Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Read post-end of data in Rapicorn #25

Closed
swesterfeld opened this issue Nov 29, 2017 · 0 comments
Closed

Read post-end of data in Rapicorn #25

swesterfeld opened this issue Nov 29, 2017 · 0 comments

Comments

@swesterfeld
Copy link
Collaborator

swesterfeld commented Nov 29, 2017

I found that beast sometimes crashes when I load a certain project. I debugged the issue, and it seems that rapicorn is to blame, basically sizeof (free_list_.data()) is the size of the pointer, and on 64 bit machines is different from the element size (sizeof (free_list_.front()), which seems to be causing crashes sometimes here, no longer reproducable after changing this.

diff --git a/rcore/aida.cc b/rcore/aida.cc
index 274b56b..ac13bac 100644
--- a/rcore/aida.cc
+++ b/rcore/aida.cc
@@ -1654,7 +1654,7 @@ ObjectMap<Instance>::next_index ()
   const size_t FREE_LENGTH = 31;
   if (free_list_.size() > FREE_LENGTH)
     {
-      const size_t prandom = byte_hash64 ((uint8*) free_list_.data(), sizeof (free_list_.data()) * free_list_.size());
+      const size_t prandom = byte_hash64 ((uint8*) free_list_.data(), sizeof (free_list_.front()) * free_list_.size());
       const size_t end = free_list_.size(), j = prandom % (end - 1);
       assert (j < end - 1); // use end-1 to avoid popping the last pushed slot
       idx = free_list_[j];
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant