Skip to content

Config::mapGetBool causes segmentation fault when value_out is nullptr #1469

New issue
New issue
Closed
Closed
Config::mapGetBool causes segmentation fault when value_out is nullptr#1469
Assignees
ahcorde
Labels
bugSomething isn't working
@zhihaoshang

Description

@zhihaoshang
zhihaoshang
opened on May 24, 2025

Generated by Generative AI

No response

Operating System:

Linux shangzh-VMware-Virtual-Platform 6.11.0-26-generic #26~24.04.1-Ubuntu SMP PREEMPT_DYNAMIC Thu Apr 17 19:20:47 UTC 2 x86_64 x86_64 x86_64 GNU/Linux

ROS version or commit hash:

ros 2 jazzy

RMW implementation (if applicable):

No response

RMW Configuration (if applicable):

No response

Client library (if applicable):

rviz

'ros2 doctor --report' output

ros2 doctor --report 
<COPY OUTPUT HERE>

Steps to reproduce issue

Environment

OS Version: Ubuntu 24.04
rviz version: ros2 jazzy
Compiler name and version number: Ubuntu clang version 18.1.3
Source or binary build?
source build
build options: --mixin asan-gcc

TestCase

#include <gtest/gtest.h>
#include <rviz_common/config.hpp>

TEST(Config, handle_mixed_type_values_for_keys) {
  rviz_common::Config c;
  c.mapSetValue("mixed_key", "123abc");
  EXPECT_FALSE(c.mapGetInt("mixed_key", nullptr));
  EXPECT_FALSE(c.mapGetBool("mixed_key", nullptr));
  EXPECT_FALSE(c.mapGetFloat("mixed_key", nullptr));
  QString string_value;
  EXPECT_TRUE(c.mapGetString("mixed_key", &string_value));
  EXPECT_EQ(string_value, "123abc");
}

Output

[==========] Running 1 test from 1 test suite.
[----------] Global test environment set-up.
[----------] 1 test from Config
[ RUN      ] Config.handle_mixed_type_values_for_keys
AddressSanitizer:DEADLYSIGNAL
=================================================================
==8167==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x75a802ab76f5 bp 0x7fffcae1c4f0 sp 0x7fffcae1c4a0 T0)
==8167==The signal is caused by a WRITE memory access.
==8167==Hint: address points to the zero page.
    #0 0x75a802ab76f5 in rviz_common::Config::mapGetBool(QString const&, bool*) const (/home/shangzh/ros2_jazzy/install/rviz_common/lib/librviz_common.so+0x2b76f5) (BuildId: e06914313c1cbc0a1a9b9d8a6075a2574d46910a)
    #1 0x5a0c2acc77e3 in Config_handle_mixed_type_values_for_keys_Test::TestBody() /home/shangzh/rviz_cov4/src/rviz_common/test/config_test.cpp:8
    #2 0x5a0c2ad693e3 in void testing::internal::HandleSehExceptionsInMethodIfSupported<testing::Test, void>(testing::Test*, void (testing::Test::*)(), char const*) /home/shangzh/ros2_jazzy/install/gtest_vendor/src/gtest_vendor/./src/gtest.cc:2612
    #3 0x5a0c2ad56663 in void testing::internal::HandleExceptionsInMethodIfSupported<testing::Test, void>(testing::Test*, void (testing::Test::*)(), char const*) /home/shangzh/ros2_jazzy/install/gtest_vendor/src/gtest_vendor/./src/gtest.cc:2648
    #4 0x5a0c2acfbfdd in testing::Test::Run() /home/shangzh/ros2_jazzy/install/gtest_vendor/src/gtest_vendor/./src/gtest.cc:2687
    #5 0x5a0c2acfd7b9 in testing::TestInfo::Run() /home/shangzh/ros2_jazzy/install/gtest_vendor/src/gtest_vendor/./src/gtest.cc:2836
    #6 0x5a0c2acfeb12 in testing::TestSuite::Run() /home/shangzh/ros2_jazzy/install/gtest_vendor/src/gtest_vendor/./src/gtest.cc:3015
    #7 0x5a0c2ad2583d in testing::internal::UnitTestImpl::RunAllTests() /home/shangzh/ros2_jazzy/install/gtest_vendor/src/gtest_vendor/./src/gtest.cc:5920
    #8 0x5a0c2ad6c83e in bool testing::internal::HandleSehExceptionsInMethodIfSupported<testing::internal::UnitTestImpl, bool>(testing::internal::UnitTestImpl*, bool (testing::internal::UnitTestImpl::*)(), char const*) /home/shangzh/ros2_jazzy/install/gtest_vendor/src/gtest_vendor/./src/gtest.cc:2612
    #9 0x5a0c2ad59900 in bool testing::internal::HandleExceptionsInMethodIfSupported<testing::internal::UnitTestImpl, bool>(testing::internal::UnitTestImpl*, bool (testing::internal::UnitTestImpl::*)(), char const*) /home/shangzh/ros2_jazzy/install/gtest_vendor/src/gtest_vendor/./src/gtest.cc:2648
    #10 0x5a0c2ad21e47 in testing::UnitTest::Run() /home/shangzh/ros2_jazzy/install/gtest_vendor/src/gtest_vendor/./src/gtest.cc:5484
    #11 0x5a0c2accc2e9 in RUN_ALL_TESTS() /home/shangzh/ros2_jazzy/install/gtest_vendor/src/gtest_vendor/include/gtest/gtest.h:2317
    #12 0x5a0c2accc235 in main /home/shangzh/ros2_jazzy/install/gtest_vendor/src/gtest_vendor/src/gtest_main.cc:64
    #13 0x75a7fde2a1c9 in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
    #14 0x75a7fde2a28a in __libc_start_main_impl ../csu/libc-start.c:360
    #15 0x5a0c2acc7134 in _start (/home/shangzh/rviz_cov4/build/rviz_common/rviz_common_config_test+0x8a134) (BuildId: 3f61d294d441a8f9d0fa7f5ea84e5f9f63ad2347)

AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV (/home/shangzh/ros2_jazzy/install/rviz_common/lib/librviz_common.so+0x2b76f5) (BuildId: e06914313c1cbc0a1a9b9d8a6075a2574d46910a) in rviz_common::Config::mapGetBool(QString const&, bool*) const
==8167==ABORTING

Expected behavior

no crash

Actual behavior

crash

Additional information

No response

Metadata

Metadata

Assignees

Labels

bugSomething isn't working

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions