UDDF crash
Lubomir I. Ivanov
neolit123 at gmail.com
Mon Nov 2 14:38:01 PST 2015
On 2 November 2015 at 15:54, Lubomir I. Ivanov <neolit123 at gmail.com> wrote:
> a user has posted a UDDF file that crashes subsurface:
> http://trac.subsurface-divelog.org/ticket/958#comment:4
>
> i'm getting high ram and CPU usage, possibly due to an infinite loop
> on both Windows (latest 4.5.1) and Ubuntu (4.5.0 appImage).
>
small report there,
so this is a nasty one...and the debugging it is difficult because of
the massive file size.
the crash is kind of different every time which suggests memory corruption.
the XSLT stage passes and produces a 10MB XML ouput out of the 25MB
UDDF input that the user provided.
but then it either:
- loads fine but then hangs if i do Renumber for some reason??
- faults in parse-xml.c:traverse() after short parsing near a
"cylinder" entry (there are a lot of those)
- faults quickly in parse-xml.c:sample_start() with a SIGSEGV because
prepare_sample() returns NULL.
observations:
- i do see some <sample time="" depth="NaN m"/> entries in the output
XML, but those doesn't seem to matter much for the crashes if i remove
them.
- there are some weird "Mylinder" tags in the XML. those can't be right...
- if it loads fine and i do a "Save", the file is now valid and loads each time
overall, this seems like a bug in our code - e.g. a corner case is not
handled somewhere.
i'm CCing Miika, so that he can check if the input has something which
we don't handle in the XSLT transform.
lubomir
--
More information about the subsurface
mailing list