Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Read post-end of data in Rapicorn #25

Closed
swesterfeld opened this issue Nov 29, 2017 · 0 comments
Closed

Read post-end of data in Rapicorn #25

swesterfeld opened this issue Nov 29, 2017 · 0 comments

Comments

@swesterfeld
Copy link
Collaborator

@swesterfeld swesterfeld commented Nov 29, 2017

I found that beast sometimes crashes when I load a certain project. I debugged the issue, and it seems that rapicorn is to blame, basically sizeof (free_list_.data()) is the size of the pointer, and on 64 bit machines is different from the element size (sizeof (free_list_.front()), which seems to be causing crashes sometimes here, no longer reproducable after changing this.

diff --git a/rcore/aida.cc b/rcore/aida.cc
index 274b56b..ac13bac 100644
--- a/rcore/aida.cc
+++ b/rcore/aida.cc
@@ -1654,7 +1654,7 @@ ObjectMap<Instance>::next_index ()
   const size_t FREE_LENGTH = 31;
   if (free_list_.size() > FREE_LENGTH)
     {
-      const size_t prandom = byte_hash64 ((uint8*) free_list_.data(), sizeof (free_list_.data()) * free_list_.size());
+      const size_t prandom = byte_hash64 ((uint8*) free_list_.data(), sizeof (free_list_.front()) * free_list_.size());
       const size_t end = free_list_.size(), j = prandom % (end - 1);
       assert (j < end - 1); // use end-1 to avoid popping the last pushed slot
       idx = free_list_[j];
@tim-janik tim-janik closed this in 418c25c Mar 8, 2018
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
1 participant
You can’t perform that action at this time.