Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Memory read out-of-bounds bug found in sdfdump #1761

Open
Felix-Kit opened this issue Feb 9, 2022 · 1 comment
Open

Memory read out-of-bounds bug found in sdfdump #1761

Felix-Kit opened this issue Feb 9, 2022 · 1 comment

Comments

@Felix-Kit
Copy link

Description of Issue

Memory leaks

Steps to Reproduce

./sdfdump [poc]
poc.zip

System Information (OS, Hardware)

ubuntu 18.04
The corresponding ASAN log information is as follows:

failed call to posix_madvise(140658362150912, 1099511622632)ret=12, errno=2 'No such file or directory'
failed call to posix_madvise(140658362150912, 1099511622632)ret=12, errno=2 'No such file or directory'
Runtime Error: in Read at line 618 of /home/hill/USD/USD-release/pxr/usd/usd/crateFile.cpp -- Read out-of-bounds: 544 bytes at offset 176 in a mapping of length 562
sdfdump: Error - failed to open layer </home/hill/openUSD_rename_crashes_1/879.usdz>

=================================================================
==7413==ERROR: LeakSanitizer: detected memory leaks

Direct leak of 3096 byte(s) in 3 object(s) allocated from:
#0 0x7fed9c7e4608 in operator new[](unsigned long) (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xe0608)
#1 0x7fed964fd9b2 in tbb::internal::task_stream<3>::initialize(unsigned int) ../../src/tbb/task_stream.h:94
#2 0x7fed964fd9b2 in tbb::internal::arena::arena(tbb::internal::market&, unsigned int, unsigned int) ../../src/tbb/arena.cpp:225

Direct leak of 1544 byte(s) in 1 object(s) allocated from:
#0 0x7fed9c7e4448 in operator new(unsigned long) (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xe0448)
#1 0x7fed99fbfe7e in allocate /usr/include/c++/7/ext/new_allocator.h:111
#2 0x7fed99fbf8b9 in allocate /usr/include/c++/7/bits/alloc_traits.h:436
#3 0x7fed99fbeb13 in M_allocate /usr/include/c++/7/bits/stl_vector.h:172
#4 0x7fed99fbd239 in M_allocate_and_copy<std::move_iterator<gnu_cxx::Hashtable_node<std::pair<const std::cxx11::basic_string, std::cxx11::list<pxrInternal_v0_21__pxrReserved::(anonymous namespace)::Tf_RegistryManagerImpl::RegistrationValue> > >**> > /usr/include/c++/7/bits/stl_vector.h:1260
#5 0x7fed99fbc56d in reserve /usr/include/c++/7/bits/vector.tcc:73
#6 0x7fed99fbb298 in M_initialize_buckets /usr/include/c++/7/backward/hashtable.h:594
#7 0x7fed99fb99e0 in hashtable /usr/include/c++/7/backward/hashtable.h:349
#8 0x7fed99fb86f4 in hash_map /usr/include/c++/7/ext/hash_map:125
#9 0x7fed99fb68f3 in TfHashMap /home/hill/USD/USD-release/pxr/base/tf/hashmap.h:71
#10 0x7fed99fb3590 in ActiveLibraryState /home/hill/USD/USD-release/pxr/base/tf/registryManager.cpp:265
#11 0x7fed99fc1063 in construct /home/hill/usd_asan_debug/include/tbb/enumerable_thread_specific.h:604
#12 0x7fed99fc0904 in construct /home/hill/usd_asan_debug/include/tbb/enumerable_thread_specific.h:676
#13 0x7fed99fc0ae8 in create_local /home/hill/usd_asan_debug/include/tbb/enumerable_thread_specific.h:798
#14 0x7fed9ba3f9ca in tbb::interface6::internal::ets_base<(tbb::ets_key_usage_type)1>::table_lookup(bool&) /home/hill/usd_asan_debug/include/tbb/enumerable_thread_specific.h:201
#15 0x7fed99fb8dbc in local /home/hill/usd_asan_debug/include/tbb/enumerable_thread_specific.h:902
#16 0x7fed99fb6f72 in local /home/hill/usd_asan_debug/include/tbb/enumerable_thread_specific.h:897
#17 0x7fed99fb4d3f in ProcessLibraryNoLock /home/hill/USD/USD-release/pxr/base/tf/registryManager.cpp:430
#18 0x7fed99fb481c in SubscribeTo /home/hill/USD/USD-release/pxr/base/tf/registryManager.cpp:399
#19 0x7fed99fb65a3 in pxrInternal_v0_21__pxrReserved
::TfRegistryManager::SubscribeTo(std::type_info const&) /home/hill/USD/USD-release/pxr/base/tf/registryManager
poc.zip
.cpp:595
#20 0x7fed99eb2a0f in void pxrInternal_v0_21__pxrReserved
::TfRegistryManager::SubscribeTo<pxrInternal_v0_21__pxrReserved
::TfDebug>() /home/hill/USD/USD-release/pxr/base/tf/registryManager.h:69
#21 0x7fed99eae1d7 in pxrInternal_v0_21__pxrReserved::Tf_DebugSymbolRegistry::Tf_DebugSymbolRegistry() /home/hill/USD/USD-release/pxr/base/tf/debug.cpp:323
#22 0x7fed99eaef15 in pxrInternal_v0_21__pxrReserved
::TfSingleton<pxrInternal_v0_21__pxrReserved
::Tf_DebugSymbolRegistry>::CreateInstance() /home/hill/USD/USD-release/pxr/base/tf/instantiateSingleton.h:71
#23 0x7fed99eae9ff in pxrInternal_v0_21__pxrReserved
_::TfSingleton<pxrInternal_v0_21__pxrReserved__::Tf_DebugSymbolRegistry>::GetInstance() /home/hill/USD/USD-release/pxr/base/tf/singleton.h:142
#24 0x7fed99ea9d60 in pxrInternal_v0_21__pxrReserved__::Tf_DebugSymbolRegistry::GetInstance() /home/hill/USD/USD-release/pxr/base/tf/debug.cpp:128
#25 0x7fed99ea891c in pxrInternal_v0_21__pxrReserved
_::TfDebug::InitializeNode(pxrInternal_v0_21__pxrReserved_::TfDebug::Node&, char const*) /home/hill/USD/USD-release/pxr/base/tf/debug.cpp:411
#26 0x7fed99eafb1e in bool pxrInternal_v0_21__pxrReserved
_::TfDebug::IsEnabled<pxrInternal_v0_21__pxrReserved__::TF_DISCOVERY_TERSE__DebugCodes>(pxrInternal_v0_21__pxrReserved__::TF_DISCOVERY_TERSE__DebugCodes) /home/hill/USD/USD-release/pxr/base/tf/debug.h:200
#27 0x7fed99fb3690 in Tf_RegistryManagerImpl /home/hill/USD/USD-release/pxr/base/tf/registryManager.cpp:299
#28 0x7fed99fb82df in _CreateInstance /home/hill/USD/USD-release/pxr/base/tf/instantiateSingleton.h:71
#29 0x7fed99fb68d0 in GetInstance /home/hill/USD/USD-release/pxr/base/tf/singleton.h:142

