KiCad

Segfault in libedit on footprint Save As...

Bug #1802954 reported by John Beard on 2018-11-12

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	KiCad	Fix Released	High	Unassigned	KiCad 5.1.0

Bug Description

I hit a segfault in libmodedit when doing "Save As..." on a footprint to a different library.

I can't reproduce (at least not yet), but I do have a backtrace. I am unclear on exactly what steps are needed to get into this state, but perhaps the backtrace is meaningful to someone(?).

At frame #7, aNickName is the library name, which is the same as s in frame #1, but looks like something gets deleted, as #1's this pointer looks decidedly dodgy.

----

#0 0x00007fdeee6471e1 in wxString::compare(wxString const&) const () at /usr/lib/libwx_baseu-3.0.so.0
#1 0x00007fdee4ac4471 in wxString::Cmp(wxString const&) const (this=0x7fdeec3f26b0 <g_nullify_pointer+32>, s=...)
    at /usr/include/wx-3.0/wx/string.h:2111
#2 0x00007fdee4be9851 in operator<(wxString const&, wxString const&) (s1=..., s2=...)
    at /usr/include/wx-3.0/wx/string.h:3994
#3 0x00007fdee4beedc3 in std::less<wxString>::operator()(wxString const&, wxString const&) const
    (this=0x560c34c90f30, __x=..., __y=...) at /usr/include/c++/8.2.1/bits/stl_function.h:386
#4 0x00007fdee4dd7d84 in std::_Rb_tree<wxString, std::pair<wxString const, int>, std::_Select1st<std::pair<wxString const, int> >, std::less<wxString>, std::allocator<std::pair<wxString const, int> > >::_M_lower_bound(std::_Rb_tree_node<std::pair<wxString const, int> >*, std::_Rb_tree_node_base*, wxString const&)
    (this=0x560c34c90f30, __x=0x7fdeec3f2690 <g_nullify_pointer>, __y=0x560c34c90f38, __k=...)
    at /usr/include/c++/8.2.1/bits/stl_tree.h:1888
#5 0x00007fdee4dd69d6 in std::_Rb_tree<wxString, std::pair<wxString const, int>, std::_Select1st<std::pair<wxString const, int> >, std::less<wxString>, std::allocator<std::pair<wxString const, int> > >::find(wxString const&)
    (this=0x560c34c90f30, __k=...) at /usr/include/c++/8.2.1/bits/stl_tree.h:2539
#6 0x00007fdee4dd5ca3 in std::map<wxString, int, std::less<wxString>, std::allocator<std::pair<wxString const, int> > >::find(wxString const&) (this=0x560c34c90f30, __x=...) at /usr/include/c++/8.2.1/bits/stl_map.h:1170
#7 0x00007fdee54e813c in LIB_TABLE::findRow(wxString const&) const (this=0x560c34c90f10, aNickName=...)
    at /home/john/src/kicad/common/lib_table_base.cpp:299
#8 0x00007fdee54e7fd2 in LIB_TABLE::HasLibrary(wxString const&, bool) const
    (this=0x560c34c90f10, aNickname=..., aCheckEnabled=true) at /home/john/src/kicad/common/lib_table_base.cpp:266
#9 0x00007fdee4d23554 in FP_TREE_SYNCHRONIZING_ADAPTER::Sync() (this=0x560c37b326d0)
    at /home/john/src/kicad/pcbnew/fp_tree_synchronizing_adapter.cpp:64
#10 0x00007fdee4d29f61 in FOOTPRINT_EDIT_FRAME::SyncLibraryTree(bool) (this=0x560c38345350, aProgress=true)
    at /home/john/src/kicad/pcbnew/footprint_edit_frame.cpp:883
#11 0x00007fdee4d1858b in FOOTPRINT_EDIT_FRAME::Process_Special_Functions(wxCommandEvent&)
    (this=0x560c38345350, event=...) at /home/john/src/kicad/pcbnew/footprint_editor_utils.cpp:483
#12 0x00007fdeee6f889e in wxEvtHandler::ProcessEventIfMatchesId(wxEventTableEntryBase const&, wxEvtHandler*, wxEvent&) () at /usr/lib/libwx_baseu-3.0.so.0
#13 0x00007fdeee6f89a4 in wxEventHashTable::HandleEvent(wxEvent&, wxEvtHandler*) () at /usr/lib/libwx_baseu-3.0.so.0
#14 0x00007fdeee6f8cde in wxEvtHandler::TryHereOnly(wxEvent&) () at /usr/lib/libwx_baseu-3.0.so.0
#15 0x00007fdee54b69f8 in EDA_BASE_FRAME::ProcessEvent(wxEvent&) (this=0x560c38345350, aEvent=...)
    at /home/john/src/kicad/common/eda_base_frame.cpp:173
#16 0x00007fdeee6f8b63 in wxEvtHandler::DoTryChain(wxEvent&) () at /usr/lib/libwx_baseu-3.0.so.0
#17 0x00007fdeee6f8e02 in wxEvtHandler::ProcessEvent(wxEvent&) () at /usr/lib/libwx_baseu-3.0.so.0
#18 0x00007fdeeec4ee6b in wxWindowBase::TryAfter(wxEvent&) () at /usr/lib/libwx_gtk2u_core-3.0.so.0
#19 0x00007fdeeec4ee6b in wxWindowBase::TryAfter(wxEvent&) () at /usr/lib/libwx_gtk2u_core-3.0.so.0
#20 0x00007fdeee6f8ba7 in wxEvtHandler::SafelyProcessEvent(wxEvent&) () at /usr/lib/libwx_baseu-3.0.so.0
#21 0x00007fdeeec05569 in wxMenuBase::SendEvent(int, int) () at /usr/lib/libwx_gtk2u_core-3.0.so.0
#22 0x00007fdeeeafe6dc in () at /usr/lib/libwx_gtk2u_core-3.0.so.0
#23 0x00007fdeec6d83d5 in g_closure_invoke () at /usr/lib/libgobject-2.0.so.0
#24 0x00007fdeec6c5195 in () at /usr/lib/libgobject-2.0.so.0
#25 0x00007fdeec6c901e in g_signal_emit_valist () at /usr/lib/libgobject-2.0.so.0
#26 0x00007fdeec6c9a80 in g_signal_emit () at /usr/lib/libgobject-2.0.so.0
#27 0x00007fdeecbfff38 in gtk_widget_activate () at /usr/lib/libgtk-x11-2.0.so.0
#28 0x00007fdeecaf8e71 in gtk_menu_shell_activate_item () at /usr/lib/libgtk-x11-2.0.so.0
#29 0x00007fdeecaf9140 in () at /usr/lib/libgtk-x11-2.0.so.0
#30 0x00007fdeecae67cc in () at /usr/lib/libgtk-x11-2.0.so.0
#31 0x00007fdeec6d83d5 in g_closure_invoke () at /usr/lib/libgobject-2.0.so.0
#32 0x00007fdeec6c499f in () at /usr/lib/libgobject-2.0.so.0
#33 0x00007fdeec6c85ed in g_signal_emit_valist () at /usr/lib/libgobject-2.0.so.0
#34 0x00007fdeec6c9a80 in g_signal_emit () at /usr/lib/libgobject-2.0.so.0
#35 0x00007fdeecc01235 in () at /usr/lib/libgtk-x11-2.0.so.0
#36 0x00007fdeecae4a0e in gtk_propagate_event () at /usr/lib/libgtk-x11-2.0.so.0
#37 0x00007fdeecae4e43 in gtk_main_do_event () at /usr/lib/libgtk-x11-2.0.so.0
#38 0x00007fdeec759d5e in () at /usr/lib/libgdk-x11-2.0.so.0
#39 0x00007fdeec4333cf in g_main_context_dispatch () at /usr/lib/libglib-2.0.so.0
#40 0x00007fdeec434f89 in () at /usr/lib/libglib-2.0.so.0
#41 0x00007fdeec434fce in g_main_context_iteration () at /usr/lib/libglib-2.0.so.0
#42 0x00007fdeecae4032 in gtk_main_iteration () at /usr/lib/libgtk-x11-2.0.so.0
#43 0x00007fdeeea99c86 in wxWindow::DoPopupMenu(wxMenu*, int, int) () at /usr/lib/libwx_gtk2u_core-3.0.so.0
#44 0x00007fdeeec52774 in wxWindowBase::PopupMenu(wxMenu*, int, int) () at /usr/lib/libwx_gtk2u_core-3.0.so.0
#45 0x00007fdee4ba62fb in wxWindowBase::PopupMenu(wxMenu*, wxPoint const&)
    (this=0x560c38eb8a30, menu=0x560c390bd5b0, pos=...) at /usr/include/wx-3.0/wx/window.h:1216
#46 0x00007fdee54578da in LIB_TREE::onContextMenu(wxDataViewEvent&) (this=0x560c38eb8a30, aEvent=...)
    at /home/john/src/kicad/common/widgets/lib_tree.cpp:397
#47 0x00007fdeee6f889e in wxEvtHandler::ProcessEventIfMatchesId(wxEventTableEntryBase const&, wxEvtHandler*, wxEvent&) () at /usr/lib/libwx_baseu-3.0.so.0
#48 0x00007fdeee6f8c1b in wxEvtHandler::SearchDynamicEventTable(wxEvent&) () at /usr/lib/libwx_baseu-3.0.so.0
#49 0x00007fdeee6f8cb1 in wxEvtHandler::TryHereOnly(wxEvent&) () at /usr/lib/libwx_baseu-3.0.so.0
#50 0x00007fdeee6f8d64 in wxEvtHandler::ProcessEventLocally(wxEvent&) () at /usr/lib/libwx_baseu-3.0.so.0
#51 0x00007fdeee6f8e02 in wxEvtHandler::ProcessEvent(wxEvent&) () at /usr/lib/libwx_baseu-3.0.so.0
#52 0x00007fdeee6f8ba7 in wxEvtHandler::SafelyProcessEvent(wxEvent&) () at /usr/lib/libwx_baseu-3.0.so.0
#53 0x00007fdeef0867d6 in () at /usr/lib/libwx_gtk2u_adv-3.0.so.0
#54 0x00007fdeecae67cc in () at /usr/lib/libgtk-x11-2.0.so.0
#55 0x00007fdeec6d83d5 in g_closure_invoke () at /usr/lib/libgobject-2.0.so.0
#56 0x00007fdeec6c5195 in () at /usr/lib/libgobject-2.0.so.0
#57 0x00007fdeec6c85ed in g_signal_emit_valist () at /usr/lib/libgobject-2.0.so.0
#58 0x00007fdeec6c9a80 in g_signal_emit () at /usr/lib/libgobject-2.0.so.0
#59 0x00007fdeecc01235 in () at /usr/lib/libgtk-x11-2.0.so.0
#60 0x00007fdeecae4a0e in gtk_propagate_event () at /usr/lib/libgtk-x11-2.0.so.0
#61 0x00007fdeecae4e43 in gtk_main_do_event () at /usr/lib/libgtk-x11-2.0.so.0
#62 0x00007fdeec759d5e in () at /usr/lib/libgdk-x11-2.0.so.0
#63 0x00007fdeec4333cf in g_main_context_dispatch () at /usr/lib/libglib-2.0.so.0
#64 0x00007fdeec434f89 in () at /usr/lib/libglib-2.0.so.0
#65 0x00007fdeec435f62 in g_main_loop_run () at /usr/lib/libglib-2.0.so.0
#66 0x00007fdeecae3df3 in gtk_main () at /usr/lib/libgtk-x11-2.0.so.0
#67 0x00007fdeeea7e1b6 in wxGUIEventLoop::DoRun() () at /usr/lib/libwx_gtk2u_core-3.0.so.0
#68 0x00007fdeee5c5bae in wxEventLoopBase::Run() () at /usr/lib/libwx_baseu-3.0.so.0
#69 0x00007fdeee58a517 in wxAppConsoleBase::MainLoop() () at /usr/lib/libwx_baseu-3.0.so.0
#70 0x0000560c315a876f in APP_SINGLE_TOP::OnRun() (this=0x560c31e7d4f0)
    at /home/john/src/kicad/common/single_top.cpp:186
#71 0x00007fdeee6124c8 in wxEntry(int&, wchar_t**) () at /usr/lib/libwx_baseu-3.0.so.0
#72 0x0000560c315a3e20 in main(int, char**) (argc=1, argv=0x7fff4ae2f288)
    at /home/john/src/kicad/common/single_top.cpp:260

----

Application: pcbnew
Version: (6.0.0-rc1-dev-1178-g62e2fe8bb), debug build
Libraries:
    wxWidgets 3.0.4
    libcurl/7.62.0 OpenSSL/1.1.1 zlib/1.2.11 libidn2/2.0.5 libpsl/0.20.2 (+libidn2/2.0.4) libssh2/1.8.0 nghttp2/1.34.0
Platform: Linux 4.18.16-arch1-1-ARCH x86_64, 64 bit, Little endian, wxGTK
Build Info:
    wxWidgets: 3.0.4 (wchar_t,wx containers,compatible with 2.8) GTK+ 2.24
    Boost: 1.68.0
    OpenCASCADE Community Edition: 6.9.1
    Curl: 7.62.0
    Compiler: GCC 8.2.1 with C++ ABI 1013

Build settings:
    USE_WX_GRAPHICS_CONTEXT=OFF
    USE_WX_OVERLAY=OFF
    KICAD_SCRIPTING=ON
    KICAD_SCRIPTING_MODULES=ON
    KICAD_SCRIPTING_PYTHON3=OFF
    KICAD_SCRIPTING_WXPYTHON=ON
    KICAD_SCRIPTING_WXPYTHON_PHOENIX=OFF
    KICAD_SCRIPTING_ACTION_MENU=ON
    BUILD_GITHUB_PLUGIN=ON
    KICAD_USE_OCE=ON
    KICAD_USE_OCC=OFF
    KICAD_SPICE=ON

Tags:

Revision history for this message

Jeff Young (jeyjey) wrote on 2018-11-12:

Why do we have two copies of LIB_TABLE::findRow() (one const and one not)? Surely the const one is sufficient, or am I missing something?

Revision history for this message

John Beard (john-j-beard) wrote on 2018-11-13:

(Speculation alert) I guess this is done according to this pattern:

T& CLASS::getMemberThing();
const T& CLASS::getMemberThing() const;

Thus, if you only have a const CLASS, you can't use getMemberThing to get a non-const interface though which you can modify part of the CLASS.

But since it's returning a pointer, it's allowed to return a non-const T*.

I imagine this is a paste-o, and probably should be something like:

T* CLASS::findRow();
const T* CLASS::findRow(...) const;

At least, this appears to compile, FWIW!

Revision history for this message

Jeff Young (jeyjey) wrote on 2018-12-10:

@Devs, can anyone reproduce this?

Changed in kicad:
importance:	Undecided → High

Revision history for this message

Seth Hillbrand (sethh) wrote on 2018-12-11:

I'm guessing that this is in modedit, right?

@John, did you right-click on the footprint name and use save as from there? Global lib or local? Any chance you recall the name of the footprint/lib?

Revision history for this message

John Beard (john-j-beard) wrote on 2018-12-11:

Yes, this is in modedit, for a global library.

It was in the right click menu, but I cannot recall the name of the library. I tried to reproduce at the time, but I couldn't do it (and I wasn't paying very close attention to KiCad's behaviour as I was doing something at the time).

So it feels perhaps like a timing/threading issue where something's killed something as SyncLibraryTree is working?

Revision history for this message

Jeff Young (jeyjey) wrote on 2019-01-05:

I believe JP just fixed this in 1b7ebc7a4e33dc314a79c10ca38bf46dc76b0ae8.

Changed in kicad:
status:	New → Fix Committed
milestone:	none → 5.1.0

KiCad Janitor (kicad-janitor) on 2019-03-14

Changed in kicad:
status:	Fix Committed → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.