This happens reproducible when you active the second viewport and press tab to switch between scene and model mode. It only happens if I change the window title:
const int sceneWindowFlags = ImGuiWindowFlags_NoScrollbar | ImGuiWindowFlags_NoScrollWithMouse |
ImGuiWindowFlags_MenuBar | ImGuiWindowFlags_NoFocusOnAppearing;
const char *modeStr = isSceneMode() ? "SceneMode" : "EditMode";
core::String name;
if (_detailedTitle) {
name = core::string::format("%s %s%s", SceneCameraModeStr[(int)_camMode], modeStr, _uiId.c_str());
} else {
name = core::string::format("%s%s", modeStr, _uiId.c_str());
}
if (ImGui::Begin(name.c_str(), nullptr, sceneWindowFlags)) {
renderMenuBar(listener);
renderViewport();
}
ImGui::End();
Using a fixed window title, the issue is gone.
f0d191cb38b09542589dfc18bbda988577af93ee "fixed" this by introducing a new window with a fixed title - but broke the input and clipping for the gizmo - 564e0b02a7c19f9b48d476855d018c75d5bc29c6 reverted it to the previous state (crashing again)
=================================================================
==206817==ERROR: AddressSanitizer: heap-use-after-free on address 0x603000171070 at pc 0x55af23859fd2 bp 0x7fff4fd5ee50 sp 0x7fff4fd5ee48
READ of size 1 at 0x603000171070 thread T0
#0 0x55af23859fd1 in ImHashStr(char const*, unsigned long, unsigned int) /home/mgerhardy/dev/engine/src/modules/ui/dearimgui/imgui.cpp:2084
#1 0x55af238abcde in ImGui::FindWindowByName(char const*) /home/mgerhardy/dev/engine/src/modules/ui/dearimgui/imgui.cpp:5882
#2 0x55af251c1b4f in IsHoveringWindow /home/mgerhardy/dev/engine/src/modules/ui/dearimgui/ImGuizmo.cpp:930
#3 0x55af251c2ee7 in ComputeContext /home/mgerhardy/dev/engine/src/modules/ui/dearimgui/ImGuizmo.cpp:1046
#4 0x55af251e9e58 in ImGuizmo::Manipulate(float const*, float const*, ImGuizmo::OPERATION, ImGuizmo::MODE, float*, float*, float const*, float const*, float const*) /home/mgerhardy/dev/engine/src/modules/ui/dearimgui/ImGuizmo.cpp:2512
#5 0x55af22a6066d in voxedit::Viewport::gizmoManipulate(video::Camera const&, float const*, glm::mat<4, 4, float, (glm::qualifier)0>&, glm::mat<4, 4, float, (glm::qualifier)0>&, unsigned int) const /home/mgerhardy/dev/engine/src/tools/voxedit/modules/voxedit-ui/Viewport.cpp:648
#6 0x55af22a610dc in voxedit::Viewport::runGizmo(video::Camera const&) /home/mgerhardy/dev/engine/src/tools/voxedit/modules/voxedit-ui/Viewport.cpp:674
#7 0x55af22a62ee5 in voxedit::Viewport::renderGizmo(video::Camera&, float, ImVec2 const&) /home/mgerhardy/dev/engine/src/tools/voxedit/modules/voxedit-ui/Viewport.cpp:755
#8 0x55af22a57cac in voxedit::Viewport::renderViewport() /home/mgerhardy/dev/engine/src/tools/voxedit/modules/voxedit-ui/Viewport.cpp:231
#9 0x55af22a5ba1a in voxedit::Viewport::update(command::CommandExecutionListener*) /home/mgerhardy/dev/engine/src/tools/voxedit/modules/voxedit-ui/Viewport.cpp:415
#10 0x55af229e5f99 in voxedit::MainWindow::mainWidget() /home/mgerhardy/dev/engine/src/tools/voxedit/modules/voxedit-ui/MainWindow.cpp:380
#11 0x55af229efeac in voxedit::MainWindow::update() /home/mgerhardy/dev/engine/src/tools/voxedit/modules/voxedit-ui/MainWindow.cpp:926
#12 0x55af229a620d in VoxEdit::onRenderUI() /home/mgerhardy/dev/engine/src/tools/voxedit/VoxEdit.cpp:494