Direct leak of 32 byte(s) in 1 object(s) allocated from:
#0 0x7fed9c7e4448 in operator new(unsigned long) (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xe0448)
#1 0x5600b7e70f96 in gnu_cxx::new_allocator<std::cxx11::basic_string<char, std::char_traits, std::allocator > >::allocate(unsigned long, void const*) /usr/include/c++/7/ext/new_allocator.h:111
#2 0x5600b7e6b031 in std::allocator_traits<std::allocator<std::cxx11::basic_string<char, std::char_traits, std::allocator > > >::allocate(std::allocator<std::cxx11::basic_string<char, std::char_traits, std::allocator > >&, unsigned long) /usr/include/c++/7/bits/alloc_traits.h:436
#3 0x5600b7e6203f in std::Vector_base<std::cxx11::basic_string<char, std::char_traits, std::allocator >, std::allocator<std::cxx11::basic_string<char, std::char_traits, std::allocator > > >::M_allocate(unsigned long) /usr/include/c++/7/bits/stl_vector.h:172
#4 0x5600b7e6034a in void std::vector<std::cxx11::basic_string<char, std::char_traits, std::allocator >, std::allocator<std::cxx11::basic_string<char, std::char_traits, std::allocator > > >::M_realloc_insert<std::cxx11::basic_string<char, std::char_traits, std::allocator > >(gnu_cxx::normal_iterator<std::cxx11::basic_string<char, std::char_traits, std::allocator >, std::vector<std::__cxx11::basic_string<char, std::char_traits, std::allocator >, std::allocator<std::__cxx11::basic_string<char, std::char_traits, std::allocator > > > >, std::_cxx11::basic_string<char, std::char_traits, std::allocator >&&) /usr/include/c++/7/bits/vector.tcc:406
#5 0x5600b7e56a12 in void std::vector<std::cxx11::basic_string<char, std::char_traits, std::allocator >, std::allocator<std::cxx11::basic_string<char, std::char_traits, std::allocator > > >::emplace_back<std::cxx11::basic_string<char, std::char_traits, std::allocator > >(std::cxx11::basic_string<char, std::char_traits, std::allocator >&&) /usr/include/c++/7/bits/vector.tcc:105
#6 0x5600b7e4cf3d in std::vector<std::cxx11::basic_string<char, std::char_traits, std::allocator >, std::allocator<std::cxx11::basic_string<char, std::char_traits, std::allocator > > >::push_back(std::cxx11::basic_string<char, std::char_traits, std::allocator >&&) /usr/include/c++/7/bits/stl_vector.h:954
#7 0x7fed99ed8d1b in pxrInternal_v0_21__pxrReserved::TfDiagnosticMgr::LogText::AppendAndPublishImpl(bool, std::List_iterator<pxrInternal_v0_21__pxrReserved::TfError>, std::List_iterator<pxrInternal_v0_21__pxrReserved::TfError>) /home/hill/USD/USD-release/pxr/base/tf/diagnosticMgr.cpp:630
#8 0x7fed99ed850a in pxrInternal_v0_21__pxrReserved
::TfDiagnosticMgr::LogText::AppendAndPublish(std::List_iterator<pxrInternal_v0_21__pxrReserved::TfError>, std::List_iterator<pxrInternal_v0_21__pxrReserved::TfError>) /home/hill/USD/USD-release/pxr/base/tf/diagnosticMgr.cpp:586
#9 0x7fed99ed8f83 in pxrInternal_v0_21__pxrReserved::TfDiagnosticMgr::AppendErrorsToLogText(std::List_iterator<pxrInternal_v0_21__pxrReserved::TfError>) /home/hill/USD/USD-release/pxr/base/tf/diagnosticMgr.cpp:640
#10 0x7fed99ed2e6c in pxrInternal_v0_21__pxrReserved::TfDiagnosticMgr::AppendError(pxrInternal_v0_21__pxrReserved::TfError const&) /home/hill/USD/USD-release/pxr/base/tf/diagnosticMgr.cpp:192
#11 0x7fed99ed38d6 in pxrInternal_v0_21__pxrReserved::TfDiagnosticMgr::PostError(pxrInternal_v0_21__pxrReserved::TfEnum, char const, pxrInternal_v0_21__pxrReserved::TfCallContext const&, std::cxx11::basic_string<char, std::char_traits, std::allocator > const&, boost::any, bool) /home/hill/USD/USD-release/pxr/base/tf/diagnosticMgr.cpp:246
#12 0x7fed99ed691c in pxrInternal_v0_21__pxrReserved::TfDiagnosticMgr::ErrorHelper::Post(std::cxx11::basic_string<char, std::char_traits, std::allocator > const&) const /home/hill/USD/USD-release/pxr/base/tf/diagnosticMgr.cpp:480
#13 0x7fed99ec95ab in pxrInternal_v0_21__pxrReserved::Tf_PostErrorHelper(pxrInternal_v0_21__pxrReserved::TfCallContext const&, pxrInternal_v0_21__pxrReserved::TfEnum const&, std::cxx11::basic_string<char, std::char_traits, std::allocator > const&) /home/hill/USD/USD-release/pxr/base/tf/diagnosticHelper.cpp:47
#14 0x7fed99ec9773 in pxrInternal_v0_21__pxrReserved::Tf_PostErrorHelper(pxrInternal_v0_21__pxrReserved
::TfCallContext const&, pxrInternal_v0_21__pxrReserved
::TfDiagnosticType, std::cxx11::basic_string<char, std::char_traits, std::allocator > const&) /home/hill/USD/USD-release/pxr/base/tf/diagnosticHelper.cpp:57
#15 0x7fed99ec9c21 in pxrInternal_v0_21__pxrReserved
::Tf_PostErrorHelper(pxrInternal_v0_21__pxrReserved::TfCallContext const&, pxrInternal_v0_21__pxrReserved::TfDiagnosticType, char const*, ...) /home/hill/USD/USD-release/pxr/base/tf/diagnosticHelper.cpp:81
#16 0x7fed90374c79 in pxrInternal_v0_21__pxrReserved
::Usd_CrateFile::MmapStream<pxrInternal_v0_21__pxrReserved::Usd_CrateFile::CrateFile::FileMapping*>::Read(void*, unsigned long) /home/hill/USD/USD-release/pxr/usd/usd/crateFile.cpp:615
#17 0x7fed9049f45f in std::enable_if<pxrInternal_v0_21__pxrReserved
::Usd_CrateFile::IsBitwiseReadWrite<pxrInternal_v0_21__pxrReserved::Usd_CrateFile::CrateFile::Field>::value, void>::type pxrInternal_v0_21__pxrReserved::Usd_CrateFile::CrateFile::Reader<pxrInternal_v0_21__pxrReserved::Usd_CrateFile::MmapStream<pxrInternal_v0_21__pxrReserved::Usd_CrateFile::CrateFile::FileMapping*> >::ReadContiguous<pxrInternal_v0_21__pxrReserved::Usd_CrateFile::CrateFile::Field>(pxrInternal_v0_21__pxrReserved::Usd_CrateFile::CrateFile::Field*, unsigned long) /home/hill/USD/USD-release/pxr/usd/usd/crateFile.cpp:1338
#18 0x7fed9043293e in std::vector<pxrInternal_v0_21__pxrReserved_::Usd_CrateFile::CrateFile::Field, std::allocator<pxrInternal_v0_21__pxrReserved__::Usd_CrateFile::CrateFile::Field> > pxrInternal_v0_21__pxrReserved__::Usd_CrateFile::CrateFile::Reader<pxrInternal_v0_21__pxrReserved_::Usd_CrateFile::MmapStream<pxrInternal_v0_21__pxrReserved_::Usd_CrateFile::CrateFile::FileMapping*> >::Read<pxrInternal_v0_21__pxrReserved_::Usd_CrateFile::CrateFile::Field>(std::vector<pxrInternal_v0_21__pxrReserved__::Usd_CrateFile::CrateFile::Field, std::allocator<pxrInternal_v0_21__pxrReserved__::Usd_CrateFile::CrateFile::Field> >) /home/hill/USD/USD-release/pxr/usd/usd/crateFile.cpp:1331
#19 0x7fed903b2772 in std::vector<pxrInternal_v0_21__pxrReserved__::Usd_CrateFile::CrateFile::Field, std::allocator<pxrInternal_v0_21__pxrReserved__::Usd_CrateFile::CrateFile::Field> > pxrInternal_v0_21__pxrReserved__::Usd_CrateFile::CrateFile::Reader<pxrInternal_v0_21__pxrReserved_::Usd_CrateFile::MmapStream<pxrInternal_v0_21__pxrReserved_::Usd_CrateFile::CrateFile::_FileMapping
> >::Read<std::vector<pxrInternal_v0_21__pxrReserved__::Usd_CrateFile::CrateFile::Field, std::allocator<pxrInternal_v0_21__pxrReserved__::Usd_CrateFile::CrateFile::Field> > >() /home/hill/USD/USD-release/pxr/usd/usd/crateFile.cpp:1181
