gerbview crashes on files with rounded-rectangle pads from TopoR

Bug #1727522 reported by DeepSOIC on 2017-10-25
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
KiCad
Fix Released
Undecided
Unassigned

Bug Description

Steps:
1. Start gerbview.
2. Open attached file, "F.Mask_roundrect.gbr"
-> gerbview crashes.

If I change rounded-rectangle pads into plain rectangles in TopoR, the gerber file opens without problems (see "F.mask.gbr" in attachments).

Application: gerbview
Version: (2017-09-09 revision 8c7175b00)-makepkg, release build
Libraries:
    wxWidgets 3.0.3
    libcurl/7.54.1 OpenSSL/1.0.2l zlib/1.2.11 libssh2/1.8.0 nghttp2/1.23.1 librtmp/2.3
Platform: Windows 8 (build 9200), 64-bit edition, 64 bit, Little endian, wxMSW
Build Info:
    wxWidgets: 3.0.3 (wchar_t,wx containers,compatible with 2.8)
    Boost: 1.60.0
    Curl: 7.54.1
    Compiler: GCC 7.1.0 with C++ ABI 1011

Build settings:
    USE_WX_GRAPHICS_CONTEXT=OFF
    USE_WX_OVERLAY=OFF
    KICAD_SCRIPTING=ON
    KICAD_SCRIPTING_MODULES=ON
    KICAD_SCRIPTING_WXPYTHON=ON
    KICAD_SCRIPTING_ACTION_MENU=ON
    BUILD_GITHUB_PLUGIN=ON
    KICAD_USE_OCE=ON
    KICAD_SPICE=ON

The crash appears to be a dereferencing of null pointer. Here's a backtrace, but it's not very useful because it's a release build.
0 KIFACE_1 _gerbview 0x6bd42626
1 KIFACE_1 _gerbview 0x6bd4473f
2 KIFACE_1 _gerbview 0x6bd45220
3 KIFACE_1 _gerbview 0x6bd5a934
4 KIFACE_1 _gerbview 0x6bd5334d
5 KIFACE_1 _gerbview 0x6bd46e02
6 KIFACE_1 _gerbview 0x6bd5b4c5
7 KIFACE_1 _gerbview 0x6bdf4dd8
8 KIFACE_1 _gerbview 0x6bdf54b5
9 ZNK16wxAppConsoleBase16CallEventHandlerEP12wxEvtHandlerR14wxEventFunctorR7wxEvent wxbase30u_gcc_custom 0x67ac2ec4
10 ZN12wxEvtHandler23ProcessEventIfMatchesIdERK21wxEventTableEntryBasePS_R7wxEvent wxbase30u_gcc_custom 0x67c29502
11 ZN16wxEventHashTable11HandleEventER7wxEventP12wxEvtHandler wxbase30u_gcc_custom 0x67c295f8
12 ZN12wxEvtHandler11TryHereOnlyER7wxEvent wxbase30u_gcc_custom 0x67c299ce
13 ZN12wxEvtHandler19ProcessEventLocallyER7wxEvent wxbase30u_gcc_custom 0x67c29a3d
14 ZN12wxEvtHandler12ProcessEventER7wxEvent wxbase30u_gcc_custom 0x67c29a98
15 ZN24wxScrollHelperEvtHandler12ProcessEventER7wxEvent wxmsw30u_core_gcc_custom 0x6c33279b
16 ZN12wxEvtHandler18SafelyProcessEventER7wxEvent wxbase30u_gcc_custom 0x67c2981b
17 ZN8wxWindow11HandlePaintEv wxmsw30u_core_gcc_custom 0x6c0ecaa1
18 ZN8wxWindow16MSWHandleMessageEPxjyx wxmsw30u_core_gcc_custom 0x6c0edf5f
19 ZN8wxWindow13MSWWindowProcEjyx wxmsw30u_core_gcc_custom 0x6c0de21c
20 KIFACE_1 _gerbview 0x6be9e5cc
21 CallWindowProcW USER32 0x7ffd7411bc50
22 CallWindowProcW USER32 0x7ffd7411b94c
23 GetTopWindow USER32 0x7ffd741311f3
24 KiUserCallbackDispatcher ntdll 0x7ffd74d690a4
25 NtUserCallHwndLock win32u 0x7ffd722014a4
26 ZN8wxWindow6UpdateEv wxmsw30u_core_gcc_custom 0x6c0eb1d8
27 KIFACE_1 _gerbview 0x6be1b59f
28 KIFACE_1 _gerbview 0x6bd67fd2
29 KIFACE_1 _gerbview 0x6bd6f03b
30 ZNK16wxAppConsoleBase16CallEventHandlerEP12wxEvtHandlerR14wxEventFunctorR7wxEvent wxbase30u_gcc_custom 0x67ac2ec4
31 ZN12wxEvtHandler23ProcessEventIfMatchesIdERK21wxEventTableEntryBasePS_R7wxEvent wxbase30u_gcc_custom 0x67c29502
32 ZN16wxEventHashTable11HandleEventER7wxEventP12wxEvtHandler wxbase30u_gcc_custom 0x67c295f8
33 ZN12wxEvtHandler11TryHereOnlyER7wxEvent wxbase30u_gcc_custom 0x67c299ce
34 KIFACE_1 _gerbview 0x6bdd6c67
35 ZN12wxEvtHandler10DoTryChainER7wxEvent wxbase30u_gcc_custom 0x67c297c3
36 ZN12wxEvtHandler12ProcessEventER7wxEvent wxbase30u_gcc_custom 0x67c29a98
37 ZN12wxWindowBase8TryAfterER7wxEvent wxmsw30u_core_gcc_custom 0x6c2e82aa
38 ZN12wxEvtHandler18SafelyProcessEventER7wxEvent wxbase30u_gcc_custom 0x67c2981b
39 ZN10wxMenuBase9SendEventEii wxmsw30u_core_gcc_custom 0x6c295993
40 ZN7wxFrame13MSWWindowProcEjyx wxmsw30u_core_gcc_custom 0x6c135c23
41 CallWindowProcW USER32 0x7ffd7411bc50
42 DispatchMessageW USER32 0x7ffd7411b5cf
43 ZN14wxGUIEventLoop8DispatchEv wxmsw30u_core_gcc_custom 0x6c12d7d5
44 ZN17wxEventLoopManual5DoRunEv wxbase30u_gcc_custom 0x67afbec3
45 ZN15wxEventLoopBase3RunEv wxbase30u_gcc_custom 0x67afbba4
46 ZN16wxAppConsoleBase8MainLoopEv wxbase30u_gcc_custom 0x67ac7bfa
47 gerbview 0x441054
48 Z11wxEntryRealRiPPw wxbase30u_gcc_custom 0x67b462c7
49 Z7wxEntryP11HINSTANCE__S0_Pci wxmsw30u_core_gcc_custom 0x6c00a10b
50 gerbview 0x4013f7
51 gerbview 0x4014fb
52 BaseThreadInitThunk KERNEL32 0x7ffd73a62774
53 RtlUserThreadStart ntdll 0x7ffd74d30d51

DeepSOIC (deepsoic) wrote :
DeepSOIC (deepsoic) wrote :

A similar file with non-rounded rectangles, which loads without problems. For comparison.

Nick Østergaard (nickoe) wrote :

This seems to be reproduceable on linux. Ends in AM_PARAM::GetValue(D_CODE const*) from gerbview/class_am_param.cpp:88. See attached backtrace.

tags: added: roundrect
removed: rectangle rounded
Changed in kicad:
status: New → Incomplete
status: Incomplete → Confirmed

It is fixed in rev cffe1b51e20913e325661ec30a49fda51241565d

Gerbview: avoid a crash with malformed Gerber files.
Fix also incorrect handling of %LN (Load Name) deprecated command

This Gerber file is incorrect: the aperture macro for round rectangle pads is broken (incorrect number of parameter).

Changed in kicad:
status: Confirmed → Fix Committed
DeepSOIC (deepsoic) wrote :

I've studied gerber format a little bit just right now, and I can see the problem. For polyline primitive, number "9" means there should be 10 coordinate pairs provided, but topor provided only 9.

Thanks for the fix and for pointers!

DeepSOIC (deepsoic) wrote :

And now I replaced the "9" with "8", and the file now opens perfectly in gerbview. Great!, now I even know how to fix the problematic file.

Changed in kicad:
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers