Crash after saving to a git repo

Anton Lundin glance at acc.umu.se
Mon Mar 31 05:50:19 PDT 2014 

Hi.

I just tried to play around with the save-git-code and had a quite wierd
crash after saving, that makes no sens and someone has probably stomped
on someone elses memory.


*** Error in `/home/anton/Downloads/subsurface-qt5/subsurface': munmap_chunk(): invalid pointer: 0x00000000007efa80 ***

Program received signal SIGSEGV, Segmentation fault.
0x00007fffee6c6940 in ?? () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
(gdb) git branch -va
Undefined command: "git".  Try "help".
(gdb) bt full
#0  0x00007fffee6c6940 in ?? () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
No symbol table info available.
#1  0x00007fffee67e231 in ?? () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
No symbol table info available.
#2  0x00007fffee6c7929 in g_slice_free1 () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
No symbol table info available.
#3  0x00007fffee6a8c18 in ?? () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
No symbol table info available.
#4  0x00007fffee6a95a7 in ?? () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
No symbol table info available.
#5  0x00007fffee6abd70 in g_main_context_dispatch () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
No symbol table info available.
#6  0x00007fffee6ac048 in ?? () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
No symbol table info available.
#7  0x00007fffee6ac0ec in g_main_context_iteration () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
No symbol table info available.
#8  0x00007ffff48e9374 in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) ()
   from /home/anton/Downloads/Qt5.2.1/5.2.1/gcc_64/lib/libQt5Core.so.5
No symbol table info available.
#9  0x00007ffff48974ab in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () from /home/anton/Downloads/Qt5.2.1/5.2.1/gcc_64/lib/libQt5Core.so.5
No symbol table info available.
#10 0x00007ffff489b53e in QCoreApplication::exec() () from /home/anton/Downloads/Qt5.2.1/5.2.1/gcc_64/lib/libQt5Core.so.5
No symbol table info available.
#11 0x000000000044cb86 in run_ui () at ../subsurface/qt-gui.cpp:165
No locals.
#12 0x000000000043d5f4 in main (argc=1, argv=0x7fffffffe3e8) at ../subsurface/main.cpp:61
        i = 1
        no_filenames = true
        files = {<QList<QString>> = {{p = {static shared_null = {ref = {atomic = {_q_value = -1}}, alloc = 0, begin = 0, end = 0, array = {0x0}}, 
                d = 0x7ffff4cc8d80 <QListData::shared_null>}, d = 0x7ffff4cc8d80 <QListData::shared_null>}}, <No data fields>}
        importedFiles = {<QList<QString>> = {{p = {static shared_null = {ref = {atomic = {_q_value = -1}}, alloc = 0, begin = 0, end = 0, array = {0x0}}, 
                d = 0x7ffff4cc8d80 <QListData::shared_null>}, d = 0x7ffff4cc8d80 <QListData::shared_null>}}, <No data fields>}
        dedicated_console = false
        m = 0xa3e350
        arguments = {<QList<QString>> = {{p = {static shared_null = {ref = {atomic = {_q_value = -1}}, alloc = 0, begin = 0, end = 0, array = {0x0}}, 
                d = 0xa36d10}, d = 0xa36d10}}, <No data fields>}



I managed to run the save step via valgrind and noticed:

Invalid free() / delete / delete[] / realloc()
   at 0x4C2B68C: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
   by 0x5E0030D: set_error (in /usr/lib/x86_64-linux-gnu/libgit2.so.0.19.0)
   by 0x5E0042F: giterr_set (in /usr/lib/x86_64-linux-gnu/libgit2.so.0.19.0)
   by 0x5E1E348: git_futils_find_in_dirlist (in /usr/lib/x86_64-linux-gnu/libgit2.so.0.19.0)
   by 0x5E15692: git_repository_config__weakptr (in /usr/lib/x86_64-linux-gnu/libgit2.so.0.19.0)
   by 0x5E15978: git_repository_open_ext (in /usr/lib/x86_64-linux-gnu/libgit2.so.0.19.0)
   by 0x4DB6AD: is_git_repository (save-git.c:1010)
   by 0x4DD3C0: save_dives_logic (save-xml.c:606)
   by 0x4DD00D: save_dives (save-xml.c:500)
   by 0x49EA1E: MainWindow::file_save_as() (mainwindow.cpp:937)
   by 0x49A189: MainWindow::on_actionSaveAs_triggered() (mainwindow.cpp:185)
   by 0x50E914: MainWindow::qt_static_metacall(QObject*, QMetaObject::Call, int, void**) (moc_mainwindow.cpp:273)
 Address 0x14dd6760 is 1,024 bytes inside a block of size 2,032 alloc'd
   at 0x4C2C510: calloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
   by 0xE2F2668: g_malloc0 (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.3992.0)
   by 0xE2BF015: ??? (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.3992.0)
   by 0xE308374: g_slice_alloc (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.3992.0)
   by 0xE2DC17D: g_hash_table_new_full (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.3992.0)
   by 0xE2FC494: g_quark_from_static_string (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.3992.0)
   by 0xE05E4AB: ??? (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.3992.0)
   by 0x4010139: call_init.part.0 (dl-init.c:78)
   by 0x4010222: _dl_init (dl-init.c:36)
   by 0x4001309: ??? (in /lib/x86_64-linux-gnu/ld-2.19.so)



The bug goes away when building against current head of libgit2.


I haven't had the time to debug this any further, but the interesting
thing is to figure out if we should try to force a libgit2 > 0.19 or if
the bug is somewhere in our code.


//Anton -- Braindumping


-- 
Anton Lundin	+46702-161604

More information about the subsurface mailing list