#20 0x7fed9035f4cf in void pxrInternal_v0_21__pxrReserved__::Usd_CrateFile::CrateFile::ReadFields<pxrInternal_v0_21__pxrReserved_::Usd_CrateFile::CrateFile::Reader<pxrInternal_v0_21__pxrReserved_::Usd_CrateFile::MmapStream<pxrInternal_v0_21__pxrReserved_::Usd_CrateFile::CrateFile::FileMapping*> > >(pxrInternal_v0_21__pxrReserved_::Usd_CrateFile::CrateFile::Reader<pxrInternal_v0_21__pxrReserved_::Usd_CrateFile::MmapStream<pxrInternal_v0_21__pxrReserved_::Usd_CrateFile::CrateFile::FileMapping*> >) (/home/hill/usd_asan_debug/lib/libusd_usd.so+0xf964cf)
#21 0x7fed9030a1b1 in void pxrInternal_v0_21__pxrReserved
_::Usd_CrateFile::CrateFile::ReadStructuralSections<pxrInternal_v0_21__pxrReserved_::Usd_CrateFile::CrateFile::Reader<pxrInternal_v0_21__pxrReserved_::Usd_CrateFile::MmapStream<pxrInternal_v0_21__pxrReserved_::Usd_CrateFile::CrateFile::FileMapping*> > >(pxrInternal_v0_21__pxrReserved_::Usd_CrateFile::CrateFile::Reader<pxrInternal_v0_21__pxrReserved_::Usd_CrateFile::MmapStream<pxrInternal_v0_21__pxrReserved_::Usd_CrateFile::CrateFile::FileMapping*> >, long) (/home/hill/usd_asan_debug/lib/libusd_usd.so+0xf411b1)
#22 0x7fed902a73e7 in pxrInternal_v0_21__pxrReserved
_::Usd_CrateFile::CrateFile::InitMMap() /home/hill/USD/USD-release/pxr/usd/usd/crateFile.cpp:2309
#23 0x7fed902a699d in pxrInternal_v0_21__pxrReserved
_::Usd_CrateFile::CrateFile::CrateFile(std::cxx11::basic_string<char, std::char_traits, std::allocator > const&, std::cxx11::basic_string<char, std::char_traits, std::allocator > const&, boost::intrusive_ptr<pxrInternal_v0_21__pxrReserved::Usd_CrateFile::CrateFile::FileMapping>, std::shared_ptr<pxrInternal_v0_21__pxrReserved::ArAsset> const&) /home/hill/USD/USD-release/pxr/usd/usd/crateFile.cpp:2272
#24 0x7fed902a581a in pxrInternal_v0_21__pxrReserved
_::Usd_CrateFile::CrateFile::Open(std::cxx11::basic_string<char, std::char_traits, std::allocator > const&, std::shared_ptr<pxrInternal_v0_21__pxrReserved::ArAsset> const&) /home/hill/USD/USD-release/pxr/usd/usd/crateFile.cpp:2217
#25 0x7fed9024bcf9 in bool pxrInternal_v0_21__pxrReserved__::Usd_CrateDataImpl::Open<std::shared_ptr<pxrInternal_v0_21__pxrReserved__::ArAsset> const&>(std::cxx11::basic_string<char, std::char_traits, std::allocator > const&, std::shared_ptr<pxrInternal_v0_21__pxrReserved::ArAsset> const&) (/home/hill/usd_asan_debug/lib/libusd_usd.so+0xe82cf9)
#26 0x7fed902275e7 in pxrInternal_v0_21__pxrReserved__::Usd_CrateData::Open(std::cxx11::basic_string<char, std::char_traits, std::allocator > const&, std::shared_ptr<pxrInternal_v0_21__pxrReserved::ArAsset> const&) /home/hill/USD/USD-release/pxr/usd/usd/crateData.cpp:1320
#27 0x7fed90ce7e56 in bool pxrInternal_v0_21__pxrReserved__::UsdUsdcFileFormat::ReadHelper<std::shared_ptr<pxrInternal_v0_21__pxrReserved_::ArAsset> const&>(pxrInternal_v0_21__pxrReserved__::SdfLayer*, std::cxx11::basic_string<char, std::char_traits, std::allocator > const&, bool, std::shared_ptr<pxrInternal_v0_21__pxrReserved::ArAsset> const&) const /home/hill/USD/USD-release/pxr/usd/usd/usdcFileFormat.cpp:123
#28 0x7fed90ce67e3 in pxrInternal_v0_21__pxrReserved__::UsdUsdcFileFormat::ReadFromAsset(pxrInternal_v0_21__pxrReserved_::SdfLayer*, std::cxx11::basic_string<char, std::char_traits, std::allocator > const&, std::shared_ptr<pxrInternal_v0_21__pxrReserved::ArAsset> const&, bool) const /home/hill/USD/USD-release/pxr/usd/usd/usdcFileFormat.cpp:108
#29 0x7fed90ce0282 in pxrInternal_v0_21__pxrReserved__::UsdUsdFileFormat::Read(pxrInternal_v0_21__pxrReserved__::SdfLayer*, std::__cxx11::basic_string<char, std::char_traits, std::allocator > const&, bool) const /home/hill/USD/USD-release/pxr/usd/usd/usdFileFormat.cpp:225

Direct leak of 32 byte(s) in 1 object(s) allocated from:
#0 0x7fed9c7e4448 in operator new(unsigned long) (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xe0448)
#1 0x5600b7e70f96 in gnu_cxx::new_allocator<std::cxx11::basic_string<char, std::char_traits, std::allocator > >::allocate(unsigned long, void const*) /usr/include/c++/7/ext/new_allocator.h:111
#2 0x5600b7e6b031 in std::allocator_traits<std::allocator<std::cxx11::basic_string<char, std::char_traits, std::allocator > > >::allocate(std::allocator<std::cxx11::basic_string<char, std::char_traits, std::allocator > >&, unsigned long) /usr/include/c++/7/bits/alloc_traits.h:436
#3 0x5600b7e6203f in std::Vector_base<std::cxx11::basic_string<char, std::char_traits, std::allocator >, std::allocator<std::cxx11::basic_string<char, std::char_traits, std::allocator > > >::M_allocate(unsigned long) /usr/include/c++/7/bits/stl_vector.h:172
#4 0x5600b7e6034a in void std::vector<std::cxx11::basic_string<char, std::char_traits, std::allocator >, std::allocator<std::cxx11::basic_string<char, std::char_traits, std::allocator > > >::M_realloc_insert<std::cxx11::basic_string<char, std::char_traits, std::allocator > >(gnu_cxx::normal_iterator<std::cxx11::basic_string<char, std::char_traits, std::allocator >, std::vector<std::__cxx11::basic_string<char, std::char_traits, std::allocator >, std::allocator<std::__cxx11::basic_string<char, std::char_traits, std::allocator > > > >, std::_cxx11::basic_string<char, std::char_traits, std::allocator >&&) /usr/include/c++/7/bits/vector.tcc:406
#5 0x5600b7e56a12 in void std::vector<std::cxx11::basic_string<char, std::char_traits, std::allocator >, std::allocator<std::cxx11::basic_string<char, std::char_traits, std::allocator > > >::emplace_back<std::cxx11::basic_string<char, std::char_traits, std::allocator > >(std::cxx11::basic_string<char, std::char_traits, std::allocator >&&) /usr/include/c++/7/bits/vector.tcc:105
#6 0x5600b7e4cf3d in std::vector<std::cxx11::basic_string<char, std::char_traits, std::allocator >, std::allocator<std::cxx11::basic_string<char, std::char_traits, std::allocator > > >::push_back(std::cxx11::basic_string<char, std::char_traits, std::allocator >&&) /usr/include/c++/7/bits/stl_vector.h:954
#7 0x7fed99ed88d8 in pxrInternal_v0_21__pxrReserved::TfDiagnosticMgr::LogText::AppendAndPublishImpl(bool, std::List_iterator<pxrInternal_v0_21__pxrReserved::TfError>, std::List_iterator<pxrInternal_v0_21__pxrReserved::TfError>) /home/hill/USD/USD-release/pxr/base/tf/diagnosticMgr.cpp:617
#8 0x7fed99ed850a in pxrInternal_v0_21__pxrReserved
::TfDiagnosticMgr::LogText::AppendAndPublish(std::List_iterator<pxrInternal_v0_21__pxrReserved::TfError>, std::List_iterator<pxrInternal_v0_21__pxrReserved::TfError>) /home/hill/USD/USD-release/pxr/base/tf/diagnosticMgr.cpp:586
#9 0x7fed99ed8f83 in pxrInternal_v0_21__pxrReserved::TfDiagnosticMgr::AppendErrorsToLogText(std::List_iterator<pxrInternal_v0_21__pxrReserved::TfError>) /home/hill/USD/USD-release/pxr/base/tf/diagnosticMgr.cpp:640
#10 0x7fed99ed2e6c in pxrInternal_v0_21__pxrReserved::TfDiagnosticMgr::AppendError(pxrInternal_v0_21__pxrReserved::TfError const&) /home/hill/USD/USD-release/pxr/base/tf/diagnosticMgr.cpp:192
#11 0x7fed99ed38d6 in pxrInternal_v0_21__pxrReserved::TfDiagnosticMgr::PostError(pxrInternal_v0_21__pxrReserved::TfEnum, char const, pxrInternal_v0_21__pxrReserved::TfCallContext const&, std::cxx11::basic_string<char, std::char_traits, std::allocator > const&, boost::any, bool) /home/hill/USD/USD-release/pxr/base/tf/diagnosticMgr.cpp:246
#12 0x7fed99ed691c in pxrInternal_v0_21__pxrReserved::TfDiagnosticMgr::ErrorHelper::Post(std::cxx11::basic_string<char, std::char_traits, std::allocator > const&) const /home/hill/USD/USD-release/pxr/base/tf/diagnosticMgr.cpp:480
#13 0x7fed99ec95ab in pxrInternal_v0_21__pxrReserved::Tf_PostErrorHelper(pxrInternal_v0_21__pxrReserved::TfCallContext const&, pxrInternal_v0_21__pxrReserved::TfEnum const&, std::cxx11::basic_string<char, std::char_traits, std::allocator > const&) /home/hill/USD/USD-release/pxr/base/tf/diagnosticHelper.cpp:47
#14 0x7fed99ec9773 in pxrInternal_v0_21__pxrReserved::Tf_PostErrorHelper(pxrInternal_v0_21__pxrReserved
::TfCallContext const&, pxrInternal_v0_21__pxrReserved
::TfDiagnosticType, std::cxx11::basic_string<char, std::char_traits, std::allocator > const&) /home/hill/USD/USD-release/pxr/base/tf/diagnosticHelper.cpp:57
#15 0x7fed99ec9c21 in pxrInternal_v0_21__pxrReserved
::Tf_PostErrorHelper(pxrInternal_v0_21__pxrReserved::TfCallContext const&, pxrInternal_v0_21__pxrReserved::TfDiagnosticType, char const*, ...) /home/hill/USD/USD-release/pxr/base/tf/diagnosticHelper.cpp:81
#16 0x7fed90374c79 in pxrInternal_v0_21__pxrReserved
::Usd_CrateFile::MmapStream<pxrInternal_v0_21__pxrReserved::Usd_CrateFile::CrateFile::FileMapping*>::Read(void*, unsigned long) /home/hill/USD/USD-release/pxr/usd/usd/crateFile.cpp:615
#17 0x7fed9049f45f in std::enable_if<pxrInternal_v0_21__pxrReserved
::Usd_CrateFile::IsBitwiseReadWrite<pxrInternal_v0_21__pxrReserved::Usd_CrateFile::CrateFile::Field>::value, void>::type pxrInternal_v0_21__pxrReserved::Usd_CrateFile::CrateFile::Reader<pxrInternal_v0_21__pxrReserved::Usd_CrateFile::MmapStream<pxrInternal_v0_21__pxrReserved::Usd_CrateFile::CrateFile::FileMapping*> >::ReadContiguous<pxrInternal_v0_21__pxrReserved::Usd_CrateFile::CrateFile::Field>(pxrInternal_v0_21__pxrReserved::Usd_CrateFile::CrateFile::Field*, unsigned long) /home/hill/USD/USD-release/pxr/usd/usd/crateFile.cpp:1338
#18 0x7fed9043293e in std::vector<pxrInternal_v0_21__pxrReserved_::Usd_CrateFile::CrateFile::Field, std::allocator<pxrInternal_v0_21__pxrReserved__::Usd_CrateFile::CrateFile::Field> > pxrInternal_v0_21__pxrReserved__::Usd_CrateFile::CrateFile::Reader<pxrInternal_v0_21__pxrReserved_::Usd_CrateFile::MmapStream<pxrInternal_v0_21__pxrReserved_::Usd_CrateFile::CrateFile::FileMapping*> >::Read<pxrInternal_v0_21__pxrReserved_::Usd_CrateFile::CrateFile::Field>(std::vector<pxrInternal_v0_21__pxrReserved__::Usd_CrateFile::CrateFile::Field, std::allocator<pxrInternal_v0_21__pxrReserved__::Usd_CrateFile::CrateFile::Field> >) /home/hill/USD/USD-release/pxr/usd/usd/crateFile.cpp:1331
#19 0x7fed903b2772 in std::vector<pxrInternal_v0_21__pxrReserved__::Usd_CrateFile::CrateFile::Field, std::allocator<pxrInternal_v0_21__pxrReserved__::Usd_CrateFile::CrateFile::Field> > pxrInternal_v0_21__pxrReserved__::Usd_CrateFile::CrateFile::Reader<pxrInternal_v0_21__pxrReserved_::Usd_CrateFile::MmapStream<pxrInternal_v0_21__pxrReserved_::Usd_CrateFile::CrateFile::_FileMapping
> >::Read<std::vector<pxrInternal_v0_21__pxrReserved__::Usd_CrateFile::CrateFile::Field, std::allocator<pxrInternal_v0_21__pxrReserved__::Usd_CrateFile::CrateFile::Field> > >() /home/hill/USD/USD-release/pxr/usd/usd/crateFile.cpp:1181
#20 0x7fed9035f4cf in void pxrInternal_v0_21__pxrReserved__::Usd_CrateFile::CrateFile::ReadFields<pxrInternal_v0_21__pxrReserved_::Usd_CrateFile::CrateFile::Reader<pxrInternal_v0_21__pxrReserved_::Usd_CrateFile::MmapStream<pxrInternal_v0_21__pxrReserved_::Usd_CrateFile::CrateFile::FileMapping*> > >(pxrInternal_v0_21__pxrReserved_::Usd_CrateFile::CrateFile::Reader<pxrInternal_v0_21__pxrReserved_::Usd_CrateFile::MmapStream<pxrInternal_v0_21__pxrReserved_::Usd_CrateFile::CrateFile::FileMapping*> >) (/home/hill/usd_asan_debug/lib/libusd_usd.so+0xf964cf)
