Hello:
As previously reported on this mailing list:
http://lists.gnu.org/archive/html/bug-lilypond/2018-04/msg00038.html
There was a downstream bug report on Fedora (rawhide) as
https://bugzilla.redhat.com/show_bug.cgi?id=1568274 that
lilypond 2.19.81 , when compiled with gcc8 -Wp,-D_GLIBCXX_ASSERTIONS , abort()s
on many .ly files.
-Wp,-D_GLIBCXX_ASSERTIONS adds some brief range checks for std::vector and
Fedora 28 and above uses
this compilation flags by default:
https://fedoraproject.org/wiki/Changes/HardeningFlags28#Detailed_Description
For example, $ lilypond lilypond-2.19.81/input/regression/rest-pitched-beam.ly
abort()s like the attached.
And the attached proposal patch should fix this issue. Please review this.
Regards,
Mamoru TASAKA <mtas...@fedoraproject.org>
[mtasaka@localhost master]$ gdb --args lilypond
lilypond-2.19.81/input/regression/rest-pitched-beam.ly
GNU gdb (GDB) Fedora 8.1-15.fc28
Copyright (C) 2018 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-redhat-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>.
Find the GDB manual and other documentation resources online at:
<http://www.gnu.org/software/gdb/documentation/>.
For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from lilypond...Reading symbols from
/usr/lib/debug/usr/bin/lilypond-2.19.81-4.fc28.x86_64.debug...done.
done.
(gdb) r
Starting program: /usr/bin/lilypond
lilypond-2.19.81/input/regression/rest-pitched-beam.ly
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib64/libthread_db.so.1".
warning: Loadable section ".note.gnu.property" outside of ELF segments
warning: Loadable section ".note.gnu.property" outside of ELF segments
warning: Loadable section ".note.gnu.property" outside of ELF segments
GNU LilyPond 2.19.81
`lilypond-2.19.81/input/regression/rest-pitched-beam.ly' を処理しています
構文解析中...
楽曲を解釈中...
グラフィカルオブジェクトの前処理中...
理想的なページ数を見つけています...
楽譜を 1 ページにしています...
描画しています.../usr/include/c++/8/bits/stl_vector.h:932: std::vector<_Tp,
_Alloc>::reference std::vector<_Tp, _Alloc>::operator[](std::vector<_Tp,
_Alloc>::size_type) [with _Tp = Beam_stem_segment; _Alloc =
std::allocator<Beam_stem_segment>; std::vector<_Tp, _Alloc>::reference =
Beam_stem_segment&; std::vector<_Tp, _Alloc>::size_type = long unsigned int]:
Assertion '__builtin_expect(__n < this->size(), true)' failed.
Program received signal SIGABRT, Aborted.
__GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
50 return ret;
Missing separate debuginfos, use: dnf debuginfo-install
bzip2-libs-1.0.6-26.fc28.x86_64 expat-2.2.5-3.fc28.x86_64
fontconfig-2.13.0-3.fc28.x86_64 fribidi-1.0.2-1.fc28.x86_64
gmp-6.1.2-7.fc28.x86_64 graphite2-1.3.10-5.fc28.x86_64
harfbuzz-1.7.5-3.fc28.x86_64 libdatrie-0.2.9-7.fc28.x86_64
libffi-3.1-16.fc28.x86_64 libgcc-8.1.1-1.fc28.x86_64
libpng-1.6.34-3.fc28.x86_64 libstdc++-7.3.1-5.fc27.x86_64
libthai-0.1.27-2.fc28.x86_64 libtool-ltdl-2.4.6-24.fc28.x86_64
libuuid-2.32-2.fc28.x86_64 libxcrypt-4.0.0-5.fc28.x86_64
