Ubuntu
gmt package

makecpt crashes with simple input

Bug #160876 reported by John Pye
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
gmt (Ubuntu)
Fix Released
Undecided
Unassigned

Bug Description

Binary package hint: gmt

While attempting to reproduce the Delauney triangulation output
http://gmt.soest.hawaii.edu/gmt/examples/ex12/gmt_example_12.html

I got the following crash. This looks pretty serious to me. Any thoughts?

john@thunder:~$ makecpt -T0/1/25 > topo.cpt
*** glibc detected *** makecpt: free(): invalid next size (fast): 0x0804c0f0 ***
======= Backtrace: =========
/lib/tls/i686/cmov/libc.so.6[0xb7cb2d65]
/lib/tls/i686/cmov/libc.so.6(cfree+0x90)[0xb7cb6800]
/usr/lib/gmt/lib/libgmt.so(GMT_free+0x1d)[0xb7e7da9d]
/usr/lib/gmt/lib/libgmt.so(GMT_sample_cpt+0x86f)[0xb7e8514f]
makecpt[0x80493a2]
/lib/tls/i686/cmov/libc.so.6(__libc_start_main+0xe0)[0xb7c5f050]
makecpt[0x8048c11]
======= Memory map: ========
08048000-0804b000 r-xp 00000000 08:04 3369640 /usr/lib/gmt/bin/makecpt
0804b000-0804c000 rw-p 00002000 08:04 3369640 /usr/lib/gmt/bin/makecpt
0804c000-0808d000 rw-p 0804c000 00:00 0 [heap]
b7b00000-b7b21000 rw-p b7b00000 00:00 0
b7b21000-b7c00000 ---p b7b21000 00:00 0
b7c48000-b7c49000 rw-p b7c48000 00:00 0
b7c49000-b7d8d000 r-xp 00000000 08:04 4579107 /lib/tls/i686/cmov/libc-2.6.1.so
b7d8d000-b7d8e000 r--p 00143000 08:04 4579107 /lib/tls/i686/cmov/libc-2.6.1.so
b7d8e000-b7d90000 rw-p 00144000 08:04 4579107 /lib/tls/i686/cmov/libc-2.6.1.so
b7d90000-b7d93000 rw-p b7d90000 00:00 0
b7d93000-b7db6000 r-xp 00000000 08:04 4579115 /lib/tls/i686/cmov/libm-2.6.1.so
b7db6000-b7db8000 rw-p 00023000 08:04 4579115 /lib/tls/i686/cmov/libm-2.6.1.so
b7db8000-b7db9000 rw-p b7db8000 00:00 0
b7db9000-b7def000 r-xp 00000000 08:04 3164324 /usr/lib/libnetcdf.so.3.6.1
b7def000-b7df0000 rw-p 00035000 08:04 3164324 /usr/lib/libnetcdf.so.3.6.1
b7df0000-b7df1000 rw-p b7df0000 00:00 0
b7df7000-b7e01000 r-xp 00000000 08:04 4578597 /lib/libgcc_s.so.1
b7e01000-b7e02000 rw-p 0000a000 08:04 4578597 /lib/libgcc_s.so.1
b7e02000-b7e03000 rw-p b7e02000 00:00 0
b7e03000-b7ea2000 r-xp 00000000 08:04 3369732 /usr/lib/gmt/lib/libgmt.so
b7ea2000-b7ec3000 rw-p 0009f000 08:04 3369732 /usr/lib/gmt/lib/libgmt.so
b7ec3000-b7f00000 rw-p b7ec3000 00:00 0
b7f00000-b7f1a000 r-xp 00000000 08:04 4578686 /lib/ld-2.6.1.so
b7f1a000-b7f1c000 rw-p 00019000 08:04 4578686 /lib/ld-2.6.1.so
bf8f0000-bf905000 rw-p bf8f0000 00:00 0 [stack]
ffffe000-fffff000 r-xp 00000000 00:00 0 [vdso]
Aborted (core dumped)

Revision history for this message
John Pye (jdpipe) wrote :

I note that the input here is illegal, the value '25' should be less than the range (0,1). But still, there shouldn't be a crash for that.

Cheers
JP

Revision history for this message
Daniel T Chen (crimsun) wrote :

Is this symptom still reproducible in 8.10?

Changed in gmt:
status: New → Incomplete
Revision history for this message
John Pye (jdpipe) wrote :

Still present in Intrepid:

john@roadwork:~$ /usr/lib/gmt/bin/makecpt -T0/1/25 > topo.cpt
*** glibc detected *** /usr/lib/gmt/bin/makecpt: free(): invalid next size (fast): 0x0816fb90 ***
======= Backtrace: =========
/lib/tls/i686/cmov/libc.so.6[0xb7c8f3f4]
/lib/tls/i686/cmov/libc.so.6(cfree+0x96)[0xb7c91456]
/usr/lib/libgmt.so.4(GMT_free+0x1d)[0xb7e5ab0d]
/usr/lib/libgmt.so.4(GMT_sample_cpt+0xa49)[0xb7e63679]
/usr/lib/gmt/bin/makecpt[0x8049531]
/lib/tls/i686/cmov/libc.so.6(__libc_start_main+0xe5)[0xb7c36685]
/usr/lib/gmt/bin/makecpt[0x8048c81]
======= Memory map: ========
08048000-0804b000 r-xp 00000000 08:01 7626984 /usr/lib/gmt/bin/makecpt
0804b000-0804c000 r--p 00002000 08:01 7626984 /usr/lib/gmt/bin/makecpt
0804c000-0804d000 rw-p 00003000 08:01 7626984 /usr/lib/gmt/bin/makecpt
08150000-08198000 rw-p 08150000 00:00 0 [heap]
b7b00000-b7b21000 rw-p b7b00000 00:00 0
b7b21000-b7c00000 ---p b7b21000 00:00 0
b7c1f000-b7c20000 rw-p b7c1f000 00:00 0
b7c20000-b7d78000 r-xp 00000000 08:01 14477428 /lib/tls/i686/cmov/libc-2.8.90.so
b7d78000-b7d7a000 r--p 00158000 08:01 14477428 /lib/tls/i686/cmov/libc-2.8.90.so
b7d7a000-b7d7b000 rw-p 0015a000 08:01 14477428 /lib/tls/i686/cmov/libc-2.8.90.so
b7d7b000-b7d7e000 rw-p b7d7b000 00:00 0
b7d7e000-b7da2000 r-xp 00000000 08:01 14477432 /lib/tls/i686/cmov/libm-2.8.90.so
b7da2000-b7da3000 r--p 00023000 08:01 14477432 /lib/tls/i686/cmov/libm-2.8.90.so
b7da3000-b7da4000 rw-p 00024000 08:01 14477432 /lib/tls/i686/cmov/libm-2.8.90.so
b7da4000-b7da5000 rw-p b7da4000 00:00 0
b7da5000-b7dd4000 r-xp 00000000 08:01 7363056 /usr/lib/libnetcdf.so.4.0.0
b7dd4000-b7dd5000 rw-p 0002e000 08:01 7363056 /usr/lib/libnetcdf.so.4.0.0
b7dd5000-b7dd6000 rw-p b7dd5000 00:00 0
b7dd6000-b7e84000 r-xp 00000000 08:01 7364077 /usr/lib/libgmt.so.4
b7e84000-b7e85000 r--p 000ad000 08:01 7364077 /usr/lib/libgmt.so.4
b7e85000-b7ea8000 rw-p 000ae000 08:01 7364077 /usr/lib/libgmt.so.4
b7ea8000-b7ee0000 rw-p b7ea8000 00:00 0
b7ee6000-b7ef3000 r-xp 00000000 08:01 14475282 /lib/libgcc_s.so.1
b7ef3000-b7ef4000 r--p 0000c000 08:01 14475282 /lib/libgcc_s.so.1
b7ef4000-b7ef5000 rw-p 0000d000 08:01 14475282 /lib/libgcc_s.so.1
b7ef5000-b7ef8000 rw-p b7ef5000 00:00 0
b7ef8000-b7f12000 r-xp 00000000 08:01 14475433 /lib/ld-2.8.90.so
b7f12000-b7f13000 r-xp b7f12000 00:00 0 [vdso]
b7f13000-b7f14000 r--p 0001a000 08:01 14475433 /lib/ld-2.8.90.so
b7f14000-b7f15000 rw-p 0001b000 08:01 14475433 /lib/ld-2.8.90.so
bfd00000-bfd15000 rw-p bffeb000 00:00 0 [stack]
Aborted
john@roadwork:~$

Changed in gmt:
status: Incomplete → Confirmed
Revision history for this message
Bas Couwenberg (sebastic) wrote :

This is fixed since trusty at least.

Changed in gmt (Ubuntu):
status: Confirmed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.