Home   Groups   Digests   Personalise   Search   Login
  POV-Ray : Newsgroups : povray.beta-test : Random crash in beta.4 Server Time
25 Mar 2025 12:34:44 EDT (-0400)
  Random crash in beta.4 (Message 11 to 14 of 14)  
<<< Previous 10 Messages Goto Initial 10 Messages
From: clipka
Subject: Re: Unix stack for crash in beta.5
Date: 6 Apr 2017 05:08:46
Message: <58e6059e$1@news.povray.org>
 
Am 06.04.2017 um 10:31 schrieb dick balaska:
> Am 2017-04-06 04:24, also sprach clipka:
>> Am 06.04.2017 um 09:39 schrieb dick balaska:
>>> So, here's another uber-trimmed tteoac.
>>
>> Whines about "beatdebug.inc" missing.
>>
> 
> with -sf100 -ef100?

Ah, sorry. Forgot that.

Crashes now. Which is neat, because it means it's reproducible ;)


Post a reply to this message
From: clipka
Subject: Re: Unix stack for crash in beta.5
Date: 6 Apr 2017 06:08:51
Message: <58e613b3$1@news.povray.org>
 
Am 06.04.2017 um 10:44 schrieb dick balaska:
> 
> Fixed cut/paste instructions (was a bad cd)
> 
> wget http://www.buckosoft.com/tteoac/video/ttcrash2.bz2
> tar -xvjf ttcrash2.bz2
> cd ttcrash2/ttto
> povray ttto.ini -sf100 -ef100
> 
> 
> My theory from the stack trace was that it gave up on a #declare's
> rvalue, and double freed it.  That seems to be likely.

No, not exactly.

It turns out that the "switch" construct around the incomplete
declaration is irrelevant; it's the "#include" that's working the magic.

The recipe for desaster is as follows:

    <start of "local" scope>
    #local <Identifier> = <Valid RValue>
    #local <Identifier> =
    <end of "local" scope>
    <Valid RValue>

For example, the following also causes a crash:

    #macro Foo()
      #local Bar=1;
      #local Bar=
    #end

    Foo()

    sphere {<0,0,0>,1}

The end of local scope causes the identifier and its content to be
ditched, but the code responsible for parsing `#local` statements tries
to ditch the content again in order to replace it with the new content.


Post a reply to this message
From: clipka
Subject: Re: Unix stack for crash in beta.5
Date: 6 Apr 2017 06:17:48
Message: <58e615cc$1@news.povray.org>
 
Am 06.04.2017 um 12:08 schrieb clipka:

> The recipe for desaster is as follows:
> 
>     <start of "local" scope>
>     #local <Identifier> = <Valid RValue>
>     #local <Identifier> =
>     <end of "local" scope>
>     <Valid RValue>
> 
> For example, the following also causes a crash:
> 
>     #macro Foo()
>       #local Bar=1;
>       #local Bar=
>     #end
> 
>     Foo()
> 
>     sphere {<0,0,0>,1}
> 
> The end of local scope causes the identifier and its content to be
> ditched, but the code responsible for parsing `#local` statements tries
> to ditch the content again in order to replace it with the new content.

The same kind of crash can also be triggered with the following construct:

    #declare Foo=1;
    #declare Foo=
    #undef Foo
    sphere {<0,0,0>,1}


Post a reply to this message
From: clipka
Subject: Re: Random crash in beta.4
Date: 6 Apr 2017 07:14:38
Message: <58e6231e$1@news.povray.org>
 
Now tracked on GitHub as issue #265
(https://github.com/POV-Ray/povray/issues/265).


Post a reply to this message
<<< Previous 10 Messages Goto Initial 10 Messages

Copyright 2003-2023 Persistence of Vision Raytracer Pty. Ltd.