Bug#1058620: iwctl crashes with double-free when asking more than one question on command-line

Victor Westerhuis Wed, 13 Dec 2023 08:39:25 -0800

Package: iwd
Version: 2.10-1
Severity: normal

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256


Hi maintainer,

In /var/lib/iwd/<ssid>.8021x I have defined a corporate network,
without specifying my username or password. If I run `iwctl station
<interface> connect <ssid>`, I can succesfully enter my username.
After pressing return, iwctl asks for my password. However, I cannot
enter my password and iwctl does not respond to pressing return.
Terminating iwctl by pressing ^C terminates iwctl with a libc error
"free(): double free detected in tcache 2".

I have recompiled libell0 and iwd with AddressSanitizer and found
the error location. I have attached the output from AddressSanatizer.

There are no issues when I connect using the iwctl shell or when I
specify my username in the configuration file.
- --
Groet, Regards,

Victor Westerhuis


- -- System Information:
Debian Release: trixie/sid
  APT prefers testing
  APT policy: (990, 'testing'), (500, 'unstable'), (100, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 6.5.0-5-amd64 (SMP w/4 CPU threads; PREEMPT)
Locale: LANG=en_NL.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages iwd depends on:
ii  init-system-helpers  1.66
ii  libc6                2.37-12
ii  libell0              0.61-1
ii  libreadline8         8.2-3

Versions of packages iwd recommends:
ii  dbus [dbus-system-bus]         1.14.10-3
ii  dbus-broker [dbus-system-bus]  33-1+~optimized
ii  wireless-regdb                 2022.06.06-1

iwd suggests no packages.

- -- Configuration Files:
/etc/iwd/main.conf changed [not included]

- -- no debconf information

-----BEGIN PGP SIGNATURE-----

iQJHBAEBCAAxFiEE6OxII3T+o0Ujs6ECQz2Rq5dHQPsFAmV53RITHHZpY3RvckB3
ZXN0ZXJodS5pcwAKCRBDPZGrl0dA+7lxD/9LGdzp7q/V04nyPUk578bdytdbpRu/
rC/5xvtBYvdGj2pvoYgKQYOi8JiVUEbZyByKe3wTJL1+quONNCLy/2a8PO9AQI0n
XdVPmqx65RO+AI0a4w5E+TLL+g5AsK5pdB+ON1Hvn9rWOegZW7Ct0psCYMqJIC+W
vK3HZOcnVnoJiKJyCVynNyCkzftrleVb9uR5tx6ArTbNWJ75uSg+galUWAhbYLNT
rJvNcHZllH++CVD45oqIn90tCwjmxWFYe6m9SMJg9NIM0uzQMO7aTxd1Wd/DbyKG
wXUHiLZVRSTZgITDv83Ukt0r+l/3lLUzpaEu2ds0B8eRN6LC+sFImI9GM/S4NFR1
lHj1nUkmoooTGbQm98baIjavEO5J5w7FKf4EduJjSn0BE25fWAVxKeoHx/skmoob
Vhp2rtCW5hAV0Fob/NMBDL1gBENdlkP47kije3azWOFYBNxcMnlHw9XBs2iR8zpj
mYQbWaEMXo3kBtbnFYA2+mDvFeY3jp19BAg714oJVPgADQ5Jt4cTGmuLCfI5MBx0
PotrktkSzue/uG/jjCMdPyy6lwzQXHq4chRAqQf8a+SrA3MvzHZoVKkXGTVYhzKt
914WCwAr5tHXCxNoRyr3DQxf/WzAt76KsT8gyTA7y33rEW64RLO3kh4O9fDicVsE
o27ixJDMKt0pMA==
=H8lJ
-----END PGP SIGNATURE-----

=================================================================
[1m[31m==2042890==ERROR: AddressSanitizer: heap-use-after-free on address 
0x60b000000880 at pc 0x7f7263efbce3 bp 0x7fff4a24c840 sp 0x7fff4a24c838
[1m[0m[1m[34mREAD of size 4 at 0x60b000000880 thread T0[1m[0m
    #0 0x7f7263efbce2 in l_io_set_read_handler ell/io.c:262
    #1 0x55626d1ce14a in display_agent_prompt client/display.c:849
    #2 0x55626d1c1a1a in process_input_username_password client/agent.c:382
    #3 0x55626d1c1a1a in agent_prompt client/agent.c:442
    #4 0x55626d1ccaf7 in readline_callback client/display.c:730
    #5 0x7f7263e95bbc in rl_callback_read_char 
(/lib/x86_64-linux-gnu/libreadline.so.8+0x37bbc) (BuildId: 
1c37f1f25934c08d64296989ecdedac3fd2df66f)
    #6 0x55626d1cba09 in read_handler client/display.c:773
    #7 0x7f7263efb079 in io_callback ell/io.c:105
    #8 0x7f7263ef89b9 in l_main_iterate ell/main.c:461
    #9 0x7f7263ef8cfb in l_main_run ell/main.c:508
    #10 0x7f7263ef8cfb in l_main_run ell/main.c:490
    #11 0x7f7263ef9030 in l_main_run_with_signal ell/main.c:630
    #12 0x55626d1beda3 in main client/main.c:70
    #13 0x7f7263ca36c9 in __libc_start_call_main 
../sysdeps/nptl/libc_start_call_main.h:58
    #14 0x7f7263ca3784 in __libc_start_main_impl ../csu/libc-start.c:360
    #15 0x55626d1bf230 in _start (/usr/bin/iwctl+0x1a230) (BuildId: 
6f9e02b618e99e9296aac04f28fa77930e431b33)

[1m[32m0x60b000000880 is located 0 bytes inside of 112-byte region 
[0x60b000000880,0x60b0000008f0)
[1m[0m[1m[35mfreed by thread T0 here:[1m[0m
    #0 0x7f726411f288 in __interceptor_free 
../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:52
    #1 0x55626d1c1899 in agent_prompt client/agent.c:438
    #2 0x55626d1ccaf7 in readline_callback client/display.c:730
    #3 0x7f7263e95bbc in rl_callback_read_char 
(/lib/x86_64-linux-gnu/libreadline.so.8+0x37bbc) (BuildId: 
1c37f1f25934c08d64296989ecdedac3fd2df66f)

[1m[35mpreviously allocated by thread T0 here:[1m[0m
    #0 0x7f72641205bf in __interceptor_malloc 
../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:69
    #1 0x7f7263ee6077 in l_malloc ell/util.c:49
    #2 0x7f7263efb7ef in l_io_new ell/io.c:175
    #3 0x55626d1ce1a1 in display_agent_prompt client/display.c:847
    #4 0x55626d1c16c1 in request_username_and_password_method_call 
client/agent.c:245
    #5 0x7f7263f3bf96 in _dbus_object_tree_dispatch ell/dbus-service.c:1800
    #6 0x7f7263f1dbec in message_read_handler ell/dbus.c:270
    #7 0x7f7263efb079 in io_callback ell/io.c:105
    #8 0x7f7263ef89b9 in l_main_iterate ell/main.c:461
    #9 0x7f7263ef8cfb in l_main_run ell/main.c:508
    #10 0x7f7263ef8cfb in l_main_run ell/main.c:490
    #11 0x7f7263ef9030 in l_main_run_with_signal ell/main.c:630
    #12 0x55626d1beda3 in main client/main.c:70
    #13 0x7f7263ca36c9 in __libc_start_call_main 
../sysdeps/nptl/libc_start_call_main.h:58

SUMMARY: AddressSanitizer: heap-use-after-free ell/io.c:262 in 
l_io_set_read_handler
Shadow bytes around the buggy address:
  0x60b000000600: [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m
  0x60b000000680: [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
  0x60b000000700: [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m
  0x60b000000780: [1m[35mfd[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m
  0x60b000000800: [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
=>0x60b000000880:[[1m[35mfd[1m[0m][1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
  0x60b000000900: [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
  0x60b000000980: [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
  0x60b000000a00: [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
  0x60b000000a80: [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
  0x60b000000b00: [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
Shadow byte legend (one shadow byte represents 8 application bytes):
  Addressable:           [1m[0m00[1m[0m
  Partially addressable: [1m[0m01[1m[0m [1m[0m02[1m[0m 
[1m[0m03[1m[0m [1m[0m04[1m[0m [1m[0m05[1m[0m [1m[0m06[1m[0m 
[1m[0m07[1m[0m 
  Heap left redzone:       [1m[31mfa[1m[0m
  Freed heap region:       [1m[35mfd[1m[0m
  Stack left redzone:      [1m[31mf1[1m[0m
  Stack mid redzone:       [1m[31mf2[1m[0m
  Stack right redzone:     [1m[31mf3[1m[0m
  Stack after return:      [1m[35mf5[1m[0m
  Stack use after scope:   [1m[35mf8[1m[0m
  Global redzone:          [1m[31mf9[1m[0m
  Global init order:       [1m[36mf6[1m[0m
  Poisoned by user:        [1m[34mf7[1m[0m
  Container overflow:      [1m[34mfc[1m[0m
  Array cookie:            [1m[31mac[1m[0m
  Intra object redzone:    [1m[33mbb[1m[0m
  ASan internal:           [1m[33mfe[1m[0m
  Left alloca redzone:     [1m[34mca[1m[0m
  Right alloca redzone:    [1m[34mcb[1m[0m
=================================================================
[1m[31m==2042890==ERROR: AddressSanitizer: heap-use-after-free on address 
0x60b0000008e8 at pc 0x7f7263efbd40 bp 0x7fff4a24c840 sp 0x7fff4a24c838
[1m[0m[1m[34mREAD of size 8 at 0x60b0000008e8 thread T0[1m[0m
    #0 0x7f7263efbd3f in l_io_set_read_handler ell/io.c:265
    #1 0x55626d1ce14a in display_agent_prompt client/display.c:849
    #2 0x55626d1c1a1a in process_input_username_password client/agent.c:382
    #3 0x55626d1c1a1a in agent_prompt client/agent.c:442
    #4 0x55626d1ccaf7 in readline_callback client/display.c:730
    #5 0x7f7263e95bbc in rl_callback_read_char 
(/lib/x86_64-linux-gnu/libreadline.so.8+0x37bbc) (BuildId: 
1c37f1f25934c08d64296989ecdedac3fd2df66f)
    #6 0x55626d1cba09 in read_handler client/display.c:773
    #7 0x7f7263efb079 in io_callback ell/io.c:105
    #8 0x7f7263ef89b9 in l_main_iterate ell/main.c:461
    #9 0x7f7263ef8cfb in l_main_run ell/main.c:508
    #10 0x7f7263ef8cfb in l_main_run ell/main.c:490
    #11 0x7f7263ef9030 in l_main_run_with_signal ell/main.c:630
    #12 0x55626d1beda3 in main client/main.c:70
    #13 0x7f7263ca36c9 in __libc_start_call_main 
../sysdeps/nptl/libc_start_call_main.h:58
    #14 0x7f7263ca3784 in __libc_start_main_impl ../csu/libc-start.c:360
    #15 0x55626d1bf230 in _start (/usr/bin/iwctl+0x1a230) (BuildId: 
6f9e02b618e99e9296aac04f28fa77930e431b33)

[1m[32m0x60b0000008e8 is located 104 bytes inside of 112-byte region 
[0x60b000000880,0x60b0000008f0)
[1m[0m[1m[35mfreed by thread T0 here:[1m[0m
    #0 0x7f726411f288 in __interceptor_free 
../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:52
    #1 0x55626d1c1899 in agent_prompt client/agent.c:438
    #2 0x55626d1ccaf7 in readline_callback client/display.c:730
    #3 0x7f7263e95bbc in rl_callback_read_char 
(/lib/x86_64-linux-gnu/libreadline.so.8+0x37bbc) (BuildId: 
1c37f1f25934c08d64296989ecdedac3fd2df66f)

[1m[35mpreviously allocated by thread T0 here:[1m[0m
    #0 0x7f72641205bf in __interceptor_malloc 
../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:69
    #1 0x7f7263ee6077 in l_malloc ell/util.c:49
    #2 0x7f7263efb7ef in l_io_new ell/io.c:175
    #3 0x55626d1ce1a1 in display_agent_prompt client/display.c:847
    #4 0x55626d1c16c1 in request_username_and_password_method_call 
client/agent.c:245
    #5 0x7f7263f3bf96 in _dbus_object_tree_dispatch ell/dbus-service.c:1800
    #6 0x7f7263f1dbec in message_read_handler ell/dbus.c:270
    #7 0x7f7263efb079 in io_callback ell/io.c:105
    #8 0x7f7263ef89b9 in l_main_iterate ell/main.c:461
    #9 0x7f7263ef8cfb in l_main_run ell/main.c:508
    #10 0x7f7263ef8cfb in l_main_run ell/main.c:490
    #11 0x7f7263ef9030 in l_main_run_with_signal ell/main.c:630
    #12 0x55626d1beda3 in main client/main.c:70
    #13 0x7f7263ca36c9 in __libc_start_call_main 
../sysdeps/nptl/libc_start_call_main.h:58

SUMMARY: AddressSanitizer: heap-use-after-free ell/io.c:265 in 
l_io_set_read_handler
Shadow bytes around the buggy address:
  0x60b000000600: [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m
  0x60b000000680: [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
  0x60b000000700: [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m
  0x60b000000780: [1m[35mfd[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m
  0x60b000000800: [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
=>0x60b000000880: [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m[[1m[35mfd[1m[0m][1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
  0x60b000000900: [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
  0x60b000000980: [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
  0x60b000000a00: [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
  0x60b000000a80: [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
  0x60b000000b00: [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
Shadow byte legend (one shadow byte represents 8 application bytes):
  Addressable:           [1m[0m00[1m[0m
  Partially addressable: [1m[0m01[1m[0m [1m[0m02[1m[0m 
[1m[0m03[1m[0m [1m[0m04[1m[0m [1m[0m05[1m[0m [1m[0m06[1m[0m 
[1m[0m07[1m[0m 
  Heap left redzone:       [1m[31mfa[1m[0m
  Freed heap region:       [1m[35mfd[1m[0m
  Stack left redzone:      [1m[31mf1[1m[0m
  Stack mid redzone:       [1m[31mf2[1m[0m
  Stack right redzone:     [1m[31mf3[1m[0m
  Stack after return:      [1m[35mf5[1m[0m
  Stack use after scope:   [1m[35mf8[1m[0m
  Global redzone:          [1m[31mf9[1m[0m
  Global init order:       [1m[36mf6[1m[0m
  Poisoned by user:        [1m[34mf7[1m[0m
  Container overflow:      [1m[34mfc[1m[0m
  Array cookie:            [1m[31mac[1m[0m
  Intra object redzone:    [1m[33mbb[1m[0m
  ASan internal:           [1m[33mfe[1m[0m
  Left alloca redzone:     [1m[34mca[1m[0m
  Right alloca redzone:    [1m[34mcb[1m[0m
=================================================================
[1m[31m==2042890==ERROR: AddressSanitizer: heap-use-after-free on address 
0x60b0000008d8 at pc 0x7f7263efbd7e bp 0x7fff4a24c840 sp 0x7fff4a24c838
[1m[0m[1m[34mREAD of size 8 at 0x60b0000008d8 thread T0[1m[0m
    #0 0x7f7263efbd7d in l_io_set_read_handler ell/io.c:265
    #1 0x55626d1ce14a in display_agent_prompt client/display.c:849
    #2 0x55626d1c1a1a in process_input_username_password client/agent.c:382
    #3 0x55626d1c1a1a in agent_prompt client/agent.c:442
    #4 0x55626d1ccaf7 in readline_callback client/display.c:730
    #5 0x7f7263e95bbc in rl_callback_read_char 
(/lib/x86_64-linux-gnu/libreadline.so.8+0x37bbc) (BuildId: 
1c37f1f25934c08d64296989ecdedac3fd2df66f)
    #6 0x55626d1cba09 in read_handler client/display.c:773
    #7 0x7f7263efb079 in io_callback ell/io.c:105
    #8 0x7f7263ef89b9 in l_main_iterate ell/main.c:461
    #9 0x7f7263ef8cfb in l_main_run ell/main.c:508
    #10 0x7f7263ef8cfb in l_main_run ell/main.c:490
    #11 0x7f7263ef9030 in l_main_run_with_signal ell/main.c:630
    #12 0x55626d1beda3 in main client/main.c:70
    #13 0x7f7263ca36c9 in __libc_start_call_main 
../sysdeps/nptl/libc_start_call_main.h:58
    #14 0x7f7263ca3784 in __libc_start_main_impl ../csu/libc-start.c:360
    #15 0x55626d1bf230 in _start (/usr/bin/iwctl+0x1a230) (BuildId: 
6f9e02b618e99e9296aac04f28fa77930e431b33)

[1m[32m0x60b0000008d8 is located 88 bytes inside of 112-byte region 
[0x60b000000880,0x60b0000008f0)
[1m[0m[1m[35mfreed by thread T0 here:[1m[0m
    #0 0x7f726411f288 in __interceptor_free 
../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:52
    #1 0x55626d1c1899 in agent_prompt client/agent.c:438
    #2 0x55626d1ccaf7 in readline_callback client/display.c:730
    #3 0x7f7263e95bbc in rl_callback_read_char 
(/lib/x86_64-linux-gnu/libreadline.so.8+0x37bbc) (BuildId: 
1c37f1f25934c08d64296989ecdedac3fd2df66f)

[1m[35mpreviously allocated by thread T0 here:[1m[0m
    #0 0x7f72641205bf in __interceptor_malloc 
../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:69
    #1 0x7f7263ee6077 in l_malloc ell/util.c:49
    #2 0x7f7263efb7ef in l_io_new ell/io.c:175
    #3 0x55626d1ce1a1 in display_agent_prompt client/display.c:847
    #4 0x55626d1c16c1 in request_username_and_password_method_call 
client/agent.c:245
    #5 0x7f7263f3bf96 in _dbus_object_tree_dispatch ell/dbus-service.c:1800
    #6 0x7f7263f1dbec in message_read_handler ell/dbus.c:270
    #7 0x7f7263efb079 in io_callback ell/io.c:105
    #8 0x7f7263ef89b9 in l_main_iterate ell/main.c:461
    #9 0x7f7263ef8cfb in l_main_run ell/main.c:508
    #10 0x7f7263ef8cfb in l_main_run ell/main.c:490
    #11 0x7f7263ef9030 in l_main_run_with_signal ell/main.c:630
    #12 0x55626d1beda3 in main client/main.c:70
    #13 0x7f7263ca36c9 in __libc_start_call_main 
../sysdeps/nptl/libc_start_call_main.h:58

SUMMARY: AddressSanitizer: heap-use-after-free ell/io.c:265 in 
l_io_set_read_handler
Shadow bytes around the buggy address:
  0x60b000000600: [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m
  0x60b000000680: [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
  0x60b000000700: [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m
  0x60b000000780: [1m[35mfd[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m
  0x60b000000800: [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
=>0x60b000000880: [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m[[1m[35mfd[1m[0m][1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m
  0x60b000000900: [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
  0x60b000000980: [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
  0x60b000000a00: [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
  0x60b000000a80: [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
  0x60b000000b00: [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
Shadow byte legend (one shadow byte represents 8 application bytes):
  Addressable:           [1m[0m00[1m[0m
  Partially addressable: [1m[0m01[1m[0m [1m[0m02[1m[0m 
[1m[0m03[1m[0m [1m[0m04[1m[0m [1m[0m05[1m[0m [1m[0m06[1m[0m 
[1m[0m07[1m[0m 
  Heap left redzone:       [1m[31mfa[1m[0m
  Freed heap region:       [1m[35mfd[1m[0m
  Stack left redzone:      [1m[31mf1[1m[0m
  Stack mid redzone:       [1m[31mf2[1m[0m
  Stack right redzone:     [1m[31mf3[1m[0m
  Stack after return:      [1m[35mf5[1m[0m
  Stack use after scope:   [1m[35mf8[1m[0m
  Global redzone:          [1m[31mf9[1m[0m
  Global init order:       [1m[36mf6[1m[0m
  Poisoned by user:        [1m[34mf7[1m[0m
  Container overflow:      [1m[34mfc[1m[0m
  Array cookie:            [1m[31mac[1m[0m
  Intra object redzone:    [1m[33mbb[1m[0m
  ASan internal:           [1m[33mfe[1m[0m
  Left alloca redzone:     [1m[34mca[1m[0m
  Right alloca redzone:    [1m[34mcb[1m[0m
=================================================================
[1m[31m==2042890==ERROR: AddressSanitizer: heap-use-after-free on address 
0x60b000000898 at pc 0x7f7263efbd6c bp 0x7fff4a24c840 sp 0x7fff4a24c838
[1m[0m[1m[34mREAD of size 8 at 0x60b000000898 thread T0[1m[0m
    #0 0x7f7263efbd6b in l_io_set_read_handler ell/io.c:268
    #1 0x55626d1ce14a in display_agent_prompt client/display.c:849
    #2 0x55626d1c1a1a in process_input_username_password client/agent.c:382
    #3 0x55626d1c1a1a in agent_prompt client/agent.c:442
    #4 0x55626d1ccaf7 in readline_callback client/display.c:730
    #5 0x7f7263e95bbc in rl_callback_read_char 
(/lib/x86_64-linux-gnu/libreadline.so.8+0x37bbc) (BuildId: 
1c37f1f25934c08d64296989ecdedac3fd2df66f)
    #6 0x55626d1cba09 in read_handler client/display.c:773
    #7 0x7f7263efb079 in io_callback ell/io.c:105
    #8 0x7f7263ef89b9 in l_main_iterate ell/main.c:461
    #9 0x7f7263ef8cfb in l_main_run ell/main.c:508
    #10 0x7f7263ef8cfb in l_main_run ell/main.c:490
    #11 0x7f7263ef9030 in l_main_run_with_signal ell/main.c:630
    #12 0x55626d1beda3 in main client/main.c:70
    #13 0x7f7263ca36c9 in __libc_start_call_main 
../sysdeps/nptl/libc_start_call_main.h:58
    #14 0x7f7263ca3784 in __libc_start_main_impl ../csu/libc-start.c:360
    #15 0x55626d1bf230 in _start (/usr/bin/iwctl+0x1a230) (BuildId: 
6f9e02b618e99e9296aac04f28fa77930e431b33)

