KiCad

Crash while reading netlist

Bug #1710492 reported by Michael Geselbracht on 2017-08-13

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	KiCad	Fix Released	Undecided	Unassigned

Bug Description

Pcbnew crashes with my current project while reading the netlist and the option
"Extra Footprints" is set to "Delete".

I have not found a way to reproduce this bug with another project.

But I did some digging and found out that the crash occurs while doing this loop
in class_board.cpp:2673

for( const auto cnItem : connAlgo->PadList() )
{
int net = cnItem->Parent()->GetNetCode();

if( net > 0 )
++padCount[net];
}

Here, Parent() returns an invalid object. cnItem itself seems to valid but its m_valid member
is false.

(gdb) frame 2
#2 0x00007fffd688702b in BOARD::ReplaceNetlist (this=0x3880500, aNetlist=..., aDeleteSinglePadNets=true, aNewFootprints=0x7fffffffa630, aReporter=0x31a5708)
at /data/src/kicad-source-mirror/pcbnew/class_board.cpp:2675
2675 int net = cnItem->Parent()->GetNetCode();

(gdb) p *cnItem
$1 = {<INTRUSIVE_LIST<CN_ITEM>> = {m_count = 1, m_prev = 0x0, m_next = 0x0, m_root = 0x0}, _vptr.CN_ITEM = 0x7fffd741dff8 <vtable for CN_ITEM+16>, m_parent =
    0x3019a40, m_connected = std::vector of length 4, capacity 4 = {0x3aa1470, 0x2c07de0, 0x2859ce0, 0x2f42c90},
  m_anchors = std::vector of length 1, capacity 2 = {std::shared_ptr (count 5, weak 0) 0x270ec10}, m_visited = true, m_canChangeNet = false, m_valid = false,
  m_dirty = false}

(gdb) p *cnItem->m_parent
$3 = {<BOARD_ITEM> = {<EDA_ITEM> = {<KIGFX::VIEW_ITEM> = {_vptr.VIEW_ITEM = 0x6400000022, m_viewPrivData = 0x7200000061}, m_StructType = 107, m_Status = 103,
Pnext = 0x6500000072, Pback = 0x6e00000065, m_List = 0x2000000022, m_Parent = 0x6900000073, m_TimeStamp = 433791697018, m_forceVisible = 61, m_Flags = 50},
m_Layer = 62, static ZeroOffset = {x = 0, y = 0}}, m_netinfo = 0x6d00000065, m_localRatsnestVisible = 111}

(gdb) p *cnItem->m_parent->Pnext
Cannot access memory at address 0x6500000072
(gdb) p *cnItem->m_parent->Pback
Cannot access memory at address 0x6e00000065

I tried a workaround that relies on the m_valid flag:

class_board.cpp:2673:

for( const auto cnItem : connAlgo->PadList() )
{
    if( !cnItem->Valid() )
        continue;
    int net = cnItem->Parent()->GetNetCode();

if( net > 0 )
++padCount[net];
}

In connectivity.cpp:467 there is a similar check. Now Pcbnew no longer crashes
but I cannot tell if there are any side effects.

-----------------

First GDB output:

Thread 1 "kicad" received signal SIGSEGV, Segmentation fault.
0x00007fffd61b15d2 in NETINFO_ITEM::GetNet (this=0x6d00000065) at /data/src/kicad-source-mirror/pcbnew/./class_netinfo.h:227
227 int GetNet() const { return m_NetCode; }

Backtrace:

#0 0x00007fffd6
1b15d2 in NETINFO_ITEM::GetNet (this=0x6d00000065) at /data/src/kicad-source-mirror/pcbnew/./class_netinfo.h:227
#1 0x00007fffd61b15f4 in BOARD_CONNECTED_ITEM::GetNetCode (this=0x3019a40) at /data/src/kicad-source-mirror/pcbnew/./class_board_connected_item.h:105
#2 0x00007fffd688702b in BOARD::ReplaceNetlist (this=0x3880500, aNetlist=..., aDeleteSinglePadNets=true, aNewFootprints=0x7fffffffa630, aReporter=0x31a5708)
    at /data/src/kicad-source-mirror/pcbnew/class_board.cpp:2675
#3 0x00007fffd640b298 in PCB_EDIT_FRAME::ReadPcbNetlist (this=0x2562940, aNetlistFileName=..., aCmpFileName=..., aReporter=0x31a5708, aChangeFootprints=false,
    aDeleteUnconnectedTracks=false, aDeleteExtraFootprints=true, aSelectByTimeStamp=false, aDeleteSinglePadNets=true, aIsDryRun=false)
    at /data/src/kicad-source-mirror/pcbnew/netlist.cpp:123
#4 0x00007fffd62ca386 in DIALOG_NETLIST::OnReadNetlistFileClick (this=0x7fffffffbe90, event=...)
    at /data/src/kicad-source-mirror/pcbnew/dialogs/dialog_netlist.cpp:206
#5 0x00007ffff67d11fe in wxAppConsoleBase::CallEventHandler(wxEvtHandler*, wxEventFunctor&, wxEvent&) const () from /usr/lib/x86_64-linux-gnu/libwx_baseu-3.0.so.0
#6 0x00007ffff69576e7 in wxEvtHandler::ProcessEventIfMatchesId(wxEventTableEntryBase const&, wxEvtHandler*, wxEvent&) ()
   from /usr/lib/x86_64-linux-gnu/libwx_baseu-3.0.so.0
#7 0x00007ffff6957ace in wxEvtHandler::SearchDynamicEventTable(wxEvent&) () from /usr/lib/x86_64-linux-gnu/libwx_baseu-3.0.so.0
#8 0x00007ffff6957b5f in wxEvtHandler::TryHereOnly(wxEvent&) () from /usr/lib/x86_64-linux-gnu/libwx_baseu-3.0.so.0
#9 0x00007ffff6957c13 in wxEvtHandler::ProcessEventLocally(wxEvent&) () from /usr/lib/x86_64-linux-gnu/libwx_baseu-3.0.so.0
#10 0x00007ffff6957c75 in wxEvtHandler::ProcessEvent(wxEvent&) () from /usr/lib/x86_64-linux-gnu/libwx_baseu-3.0.so.0
#11 0x00007ffff69579e7 in wxEvtHandler::SafelyProcessEvent(wxEvent&) () from /usr/lib/x86_64-linux-gnu/libwx_baseu-3.0.so.0
#12 0x00007ffff6edfb57 in ?? () from /usr/lib/x86_64-linux-gnu/libwx_gtk2u_core-3.0.so.0
#13 0x00007ffff4b371d4 in ?? () from /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0
#14 0x00007ffff4b519a6 in g_signal_emit_valist () from /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0
#15 0x00007ffff4b5208f in g_signal_emit () from /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0
#16 0x00007ffff50bbf35 in ?? () from /usr/lib/x86_64-linux-gnu/libgtk-x11-2.0.so.0
#17 0x00007ffff4b371d4 in ?? () from /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0
#18 0x00007ffff4b519a6 in g_signal_emit_valist () from /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0
#19 0x00007ffff4b5208f in g_signal_emit () from /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0
#20 0x00007ffff50bae79 in ?? () from /usr/lib/x86_64-linux-gnu/libgtk-x11-2.0.so.0
#21 0x00007ffff5161aec in ?? () from /usr/lib/x86_64-linux-gnu/libgtk-x11-2.0.so.0
#22 0x00007ffff4b36fa5 in g_closure_invoke () from /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0

Version info:
Application: kicad
Version: (2017-08-12 revision 0e41632)-master, release build
Libraries: wxWidgets 3.0.2
           libcurl/7.47.0 OpenSSL/1.0.2g zlib/1.2.8 libidn/1.32 librtmp/2.3
Platform: Linux 4.10.0-30-generic x86_64, 64 bit, Little endian, wxGTK
- Build Info -
wxWidgets: 3.0.2 (wchar_t,wx containers,compatible with 2.8)
Boost: 1.58.0
Curl: 7.47.0
KiCad - Compiler: GCC 5.4.0 with C++ ABI 1009
        Settings: USE_WX_GRAPHICS_CONTEXT=OFF
                  USE_WX_OVERLAY=OFF
                  KICAD_SCRIPTING=ON
                  KICAD_SCRIPTING_MODULES=ON
                  KICAD_SCRIPTING_WXPYTHON=ON
                  KICAD_SCRIPTING_ACTION_MENU=OFF
                  BUILD_GITHUB_PLUGIN=ON
                  KICAD_USE_OCE=ON

Tags:

Revision history for this message

Jeff Young (jeyjey) wrote on 2018-01-18:

@Orson, in BOARD::ReplaceNetlist() we delete extra footprints around line 2658. This will delete the footprint's pads from the itemMap, but only dirties the padList.

Later, when checking for single-connection pads (around line 2699), we use the padList.

Do we need to do something like:

if( connAlgo->isDirty() )
connAlgo->searchConnections( includeZones );

to clean the dirty padList before using it?

Revision history for this message

Maciej Suminski (orsonmmz) wrote on 2018-01-19:

Michael,

I think your solution is sufficient. Full connectivity rebuild would eliminate the invalid pads, but full refresh is not required here, as the geometry for the remaining items does not change (i.e. pads that were connected by zones are still connected). Skipping the invalid pads during pads per net counting sounds enough.

Revision history for this message

KiCad Janitor (kicad-janitor) wrote on 2018-01-19:

Fixed in revision d8f0527677c50e95ead2c22975ef3dda67dbb2f4
https://git.launchpad.net/kicad/patch/?id=d8f0527677c50e95ead2c22975ef3dda67dbb2f4

Changed in kicad:
status:	New → Fix Committed

KiCad Janitor (kicad-janitor) on 2018-07-16

Changed in kicad:
status:	Fix Committed → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.