KiCad

eeschema segfault on block select (2)

Bug #1842394 reported by Dino Ghilardi on 2019-09-03

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	KiCad	Fix Committed	Undecided	Jeff Young	KiCad 6.0.0-rc1

Bug Description

Sometimes doing a multiple selection eeschema crashes. The behaviour seems not-fully deterministic and depends on what I select on which schematic, so I suspect something related to memory management. Today it crashes every time on the same selection, so it is somewhat reproducible and I get:

From gdb:
Thread 1 "kicad" received signal SIGSEGV, Segmentation fault.
0x00007ffff42db930 in __dynamic_cast () from /usr/lib/x86_64-linux-gnu/libstdc++.so.6
(gdb) backtrace
#0 0x00007ffff42db930 in __dynamic_cast () from /usr/lib/x86_64-linux-gnu/libstdc++.so.6
#1 0x00007fffe0d455c1 in EE_SELECTION_TOOL::selectMultiple() ()
   from /home/dinoghi/SANDBOXKICAD5/usr/bin/_eeschema.kiface
#2 0x00007fffe0d4675c in EE_SELECTION_TOOL::Main(TOOL_EVENT const&) ()
   from /home/dinoghi/SANDBOXKICAD5/usr/bin/_eeschema.kiface
#3 0x00007fffe0f83f60 in COROUTINE<int, TOOL_EVENT const&>::callerStub(long) ()
   from /home/dinoghi/SANDBOXKICAD5/usr/bin/_eeschema.kiface
#4 0x00005555556d4b71 in make_fcontext ()
#5 0x0000000000000000 in ?? ()

using valgrind and starting eeschema on the same project

==27900== Memcheck, a memory error detector
==27900== Copyright (C) 2002-2015, and GNU GPL'd, by Julian Seward et al.
==27900== Using Valgrind-3.12.0.SVN and LibVEX; rerun with -h for copyright info
==27900== Command: /home/dinoghi/SANDBOXKICAD5/usr/bin/kicad
==27900==

==27900== Conditional jump or move depends on uninitialised value(s)
==27900== at 0x4C32EA6: rawmemchr (vg_replace_strmem.c:1402)
==27900== by 0x91713C1: _IO_str_init_static_internal (strops.c:41)
==27900== by 0x9164B96: vsscanf (iovsscanf.c:40)
==27900== by 0x915F306: sscanf (sscanf.c:32)
==27900== by 0xE5E7E4A: ??? (in /usr/lib/x86_64-linux-gnu/libdrm.so.2.4.0)
==27900== by 0xE5E8182: ??? (in /usr/lib/x86_64-linux-gnu/libdrm.so.2.4.0)
==27900== by 0xE5EBBF8: drmGetDevice (in /usr/lib/x86_64-linux-gnu/libdrm.so.2.4.0)
==27900== by 0x7A952D6: ??? (in /usr/lib/mesa-diverted/x86_64-linux-gnu/libGL.so.1.2.0)
==27900== by 0x7A94694: ??? (in /usr/lib/mesa-diverted/x86_64-linux-gnu/libGL.so.1.2.0)
==27900== by 0x7A68988: ??? (in /usr/lib/mesa-diverted/x86_64-linux-gnu/libGL.so.1.2.0)
==27900== by 0x7A63F10: glXQueryVersion (in /usr/lib/mesa-diverted/x86_64-linux-gnu/libGL.so.1.2.0)
==27900== by 0x4E47556: wxGLCanvasX11::GetGLXVersion() (in /usr/lib/x86_64-linux-gnu/libwx_gtk2u_gl-3.0.so.0.2.0)

***Here eeschema is launched****

==27900==
==27900== Conditional jump or move depends on uninitialised value(s)
==27900== at 0x17A1A259: ??? (in /usr/lib/x86_64-linux-gnu/gtk-2.0/2.10.0/engines/libpixmap.so)
==27900== by 0x17A1B047: ??? (in /usr/lib/x86_64-linux-gnu/gtk-2.0/2.10.0/engines/libpixmap.so)
==27900== by 0x17A1B0F2: ??? (in /usr/lib/x86_64-linux-gnu/gtk-2.0/2.10.0/engines/libpixmap.so)
==27900== by 0x17A17E09: ??? (in /usr/lib/x86_64-linux-gnu/gtk-2.0/2.10.0/engines/libpixmap.so)
==27900== by 0x17A18F9A: ??? (in /usr/lib/x86_64-linux-gnu/gtk-2.0/2.10.0/engines/libpixmap.so)
==27900== by 0x960B552: ??? (in /usr/lib/x86_64-linux-gnu/libgtk-x11-2.0.so.0.2400.31)
==27900== by 0x95CB7BB: ??? (in /usr/lib/x86_64-linux-gnu/libgtk-x11-2.0.so.0.2400.31)
==27900== by 0x9DA7ECE: g_closure_invoke (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==27900== by 0x9DBA37C: ??? (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==27900== by 0x9DC267E: g_signal_emit_valist (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==27900== by 0x9DC2FBE: g_signal_emit (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==27900== by 0x96E38AB: ??? (in /usr/lib/x86_64-linux-gnu/libgtk-x11-2.0.so.0.2400.31)
==27900==