#21 0x7fed9030a1b1 in void pxrInternal_v0_21__pxrReserved
_::Usd_CrateFile::CrateFile::ReadStructuralSections<pxrInternal_v0_21__pxrReserved_::Usd_CrateFile::CrateFile::Reader<pxrInternal_v0_21__pxrReserved_::Usd_CrateFile::MmapStream<pxrInternal_v0_21__pxrReserved_::Usd_CrateFile::CrateFile::FileMapping*> > >(pxrInternal_v0_21__pxrReserved_::Usd_CrateFile::CrateFile::Reader<pxrInternal_v0_21__pxrReserved_::Usd_CrateFile::MmapStream<pxrInternal_v0_21__pxrReserved_::Usd_CrateFile::CrateFile::FileMapping*> >, long) (/home/hill/usd_asan_debug/lib/libusd_usd.so+0xf411b1)
#22 0x7fed902a73e7 in pxrInternal_v0_21__pxrReserved
_::Usd_CrateFile::CrateFile::InitMMap() /home/hill/USD/USD-release/pxr/usd/usd/crateFile.cpp:2309
#23 0x7fed902a699d in pxrInternal_v0_21__pxrReserved
_::Usd_CrateFile::CrateFile::CrateFile(std::cxx11::basic_string<char, std::char_traits, std::allocator > const&, std::cxx11::basic_string<char, std::char_traits, std::allocator > const&, boost::intrusive_ptr<pxrInternal_v0_21__pxrReserved::Usd_CrateFile::CrateFile::FileMapping>, std::shared_ptr<pxrInternal_v0_21__pxrReserved::ArAsset> const&) /home/hill/USD/USD-release/pxr/usd/usd/crateFile.cpp:2272
#24 0x7fed902a581a in pxrInternal_v0_21__pxrReserved
_::Usd_CrateFile::CrateFile::Open(std::cxx11::basic_string<char, std::char_traits, std::allocator > const&, std::shared_ptr<pxrInternal_v0_21__pxrReserved::ArAsset> const&) /home/hill/USD/USD-release/pxr/usd/usd/crateFile.cpp:2217
#25 0x7fed9024bcf9 in bool pxrInternal_v0_21__pxrReserved__::Usd_CrateDataImpl::Open<std::shared_ptr<pxrInternal_v0_21__pxrReserved__::ArAsset> const&>(std::cxx11::basic_string<char, std::char_traits, std::allocator > const&, std::shared_ptr<pxrInternal_v0_21__pxrReserved::ArAsset> const&) (/home/hill/usd_asan_debug/lib/libusd_usd.so+0xe82cf9)
#26 0x7fed902275e7 in pxrInternal_v0_21__pxrReserved__::Usd_CrateData::Open(std::cxx11::basic_string<char, std::char_traits, std::allocator > const&, std::shared_ptr<pxrInternal_v0_21__pxrReserved::ArAsset> const&) /home/hill/USD/USD-release/pxr/usd/usd/crateData.cpp:1320
#27 0x7fed90ce7e56 in bool pxrInternal_v0_21__pxrReserved__::UsdUsdcFileFormat::ReadHelper<std::shared_ptr<pxrInternal_v0_21__pxrReserved_::ArAsset> const&>(pxrInternal_v0_21__pxrReserved__::SdfLayer*, std::cxx11::basic_string<char, std::char_traits, std::allocator > const&, bool, std::shared_ptr<pxrInternal_v0_21__pxrReserved::ArAsset> const&) const /home/hill/USD/USD-release/pxr/usd/usd/usdcFileFormat.cpp:123
#28 0x7fed90ce67e3 in pxrInternal_v0_21__pxrReserved__::UsdUsdcFileFormat::ReadFromAsset(pxrInternal_v0_21__pxrReserved_::SdfLayer*, std::cxx11::basic_string<char, std::char_traits, std::allocator > const&, std::shared_ptr<pxrInternal_v0_21__pxrReserved::ArAsset> const&, bool) const /home/hill/USD/USD-release/pxr/usd/usd/usdcFileFormat.cpp:108
#29 0x7fed90ce0282 in pxrInternal_v0_21__pxrReserved__::UsdUsdFileFormat::Read(pxrInternal_v0_21__pxrReserved__::SdfLayer*, std::__cxx11::basic_string<char, std::char_traits, std::allocator > const&, bool) const /home/hill/USD/USD-release/pxr/usd/usd/usdFileFormat.cpp:225

SUMMARY: AddressSanitizer: 4704 byte(s) leaked in 6 allocation(s).

Package Versions

21.11

###This bug is found by fuzzer ATTuzz

@jilliene
Copy link

Filed as internal issue #USD-7196

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants