869 in packet::module::WindowSettings::_DrawTabProvider() ../src/gui/TabProvider.cpp:27
#6 0x5c2e4da611c3 in packet::module::WindowSettings::Draw() ../src/gui/Draw.cpp:106
#7 0x5c2e4da95231 in main ../src/main.cpp:206
#8 0x76afb022a1c9 in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
#9 0x76afb022a28a in __libc_start_main_impl ../csu/libc-start.c:360
#10 0x5c2e4d9749e4 in _start (/home/denis/Odey/serviceLocation_gui/dev/serviceLocation_gui+0xe89e4) (BuildId: d3676d718a5707d90a947e09206d832e1ca6a7ef)
Address 0x76afae5e6b10 is located in stack of thread T0 at offset 784 in frame
#0 0x5c2e4da71125 in packet::module::WindowSettings::_DrawTabProvider() ../src/gui/TabProvider.cpp:16
This frame has 51 object(s):
[48, 49) '<unknown>'
[64, 65) '<unknown>'
[80, 81) '<unknown>'
[96, 97) '<unknown>'
[112, 113) '<unknown>'
[128, 129) '<unknown>'
[144, 145) '<unknown>'
[160, 161) '<unknown>'
[176, 177) '<unknown>'
[192, 193) '<unknown>'
[208, 209) '<unknown>'
[224, 225) '<unknown>'
[240, 241) '<unknown>'
[256, 257) '<unknown>'
[272, 273) '<unknown>'
[288, 289) '<unknown>'
[304, 305) '<unknown>'
[320, 321) '<unknown>'
[336, 337) '<unknown>'
[352, 353) '<unknown>'
[368, 369) '<unknown>'
[384, 385) '<unknown>'
[400, 404) 'source_id' (line 25)
[416, 424) '<unknown>'
[448, 456) '<unknown>'
[480, 488) '<unknown>'
[512, 520) '<unknown>'
[544, 552) '<unknown>'
[576, 600) 'sources' (line 24)
[640, 672) '<unknown>'
[704, 736) '<unknown>'
[768, 800) '<unknown>' <== Memory access at offset 784 is inside this variable
[832, 864) '<unknown>'
[896, 928) '<unknown>'
[960, 992) '<unknown>'
[1024, 1056) '<unknown>'
[1088, 1120) '<unknown>'
[1152, 1184) '<unknown>'
[1216, 1248) '<unknown>'
[1280, 1312) '<unknown>'
[1344, 1376) '<unknown>'
[1408, 1440) '<unknown>'
[1472, 1504) '<unknown>'
[1536, 1568) '<unknown>'
[1600, 1632) '<unknown>'
[1664, 1696) '<unknown>'
[1728, 1760) '<unknown>'
[1792, 1824) '<unknown>'
[1856, 1888) '<unknown>'
[1920, 1952) '<unknown>'
[1984, 2016) '<unknown>'
HINT: this may be a false positive if your program uses some custom stack unwind mechanism, swapcontext or vfork
(longjmp and C++ exceptions *are* supported)
SUMMARY: AddressSanitizer: stack-use-after-scope ../components/imgui/imgui.cpp:3652 in ImGui::FindRenderedTextEnd(char const*, char const*)
Shadow bytes around the buggy address:
0x76afae5e6880: 01 f2 01 f2 01 f2 01 f2 01 f2 01 f2 01 f2 01 f2
0x76afae5e6900: 01 f2 01 f2 01 f2 01 f2 01 f2 01 f2 01 f2 01 f2
0x76afae5e6980: 01 f2 04 f2 f8 f2 f2 f2 00 f2 f2 f2 00 f2 f2 f2
0x76afae5e6a00: 00 f2 f2 f2 00 f2 f2 f2 00 00 00 f2 f2 f2 f2 f2
0x76afae5e6a80: f8 f8 f8 f8 f2 f2 f2 f2 f8 f8 f8 f8 f2 f2 f2 f2
=>0x76afae5e6b00: f8 f8[f8]f8 f2 f2 f2 f2 f8 f8 f8 f8 f2 f2 f2 f2
0x76afae5e6b80: f8 f8 f8 f8 f2 f2 f2 f2 00 00 00 00 f2 f2 f2 f2
0x76afae5e6c00: 00 00 00 00 f2 f2 f2 f2 00 00 00 00 f2 f2 f2 f2
0x76afae5e6c80: 00 00 00 00 f2 f2 f2 f2 00 00 00 00 f2 f2 f2 f2
0x76afae5e6d00: 00 00 00 00 f2 f2 f2 f2 00 00 00 00 f2 f2 f2 f2
0x76afae5e6d80: 00 00 00 00 f2 f2 f2 f2 00 00 00 00 f2 f2 f2 f2
Shadow byte legend (one shadow byte represents 8 application bytes):
Addressable: 00
Partially addressable: 01 02 03 04 05 06 07
Heap left redzone: fa
Freed heap region: fd
Stack left redzone: f1
Stack mid redzone: f2
Stack right redzone: f3
Stack after return: f5
Stack use after scope: f8
Global redzone: f9
Global init order: f6
Poisoned by user: f7
Container overflow: fc
Array cookie: ac
Intra object redzone: bb
ASan internal: fe
Left alloca redzone: ca
Right alloca redzone: cb
==16585==ABORTING
Minimal, Complete and Verifiable Example code:
header -> define vars:
#define __T(x) gettext(x)
enum source_e {
STATIC,
EXTERN,
DEVICE
};
source_e m_location_source = source_e::FILE;source -> function draw():
ImGui::TextUnformatted(__T("Source"));
ImGui::SetNextItemWidth(ImGui::GetContentRegionAvail().x);
const char *sources[3] = { __T("Static"), __T("Extern"), __T("Device") };
int source_id = static_cast<int>(m_location_source);
if (ImGui::Combo("##int_wcur", &source_id, sources, 3))
{
m_location_source = static_cast<source_e>(source_id);
}