Opened 13 years ago

Closed 13 years ago

#1284 closed defect (fixed)

'v.vol.rst --help' fails

Reported by: torben Owned by: grass-dev@…
Priority: major Milestone: 6.4.1
Component: Vector Version: 6.4.0
Keywords: v.vol.rst Cc:
CPU: x86-64 Platform: Linux

Description

'v.vol.rst --help' fails with a 'buffer overflow' (cf. vvolrst_error.txt) when 'g.region res3' is set to larger than 200 (in most cases). The error depends on the value set to 'g.region res' (cf. vvolrstRes.csv).

Attachments (4)

vvolrstRes.csv (26.5 KB ) - added by torben 13 years ago.
vvolrst_error.txt (6.3 KB ) - added by torben 13 years ago.
gregionfail.txt (389 bytes ) - added by torben 13 years ago.
v.vol.rst.bt (30.7 KB ) - added by marisn 13 years ago.
A better backtrace of crash on AMD64

Download all attachments as: .zip

Change History (11)

by torben, 13 years ago

Attachment: vvolrstRes.csv added

by torben, 13 years ago

Attachment: vvolrst_error.txt added

by torben, 13 years ago

Attachment: gregionfail.txt added

comment:1 by neteler, 13 years ago

I tried and no problem appears. The --help should be unrelated to anything: 

GRASS 6.4.1svn (nc_spm_08):~ > g.region n=4928500 s=4913500 w=589500 e=609000 b=0 t=2100 res=500 res3=500 tbres=2100
GRASS 6.4.1svn (nc_spm_08):~ > g.region -p3
projection: 99 (Lambert Conformal Conic)
zone:       0
datum:      nad83
ellipsoid:  a=6378137 es=0.006694380022900787
north:      4928500
south:      4913500
west:       589500
east:       609000
top:        2100.00000000
bottom:     0.00000000
nsres:      500
nsres3:     500
ewres:      500
ewres3:     500
tbres:      2100
rows:       30
rows3:      30
cols:       39
cols3:      39
depths:     1
cells:      1170
cells3:     1170
GRASS 6.4.1svn (nc_spm_08):~ > v.vol.rst --help

Description:
 Interpolates point data to a G3D grid volume using regularized spline with tension (RST) algorithm.
...

Please create a backtrace in a debugger, like 

gdb v.vol.rst
r --help
bt full

in reply to:  1 comment:2 by torben, 13 years ago

The '-- help' shouldn't be related to anything, but it seems to me that the defaul-value for 'dmin' is computed, when calling 'v.vol.rst'. I tried to run it also on another machine with GRASS 6.4.1RC1, where it started without any problems.

Here the debugger outputs. 

GRASS 6.4.0 (spearfish60):~ > gdb v.vol.rst
GNU gdb (GDB) 7.1-ubuntu
Copyright (C) 2010 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>...
Reading symbols from /usr/lib/grass64/bin/v.vol.rst...(no debugging symbols found)...done.

(gdb) r --help
Starting program: /usr/lib/grass64/bin/v.vol.rst --help
[Thread debugging using libthread_db enabled]
*** buffer overflow detected ***: /usr/lib/grass64/bin/v.vol.rst terminated
======= Backtrace: =========
/lib/libc.so.6(__fortify_fail+0x37)[0x7ffff5380217]
/lib/libc.so.6(+0xfe0d0)[0x7ffff537f0d0]
/lib/libc.so.6(+0xfd539)[0x7ffff537e539]
/lib/libc.so.6(__printf_fp+0x1541)[0x7ffff52cd421]
/lib/libc.so.6(_IO_vfprintf+0x25fe)[0x7ffff52c899e]
/lib/libc.so.6(__vsprintf_chk+0x99)[0x7ffff537e5d9]
/lib/libc.so.6(__sprintf_chk+0x7f)[0x7ffff537e51f]
/usr/lib/grass64/bin/v.vol.rst(main+0x177)[0x405837]
/lib/libc.so.6(__libc_start_main+0xfd)[0x7ffff529fc4d]
/usr/lib/grass64/bin/v.vol.rst[0x404d89]
======= Memory map: ========
00400000-00410000 r-xp 00000000 08:01 102864                             /usr/lib/grass64/bin/v.vol.rst
0060f000-00610000 r--p 0000f000 08:01 102864                             /usr/lib/grass64/bin/v.vol.rst
00610000-00611000 rw-p 00010000 08:01 102864                             /usr/lib/grass64/bin/v.vol.rst
00611000-00633000 rw-p 00000000 00:00 0                                  [heap]
7fffec829000-7fffec82c000 r-xp 00000000 08:01 570165                     /lib/libgpg-error.so.0.4.0
7fffec82c000-7fffeca2b000 ---p 00003000 08:01 570165                     /lib/libgpg-error.so.0.4.0
7fffeca2b000-7fffeca2c000 r--p 00002000 08:01 570165                     /lib/libgpg-error.so.0.4.0
7fffeca2c000-7fffeca2d000 rw-p 00003000 08:01 570165                     /lib/libgpg-error.so.0.4.0
7fffeca2d000-7fffeca3d000 r-xp 00000000 08:01 540007                     /usr/lib/libtasn1.so.3.1.7
7fffeca3d000-7fffecc3c000 ---p 00010000 08:01 540007                     /usr/lib/libtasn1.so.3.1.7
7fffecc3c000-7fffecc3d000 r--p 0000f000 08:01 540007                     /usr/lib/libtasn1.so.3.1.7
7fffecc3d000-7fffecc3e000 rw-p 00010000 08:01 540007                     /usr/lib/libtasn1.so.3.1.7
7fffecc3e000-7fffecc57000 r-xp 00000000 08:01 539953                     /usr/lib/libsasl2.so.2.0.23
7fffecc57000-7fffece56000 ---p 00019000 08:01 539953                     /usr/lib/libsasl2.so.2.0.23
7fffece56000-7fffece57000 r--p 00018000 08:01 539953                     /usr/lib/libsasl2.so.2.0.23
7fffece57000-7fffece58000 rw-p 00019000 08:01 539953                     /usr/lib/libsasl2.so.2.0.23
7fffece58000-7fffece6e000 r-xp 00000000 08:01 69293                      /lib/libresolv-2.11.1.so
7fffece6e000-7fffed06d000 ---p 00016000 08:01 69293                      /lib/libresolv-2.11.1.so
7fffed06d000-7fffed06e000 r--p 00015000 08:01 69293                      /lib/libresolv-2.11.1.so
7fffed06e000-7fffed06f000 rw-p 00016000 08:01 69293                      /lib/libresolv-2.11.1.so
7fffed06f000-7fffed071000 rw-p 00000000 00:00 0 
7fffed071000-7fffed073000 r-xp 00000000 08:01 570172                     /lib/libkeyutils-1.2.so
7fffed073000-7fffed272000 ---p 00002000 08:01 570172                     /lib/libkeyutils-1.2.so
7fffed272000-7fffed273000 r--p 00001000 08:01 570172                     /lib/libkeyutils-1.2.so
7fffed273000-7fffed274000 rw-p 00002000 08:01 570172                     /lib/libkeyutils-1.2.so
7fffed274000-7fffed27b000 r-xp 00000000 08:01 538290                     /usr/lib/libkrb5support.so.0.1
7fffed27b000-7fffed47a000 ---p 00007000 08:01 538290                     /usr/lib/libkrb5support.so.0.1
7fffed47a000-7fffed47b000 r--p 00006000 08:01 538290                     /usr/lib/libkrb5support.so.0.1
7fffed47b000-7fffed47c000 rw-p 00007000 08:01 538290                     /usr/lib/libkrb5support.so.0.1
7fffed47c000-7fffed4a0000 r-xp 00000000 08:01 537563                     /usr/lib/libk5crypto.so.3.1
7fffed4a0000-7fffed6a0000 ---p 00024000 08:01 537563                     /usr/lib/libk5crypto.so.3.1
7fffed6a0000-7fffed6a1000 r--p 00024000 08:01 537563                     /usr/lib/libk5crypto.so.3.1
7fffed6a1000-7fffed6a2000 rw-p 00025000 08:01 537563                     /usr/lib/libk5crypto.so.3.1
7fffed6a2000-7fffed6b9000 r-xp 00000000 08:01 69284                      /lib/libnsl-2.11.1.so
7fffed6b9000-7fffed8b8000 ---p 00017000 08:01 69284                      /lib/libnsl-2.11.1.so
7fffed8b8000-7fffed8b9000 r--p 00016000 08:01 69284                      /lib/libnsl-2.11.1.so
7fffed8b9000-7fffed8ba000 rw-p 00017000 08:01 69284                      /lib/libnsl-2.11.1.so
7fffed8ba000-7fffed8bc000 rw-p 00000000 00:00 0 
7fffed8bc000-7fffed931000 r-xp 00000000 08:01 570161                     /lib/libgcrypt.so.11.5.2
7fffed931000-7fffedb30000 ---p 00075000 08:01 570161                     /lib/libgcrypt.so.11.5.2
7fffedb30000-7fffedb31000 r--p 00074000 08:01 570161                     /lib/libgcrypt.so.11.5.2
7fffedb31000-7fffedb34000 rw-p 00075000 08:01 570161                     /lib/libgcrypt.so.11.5.2
7fffedb34000-7fffedbd0000 r-xp 00000000 08:01 539501                     /usr/lib/libgnutls.so.26.14.12
7fffedbd0000-7fffeddcf000 ---p 0009c000 08:01 539501                     /usr/lib/libgnutls.so.26.14.12
7fffeddcf000-7fffeddd5000 r--p 0009b000 08:01 539501                     /usr/lib/libgnutls.so.26.14.12
7fffeddd5000-7fffeddd6000 rw-p 000a1000 08:01 539501                     /usr/lib/libgnutls.so.26.14.12
7fffeddd6000-7fffedde3000 r-xp 00000000 08:01 539719                     /usr/lib/liblber-2.4.so.2.5.4
7fffedde3000-7fffedfe2000 ---p 0000d000 08:01 539719                     /usr/lib/liblber-2.4.so.2.5.4
7fffedfe2000-7fffedfe3000 r--p 0000c000 08:01 539719                     /usr/lib/liblber-2.4.so.2.5.4
7fffedfe3000-7fffedfe4000 rw-p 0000d000 08:01 539719                     /usr/lib/liblber-2.4.so.2.5.4
7fffedfe4000-7fffee015000 r-xp 00000000 08:01 539675                     /usr/lib/libidn.so.11.5.44
7fffee015000-7fffee215000 ---p 00031000 08:01 539675                     /usr/lib/libidn.so.11.5.44
7fffee215000-7fffee216000 r--p 00031000 08:01 539675                     /usr/lib/libidn.so.11.5.44
7fffee216000-7fffee217000 rw-p 00032000 08:01 539675                     /usr/lib/libidn.so.11.5.44
7fffee217000-7fffee2a1000 r-xp 00000000 08:01 539994                     /usr/lib/libsqlite3.so.0.8.6
7fffee2a1000-7fffee4a0000 ---p 0008a000 08:01 539994                     /usr/lib/libsqlite3.so.0.8.6
7fffee4a0000-7fffee4a2000 r--p 00089000 08:01 539994                     /usr/lib/libsqlite3.so.0.8.6
7fffee4a2000-7fffee4a4000 rw-p 0008b000 08:01 539994                     /usr/lib/libsqlite3.so.0.8.6
Program received signal SIGABRT, Aborted.
0x00007ffff52b4a75 in raise () from /lib/libc.so.6

(gdb) bt full
#0  0x00007ffff52b4a75 in raise () from /lib/libc.so.6
No symbol table info available.
#1  0x00007ffff52b85c0 in abort () from /lib/libc.so.6
No symbol table info available.
#2  0x00007ffff52ee4fb in ?? () from /lib/libc.so.6
No symbol table info available.
#3  0x00007ffff5380217 in __fortify_fail () from /lib/libc.so.6
No symbol table info available.
#4  0x00007ffff537f0d0 in __chk_fail () from /lib/libc.so.6
No symbol table info available.
#5  0x00007ffff537e539 in ?? () from /lib/libc.so.6
No symbol table info available.
#6  0x00007ffff52cd421 in __printf_fp () from /lib/libc.so.6
No symbol table info available.
#7  0x00007ffff52c899e in vfprintf () from /lib/libc.so.6
No symbol table info available.
#8  0x00007ffff537e5d9 in __vsprintf_chk () from /lib/libc.so.6
No symbol table info available.
#9  0x00007ffff537e51f in __sprintf_chk () from /lib/libc.so.6
No symbol table info available.
#10 0x0000000000405837 in main ()
No symbol table info available.

by marisn, 13 years ago

Attachment: v.vol.rst.bt added

A better backtrace of crash on AMD64

comment:3 by marisn, 13 years ago

Priority: normalmajor

Crashes on my ~AMD64 machine too. Memory corruption? Can't check, as my glibc (for some strange reason) lacks debug symbols and thus valgrind doesn't work.

Will try to get some extra debugging info within today.

comment:4 by neteler, 13 years ago

Maris, on my system there is glibc-debug as package.

comment:5 by marisn, 13 years ago

Markus, on my system there is a "SPLITDEBUG" feature + recompilation. I migh be rm'ing debug data to free some disk space ;)

Problem is here: source:grass/branches/releasebranch_6_4/vector/v.vol.rst/main.c#L225 "dminchar" is defined to have length of 10, still on my system somtimes "dmin" is longer than 10. Easy workaround - bump up dminchar to anything large enough (1000). Correct solution - analyze code and see if it's required at all. 

sprintf(dminchar, "%lf", dmin);

in reply to:  5 comment:6 by torben, 13 years ago

Is it important to have a high precision for 'dminchar'? That could also fix it: 

sprintf(dminchar, "%.2f", dmin);

in reply to:  5 comment:7 by hamish, 13 years ago

Resolution: fixed
Status: newclosed

Replying to marisn:

Problem is here: source:grass/branches/releasebranch_6_4/vector/v.vol.rst/main.c#L225 "dminchar" is defined to have length of 10, still on my system somtimes "dmin" is longer than 10. Easy workaround - bump up dminchar to anything large enough (1000).

buffer size increased in all branches with r45906-8.

Hamish

Note: See TracTickets for help on using tickets.