KiCad

pcbnew crash on exit

Bug #1831560 reported by Andrew Lutsenko on 2019-06-04

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	KiCad	Fix Committed	Critical	Seth Hillbrand	KiCad 6.0.0-rc1

Bug Description

Pcbnew crashes consistently when I perform these steps:

* Open board with some footprints.
* Run any action plugin even empty one. I'm not sure this is related to plugins but the crash doesn't happen if I just make some other change in the board.
* Close pcbnew and click "Save" or "Discard changes"
* Get SIGSEGV

Full version info and stacktrace with debug symbols:

Application: Pcbnew
Version: (5.1.0-856-g1721cc170), debug build
Libraries:
    wxWidgets 3.0.4
    libcurl/7.60.0 OpenSSL/1.0.2r zlib/1.2.11 libidn2/2.0.5 libpsl/0.20.1 (+libidn2/2.0.5) libssh2/1.8.0 nghttp2/1.36.0 librtmp/2.3
Platform: Linux 4.19.37-2modified-amd64 x86_64, 64 bit, Little endian, wxGTK
Build Info:
    wxWidgets: 3.0.4 (wchar_t,wx containers,compatible with 2.8) GTK+ 3.24
    Boost: 1.62.0
    OpenCASCADE Community Edition: 6.9.1
    Curl: 7.60.0
    Compiler: GCC 7.3.0 with C++ ABI 1011

Build settings:
    USE_WX_GRAPHICS_CONTEXT=OFF
    USE_WX_OVERLAY=ON
    KICAD_SCRIPTING=ON
    KICAD_SCRIPTING_MODULES=ON
    KICAD_SCRIPTING_PYTHON3=ON
    KICAD_SCRIPTING_WXPYTHON=ON
    KICAD_SCRIPTING_WXPYTHON_PHOENIX=ON
    KICAD_SCRIPTING_ACTION_MENU=ON
    BUILD_GITHUB_PLUGIN=ON
    KICAD_USE_OCE=ON
    KICAD_USE_OCC=OFF
    KICAD_SPICE=ON