pango-1.42.1-1.fc28.x86_64 pcre-8.42-1.fc28.x86_64 zlib-1.2.11-8.fc28.x86_64
(gdb) bt
#0 0x00007ffff5b37f4b in __GI_raise (sig=sig@entry=6) at
../sysdeps/unix/sysv/linux/raise.c:50
#1 0x00007ffff5b22591 in __GI_abort () at abort.c:79
#2 0x0000555555616008 in std::__replacement_assert(char const*, int, char
const*, char const*) (__file=__file@entry=0x5555558f3ad0
"/usr/include/c++/8/bits/stl_vector.h", __line=__line@entry=932,
__function=__function@entry=0x555555922d80 <std::vector<Beam_stem_segment,
std::allocator<Beam_stem_segment> >::operator[](unsigned
long)::__PRETTY_FUNCTION__> "std::vector<_Tp, _Alloc>::reference
std::vector<_Tp, _Alloc>::operator[](std::vector<_Tp, _Alloc>::size_type) [with
_Tp = Beam_stem_segment; _Alloc = std::allocator<Beam_stem_segment>;
std::vector<_Tp"..., __condition=__condition@entry=0x5555558f3aa0
"__builtin_expect(__n < this->size(), true)")
at /usr/include/c++/8/x86_64-redhat-linux/bits/c++config.h:2389
#3 0x000055555573bb72 in std::vector<Beam_stem_segment,
std::allocator<Beam_stem_segment> >::operator[](unsigned long)
(__n=18446744073709551615, this=<synthetic pointer>) at beam.cc:460
#4 0x000055555573bb72 in Beam::calc_beam_segments(scm_unused_struct*)
(smob=<optimized out>) at beam.cc:460
#5 0x00007ffff791d602 in scm_dapply (proc=0x7fffe71b7d70, arg1=0x7fffe3ad71e0,
args=0x404) at eval.c:4895
#6 0x000055555567da9f in Grob::try_callback_on_alist(scm_unused_struct**,
scm_unused_struct*, scm_unused_struct*) (this=0x555556058460,
alist=0x5555560584c0, sym=0x7fffe681f2c0, proc=0x7fffe71b7d70) at
./include/smobs.hh:309
#7 0x000055555567dce1 in Grob::internal_get_property(scm_unused_struct*) const
(this=this@entry=0x555556058460, sym=<optimized out>)
at grob-property.cc:184
#8 0x0000555555737ef0 in Beam::get_beam_segments(Grob*) (me=0x555556058460) at
beam.cc:601
#9 0x00005555557381d5 in Beam::print(scm_unused_struct*) (grob=<optimized
out>) at beam.cc:631
#10 0x00007ffff791d602 in scm_dapply (proc=0x7fffe71b96a0, arg1=0x7fffe3ad71e0,
args=0x404) at eval.c:4895
#11 0x000055555567da9f in Grob::try_callback_on_alist(scm_unused_struct**,
scm_unused_struct*, scm_unused_struct*) (this=0x555556058460,
alist=0x5555560584c0, sym=0x7fffe680f680, proc=0x7fffe71b96a0) at
./include/smobs.hh:309
#12 0x000055555567dce1 in Grob::internal_get_property(scm_unused_struct*) const
(this=this@entry=0x555556058460, sym=<optimized out>)
at grob-property.cc:184
#13 0x00005555556d482a in
Grob::vertical_skylines_from_stencil(scm_unused_struct*) (smob=<optimized out>)
at stencil-integral.cc:1061
#14 0x00007ffff791d602 in scm_dapply (proc=0x7fffe717b300, arg1=0x7fffe3ad71e0,
args=0x404) at eval.c:4895
#15 0x000055555567da9f in Grob::try_callback_on_alist(scm_unused_struct**,
scm_unused_struct*, scm_unused_struct*) (this=0x555556058460,
alist=0x5555560584c0, sym=0x7fffe680f700, proc=0x7fffe717b300) at
./include/smobs.hh:309
#16 0x000055555567dce1 in Grob::internal_get_property(scm_unused_struct*) const
(this=this@entry=0x555556058460, sym=<optimized out>)
