Learn how easy it is to sync an existing GitHub or Google Code repo to a SourceForge project! See Demo

Close

#719 rvbap crash

v0.42
open
nobody
externals (233)
5
2011-08-01
2011-08-01
joel silvestre
No

Pd version 0.42.5 extended
linux ubuntu 11-04 and debian squeeze

rvbap crash pd if define-loudspeaker is set to 2 dimensions.

Easy to reproduce: open rvbap help, click on define_loudspeaker 2 and change a parameter in rvbap.

pdextended
tk scaling is 1.27729885057
*** glibc detected *** pdextended: double free or corruption (out): 0x0a48aaf8 ***
======= Backtrace: =========
/lib/i686/cmov/libc.so.6(+0x6b281)[0xb74ed281]
/lib/i686/cmov/libc.so.6(+0x6cad8)[0xb74eead8]
/lib/i686/cmov/libc.so.6(cfree+0x6d)[0xb74f1bbd]
/usr/lib/pd-extended/extra/vbap/rvbap.pd_linux(+0x1d03)[0xb651cd03]
pdextended(outlet_bang+0x33)[0x80b8d13]
======= Memory map: ========
08048000-0810e000 r-xp 00000000 08:01 108885 /usr/bin/pdextended
0810e000-0810f000 rwxp 000c6000 08:01 108885 /usr/bin/pdextended
0810f000-0851c000 rwxp 00000000 00:00 0
0a477000-0a566000 rwxp 00000000 00:00 0 [heap]
b5600000-b5621000 rwxp 00000000 00:00 0
b5621000-b5700000 ---p 00000000 00:00 0
b576b000-b576f000 r-xp 00000000 08:01 35265 /usr/lib/pd-extended/extra/vbap/define_loudspeakers.pd_linux
b576f000-b5770000 rwxp 00003000 08:01 35265 /usr/lib/pd-extended/extra/vbap/define_loudspeakers.pd_linux
b5770000-b5781000 r-xp 00000000 08:01 9098 /usr/share/fonts/truetype/ttf-bitstream-vera/Vera.ttf
b5781000-b57cc000 r-xp 00000000 08:01 83310 /usr/lib/libImlib2.so.1.4.2
b57cc000-b57cd000 rwxp 0004b000 08:01 83310 /usr/lib/libImlib2.so.1.4.2
b57cd000-b57e1000 rwxp 00000000 00:00 0
b57e1000-b5823000 r-xp 00000000 08:01 83791 /usr/lib/libmp3lame.so.0.0.0
b5823000-b5825000 rwxp 00041000 08:01 83791 /usr/lib/libmp3lame.so.0.0.0
b5825000-b5858000 rwxp 00000000 00:00 0
b5858000-b59bd000 r-xp 00000000 08:01 82580 /usr/lib/libvorbisenc.so.2.0.7
b59bd000-b59ce000 rwxp 00165000 08:01 82580 /usr/lib/libvorbisenc.so.2.0.7
b59ce000-b59f5000 r-xp 00000000 08:01 82576 /usr/lib/libvorbis.so.0.4.4
b59f5000-b59f6000 rwxp 00026000 08:01 82576 /usr/lib/libvorbis.so.0.4.4
b59f6000-b59fb000 r-xp 00000000 08:01 82570 /usr/lib/libogg.so.0.7.0
b59fb000-b59fc000 rwxp 00004000 08:01 82570 /usr/lib/libogg.so.0.7.0
b59fc000-b5a4b000 r-xp 00000000 08:01 82573 /usr/lib/libtheora.so.0.3.10
b5a4b000-b5a4c000 rwxp 0004f000 08:01 82573 /usr/lib/libtheora.so.0.3.10
b5a4c000-b5ac1000 r-xp 00000000 08:01 115646 /usr/lib/pd-extended/extra/pidip/pidip.pd_linux
b5ac1000-b5ac3000 rwxp 00075000 08:01 115646 /usr/lib/pd-extended/extra/pidip/pidip.pd_linux
b5ac3000-b5ac8000 rwxp 00000000 00:00 0
b5ac8000-b5ac9000 ---p 00000000 00:00 0
b5ac9000-b62c9000 rwxp 00000000 00:00 0
b62c9000-b62cd000 r-xp 00000000 08:01 83384 /usr/lib/libXv.so.1.0.0
b62cd000-b62ce000 rwxp 00003000 08:01 83384 /usr/lib/libXv.so.1.0.0
b62ce000-b62f1000 r-xp 00000000 08:01 67375 /lib/libpng12.so.0.44.0
b62f1000-b62f2000 rwxp 00022000 08:01 67375 /lib/libpng12.so.0.44.0
b62f2000-b64d6000 r-xp 00000000 08:01 83285 /usr/lib/libgsl.so.0.15.0
b64d6000-b64e5000 rwxp 001e3000 08:01 83285 /usr/lib/libgsl.so.0.15.0
b64e5000-b6516000 r-xp 00000000 08:01 83287 /usr/lib/libgslcblas.so.0.0.0
b6516000-b6517000 rwxp 00030000 08:01 83287 /usr/lib/libgslcblas.so.0.0.0
b651b000-b651e000 r-xp 00000000 08:01 35250 /usr/lib/pd-extended/extra/vbap/rvbap.pd_linux
b651e000-b651f000 rwxp 00002000 08:01 35250 /usr/lib/pd-extended/extra/vbap/rvbap.pd_linux
b651f000-b6561000 r-xp 00000000 08:01 47179 /usr/lib/pd-extended/extra/pdp/pdp.pd_linux
b6561000-b6563000 rwxp 00041000 08:01 47179 /usr/lib/pd-extended/extra/pdp/pdp.pd_linux
b6563000-b6565000 rwxp 00000000 00:00 0
b6565000-b6569000 r-xp 00000000 08:01 8826 /usr/lib/libXdmcp.so.6.0.0
b6569000-b656a000 rwxp 00003000 08:01 8826 /usr/lib/libXdmcp.so.6.0.0
b656a000-b656c000 r-xp 00000000 08:01 8814 /usr/lib/libXau.so.6.0.0
b656c000-b656d000 rwxp 00001000 08:01 8814 /usr/lib/libXau.so.6.0.0
b656d000-b6570000 r-xp 00000000 08:01 68045 /lib/libuuid.so.1.3.0
b6570000-b6571000 rwxp 00002000 08:01 68045 /lib/libuuid.so.1.3.0
b6571000-b6595000 r-xp 00000000 08:01 82637 /usr/lib/libexpat.so.1.5.2
b6595000-b6597000 rwxp 00023000 08:01 82637 /usr/lib/libexpat.so.1.5.2
b6597000-b65c9000 r-xp 00000000 08:01 67384 /lib/libpcre.so.3.12.1
b65c9000-b65ca000 rwxp 00031000 08:01 67384 /lib/libpcre.so.3.12.1
b65ca000-b65e2000 r-xp 00000000 08:01 9083 /usr/lib/libxcb.so.1.1.0
b65e2000-b65e3000 rwxp 00017000 08:01 9083 /usr/lib/libxcb.so.1.1.0
b65e3000-b65ec000 r-xp 00000000 08:01 43013 /usr/lib/libdrm.so.2.4.0
b65ec000-b65ed000 rwxp 00008000 08:01 43013 /usr/lib/libdrm.so.2.4.0
b65ed000-b65f1000 r-xp 00000000 08:01 10259 /usr/lib/libXfixes.so.3.1.0
b65f1000-b65f2000 rwxp 00003000 08:01 10259 /usr/lib/libXfixes.so.3.1.0
b65f2000-b65f4000 r-xp 00000000 08:01 12224 /usr/lib/libXdamage.so.1.1.0
b65f4000-b65f5000 rwxp 00001000 08:01 12224 /usr/lib/libXdamage.so.1.1.0
b65f5000-b65fe000 r-xp 00000000 08:01 41134 /usr/lib/liba52-0.7.4.so
b65fe000-b65ff000 rwxp 00008000 08:01 41134 /usr/lib/liba52-0.7.4.so
b65ff000-b6600000 rwxp 00000000 00:00 0
b6600000-b660c000 r-xp 00000000 08:01 43884 /usr/lib/libgomp.so.1.0.0
b660c000-b660d000 rwxp 0000b000 08:01 43884 /usr/lib/libgomp.so.1.0.0
b660d000-b6621000 r-xp 00000000 08:01 40935 /usr/lib/libICE.so.6.3.0
b6621000-b6623000 rwxp 00013000 08:01 40935 /usr/lib/libICE.so.6.3.0
b6623000-b6624000 rwxp 00000000 00:00 0
b6624000-b662b000 r-xp 00000000 08:01 43886 /usr/lib/libSM.so.6.0.1
b662b000-b662c000 rwxp 00006000 08:01 43886 /usr/lib/libSM.so.6.0.1
b662c000-b6633000 r-xp 00000000 08:01 82992 /usr/lib/libltdl.so.7.2.1
b6633000-b6634000 rwxp 00007000 08:01 82992 /usr/lib/libltdl.so.7.2.1
b6634000-b6644000 r-xp 00000000 08:01 65714 /lib/libbz2.so.1.0.4
b6644000-b6645000 rwxp 00010000 08:01 65714 /lib/libbz2.so.1.0.4
b6645000-b6693000 r-xp 00000000 08:01 41053 /usr/lib/libXt.so.6.0.0
b6693000-b6697000 rwxp 0004d000 08:01 41053 /usr/lib/libXt.so.6.0.0
b6697000-b66c4000 r-xp 00000000 08:01 82650 /usr/lib/libfontconfig.so.1.4.4
b66c4000-b66c6000 rwxp 0002c000 08:01 82650 /usr/lib/libfontconfig.so.1.4.4
b66c6000-b678e000 r-xp 00000000 08:01 67387 /lib/libglib-2.0.so.0.2400.2
b678e000-b678f000 rwxp 000c8000 08:01 67387 /lib/libglib-2.0.so.0.2400.2
b678f000-b679f000 r-xp 00000000 08:01 41198 /usr/lib/liblqr-1.so.0.3.1
b679f000-b67a0000 rwxp 0000f000 08:01 41198 /usr/lib/liblqr-1.so.0.3.1
b67a0000-b67bf000 r-xp 00000000 08:01 82602 /usr/lib/libjpeg.so.62.0.0
b67bf000-b67c0000 rwxp 0001e000 08:01 82602 /usr/lib/libjpeg.so.62.0.0
b67c0000-b6833000 r-xp 00000000 08:01 82639 /usr/lib/libfreetype.so.6.6.0
b6833000-b6837000 rwxp 00073000 08:01 82639 /usr/lib/libfreetype.so.6.6.0
b6837000-b6890000 r-xp 00000000 08:01 8593 /usr/lib/libtiff.so.4.3.3
b6890000-b6892000 rwxp 00059000 08:01 8593 /usr/lib/libtiff.so.4.3.3
b6892000-b68c2000 r-xp 00000000 08:01 41042 /usr/lib/liblcms.so.1.0.18
b68c2000-b68c4000 rwxp 0002f000 08:01 41042 /usr/lib/liblcms.so.1.0.18
b68c4000-b68c6000 rwxp 00000000 00:00 0
b68c6000-b69d6000 r-xp 00000000 08:01 44116 /usr/lib/libMagickWand.so.3.0.0
b69d6000-b69d8000 rwxp 00110000 08:01 44116 /usr/lib/libMagickWand.so.3.0.0
b69d8000-b69f1000 r-xp 00000000 08:01 41012 /usr/lib/libv4lconvert.so.0
b69f1000-b69f4000 rwxp 00018000 08:01 41012 /usr/lib/libv4lconvert.so.0
b69f4000-b6a44000 rwxp 00000000 00:00 0
b6a44000-b6a61000 r-xp 00000000 08:01 67374 /lib/libgcc_s.so.1
b6a61000-b6a62000 rwxp 0001c000 08:01 67374 /lib/libgcc_s.so.1
b6a62000-b6b7b000 r-xp 00000000 08:01 8812 /usr/lib/libX11.so.6.3.0
b6b7b000-b6b7f000 rwxp 00118000 08:01 8812 /usr/lib/libX11.so.6.3.0
b6b7f000-b6b83000 r-xp 00000000 08:01 41115 /usr/lib/libXxf86vm.so.1.0.0
b6b83000-b6b84000 rwxp 00003000 08:01 41115 /usr/lib/libXxf86vm.so.1.0.0
b6b84000-b6b92000 r-xp 00000000 08:01 41063 /usr/lib/libXext.so.6.4.0
b6b92000-b6b93000 rwxp 0000d000 08:01 41063 /usr/lib/libXext.so.6.4.0
b6b93000-b6bed000 r-xp 00000000 08:01 41078 /usr/lib/libGL.so.1.2
b6bed000-b6bf6000 rwxp 00059000 08:01 41078 /usr/lib/libGL.so.1.2
b6bf6000-b6bf8000 rwxp 00000000 00:00 0
b6bf8000-b6c67000 r-xp 00000000 08:01 41143 /usr/lib/libGLU.so.1.3.070701
b6c67000-b6c68000 rwxp 0006e000 08:01 41143 /usr/lib/libGLU.so.1.3.070701
b6c68000-b6d51000 r-xp 00000000 08:01 41051 /usr/lib/libstdc++.so.6.0.13
b6d51000-b6d55000 r-xp 000e9000 08:01 41051 /usr/lib/libstdc++.so.6.0.13
b6d55000-b6d56000 rwxp 000ed000 08:01 41051 /usr/lib/libstdc++.so.6.0.13
b6d56000-b6d5d000 rwxp 00000000 00:00 0
b6d5d000-b6d80000 r-xp 00000000 08:01 42068 /usr/lib/libmpeg3.so.1.5.4
b6d80000-b6d85000 rwxp 00023000 08:01 42068 /usr/lib/libmpeg3.so.1.5.4
b6d85000-b6d98000 rwxp 00000000 00:00 0
b6d98000-b6db2000 r-xp 00000000 08:01 82600 /usr/lib/libdv.so.4.0.3
b6db2000-b6db4000 rwxp 0001a000 08:01 82600 /usr/lib/libdv.so.4.0.3
b6db4000-b6dc0000 rwxp 00000000 00:00 0
b6dc0000-b6f9e000 r-xp 00000000 08:01 44114 /usr/lib/libMagickCore.so.3.0.0
b6f9e000-b6fee000 rwxp 001dd000 08:01 44114 /usr/lib/libMagickCore.so.3.0.0
b6fee000-b7006000 rwxp 00000000 00:00 0
b7006000-b707a000 r-xp 00000000 08:01 43011 /usr/lib/libMagick++.so.3.0.0
b707a000-b707d000 rwxp 00073000 08:01 43011 /usr/lib/libMagick++.so.3.0.0
b707d000-b7090000 r-xp 00000000 08:01 81928 /usr/lib/libz.so.1.2.3.4
b7090000-b7091000 rwxp 00013000 08:01 81928 /usr/lib/libz.so.1.2.3.4
b7091000-b7104000 r-xp 00000000 08:01 43031 /usr/lib/libquicktime.so.1.0.0
b7104000-b7107000 rwxp 00072000 08:01 43031 /usr/lib/libquicktime.so.1.0.0
b7107000-b7108000 rwxp 00000000 00:00 0
b7108000-b710e000 r-xp 00000000 08:01 83767 /usr/lib/libv4l2.so.0
b710e000-b7112000 rwxp 00005000 08:01 83767 /usr/lib/libv4l2.so.0
b7112000-b7113000 r-xp 00000000 08:01 47772 /usr/lib/pd-extended/extra/iemlib/iem_anything.pd_linux
b7113000-b7114000 rwxp 00001000 08:01 47772 /usr/lib/pd-extended/extra/iemlib/iem_anything.pd_linux
b7114000-b7119000 r-xp 00000000 08:01 35255 /usr/lib/pd-extended/extra/vbap/vbap.pd_linux
b7119000-b711a000 rwxp 00005000 08:01 35255 /usr/lib/pd-extended/extra/vbap/vbap.pd_linux
b711a000-b7469000 r-xp 00000000 08:01 35305 /usr/lib/pd-extended/extra/Gem/Gem.pd_linux
b7469000-b747d000 rwxp 0034e000 08:01 35305 /usr/lib/pd-extended/extra/Gem/Gem.pd_linux
b747d000-b7482000 rwxp 00000000 00:00 0
b7482000-b75c2000 r-xp 00000000 08:01 65632 /lib/i686/cmov/libc-2.11.2.so
b75c2000-b75c4000 r-xp 0013f000 08:01 65632 /lib/i686/cmov/libc-2.11.2.so
b75c4000-b75c5000 rwxp 00141000 08:01 65632 /lib/i686/cmov/libc-2.11.2.so
b75c5000-b75c8000 rwxp 00000000 00:00 0
b75c8000-b75dd000 r-xp 00000000 08:01 65436 /lib/i686/cmov/libpthread-2.11.2.so
b75dd000-b75de000 r-xp 00014000 08:01 65436 /lib/i686/cmov/libpthread-2.11.2.so
b75de000-b75df000 rwxp 00015000 08:01 65436 /lib/i686/cmov/libpthread-2.11.2.so
b75df000-b75e1000 rwxp 00000000 00:00 0
b75e1000-b7605000 r-xp 00000000 08:01 65424 /lib/i686/cmov/libm-2.11.2.so
b7605000-b7606000 r-xp 00023000 08:01 65424 /lib/i686/cmov/libm-2.11.2.so
b7606000-b7607000 rwxp 00024000 08:01 65424 /lib/i686/cmov/libm-2.11.2.so
b7607000-b7609000 r-xp 00000000 08:01 65439 /lib/i686/cmov/libdl-2.11.2.so
b7609000-b760a000 r-xp 00001000 08:01 65439 /lib/i686/cmov/libdl-2.11.2.so
b760a000-b760b000 rwxp 00002000 08:01 65439 /lib/i686/cmov/libdl-2.11.2.so
b760b000-b761a000 r-xp 00000000 08:01 41130 /usr/lib/libjack.so.0.0.28
b761a000-b761c000 rwxp 0000e000 08:01 41130 /usr/lib/libjack.so.0.0.28
b761c000-b7625000 rwxp 00000000 00:00 0
b7625000-b762c000 r-xp 00000000 08:01 65437 /lib/i686/cmov/librt-2.11.2.so
b762c000-b762d000 r-xp 00006000 08:01 65437 /lib/i686/cmov/librt-2.11.2.so
b762d000-b762e000 rwxp 00007000 08:01 65437 /lib/i686/cmov/librt-2.11.2.so
b762e000-b76f2000 r-xp 00000000 08:01 41344 /usr/lib/libasound.so.2.0.0
b76f2000-b76f6000 rwxp 000c4000 08:01 41344 /usr/lib/libasound.so.2.0.0
b76f7000-b76fb000 r-xp 00000000 08:01 83793 /usr/lib/libv4l1.so.0
b76fb000-b76fc000 rwxp 00003000 08:01 83793 /usr/lib/libv4l1.so.0
b76fc000-b76fd000 r-xp 00000000 08:01 49049 /usr/lib/pd-extended/extra/libdir.pd_linux
b76fd000-b76fe000 rwxp 00000000 08:01 49049 /usr/lib/pd-extended/extra/libdir.pd_linux
b76fe000-b7700000 rwxp 00000000 00:00 0
b7700000-b7701000 r-xp 00000000 00:00 0 [vdso]
b7701000-b771c000 r-xp 00000000 08:01 65697 /lib/ld-2.11.2.so
b771c000-b771d000 r-xp 0001a000 08:01 65697 /lib/ld-2.11.2.so
b771d000-b771e000 rwxp 0001b000 08:01 65697 /lib/ld-2.11.2.so
bfd2d000-bfd42000 rwxp 00000000 00:00 0 [stack]
Pd: signal 6

Discussion

  • Two bugs :

    in [vbap/vbap],

    Invalid read of size 4 AND Invalid write of size 4 (same line number, same malloc)
    at 0x4F42667: additive_vbap (vbap.c:419)
    by 0x4F43527: vbap_bang (vbap.c:526)
    by 0x4F45217: choose_ls_tuplets (define_loudspeakers.c:757)
    by 0x4F45664: vbap_def_ls (define_loudspeakers.c:62)
    by 0x80C7498: pd_typedmess (m_class.c:716)
    by 0x3FFFFFFF: ???
    Address 0x4376c14 is 4 bytes before a block of size 16 alloc'd
    at 0x4024F12: calloc (vg_replace_malloc.c:467)
    by 0x80CB2BC: getbytes (m_memory.c:24)
    by 0x4F45217: choose_ls_tuplets (define_loudspeakers.c:757)
    by 0x4F45664: vbap_def_ls (define_loudspeakers.c:62)
    by 0x80C7498: pd_typedmess (m_class.c:716)
    by 0x3FFFFFFF: ???

    And in [vbap/rvbap],

    Invalid write of size 4
    at 0x796DB34: rvbap_bang (rvbap.c:619)
    by 0x80CA552: outlet_bang (m_obj.c:371)
    by 0x80CA552: outlet_bang (m_obj.c:371)
    by 0x80FCB3A: trigger_list (x_connective.c:981)
    by 0x80FCE26: trigger_float (x_connective.c:1025)
    by 0x80CA0A6: outlet_float (m_obj.c:397)
    by 0x80CA0A6: outlet_float (m_obj.c:397)
    by 0x8079BFD: gatom_bang (g_text.c:585)
    by 0x807DEC1: gatom_motion (g_text.c:615)
    by 0x80A9268: canvas_motion (g_editor.c:1821)
    by 0x80C7765: pd_typedmess (m_class.c:792)
    by 0x80C734B: pd_typedmess (m_class.c:813)
    Address 0x4624054 is 4 bytes before a block of size 16 alloc'd
    at 0x4024F12: calloc (vg_replace_malloc.c:467)
    by 0x80CB2BC: getbytes (m_memory.c:24)
    by 0x80CA552: outlet_bang (m_obj.c:371)
    by 0x80CA552: outlet_bang (m_obj.c:371)
    by 0x80FCB3A: trigger_list (x_connective.c:981)
    by 0x80FCE26: trigger_float (x_connective.c:1025)
    by 0x80CA0A6: outlet_float (m_obj.c:397)
    by 0x80CA0A6: outlet_float (m_obj.c:397)
    by 0x8079BFD: gatom_bang (g_text.c:585)
    by 0x807DEC1: gatom_motion (g_text.c:615)
    by 0x80A9268: canvas_motion (g_editor.c:1821)
    by 0x80C7765: pd_typedmess (m_class.c:792)

     
  • Index: vbap.c

    --- vbap.c (révision 15520)
    +++ vbap.c (copie de travail)
    @@ -415,7 +416,7 @@

    final_gs[ls[0]-1] += g[0];
    final_gs[ls[1]-1] += g[1];
    - final_gs[ls[2]-1] += g[2];
    + if (dim==3) final_gs[ls[2]-1] += g[2];
    }
    }

     


Anonymous


Cancel   Add attachments