#0 0x00007fffcfc152c2 in NETINFO_ITEM::GetNet() const (this=0x0) at /src/kicad/pcbnew/./netinfo.h:226
#1 0x00007fffcfc9ff88 in BOARD_CONNECTED_ITEM::GetNetCode() const (this=0x55555bc5f2b0) at /src/kicad/pcbnew/./board_connected_item.h:106
#2 0x00007fffd034e32e in BOARD::GetNodesCount(int) (this=0x55555bc9b000, aNet=-1) at /src/kicad/pcbnew/class_board.cpp:753
#3 0x00007fffd034f052 in BOARD::GetMsgPanelInfo(EDA_UNITS_T, std::vector<MSG_PANEL_ITEM, std::allocator<MSG_PANEL_ITEM> >&) (this=0x55555bc9b000, aUnits=MILLIMETRES, aList=std::vector of length 3, capacity 4 = {...}) at /src/kicad/pcbnew/class_board.cpp:868
#4 0x00007fffd04ceaaf in EDA_DRAW_FRAME::SetMsgPanel(EDA_ITEM*) (this=0x55555738e5d0, aItem=0x55555bc9b000) at /src/kicad/common/legacy_gal/eda_draw_frame.cpp:582
#5 0x00007fffcff7daf3 in PCB_EDITOR_CONTROL::ClearHighlight(TOOL_EVENT const&) (this=0x555558a4c400, aEvent=...) at /src/kicad/pcbnew/tools/pcb_editor_control.cpp:1194
#6 0x00007fffcff89706 in std::__invoke_impl<int, int (PCB_EDITOR_CONTROL::*&)(TOOL_EVENT const&), PCB_EDITOR_CONTROL*&, TOOL_EVENT const&>(std::__invoke_memfun_deref, int (PCB_EDITOR_CONTROL::*&)(TOOL_EVENT const&), PCB_EDITOR_CONTROL*&, TOOL_EVENT const&) (__f=@0x5555577e42f0: (int (PCB_EDITOR_CONTROL::*)(PCB_EDITOR_CONTROL * const, const TOOL_EVENT &)) 0x7fffcff7da36 <PCB_EDITOR_CONTROL::ClearHighlight(TOOL_EVENT const&)>, __t=@0x5555577e4300: 0x555558a4c400, __args#0=...) at /usr/include/c++/7/bits/invoke.h:73
#7 0x00007fffcff89391 in std::__invoke<int (PCB_EDITOR_CONTROL::*&)(TOOL_EVENT const&), PCB_EDITOR_CONTROL*&, TOOL_EVENT const&>(int (PCB_EDITOR_CONTROL::*&)(TOOL_EVENT const&), PCB_EDITOR_CONTROL*&, TOOL_EVENT const&) (__fn=@0x5555577e42f0: (int (PCB_EDITOR_CONTROL::*)(PCB_EDITOR_CONTROL * const, const TOOL_EVENT &)) 0x7fffcff7da36 <PCB_EDITOR_CONTROL::ClearHighlight(TOOL_EVENT const&)>, __args#0=@0x5555577e4300: 0x555558a4c400, __args#1=...) at /usr/include/c++/7/bits/invoke.h:96
#8 0x00007fffcff88a5d in std::_Bind<int (PCB_EDITOR_CONTROL::*(PCB_EDITOR_CONTROL*, std::_Placeholder<1>))(TOOL_EVENT const&)>::__call<int, TOOL_EVENT const&, 0ul, 1ul>(std::tuple<TOOL_EVENT const&>&&, std::_Index_tuple<0ul, 1ul>) (this=0x5555577e42f0, __args=...) at /usr/include/c++/7/functional:469
#9 0x00007fffcff87f85 in std::_Bind<int (PCB_EDITOR_CONTROL::*(PCB_EDITOR_CONTROL*, std::_Placeholder<1>))(TOOL_EVENT const&)>::operator()<TOOL_EVENT const&, int>(TOOL_EVENT const&) (this=0x5555577e42f0, __args#0=...) at /usr/include/c++/7/functional:551
#10 0x00007fffcff876d3 in std::_Function_handler<int (TOOL_EVENT const&), std::_Bind<int (PCB_EDITOR_CONTROL::*(PCB_EDITOR_CONTROL*, std::_Placeholder<1>))(TOOL_EVENT const&)> >::_M_invoke(std::_Any_data const&, TOOL_EVENT const&) (__functor=..., __args#0=...) at /usr/include/c++/7/bits/std_function.h:302
#11 0x00007fffd061c527 in std::function<int (TOOL_EVENT const&)>::operator()(TOOL_EVENT const&) const (this=0x555557a00e18, __args#0=...) at /usr/include/c++/7/bits/std_function.h:706
#12 0x00007fffd06196b0 in COROUTINE<int, TOOL_EVENT const&>::callerStub(long) (aData=93825097022128) at /src/kicad/include/tool/coroutine.h:331
#13 0x00007fffd0676e01 in make_fcontext () at /usr/local/bin/_pcbnew.kiface
#14 0x0000007b00000050 in ()
#15 0x0000007000000073 in ()
#16 0x0000006300000061 in ()
#17 0x0000000000030f61 in ()
#18 0x00007ffff37e5308 in main_arena () at /lib/x86_64-linux-gnu/libc.so.6
#19 0x00007ffff37e5308 in main_arena () at /lib/x86_64-linux-gnu/libc.so.6
#20 0x0000555557d286c0 in ()
#21 0x0000555557d286c0 in ()
#22 0x000000730000007b in ()
#23 0x0000006100000070 in ()
#24 0x0000006500000063 in ()
#25 0x000000720000007d in ()
#26 0x000000770000006f in ()
#27 0x000000730000007b in ()
#28 0x0000006100000070 in ()
#29 0x0000006500000063 in ()
#30 0x000000730000007d in ()
#31 0x0000006100000070 in ()
#32 0x0000006900000063 in ()
#33 0x000000670000006e in ()
#34 0x000000730000007b in ()
#35 0x0000006100000070 in ()
#36 0x0000006500000063 in ()
#37 0x000000310000007d in ()
#38 0x0000002e00000036 in ()
#39 0x0000003100000035 in ()
#40 0x000000730000007b in ()
#41 0x0000006100000070 in ()
#42 0x0000006500000063 in ()
#43 0x0000006d0000007d in ()
#44 0x0000000000000210 in ()
#45 0x0000000000000050 in ()
#46 0x000055555767e190 in ()
#47 0x00007ffff37e4b58 in main_arena () at /lib/x86_64-linux-gnu/libc.so.6
#48 0x0000000000000000 in ()

Tags:

Seth Hillbrand (sethh) on 2019-06-04

Changed in kicad:
importance:	Undecided → Critical
assignee:	nobody → Seth Hillbrand (sethh)
milestone:	none → 6.0.0-rc1

Revision history for this message

Seth Hillbrand (sethh) wrote on 2019-06-04:

I can't seem to reproduce this. Is there a specific action plugin you are using? Does it happen on all boards?

Changed in kicad:
status:	New → Incomplete

Revision history for this message

Ian McInerney (imcinerney) wrote on 2019-06-04:

test_plugin.py Edit (484 bytes, text/x-python)

Download full text (4.9 KiB)

@Seth. I can reproduce this on the pic programmer demo project using these steps and the Python plugin attached (locate it inside ~/.kicad_plugins):

1) Open pcbnew
2) Run the Python action plugin "AAAAAAAA"
3) Close pcbnew (discard changes if any)
Crash

The error is:
0x00007fffe055e41c in NETINFO_ITEM::GetNet (this=0x0) at /home/imcinerney/Documents/kicadDev/kicad-master/pcbnew/./netinfo.h:226
226 int GetNet() const { return m_NetCode; }

The backtrace I receive is:

#0 0x00007fffe055e41c in NETINFO_ITEM::GetNet() const (this=0x0) at /home/imcinerney/Documents/kicadDev/kicad-master/pcbnew/./netinfo.h:226
#1 0x00007fffe05e6346 in BOARD_CONNECTED_ITEM::GetNetCode() const (this=0x51b41e0) at /home/imcinerney/Documents/kicadDev/kicad-master/pcbnew/./board_connected_item.h:106
#2 0x00007fffe0c7f192 in BOARD::GetNodesCount(int) (this=0x5726f90, aNet=-1) at /home/imcinerney/Documents/kicadDev/kicad-master/pcbnew/class_board.cpp:753
#3 0x00007fffe0c7fddf in BOARD::GetMsgPanelInfo(EDA_UNITS_T, std::vector<MSG_PANEL_ITEM, std::allocator<MSG_PANEL_ITEM> >&) (this=0x5726f90, aUnits=INCHES, aList=std::vector of length 3, capacity 4 = {...})
    at /home/imcinerney/Documents/kicadDev/kicad-master/pcbnew/class_board.cpp:864
#4 0x00007fffe0dfd8c7 in EDA_DRAW_FRAME::SetMsgPanel(EDA_ITEM*) (this=0x246b3e0, aItem=0x5726f90) at /home/imcinerney/Documents/kicadDev/kicad-master/common/legacy_gal/eda_draw_frame.cpp:582
#5 0x00007fffe08b8473 in PCB_EDITOR_CONTROL::ClearHighlight(TOOL_EVENT const&) (this=0x516dc10, aEvent=...) at /home/imcinerney/Documents/kicadDev/kicad-master/pcbnew/tools/pcb_editor_control.cpp:1148
#6 0x00007fffe08c3454 in std::__invoke_impl<int, int (PCB_EDITOR_CONTROL::*&)(TOOL_EVENT const&), PCB_EDITOR_CONTROL*&, TOOL_EVENT const&>(std::__invoke_memfun_deref, int (PCB_EDITOR_CONTROL::*&)(TOOL_EVENT const&), PCB_EDITOR_CONTROL*&, TOOL_EVENT const&) (__f=@0x4e0de70: (int (PCB_EDITOR_CONTROL::*)(PCB_EDITOR_CONTROL * const, const TOOL_EVENT &)) 0x7fffe08b83b6 <PCB_EDITOR_CONTROL::ClearHighlight(TOOL_EVENT const&)>, __t=@0x4e0de80: 0x516dc10, __args#0=...)
    at /usr/include/c++/8/bits/invoke.h:73
#7 0x00007fffe08c30eb in std::__invoke<int (PCB_EDITOR_CONTROL::*&)(TOOL_EVENT const&), PCB_EDITOR_CONTROL*&, TOOL_EVENT const&>(int (PCB_EDITOR_CONTROL::*&)(TOOL_EVENT const&), PCB_EDITOR_CONTROL*&, TOOL_EVENT const&) (__fn=
    @0x4e0de70: (int (PCB_EDITOR_CONTROL::*)(PCB_EDITOR_CONTROL * const, const TOOL_EVENT &)) 0x7fffe08b83b6 <PCB_EDITOR_CONTROL::ClearHighlight(TOOL_EVENT const&)>, __args#0=@0x4e0de80: 0x516dc10, __args#1=...)
    at /usr/include/c++/8/bits/invoke.h:95
#8 0x00007fffe08c2781 in std::_Bind<int (PCB_EDITOR_CONTROL::*(PCB_EDITOR_CONTROL*, std::_Placeholder<1>))(TOOL_EVENT const&)>::__call<int, TOOL_EVENT const&, 0ul, 1ul>(std::tuple<TOOL_EVENT const&>&&, std::_Index_tuple<0ul, 1ul>) (this=0x4e0de70, __args=...) at /usr/include/c++/8/functional:400
#9 0x00007fffe08c1d63 in std::_Bind<int (PCB_EDITOR_CONTROL::*(PCB_EDITOR_CONTROL*, std::_Placeholder<1>))(TOOL_EVENT const&)>::operator()<TOOL_EVENT const&, int>(TOOL_EVENT const&) (this=0x4e0de70, __args#0=...)
    at /usr/include/c++/8/functional:484
#10 0x00007fffe08c14f...

@Seth. I can reproduce this on the pic programmer demo project using these steps and the Python plugin attached (locate it inside ~/.kicad_plugins):

1) Open pcbnew
2) Run the Python action plugin "AAAAAAAA"
3) Close pcbnew (discard changes if any)
Crash

The error is:
0x00007fffe055e41c in NETINFO_ITEM::GetNet (this=0x0) at /home/imcinerney/Documents/kicadDev/kicad-master/pcbnew/./netinfo.h:226
226	    int GetNet() const { return m_NetCode; }

The backtrace I receive is:

#0  0x00007fffe055e41c in NETINFO_ITEM::GetNet() const (this=0x0) at /home/imcinerney/Documents/kicadDev/kicad-master/pcbnew/./netinfo.h:226
#1  0x00007fffe05e6346 in BOARD_CONNECTED_ITEM::GetNetCode() const (this=0x51b41e0) at /home/imcinerney/Documents/kicadDev/kicad-master/pcbnew/./board_connected_item.h:106
#2  0x00007fffe0c7f192 in BOARD::GetNodesCount(int) (this=0x5726f90, aNet=-1) at /home/imcinerney/Documents/kicadDev/kicad-master/pcbnew/class_board.cpp:753
#3  0x00007fffe0c7fddf in BOARD::GetMsgPanelInfo(EDA_UNITS_T, std::vector<MSG_PANEL_ITEM, std::allocator<MSG_PANEL_ITEM> >&) (this=0x5726f90, aUnits=INCHES, aList=std::vector of length 3, capacity 4 = {...})
    at /home/imcinerney/Documents/kicadDev/kicad-master/pcbnew/class_board.cpp:864
#4  0x00007fffe0dfd8c7 in EDA_DRAW_FRAME::SetMsgPanel(EDA_ITEM*) (this=0x246b3e0, aItem=0x5726f90) at /home/imcinerney/Documents/kicadDev/kicad-master/common/legacy_gal/eda_draw_frame.cpp:582
#5  0x00007fffe08b8473 in PCB_EDITOR_CONTROL::ClearHighlight(TOOL_EVENT const&) (this=0x516dc10, aEvent=...) at /home/imcinerney/Documents/kicadDev/kicad-master/pcbnew/tools/pcb_editor_control.cpp:1148
#6  0x00007fffe08c3454 in std::__invoke_impl<int, int (PCB_EDITOR_CONTROL::*&)(TOOL_EVENT const&), PCB_EDITOR_CONTROL*&, TOOL_EVENT const&>(std::__invoke_memfun_deref, int (PCB_EDITOR_CONTROL::*&)(TOOL_EVENT const&), PCB_EDITOR_CONTROL*&, TOOL_EVENT const&) (__f=@0x4e0de70: (int (PCB_EDITOR_CONTROL::*)(PCB_EDITOR_CONTROL * const, const TOOL_EVENT &)) 0x7fffe08b83b6 <PCB_EDITOR_CONTROL::ClearHighlight(TOOL_EVENT const&)>, __t=@0x4e0de80: 0x516dc10, __args#0=...)
    at /usr/include/c++/8/bits/invoke.h:73
#7  0x00007fffe08c30eb in std::__invoke<int (PCB_EDITOR_CONTROL::*&)(TOOL_EVENT const&), PCB_EDITOR_CONTROL*&, TOOL_EVENT const&>(int (PCB_EDITOR_CONTROL::*&)(TOOL_EVENT const&), PCB_EDITOR_CONTROL*&, TOOL_EVENT const&) (__fn=
    @0x4e0de70: (int (PCB_EDITOR_CONTROL::*)(PCB_EDITOR_CONTROL * const, const TOOL_EVENT &)) 0x7fffe08b83b6 <PCB_EDITOR_CONTROL::ClearHighlight(TOOL_EVENT const&)>, __args#0=@0x4e0de80: 0x516dc10, __args#1=...)
    at /usr/include/c++/8/bits/invoke.h:95
#8  0x00007fffe08c2781 in std::_Bind<int (PCB_EDITOR_CONTROL::*(PCB_EDITOR_CONTROL*, std::_Placeholder<1>))(TOOL_EVENT const&)>::__call<int, TOOL_EVENT const&, 0ul, 1ul>(std::tuple<TOOL_EVENT const&>&&, std::_Index_tuple<0ul, 1ul>) (this=0x4e0de70, __args=...) at /usr/include/c++/8/functional:400
#9  0x00007fffe08c1d63 in std::_Bind<int (PCB_EDITOR_CONTROL::*(PCB_EDITOR_CONTROL*, std::_Placeholder<1>))(TOOL_EVENT const&)>::operator()<TOOL_EVENT const&, int>(TOOL_EVENT const&) (this=0x4e0de70, __args#0=...)
    at /usr/include/c++/8/functional:484
#10 0x00007fffe08c14f9 in std::_Function_handler<int (TOOL_EVENT const&), std::_Bind<int (PCB_EDITOR_CONTROL::*(PCB_EDITOR_CONTROL*, std::_Placeholder<1>))(TOOL_EVENT const&)> >::_M_invoke(std::_Any_data const&, TOOL_EVENT const&) (__functor=..., __args#0=...) at /usr/include/c++/8/bits/std_function.h:282
#11 0x00007fffe0f45a39 in std::function<int (TOOL_EVENT const&)>::operator()(TOOL_EVENT const&) const (this=0x53d8ff8, __args#0=...) at /usr/include/c++/8/bits/std_function.h:687
#12 0x00007fffe0f42bfa in COROUTINE<int, TOOL_EVENT const&>::callerStub(long) (aData=90083632) at /home/imcinerney/Documents/kicadDev/kicad-master/include/tool/coroutine.h:331
#13 0x00007fffe0f9f021 in make_fcontext () at /usr/local/bin/_pcbnew.kiface
#14 0x00c2c200c2c200c2 in  ()
#15 0x0000000000000000 in  ()

The problem seems to be caused by trying to redraw the message box, and it is running into a null pointer in a m_netinfo object inside a pad when counting the nodes.

Application: Pcbnew
Version: (5.1.0-844-g7e1407f20), debug build
Libraries:
    wxWidgets 3.0.4
    libcurl/7.59.0 OpenSSL/1.1.0i zlib/1.2.11 libidn2/2.0.5 libpsl/0.20.2 (+libidn2/2.0.4) libssh/0.8.6/openssl/zlib nghttp2/1.32.1
Platform: Linux 5.0.16-100.fc28.x86_64 x86_64, 64 bit, Little endian, wxGTK
Build Info:
    wxWidgets: 3.0.4 (wchar_t,wx containers,compatible with 2.8) GTK+ 3.22
    Boost: 1.66.0
    OpenCASCADE Community Edition: 6.9.1
    Curl: 7.59.0
    Compiler: GCC 8.3.1 with C++ ABI 1013

Build settings:
    USE_WX_GRAPHICS_CONTEXT=OFF
    USE_WX_OVERLAY=ON
    KICAD_SCRIPTING=ON
    KICAD_SCRIPTING_MODULES=ON
    KICAD_SCRIPTING_PYTHON3=OFF
    KICAD_SCRIPTING_WXPYTHON=ON
    KICAD_SCRIPTING_WXPYTHON_PHOENIX=ON
    KICAD_SCRIPTING_ACTION_MENU=ON
    BUILD_GITHUB_PLUGIN=ON
    KICAD_USE_OCE=ON
    KICAD_USE_OCC=OFF
    KICAD_SPICE=ON

Changed in kicad:
status:	Incomplete → Confirmed

Revision history for this message

Seth Hillbrand (sethh) wrote on 2019-06-04:

Hmm... No dice for me. No crashes, seems to work.

Would you have time to investigate here?

Revision history for this message

Ian McInerney (imcinerney) wrote on 2019-06-04:

@Seth, I will try to take a look at it but I just lost action scripting when I rebuilt on the current master so I can't recreate it right now. When you run the plugin, do you see the terminal output? I can load the plugin but not run it, so I will need to dig into that first before I can get to this.

Revision history for this message

Seth Hillbrand (sethh) wrote on 2019-06-04:

0001-pcbnew-ClearPcb-without-queuing-tools.patch Edit (4.4 KiB, text/plain)

OK, no worries. If you get it working, could you try the attached patch and see if it fixes the segfault? I think this might be just timing issues in when the events are handled vs. memory freed on close.

Revision history for this message

Andrew Lutsenko (qu1ck) wrote on 2019-06-04:

Seth after applying your patch I can no longer repro.

Revision history for this message

Ian McInerney (imcinerney) wrote on 2019-06-04:

@Seth, after fixing the action plugins (see https://bugs.launchpad.net/kicad/+bug/1831669) and applying your patch on top of that patch, I no longer see the crash.

An interesting thing that I noted as well is that the crash only happened when pcbnew was launched from the kicad window, not when I had launched it standalone. So there were probably some timing issues going on.

Revision history for this message

KiCad Janitor (kicad-janitor) wrote on 2019-06-05:

Fixed in revision f007d2857a54de0900d0416436e5cded3f68229b
https://git.launchpad.net/kicad/patch/?id=f007d2857a54de0900d0416436e5cded3f68229b