Hi,
I get a crash when compiling this program:
"
process = *(v), *(v) with { v = hslider("volume[style:knob]", 0.5, 0, 5,
0.05);};
process = *(v), *(v) with { v = hslider("volume[style:knob]", 0.5, 0, 5,
0.05);};
"
It's reproducable using faust2. You might need to compile faust with
-fsanitize=address to provoke a crash:
=================================================================
==1915==ERROR: AddressSanitizer: heap-buffer-overflow on address
0x60700000a7a0 at pc 0x000000589c79 bp 0x7fdd894fd930 sp 0x7fdd894fd928
READ of size 4 at 0x60700000a7a0 thread T1
#0 0x589c78 in Trans::is_var_trans() const
patternmatcher/patternmatcher.cpp:137
#1 0x589c78 in apply_pattern_matcher_internal
patternmatcher/patternmatcher.cpp:659
#2 0x58e40e in apply_pattern_matcher(Automaton*, int, CTree*, CTree*&,
std::vector<CTree*, std::allocator<CTree*> >&)
patternmatcher/patternmatcher.cpp:693
#3 0x51003b in applyList evaluate/eval.cpp:994
#4 0x50ee2f in real_a2sb evaluate/eval.cpp:186
#5 0x50f5f4 in a2sb evaluate/eval.cpp:131
#6 0x51218f in evalprocess(CTree*) evaluate/eval.cpp:94
#7 0x6e6681 in evaluateBlockDiagram
/home/kjetil/faust2/compiler/libcode.cpp:917
#8 0x6e752c in thread_evaluateBlockDiagram
/home/kjetil/faust2/compiler/libcode.cpp:344
#9 0x3b49c07d13 in start_thread (/lib64/libpthread.so.0+0x3b49c07d13)
#10 0x3b494f168c in clone (/lib64/libc.so.6+0x3b494f168c)
0x60700000a7a0 is located 16 bytes to the left of 80-byte region
[0x60700000a7b0,0x60700000a800)
allocated by thread T1 here:
#0 0x7fdd8c21f01a in __interceptor_malloc
../../.././libsanitizer/asan/asan_malloc_linux.cc:38
#1 0x6f9374 in Garbageable::operator new(unsigned long)
/home/kjetil/faust2/compiler/global.cpp:464
#2 0x50cfe4 in evalCase evaluate/eval.cpp:1207
#3 0x50cfe4 in realeval evaluate/eval.cpp:535
#4 0x50d862 in eval evaluate/eval.cpp:265
Thread T1 created by T0 here:
#0 0x7fdd8c1c1074 in __interceptor_pthread_create
../../.././libsanitizer/asan/asan_interceptors.cc:179
#1 0x6e3834 in call_fun /home/kjetil/faust2/compiler/libcode.cpp:105
#2 0x166187f (/home/kjetil/faust2/compiler/faust+0x166187f)
SUMMARY: AddressSanitizer: heap-buffer-overflow
patternmatcher/patternmatcher.cpp:137 Trans::is_var_trans() const
Shadow bytes around the buggy address:
0x0c0e7fff94a0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c0e7fff94b0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c0e7fff94c0: fa fa fa fa fa fa fa fa fa fa fa fa 00 00 00 00
0x0c0e7fff94d0: 00 00 00 00 00 00 fa fa fa fa 00 00 00 00 00 00
0x0c0e7fff94e0: 00 00 00 00 fa fa fa fa 00 00 00 00 00 00 00 00
=>0x0c0e7fff94f0: 00 00 fa fa[fa]fa 00 00 00 00 00 00 00 00 00 00
0x0c0e7fff9500: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c0e7fff9510: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c0e7fff9520: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c0e7fff9530: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c0e7fff9540: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
Shadow byte legend (one shadow byte represents 8 application bytes):
Addressable: 00
Partially addressable: 01 02 03 04 05 06 07
Heap left redzone: fa
Heap right redzone: fb
Freed heap region: fd
Stack left redzone: f1
Stack mid redzone: f2
Stack right redzone: f3
Stack partial redzone: f4
Stack after return: f5
Stack use after scope: f8
Global redzone: f9
Global init order: f6
Poisoned by user: f7
Container overflow: fc
Array cookie: ac
Intra object redzone: bb
ASan internal: fe
==1915==ABORTING
(gdb) bt
#0 0x0000003b49435935 in raise () from /lib64/libc.so.6
#1 0x0000003b494370e8 in abort () from /lib64/libc.so.6
#2 0x00007ffff7139599 in __sanitizer::Abort () at
../../.././libsanitizer/sanitizer_common/sanitizer_posix_libcdep.cc:97
#3 0x00007ffff712cb19 in __asan::AsanDie () at
../../.././libsanitizer/asan/asan_rtl.cc:59
#4 0x00007fff8a296ea0 in ?? ()
#5 0x00007ffff7131402 in __sanitizer::Die () at
../../.././libsanitizer/sanitizer_common/sanitizer_common.cc:59
#6 0x00007ffff712baf4 in __asan_report_error (pc=<optimized out>,
bp=bp@entry=140735511361456, sp=sp@entry=140735511361448,
addr=addr@entry=106034153556000,
is_write=is_write@entry=0,
access_size=access_size@entry=4) at
../../.././libsanitizer/asan/asan_report.cc:640
#7 0x00007ffff712cef4 in __asan::__asan_report_load4
(addr=addr@entry=106034153556000)
at ../../.././libsanitizer/asan/asan_rtl.cc:374
#8 0x0000000000f95ced in is_var_trans (this=<optimized out>) at
patternmatcher/patternmatcher.cpp:137
#9 apply_pattern_matcher_internal (A=A@entry=0x6070000e8a60, s=s@entry=0,
X=X@entry=0x60e001181a80, subst=...) at
patternmatcher/patternmatcher.cpp:659
#10 0x0000000000f9a483 in apply_pattern_matcher (A=<optimized out>,
s=<optimized out>, X=<optimized out>, C=<optimized out>, E=...) at
patternmatcher/patternmatcher.cpp:693
#11 0x0000000000f44098 in applyList (fun=fun@entry=0x60e001181c40,
larg=<optimized out>) at evaluate/eval.cpp:994
#12 0x0000000000f42e8c in real_a2sb (exp=exp@entry=0x60e001181c40) at
evaluate/eval.cpp:186
#13 0x0000000000f43651 in a2sb (exp=0x60e001181c40) at evaluate/eval.cpp:131
#14 0x0000000000f461ec in evalprocess (eqlist=<optimized out>) at
evaluate/eval.cpp:94
#15 0x0000000000e751d6 in evaluateBlockDiagram
(expandedDefList=0x60e00065bf40, numInputs=@0x6200003e8e58: 0,
numOutputs=@0x6200003e8e5c: 0) at libcode.cpp:917
#16 0x0000000000e76081 in thread_evaluateBlockDiagram (arg=<optimized out>)
at libcode.cpp:344
------------------------------------------------------------------------------
What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic
patterns at an interface-level. Reveals which users, apps, and protocols are
consuming the most bandwidth. Provides multi-vendor support for NetFlow,
J-Flow, sFlow and other flows. Make informed decisions using capacity
planning reports. https://ad.doubleclick.net/ddm/clk/305295220;132659582;e
_______________________________________________
Faudiostream-devel mailing list
Faudiostream-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/faudiostream-devel