at grob-property.cc:184
#17 0x000055555583062a in add_interior_skylines(Grob*, Grob*, Grob*,
std::vector<Skyline_pair, std::allocator<Skyline_pair> >*) (me=0x555556058460,
x_common=0x555556185030, y_common=0x5555561910e0, skylines=0x7fffffff8bb0) at
axis-group-interface.cc:657
#18 0x0000555555834906 in Axis_group_interface::skyline_spacing(Grob*)
(me=0x5555561910e0) at axis-group-interface.cc:919
#19 0x0000555555835718 in
Axis_group_interface::calc_skylines(scm_unused_struct*) (smob=<optimized out>)
at axis-group-interface.cc:400
#20 0x00007ffff791d602 in scm_dapply (proc=0x7fffe70c8ed0, arg1=0x7fffe3581e10,
args=0x404) at eval.c:4895
#21 0x000055555567da9f in Grob::try_callback_on_alist(scm_unused_struct**,
scm_unused_struct*, scm_unused_struct*) (this=0x5555561910e0,
alist=0x555556191140, sym=0x7fffe680f700, proc=0x7fffe70c8ed0) at
./include/smobs.hh:309
#22 0x000055555567dce1 in Grob::internal_get_property(scm_unused_struct*) const
(this=this@entry=0x5555561910e0, sym=<optimized out>)
at grob-property.cc:184
#23 0x000055555587d6c5 in get_skylines (end=0, start=0, pure=false,
other_common=0x55555605bd30, a=Y_AXIS, g=0x5555561910e0)
at align-interface.cc:79
#24 0x000055555587d6c5 in
Align_interface::internal_get_minimum_translations(Grob*, std::vector<Grob*,
std::allocator<Grob*> > const&, Axis, bool, bool, int, int) (me=0x555556191480,
elems=std::vector of length 1, capacity 1 = {...}, a=Y_AXIS,
include_fixed_spacing=false, pure=false, start=0, end=0) at
align-interface.cc:212
#25 0x000055555587ec2b in
Align_interface::get_minimum_translations_without_min_dist(Grob*,
std::vector<Grob*, std::allocator<Grob*> > const&, Axis)
(me=me@entry=0x555556191480, all_grobs=std::vector of length 1, capacity 1 =
{...}, a=a@entry=Y_AXIS) at align-interface.cc:154
#26 0x0000555555865c4a in Page_layout_problem::append_system(System*, Spring
const&, double, double) (this=0x7fffffff95a0, sys=
0x555556185030, spring=..., indent=8.535826771653543, padding=1) at
page-layout-problem.cc:547
#27 0x0000555555867d46 in Page_layout_problem::Page_layout_problem(Paper_book*,
scm_unused_struct*, scm_unused_struct*) (this=0x7fffffff95a0, pb=<optimized
out>, page_scm=<optimized out>, systems=<optimized out>) at
page-layout-problem.cc:477
#28 0x00005555557e5303 in Page_breaking::make_pages(std::vector<unsigned long,
std::allocator<unsigned long> >, scm_unused_struct*) (this=0x7fffffff9af0,
lines_per_page=std::vector of length 1, capacity 1 = {...},
systems=0x7fffe357fb60) at page-breaking.cc:624
#29 0x000055555574f9eb in Optimal_page_breaking::solve() (this=0x7fffffff9af0)
at optimal-page-breaking.cc:219
---Type <return> to continue, or q <return> to quit---
#30 0x000055555572c5da in ly_optimal_breaking(scm_unused_struct*)
(pb=<optimized out>) at page-breaking-scheme.cc:45
#31 0x00007ffff791d602 in scm_dapply (proc=0x7fffe71aa900, arg1=0x7fffe3bbfc00,
args=0x404) at eval.c:4895
#32 0x000055555575526d in Paper_book::pages() [clone .localalias.57]
(this=0x555556012a50) at ./include/smobs.hh:309
#33 0x0000555555755586 in Paper_book::output_aux(scm_unused_struct*, bool,
long*, long*) (this=this@entry=0x555556012a50,
output_channel=output_channel@entry=0x7fffe64a4200, is_last=is_last@entry=true,
first_page_number=first_page_number@entry=0x7fffffff9de0,
first_performance_number=first_performance_number@entry=0x7fffffff9de8) at
paper-book.cc:148
#34 0x0000555555755848 in Paper_book::output(scm_unused_struct*)
(this=0x555556012a50, output_channel=0x7fffe64a4200) at paper-book.cc:171
#35 0x0000555555757cfb in ly_book_process(scm_unused_struct*,
scm_unused_struct*, scm_unused_struct*, scm_unused_struct*)
(book_smob=<optimized out>, default_paper=<optimized out>,
default_layout=0x7fffe400a9c0, output=0x7fffe64a4200) at book-scheme.cc:78
#36 0x00007ffff791d7af in scm_dapply (proc=0x7fffe684d4f0, arg1=0x7fffe71cfa60,
args=0x7fffe3bbfc20, args@entry=0x404) at eval.c:4930
#37 0x00007ffff791f9ed in deval (x=<optimized out>, env=<optimized out>) at
eval.c:4378
#38 0x00007ffff79280a6 in scm_c_with_fluid (fluid=0x7fffe680da00,
value=value@entry=0x7fffe3bc2630, cproc=cproc@entry=0x555555601a90
<catch_protected_eval_body(void*)>, cdata=cdata@entry=0x7fffffffa120) at
fluids.c:463
#39 0x0000555555601c17 in ly_eval_scm(scm_unused_struct*, Input, bool,
Lily_parser*) (form=0x7fffe3bc31f0, i=..., safe=<optimized out>,
parser=<optimized out>) at ./include/lily-modules.hh:65
#40 0x00005555558c7503 in Lily_lexer::eval_scm(scm_unused_struct*, Input, char)
(this=this@entry=0x555555c70a60, readerdata=readerdata@entry=0x7fffe3bc31f0,
hi=..., extra_token=extra_token@entry=35 '#') at lexer.ll:1111
#41 0x00005555558d54a7 in Lily_lexer::eval_scm_token(scm_unused_struct*, Input)
(w=..., sval=0x7fffe3bc31f0, this=0x555555c70a60)
at ./include/lily-lexer.hh:63
#42 0x00005555558d54a7 in yyparse(Lily_parser*, scm_unused_struct**)
(parser=0x555555e110e0, retval=0x7fffffffbfc0) at parser.yy:450
#43 0x00005555558de248 in Lily_parser::do_yyparse_trampoline(void*)
(parser=parser@entry=0x555555e110e0) at parser.yy:4190
#44 0x00007ffff79280a6 in scm_c_with_fluid (fluid=0x7fffe680da80,
value=0x7fffe4be87b0, cproc=cproc@entry=0x5555558de220
<Lily_parser::do_yyparse_trampoline(void*)>, cdata=cdata@entry=0x555555e110e0)
at fluids.c:463
#45 0x00005555558cd5b5 in Lily_parser::do_yyparse()
(this=this@entry=0x555555e110e0) at ./include/lily-modules.hh:65
#46 0x00005555557a0198 in
Lily_parser::parse_file(std::__cxx11::basic_string<char,
std::char_traits<char>, std::allocator<char> > const&,
std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >
const&, std::__cxx11::basic_string<char, std::char_traits<char>,
std::allocator<char> > const&) (this=0x555555e110e0, init=..., name=...,
out_name=...) at lily-parser.cc:123
#47 0x00005555557a674b in ly_parse_file(scm_unused_struct*) (name=<optimized
out>) at lily-parser-scheme.cc:121
#48 0x00007ffff7920726 in deval (x=<optimized out>, x@entry=0x7fffe4da8380,
env=<optimized out>, env@entry=0x7fffe4be8840) at eval.c:4232
#49 0x00007ffff791dde3 in scm_dapply (proc=0x7fffe4be8950, arg1=<optimized
out>, args=0x7fffe4be8840) at ../libguile/inline.h:305
#50 0x00007ffff797831b in scm_c_catch (tag=<optimized out>,
body=body@entry=0x7ffff7977d20 <scm_body_thunk>,
body_data=body_data@entry=0x7fffffffc7d0, handler=0x7ffff7977d30
<scm_handle_by_proc>, handler_data=handler_data@entry=0x7fffffffc7c8,
pre_unwind_handler=0x0, pre_unwind_handler_data=0x7fffffffc7c0) at throw.c:203
#51 0x00007ffff7978541 in scm_catch_with_pre_unwind_handler (key=<optimized
out>, thunk=<optimized out>, handler=<optimized out>,
pre_unwind_handler=<optimized out>) at throw.c:587
#52 0x00007ffff791d7af in scm_dapply (proc=0x7fffe684d4f0, arg1=0x7fffe7240940,
args=0x7fffe4be8890, args@entry=0x404) at eval.c:4930
#53 0x00007ffff791f9ed in deval (x=<optimized out>, env=<optimized out>,
env@entry=0x7fffe4be8af0) at eval.c:4378
#54 0x00007ffff7920ac4 in deval (x=0x7fffe4dabbe0, x@entry=0x7fffe4dac230,
env=0x7fffe4be8af0, env@entry=0x7fffe4bf3fc0)
at ../libguile/inline.h:305
#55 0x00007ffff791dde3 in scm_dapply (proc=0x7fffe4bf4c40, arg1=<optimized
out>, args=0x7fffe4bf3fc0) at ../libguile/inline.h:305
#56 0x00007fffe53674c8 in scm_srfi1_for_each (proc=0x7fffe4bf4960,
arg1=0x7fffe4be9a90, args=0x404) at srfi-1.c:1516
#57 0x00007ffff79208a9 in deval (x=<optimized out>, env=<optimized out>,
env@entry=0x7fffe4be93e0) at eval.c:4367
#58 0x00007ffff7920ac4 in deval (x=0x7fffe4dab0e0, env=0x7fffe4be93e0,
env@entry=0x7fffe4be9a50) at ../libguile/inline.h:305
#59 0x00007ffff792011b in deval (x=0x7fffe4be9610, x@entry=0x7fffe4db2020,
env=env@entry=0x7fffe4be9a50) at ../libguile/inline.h:305
#60 0x00007ffff791dde3 in scm_dapply (proc=0x7fffe4db1a40, arg1=<optimized
out>, args=0x7fffe4be9a50) at ../libguile/inline.h:305
#61 0x0000555555778df6 in Scm_variable::operator()(scm_unused_struct*)
(arg1=0x7fffe4be9a90, this=<optimized out>)
at ./include/lily-modules.hh:73
#62 0x0000555555778df6 in main_with_guile(void*, int, char**) () at main.cc:539
#63 0x00007ffff7939293 in invoke_main_func (body_data=0x7fffffffd370) at
init.c:367
#64 0x00007ffff790fc7e in c_body (d=d@entry=0x7fffffffd310) at
continuations.c:349
#65 0x00007ffff797831b in scm_c_catch (tag=tag@entry=0x104,
body=body@entry=0x7ffff790fc70 <c_body>,
body_data=body_data@entry=0x7fffffffd310, handler=handler@entry=0x7ffff790fc90
<c_handler>, handler_data=handler_data@entry=0x7fffffffd310,
pre_unwind_handler=pre_unwind_handler@ent---Type <return> to continue, or q
<return> to quit---
ry=0x7ffff7978a10 <scm_handle_by_message_noexit>, pre_unwind_handler_data=0x0)
at throw.c:203
#66 0x00007ffff7910298 in scm_i_with_continuation_barrier
(body=body@entry=0x7ffff790fc70 <c_body>,
body_data=body_data@entry=0x7fffffffd310, handler=handler@entry=0x7ffff790fc90
<c_handler>, handler_data=handler_data@entry=0x7fffffffd310,
pre_unwind_handler=0x7ffff7978a10 <scm_handle_by_message_noexit>,
pre_unwind_handler_data=pre_unwind_handler_data@entry=0x0) at
continuations.c:325
#67 0x00007ffff7910384 in scm_c_with_continuation_barrier
(func=func@entry=0x7ffff7939270 <invoke_main_func>,
data=data@entry=0x7fffffffd370) at continuations.c:367
#68 0x00007ffff797666a in scm_i_with_guile_and_parent (func=0x7ffff7939270
<invoke_main_func>, data=0x7fffffffd370, parent=<optimized out>)
at threads.c:733
#69 0x00007ffff7939429 in scm_boot_guile (argc=argc@entry=2,
argv=argv@entry=0x7fffffffd508, main_func=main_func@entry=0x555555778a40
<main_with_guile(void*, int, char**)>, closure=closure@entry=0x0) at init.c:350
#70 0x00005555555d0f8a in main (argc=2, argv=0x7fffffffd508, envp=<optimized
out>) at main.cc:853
#71 0x00007ffff5b241bb in __libc_start_main (main=
0x5555555d0d20 <main>, argc=2, argv=0x7fffffffd508, init=<optimized out>,
fini=<optimized out>, rtld_fini=<optimized out>, stack_end=0x7fffffffd4f8) at
../csu/libc-start.c:308
#72 0x00005555555e576a in _start () at /usr/include/c++/8/bits/char_traits.h:285
(gdb) qui
A debugging session is active.
Inferior 1 [process 5740] will be killed.
Quit anyway? (y or n) y
\header {
texidoc = "Pitched rests under beams."
}
\version "2.16.0"
\relative c'{
a\rest a8[ a\rest b]
}
>From 463aabe95b2dd3856c928c5e6917eda2138f3aa4 Mon Sep 17 00:00:00 2001
From: Mamoru TASAKA <mtas...@fedoraproject.org>
Date: Tue, 8 May 2018 22:34:41 +0900
Subject: [PATCH] Fix out-of-bounds access detected by -D_GLIBCXX_ASSERTIONS
file: lily/beam.cc
In Beam::calc_beam_segments(), when on_beam_bound is true, access for segs[] is currenctly out-of-bounds.
So calculate on_beam_bound first to avoid that invalid access. In this case, neighbor_seg is not used
anyway, so this is okay.
---
lily/beam.cc | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/lily/beam.cc b/lily/beam.cc
index dff62168af..d32624a4ff 100644
--- a/lily/beam.cc
+++ b/lily/beam.cc
@@ -457,15 +457,15 @@ Beam::calc_beam_segments (SCM smob)
Beam_stem_segment const &seg = segs[j];
for (LEFT_and_RIGHT (event_dir))
{
- Beam_stem_segment const &neighbor_seg = segs[j + event_dir];
+ bool on_beam_bound = (event_dir == LEFT) ? j == 0
+ : j == segs.size () - 1;
+ Beam_stem_segment const &neighbor_seg = segs[on_beam_bound ? 0 : j + event_dir];
// TODO: make names clearer? --jneem
// on_line_bound: whether the current segment is on the boundary of the WHOLE beam
// on_beam_bound: whether the current segment is on the boundary of just that part
// of the beam with the current beam_rank
bool on_line_bound = (seg.dir_ == LEFT) ? seg.stem_index_ == 0
: seg.stem_index_ == stems.size () - 1;
- bool on_beam_bound = (event_dir == LEFT) ? j == 0
- : j == segs.size () - 1;
bool inside_stem = (event_dir == LEFT)
? seg.stem_index_ > 0
: seg.stem_index_ + 1 < stems.size ();
--
2.17.0
_______________________________________________
bug-lilypond mailing list
bug-lilypond@gnu.org
https://lists.gnu.org/mailman/listinfo/bug-lilypond
