Developer forums (C::B DEVELOPMENT STRICTLY!) > Development
Crash with batch build on linux
Miguel Gimenez:
While investigating the crash I found this code snippet (not related directly to the crash) in compilergcc.cpp:
--- Code: --- if (!Manager::IsBatchBuild())
{
CodeBlocksLogEvent evt(cbEVT_REMOVE_LOG_WINDOW, m_pLog);
Manager::Get()->ProcessEvent(evt);
}
{
// TODO: This is wrong. We need some automatic way for this to happen!!!
LogSlot &listSlot = logManager->Slot(m_ListPageIndex);
delete listSlot.icon;
listSlot.icon = nullptr;
LogSlot &slot = logManager->Slot(m_PageIndex);
delete slot.icon;
slot.icon = nullptr;
}
m_pLog = 0;
--- End code ---
The log window removal is made conditionally, but the nullifying of m_pLog always happens. Is this correct?
BlueHazzard:
--- Quote ---While investigating the crash I found this code snippet (not related directly to the crash) in compilergcc.cpp:
--- End quote ---
So you can reproduce the crash?
Miguel Gimenez:
Didn't try. I haven't used batch building since ticket 738, and the crash I got is fixed in my local copy.
Post the full command you use, if I get time I'll check.
BlueHazzard:
--- Code: ---==26161==ERROR: AddressSanitizer: heap-use-after-free on address 0x61a000090bc0 at pc 0x7fd9158e6a41 bp 0x7fffba69c060 sp 0x7fffba69c050
READ of size 8 at 0x61a000090bc0 thread T0
#0 0x7fd9158e6a40 in TextCtrlLogger::Clear() (/home/codeblocks/codeblocks/src/output30/libcodeblocks.so+0x8a8a40)
#1 0x7fd90153e22e in CompilerGCC::ClearLog(bool) (/home/codeblocks/codeblocks/src/output30/share/codeblocks/plugins/libcompiler.so+0x10422e)
#2 0x7fd9015649b6 in CompilerGCC::OnWorkspaceClosed(CodeBlocksEvent&) (/home/codeblocks/codeblocks/src/output30/share/codeblocks/plugins/libcompiler.so+0x12a9b6)
#3 0x7fd901588eb3 in cbEventFunctor<CompilerGCC, CodeBlocksEvent>::Call(CodeBlocksEvent&) (/home/codeblocks/codeblocks/src/output30/share/codeblocks/plugins/libcompiler.so+0x14eeb3)
#4 0x7fd9159107f0 in Manager::ProcessEvent(CodeBlocksEvent&) (/home/codeblocks/codeblocks/src/output30/libcodeblocks.so+0x8d27f0)
#5 0x7fd91596ee68 in PluginManager::NotifyPlugins(CodeBlocksEvent&) (/home/codeblocks/codeblocks/src/output30/libcodeblocks.so+0x930e68)
#6 0x7fd9159da356 in ProjectManager::CloseWorkspace() (/home/codeblocks/codeblocks/src/output30/libcodeblocks.so+0x99c356)
#7 0x55778b662f64 (/home/codeblocks/codeblocks/src/output30/codeblocks+0x290f64)
#8 0x55778b67490b (/home/codeblocks/codeblocks/src/output30/codeblocks+0x2a290b)
#9 0x7fd9168674bd in wxEvtHandler::ProcessEventIfMatchesId(wxEventTableEntryBase const&, wxEvtHandler*, wxEvent&) (/usr/lib/x86_64-linux-gnu/libwx_baseu-3.0.so.0+0x1e34bd)
#10 0x7fd9168675c2 in wxEventHashTable::HandleEvent(wxEvent&, wxEvtHandler*) (/usr/lib/x86_64-linux-gnu/libwx_baseu-3.0.so.0+0x1e35c2)
#11 0x7fd91686798a in wxEvtHandler::TryHereOnly(wxEvent&) (/usr/lib/x86_64-linux-gnu/libwx_baseu-3.0.so.0+0x1e398a)
#12 0x7fd916867782 in wxEvtHandler::DoTryChain(wxEvent&) (/usr/lib/x86_64-linux-gnu/libwx_baseu-3.0.so.0+0x1e3782)
#13 0x7fd916867a74 in wxEvtHandler::ProcessEvent(wxEvent&) (/usr/lib/x86_64-linux-gnu/libwx_baseu-3.0.so.0+0x1e3a74)
#14 0x7fd9168677d6 in wxEvtHandler::SafelyProcessEvent(wxEvent&) (/usr/lib/x86_64-linux-gnu/libwx_baseu-3.0.so.0+0x1e37d6)
#15 0x7fd9171989d6 in wxWindowBase::Close(bool) (/usr/lib/x86_64-linux-gnu/libwx_gtk2u_core-3.0.so.0+0x4419d6)
#16 0x55778b52e391 (/home/codeblocks/codeblocks/src/output30/codeblocks+0x15c391)
#17 0x55778b54085b (/home/codeblocks/codeblocks/src/output30/codeblocks+0x16e85b)
#18 0x7fd916775b39 in wxEntry(int&, wchar_t**) (/usr/lib/x86_64-linux-gnu/libwx_baseu-3.0.so.0+0xf1b39)
#19 0x55778b528e66 (/home/codeblocks/codeblocks/src/output30/codeblocks+0x156e66)
#20 0x7fd914110b96 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21b96)
#21 0x55778b526dd9 (/home/codeblocks/codeblocks/src/output30/codeblocks+0x154dd9)
0x61a000090bc0 is located 1344 bytes inside of 1408-byte region [0x61a000090680,0x61a000090c00)
freed by thread T0 here:
#0 0x7fd9187b22d0 in operator delete(void*) (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xe12d0)
#1 0x7fd917197316 in wxWindowBase::Destroy() (/usr/lib/x86_64-linux-gnu/libwx_gtk2u_core-3.0.so.0+0x440316)
previously allocated by thread T0 here:
#0 0x7fd9187b1458 in operator new(unsigned long) (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xe0458)
#1 0x7fd9158e6be1 in TextCtrlLogger::CreateControl(wxWindow*) (/home/codeblocks/codeblocks/src/output30/libcodeblocks.so+0x8a8be1)
#2 0x7fd90157e7e9 in BuildLogger::CreateControl(wxWindow*) (/home/codeblocks/codeblocks/src/output30/share/codeblocks/plugins/libcompiler.so+0x1447e9)
#3 0x55778b68c058 (/home/codeblocks/codeblocks/src/output30/codeblocks+0x2ba058)
#4 0x55778b6beea3 (/home/codeblocks/codeblocks/src/output30/codeblocks+0x2ecea3)
#5 0x7fd915911534 in Manager::ProcessEvent(CodeBlocksLogEvent&) (/home/codeblocks/codeblocks/src/output30/libcodeblocks.so+0x8d3534)
#6 0x7fd901530e5c in CompilerGCC::OnAttach() (/home/codeblocks/codeblocks/src/output30/share/codeblocks/plugins/libcompiler.so+0xf6e5c)
#7 0x7fd9156bf8ab in cbPlugin::Attach() (/home/codeblocks/codeblocks/src/output30/libcodeblocks.so+0x6818ab)
#8 0x7fd915958536 in PluginManager::AttachPlugin(cbPlugin*, bool) (/home/codeblocks/codeblocks/src/output30/libcodeblocks.so+0x91a536)
#9 0x7fd91596a2db in PluginManager::LoadAllPlugins() (/home/codeblocks/codeblocks/src/output30/libcodeblocks.so+0x92c2db)
#10 0x55778b652241 (/home/codeblocks/codeblocks/src/output30/codeblocks+0x280241)
#11 0x55778b6417bb (/home/codeblocks/codeblocks/src/output30/codeblocks+0x26f7bb)
#12 0x55778b529d6c (/home/codeblocks/codeblocks/src/output30/codeblocks+0x157d6c)
#13 0x55778b52dcc1 (/home/codeblocks/codeblocks/src/output30/codeblocks+0x15bcc1)
#14 0x55778b54085b (/home/codeblocks/codeblocks/src/output30/codeblocks+0x16e85b)
#15 0x7fd916775b39 in wxEntry(int&, wchar_t**) (/usr/lib/x86_64-linux-gnu/libwx_baseu-3.0.so.0+0xf1b39)
SUMMARY: AddressSanitizer: heap-use-after-free (/home/codeblocks/codeblocks/src/output30/libcodeblocks.so+0x8a8a40) in TextCtrlLogger::Clear()
Shadow bytes around the buggy address:
0x0c348000a120: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
0x0c348000a130: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
0x0c348000a140: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
0x0c348000a150: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
0x0c348000a160: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
=>0x0c348000a170: fd fd fd fd fd fd fd fd[fd]fd fd fd fd fd fd fd
0x0c348000a180: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c348000a190: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c348000a1a0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c348000a1b0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c348000a1c0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
Shadow byte legend (one shadow byte represents 8 application bytes):
Addressable: 00
Partially addressable: 01 02 03 04 05 06 07
Heap left redzone: fa
Freed heap region: fd
Stack left redzone: f1
Stack mid redzone: f2
Stack right redzone: f3
Stack after return: f5
Stack use after scope: f8
Global redzone: f9
Global init order: f6
Poisoned by user: f7
Container overflow: fc
Array cookie: ac
Intra object redzone: bb
ASan internal: fe
Left alloca redzone: ca
Right alloca redzone: cb
==26161==ABORTING
--- End code ---
sadly the backtrace of the free is not really helpful :(
{edit] the command line:
--- Code: --- output30/run.sh --target=All --no-splash-screen --build CodeBlocks_wx30-unix.workspace
--- End code ---
you probably have to run it a view times until you trigger it...
oBFusCATed:
Rebuild everything with -fno-omit-frame-pointer.
Navigation
[0] Message Index
[#] Next page
[*] Previous page
Go to full version