View Issue Details

Jump to NotesJump to History
IDProjectCategoryView StatusDate SubmittedLast Update
0000831MetaPostbugpublic2013-05-22 16:382014-03-11 13:27
ReporterTaco Assigned ToTaco  
PriorityhighSeveritycrashReproducibilityalways
Status closedResolutionfixed 
Summary0000831: crash when running mp2pt1 input
DescriptionVia Karl:

    > mpost: ../../../texk/web2c/mplibdir/mp.w:2968:
    > mp_free_value_node: Assertion `p->has_number==2' failed.

I can reproduce that, with your environment settings
  MALLOC_CHECK_=3
  MALLOC_PERTURB_=69
  
In your tarball (which I put at
http://tug.org/~karl/mpost-failure.tgz), there is the script
call-mpost.sh with these three lines:

mpost -mem=mf2pt1 \
      -progname=mpost \
      '\mode:=localfont; mag:=100; bpppix 0.02; nonstopmode; input feta-noteheads11.mf'
            
When I run that in your unpacked directory under i386-linux CentOS 5.9
(on tug.org) and the malloc envvars above, I get the assertion failure.
Without them, I get a double-free error from glibc:

*** glibc detected *** mpost: double free or corruption (!prev): 0x099db3b0 ***

which I suppose is likely some earlier symptom of the same problem.

Then I tried running it on sparc-solaris (compiled with gcc-4.5.0).
Your example worked fine. Of course, there are no malloc debugging
envvars there, so who knows.

So I tried rebuilding a new i386-linux binary without optimization.
Same result. Both of those were with the stock gcc-4.6.3.

Then I tried rebuilding in the same Debian Sarge chroot with gcc-3.3.5
as I used last year, without optimization, and still got the same
failures.

I'm running the 4.6.3 unoptimized binary under gdb, with MPINPUTS=. and
MFINPUTS=. (I copied in plain.mp and mfplain.mp from
texmf-dist/metapost/base/ to the working directory), but it's not
exactly obvious what is going on. I put the i386-linux binary I'm
debugging with at http://tug.org/~karl/mpost.gz.

Taco, can you help?
TagsNo tags attached.

Activities

Taco

2013-05-22 16:38

administrator  

mpost-failure.tgz (24,367 bytes)

Taco

2013-05-22 16:43

administrator   ~0001087

Quick fix committed that simply disables tfm metric data free()'s at the end of the run.

Taco

2014-03-11 13:27

administrator   ~0001241

fixed in 1.890

Issue History

Date Modified Username Field Change
2013-05-22 16:38 Taco New Issue
2013-05-22 16:38 Taco File Added: mpost-failure.tgz
2013-05-22 16:42 Taco Assigned To => Taco
2013-05-22 16:42 Taco Status new => assigned
2013-05-22 16:43 Taco Note Added: 0001087
2013-06-13 11:08 Taco Status assigned => resolved
2013-06-13 11:08 Taco Resolution open => fixed
2014-03-11 13:27 Taco Note Added: 0001241
2014-03-11 13:27 Taco Status resolved => closed