[1m[32m0x60b000000898 is located 24 bytes inside of 112-byte region 
[0x60b000000880,0x60b0000008f0)
[1m[0m[1m[35mfreed by thread T0 here:[1m[0m
    #0 0x7f726411f288 in __interceptor_free 
../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:52
    #1 0x55626d1c1899 in agent_prompt client/agent.c:438
    #2 0x55626d1ccaf7 in readline_callback client/display.c:730
    #3 0x7f7263e95bbc in rl_callback_read_char 
(/lib/x86_64-linux-gnu/libreadline.so.8+0x37bbc) (BuildId: 
1c37f1f25934c08d64296989ecdedac3fd2df66f)

[1m[35mpreviously allocated by thread T0 here:[1m[0m
    #0 0x7f72641205bf in __interceptor_malloc 
../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:69
    #1 0x7f7263ee6077 in l_malloc ell/util.c:49
    #2 0x7f7263efb7ef in l_io_new ell/io.c:175
    #3 0x55626d1ce1a1 in display_agent_prompt client/display.c:847
    #4 0x55626d1c16c1 in request_username_and_password_method_call 
client/agent.c:245
    #5 0x7f7263f3bf96 in _dbus_object_tree_dispatch ell/dbus-service.c:1800
    #6 0x7f7263f1dbec in message_read_handler ell/dbus.c:270
    #7 0x7f7263efb079 in io_callback ell/io.c:105
    #8 0x7f7263ef89b9 in l_main_iterate ell/main.c:461
    #9 0x7f7263ef8cfb in l_main_run ell/main.c:508
    #10 0x7f7263ef8cfb in l_main_run ell/main.c:490
    #11 0x7f7263ef9030 in l_main_run_with_signal ell/main.c:630
    #12 0x55626d1beda3 in main client/main.c:70
    #13 0x7f7263ca36c9 in __libc_start_call_main 
../sysdeps/nptl/libc_start_call_main.h:58

SUMMARY: AddressSanitizer: heap-use-after-free ell/io.c:268 in 
l_io_set_read_handler
Shadow bytes around the buggy address:
  0x60b000000600: [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m
  0x60b000000680: [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
  0x60b000000700: [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m
  0x60b000000780: [1m[35mfd[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m
  0x60b000000800: [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
=>0x60b000000880: [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m[[1m[35mfd[1m[0m][1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m
  0x60b000000900: [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
  0x60b000000980: [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
  0x60b000000a00: [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
  0x60b000000a80: [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
  0x60b000000b00: [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
Shadow byte legend (one shadow byte represents 8 application bytes):
  Addressable:           [1m[0m00[1m[0m
  Partially addressable: [1m[0m01[1m[0m [1m[0m02[1m[0m 
[1m[0m03[1m[0m [1m[0m04[1m[0m [1m[0m05[1m[0m [1m[0m06[1m[0m 
[1m[0m07[1m[0m 
  Heap left redzone:       [1m[31mfa[1m[0m
  Freed heap region:       [1m[35mfd[1m[0m
  Stack left redzone:      [1m[31mf1[1m[0m
  Stack mid redzone:       [1m[31mf2[1m[0m
  Stack right redzone:     [1m[31mf3[1m[0m
  Stack after return:      [1m[35mf5[1m[0m
  Stack use after scope:   [1m[35mf8[1m[0m
  Global redzone:          [1m[31mf9[1m[0m
  Global init order:       [1m[36mf6[1m[0m
  Poisoned by user:        [1m[34mf7[1m[0m
  Container overflow:      [1m[34mfc[1m[0m
  Array cookie:            [1m[31mac[1m[0m
  Intra object redzone:    [1m[33mbb[1m[0m
  ASan internal:           [1m[33mfe[1m[0m
  Left alloca redzone:     [1m[34mca[1m[0m
  Right alloca redzone:    [1m[34mcb[1m[0m
=================================================================
[1m[31m==2042890==ERROR: AddressSanitizer: heap-use-after-free on address 
0x60b000000884 at pc 0x7f7263efbccd bp 0x7fff4a24c840 sp 0x7fff4a24c838
[1m[0m[1m[34mREAD of size 4 at 0x60b000000884 thread T0[1m[0m
    #0 0x7f7263efbccc in l_io_set_read_handler ell/io.c:272
    #1 0x55626d1ce14a in display_agent_prompt client/display.c:849
    #2 0x55626d1c1a1a in process_input_username_password client/agent.c:382
    #3 0x55626d1c1a1a in agent_prompt client/agent.c:442
    #4 0x55626d1ccaf7 in readline_callback client/display.c:730
    #5 0x7f7263e95bbc in rl_callback_read_char 
(/lib/x86_64-linux-gnu/libreadline.so.8+0x37bbc) (BuildId: 
1c37f1f25934c08d64296989ecdedac3fd2df66f)
    #6 0x55626d1cba09 in read_handler client/display.c:773
    #7 0x7f7263efb079 in io_callback ell/io.c:105
    #8 0x7f7263ef89b9 in l_main_iterate ell/main.c:461
    #9 0x7f7263ef8cfb in l_main_run ell/main.c:508
    #10 0x7f7263ef8cfb in l_main_run ell/main.c:490
    #11 0x7f7263ef9030 in l_main_run_with_signal ell/main.c:630
    #12 0x55626d1beda3 in main client/main.c:70
    #13 0x7f7263ca36c9 in __libc_start_call_main 
../sysdeps/nptl/libc_start_call_main.h:58
    #14 0x7f7263ca3784 in __libc_start_main_impl ../csu/libc-start.c:360
    #15 0x55626d1bf230 in _start (/usr/bin/iwctl+0x1a230) (BuildId: 
6f9e02b618e99e9296aac04f28fa77930e431b33)

[1m[32m0x60b000000884 is located 4 bytes inside of 112-byte region 
[0x60b000000880,0x60b0000008f0)
[1m[0m[1m[35mfreed by thread T0 here:[1m[0m
    #0 0x7f726411f288 in __interceptor_free 
../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:52
    #1 0x55626d1c1899 in agent_prompt client/agent.c:438
    #2 0x55626d1ccaf7 in readline_callback client/display.c:730
    #3 0x7f7263e95bbc in rl_callback_read_char 
(/lib/x86_64-linux-gnu/libreadline.so.8+0x37bbc) (BuildId: 
1c37f1f25934c08d64296989ecdedac3fd2df66f)

[1m[35mpreviously allocated by thread T0 here:[1m[0m
    #0 0x7f72641205bf in __interceptor_malloc 
../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:69
    #1 0x7f7263ee6077 in l_malloc ell/util.c:49
    #2 0x7f7263efb7ef in l_io_new ell/io.c:175
    #3 0x55626d1ce1a1 in display_agent_prompt client/display.c:847
    #4 0x55626d1c16c1 in request_username_and_password_method_call 
client/agent.c:245
    #5 0x7f7263f3bf96 in _dbus_object_tree_dispatch ell/dbus-service.c:1800
    #6 0x7f7263f1dbec in message_read_handler ell/dbus.c:270
    #7 0x7f7263efb079 in io_callback ell/io.c:105
    #8 0x7f7263ef89b9 in l_main_iterate ell/main.c:461
    #9 0x7f7263ef8cfb in l_main_run ell/main.c:508
    #10 0x7f7263ef8cfb in l_main_run ell/main.c:490
    #11 0x7f7263ef9030 in l_main_run_with_signal ell/main.c:630
    #12 0x55626d1beda3 in main client/main.c:70
    #13 0x7f7263ca36c9 in __libc_start_call_main 
../sysdeps/nptl/libc_start_call_main.h:58

SUMMARY: AddressSanitizer: heap-use-after-free ell/io.c:272 in 
l_io_set_read_handler
Shadow bytes around the buggy address:
  0x60b000000600: [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m
  0x60b000000680: [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
  0x60b000000700: [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m
  0x60b000000780: [1m[35mfd[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m
  0x60b000000800: [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
=>0x60b000000880:[[1m[35mfd[1m[0m][1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
  0x60b000000900: [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
  0x60b000000980: [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
  0x60b000000a00: [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
  0x60b000000a80: [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
  0x60b000000b00: [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
Shadow byte legend (one shadow byte represents 8 application bytes):
  Addressable:           [1m[0m00[1m[0m
  Partially addressable: [1m[0m01[1m[0m [1m[0m02[1m[0m 
[1m[0m03[1m[0m [1m[0m04[1m[0m [1m[0m05[1m[0m [1m[0m06[1m[0m 
[1m[0m07[1m[0m 
  Heap left redzone:       [1m[31mfa[1m[0m
  Freed heap region:       [1m[35mfd[1m[0m
  Stack left redzone:      [1m[31mf1[1m[0m
  Stack mid redzone:       [1m[31mf2[1m[0m
  Stack right redzone:     [1m[31mf3[1m[0m
  Stack after return:      [1m[35mf5[1m[0m
  Stack use after scope:   [1m[35mf8[1m[0m
  Global redzone:          [1m[31mf9[1m[0m
  Global init order:       [1m[36mf6[1m[0m
  Poisoned by user:        [1m[34mf7[1m[0m
  Container overflow:      [1m[34mfc[1m[0m
  Array cookie:            [1m[31mac[1m[0m
  Intra object redzone:    [1m[33mbb[1m[0m
  ASan internal:           [1m[33mfe[1m[0m
  Left alloca redzone:     [1m[34mca[1m[0m
  Right alloca redzone:    [1m[34mcb[1m[0m
=================================================================
[1m[31m==2042890==ERROR: AddressSanitizer: heap-use-after-free on address 
0x60b000000890 at pc 0x7f7263efbd27 bp 0x7fff4a24c840 sp 0x7fff4a24c838
[1m[0m[1m[34mWRITE of size 8 at 0x60b000000890 thread T0[1m[0m
    #0 0x7f7263efbd26 in l_io_set_read_handler ell/io.c:276
    #1 0x55626d1ce14a in display_agent_prompt client/display.c:849
    #2 0x55626d1c1a1a in process_input_username_password client/agent.c:382
    #3 0x55626d1c1a1a in agent_prompt client/agent.c:442
    #4 0x55626d1ccaf7 in readline_callback client/display.c:730
    #5 0x7f7263e95bbc in rl_callback_read_char 
(/lib/x86_64-linux-gnu/libreadline.so.8+0x37bbc) (BuildId: 
1c37f1f25934c08d64296989ecdedac3fd2df66f)
    #6 0x55626d1cba09 in read_handler client/display.c:773
    #7 0x7f7263efb079 in io_callback ell/io.c:105
    #8 0x7f7263ef89b9 in l_main_iterate ell/main.c:461
    #9 0x7f7263ef8cfb in l_main_run ell/main.c:508
    #10 0x7f7263ef8cfb in l_main_run ell/main.c:490
    #11 0x7f7263ef9030 in l_main_run_with_signal ell/main.c:630
    #12 0x55626d1beda3 in main client/main.c:70
    #13 0x7f7263ca36c9 in __libc_start_call_main 
../sysdeps/nptl/libc_start_call_main.h:58
    #14 0x7f7263ca3784 in __libc_start_main_impl ../csu/libc-start.c:360
    #15 0x55626d1bf230 in _start (/usr/bin/iwctl+0x1a230) (BuildId: 
6f9e02b618e99e9296aac04f28fa77930e431b33)

[1m[32m0x60b000000890 is located 16 bytes inside of 112-byte region 
[0x60b000000880,0x60b0000008f0)
[1m[0m[1m[35mfreed by thread T0 here:[1m[0m
    #0 0x7f726411f288 in __interceptor_free 
../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:52
    #1 0x55626d1c1899 in agent_prompt client/agent.c:438
    #2 0x55626d1ccaf7 in readline_callback client/display.c:730
    #3 0x7f7263e95bbc in rl_callback_read_char 
(/lib/x86_64-linux-gnu/libreadline.so.8+0x37bbc) (BuildId: 
1c37f1f25934c08d64296989ecdedac3fd2df66f)

[1m[35mpreviously allocated by thread T0 here:[1m[0m
    #0 0x7f72641205bf in __interceptor_malloc 
../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:69
    #1 0x7f7263ee6077 in l_malloc ell/util.c:49
    #2 0x7f7263efb7ef in l_io_new ell/io.c:175
    #3 0x55626d1ce1a1 in display_agent_prompt client/display.c:847
    #4 0x55626d1c16c1 in request_username_and_password_method_call 
client/agent.c:245
    #5 0x7f7263f3bf96 in _dbus_object_tree_dispatch ell/dbus-service.c:1800
    #6 0x7f7263f1dbec in message_read_handler ell/dbus.c:270
    #7 0x7f7263efb079 in io_callback ell/io.c:105
    #8 0x7f7263ef89b9 in l_main_iterate ell/main.c:461
    #9 0x7f7263ef8cfb in l_main_run ell/main.c:508
    #10 0x7f7263ef8cfb in l_main_run ell/main.c:490
    #11 0x7f7263ef9030 in l_main_run_with_signal ell/main.c:630
    #12 0x55626d1beda3 in main client/main.c:70
    #13 0x7f7263ca36c9 in __libc_start_call_main 
../sysdeps/nptl/libc_start_call_main.h:58

SUMMARY: AddressSanitizer: heap-use-after-free ell/io.c:276 in 
l_io_set_read_handler
Shadow bytes around the buggy address:
  0x60b000000600: [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m
  0x60b000000680: [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
  0x60b000000700: [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m
  0x60b000000780: [1m[35mfd[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m
  0x60b000000800: [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
=>0x60b000000880: [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m[[1m[35mfd[1m[0m][1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m
  0x60b000000900: [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
  0x60b000000980: [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
  0x60b000000a00: [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
  0x60b000000a80: [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
  0x60b000000b00: [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
Shadow byte legend (one shadow byte represents 8 application bytes):
  Addressable:           [1m[0m00[1m[0m
  Partially addressable: [1m[0m01[1m[0m [1m[0m02[1m[0m 
[1m[0m03[1m[0m [1m[0m04[1m[0m [1m[0m05[1m[0m [1m[0m06[1m[0m 
[1m[0m07[1m[0m 
  Heap left redzone:       [1m[31mfa[1m[0m
  Freed heap region:       [1m[35mfd[1m[0m
  Stack left redzone:      [1m[31mf1[1m[0m
  Stack mid redzone:       [1m[31mf2[1m[0m
  Stack right redzone:     [1m[31mf3[1m[0m
  Stack after return:      [1m[35mf5[1m[0m
  Stack use after scope:   [1m[35mf8[1m[0m
  Global redzone:          [1m[31mf9[1m[0m
  Global init order:       [1m[36mf6[1m[0m
  Poisoned by user:        [1m[34mf7[1m[0m
  Container overflow:      [1m[34mfc[1m[0m
  Array cookie:            [1m[31mac[1m[0m
  Intra object redzone:    [1m[33mbb[1m[0m
  ASan internal:           [1m[33mfe[1m[0m
  Left alloca redzone:     [1m[34mca[1m[0m
  Right alloca redzone:    [1m[34mcb[1m[0m
=================================================================
[1m[31m==2042890==ERROR: AddressSanitizer: heap-use-after-free on address 
0x60b000000898 at pc 0x7f7263efbd9a bp 0x7fff4a24c840 sp 0x7fff4a24c838
[1m[0m[1m[34mWRITE of size 8 at 0x60b000000898 thread T0[1m[0m
    #0 0x7f7263efbd99 in l_io_set_read_handler ell/io.c:277
    #1 0x55626d1ce14a in display_agent_prompt client/display.c:849
    #2 0x55626d1c1a1a in process_input_username_password client/agent.c:382
    #3 0x55626d1c1a1a in agent_prompt client/agent.c:442
    #4 0x55626d1ccaf7 in readline_callback client/display.c:730
    #5 0x7f7263e95bbc in rl_callback_read_char 
(/lib/x86_64-linux-gnu/libreadline.so.8+0x37bbc) (BuildId: 
1c37f1f25934c08d64296989ecdedac3fd2df66f)
    #6 0x55626d1cba09 in read_handler client/display.c:773
    #7 0x7f7263efb079 in io_callback ell/io.c:105
    #8 0x7f7263ef89b9 in l_main_iterate ell/main.c:461
    #9 0x7f7263ef8cfb in l_main_run ell/main.c:508
    #10 0x7f7263ef8cfb in l_main_run ell/main.c:490
    #11 0x7f7263ef9030 in l_main_run_with_signal ell/main.c:630
    #12 0x55626d1beda3 in main client/main.c:70
    #13 0x7f7263ca36c9 in __libc_start_call_main 
../sysdeps/nptl/libc_start_call_main.h:58
    #14 0x7f7263ca3784 in __libc_start_main_impl ../csu/libc-start.c:360
    #15 0x55626d1bf230 in _start (/usr/bin/iwctl+0x1a230) (BuildId: 
6f9e02b618e99e9296aac04f28fa77930e431b33)

[1m[32m0x60b000000898 is located 24 bytes inside of 112-byte region 
[0x60b000000880,0x60b0000008f0)
[1m[0m[1m[35mfreed by thread T0 here:[1m[0m
    #0 0x7f726411f288 in __interceptor_free 
../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:52
    #1 0x55626d1c1899 in agent_prompt client/agent.c:438
    #2 0x55626d1ccaf7 in readline_callback client/display.c:730
    #3 0x7f7263e95bbc in rl_callback_read_char 
(/lib/x86_64-linux-gnu/libreadline.so.8+0x37bbc) (BuildId: 
1c37f1f25934c08d64296989ecdedac3fd2df66f)

[1m[35mpreviously allocated by thread T0 here:[1m[0m
    #0 0x7f72641205bf in __interceptor_malloc 
../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:69
    #1 0x7f7263ee6077 in l_malloc ell/util.c:49
    #2 0x7f7263efb7ef in l_io_new ell/io.c:175
    #3 0x55626d1ce1a1 in display_agent_prompt client/display.c:847
    #4 0x55626d1c16c1 in request_username_and_password_method_call 
client/agent.c:245
    #5 0x7f7263f3bf96 in _dbus_object_tree_dispatch ell/dbus-service.c:1800
    #6 0x7f7263f1dbec in message_read_handler ell/dbus.c:270
    #7 0x7f7263efb079 in io_callback ell/io.c:105
    #8 0x7f7263ef89b9 in l_main_iterate ell/main.c:461
    #9 0x7f7263ef8cfb in l_main_run ell/main.c:508
    #10 0x7f7263ef8cfb in l_main_run ell/main.c:490
    #11 0x7f7263ef9030 in l_main_run_with_signal ell/main.c:630
    #12 0x55626d1beda3 in main client/main.c:70
    #13 0x7f7263ca36c9 in __libc_start_call_main 
../sysdeps/nptl/libc_start_call_main.h:58

SUMMARY: AddressSanitizer: heap-use-after-free ell/io.c:277 in 
l_io_set_read_handler
Shadow bytes around the buggy address:
  0x60b000000600: [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m
  0x60b000000680: [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
  0x60b000000700: [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m
  0x60b000000780: [1m[35mfd[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m
  0x60b000000800: [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
=>0x60b000000880: [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m[[1m[35mfd[1m[0m][1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m
  0x60b000000900: [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
  0x60b000000980: [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
  0x60b000000a00: [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
  0x60b000000a80: [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
  0x60b000000b00: [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
Shadow byte legend (one shadow byte represents 8 application bytes):
  Addressable:           [1m[0m00[1m[0m
  Partially addressable: [1m[0m01[1m[0m [1m[0m02[1m[0m 
[1m[0m03[1m[0m [1m[0m04[1m[0m [1m[0m05[1m[0m [1m[0m06[1m[0m 
[1m[0m07[1m[0m 
  Heap left redzone:       [1m[31mfa[1m[0m
  Freed heap region:       [1m[35mfd[1m[0m
  Stack left redzone:      [1m[31mf1[1m[0m
  Stack mid redzone:       [1m[31mf2[1m[0m
  Stack right redzone:     [1m[31mf3[1m[0m
  Stack after return:      [1m[35mf5[1m[0m
  Stack use after scope:   [1m[35mf8[1m[0m
  Global redzone:          [1m[31mf9[1m[0m
  Global init order:       [1m[36mf6[1m[0m
  Poisoned by user:        [1m[34mf7[1m[0m
  Container overflow:      [1m[34mfc[1m[0m
  Array cookie:            [1m[31mac[1m[0m
  Intra object redzone:    [1m[33mbb[1m[0m
  ASan internal:           [1m[33mfe[1m[0m
  Left alloca redzone:     [1m[34mca[1m[0m
  Right alloca redzone:    [1m[34mcb[1m[0m
=================================================================
[1m[31m==2042890==ERROR: AddressSanitizer: heap-use-after-free on address 
0x60b0000008a0 at pc 0x7f7263efbd54 bp 0x7fff4a24c840 sp 0x7fff4a24c838
[1m[0m[1m[34mWRITE of size 8 at 0x60b0000008a0 thread T0[1m[0m
    #0 0x7f7263efbd53 in l_io_set_read_handler ell/io.c:278
    #1 0x55626d1ce14a in display_agent_prompt client/display.c:849
    #2 0x55626d1c1a1a in process_input_username_password client/agent.c:382
    #3 0x55626d1c1a1a in agent_prompt client/agent.c:442
    #4 0x55626d1ccaf7 in readline_callback client/display.c:730
    #5 0x7f7263e95bbc in rl_callback_read_char 
(/lib/x86_64-linux-gnu/libreadline.so.8+0x37bbc) (BuildId: 
1c37f1f25934c08d64296989ecdedac3fd2df66f)
    #6 0x55626d1cba09 in read_handler client/display.c:773
    #7 0x7f7263efb079 in io_callback ell/io.c:105
    #8 0x7f7263ef89b9 in l_main_iterate ell/main.c:461
    #9 0x7f7263ef8cfb in l_main_run ell/main.c:508
    #10 0x7f7263ef8cfb in l_main_run ell/main.c:490
    #11 0x7f7263ef9030 in l_main_run_with_signal ell/main.c:630
    #12 0x55626d1beda3 in main client/main.c:70
    #13 0x7f7263ca36c9 in __libc_start_call_main 
../sysdeps/nptl/libc_start_call_main.h:58
    #14 0x7f7263ca3784 in __libc_start_main_impl ../csu/libc-start.c:360
    #15 0x55626d1bf230 in _start (/usr/bin/iwctl+0x1a230) (BuildId: 
6f9e02b618e99e9296aac04f28fa77930e431b33)

[1m[32m0x60b0000008a0 is located 32 bytes inside of 112-byte region 
[0x60b000000880,0x60b0000008f0)
[1m[0m[1m[35mfreed by thread T0 here:[1m[0m
    #0 0x7f726411f288 in __interceptor_free 
../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:52
    #1 0x55626d1c1899 in agent_prompt client/agent.c:438
    #2 0x55626d1ccaf7 in readline_callback client/display.c:730
    #3 0x7f7263e95bbc in rl_callback_read_char 
(/lib/x86_64-linux-gnu/libreadline.so.8+0x37bbc) (BuildId: 
1c37f1f25934c08d64296989ecdedac3fd2df66f)

[1m[35mpreviously allocated by thread T0 here:[1m[0m
    #0 0x7f72641205bf in __interceptor_malloc 
../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:69
    #1 0x7f7263ee6077 in l_malloc ell/util.c:49
    #2 0x7f7263efb7ef in l_io_new ell/io.c:175
    #3 0x55626d1ce1a1 in display_agent_prompt client/display.c:847
    #4 0x55626d1c16c1 in request_username_and_password_method_call 
client/agent.c:245
    #5 0x7f7263f3bf96 in _dbus_object_tree_dispatch ell/dbus-service.c:1800
    #6 0x7f7263f1dbec in message_read_handler ell/dbus.c:270
    #7 0x7f7263efb079 in io_callback ell/io.c:105
    #8 0x7f7263ef89b9 in l_main_iterate ell/main.c:461
    #9 0x7f7263ef8cfb in l_main_run ell/main.c:508
    #10 0x7f7263ef8cfb in l_main_run ell/main.c:490
    #11 0x7f7263ef9030 in l_main_run_with_signal ell/main.c:630
    #12 0x55626d1beda3 in main client/main.c:70
    #13 0x7f7263ca36c9 in __libc_start_call_main 
../sysdeps/nptl/libc_start_call_main.h:58

SUMMARY: AddressSanitizer: heap-use-after-free ell/io.c:278 in 
l_io_set_read_handler
Shadow bytes around the buggy address:
  0x60b000000600: [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m
  0x60b000000680: [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
  0x60b000000700: [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m
  0x60b000000780: [1m[35mfd[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m
  0x60b000000800: [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
=>0x60b000000880: [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m[[1m[35mfd[1m[0m][1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
  0x60b000000900: [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
  0x60b000000980: [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
  0x60b000000a00: [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
  0x60b000000a80: [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
  0x60b000000b00: [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
Shadow byte legend (one shadow byte represents 8 application bytes):
  Addressable:           [1m[0m00[1m[0m
  Partially addressable: [1m[0m01[1m[0m [1m[0m02[1m[0m 
[1m[0m03[1m[0m [1m[0m04[1m[0m [1m[0m05[1m[0m [1m[0m06[1m[0m 
[1m[0m07[1m[0m 
  Heap left redzone:       [1m[31mfa[1m[0m
  Freed heap region:       [1m[35mfd[1m[0m
  Stack left redzone:      [1m[31mf1[1m[0m
  Stack mid redzone:       [1m[31mf2[1m[0m
  Stack right redzone:     [1m[31mf3[1m[0m
  Stack after return:      [1m[35mf5[1m[0m
  Stack use after scope:   [1m[35mf8[1m[0m
  Global redzone:          [1m[31mf9[1m[0m
  Global init order:       [1m[36mf6[1m[0m
  Poisoned by user:        [1m[34mf7[1m[0m
  Container overflow:      [1m[34mfc[1m[0m
  Array cookie:            [1m[31mac[1m[0m
  Intra object redzone:    [1m[33mbb[1m[0m
  ASan internal:           [1m[33mfe[1m[0m
  Left alloca redzone:     [1m[34mca[1m[0m
  Right alloca redzone:    [1m[34mcb[1m[0m
=================================================================
[1m[31m==2042890==ERROR: AddressSanitizer: heap-use-after-free on address 
0x60b000000880 at pc 0x7f7263efbcf4 bp 0x7fff4a24c840 sp 0x7fff4a24c838
[1m[0m[1m[34mREAD of size 4 at 0x60b000000880 thread T0[1m[0m
    #0 0x7f7263efbcf3 in l_io_set_read_handler ell/io.c:283
    #1 0x55626d1ce14a in display_agent_prompt client/display.c:849
    #2 0x55626d1c1a1a in process_input_username_password client/agent.c:382
    #3 0x55626d1c1a1a in agent_prompt client/agent.c:442
    #4 0x55626d1ccaf7 in readline_callback client/display.c:730
    #5 0x7f7263e95bbc in rl_callback_read_char 
(/lib/x86_64-linux-gnu/libreadline.so.8+0x37bbc) (BuildId: 
1c37f1f25934c08d64296989ecdedac3fd2df66f)
    #6 0x55626d1cba09 in read_handler client/display.c:773
    #7 0x7f7263efb079 in io_callback ell/io.c:105
    #8 0x7f7263ef89b9 in l_main_iterate ell/main.c:461
    #9 0x7f7263ef8cfb in l_main_run ell/main.c:508
    #10 0x7f7263ef8cfb in l_main_run ell/main.c:490
    #11 0x7f7263ef9030 in l_main_run_with_signal ell/main.c:630
    #12 0x55626d1beda3 in main client/main.c:70
    #13 0x7f7263ca36c9 in __libc_start_call_main 
../sysdeps/nptl/libc_start_call_main.h:58
    #14 0x7f7263ca3784 in __libc_start_main_impl ../csu/libc-start.c:360
    #15 0x55626d1bf230 in _start (/usr/bin/iwctl+0x1a230) (BuildId: 
6f9e02b618e99e9296aac04f28fa77930e431b33)

[1m[32m0x60b000000880 is located 0 bytes inside of 112-byte region 
[0x60b000000880,0x60b0000008f0)
[1m[0m[1m[35mfreed by thread T0 here:[1m[0m
    #0 0x7f726411f288 in __interceptor_free 
../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:52
    #1 0x55626d1c1899 in agent_prompt client/agent.c:438
    #2 0x55626d1ccaf7 in readline_callback client/display.c:730
    #3 0x7f7263e95bbc in rl_callback_read_char 
(/lib/x86_64-linux-gnu/libreadline.so.8+0x37bbc) (BuildId: 
1c37f1f25934c08d64296989ecdedac3fd2df66f)

[1m[35mpreviously allocated by thread T0 here:[1m[0m
    #0 0x7f72641205bf in __interceptor_malloc 
../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:69
    #1 0x7f7263ee6077 in l_malloc ell/util.c:49
    #2 0x7f7263efb7ef in l_io_new ell/io.c:175
    #3 0x55626d1ce1a1 in display_agent_prompt client/display.c:847
    #4 0x55626d1c16c1 in request_username_and_password_method_call 
client/agent.c:245
    #5 0x7f7263f3bf96 in _dbus_object_tree_dispatch ell/dbus-service.c:1800
    #6 0x7f7263f1dbec in message_read_handler ell/dbus.c:270
    #7 0x7f7263efb079 in io_callback ell/io.c:105
    #8 0x7f7263ef89b9 in l_main_iterate ell/main.c:461
    #9 0x7f7263ef8cfb in l_main_run ell/main.c:508
    #10 0x7f7263ef8cfb in l_main_run ell/main.c:490
    #11 0x7f7263ef9030 in l_main_run_with_signal ell/main.c:630
    #12 0x55626d1beda3 in main client/main.c:70
    #13 0x7f7263ca36c9 in __libc_start_call_main 
../sysdeps/nptl/libc_start_call_main.h:58

SUMMARY: AddressSanitizer: heap-use-after-free ell/io.c:283 in 
l_io_set_read_handler
Shadow bytes around the buggy address:
  0x60b000000600: [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m
  0x60b000000680: [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
  0x60b000000700: [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m
  0x60b000000780: [1m[35mfd[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m
  0x60b000000800: [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
=>0x60b000000880:[[1m[35mfd[1m[0m][1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
  0x60b000000900: [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
  0x60b000000980: [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
  0x60b000000a00: [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
  0x60b000000a80: [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
  0x60b000000b00: [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
Shadow byte legend (one shadow byte represents 8 application bytes):
  Addressable:           [1m[0m00[1m[0m
  Partially addressable: [1m[0m01[1m[0m [1m[0m02[1m[0m 
[1m[0m03[1m[0m [1m[0m04[1m[0m [1m[0m05[1m[0m [1m[0m06[1m[0m 
[1m[0m07[1m[0m 
  Heap left redzone:       [1m[31mfa[1m[0m
  Freed heap region:       [1m[35mfd[1m[0m
  Stack left redzone:      [1m[31mf1[1m[0m
  Stack mid redzone:       [1m[31mf2[1m[0m
  Stack right redzone:     [1m[31mf3[1m[0m
  Stack after return:      [1m[35mf5[1m[0m
  Stack use after scope:   [1m[35mf8[1m[0m
  Global redzone:          [1m[31mf9[1m[0m
  Global init order:       [1m[36mf6[1m[0m
  Poisoned by user:        [1m[34mf7[1m[0m
  Container overflow:      [1m[34mfc[1m[0m
  Array cookie:            [1m[31mac[1m[0m
  Intra object redzone:    [1m[33mbb[1m[0m
  ASan internal:           [1m[33mfe[1m[0m
  Left alloca redzone:     [1m[34mca[1m[0m
  Right alloca redzone:    [1m[34mcb[1m[0m
=================================================================
[1m[31m==2042890==ERROR: AddressSanitizer: heap-use-after-free on address 
0x60b000000880 at pc 0x7f7263efb9d6 bp 0x7fff4a24cb10 sp 0x7fff4a24cb08
[1m[0m[1m[34mREAD of size 4 at 0x60b000000880 thread T0[1m[0m
    #0 0x7f7263efb9d5 in l_io_destroy ell/io.c:201
    #1 0x55626d1c1b62 in agent_exit client/agent.c:486
    #2 0x55626d1c1bf9 in agent_manager_destroy client/agent-manager.c:104
    #3 0x55626d1c1bf9 in agent_manager_destroy client/agent-manager.c:97
    #4 0x55626d1c6414 in proxy_interface_destroy client/dbus-proxy.c:597
    #5 0x7f7263eeb6c8 in l_queue_clear ell/queue.c:92
    #6 0x7f7263eeb744 in l_queue_destroy ell/queue.c:67
    #7 0x55626d1c9beb in dbus_proxy_exit client/dbus-proxy.c:891
    #8 0x55626d1beda8 in main client/main.c:72
    #9 0x7f7263ca36c9 in __libc_start_call_main 
../sysdeps/nptl/libc_start_call_main.h:58
    #10 0x7f7263ca3784 in __libc_start_main_impl ../csu/libc-start.c:360
    #11 0x55626d1bf230 in _start (/usr/bin/iwctl+0x1a230) (BuildId: 
6f9e02b618e99e9296aac04f28fa77930e431b33)

[1m[32m0x60b000000880 is located 0 bytes inside of 112-byte region 
[0x60b000000880,0x60b0000008f0)
[1m[0m[1m[35mfreed by thread T0 here:[1m[0m
    #0 0x7f726411f288 in __interceptor_free 
../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:52
    #1 0x55626d1c1899 in agent_prompt client/agent.c:438
    #2 0x55626d1ccaf7 in readline_callback client/display.c:730
    #3 0x7f7263e95bbc in rl_callback_read_char 
(/lib/x86_64-linux-gnu/libreadline.so.8+0x37bbc) (BuildId: 
1c37f1f25934c08d64296989ecdedac3fd2df66f)

[1m[35mpreviously allocated by thread T0 here:[1m[0m
    #0 0x7f72641205bf in __interceptor_malloc 
../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:69
    #1 0x7f7263ee6077 in l_malloc ell/util.c:49
    #2 0x7f7263efb7ef in l_io_new ell/io.c:175
    #3 0x55626d1ce1a1 in display_agent_prompt client/display.c:847
    #4 0x55626d1c16c1 in request_username_and_password_method_call 
client/agent.c:245
    #5 0x7f7263f3bf96 in _dbus_object_tree_dispatch ell/dbus-service.c:1800
    #6 0x7f7263f1dbec in message_read_handler ell/dbus.c:270
    #7 0x7f7263efb079 in io_callback ell/io.c:105
    #8 0x7f7263ef89b9 in l_main_iterate ell/main.c:461
    #9 0x7f7263ef8cfb in l_main_run ell/main.c:508
    #10 0x7f7263ef8cfb in l_main_run ell/main.c:490
    #11 0x7f7263ef9030 in l_main_run_with_signal ell/main.c:630
    #12 0x55626d1beda3 in main client/main.c:70
    #13 0x7f7263ca36c9 in __libc_start_call_main 
../sysdeps/nptl/libc_start_call_main.h:58

SUMMARY: AddressSanitizer: heap-use-after-free ell/io.c:201 in l_io_destroy
Shadow bytes around the buggy address:
  0x60b000000600: [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m
  0x60b000000680: [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
  0x60b000000700: [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m
  0x60b000000780: [1m[35mfd[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m
  0x60b000000800: [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
=>0x60b000000880:[[1m[35mfd[1m[0m][1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
  0x60b000000900: [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m
  0x60b000000980: [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m
  0x60b000000a00: [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
  0x60b000000a80: [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
  0x60b000000b00: [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
Shadow byte legend (one shadow byte represents 8 application bytes):
  Addressable:           [1m[0m00[1m[0m
  Partially addressable: [1m[0m01[1m[0m [1m[0m02[1m[0m 
[1m[0m03[1m[0m [1m[0m04[1m[0m [1m[0m05[1m[0m [1m[0m06[1m[0m 
[1m[0m07[1m[0m 
  Heap left redzone:       [1m[31mfa[1m[0m
  Freed heap region:       [1m[35mfd[1m[0m
  Stack left redzone:      [1m[31mf1[1m[0m
  Stack mid redzone:       [1m[31mf2[1m[0m
  Stack right redzone:     [1m[31mf3[1m[0m
  Stack after return:      [1m[35mf5[1m[0m
  Stack use after scope:   [1m[35mf8[1m[0m
  Global redzone:          [1m[31mf9[1m[0m
  Global init order:       [1m[36mf6[1m[0m
  Poisoned by user:        [1m[34mf7[1m[0m
  Container overflow:      [1m[34mfc[1m[0m
  Array cookie:            [1m[31mac[1m[0m
  Intra object redzone:    [1m[33mbb[1m[0m
  ASan internal:           [1m[33mfe[1m[0m
  Left alloca redzone:     [1m[34mca[1m[0m
  Right alloca redzone:    [1m[34mcb[1m[0m
=================================================================
[1m[31m==2042890==ERROR: AddressSanitizer: heap-use-after-free on address 
0x60b000000888 at pc 0x7f7263efba12 bp 0x7fff4a24cb10 sp 0x7fff4a24cb08
[1m[0m[1m[34mREAD of size 1 at 0x60b000000888 thread T0[1m[0m
    #0 0x7f7263efba11 in l_io_destroy ell/io.c:202
    #1 0x55626d1c1b62 in agent_exit client/agent.c:486
    #2 0x55626d1c1bf9 in agent_manager_destroy client/agent-manager.c:104
    #3 0x55626d1c1bf9 in agent_manager_destroy client/agent-manager.c:97
    #4 0x55626d1c6414 in proxy_interface_destroy client/dbus-proxy.c:597
    #5 0x7f7263eeb6c8 in l_queue_clear ell/queue.c:92
    #6 0x7f7263eeb744 in l_queue_destroy ell/queue.c:67
    #7 0x55626d1c9beb in dbus_proxy_exit client/dbus-proxy.c:891
    #8 0x55626d1beda8 in main client/main.c:72
    #9 0x7f7263ca36c9 in __libc_start_call_main 
../sysdeps/nptl/libc_start_call_main.h:58
    #10 0x7f7263ca3784 in __libc_start_main_impl ../csu/libc-start.c:360
    #11 0x55626d1bf230 in _start (/usr/bin/iwctl+0x1a230) (BuildId: 
6f9e02b618e99e9296aac04f28fa77930e431b33)

[1m[32m0x60b000000888 is located 8 bytes inside of 112-byte region 
[0x60b000000880,0x60b0000008f0)
[1m[0m[1m[35mfreed by thread T0 here:[1m[0m
    #0 0x7f726411f288 in __interceptor_free 
../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:52
    #1 0x55626d1c1899 in agent_prompt client/agent.c:438
    #2 0x55626d1ccaf7 in readline_callback client/display.c:730
    #3 0x7f7263e95bbc in rl_callback_read_char 
(/lib/x86_64-linux-gnu/libreadline.so.8+0x37bbc) (BuildId: 
1c37f1f25934c08d64296989ecdedac3fd2df66f)

[1m[35mpreviously allocated by thread T0 here:[1m[0m
    #0 0x7f72641205bf in __interceptor_malloc 
../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:69
    #1 0x7f7263ee6077 in l_malloc ell/util.c:49
    #2 0x7f7263efb7ef in l_io_new ell/io.c:175
    #3 0x55626d1ce1a1 in display_agent_prompt client/display.c:847
    #4 0x55626d1c16c1 in request_username_and_password_method_call 
client/agent.c:245
    #5 0x7f7263f3bf96 in _dbus_object_tree_dispatch ell/dbus-service.c:1800
    #6 0x7f7263f1dbec in message_read_handler ell/dbus.c:270
    #7 0x7f7263efb079 in io_callback ell/io.c:105
    #8 0x7f7263ef89b9 in l_main_iterate ell/main.c:461
    #9 0x7f7263ef8cfb in l_main_run ell/main.c:508
    #10 0x7f7263ef8cfb in l_main_run ell/main.c:490
    #11 0x7f7263ef9030 in l_main_run_with_signal ell/main.c:630
    #12 0x55626d1beda3 in main client/main.c:70
    #13 0x7f7263ca36c9 in __libc_start_call_main 
../sysdeps/nptl/libc_start_call_main.h:58

SUMMARY: AddressSanitizer: heap-use-after-free ell/io.c:202 in l_io_destroy
Shadow bytes around the buggy address:
  0x60b000000600: [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m
  0x60b000000680: [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
  0x60b000000700: [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m
  0x60b000000780: [1m[35mfd[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m
  0x60b000000800: [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
=>0x60b000000880: [1m[35mfd[1m[0m[[1m[35mfd[1m[0m][1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
  0x60b000000900: [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m
  0x60b000000980: [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m
  0x60b000000a00: [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
  0x60b000000a80: [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
  0x60b000000b00: [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
Shadow byte legend (one shadow byte represents 8 application bytes):
  Addressable:           [1m[0m00[1m[0m
  Partially addressable: [1m[0m01[1m[0m [1m[0m02[1m[0m 
[1m[0m03[1m[0m [1m[0m04[1m[0m [1m[0m05[1m[0m [1m[0m06[1m[0m 
[1m[0m07[1m[0m 
  Heap left redzone:       [1m[31mfa[1m[0m
  Freed heap region:       [1m[35mfd[1m[0m
  Stack left redzone:      [1m[31mf1[1m[0m
  Stack mid redzone:       [1m[31mf2[1m[0m
  Stack right redzone:     [1m[31mf3[1m[0m
  Stack after return:      [1m[35mf5[1m[0m
  Stack use after scope:   [1m[35mf8[1m[0m
  Global redzone:          [1m[31mf9[1m[0m
  Global init order:       [1m[36mf6[1m[0m
  Poisoned by user:        [1m[34mf7[1m[0m
  Container overflow:      [1m[34mfc[1m[0m
  Array cookie:            [1m[31mac[1m[0m
  Intra object redzone:    [1m[33mbb[1m[0m
  ASan internal:           [1m[33mfe[1m[0m
  Left alloca redzone:     [1m[34mca[1m[0m
  Right alloca redzone:    [1m[34mcb[1m[0m
=================================================================
[1m[31m==2042890==ERROR: AddressSanitizer: heap-use-after-free on address 
0x60b0000008c0 at pc 0x7f7263efb9e0 bp 0x7fff4a24cb10 sp 0x7fff4a24cb08
[1m[0m[1m[34mREAD of size 8 at 0x60b0000008c0 thread T0[1m[0m
    #0 0x7f7263efb9df in io_closed ell/io.c:82
    #1 0x7f7263efb9df in l_io_destroy ell/io.c:204
    #2 0x55626d1c1b62 in agent_exit client/agent.c:486
    #3 0x55626d1c1bf9 in agent_manager_destroy client/agent-manager.c:104
    #4 0x55626d1c1bf9 in agent_manager_destroy client/agent-manager.c:97
    #5 0x55626d1c6414 in proxy_interface_destroy client/dbus-proxy.c:597
    #6 0x7f7263eeb6c8 in l_queue_clear ell/queue.c:92
    #7 0x7f7263eeb744 in l_queue_destroy ell/queue.c:67
    #8 0x55626d1c9beb in dbus_proxy_exit client/dbus-proxy.c:891
    #9 0x55626d1beda8 in main client/main.c:72
    #10 0x7f7263ca36c9 in __libc_start_call_main 
../sysdeps/nptl/libc_start_call_main.h:58
    #11 0x7f7263ca3784 in __libc_start_main_impl ../csu/libc-start.c:360
    #12 0x55626d1bf230 in _start (/usr/bin/iwctl+0x1a230) (BuildId: 
6f9e02b618e99e9296aac04f28fa77930e431b33)

[1m[32m0x60b0000008c0 is located 64 bytes inside of 112-byte region 
[0x60b000000880,0x60b0000008f0)
[1m[0m[1m[35mfreed by thread T0 here:[1m[0m
    #0 0x7f726411f288 in __interceptor_free 
../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:52
    #1 0x55626d1c1899 in agent_prompt client/agent.c:438
    #2 0x55626d1ccaf7 in readline_callback client/display.c:730
    #3 0x7f7263e95bbc in rl_callback_read_char 
(/lib/x86_64-linux-gnu/libreadline.so.8+0x37bbc) (BuildId: 
1c37f1f25934c08d64296989ecdedac3fd2df66f)

[1m[35mpreviously allocated by thread T0 here:[1m[0m
    #0 0x7f72641205bf in __interceptor_malloc 
../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:69
    #1 0x7f7263ee6077 in l_malloc ell/util.c:49
    #2 0x7f7263efb7ef in l_io_new ell/io.c:175
    #3 0x55626d1ce1a1 in display_agent_prompt client/display.c:847
    #4 0x55626d1c16c1 in request_username_and_password_method_call 
client/agent.c:245
    #5 0x7f7263f3bf96 in _dbus_object_tree_dispatch ell/dbus-service.c:1800
    #6 0x7f7263f1dbec in message_read_handler ell/dbus.c:270
    #7 0x7f7263efb079 in io_callback ell/io.c:105
    #8 0x7f7263ef89b9 in l_main_iterate ell/main.c:461
    #9 0x7f7263ef8cfb in l_main_run ell/main.c:508
    #10 0x7f7263ef8cfb in l_main_run ell/main.c:490
    #11 0x7f7263ef9030 in l_main_run_with_signal ell/main.c:630
    #12 0x55626d1beda3 in main client/main.c:70
    #13 0x7f7263ca36c9 in __libc_start_call_main 
../sysdeps/nptl/libc_start_call_main.h:58

SUMMARY: AddressSanitizer: heap-use-after-free ell/io.c:82 in io_closed
Shadow bytes around the buggy address:
  0x60b000000600: [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m
  0x60b000000680: [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
  0x60b000000700: [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m
  0x60b000000780: [1m[35mfd[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m
  0x60b000000800: [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
=>0x60b000000880: [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m[[1m[35mfd[1m[0m][1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
  0x60b000000900: [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m
  0x60b000000980: [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m
  0x60b000000a00: [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
  0x60b000000a80: [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
  0x60b000000b00: [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
Shadow byte legend (one shadow byte represents 8 application bytes):
  Addressable:           [1m[0m00[1m[0m
  Partially addressable: [1m[0m01[1m[0m [1m[0m02[1m[0m 
[1m[0m03[1m[0m [1m[0m04[1m[0m [1m[0m05[1m[0m [1m[0m06[1m[0m 
[1m[0m07[1m[0m 
  Heap left redzone:       [1m[31mfa[1m[0m
  Freed heap region:       [1m[35mfd[1m[0m
  Stack left redzone:      [1m[31mf1[1m[0m
  Stack mid redzone:       [1m[31mf2[1m[0m
  Stack right redzone:     [1m[31mf3[1m[0m
  Stack after return:      [1m[35mf5[1m[0m
  Stack use after scope:   [1m[35mf8[1m[0m
  Global redzone:          [1m[31mf9[1m[0m
  Global init order:       [1m[36mf6[1m[0m
  Poisoned by user:        [1m[34mf7[1m[0m
  Container overflow:      [1m[34mfc[1m[0m
  Array cookie:            [1m[31mac[1m[0m
  Intra object redzone:    [1m[33mbb[1m[0m
  ASan internal:           [1m[33mfe[1m[0m
  Left alloca redzone:     [1m[34mca[1m[0m
  Right alloca redzone:    [1m[34mcb[1m[0m
=================================================================
[1m[31m==2042890==ERROR: AddressSanitizer: heap-use-after-free on address 
0x60b0000008c8 at pc 0x7f7263efb9fe bp 0x7fff4a24cb10 sp 0x7fff4a24cb08
[1m[0m[1m[34mREAD of size 8 at 0x60b0000008c8 thread T0[1m[0m
    #0 0x7f7263efb9fd in io_closed ell/io.c:83
    #1 0x7f7263efb9fd in l_io_destroy ell/io.c:204
    #2 0x55626d1c1b62 in agent_exit client/agent.c:486
    #3 0x55626d1c1bf9 in agent_manager_destroy client/agent-manager.c:104
    #4 0x55626d1c1bf9 in agent_manager_destroy client/agent-manager.c:97
    #5 0x55626d1c6414 in proxy_interface_destroy client/dbus-proxy.c:597
    #6 0x7f7263eeb6c8 in l_queue_clear ell/queue.c:92
    #7 0x7f7263eeb744 in l_queue_destroy ell/queue.c:67
    #8 0x55626d1c9beb in dbus_proxy_exit client/dbus-proxy.c:891
    #9 0x55626d1beda8 in main client/main.c:72
    #10 0x7f7263ca36c9 in __libc_start_call_main 
../sysdeps/nptl/libc_start_call_main.h:58
    #11 0x7f7263ca3784 in __libc_start_main_impl ../csu/libc-start.c:360
    #12 0x55626d1bf230 in _start (/usr/bin/iwctl+0x1a230) (BuildId: 
6f9e02b618e99e9296aac04f28fa77930e431b33)

[1m[32m0x60b0000008c8 is located 72 bytes inside of 112-byte region 
[0x60b000000880,0x60b0000008f0)
[1m[0m[1m[35mfreed by thread T0 here:[1m[0m
    #0 0x7f726411f288 in __interceptor_free 
../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:52
    #1 0x55626d1c1899 in agent_prompt client/agent.c:438
    #2 0x55626d1ccaf7 in readline_callback client/display.c:730
    #3 0x7f7263e95bbc in rl_callback_read_char 
(/lib/x86_64-linux-gnu/libreadline.so.8+0x37bbc) (BuildId: 
1c37f1f25934c08d64296989ecdedac3fd2df66f)

[1m[35mpreviously allocated by thread T0 here:[1m[0m
    #0 0x7f72641205bf in __interceptor_malloc 
../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:69
    #1 0x7f7263ee6077 in l_malloc ell/util.c:49
    #2 0x7f7263efb7ef in l_io_new ell/io.c:175
    #3 0x55626d1ce1a1 in display_agent_prompt client/display.c:847
    #4 0x55626d1c16c1 in request_username_and_password_method_call 
client/agent.c:245
    #5 0x7f7263f3bf96 in _dbus_object_tree_dispatch ell/dbus-service.c:1800
    #6 0x7f7263f1dbec in message_read_handler ell/dbus.c:270
    #7 0x7f7263efb079 in io_callback ell/io.c:105
    #8 0x7f7263ef89b9 in l_main_iterate ell/main.c:461
    #9 0x7f7263ef8cfb in l_main_run ell/main.c:508
    #10 0x7f7263ef8cfb in l_main_run ell/main.c:490
    #11 0x7f7263ef9030 in l_main_run_with_signal ell/main.c:630
    #12 0x55626d1beda3 in main client/main.c:70
    #13 0x7f7263ca36c9 in __libc_start_call_main 
../sysdeps/nptl/libc_start_call_main.h:58

SUMMARY: AddressSanitizer: heap-use-after-free ell/io.c:83 in io_closed
Shadow bytes around the buggy address:
  0x60b000000600: [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m
  0x60b000000680: [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
  0x60b000000700: [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m
  0x60b000000780: [1m[35mfd[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m
  0x60b000000800: [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
=>0x60b000000880: [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m[[1m[35mfd[1m[0m][1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
  0x60b000000900: [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m
  0x60b000000980: [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m
  0x60b000000a00: [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
  0x60b000000a80: [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
  0x60b000000b00: [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
Shadow byte legend (one shadow byte represents 8 application bytes):
  Addressable:           [1m[0m00[1m[0m
  Partially addressable: [1m[0m01[1m[0m [1m[0m02[1m[0m 
[1m[0m03[1m[0m [1m[0m04[1m[0m [1m[0m05[1m[0m [1m[0m06[1m[0m 
[1m[0m07[1m[0m 
  Heap left redzone:       [1m[31mfa[1m[0m
  Freed heap region:       [1m[35mfd[1m[0m
  Stack left redzone:      [1m[31mf1[1m[0m
  Stack mid redzone:       [1m[31mf2[1m[0m
  Stack right redzone:     [1m[31mf3[1m[0m
  Stack after return:      [1m[35mf5[1m[0m
  Stack use after scope:   [1m[35mf8[1m[0m
  Global redzone:          [1m[31mf9[1m[0m
  Global init order:       [1m[36mf6[1m[0m
  Poisoned by user:        [1m[34mf7[1m[0m
  Container overflow:      [1m[34mfc[1m[0m
  Array cookie:            [1m[31mac[1m[0m
  Intra object redzone:    [1m[33mbb[1m[0m
  ASan internal:           [1m[33mfe[1m[0m
  Left alloca redzone:     [1m[34mca[1m[0m
  Right alloca redzone:    [1m[34mcb[1m[0m
=================================================================
[1m[31m==2042890==ERROR: AddressSanitizer: heap-use-after-free on address 
0x60b0000008d0 at pc 0x7f7263efb9f4 bp 0x7fff4a24cb10 sp 0x7fff4a24cb08
[1m[0m[1m[34mREAD of size 8 at 0x60b0000008d0 thread T0[1m[0m
    #0 0x7f7263efb9f3 in io_closed ell/io.c:84
    #1 0x7f7263efb9f3 in l_io_destroy ell/io.c:204
    #2 0x55626d1c1b62 in agent_exit client/agent.c:486
    #3 0x55626d1c1bf9 in agent_manager_destroy client/agent-manager.c:104
    #4 0x55626d1c1bf9 in agent_manager_destroy client/agent-manager.c:97
    #5 0x55626d1c6414 in proxy_interface_destroy client/dbus-proxy.c:597
    #6 0x7f7263eeb6c8 in l_queue_clear ell/queue.c:92
    #7 0x7f7263eeb744 in l_queue_destroy ell/queue.c:67
    #8 0x55626d1c9beb in dbus_proxy_exit client/dbus-proxy.c:891
    #9 0x55626d1beda8 in main client/main.c:72
    #10 0x7f7263ca36c9 in __libc_start_call_main 
../sysdeps/nptl/libc_start_call_main.h:58
    #11 0x7f7263ca3784 in __libc_start_main_impl ../csu/libc-start.c:360
    #12 0x55626d1bf230 in _start (/usr/bin/iwctl+0x1a230) (BuildId: 
6f9e02b618e99e9296aac04f28fa77930e431b33)

[1m[32m0x60b0000008d0 is located 80 bytes inside of 112-byte region 
[0x60b000000880,0x60b0000008f0)
[1m[0m[1m[35mfreed by thread T0 here:[1m[0m
    #0 0x7f726411f288 in __interceptor_free 
../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:52
    #1 0x55626d1c1899 in agent_prompt client/agent.c:438
    #2 0x55626d1ccaf7 in readline_callback client/display.c:730
    #3 0x7f7263e95bbc in rl_callback_read_char 
(/lib/x86_64-linux-gnu/libreadline.so.8+0x37bbc) (BuildId: 
1c37f1f25934c08d64296989ecdedac3fd2df66f)

[1m[35mpreviously allocated by thread T0 here:[1m[0m
    #0 0x7f72641205bf in __interceptor_malloc 
../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:69
    #1 0x7f7263ee6077 in l_malloc ell/util.c:49
    #2 0x7f7263efb7ef in l_io_new ell/io.c:175
    #3 0x55626d1ce1a1 in display_agent_prompt client/display.c:847
    #4 0x55626d1c16c1 in request_username_and_password_method_call 
client/agent.c:245
    #5 0x7f7263f3bf96 in _dbus_object_tree_dispatch ell/dbus-service.c:1800
    #6 0x7f7263f1dbec in message_read_handler ell/dbus.c:270
    #7 0x7f7263efb079 in io_callback ell/io.c:105
    #8 0x7f7263ef89b9 in l_main_iterate ell/main.c:461
    #9 0x7f7263ef8cfb in l_main_run ell/main.c:508
    #10 0x7f7263ef8cfb in l_main_run ell/main.c:490
    #11 0x7f7263ef9030 in l_main_run_with_signal ell/main.c:630
    #12 0x55626d1beda3 in main client/main.c:70
    #13 0x7f7263ca36c9 in __libc_start_call_main 
../sysdeps/nptl/libc_start_call_main.h:58

SUMMARY: AddressSanitizer: heap-use-after-free ell/io.c:84 in io_closed
Shadow bytes around the buggy address:
  0x60b000000600: [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m
  0x60b000000680: [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
  0x60b000000700: [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m
  0x60b000000780: [1m[35mfd[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m
  0x60b000000800: [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
=>0x60b000000880: [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m[[1m[35mfd[1m[0m][1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m
  0x60b000000900: [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m
  0x60b000000980: [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m
  0x60b000000a00: [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
  0x60b000000a80: [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
  0x60b000000b00: [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
Shadow byte legend (one shadow byte represents 8 application bytes):
  Addressable:           [1m[0m00[1m[0m
  Partially addressable: [1m[0m01[1m[0m [1m[0m02[1m[0m 
[1m[0m03[1m[0m [1m[0m04[1m[0m [1m[0m05[1m[0m [1m[0m06[1m[0m 
[1m[0m07[1m[0m 
  Heap left redzone:       [1m[31mfa[1m[0m
  Freed heap region:       [1m[35mfd[1m[0m
  Stack left redzone:      [1m[31mf1[1m[0m
  Stack mid redzone:       [1m[31mf2[1m[0m
  Stack right redzone:     [1m[31mf3[1m[0m
  Stack after return:      [1m[35mf5[1m[0m
  Stack use after scope:   [1m[35mf8[1m[0m
  Global redzone:          [1m[31mf9[1m[0m
  Global init order:       [1m[36mf6[1m[0m
  Poisoned by user:        [1m[34mf7[1m[0m
  Container overflow:      [1m[34mfc[1m[0m
  Array cookie:            [1m[31mac[1m[0m
  Intra object redzone:    [1m[33mbb[1m[0m
  ASan internal:           [1m[33mfe[1m[0m
  Left alloca redzone:     [1m[34mca[1m[0m
  Right alloca redzone:    [1m[34mcb[1m[0m
=================================================================
[1m[31m==2042890==ERROR: AddressSanitizer: heap-use-after-free on address 
0x60b0000008e0 at pc 0x7f7263efb9ea bp 0x7fff4a24cb10 sp 0x7fff4a24cb08
[1m[0m[1m[34mREAD of size 8 at 0x60b0000008e0 thread T0[1m[0m
    #0 0x7f7263efb9e9 in l_io_destroy ell/io.c:206
    #1 0x55626d1c1b62 in agent_exit client/agent.c:486
    #2 0x55626d1c1bf9 in agent_manager_destroy client/agent-manager.c:104
    #3 0x55626d1c1bf9 in agent_manager_destroy client/agent-manager.c:97
    #4 0x55626d1c6414 in proxy_interface_destroy client/dbus-proxy.c:597
    #5 0x7f7263eeb6c8 in l_queue_clear ell/queue.c:92
    #6 0x7f7263eeb744 in l_queue_destroy ell/queue.c:67
    #7 0x55626d1c9beb in dbus_proxy_exit client/dbus-proxy.c:891
    #8 0x55626d1beda8 in main client/main.c:72
    #9 0x7f7263ca36c9 in __libc_start_call_main 
../sysdeps/nptl/libc_start_call_main.h:58
    #10 0x7f7263ca3784 in __libc_start_main_impl ../csu/libc-start.c:360
    #11 0x55626d1bf230 in _start (/usr/bin/iwctl+0x1a230) (BuildId: 
6f9e02b618e99e9296aac04f28fa77930e431b33)

[1m[32m0x60b0000008e0 is located 96 bytes inside of 112-byte region 
[0x60b000000880,0x60b0000008f0)
[1m[0m[1m[35mfreed by thread T0 here:[1m[0m
    #0 0x7f726411f288 in __interceptor_free 
../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:52
    #1 0x55626d1c1899 in agent_prompt client/agent.c:438
    #2 0x55626d1ccaf7 in readline_callback client/display.c:730
    #3 0x7f7263e95bbc in rl_callback_read_char 
(/lib/x86_64-linux-gnu/libreadline.so.8+0x37bbc) (BuildId: 
1c37f1f25934c08d64296989ecdedac3fd2df66f)

[1m[35mpreviously allocated by thread T0 here:[1m[0m
    #0 0x7f72641205bf in __interceptor_malloc 
../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:69
    #1 0x7f7263ee6077 in l_malloc ell/util.c:49
    #2 0x7f7263efb7ef in l_io_new ell/io.c:175
    #3 0x55626d1ce1a1 in display_agent_prompt client/display.c:847
    #4 0x55626d1c16c1 in request_username_and_password_method_call 
client/agent.c:245
    #5 0x7f7263f3bf96 in _dbus_object_tree_dispatch ell/dbus-service.c:1800
    #6 0x7f7263f1dbec in message_read_handler ell/dbus.c:270
    #7 0x7f7263efb079 in io_callback ell/io.c:105
    #8 0x7f7263ef89b9 in l_main_iterate ell/main.c:461
    #9 0x7f7263ef8cfb in l_main_run ell/main.c:508
    #10 0x7f7263ef8cfb in l_main_run ell/main.c:490
    #11 0x7f7263ef9030 in l_main_run_with_signal ell/main.c:630
    #12 0x55626d1beda3 in main client/main.c:70
    #13 0x7f7263ca36c9 in __libc_start_call_main 
../sysdeps/nptl/libc_start_call_main.h:58

SUMMARY: AddressSanitizer: heap-use-after-free ell/io.c:206 in l_io_destroy
Shadow bytes around the buggy address:
  0x60b000000600: [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m
  0x60b000000680: [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
  0x60b000000700: [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m
  0x60b000000780: [1m[35mfd[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m
  0x60b000000800: [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
=>0x60b000000880: [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m[[1m[35mfd[1m[0m][1m[35mfd[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
  0x60b000000900: [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m
  0x60b000000980: [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m
  0x60b000000a00: [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m 
[1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[35mfd[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
  0x60b000000a80: [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
  0x60b000000b00: [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m [1m[31mfa[1m[0m 
[1m[31mfa[1m[0m
Shadow byte legend (one shadow byte represents 8 application bytes):
  Addressable:           [1m[0m00[1m[0m
  Partially addressable: [1m[0m01[1m[0m [1m[0m02[1m[0m 
[1m[0m03[1m[0m [1m[0m04[1m[0m [1m[0m05[1m[0m [1m[0m06[1m[0m 
[1m[0m07[1m[0m 
  Heap left redzone:       [1m[31mfa[1m[0m
  Freed heap region:       [1m[35mfd[1m[0m
  Stack left redzone:      [1m[31mf1[1m[0m
  Stack mid redzone:       [1m[31mf2[1m[0m
  Stack right redzone:     [1m[31mf3[1m[0m
  Stack after return:      [1m[35mf5[1m[0m
  Stack use after scope:   [1m[35mf8[1m[0m
  Global redzone:          [1m[31mf9[1m[0m
  Global init order:       [1m[36mf6[1m[0m
  Poisoned by user:        [1m[34mf7[1m[0m
  Container overflow:      [1m[34mfc[1m[0m
  Array cookie:            [1m[31mac[1m[0m
  Intra object redzone:    [1m[33mbb[1m[0m
  ASan internal:           [1m[33mfe[1m[0m
  Left alloca redzone:     [1m[34mca[1m[0m
  Right alloca redzone:    [1m[34mcb[1m[0m
=================================================================
[1m[31m==2042890==ERROR: AddressSanitizer: attempting double-free on 
0x60b000000880 in thread T0:
[1m[0m    #0 0x7f726411f288 in __interceptor_free 
../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:52
    #1 0x55626d1c1b62 in agent_exit client/agent.c:486
    #2 0x55626d1c1bf9 in agent_manager_destroy client/agent-manager.c:104
    #3 0x55626d1c1bf9 in agent_manager_destroy client/agent-manager.c:97
    #4 0x55626d1c6414 in proxy_interface_destroy client/dbus-proxy.c:597
    #5 0x7f7263eeb6c8 in l_queue_clear ell/queue.c:92
    #6 0x7f7263eeb744 in l_queue_destroy ell/queue.c:67
    #7 0x55626d1c9beb in dbus_proxy_exit client/dbus-proxy.c:891
    #8 0x55626d1beda8 in main client/main.c:72
    #9 0x7f7263ca36c9 in __libc_start_call_main 
../sysdeps/nptl/libc_start_call_main.h:58
    #10 0x7f7263ca3784 in __libc_start_main_impl ../csu/libc-start.c:360
    #11 0x55626d1bf230 in _start (/usr/bin/iwctl+0x1a230) (BuildId: 
6f9e02b618e99e9296aac04f28fa77930e431b33)

[1m[32m0x60b000000880 is located 0 bytes inside of 112-byte region 
[0x60b000000880,0x60b0000008f0)
[1m[0m[1m[35mfreed by thread T0 here:[1m[0m
    #0 0x7f726411f288 in __interceptor_free 
../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:52
    #1 0x55626d1c1899 in agent_prompt client/agent.c:438
    #2 0x55626d1ccaf7 in readline_callback client/display.c:730
    #3 0x7f7263e95bbc in rl_callback_read_char 
(/lib/x86_64-linux-gnu/libreadline.so.8+0x37bbc) (BuildId: 
1c37f1f25934c08d64296989ecdedac3fd2df66f)

[1m[35mpreviously allocated by thread T0 here:[1m[0m
    #0 0x7f72641205bf in __interceptor_malloc 
../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:69
    #1 0x7f7263ee6077 in l_malloc ell/util.c:49
    #2 0x7f7263efb7ef in l_io_new ell/io.c:175
    #3 0x55626d1ce1a1 in display_agent_prompt client/display.c:847
    #4 0x55626d1c16c1 in request_username_and_password_method_call 
client/agent.c:245
    #5 0x7f7263f3bf96 in _dbus_object_tree_dispatch ell/dbus-service.c:1800
    #6 0x7f7263f1dbec in message_read_handler ell/dbus.c:270
    #7 0x7f7263efb079 in io_callback ell/io.c:105
    #8 0x7f7263ef89b9 in l_main_iterate ell/main.c:461
    #9 0x7f7263ef8cfb in l_main_run ell/main.c:508
    #10 0x7f7263ef8cfb in l_main_run ell/main.c:490
    #11 0x7f7263ef9030 in l_main_run_with_signal ell/main.c:630
    #12 0x55626d1beda3 in main client/main.c:70
    #13 0x7f7263ca36c9 in __libc_start_call_main 
../sysdeps/nptl/libc_start_call_main.h:58

SUMMARY: AddressSanitizer: double-free 
../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:52 in __interceptor_free

Bug#1058620: iwctl crashes with double-free when asking more than one question on command-line

Reply via email to