Page MenuHome

blender 2.8 crashes with Multiresolution modifier in sculpt mode
Open, ConfirmedPublic

Description

System Information
Windows 10 / 1080ti
Blender Version
Blender 2.8
Date 2018-08-22 17:49
Hash 890623f8865

Short description of error
blender 2.8 crashes with Multiresolution modifier in sculpt mode when undo action is pressed

Exact steps for others to reproduce the error

  • add cube
  • add multiresolution modifier
  • subdivide once
  • go to sculpt mode
  • do few strokes and presss ctrl+z
  • crash

Details

Type
Bug

Event Timeline

@Sergey Sharybin (sergey) actually, getting crash on first sculpt stroke here… Is this supposed to work, or still known TODO/WIP area?

=================================================================
==4050==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x61c00036afc8 at pc 0x5603d92b6c1f bp 0x7ffdfc8df1a0 sp 0x7ffdfc8df198
READ of size 4 at 0x61c00036afc8 thread T0
    #0 0x5603d92b6c1e in multires_dm_mark_as_modified /home/i74700deb64/blender/__work__/src/source/blender/blenkernel/intern/multires.c:389
    #1 0x5603d92b6c9f in multires_mark_as_modified /home/i74700deb64/blender/__work__/src/source/blender/blenkernel/intern/multires.c:395
    #2 0x5603d7c249f2 in sculpt_flush_update /home/i74700deb64/blender/__work__/src/source/blender/editors/sculpt_paint/sculpt.c:4872
    #3 0x5603d7c25895 in sculpt_stroke_update_step /home/i74700deb64/blender/__work__/src/source/blender/editors/sculpt_paint/sculpt.c:5006
    #4 0x5603d7b83795 in paint_brush_stroke_add_step /home/i74700deb64/blender/__work__/src/source/blender/editors/sculpt_paint/paint_stroke.c:555
    #5 0x5603d7b892ed in paint_stroke_modal /home/i74700deb64/blender/__work__/src/source/blender/editors/sculpt_paint/paint_stroke.c:1302
    #6 0x5603d7c262f2 in sculpt_brush_stroke_invoke /home/i74700deb64/blender/__work__/src/source/blender/editors/sculpt_paint/sculpt.c:5099
    #7 0x5603d6bbecea in wm_operator_invoke /home/i74700deb64/blender/__work__/src/source/blender/windowmanager/intern/wm_event_system.c:1321
    #8 0x5603d6bc3168 in wm_handler_operator_call /home/i74700deb64/blender/__work__/src/source/blender/windowmanager/intern/wm_event_system.c:2040
    #9 0x5603d6bc4bb6 in wm_handlers_do_intern /home/i74700deb64/blender/__work__/src/source/blender/windowmanager/intern/wm_event_system.c:2325
    #10 0x5603d6bc664b in wm_handlers_do /home/i74700deb64/blender/__work__/src/source/blender/windowmanager/intern/wm_event_system.c:2583
    #11 0x5603d6bc97e3 in wm_event_do_handlers /home/i74700deb64/blender/__work__/src/source/blender/windowmanager/intern/wm_event_system.c:3037
    #12 0x5603d6bae6f8 in WM_main /home/i74700deb64/blender/__work__/src/source/blender/windowmanager/intern/wm.c:412
    #13 0x5603d6ba418d in main /home/i74700deb64/blender/__work__/src/source/creator/creator.c:525
    #14 0x7fd8875d3b16 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x22b16)
    #15 0x5603d6ba3569 in _start (/home/i74700deb64/blender/__work__/build_blender28_debug/bin/blender+0x333e569)

0x61c00036afc8 is located 112 bytes to the right of 1752-byte region [0x61c00036a880,0x61c00036af58)
allocated by thread T0 here:
    #0 0x7fd8905060b8 in calloc (/usr/lib/x86_64-linux-gnu/libasan.so.5+0xe90b8)
    #1 0x5603da35651d in MEM_lockfree_callocN /home/i74700deb64/blender/__work__/src/intern/guardedalloc/intern/mallocn_lockfree_impl.c:282
    #2 0x5603d8f7a222 in cdDM_create /home/i74700deb64/blender/__work__/src/source/blender/blenkernel/intern/cdderivedmesh.c:517
    #3 0x5603d8f7add3 in CDDM_from_mesh_ex /home/i74700deb64/blender/__work__/src/source/blender/blenkernel/intern/cdderivedmesh.c:603
    #4 0x5603d8eed712 in mesh_build_data /home/i74700deb64/blender/__work__/src/source/blender/blenkernel/intern/DerivedMesh.c:2895
    #5 0x5603d8eee868 in mesh_get_eval_final /home/i74700deb64/blender/__work__/src/source/blender/blenkernel/intern/DerivedMesh.c:3032
    #6 0x5603d9359912 in BKE_sculpt_update_mesh_elements /home/i74700deb64/blender/__work__/src/source/blender/blenkernel/intern/paint.c:912
    #7 0x5603d7c299b2 in sculpt_init_session /home/i74700deb64/blender/__work__/src/source/blender/editors/sculpt_paint/sculpt.c:5632
    #8 0x5603d7c29bb7 in ED_object_sculptmode_enter_ex /home/i74700deb64/blender/__work__/src/source/blender/editors/sculpt_paint/sculpt.c:5673
    #9 0x5603d7c2a5c6 in sculpt_mode_toggle_exec /home/i74700deb64/blender/__work__/src/source/blender/editors/sculpt_paint/sculpt.c:5831
    #10 0x5603d6bbf01c in wm_operator_invoke /home/i74700deb64/blender/__work__/src/source/blender/windowmanager/intern/wm_event_system.c:1331
    #11 0x5603d6bbfff3 in wm_operator_call_internal /home/i74700deb64/blender/__work__/src/source/blender/windowmanager/intern/wm_event_system.c:1516
    #12 0x5603d6bc0282 in WM_operator_name_call_ptr /home/i74700deb64/blender/__work__/src/source/blender/windowmanager/intern/wm_event_system.c:1564
    #13 0x5603d6bc02d6 in WM_operator_name_call /home/i74700deb64/blender/__work__/src/source/blender/windowmanager/intern/wm_event_system.c:1570
    #14 0x5603d785da1d in ED_object_mode_toggle /home/i74700deb64/blender/__work__/src/source/blender/editors/object/object_modes.c:163
    #15 0x5603d785ab3e in object_mode_set_exec /home/i74700deb64/blender/__work__/src/source/blender/editors/object/object_edit.c:1672
    #16 0x5603d6bbf01c in wm_operator_invoke /home/i74700deb64/blender/__work__/src/source/blender/windowmanager/intern/wm_event_system.c:1331
    #17 0x5603d6bbfff3 in wm_operator_call_internal /home/i74700deb64/blender/__work__/src/source/blender/windowmanager/intern/wm_event_system.c:1516
    #18 0x5603d6bc0282 in WM_operator_name_call_ptr /home/i74700deb64/blender/__work__/src/source/blender/windowmanager/intern/wm_event_system.c:1564
    #19 0x5603d74165a6 in ui_apply_but_funcs_after /home/i74700deb64/blender/__work__/src/source/blender/editors/interface/interface_handlers.c:767
    #20 0x5603d745f627 in ui_popup_handler /home/i74700deb64/blender/__work__/src/source/blender/editors/interface/interface_handlers.c:9714
    #21 0x5603d6bb944a in wm_handler_ui_call /home/i74700deb64/blender/__work__/src/source/blender/windowmanager/intern/wm_event_system.c:569
    #22 0x5603d6bc52fc in wm_handlers_do_intern /home/i74700deb64/blender/__work__/src/source/blender/windowmanager/intern/wm_event_system.c:2352
    #23 0x5603d6bc664b in wm_handlers_do /home/i74700deb64/blender/__work__/src/source/blender/windowmanager/intern/wm_event_system.c:2583
    #24 0x5603d6bc90e5 in wm_event_do_handlers /home/i74700deb64/blender/__work__/src/source/blender/windowmanager/intern/wm_event_system.c:2952
    #25 0x5603d6bae6f8 in WM_main /home/i74700deb64/blender/__work__/src/source/blender/windowmanager/intern/wm.c:412
    #26 0x5603d6ba418d in main /home/i74700deb64/blender/__work__/src/source/creator/creator.c:525
    #27 0x7fd8875d3b16 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x22b16)

SUMMARY: AddressSanitizer: heap-buffer-overflow /home/i74700deb64/blender/__work__/src/source/blender/blenkernel/intern/multires.c:389 in multires_dm_mark_as_modified
Shadow bytes around the buggy address:
  0x0c38800655a0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x0c38800655b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x0c38800655c0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x0c38800655d0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x0c38800655e0: 00 00 00 00 00 00 00 00 00 00 00 fa fa fa fa fa
=>0x0c38800655f0: fa fa fa fa fa fa fa fa fa[fa]fa fa fa fa fa fa
  0x0c3880065600: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x0c3880065610: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
  0x0c3880065620: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
  0x0c3880065630: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
  0x0c3880065640: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
Shadow byte legend (one shadow byte represents 8 application bytes):
  Addressable:           00
  Partially addressable: 01 02 03 04 05 06 07 
  Heap left redzone:       fa
  Freed heap region:       fd
  Stack left redzone:      f1
  Stack mid redzone:       f2
  Stack right redzone:     f3
  Stack after return:      f5
  Stack use after scope:   f8
  Global redzone:          f9
  Global init order:       f6
  Poisoned by user:        f7
  Container overflow:      fc
  Array cookie:            ac
  Intra object redzone:    bb
  ASan internal:           fe
  Left alloca redzone:     ca
  Right alloca redzone:    cb
==4050==ABORTING

This is a WIP, is in the next in the list in context of multires actually.

craches here with control z undo function :(
same as above discribed
i used blender-2.80-de36a2f99b3