#13 0x55af2370354e in ui::IMGUIApp::onRunning() /home/mgerhardy/dev/engine/src/modules/ui/IMGUIApp.cpp:413
#14 0x55af229a627b in VoxEdit::onRunning() /home/mgerhardy/dev/engine/src/tools/voxedit/VoxEdit.cpp:498
#15 0x55af25234cf4 in app::App::onFrame() /home/mgerhardy/dev/engine/src/modules/app/App.cpp:223
#16 0x55af25233564 in app::App::startMainLoop(int, char**) /home/mgerhardy/dev/engine/src/modules/app/App.cpp:153
#17 0x55af229a6551 in main /home/mgerhardy/dev/engine/src/tools/voxedit/VoxEdit.cpp:520
#18 0x7fe7a8a461c9 in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
#19 0x7fe7a8a46284 in __libc_start_main_impl ../csu/libc-start.c:360
#20 0x55af22986850 in _start (/home/mgerhardy/dev/engine/build/Debug/voxedit/vengi-voxedit+0x4aba850)
0x603000171070 is located 0 bytes inside of 26-byte region [0x603000171070,0x60300017108a)
freed by thread T0 here:
#0 0x7fe7a9cb76a8 in __interceptor_free ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:52
#1 0x7fe7a994c8fe (/lib/x86_64-linux-gnu/libSDL2-2.0.so.0+0xa08fe)
#2 0x55af23886940 in ImGui::MemFree(void*) /home/mgerhardy/dev/engine/src/modules/ui/dearimgui/imgui.cpp:4355
#3 0x55af23857e74 in ImStrdupcpy(char*, unsigned long*, char const*) /home/mgerhardy/dev/engine/src/modules/ui/dearimgui/imgui.cpp:1853
#4 0x55af238d19ab in ImGui::Begin(char const*, bool*, int) /home/mgerhardy/dev/engine/src/modules/ui/dearimgui/imgui.cpp:6967
#5 0x55af22a5b98e in voxedit::Viewport::update(command::CommandExecutionListener*) /home/mgerhardy/dev/engine/src/tools/voxedit/modules/voxedit-ui/Viewport.cpp:413
#6 0x55af229e5f99 in voxedit::MainWindow::mainWidget() /home/mgerhardy/dev/engine/src/tools/voxedit/modules/voxedit-ui/MainWindow.cpp:380
#7 0x55af229efeac in voxedit::MainWindow::update() /home/mgerhardy/dev/engine/src/tools/voxedit/modules/voxedit-ui/MainWindow.cpp:926
#8 0x55af229a620d in VoxEdit::onRenderUI() /home/mgerhardy/dev/engine/src/tools/voxedit/VoxEdit.cpp:494
#9 0x55af2370354e in ui::IMGUIApp::onRunning() /home/mgerhardy/dev/engine/src/modules/ui/IMGUIApp.cpp:413
#10 0x55af229a627b in VoxEdit::onRunning() /home/mgerhardy/dev/engine/src/tools/voxedit/VoxEdit.cpp:498
#11 0x55af25234cf4 in app::App::onFrame() /home/mgerhardy/dev/engine/src/modules/app/App.cpp:223
#12 0x55af25233564 in app::App::startMainLoop(int, char**) /home/mgerhardy/dev/engine/src/modules/app/App.cpp:153
#13 0x55af229a6551 in main /home/mgerhardy/dev/engine/src/tools/voxedit/VoxEdit.cpp:520
#14 0x7fe7a8a461c9 in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
previously allocated by thread T0 here:
#0 0x7fe7a9cb89cf in __interceptor_malloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:69
#1 0x7fe7a994c822 (/lib/x86_64-linux-gnu/libSDL2-2.0.so.0+0xa0822)
#2 0x55af238866cc in ImGui::MemAlloc(unsigned long) /home/mgerhardy/dev/engine/src/modules/ui/dearimgui/imgui.cpp:4339
#3 0x55af23857d49 in ImStrdup(char const*) /home/mgerhardy/dev/engine/src/modules/ui/dearimgui/imgui.cpp:1843
#4 0x55af2387c55d in ImGuiWindow::ImGuiWindow(ImGuiContext*, char const*) /home/mgerhardy/dev/engine/src/modules/ui/dearimgui/imgui.cpp:3842
#5 0x55af238afbb9 in CreateNewWindow /home/mgerhardy/dev/engine/src/modules/ui/dearimgui/imgui.cpp:5963
#6 0x55af238cad71 in ImGui::Begin(char const*, bool*, int) /home/mgerhardy/dev/engine/src/modules/ui/dearimgui/imgui.cpp:6760
#7 0x55af22a5b98e in voxedit::Viewport::update(command::CommandExecutionListener*) /home/mgerhardy/dev/engine/src/tools/voxedit/modules/voxedit-ui/Viewport.cpp:413
#8 0x55af229e5f99 in voxedit::MainWindow::mainWidget() /home/mgerhardy/dev/engine/src/tools/voxedit/modules/voxedit-ui/MainWindow.cpp:380
#9 0x55af229efeac in voxedit::MainWindow::update() /home/mgerhardy/dev/engine/src/tools/voxedit/modules/voxedit-ui/MainWindow.cpp:926
#10 0x55af229a620d in VoxEdit::onRenderUI() /home/mgerhardy/dev/engine/src/tools/voxedit/VoxEdit.cpp:494
#11 0x55af2370354e in ui::IMGUIApp::onRunning() /home/mgerhardy/dev/engine/src/modules/ui/IMGUIApp.cpp:413
#12 0x55af229a627b in VoxEdit::onRunning() /home/mgerhardy/dev/engine/src/tools/voxedit/VoxEdit.cpp:498
#13 0x55af25234cf4 in app::App::onFrame() /home/mgerhardy/dev/engine/src/modules/app/App.cpp:223
#14 0x55af25233564 in app::App::startMainLoop(int, char**) /home/mgerhardy/dev/engine/src/modules/app/App.cpp:153
#15 0x55af229a6551 in main /home/mgerhardy/dev/engine/src/tools/voxedit/VoxEdit.cpp:520
#16 0x7fe7a8a461c9 in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
SUMMARY: AddressSanitizer: heap-use-after-free /home/mgerhardy/dev/engine/src/modules/ui/dearimgui/imgui.cpp:2084 in ImHashStr(char const*, unsigned long, unsigned int)
Shadow bytes around the buggy address:
0x0c06800261b0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c06800261c0: fa fa fa fa fa fa fa fa fa fa fa fa 00 00 00 00
0x0c06800261d0: fa fa 00 00 00 00 fa fa fd fd fd fd fa fa 00 00
0x0c06800261e0: 00 00 fa fa 00 00 00 00 fa fa 00 00 01 fa fa fa
0x0c06800261f0: 00 00 00 00 fa fa 00 00 00 00 fa fa 00 00 00 00
=>0x0c0680026200: fa fa 00 00 00 00 fa fa 00 00 00 03 fa fa[fd]fd
0x0c0680026210: fd fd fa fa 00 00 00 00 fa fa 00 00 00 00 fa fa
0x0c0680026220: 00 00 00 fa fa fa 00 00 00 00 fa fa fd fd fd fd
0x0c0680026230: fa fa 00 00 03 fa fa fa 00 00 00 00 fa fa 00 00
0x0c0680026240: 00 00 fa fa 00 00 04 fa fa fa fd fd fd fa fa fa
0x0c0680026250: 00 00 01 fa fa fa 00 00 00 00 fa fa 00 00 01 fa
Shadow byte legend (one shadow byte represents 8 application bytes):
Addressable: 00
Partially addressable: 01 02 03 04 05 06 07
Heap left redzone: fa
Freed heap region: fd
Stack left redzone: f1
Stack mid redzone: f2
Stack right redzone: f3
Stack after return: f5
Stack use after scope: f8
Global redzone: f9
Global init order: f6
Poisoned by user: f7
Container overflow: fc
Array cookie: ac
Intra object redzone: bb
ASan internal: fe
Left alloca redzone: ca
Right alloca redzone: cb
==206817==ABORTING
FAILED: src/tools/voxedit/CMakeFiles/voxedit-run /home/mgerhardy/dev/engine/build/Debug/src/tools/voxedit/CMakeFiles/voxedit-run
cd /home/mgerhardy/dev/engine/build/Debug/voxedit && /home/mgerhardy/dev/engine/build/Debug/voxedit/vengi-voxedit
ninja: build stopped: subcommand failed.
make: *** [Makefile:82: voxedit-run] Fehler 1
This happens reproducible when you active the second viewport and press tab to switch between scene and model mode. It only happens if I change the window title:
Using a fixed window title, the issue is gone.
f0d191cb38b09542589dfc18bbda988577af93ee "fixed" this by introducing a new window with a fixed title - but broke the input and clipping for the gizmo - 564e0b02a7c19f9b48d476855d018c75d5bc29c6 reverted it to the previous state (crashing again)