***Here the selection is done, selecting some wires, hierarchical pins and hierarchical labels. On gdb crashes here.***

==27900== Invalid read of size 8
==27900== at 0x1E4EB5A0: EE_SELECTION_TOOL::selectMultiple() (in /home/dinoghi/SANDBOXKICAD5/usr/bin/_eeschema.kiface)
==27900== by 0x1E4EC75B: EE_SELECTION_TOOL::Main(TOOL_EVENT const&) (in /home/dinoghi/SANDBOXKICAD5/usr/bin/_eeschema.kiface)
==27900== by 0x1E729F5F: COROUTINE<int, TOOL_EVENT const&>::callerStub(long) (in /home/dinoghi/SANDBOXKICAD5/usr/bin/_eeschema.kiface)
==27900== by 0x288B70: make_fcontext (in /home/dinoghi/SANDBOXKICAD5/usr/bin/kicad)
==27900== Address 0x213c7870 is 16 bytes inside a block of size 1,024 free'd
==27900== at 0x4C2D2DB: operator delete(void*) (vg_replace_malloc.c:576)
==27900== by 0x1E4EDF21: void std::vector<std::pair<KIGFX::VIEW_ITEM*, int>, std::allocator<std::pair<KIGFX::VIEW_ITEM*, int> > >::_M_emplace_back_aux<std::pair<KIGFX::VIEW_ITEM*, int> >(std::pair<KIGFX::VIEW_ITEM*, int>&&) (in /home/dinoghi/SANDBOXKICAD5/usr/bin/_eeschema.kiface)
==27900== by 0x1E4EB648: EE_SELECTION_TOOL::selectMultiple() (in /home/dinoghi/SANDBOXKICAD5/usr/bin/_eeschema.kiface)
==27900== by 0x1E4EC75B: EE_SELECTION_TOOL::Main(TOOL_EVENT const&) (in /home/dinoghi/SANDBOXKICAD5/usr/bin/_eeschema.kiface)
==27900== by 0x1E729F5F: COROUTINE<int, TOOL_EVENT const&>::callerStub(long) (in /home/dinoghi/SANDBOXKICAD5/usr/bin/_eeschema.kiface)
==27900== by 0x288B70: make_fcontext (in /home/dinoghi/SANDBOXKICAD5/usr/bin/kicad)
==27900== Block was alloc'd at
==27900== at 0x4C2C21F: operator new(unsigned long) (vg_replace_malloc.c:334)
==27900== by 0x1E4EDEAC: void std::vector<std::pair<KIGFX::VIEW_ITEM*, int>, std::allocator<std::pair<KIGFX::VIEW_ITEM*, int> > >::_M_emplace_back_aux<std::pair<KIGFX::VIEW_ITEM*, int> >(std::pair<KIGFX::VIEW_ITEM*, int>&&) (in /home/dinoghi/SANDBOXKICAD5/usr/bin/_eeschema.kiface)
==27900== by 0x1E6F41C1: bool RTree<KIGFX::VIEW_ITEM*, int, 2, double, 8, 4>::Search<KIGFX::queryVisitor<std::vector<std::pair<KIGFX::VIEW_ITEM*, int>, std::allocator<std::pair<KIGFX::VIEW_ITEM*, int> > > > >(RTree<KIGFX::VIEW_ITEM*, int, 2, double, 8, 4>::Node*, RTree<KIGFX::VIEW_ITEM*, int, 2, double, 8, 4>::Rect*, KIGFX::queryVisitor<std::vector<std::pair<KIGFX::VIEW_ITEM*, int>, std::allocator<std::pair<KIGFX::VIEW_ITEM*, int> > > >&, int&) (in /home/dinoghi/SANDBOXKICAD5/usr/bin/_eeschema.kiface)
==27900== by 0x1E6F40ED: bool RTree<KIGFX::VIEW_ITEM*, int, 2, double, 8, 4>::Search<KIGFX::queryVisitor<std::vector<std::pair<KIGFX::VIEW_ITEM*, int>, std::allocator<std::pair<KIGFX::VIEW_ITEM*, int> > > > >(RTree<KIGFX::VIEW_ITEM*, int, 2, double, 8, 4>::Node*, RTree<KIGFX::VIEW_ITEM*, int, 2, double, 8, 4>::Rect*, KIGFX::queryVisitor<std::vector<std::pair<KIGFX::VIEW_ITEM*, int>, std::allocator<std::pair<KIGFX::VIEW_ITEM*, int> > > >&, int&) (in /home/dinoghi/SANDBOXKICAD5/usr/bin/_eeschema.kiface)
==27900== by 0x1E6ECF9D: KIGFX::VIEW::Query(BOX2<VECTOR2<int> > const&, std::vector<std::pair<KIGFX::VIEW_ITEM*, int>, std::allocator<std::pair<KIGFX::VIEW_ITEM*, int> > >&) const (in /home/dinoghi/SANDBOXKICAD5/usr/bin/_eeschema.kiface)
==27900== by 0x1E4EB584: EE_SELECTION_TOOL::selectMultiple() (in /home/dinoghi/SANDBOXKICAD5/usr/bin/_eeschema.kiface)
==27900== by 0x1E4EC75B: EE_SELECTION_TOOL::Main(TOOL_EVENT const&) (in /home/dinoghi/SANDBOXKICAD5/usr/bin/_eeschema.kiface)
==27900== by 0x1E729F5F: COROUTINE<int, TOOL_EVENT const&>::callerStub(long) (in /home/dinoghi/SANDBOXKICAD5/usr/bin/_eeschema.kiface)
==27900== by 0x288B70: make_fcontext (in /home/dinoghi/SANDBOXKICAD5/usr/bin/kicad)
==27900==
==27900== Invalid read of size 4
==27900== at 0x1E4EB5E2: EE_SELECTION_TOOL::selectMultiple() (in /home/dinoghi/SANDBOXKICAD5/usr/bin/_eeschema.kiface)
==27900== by 0x1E4EC75B: EE_SELECTION_TOOL::Main(TOOL_EVENT const&) (in /home/dinoghi/SANDBOXKICAD5/usr/bin/_eeschema.kiface)
==27900== by 0x1E729F5F: COROUTINE<int, TOOL_EVENT const&>::callerStub(long) (in /home/dinoghi/SANDBOXKICAD5/usr/bin/_eeschema.kiface)
==27900== by 0x288B70: make_fcontext (in /home/dinoghi/SANDBOXKICAD5/usr/bin/kicad)
==27900== Address 0x213c7878 is 24 bytes inside a block of size 1,024 free'd
==27900== at 0x4C2D2DB: operator delete(void*) (vg_replace_malloc.c:576)
==27900== by 0x1E4EDF21: void std::vector<std::pair<KIGFX::VIEW_ITEM*, int>, std::allocator<std::pair<KIGFX::VIEW_ITEM*, int> > >::_M_emplace_back_aux<std::pair<KIGFX::VIEW_ITEM*, int> >(std::pair<KIGFX::VIEW_ITEM*, int>&&) (in /home/dinoghi/SANDBOXKICAD5/usr/bin/_eeschema.kiface)
==27900== by 0x1E4EB648: EE_SELECTION_TOOL::selectMultiple() (in /home/dinoghi/SANDBOXKICAD5/usr/bin/_eeschema.kiface)
==27900== by 0x1E4EC75B: EE_SELECTION_TOOL::Main(TOOL_EVENT const&) (in /home/dinoghi/SANDBOXKICAD5/usr/bin/_eeschema.kiface)
==27900== by 0x1E729F5F: COROUTINE<int, TOOL_EVENT const&>::callerStub(long) (in /home/dinoghi/SANDBOXKICAD5/usr/bin/_eeschema.kiface)
==27900== by 0x288B70: make_fcontext (in /home/dinoghi/SANDBOXKICAD5/usr/bin/kicad)
==27900== Block was alloc'd at
==27900== at 0x4C2C21F: operator new(unsigned long) (vg_replace_malloc.c:334)
==27900== by 0x1E4EDEAC: void std::vector<std::pair<KIGFX::VIEW_ITEM*, int>, std::allocator<std::pair<KIGFX::VIEW_ITEM*, int> > >::_M_emplace_back_aux<std::pair<KIGFX::VIEW_ITEM*, int> >(std::pair<KIGFX::VIEW_ITEM*, int>&&) (in /home/dinoghi/SANDBOXKICAD5/usr/bin/_eeschema.kiface)
==27900== by 0x1E6F41C1: bool RTree<KIGFX::VIEW_ITEM*, int, 2, double, 8, 4>::Search<KIGFX::queryVisitor<std::vector<std::pair<KIGFX::VIEW_ITEM*, int>, std::allocator<std::pair<KIGFX::VIEW_ITEM*, int> > > > >(RTree<KIGFX::VIEW_ITEM*, int, 2, double, 8, 4>::Node*, RTree<KIGFX::VIEW_ITEM*, int, 2, double, 8, 4>::Rect*, KIGFX::queryVisitor<std::vector<std::pair<KIGFX::VIEW_ITEM*, int>, std::allocator<std::pair<KIGFX::VIEW_ITEM*, int> > > >&, int&) (in /home/dinoghi/SANDBOXKICAD5/usr/bin/_eeschema.kiface)
==27900== by 0x1E6F40ED: bool RTree<KIGFX::VIEW_ITEM*, int, 2, double, 8, 4>::Search<KIGFX::queryVisitor<std::vector<std::pair<KIGFX::VIEW_ITEM*, int>, std::allocator<std::pair<KIGFX::VIEW_ITEM*, int> > > > >(RTree<KIGFX::VIEW_ITEM*, int, 2, double, 8, 4>::Node*, RTree<KIGFX::VIEW_ITEM*, int, 2, double, 8, 4>::Rect*, KIGFX::queryVisitor<std::vector<std::pair<KIGFX::VIEW_ITEM*, int>, std::allocator<std::pair<KIGFX::VIEW_ITEM*, int> > > >&, int&) (in /home/dinoghi/SANDBOXKICAD5/usr/bin/_eeschema.kiface)
==27900== by 0x1E6ECF9D: KIGFX::VIEW::Query(BOX2<VECTOR2<int> > const&, std::vector<std::pair<KIGFX::VIEW_ITEM*, int>, std::allocator<std::pair<KIGFX::VIEW_ITEM*, int> > >&) const (in /home/dinoghi/SANDBOXKICAD5/usr/bin/_eeschema.kiface)
==27900== by 0x1E4EB584: EE_SELECTION_TOOL::selectMultiple() (in /home/dinoghi/SANDBOXKICAD5/usr/bin/_eeschema.kiface)
==27900== by 0x1E4EC75B: EE_SELECTION_TOOL::Main(TOOL_EVENT const&) (in /home/dinoghi/SANDBOXKICAD5/usr/bin/_eeschema.kiface)
==27900== by 0x1E729F5F: COROUTINE<int, TOOL_EVENT const&>::callerStub(long) (in /home/dinoghi/SANDBOXKICAD5/usr/bin/_eeschema.kiface)
==27900== by 0x288B70: make_fcontext (in /home/dinoghi/SANDBOXKICAD5/usr/bin/kicad)
==27900==

*****************************************************************
I tested this after a make clean, make -j7, so it should not be a dirty build .

Then closing eeschema and exiting

==27900== Process terminating with default action of signal 2 (SIGINT)
==27900== at 0x91DA8BD: ??? (syscall-template.S:84)
==27900== by 0xA7E59F5: ??? (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.5000.3)
==27900== by 0xA7E5D81: g_main_loop_run (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.5000.3)
==27900== by 0x95C93B6: gtk_main (in /usr/lib/x86_64-linux-gnu/libgtk-x11-2.0.so.0.2400.31)
==27900== by 0x5C35E64: wxGUIEventLoop::DoRun() (in /usr/lib/x86_64-linux-gnu/libwx_gtk2u_core-3.0.so.0.2.0)
==27900== by 0x654827A: wxEventLoopBase::Run() (in /usr/lib/x86_64-linux-gnu/libwx_baseu-3.0.so.0.2.0)
==27900== by 0x650D775: wxAppConsoleBase::MainLoop() (in /usr/lib/x86_64-linux-gnu/libwx_baseu-3.0.so.0.2.0)
==27900== by 0x1874F5: ??? (in /home/dinoghi/SANDBOXKICAD5/usr/bin/kicad)
==27900== by 0x6599CCF: wxEntry(int&, wchar_t**) (in /usr/lib/x86_64-linux-gnu/libwx_baseu-3.0.so.0.2.0)
==27900== by 0x163527: ??? (in /home/dinoghi/SANDBOXKICAD5/usr/bin/kicad)
==27900== by 0x911B2E0: (below main) (libc-start.c:291)
==27900==
==27900== HEAP SUMMARY:
==27900== in use at exit: 114,475,083 bytes in 286,457 blocks
==27900== total heap usage: 13,226,066 allocs, 12,939,609 frees, 24,634,071,740 bytes allocated
==27900==
==27900== LEAK SUMMARY:
==27900== definitely lost: 67,745,509 bytes in 1,825 blocks
==27900== indirectly lost: 381,369 bytes in 9,400 blocks
==27900== possibly lost: 1,197,853 bytes in 4,387 blocks
==27900== still reachable: 44,787,280 bytes in 268,178 blocks
==27900== of which reachable via heuristic:
==27900== length64 : 8,880 bytes in 135 blocks
==27900== newarray : 644,472 bytes in 864 blocks
==27900== suppressed: 0 bytes in 0 blocks
==27900== Rerun with --leak-check=full to see details of leaked memory
==27900==
==27900== For counts of detected and suppressed errors, rerun with: -v
==27900== Use --track-origins=yes to see where uninitialised values come from
==27900== ERROR SUMMARY: 275 errors from 5 contexts (suppressed: 0 from 0)

Cheers,
Dino.

-------------------------------------------------------------
-------------------------------------------------------------
Application: Eeschema
Version: (5.99.0-52-gefbc802f4), release build
Libraries:
    wxWidgets 3.0.2
    libcurl/7.52.1 OpenSSL/1.0.2s zlib/1.2.8 libidn2/0.16 libpsl/0.17.0 (+libidn2/0.16) libssh2/1.7.0 nghttp2/1.18.1 librtmp/2.3
Platform: Linux 4.9.0-8-amd64 x86_64, 64 bit, Little endian, wxGTK
Build Info:
    wxWidgets: 3.0.2 (wchar_t,wx containers,compatible with 2.8) GTK+ 2.24
    Boost: 1.69.0
    OpenCASCADE Community Edition: 6.8.0
    Curl: 7.52.1
    Compiler: GCC 6.3.0 with C++ ABI 1010

Build settings:
    KICAD_SCRIPTING=ON
    KICAD_SCRIPTING_MODULES=ON
    KICAD_SCRIPTING_PYTHON3=OFF
    KICAD_SCRIPTING_WXPYTHON=ON
    KICAD_SCRIPTING_WXPYTHON_PHOENIX=OFF
    KICAD_SCRIPTING_ACTION_MENU=ON
    BUILD_GITHUB_PLUGIN=ON
    KICAD_USE_OCE=ON
    KICAD_USE_OCC=OFF
    KICAD_SPICE=ON

Tags:

Revision history for this message

Dino Ghilardi (dino-ghilardi) wrote on 2019-09-03:

Note: selecting the same items in another way does not trigger the segfault (i.e.: instead of selecting with a single block, select using smaller blocks with ctrl pressed does not trigger the segfault)

Revision history for this message

Dino Ghilardi (dino-ghilardi) wrote on 2019-09-03:

Probably related to bug #1841919, but the example file that triggered that bug does not trigger it anymore, so I don't know if it is really the same bug or something else.

Dino Ghilardi (dino-ghilardi) on 2019-09-03

summary:

- eeschema segfault on multiple selection
+ eeschema segfault on block select (2)

Revision history for this message

Jeff Young (jeyjey) wrote on 2019-09-03:

Related but not the same. (We were making the same mistake but in a different section of the code.)

Changed in kicad:
assignee:	nobody → Jeff Young (jeyjey)
status:	New → In Progress

Revision history for this message

KiCad Janitor (kicad-janitor) wrote on 2019-09-03:

Fixed in revision 54a85cfaa2c5d5ad87594c1b74e19d93dc59f2c4
https://git.launchpad.net/kicad/patch/?id=54a85cfaa2c5d5ad87594c1b74e19d93dc59f2c4

Changed in kicad:
status:	In Progress → Fix Committed

Revision history for this message

Jeff Young (jeyjey) wrote on 2019-09-03:

@Dino, let me know if this fixes your case....

Revision history for this message

Dino Ghilardi (dino-ghilardi) wrote on 2019-09-03:

Download full text (13.4 KiB)

Commit d4aa502be1e6b0fa3d9be504f6ab06e79edbc3df still crashes.
--------------------------------------------------------
running in gdb:

Thread 1 "kicad" received signal SIGSEGV, Segmentation fault.
0x00007ffff42db930 in __dynamic_cast () from /usr/lib/x86_64-linux-gnu/libstdc++.so.6
(gdb) backtrace
#0 0x00007ffff42db930 in __dynamic_cast () from /usr/lib/x86_64-linux-gnu/libstdc++.so.6
#1 0x00007fffe0c44745 in EE_SELECTION_TOOL::selectMultiple() () from /home/dinoghi/SANDBOXKICAD5/usr/bin/_eeschema.kiface
#2 0x00007fffe0c458ec in EE_SELECTION_TOOL::Main(TOOL_EVENT const&) () from /home/dinoghi/SANDBOXKICAD5/usr/bin/_eeschema.kiface
#3 0x00007fffe0e830f0 in COROUTINE<int, TOOL_EVENT const&>::callerStub(long) ()
from /home/dinoghi/SANDBOXKICAD5/usr/bin/_eeschema.kiface
#4 0x00005555556d4b71 in make_fcontext ()
#5 0x0000000000000000 in ?? ()

----------------------------------------------------------------------
running with valgrind:

==21607== Memcheck, a memory error detector
==21607== Copyright (C) 2002-2015, and GNU GPL'd, by Julian Seward et al.
==21607== Using Valgrind-3.12.0.SVN and LibVEX; rerun with -h for copyright info
==21607== Command: ../../usr/bin/kicad
==21607==
==21607== Conditional jump or move depends on uninitialised value(s)
==21607== at 0x17A1A259: ??? (in /usr/lib/x86_64-linux-gnu/gtk-2.0/2.10.0/engines/libpixmap.so)
==21607== by 0x17A1B047: ??? (in /usr/lib/x86_64-linux-gnu/gtk-2.0/2.10.0/engines/libpixmap.so)
==21607== by 0x17A1B0F2: ??? (in /usr/lib/x86_64-linux-gnu/gtk-2.0/2.10.0/engines/libpixmap.so)
==21607== by 0x17A17E09: ??? (in /usr/lib/x86_64-linux-gnu/gtk-2.0/2.10.0/engines/libpixmap.so)
==21607== by 0x17A18F9A: ??? (in /usr/lib/x86_64-linux-gnu/gtk-2.0/2.10.0/engines/libpixmap.so)
==21607== by 0x960B552: ??? (in /usr/lib/x86_64-linux-gnu/libgtk-x11-2.0.so.0.2400.31)
==21607== by 0x95CB7BB: ??? (in /usr/lib/x86_64-linux-gnu/libgtk-x11-2.0.so.0.2400.31)
==21607== by 0x9DA7ECE: g_closure_invoke (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==21607== by 0x9DBA37C: ??? (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==21607== by 0x9DC267E: g_signal_emit_valist (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==21607== by 0x9DC2FBE: g_signal_emit (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==21607== by 0x96E38AB: ??? (in /usr/lib/x86_64-linux-gnu/libgtk-x11-2.0.so.0.2400.31)
==21607==
==21607== Conditional jump or move depends on uninitialised value(s)
==21607== at 0x4C32EA6: rawmemchr (vg_replace_strmem.c:1402)
==21607== by 0x91713C1: _IO_str_init_static_internal (strops.c:41)
==21607== by 0x9164B96: vsscanf (iovsscanf.c:40)
==21607== by 0x915F306: sscanf (sscanf.c:32)
==21607== by 0xE5E7E4A: ??? (in /usr/lib/x86_64-linux-gnu/libdrm.so.2.4.0)
==21607== by 0xE5E8182: ??? (in /usr/lib/x86_64-linux-gnu/libdrm.so.2.4.0)
==21607== by 0xE5EBBF8: drmGetDevice (in /usr/lib/x86_64-linux-gnu/libdrm.so.2.4.0)
==21607== by 0x7A952D6: ??? (in /usr/lib/mesa-diverted/x86_64-linux-gnu/libGL.so.1.2.0)
==21607== by 0x7A94694: ??? (in /usr/lib/mesa-diverted/x86_64-linux-gnu/libGL.so.1.2.0)
==21607== by 0x7A689...

Commit d4aa502be1e6b0fa3d9be504f6ab06e79edbc3df still crashes. 
--------------------------------------------------------
running in gdb:

Thread 1 "kicad" received signal SIGSEGV, Segmentation fault.
0x00007ffff42db930 in __dynamic_cast () from /usr/lib/x86_64-linux-gnu/libstdc++.so.6
(gdb) backtrace
#0  0x00007ffff42db930 in __dynamic_cast () from /usr/lib/x86_64-linux-gnu/libstdc++.so.6
#1  0x00007fffe0c44745 in EE_SELECTION_TOOL::selectMultiple() () from /home/dinoghi/SANDBOXKICAD5/usr/bin/_eeschema.kiface
#2  0x00007fffe0c458ec in EE_SELECTION_TOOL::Main(TOOL_EVENT const&) () from /home/dinoghi/SANDBOXKICAD5/usr/bin/_eeschema.kiface
#3  0x00007fffe0e830f0 in COROUTINE<int, TOOL_EVENT const&>::callerStub(long) ()
   from /home/dinoghi/SANDBOXKICAD5/usr/bin/_eeschema.kiface
#4  0x00005555556d4b71 in make_fcontext ()
#5  0x0000000000000000 in ?? ()

----------------------------------------------------------------------
running with  valgrind:

==21607== Memcheck, a memory error detector
==21607== Copyright (C) 2002-2015, and GNU GPL'd, by Julian Seward et al.
==21607== Using Valgrind-3.12.0.SVN and LibVEX; rerun with -h for copyright info
==21607== Command: ../../usr/bin/kicad
==21607== 
==21607== Conditional jump or move depends on uninitialised value(s)
==21607==    at 0x17A1A259: ??? (in /usr/lib/x86_64-linux-gnu/gtk-2.0/2.10.0/engines/libpixmap.so)
==21607==    by 0x17A1B047: ??? (in /usr/lib/x86_64-linux-gnu/gtk-2.0/2.10.0/engines/libpixmap.so)
==21607==    by 0x17A1B0F2: ??? (in /usr/lib/x86_64-linux-gnu/gtk-2.0/2.10.0/engines/libpixmap.so)
==21607==    by 0x17A17E09: ??? (in /usr/lib/x86_64-linux-gnu/gtk-2.0/2.10.0/engines/libpixmap.so)
==21607==    by 0x17A18F9A: ??? (in /usr/lib/x86_64-linux-gnu/gtk-2.0/2.10.0/engines/libpixmap.so)
==21607==    by 0x960B552: ??? (in /usr/lib/x86_64-linux-gnu/libgtk-x11-2.0.so.0.2400.31)
==21607==    by 0x95CB7BB: ??? (in /usr/lib/x86_64-linux-gnu/libgtk-x11-2.0.so.0.2400.31)
==21607==    by 0x9DA7ECE: g_closure_invoke (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==21607==    by 0x9DBA37C: ??? (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==21607==    by 0x9DC267E: g_signal_emit_valist (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==21607==    by 0x9DC2FBE: g_signal_emit (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==21607==    by 0x96E38AB: ??? (in /usr/lib/x86_64-linux-gnu/libgtk-x11-2.0.so.0.2400.31)
==21607== 
==21607== Conditional jump or move depends on uninitialised value(s)
==21607==    at 0x4C32EA6: rawmemchr (vg_replace_strmem.c:1402)
==21607==    by 0x91713C1: _IO_str_init_static_internal (strops.c:41)
==21607==    by 0x9164B96: vsscanf (iovsscanf.c:40)
==21607==    by 0x915F306: sscanf (sscanf.c:32)
==21607==    by 0xE5E7E4A: ??? (in /usr/lib/x86_64-linux-gnu/libdrm.so.2.4.0)
==21607==    by 0xE5E8182: ??? (in /usr/lib/x86_64-linux-gnu/libdrm.so.2.4.0)
==21607==    by 0xE5EBBF8: drmGetDevice (in /usr/lib/x86_64-linux-gnu/libdrm.so.2.4.0)
==21607==    by 0x7A952D6: ??? (in /usr/lib/mesa-diverted/x86_64-linux-gnu/libGL.so.1.2.0)
==21607==    by 0x7A94694: ??? (in /usr/lib/mesa-diverted/x86_64-linux-gnu/libGL.so.1.2.0)
==21607==    by 0x7A68988: ??? (in /usr/lib/mesa-diverted/x86_64-linux-gnu/libGL.so.1.2.0)
==21607==    by 0x7A63F10: glXQueryVersion (in /usr/lib/mesa-diverted/x86_64-linux-gnu/libGL.so.1.2.0)
==21607==    by 0x4E47556: wxGLCanvasX11::GetGLXVersion() (in /usr/lib/x86_64-linux-gnu/libwx_gtk2u_gl-3.0.so.0.2.0)
==21607==

******Here I select and eeschema crashes*****

==21607== Invalid read of size 8
==21607==    at 0x1E56B724: EE_SELECTION_TOOL::selectMultiple() (in /home/dinoghi/SANDBOXKICAD5/usr/bin/_eeschema.kiface)
==21607==    by 0x1E56C8EB: EE_SELECTION_TOOL::Main(TOOL_EVENT const&) (in /home/dinoghi/SANDBOXKICAD5/usr/bin/_eeschema.kiface)
==21607==    by 0x1E7AA0EF: COROUTINE<int, TOOL_EVENT const&>::callerStub(long) (in /home/dinoghi/SANDBOXKICAD5/usr/bin/_eeschema.kiface)
==21607==    by 0x288B70: make_fcontext (in /home/dinoghi/SANDBOXKICAD5/usr/bin/kicad)
==21607==  Address 0x21330490 is 16 bytes inside a block of size 1,024 free'd
==21607==    at 0x4C2D2DB: operator delete(void*) (vg_replace_malloc.c:576)
==21607==    by 0x1E56E0B1: void std::vector<std::pair<KIGFX::VIEW_ITEM*, int>, std::allocator<std::pair<KIGFX::VIEW_ITEM*, int> > >::_M_emplace_back_aux<std::pair<KIGFX::VIEW_ITEM*, int> >(std::pair<KIGFX::VIEW_ITEM*, int>&&) (in /home/dinoghi/SANDBOXKICAD5/usr/bin/_eeschema.kiface)
==21607==    by 0x1E56B7C9: EE_SELECTION_TOOL::selectMultiple() (in /home/dinoghi/SANDBOXKICAD5/usr/bin/_eeschema.kiface)
==21607==    by 0x1E56C8EB: EE_SELECTION_TOOL::Main(TOOL_EVENT const&) (in /home/dinoghi/SANDBOXKICAD5/usr/bin/_eeschema.kiface)
==21607==    by 0x1E7AA0EF: COROUTINE<int, TOOL_EVENT const&>::callerStub(long) (in /home/dinoghi/SANDBOXKICAD5/usr/bin/_eeschema.kiface)
==21607==    by 0x288B70: make_fcontext (in /home/dinoghi/SANDBOXKICAD5/usr/bin/kicad)
==21607==  Block was alloc'd at
==21607==    at 0x4C2C21F: operator new(unsigned long) (vg_replace_malloc.c:334)
==21607==    by 0x1E56E03C: void std::vector<std::pair<KIGFX::VIEW_ITEM*, int>, std::allocator<std::pair<KIGFX::VIEW_ITEM*, int> > >::_M_emplace_back_aux<std::pair<KIGFX::VIEW_ITEM*, int> >(std::pair<KIGFX::VIEW_ITEM*, int>&&) (in /home/dinoghi/SANDBOXKICAD5/usr/bin/_eeschema.kiface)
==21607==    by 0x1E774351: bool RTree<KIGFX::VIEW_ITEM*, int, 2, double, 8, 4>::Search<KIGFX::queryVisitor<std::vector<std::pair<KIGFX::VIEW_ITEM*, int>, std::allocator<std::pair<KIGFX::VIEW_ITEM*, int> > > > >(RTree<KIGFX::VIEW_ITEM*, int, 2, double, 8, 4>::Node*, RTree<KIGFX::VIEW_ITEM*, int, 2, double, 8, 4>::Rect*, KIGFX::queryVisitor<std::vector<std::pair<KIGFX::VIEW_ITEM*, int>, std::allocator<std::pair<KIGFX::VIEW_ITEM*, int> > > >&, int&) (in /home/dinoghi/SANDBOXKICAD5/usr/bin/_eeschema.kiface)
==21607==    by 0x1E77427D: bool RTree<KIGFX::VIEW_ITEM*, int, 2, double, 8, 4>::Search<KIGFX::queryVisitor<std::vector<std::pair<KIGFX::VIEW_ITEM*, int>, std::allocator<std::pair<KIGFX::VIEW_ITEM*, int> > > > >(RTree<KIGFX::VIEW_ITEM*, int, 2, double, 8, 4>::Node*, RTree<KIGFX::VIEW_ITEM*, int, 2, double, 8, 4>::Rect*, KIGFX::queryVisitor<std::vector<std::pair<KIGFX::VIEW_ITEM*, int>, std::allocator<std::pair<KIGFX::VIEW_ITEM*, int> > > >&, int&) (in /home/dinoghi/SANDBOXKICAD5/usr/bin/_eeschema.kiface)
==21607==    by 0x1E77427D: bool RTree<KIGFX::VIEW_ITEM*, int, 2, double, 8, 4>::Search<KIGFX::queryVisitor<std::vector<std::pair<KIGFX::VIEW_ITEM*, int>, std::allocator<std::pair<KIGFX::VIEW_ITEM*, int> > > > >(RTree<KIGFX::VIEW_ITEM*, int, 2, double, 8, 4>::Node*, RTree<KIGFX::VIEW_ITEM*, int, 2, double, 8, 4>::Rect*, KIGFX::queryVisitor<std::vector<std::pair<KIGFX::VIEW_ITEM*, int>, std::allocator<std::pair<KIGFX::VIEW_ITEM*, int> > > >&, int&) (in /home/dinoghi/SANDBOXKICAD5/usr/bin/_eeschema.kiface)
==21607==    by 0x1E76D12D: KIGFX::VIEW::Query(BOX2<VECTOR2<int> > const&, std::vector<std::pair<KIGFX::VIEW_ITEM*, int>, std::allocator<std::pair<KIGFX::VIEW_ITEM*, int> > >&) const (in /home/dinoghi/SANDBOXKICAD5/usr/bin/_eeschema.kiface)
==21607==    by 0x1E56B6FC: EE_SELECTION_TOOL::selectMultiple() (in /home/dinoghi/SANDBOXKICAD5/usr/bin/_eeschema.kiface)
==21607==    by 0x1E56C8EB: EE_SELECTION_TOOL::Main(TOOL_EVENT const&) (in /home/dinoghi/SANDBOXKICAD5/usr/bin/_eeschema.kiface)
==21607==    by 0x1E7AA0EF: COROUTINE<int, TOOL_EVENT const&>::callerStub(long) (in /home/dinoghi/SANDBOXKICAD5/usr/bin/_eeschema.kiface)
==21607==    by 0x288B70: make_fcontext (in /home/dinoghi/SANDBOXKICAD5/usr/bin/kicad)
==21607== 
==21607== Invalid read of size 4
==21607==    at 0x1E56B763: EE_SELECTION_TOOL::selectMultiple() (in /home/dinoghi/SANDBOXKICAD5/usr/bin/_eeschema.kiface)
==21607==    by 0x1E56C8EB: EE_SELECTION_TOOL::Main(TOOL_EVENT const&) (in /home/dinoghi/SANDBOXKICAD5/usr/bin/_eeschema.kiface)
==21607==    by 0x1E7AA0EF: COROUTINE<int, TOOL_EVENT const&>::callerStub(long) (in /home/dinoghi/SANDBOXKICAD5/usr/bin/_eeschema.kiface)
==21607==    by 0x288B70: make_fcontext (in /home/dinoghi/SANDBOXKICAD5/usr/bin/kicad)
==21607==  Address 0x213305f8 is 376 bytes inside a block of size 1,024 free'd
==21607==    at 0x4C2D2DB: operator delete(void*) (vg_replace_malloc.c:576)
==21607==    by 0x1E56E0B1: void std::vector<std::pair<KIGFX::VIEW_ITEM*, int>, std::allocator<std::pair<KIGFX::VIEW_ITEM*, int> > >::_M_emplace_back_aux<std::pair<KIGFX::VIEW_ITEM*, int> >(std::pair<KIGFX::VIEW_ITEM*, int>&&) (in /home/dinoghi/SANDBOXKICAD5/usr/bin/_eeschema.kiface)
==21607==    by 0x1E56B7C9: EE_SELECTION_TOOL::selectMultiple() (in /home/dinoghi/SANDBOXKICAD5/usr/bin/_eeschema.kiface)
==21607==    by 0x1E56C8EB: EE_SELECTION_TOOL::Main(TOOL_EVENT const&) (in /home/dinoghi/SANDBOXKICAD5/usr/bin/_eeschema.kiface)
==21607==    by 0x1E7AA0EF: COROUTINE<int, TOOL_EVENT const&>::callerStub(long) (in /home/dinoghi/SANDBOXKICAD5/usr/bin/_eeschema.kiface)
==21607==    by 0x288B70: make_fcontext (in /home/dinoghi/SANDBOXKICAD5/usr/bin/kicad)
==21607==  Block was alloc'd at
==21607==    at 0x4C2C21F: operator new(unsigned long) (vg_replace_malloc.c:334)
==21607==    by 0x1E56E03C: void std::vector<std::pair<KIGFX::VIEW_ITEM*, int>, std::allocator<std::pair<KIGFX::VIEW_ITEM*, int> > >::_M_emplace_back_aux<std::pair<KIGFX::VIEW_ITEM*, int> >(std::pair<KIGFX::VIEW_ITEM*, int>&&) (in /home/dinoghi/SANDBOXKICAD5/usr/bin/_eeschema.kiface)
==21607==    by 0x1E774351: bool RTree<KIGFX::VIEW_ITEM*, int, 2, double, 8, 4>::Search<KIGFX::queryVisitor<std::vector<std::pair<KIGFX::VIEW_ITEM*, int>, std::allocator<std::pair<KIGFX::VIEW_ITEM*, int> > > > >(RTree<KIGFX::VIEW_ITEM*, int, 2, double, 8, 4>::Node*, RTree<KIGFX::VIEW_ITEM*, int, 2, double, 8, 4>::Rect*, KIGFX::queryVisitor<std::vector<std::pair<KIGFX::VIEW_ITEM*, int>, std::allocator<std::pair<KIGFX::VIEW_ITEM*, int> > > >&, int&) (in /home/dinoghi/SANDBOXKICAD5/usr/bin/_eeschema.kiface)
==21607==    by 0x1E77427D: bool RTree<KIGFX::VIEW_ITEM*, int, 2, double, 8, 4>::Search<KIGFX::queryVisitor<std::vector<std::pair<KIGFX::VIEW_ITEM*, int>, std::allocator<std::pair<KIGFX::VIEW_ITEM*, int> > > > >(RTree<KIGFX::VIEW_ITEM*, int, 2, double, 8, 4>::Node*, RTree<KIGFX::VIEW_ITEM*, int, 2, double, 8, 4>::Rect*, KIGFX::queryVisitor<std::vector<std::pair<KIGFX::VIEW_ITEM*, int>, std::allocator<std::pair<KIGFX::VIEW_ITEM*, int> > > >&, int&) (in /home/dinoghi/SANDBOXKICAD5/usr/bin/_eeschema.kiface)
==21607==    by 0x1E77427D: bool RTree<KIGFX::VIEW_ITEM*, int, 2, double, 8, 4>::Search<KIGFX::queryVisitor<std::vector<std::pair<KIGFX::VIEW_ITEM*, int>, std::allocator<std::pair<KIGFX::VIEW_ITEM*, int> > > > >(RTree<KIGFX::VIEW_ITEM*, int, 2, double, 8, 4>::Node*, RTree<KIGFX::VIEW_ITEM*, int, 2, double, 8, 4>::Rect*, KIGFX::queryVisitor<std::vector<std::pair<KIGFX::VIEW_ITEM*, int>, std::allocator<std::pair<KIGFX::VIEW_ITEM*, int> > > >&, int&) (in /home/dinoghi/SANDBOXKICAD5/usr/bin/_eeschema.kiface)
==21607==    by 0x1E76D12D: KIGFX::VIEW::Query(BOX2<VECTOR2<int> > const&, std::vector<std::pair<KIGFX::VIEW_ITEM*, int>, std::allocator<std::pair<KIGFX::VIEW_ITEM*, int> > >&) const (in /home/dinoghi/SANDBOXKICAD5/usr/bin/_eeschema.kiface)
==21607==    by 0x1E56B6FC: EE_SELECTION_TOOL::selectMultiple() (in /home/dinoghi/SANDBOXKICAD5/usr/bin/_eeschema.kiface)
==21607==    by 0x1E56C8EB: EE_SELECTION_TOOL::Main(TOOL_EVENT const&) (in /home/dinoghi/SANDBOXKICAD5/usr/bin/_eeschema.kiface)
==21607==    by 0x1E7AA0EF: COROUTINE<int, TOOL_EVENT const&>::callerStub(long) (in /home/dinoghi/SANDBOXKICAD5/usr/bin/_eeschema.kiface)
==21607==    by 0x288B70: make_fcontext (in /home/dinoghi/SANDBOXKICAD5/usr/bin/kicad)
==21607==

****************************************************

==21607== 
==21607== HEAP SUMMARY:
==21607==     in use at exit: 41,437,845 bytes in 43,163 blocks
==21607==   total heap usage: 7,018,030 allocs, 6,974,867 frees, 21,427,406,671 bytes allocated
==21607== 
==21607== LEAK SUMMARY:
==21607==    definitely lost: 34,062,240 bytes in 1,427 blocks
==21607==    indirectly lost: 328,049 bytes in 7,055 blocks
==21607==      possibly lost: 4,715,238 bytes in 3,785 blocks
==21607==    still reachable: 2,161,182 bytes in 29,763 blocks
==21607==                       of which reachable via heuristic:
==21607==                         length64           : 7,616 bytes in 116 blocks
==21607==                         newarray           : 2,144 bytes in 54 blocks
==21607==         suppressed: 0 bytes in 0 blocks
==21607== Rerun with --leak-check=full to see details of leaked memory
==21607== 
==21607== For counts of detected and suppressed errors, rerun with: -v
==21607== Use --track-origins=yes to see where uninitialised values come from
==21607== ERROR SUMMARY: 62 errors from 4 contexts (suppressed: 0 from 0)

--------------------------------------------------------------------------------
Application: Eeschema
Version: (5.99.0-58-gd4aa502be), release build
Libraries:
    wxWidgets 3.0.2
    libcurl/7.52.1 OpenSSL/1.0.2s zlib/1.2.8 libidn2/0.16 libpsl/0.17.0 (+libidn2/0.16) libssh2/1.7.0 nghttp2/1.18.1 librtmp/2.3
Platform: Linux 4.9.0-8-amd64 x86_64, 64 bit, Little endian, wxGTK
Build Info:
    wxWidgets: 3.0.2 (wchar_t,wx containers,compatible with 2.8) GTK+ 2.24
    Boost: 1.69.0
    OpenCASCADE Community Edition: 6.8.0
    Curl: 7.52.1
    Compiler: GCC 6.3.0 with C++ ABI 1010

Revision history for this message

Dino Ghilardi (dino-ghilardi) wrote on 2019-09-03:

Screen grab of the selection that crashes. Edit (62.9 KiB, image/png)

Here attached an image of the selection, in case it is useful.
Selecting some other absolutly similar parts of the schematic (other hierarchical pins+labels+wires) do not crash the program.

Revision history for this message

Seth Hillbrand (sethh) wrote on 2019-09-03:

Since this requires a specific selection, could you attach the schematic for which it crashes?

Revision history for this message

Jeff Young (jeyjey) wrote on 2019-09-03:

@Dino, in the meantime there are new bits up for you to test. ;)

Michael Kavanagh (michaelkavanagh) on 2019-09-03

Changed in kicad:
milestone:	none → 6.0.0-rc1

Revision history for this message

Dino Ghilardi (dino-ghilardi) wrote on 2019-09-04:

#10

kicad project with the crash on select. Edit (14.8 KiB, application/zip)

Here it is a schematic that crashes, selecting the box marked as "select this box".

Still crashes on commit c8a6878eb8de4d9b135b70ef4773b8a9f3c4af4c

Revision history for this message

Dino Ghilardi (dino-ghilardi) wrote on 2019-09-04:

#11

Download full text (12.5 KiB)

Still crashes on commit c8a6878eb8de4d9b135b70ef4773b8a9f3c4af4c.

P.S.: the file attached before is not the one on which I had the crash first, but a simpler one that still crashes (less sheets etc).

Running with valgrind (on the big schematic):

==28614== Memcheck, a memory error detector
==28614== Copyright (C) 2002-2015, and GNU GPL'd, by Julian Seward et al.
==28614== Using Valgrind-3.12.0.SVN and LibVEX; rerun with -h for copyright info
==28614== Command: ../../usr/bin/kicad
==28614==
==28614== Conditional jump or move depends on uninitialised value(s)
==28614== at 0x17A1A259: ??? (in /usr/lib/x86_64-linux-gnu/gtk-2.0/2.10.0/engines/libpixmap.so)
==28614== by 0x17A1B047: ??? (in /usr/lib/x86_64-linux-gnu/gtk-2.0/2.10.0/engines/libpixmap.so)
==28614== by 0x17A1B0F2: ??? (in /usr/lib/x86_64-linux-gnu/gtk-2.0/2.10.0/engines/libpixmap.so)
==28614== by 0x17A17E09: ??? (in /usr/lib/x86_64-linux-gnu/gtk-2.0/2.10.0/engines/libpixmap.so)
==28614== by 0x17A18F9A: ??? (in /usr/lib/x86_64-linux-gnu/gtk-2.0/2.10.0/engines/libpixmap.so)
==28614== by 0x960B552: ??? (in /usr/lib/x86_64-linux-gnu/libgtk-x11-2.0.so.0.2400.31)
==28614== by 0x95CB7BB: ??? (in /usr/lib/x86_64-linux-gnu/libgtk-x11-2.0.so.0.2400.31)
==28614== by 0x9DA7ECE: g_closure_invoke (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==28614== by 0x9DBA37C: ??? (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==28614== by 0x9DC267E: g_signal_emit_valist (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==28614== by 0x9DC2FBE: g_signal_emit (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==28614== by 0x96E38AB: ??? (in /usr/lib/x86_64-linux-gnu/libgtk-x11-2.0.so.0.2400.31)
==28614==
==28614== Conditional jump or move depends on uninitialised value(s)
==28614== at 0x4C32EA6: rawmemchr (vg_replace_strmem.c:1402)
==28614== by 0x91713C1: _IO_str_init_static_internal (strops.c:41)
==28614== by 0x9164B96: vsscanf (iovsscanf.c:40)
==28614== by 0x915F306: sscanf (sscanf.c:32)
==28614== by 0xE5E7E4A: ??? (in /usr/lib/x86_64-linux-gnu/libdrm.so.2.4.0)
==28614== by 0xE5E8182: ??? (in /usr/lib/x86_64-linux-gnu/libdrm.so.2.4.0)
==28614== by 0xE5EBBF8: drmGetDevice (in /usr/lib/x86_64-linux-gnu/libdrm.so.2.4.0)
==28614== by 0x7A952D6: ??? (in /usr/lib/mesa-diverted/x86_64-linux-gnu/libGL.so.1.2.0)
==28614== by 0x7A94694: ??? (in /usr/lib/mesa-diverted/x86_64-linux-gnu/libGL.so.1.2.0)
==28614== by 0x7A68988: ??? (in /usr/lib/mesa-diverted/x86_64-linux-gnu/libGL.so.1.2.0)
==28614== by 0x7A63F10: glXQueryVersion (in /usr/lib/mesa-diverted/x86_64-linux-gnu/libGL.so.1.2.0)
==28614== by 0x4E47556: wxGLCanvasX11::GetGLXVersion() (in /usr/lib/x86_64-linux-gnu/libwx_gtk2u_gl-3.0.so.0.2.0)

Still crashes on commit c8a6878eb8de4d9b135b70ef4773b8a9f3c4af4c.

P.S.: the file attached before is not the one on which I had the crash first, but a simpler one that still crashes (less sheets etc).

Running with valgrind (on the big schematic):

==28614== Memcheck, a memory error detector
==28614== Copyright (C) 2002-2015, and GNU GPL'd, by Julian Seward et al.
==28614== Using Valgrind-3.12.0.SVN and LibVEX; rerun with -h for copyright info
==28614== Command: ../../usr/bin/kicad
==28614== 
==28614== Conditional jump or move depends on uninitialised value(s)
==28614==    at 0x17A1A259: ??? (in /usr/lib/x86_64-linux-gnu/gtk-2.0/2.10.0/engines/libpixmap.so)
==28614==    by 0x17A1B047: ??? (in /usr/lib/x86_64-linux-gnu/gtk-2.0/2.10.0/engines/libpixmap.so)
==28614==    by 0x17A1B0F2: ??? (in /usr/lib/x86_64-linux-gnu/gtk-2.0/2.10.0/engines/libpixmap.so)
==28614==    by 0x17A17E09: ??? (in /usr/lib/x86_64-linux-gnu/gtk-2.0/2.10.0/engines/libpixmap.so)
==28614==    by 0x17A18F9A: ??? (in /usr/lib/x86_64-linux-gnu/gtk-2.0/2.10.0/engines/libpixmap.so)
==28614==    by 0x960B552: ??? (in /usr/lib/x86_64-linux-gnu/libgtk-x11-2.0.so.0.2400.31)
==28614==    by 0x95CB7BB: ??? (in /usr/lib/x86_64-linux-gnu/libgtk-x11-2.0.so.0.2400.31)
==28614==    by 0x9DA7ECE: g_closure_invoke (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==28614==    by 0x9DBA37C: ??? (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==28614==    by 0x9DC267E: g_signal_emit_valist (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==28614==    by 0x9DC2FBE: g_signal_emit (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==28614==    by 0x96E38AB: ??? (in /usr/lib/x86_64-linux-gnu/libgtk-x11-2.0.so.0.2400.31)
==28614== 
==28614== Conditional jump or move depends on uninitialised value(s)
==28614==    at 0x4C32EA6: rawmemchr (vg_replace_strmem.c:1402)
==28614==    by 0x91713C1: _IO_str_init_static_internal (strops.c:41)
==28614==    by 0x9164B96: vsscanf (iovsscanf.c:40)
==28614==    by 0x915F306: sscanf (sscanf.c:32)
==28614==    by 0xE5E7E4A: ??? (in /usr/lib/x86_64-linux-gnu/libdrm.so.2.4.0)
==28614==    by 0xE5E8182: ??? (in /usr/lib/x86_64-linux-gnu/libdrm.so.2.4.0)
==28614==    by 0xE5EBBF8: drmGetDevice (in /usr/lib/x86_64-linux-gnu/libdrm.so.2.4.0)
==28614==    by 0x7A952D6: ??? (in /usr/lib/mesa-diverted/x86_64-linux-gnu/libGL.so.1.2.0)
==28614==    by 0x7A94694: ??? (in /usr/lib/mesa-diverted/x86_64-linux-gnu/libGL.so.1.2.0)
==28614==    by 0x7A68988: ??? (in /usr/lib/mesa-diverted/x86_64-linux-gnu/libGL.so.1.2.0)
==28614==    by 0x7A63F10: glXQueryVersion (in /usr/lib/mesa-diverted/x86_64-linux-gnu/libGL.so.1.2.0)
==28614==    by 0x4E47556: wxGLCanvasX11::GetGLXVersion() (in /usr/lib/x86_64-linux-gnu/libwx_gtk2u_gl-3.0.so.0.2.0)

==28614== 
==28614== Invalid read of size 8
==28614==    at 0x1E56CD60: EE_SELECTION_TOOL::selectMultiple() (in /home/dinoghi/SANDBOXKICAD5/usr/bin/_eeschema.kiface)
==28614==    by 0x1E56DF1B: EE_SELECTION_TOOL::Main(TOOL_EVENT const&) (in /home/dinoghi/SANDBOXKICAD5/usr/bin/_eeschema.kiface)
==28614==    by 0x1E7ADF2F: COROUTINE<int, TOOL_EVENT const&>::callerStub(long) (in /home/dinoghi/SANDBOXKICAD5/usr/bin/_eeschema.kiface)
==28614==    by 0x289550: make_fcontext (in /home/dinoghi/SANDBOXKICAD5/usr/bin/kicad)
==28614==  Address 0x21148180 is 16 bytes inside a block of size 1,024 free'd
==28614==    at 0x4C2D2DB: operator delete(void*) (vg_replace_malloc.c:576)
==28614==    by 0x1E56F6E9: void std::vector<std::pair<KIGFX::VIEW_ITEM*, int>, std::allocator<std::pair<KIGFX::VIEW_ITEM*, int> > >::_M_emplace_back_aux<SCH_SHEET_PIN*, int&>(SCH_SHEET_PIN*&&, int&) (in /home/dinoghi/SANDBOXKICAD5/usr/bin/_eeschema.kiface)
==28614==    by 0x1E56CDF0: EE_SELECTION_TOOL::selectMultiple() (in /home/dinoghi/SANDBOXKICAD5/usr/bin/_eeschema.kiface)
==28614==    by 0x1E56DF1B: EE_SELECTION_TOOL::Main(TOOL_EVENT const&) (in /home/dinoghi/SANDBOXKICAD5/usr/bin/_eeschema.kiface)
==28614==    by 0x1E7ADF2F: COROUTINE<int, TOOL_EVENT const&>::callerStub(long) (in /home/dinoghi/SANDBOXKICAD5/usr/bin/_eeschema.kiface)
==28614==    by 0x289550: make_fcontext (in /home/dinoghi/SANDBOXKICAD5/usr/bin/kicad)
==28614==  Block was alloc'd at
==28614==    at 0x4C2C21F: operator new(unsigned long) (vg_replace_malloc.c:334)
==28614==    by 0x1E777F0C: void std::vector<std::pair<KIGFX::VIEW_ITEM*, int>, std::allocator<std::pair<KIGFX::VIEW_ITEM*, int> > >::_M_emplace_back_aux<std::pair<KIGFX::VIEW_ITEM*, int> >(std::pair<KIGFX::VIEW_ITEM*, int>&&) (in /home/dinoghi/SANDBOXKICAD5/usr/bin/_eeschema.kiface)
==28614==    by 0x1E778111: bool RTree<KIGFX::VIEW_ITEM*, int, 2, double, 8, 4>::Search<KIGFX::queryVisitor<std::vector<std::pair<KIGFX::VIEW_ITEM*, int>, std::allocator<std::pair<KIGFX::VIEW_ITEM*, int> > > > >(RTree<KIGFX::VIEW_ITEM*, int, 2, double, 8, 4>::Node*, RTree<KIGFX::VIEW_ITEM*, int, 2, double, 8, 4>::Rect*, KIGFX::queryVisitor<std::vector<std::pair<KIGFX::VIEW_ITEM*, int>, std::allocator<std::pair<KIGFX::VIEW_ITEM*, int> > > >&, int&) (in /home/dinoghi/SANDBOXKICAD5/usr/bin/_eeschema.kiface)
==28614==    by 0x1E77803D: bool RTree<KIGFX::VIEW_ITEM*, int, 2, double, 8, 4>::Search<KIGFX::queryVisitor<std::vector<std::pair<KIGFX::VIEW_ITEM*, int>, std::allocator<std::pair<KIGFX::VIEW_ITEM*, int> > > > >(RTree<KIGFX::VIEW_ITEM*, int, 2, double, 8, 4>::Node*, RTree<KIGFX::VIEW_ITEM*, int, 2, double, 8, 4>::Rect*, KIGFX::queryVisitor<std::vector<std::pair<KIGFX::VIEW_ITEM*, int>, std::allocator<std::pair<KIGFX::VIEW_ITEM*, int> > > >&, int&) (in /home/dinoghi/SANDBOXKICAD5/usr/bin/_eeschema.kiface)
==28614==    by 0x1E77803D: bool RTree<KIGFX::VIEW_ITEM*, int, 2, double, 8, 4>::Search<KIGFX::queryVisitor<std::vector<std::pair<KIGFX::VIEW_ITEM*, int>, std::allocator<std::pair<KIGFX::VIEW_ITEM*, int> > > > >(RTree<KIGFX::VIEW_ITEM*, int, 2, double, 8, 4>::Node*, RTree<KIGFX::VIEW_ITEM*, int, 2, double, 8, 4>::Rect*, KIGFX::queryVisitor<std::vector<std::pair<KIGFX::VIEW_ITEM*, int>, std::allocator<std::pair<KIGFX::VIEW_ITEM*, int> > > >&, int&) (in /home/dinoghi/SANDBOXKICAD5/usr/bin/_eeschema.kiface)
==28614==    by 0x1E770DCD: KIGFX::VIEW::Query(BOX2<VECTOR2<int> > const&, std::vector<std::pair<KIGFX::VIEW_ITEM*, int>, std::allocator<std::pair<KIGFX::VIEW_ITEM*, int> > >&) const (in /home/dinoghi/SANDBOXKICAD5/usr/bin/_eeschema.kiface)
==28614==    by 0x1E56CD3C: EE_SELECTION_TOOL::selectMultiple() (in /home/dinoghi/SANDBOXKICAD5/usr/bin/_eeschema.kiface)
==28614==    by 0x1E56DF1B: EE_SELECTION_TOOL::Main(TOOL_EVENT const&) (in /home/dinoghi/SANDBOXKICAD5/usr/bin/_eeschema.kiface)
==28614==    by 0x1E7ADF2F: COROUTINE<int, TOOL_EVENT const&>::callerStub(long) (in /home/dinoghi/SANDBOXKICAD5/usr/bin/_eeschema.kiface)
==28614==    by 0x289550: make_fcontext (in /home/dinoghi/SANDBOXKICAD5/usr/bin/kicad)
==28614== 
==28614== Invalid read of size 4
==28614==    at 0x1E56CD94: EE_SELECTION_TOOL::selectMultiple() (in /home/dinoghi/SANDBOXKICAD5/usr/bin/_eeschema.kiface)
==28614==    by 0x1E56DF1B: EE_SELECTION_TOOL::Main(TOOL_EVENT const&) (in /home/dinoghi/SANDBOXKICAD5/usr/bin/_eeschema.kiface)
==28614==    by 0x1E7ADF2F: COROUTINE<int, TOOL_EVENT const&>::callerStub(long) (in /home/dinoghi/SANDBOXKICAD5/usr/bin/_eeschema.kiface)
==28614==    by 0x289550: make_fcontext (in /home/dinoghi/SANDBOXKICAD5/usr/bin/kicad)
==28614==  Address 0x211482e8 is 376 bytes inside a block of size 1,024 free'd
==28614==    at 0x4C2D2DB: operator delete(void*) (vg_replace_malloc.c:576)
==28614==    by 0x1E56F6E9: void std::vector<std::pair<KIGFX::VIEW_ITEM*, int>, std::allocator<std::pair<KIGFX::VIEW_ITEM*, int> > >::_M_emplace_back_aux<SCH_SHEET_PIN*, int&>(SCH_SHEET_PIN*&&, int&) (in /home/dinoghi/SANDBOXKICAD5/usr/bin/_eeschema.kiface)
==28614==    by 0x1E56CDF0: EE_SELECTION_TOOL::selectMultiple() (in /home/dinoghi/SANDBOXKICAD5/usr/bin/_eeschema.kiface)
==28614==    by 0x1E56DF1B: EE_SELECTION_TOOL::Main(TOOL_EVENT const&) (in /home/dinoghi/SANDBOXKICAD5/usr/bin/_eeschema.kiface)
==28614==    by 0x1E7ADF2F: COROUTINE<int, TOOL_EVENT const&>::callerStub(long) (in /home/dinoghi/SANDBOXKICAD5/usr/bin/_eeschema.kiface)
==28614==    by 0x289550: make_fcontext (in /home/dinoghi/SANDBOXKICAD5/usr/bin/kicad)
==28614==  Block was alloc'd at
==28614==    at 0x4C2C21F: operator new(unsigned long) (vg_replace_malloc.c:334)
==28614==    by 0x1E777F0C: void std::vector<std::pair<KIGFX::VIEW_ITEM*, int>, std::allocator<std::pair<KIGFX::VIEW_ITEM*, int> > >::_M_emplace_back_aux<std::pair<KIGFX::VIEW_ITEM*, int> >(std::pair<KIGFX::VIEW_ITEM*, int>&&) (in /home/dinoghi/SANDBOXKICAD5/usr/bin/_eeschema.kiface)
==28614==    by 0x1E778111: bool RTree<KIGFX::VIEW_ITEM*, int, 2, double, 8, 4>::Search<KIGFX::queryVisitor<std::vector<std::pair<KIGFX::VIEW_ITEM*, int>, std::allocator<std::pair<KIGFX::VIEW_ITEM*, int> > > > >(RTree<KIGFX::VIEW_ITEM*, int, 2, double, 8, 4>::Node*, RTree<KIGFX::VIEW_ITEM*, int, 2, double, 8, 4>::Rect*, KIGFX::queryVisitor<std::vector<std::pair<KIGFX::VIEW_ITEM*, int>, std::allocator<std::pair<KIGFX::VIEW_ITEM*, int> > > >&, int&) (in /home/dinoghi/SANDBOXKICAD5/usr/bin/_eeschema.kiface)
==28614==    by 0x1E77803D: bool RTree<KIGFX::VIEW_ITEM*, int, 2, double, 8, 4>::Search<KIGFX::queryVisitor<std::vector<std::pair<KIGFX::VIEW_ITEM*, int>, std::allocator<std::pair<KIGFX::VIEW_ITEM*, int> > > > >(RTree<KIGFX::VIEW_ITEM*, int, 2, double, 8, 4>::Node*, RTree<KIGFX::VIEW_ITEM*, int, 2, double, 8, 4>::Rect*, KIGFX::queryVisitor<std::vector<std::pair<KIGFX::VIEW_ITEM*, int>, std::allocator<std::pair<KIGFX::VIEW_ITEM*, int> > > >&, int&) (in /home/dinoghi/SANDBOXKICAD5/usr/bin/_eeschema.kiface)
==28614==    by 0x1E77803D: bool RTree<KIGFX::VIEW_ITEM*, int, 2, double, 8, 4>::Search<KIGFX::queryVisitor<std::vector<std::pair<KIGFX::VIEW_ITEM*, int>, std::allocator<std::pair<KIGFX::VIEW_ITEM*, int> > > > >(RTree<KIGFX::VIEW_ITEM*, int, 2, double, 8, 4>::Node*, RTree<KIGFX::VIEW_ITEM*, int, 2, double, 8, 4>::Rect*, KIGFX::queryVisitor<std::vector<std::pair<KIGFX::VIEW_ITEM*, int>, std::allocator<std::pair<KIGFX::VIEW_ITEM*, int> > > >&, int&) (in /home/dinoghi/SANDBOXKICAD5/usr/bin/_eeschema.kiface)
==28614==    by 0x1E770DCD: KIGFX::VIEW::Query(BOX2<VECTOR2<int> > const&, std::vector<std::pair<KIGFX::VIEW_ITEM*, int>, std::allocator<std::pair<KIGFX::VIEW_ITEM*, int> > >&) const (in /home/dinoghi/SANDBOXKICAD5/usr/bin/_eeschema.kiface)
==28614==    by 0x1E56CD3C: EE_SELECTION_TOOL::selectMultiple() (in /home/dinoghi/SANDBOXKICAD5/usr/bin/_eeschema.kiface)
==28614==    by 0x1E56DF1B: EE_SELECTION_TOOL::Main(TOOL_EVENT const&) (in /home/dinoghi/SANDBOXKICAD5/usr/bin/_eeschema.kiface)
==28614==    by 0x1E7ADF2F: COROUTINE<int, TOOL_EVENT const&>::callerStub(long) (in /home/dinoghi/SANDBOXKICAD5/usr/bin/_eeschema.kiface)
==28614==    by 0x289550: make_fcontext (in /home/dinoghi/SANDBOXKICAD5/usr/bin/kicad)
==28614== 
==28614== 
==28614== HEAP SUMMARY:
==28614==     in use at exit: 41,535,228 bytes in 42,699 blocks
==28614==   total heap usage: 7,122,404 allocs, 7,079,705 frees, 21,432,460,770 bytes allocated
==28614== 
==28614== LEAK SUMMARY:
==28614==    definitely lost: 34,058,480 bytes in 1,414 blocks
==28614==    indirectly lost: 332,513 bytes in 7,126 blocks
==28614==      possibly lost: 4,717,950 bytes in 3,786 blocks
==28614==    still reachable: 2,246,269 bytes in 29,218 blocks
==28614==                       of which reachable via heuristic:
==28614==                         length64           : 8,256 bytes in 126 blocks
==28614==                         newarray           : 2,192 bytes in 57 blocks
==28614==         suppressed: 0 bytes in 0 blocks
==28614== Rerun with --leak-check=full to see details of leaked memory
==28614== 
==28614== For counts of detected and suppressed errors, rerun with: -v
==28614== Use --track-origins=yes to see where uninitialised values come from
==28614== ERROR SUMMARY: 62 errors from 4 contexts (suppressed: 0 from 0)

****************************************************************
Application: Eeschema
Version: (5.99.0-60-gc8a6878eb), release build
Libraries:
    wxWidgets 3.0.2
    libcurl/7.52.1 OpenSSL/1.0.2s zlib/1.2.8 libidn2/0.16 libpsl/0.17.0 (+libidn2/0.16) libssh2/1.7.0 nghttp2/1.18.1 librtmp/2.3
Platform: Linux 4.9.0-8-amd64 x86_64, 64 bit, Little endian, wxGTK
Build Info:
    wxWidgets: 3.0.2 (wchar_t,wx containers,compatible with 2.8) GTK+ 2.24
    Boost: 1.69.0
    OpenCASCADE Community Edition: 6.8.0
    Curl: 7.52.1
    Compiler: GCC 6.3.0 with C++ ABI 1010

Revision history for this message

Jeff Young (jeyjey) wrote on 2019-09-04:

#12

Excellent; that reproduces on my machine....

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Bug attachments

Add attachment

Remote bug watches

Bug watches keep track of this bug in other bug trackers.