blender/blender
162
515
Fork 780
Code Issues 6.8k Pull Requests 929 Projects 19 Wiki Activity

Measure Tool Undo crash #116734

New Issue
Closed
opened 2024-01-03 09:03:43 +01:00 by Philipp Oeser · 5 comments
Philipp Oeser commented 2024-01-03 09:03:43 +01:00
Member
Copy Link

System Information
Operating system: Linux-6.6.8-200.fc39.x86_64-x86_64-with-glibc2.38 64 Bits, X11 UI
Graphics card: NVIDIA GeForce RTX 3080 Laptop GPU/PCIe/SSE2 NVIDIA Corporation 4.6.0 NVIDIA 545.29.06

Blender Version
Broken: version: 4.1.0 Alpha, branch: main, commit date: 2024-01-01 12:59, hash: 98c6bded9844
Worked: 3.6.7

Caused by ebb5643e59

Short description of error
Measure Tool Undo crash

Exact steps for others to reproduce the error
from the default startup cube:

  • enter editmode
  • choose the Measure tool
  • drag over the cube to create a measure
  • Undo twice
  • crash
==57597==ERROR: AddressSanitizer: heap-use-after-free on address 0x6160000894f4 at pc 0x000000d5b400 bp 0x7fffffffbdc0 sp 0x7fffffffbdb8
READ of size 4 at 0x6160000894f4 thread T0
    #0 0xd5b3ff in id_us_plus_no_lib /blender/source/blender/blenkernel/intern/lib_id.cc:303
    #1 0xd68bc1 in id_refcount_recompute_callback /blender/source/blender/blenkernel/intern/lib_id.cc:1666
    #2 0xddbf68 in BKE_lib_query_foreachid_process /blender/source/blender/blenkernel/intern/lib_query.cc:95
    #3 0x16bc6c0 in scene_foreach_id /blender/source/blender/blenkernel/intern/scene.cc:866
    #4 0xdde801 in library_foreach_ID_link /blender/source/blender/blenkernel/intern/lib_query.cc:365
    #5 0xdde991 in BKE_library_foreach_ID_link /blender/source/blender/blenkernel/intern/lib_query.cc:384
    #6 0xd69694 in BKE_main_id_refcount_recompute /blender/source/blender/blenkernel/intern/lib_id.cc:1698
    #7 0x814c0c in setup_app_data /blender/source/blender/blenkernel/intern/blendfile.cc:940
    #8 0x815189 in setup_app_blend_file_data /blender/source/blender/blenkernel/intern/blendfile.cc:971
    #9 0x8156c2 in BKE_blendfile_read_setup_readfile(bContext*, BlendFileData*, BlendFileReadParams const*, BlendFileReadWMSetupData*, BlendFileReadReport*, bool, char const*) /blender/source/blender/blenkernel/intern/blendfile.cc:1009
    #10 0x815718 in BKE_blendfile_read_setup_undo(bContext*, BlendFileData*, BlendFileReadParams const*, BlendFileReadReport*) /blender/source/blender/blenkernel/intern/blendfile.cc:1018
    #11 0xcdf1360 in BKE_memfile_undo_decode /blender/source/blender/blenkernel/intern/blender_undo.cc:85
    #12 0xac39761 in memfile_undosys_step_decode /blender/source/blender/editors/undo/memfile_undo.cc:208
    #13 0xd1e3bd1 in undosys_step_decode /blender/source/blender/blenkernel/intern/undo_system.cc:204
    #14 0xd1ea8a3 in BKE_undosys_step_load_data_ex /blender/source/blender/blenkernel/intern/undo_system.cc:796
    #15 0xd1ead50 in BKE_undosys_step_undo_with_data_ex /blender/source/blender/blenkernel/intern/undo_system.cc:842
    #16 0xd1ead7f in BKE_undosys_step_undo_with_data /blender/source/blender/blenkernel/intern/undo_system.cc:847
    #17 0xd1eaec1 in BKE_undosys_step_undo /blender/source/blender/blenkernel/intern/undo_system.cc:853
    #18 0xac31368 in ed_undo_step_direction /blender/source/blender/editors/undo/ed_undo.cc:285
    #19 0xac3301a in ed_undo_exec /blender/source/blender/editors/undo/ed_undo.cc:506
    #20 0x45da03f in wm_operator_invoke /blender/source/blender/windowmanager/intern/wm_event_system.cc:1562
    #21 0x45e41d6 in wm_handler_operator_call /blender/source/blender/windowmanager/intern/wm_event_system.cc:2581
    #22 0x45ea0f7 in wm_handlers_do_keymap_with_keymap_handler /blender/source/blender/windowmanager/intern/wm_event_system.cc:2982
    #23 0x45f238c in wm_handlers_do_intern /blender/source/blender/windowmanager/intern/wm_event_system.cc:3313
    #24 0x45f3b82 in wm_handlers_do /blender/source/blender/windowmanager/intern/wm_event_system.cc:3450
    #25 0x45fedae in wm_event_do_handlers(bContext*) /blender/source/blender/windowmanager/intern/wm_event_system.cc:4161
    #26 0x45aac60 in WM_main(bContext*) /blender/source/blender/windowmanager/intern/wm.cc:613
    #27 0x7f1719 in main /blender/source/creator/creator.cc:575
    #28 0x7fffe6446149 in __libc_start_call_main (/lib64/libc.so.6+0x28149) (BuildId: 788cdd41a15985bf8e0a48d213a46e07d58822df)
    #29 0x7fffe644620a in __libc_start_main_impl (/lib64/libc.so.6+0x2820a) (BuildId: 788cdd41a15985bf8e0a48d213a46e07d58822df)
    #30 0x7f0ac4 in _start (/build_linux_debug/bin/blender+0x7f0ac4) (BuildId: 7c2523a04823c05098d5f6a2ae9d1ad370469df9)

0x6160000894f4 is located 116 bytes inside of 608-byte region [0x616000089480,0x6160000896e0)
freed by thread T0 here:
    #0 0x7ffff78d7fb8 in __interceptor_free.part.0 (/lib64/libasan.so.8+0xd7fb8) (BuildId: 7fcb7759bc17ef47f9682414b6d99732d6a6ab0c)
    #1 0x45986d4 in MEM_lockfree_freeN /blender/intern/guardedalloc/intern/mallocn_lockfree_impl.c:110
    #2 0xd70636 in id_free /blender/source/blender/blenkernel/intern/lib_id_delete.cc:171
    #3 0xd70673 in BKE_id_free_ex /blender/source/blender/blenkernel/intern/lib_id_delete.cc:184
    #4 0xe0c82d in BKE_main_free(Main*) /blender/source/blender/blenkernel/intern/main.cc:84
    #5 0x807468 in BKE_blender_globals_clear /blender/source/blender/blenkernel/intern/blender.cc:201
    #6 0x807543 in BKE_blender_globals_main_replace /blender/source/blender/blenkernel/intern/blender.cc:209
    #7 0x813dd7 in setup_app_data /blender/source/blender/blenkernel/intern/blendfile.cc:850
    #8 0x815189 in setup_app_blend_file_data /blender/source/blender/blenkernel/intern/blendfile.cc:971
    #9 0x8156c2 in BKE_blendfile_read_setup_readfile(bContext*, BlendFileData*, BlendFileReadParams const*, BlendFileReadWMSetupData*, BlendFileReadReport*, bool, char const*) /blender/source/blender/blenkernel/intern/blendfile.cc:1009
    #10 0x815718 in BKE_blendfile_read_setup_undo(bContext*, BlendFileData*, BlendFileReadParams const*, BlendFileReadReport*) /blender/source/blender/blenkernel/intern/blendfile.cc:1018
    #11 0xcdf1360 in BKE_memfile_undo_decode /blender/source/blender/blenkernel/intern/blender_undo.cc:85
    #12 0xac39761 in memfile_undosys_step_decode /blender/source/blender/editors/undo/memfile_undo.cc:208
    #13 0xd1e3bd1 in undosys_step_decode /blender/source/blender/blenkernel/intern/undo_system.cc:204
    #14 0xd1ea8a3 in BKE_undosys_step_load_data_ex /blender/source/blender/blenkernel/intern/undo_system.cc:796
    #15 0xd1ead50 in BKE_undosys_step_undo_with_data_ex /blender/source/blender/blenkernel/intern/undo_system.cc:842
    #16 0xd1ead7f in BKE_undosys_step_undo_with_data /blender/source/blender/blenkernel/intern/undo_system.cc:847
    #17 0xd1eaec1 in BKE_undosys_step_undo /blender/source/blender/blenkernel/intern/undo_system.cc:853
    #18 0xac31368 in ed_undo_step_direction /blender/source/blender/editors/undo/ed_undo.cc:285
    #19 0xac3301a in ed_undo_exec /blender/source/blender/editors/undo/ed_undo.cc:506
    #20 0x45da03f in wm_operator_invoke /blender/source/blender/windowmanager/intern/wm_event_system.cc:1562
    #21 0x45e41d6 in wm_handler_operator_call /blender/source/blender/windowmanager/intern/wm_event_system.cc:2581
    #22 0x45ea0f7 in wm_handlers_do_keymap_with_keymap_handler /blender/source/blender/windowmanager/intern/wm_event_system.cc:2982
    #23 0x45f238c in wm_handlers_do_intern /blender/source/blender/windowmanager/intern/wm_event_system.cc:3313
    #24 0x45f3b82 in wm_handlers_do /blender/source/blender/windowmanager/intern/wm_event_system.cc:3450
    #25 0x45fedae in wm_event_do_handlers(bContext*) /blender/source/blender/windowmanager/intern/wm_event_system.cc:4161
    #26 0x45aac60 in WM_main(bContext*) /blender/source/blender/windowmanager/intern/wm.cc:613
    #27 0x7f1719 in main /blender/source/creator/creator.cc:575
    #28 0x7fffe6446149 in __libc_start_call_main (/lib64/libc.so.6+0x28149) (BuildId: 788cdd41a15985bf8e0a48d213a46e07d58822df)
    #29 0x7fffe644620a in __libc_start_main_impl (/lib64/libc.so.6+0x2820a) (BuildId: 788cdd41a15985bf8e0a48d213a46e07d58822df)

previously allocated by thread T0 here:
    #0 0x7ffff78d8cc7 in calloc (/lib64/libasan.so.8+0xd8cc7) (BuildId: 7fcb7759bc17ef47f9682414b6d99732d6a6ab0c)
    #1 0x4598e03 in MEM_lockfree_callocN /blender/intern/guardedalloc/intern/mallocn_lockfree_impl.c:216
    #2 0xd6438e in BKE_libblock_alloc_notest /blender/source/blender/blenkernel/intern/lib_id.cc:1210
    #3 0xd6450a in BKE_libblock_alloc /blender/source/blender/blenkernel/intern/lib_id.cc:1222
    #4 0xa592b8 in BKE_gpencil_data_addnew /blender/source/blender/blenkernel/intern/gpencil_legacy.cc:688
    #5 0xbc16b43 in view3d_ruler_to_gpencil /blender/source/blender/editors/space_view3d/view3d_gizmo_ruler.cc:532
    #6 0xbc2198d in gizmo_ruler_exit /blender/source/blender/editors/space_view3d/view3d_gizmo_ruler.cc:1207
    #7 0x46f5831 in gizmo_tweak_finish /blender/source/blender/windowmanager/gizmo/intern/wm_gizmo_group.cc:464
    #8 0x46f6364 in gizmo_tweak_modal /blender/source/blender/windowmanager/gizmo/intern/wm_gizmo_group.cc:520
    #9 0x45e30e7 in wm_handler_operator_call /blender/source/blender/windowmanager/intern/wm_event_system.cc:2480
    #10 0x45f3549 in wm_handlers_do_intern /blender/source/blender/windowmanager/intern/wm_event_system.cc:3400
    #11 0x45f3b82 in wm_handlers_do /blender/source/blender/windowmanager/intern/wm_event_system.cc:3450
    #12 0x45fe0cc in wm_event_do_handlers(bContext*) /blender/source/blender/windowmanager/intern/wm_event_system.cc:4077
    #13 0x45aac60 in WM_main(bContext*) /blender/source/blender/windowmanager/intern/wm.cc:613
    #14 0x7f1719 in main /blender/source/creator/creator.cc:575
    #15 0x7fffe6446149 in __libc_start_call_main (/lib64/libc.so.6+0x28149) (BuildId: 788cdd41a15985bf8e0a48d213a46e07d58822df)
    #16 0x7fffe644620a in __libc_start_main_impl (/lib64/libc.so.6+0x2820a) (BuildId: 788cdd41a15985bf8e0a48d213a46e07d58822df)
    #17 0x7f0ac4 in _start (/build_linux_debug/bin/blender+0x7f0ac4) (BuildId: 7c2523a04823c05098d5f6a2ae9d1ad370469df9)

SUMMARY: AddressSanitizer: heap-use-after-free /blender/source/blender/blenkernel/intern/lib_id.cc:303 in id_us_plus_no_lib
Shadow bytes around the buggy address:
  0x616000089200: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x616000089280: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x616000089300: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x616000089380: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x616000089400: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
=>0x616000089480: fd fd fd fd fd fd fd fd fd fd fd fd fd fd[fd]fd
  0x616000089500: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
  0x616000089580: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
  0x616000089600: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
  0x616000089680: fd fd fd fd fd fd fd fd fd fd fd fd fa fa fa fa
  0x616000089700: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
Shadow byte legend (one shadow byte represents 8 application bytes):
  Addressable:           00
  Partially addressable: 01 02 03 04 05 06 07 
  Heap left redzone:       fa
  Freed heap region:       fd
  Stack left redzone:      f1
  Stack mid redzone:       f2
  Stack right redzone:     f3
  Stack after return:      f5
  Stack use after scope:   f8
  Global redzone:          f9
  Global init order:       f6
  Poisoned by user:        f7
  Container overflow:      fc
  Array cookie:            ac
  Intra object redzone:    bb
  ASan internal:           fe
  Left alloca redzone:     ca
  Right alloca redzone:    cb
==57597==ABORTING
**System Information** Operating system: Linux-6.6.8-200.fc39.x86_64-x86_64-with-glibc2.38 64 Bits, X11 UI Graphics card: NVIDIA GeForce RTX 3080 Laptop GPU/PCIe/SSE2 NVIDIA Corporation 4.6.0 NVIDIA 545.29.06 **Blender Version** Broken: version: 4.1.0 Alpha, branch: main, commit date: 2024-01-01 12:59, hash: `98c6bded9844` Worked: 3.6.7 Caused by ebb5643e598a17b2f21b4e50acac35afe82dbd55 **Short description of error** Measure Tool Undo crash **Exact steps for others to reproduce the error** from the default startup cube: - enter editmode - choose the `Measure` tool - drag over the cube to create a measure - Undo twice - crash ``` ==57597==ERROR: AddressSanitizer: heap-use-after-free on address 0x6160000894f4 at pc 0x000000d5b400 bp 0x7fffffffbdc0 sp 0x7fffffffbdb8 READ of size 4 at 0x6160000894f4 thread T0 #0 0xd5b3ff in id_us_plus_no_lib /blender/source/blender/blenkernel/intern/lib_id.cc:303 #1 0xd68bc1 in id_refcount_recompute_callback /blender/source/blender/blenkernel/intern/lib_id.cc:1666 #2 0xddbf68 in BKE_lib_query_foreachid_process /blender/source/blender/blenkernel/intern/lib_query.cc:95 #3 0x16bc6c0 in scene_foreach_id /blender/source/blender/blenkernel/intern/scene.cc:866 #4 0xdde801 in library_foreach_ID_link /blender/source/blender/blenkernel/intern/lib_query.cc:365 #5 0xdde991 in BKE_library_foreach_ID_link /blender/source/blender/blenkernel/intern/lib_query.cc:384 #6 0xd69694 in BKE_main_id_refcount_recompute /blender/source/blender/blenkernel/intern/lib_id.cc:1698 #7 0x814c0c in setup_app_data /blender/source/blender/blenkernel/intern/blendfile.cc:940 #8 0x815189 in setup_app_blend_file_data /blender/source/blender/blenkernel/intern/blendfile.cc:971 #9 0x8156c2 in BKE_blendfile_read_setup_readfile(bContext*, BlendFileData*, BlendFileReadParams const*, BlendFileReadWMSetupData*, BlendFileReadReport*, bool, char const*) /blender/source/blender/blenkernel/intern/blendfile.cc:1009 #10 0x815718 in BKE_blendfile_read_setup_undo(bContext*, BlendFileData*, BlendFileReadParams const*, BlendFileReadReport*) /blender/source/blender/blenkernel/intern/blendfile.cc:1018 #11 0xcdf1360 in BKE_memfile_undo_decode /blender/source/blender/blenkernel/intern/blender_undo.cc:85 #12 0xac39761 in memfile_undosys_step_decode /blender/source/blender/editors/undo/memfile_undo.cc:208 #13 0xd1e3bd1 in undosys_step_decode /blender/source/blender/blenkernel/intern/undo_system.cc:204 #14 0xd1ea8a3 in BKE_undosys_step_load_data_ex /blender/source/blender/blenkernel/intern/undo_system.cc:796 #15 0xd1ead50 in BKE_undosys_step_undo_with_data_ex /blender/source/blender/blenkernel/intern/undo_system.cc:842 #16 0xd1ead7f in BKE_undosys_step_undo_with_data /blender/source/blender/blenkernel/intern/undo_system.cc:847 #17 0xd1eaec1 in BKE_undosys_step_undo /blender/source/blender/blenkernel/intern/undo_system.cc:853 #18 0xac31368 in ed_undo_step_direction /blender/source/blender/editors/undo/ed_undo.cc:285 #19 0xac3301a in ed_undo_exec /blender/source/blender/editors/undo/ed_undo.cc:506 #20 0x45da03f in wm_operator_invoke /blender/source/blender/windowmanager/intern/wm_event_system.cc:1562 #21 0x45e41d6 in wm_handler_operator_call /blender/source/blender/windowmanager/intern/wm_event_system.cc:2581 #22 0x45ea0f7 in wm_handlers_do_keymap_with_keymap_handler /blender/source/blender/windowmanager/intern/wm_event_system.cc:2982 #23 0x45f238c in wm_handlers_do_intern /blender/source/blender/windowmanager/intern/wm_event_system.cc:3313 #24 0x45f3b82 in wm_handlers_do /blender/source/blender/windowmanager/intern/wm_event_system.cc:3450 #25 0x45fedae in wm_event_do_handlers(bContext*) /blender/source/blender/windowmanager/intern/wm_event_system.cc:4161 #26 0x45aac60 in WM_main(bContext*) /blender/source/blender/windowmanager/intern/wm.cc:613 #27 0x7f1719 in main /blender/source/creator/creator.cc:575 #28 0x7fffe6446149 in __libc_start_call_main (/lib64/libc.so.6+0x28149) (BuildId: 788cdd41a15985bf8e0a48d213a46e07d58822df) #29 0x7fffe644620a in __libc_start_main_impl (/lib64/libc.so.6+0x2820a) (BuildId: 788cdd41a15985bf8e0a48d213a46e07d58822df) #30 0x7f0ac4 in _start (/build_linux_debug/bin/blender+0x7f0ac4) (BuildId: 7c2523a04823c05098d5f6a2ae9d1ad370469df9) 0x6160000894f4 is located 116 bytes inside of 608-byte region [0x616000089480,0x6160000896e0) freed by thread T0 here: #0 0x7ffff78d7fb8 in __interceptor_free.part.0 (/lib64/libasan.so.8+0xd7fb8) (BuildId: 7fcb7759bc17ef47f9682414b6d99732d6a6ab0c) #1 0x45986d4 in MEM_lockfree_freeN /blender/intern/guardedalloc/intern/mallocn_lockfree_impl.c:110 #2 0xd70636 in id_free /blender/source/blender/blenkernel/intern/lib_id_delete.cc:171 #3 0xd70673 in BKE_id_free_ex /blender/source/blender/blenkernel/intern/lib_id_delete.cc:184 #4 0xe0c82d in BKE_main_free(Main*) /blender/source/blender/blenkernel/intern/main.cc:84 #5 0x807468 in BKE_blender_globals_clear /blender/source/blender/blenkernel/intern/blender.cc:201 #6 0x807543 in BKE_blender_globals_main_replace /blender/source/blender/blenkernel/intern/blender.cc:209 #7 0x813dd7 in setup_app_data /blender/source/blender/blenkernel/intern/blendfile.cc:850 #8 0x815189 in setup_app_blend_file_data /blender/source/blender/blenkernel/intern/blendfile.cc:971 #9 0x8156c2 in BKE_blendfile_read_setup_readfile(bContext*, BlendFileData*, BlendFileReadParams const*, BlendFileReadWMSetupData*, BlendFileReadReport*, bool, char const*) /blender/source/blender/blenkernel/intern/blendfile.cc:1009 #10 0x815718 in BKE_blendfile_read_setup_undo(bContext*, BlendFileData*, BlendFileReadParams const*, BlendFileReadReport*) /blender/source/blender/blenkernel/intern/blendfile.cc:1018 #11 0xcdf1360 in BKE_memfile_undo_decode /blender/source/blender/blenkernel/intern/blender_undo.cc:85 #12 0xac39761 in memfile_undosys_step_decode /blender/source/blender/editors/undo/memfile_undo.cc:208 #13 0xd1e3bd1 in undosys_step_decode /blender/source/blender/blenkernel/intern/undo_system.cc:204 #14 0xd1ea8a3 in BKE_undosys_step_load_data_ex /blender/source/blender/blenkernel/intern/undo_system.cc:796 #15 0xd1ead50 in BKE_undosys_step_undo_with_data_ex /blender/source/blender/blenkernel/intern/undo_system.cc:842 #16 0xd1ead7f in BKE_undosys_step_undo_with_data /blender/source/blender/blenkernel/intern/undo_system.cc:847 #17 0xd1eaec1 in BKE_undosys_step_undo /blender/source/blender/blenkernel/intern/undo_system.cc:853 #18 0xac31368 in ed_undo_step_direction /blender/source/blender/editors/undo/ed_undo.cc:285 #19 0xac3301a in ed_undo_exec /blender/source/blender/editors/undo/ed_undo.cc:506 #20 0x45da03f in wm_operator_invoke /blender/source/blender/windowmanager/intern/wm_event_system.cc:1562 #21 0x45e41d6 in wm_handler_operator_call /blender/source/blender/windowmanager/intern/wm_event_system.cc:2581 #22 0x45ea0f7 in wm_handlers_do_keymap_with_keymap_handler /blender/source/blender/windowmanager/intern/wm_event_system.cc:2982 #23 0x45f238c in wm_handlers_do_intern /blender/source/blender/windowmanager/intern/wm_event_system.cc:3313 #24 0x45f3b82 in wm_handlers_do /blender/source/blender/windowmanager/intern/wm_event_system.cc:3450 #25 0x45fedae in wm_event_do_handlers(bContext*) /blender/source/blender/windowmanager/intern/wm_event_system.cc:4161 #26 0x45aac60 in WM_main(bContext*) /blender/source/blender/windowmanager/intern/wm.cc:613 #27 0x7f1719 in main /blender/source/creator/creator.cc:575 #28 0x7fffe6446149 in __libc_start_call_main (/lib64/libc.so.6+0x28149) (BuildId: 788cdd41a15985bf8e0a48d213a46e07d58822df) #29 0x7fffe644620a in __libc_start_main_impl (/lib64/libc.so.6+0x2820a) (BuildId: 788cdd41a15985bf8e0a48d213a46e07d58822df) previously allocated by thread T0 here: #0 0x7ffff78d8cc7 in calloc (/lib64/libasan.so.8+0xd8cc7) (BuildId: 7fcb7759bc17ef47f9682414b6d99732d6a6ab0c) #1 0x4598e03 in MEM_lockfree_callocN /blender/intern/guardedalloc/intern/mallocn_lockfree_impl.c:216 #2 0xd6438e in BKE_libblock_alloc_notest /blender/source/blender/blenkernel/intern/lib_id.cc:1210 #3 0xd6450a in BKE_libblock_alloc /blender/source/blender/blenkernel/intern/lib_id.cc:1222 #4 0xa592b8 in BKE_gpencil_data_addnew /blender/source/blender/blenkernel/intern/gpencil_legacy.cc:688 #5 0xbc16b43 in view3d_ruler_to_gpencil /blender/source/blender/editors/space_view3d/view3d_gizmo_ruler.cc:532 #6 0xbc2198d in gizmo_ruler_exit /blender/source/blender/editors/space_view3d/view3d_gizmo_ruler.cc:1207 #7 0x46f5831 in gizmo_tweak_finish /blender/source/blender/windowmanager/gizmo/intern/wm_gizmo_group.cc:464 #8 0x46f6364 in gizmo_tweak_modal /blender/source/blender/windowmanager/gizmo/intern/wm_gizmo_group.cc:520 #9 0x45e30e7 in wm_handler_operator_call /blender/source/blender/windowmanager/intern/wm_event_system.cc:2480 #10 0x45f3549 in wm_handlers_do_intern /blender/source/blender/windowmanager/intern/wm_event_system.cc:3400 #11 0x45f3b82 in wm_handlers_do /blender/source/blender/windowmanager/intern/wm_event_system.cc:3450 #12 0x45fe0cc in wm_event_do_handlers(bContext*) /blender/source/blender/windowmanager/intern/wm_event_system.cc:4077 #13 0x45aac60 in WM_main(bContext*) /blender/source/blender/windowmanager/intern/wm.cc:613 #14 0x7f1719 in main /blender/source/creator/creator.cc:575 #15 0x7fffe6446149 in __libc_start_call_main (/lib64/libc.so.6+0x28149) (BuildId: 788cdd41a15985bf8e0a48d213a46e07d58822df) #16 0x7fffe644620a in __libc_start_main_impl (/lib64/libc.so.6+0x2820a) (BuildId: 788cdd41a15985bf8e0a48d213a46e07d58822df) #17 0x7f0ac4 in _start (/build_linux_debug/bin/blender+0x7f0ac4) (BuildId: 7c2523a04823c05098d5f6a2ae9d1ad370469df9) SUMMARY: AddressSanitizer: heap-use-after-free /blender/source/blender/blenkernel/intern/lib_id.cc:303 in id_us_plus_no_lib Shadow bytes around the buggy address: 0x616000089200: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x616000089280: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x616000089300: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x616000089380: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x616000089400: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa =>0x616000089480: fd fd fd fd fd fd fd fd fd fd fd fd fd fd[fd]fd 0x616000089500: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd 0x616000089580: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd 0x616000089600: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd 0x616000089680: fd fd fd fd fd fd fd fd fd fd fd fd fa fa fa fa 0x616000089700: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa Shadow byte legend (one shadow byte represents 8 application bytes): Addressable: 00 Partially addressable: 01 02 03 04 05 06 07 Heap left redzone: fa Freed heap region: fd Stack left redzone: f1 Stack mid redzone: f2 Stack right redzone: f3 Stack after return: f5 Stack use after scope: f8 Global redzone: f9 Global init order: f6 Poisoned by user: f7 Container overflow: fc Array cookie: ac Intra object redzone: bb ASan internal: fe Left alloca redzone: ca Right alloca redzone: cb ==57597==ABORTING ```
Philipp Oeser added the
Severity
Normal
Type
Report
Status
Needs Triage
 labels 2024-01-03 09:03:44 +01:00
Philipp Oeser added
Status
Confirmed
 and removed
Status
Needs Triage
 labels 2024-01-03 09:10:48 +01:00
Philipp Oeser commented 2024-01-03 09:48:51 +01:00
Author
Member
Copy Link

Caused by ebb5643e59

CC @mont29

Caused by ebb5643e598a17b2f21b4e50acac35afe82dbd55 CC @mont29
Philipp Oeser added
Module
Core
Interest
Undo
Severity
High
 and removed
Severity
Normal
 labels 2024-01-03 09:49:29 +01:00
Bastien Montagne commented 2024-01-03 17:26:04 +01:00
Owner
Copy Link

I think that the problem is in the ruler code...

view3d_ruler_to_gpencil can be called from gizmo_ruler_exit, which (as far as I can follow code and guess) seems to happen after the undo step is saved?

In any case, PR !116751 seems to fix the problem?

I think that the problem is in the ruler code... `view3d_ruler_to_gpencil` can be called from `gizmo_ruler_exit`, which (as far as I can follow code and guess) seems to happen after the undo step is saved? In any case, PR !116751 seems to fix the problem?
Bastien Montagne commented 2024-01-03 17:30:25 +01:00
Owner
Copy Link

Think @ideasman42 or @mano-wii should be summoned here :)

Think @ideasman42 or @mano-wii should be summoned here :)
Bastien Montagne added
Module
Modeling
Interest
User Interface
Type
Bug
 and removed
Module
Core
Type
Report
 labels 2024-01-03 18:01:13 +01:00
Germano Cavalcante commented 2024-01-04 14:58:17 +01:00
Member
Copy Link

view3d_ruler_to_gpencil can be called from gizmo_ruler_exit, which (as far as I can follow code and guess) seems to happen after the undo step is saved?

I am not very familiar with this part of the code, but what I noticed is that "VIEW3D_OT_ruler_add" (which has the OPTYPE_UNDO flag) invokes "GIZMOGROUP_OT_gizmo_tweak", which is modal and does not have the OPTYPE_UNDO flag. So, indeed, it seems the undo step is being added at the wrong moment.

Maybe it could be a good idea to remove the OPTYPE_UNDO from "VIEW3D_OT_ruler_add" and explicitly call ED_undo_push within `gizmo_ruler_exit"?

(Or maybe make more complex core changes and postpone the undo step if one operator calls another...)

> `view3d_ruler_to_gpencil` can be called from `gizmo_ruler_exit`, which (as far as I can follow code and guess) seems to happen after the undo step is saved? I am not very familiar with this part of the code, but what I noticed is that "VIEW3D_OT_ruler_add" (which has the `OPTYPE_UNDO` flag) invokes "GIZMOGROUP_OT_gizmo_tweak", which is modal and does not have the `OPTYPE_UNDO` flag. So, indeed, it seems the undo step is being added at the wrong moment. Maybe it could be a good idea to remove the `OPTYPE_UNDO` from "VIEW3D_OT_ruler_add" and explicitly call `ED_undo_push` within `gizmo_ruler_exit"? (Or maybe make more complex core changes and postpone the undo step if one operator calls another...)
Bastien Montagne commented 2024-01-04 16:07:56 +01:00
Owner
Copy Link

@mano-wii AFAIK operators that are launched from other operators will never create an automatic undo step when they exit (this is ensured by the WM operators management code).

But I have no idea what's expected to happen (or what actually happens) when the first-level operator exits after invoking a second-level modal operator that keeps running... Maybe @ideasman42 or @JulianEisel know more about that?

@mano-wii AFAIK operators that are launched from other operators will never create an automatic undo step when they exit (this is ensured by the WM operators management code). But I have no idea what's expected to happen (or what actually happens) when the first-level operator exits after invoking a second-level modal operator that keeps running... Maybe @ideasman42 or @JulianEisel know more about that?
Blender Bot added
Status
Resolved
 and removed
Status
Confirmed
 labels 2024-01-12 11:13:54 +01:00
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels   
Interest
Alembic

  
Interest
Animation & Rigging

  
Interest
Asset System
Asset datablocks, libraries, browser and shelf

  
Interest
Audio

  
Interest
Automated Testing

  
Interest
Blender Asset Bundle

  
Interest
BlendFile

  
Interest
Code Documentation
Code comments, Python/RNA API descriptions

  
Interest
Collada

  
Interest
Compatibility
Backward and forward compatibility

  
Interest
Compositing

  
Interest
Core

  
Interest
Cycles

  
Interest
Dependency Graph

  
Interest
Development Management

  
Interest
EEVEE

  
Interest
Freestyle

  
Interest
Geometry Nodes

  
Interest
Grease Pencil

  
Interest
ID Management

  
Interest
Images & Movies

  
Interest
Import Export

  
Interest
Line Art

  
Interest
Masking

  
Interest
Metal

  
Interest
Modeling

  
Interest
Modifiers

  
Interest
Motion Tracking

  
Interest
Nodes & Physics

  
Interest
OpenGL

  
Interest
Overlay

  
Interest
Overrides

  
Interest
Performance

  
Interest
Physics

  
Interest
Pipeline, Assets & IO

  
Interest
Platforms, Builds & Tests

  
Interest
Python API

  
Interest
Render & Cycles

  
Interest
Render Pipeline

  
Interest
Sculpt, Paint & Texture

  
Interest
Text Editor

  
Interest
Translations

  
Interest
Triaging

  
Interest
Undo

  
Interest
USD

  
Interest
User Interface

  
Interest
UV Editing

  
Interest
VFX & Video

  
Interest
Video Sequencer

  
Interest
Viewport & EEVEE

  
Interest
Virtual Reality

  
Interest
Vulkan

  
Interest
Wayland
Wayland windowing on Unix

  
Interest
Workbench

  
Interest: X11

Xorg/X11 windowing

  
Legacy
Asset Browser Project

Archived

  
Legacy
Blender 2.8 Project

Archived

  
Legacy
Milestone 1: Basic, Local Asset Browser

Archived

  
Legacy
OpenGL Error

Archived

  
Meta
Good First Issue

  
Meta
Papercut

  
Meta
Retrospective

  
Meta
Security
Related to security, see policy: https://developer.blender.org/docs/handbook/bug_reports/vulnerability_reports/

  
Module
Animation & Rigging

  
Module
Core

  
Module
Development Management

  
Module
Grease Pencil

  
Module
Modeling

  
Module
Nodes & Physics

  
Module
Pipeline, Assets & IO

  
Module
Platforms, Builds & Tests

  
Module
Python API

  
Module
Render & Cycles

  
Module
Sculpt, Paint & Texture

  
Module
Triaging

  
Module
User Interface

  
Module
VFX & Video

  
Module
Viewport & EEVEE

  
Platform
FreeBSD

  
Platform
Linux

  
Platform
macOS

  
Platform
Windows

  
Severity
High

  
Severity
Low

  
Severity
Normal

  
Severity
Unbreak Now!

  
Status
Archived

  
Status
Confirmed

  
Status
Duplicate

  
Status
Needs Info from Developers

  
Status
Needs Information from User

  
Status
Needs Triage

  
Status
Resolved

  
Type
Bug

  
Type
Design

  
Type
Known Issue

  
Type
Patch

Archived

  
Type
Report

Archived

  
Type
To Do

No Label
Interest
Alembic
Interest
Animation & Rigging
Interest
Asset System
Interest
Audio
Interest
Automated Testing
Interest
Blender Asset Bundle
Interest
BlendFile
Interest
Code Documentation
Interest
Collada
Interest
Compatibility
Interest
Compositing
Interest
Core
Interest
Cycles
Interest
Dependency Graph
Interest
Development Management
Interest
EEVEE
Interest
Freestyle
Interest
Geometry Nodes
Interest
Grease Pencil
Interest
ID Management
Interest
Images & Movies
Interest
Import Export
Interest
Line Art
Interest
Masking
Interest
Metal
Interest
Modeling
Interest
Modifiers
Interest
Motion Tracking
Interest
Nodes & Physics
Interest
OpenGL
Interest
Overlay
Interest
Overrides
Interest
Performance
Interest
Physics
Interest
Pipeline, Assets & IO
Interest
Platforms, Builds & Tests
Interest
Python API
Interest
Render & Cycles
Interest
Render Pipeline
Interest
Sculpt, Paint & Texture
Interest
Text Editor
Interest
Translations
Interest
Triaging
Interest
Undo
Interest
USD
Interest
User Interface
Interest
UV Editing
Interest
VFX & Video
Interest
Video Sequencer
Interest
Viewport & EEVEE
Interest
Virtual Reality
Interest
Vulkan
Interest
Wayland
Interest
Workbench
Interest: X11
Legacy
Asset Browser Project
Legacy
Blender 2.8 Project
Legacy
Milestone 1: Basic, Local Asset Browser
Legacy
OpenGL Error
Meta
Good First Issue
Meta
Papercut
Meta
Retrospective
Meta
Security
Module
Animation & Rigging
Module
Core
Module
Development Management
Module
Grease Pencil
Module
Modeling
Module
Nodes & Physics
Module
Pipeline, Assets & IO
Module
Platforms, Builds & Tests
Module
Python API
Module
Render & Cycles
Module
Sculpt, Paint & Texture
Module
Triaging
Module
User Interface
Module
VFX & Video
Module
Viewport & EEVEE
Platform
FreeBSD
Platform
Linux
Platform
macOS
Platform
Windows
Severity
High
Severity
Low
Severity
Normal
Severity
Unbreak Now!
Status
Archived
Status
Confirmed
Status
Duplicate
Status
Needs Info from Developers
Status
Needs Information from User
Status
Needs Triage
Status
Resolved
Type
Bug
Type
Design
Type
Known Issue
Type
Patch
Type
Report
Type
To Do
Milestone
Clear milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
No Assignees
3 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: blender/blender#116734
No description provided.
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?