Crash on Windows 7 with Subsurface-4.6.4-1026 binary
Lubomir I. Ivanov
neolit123 at gmail.com
Thu Oct 19 17:18:57 PDT 2017
On 20 October 2017 at 02:42, Rick Walsh <rickmwalsh at gmail.com> wrote:
>
>
> On 20 October 2017 at 10:36, Rick Walsh <rickmwalsh at gmail.com> wrote:
>>
>> Hi,
>>
>> Testing the latest Windows binary in /downloads/daily,
>> subsurface-4.6.4-1026-g49771d8748a0.exe, I got a crash on changing the dive
>> date (to a month ago) in the planner.
>
> I should add that doing just about anything in the planner results in a
> crash with the 4.6.4-1026 binary, and that I don't see this issue with the
> subsurface-4.6.4-986-gb5a5035c090d.exe binary.
>
based on the 49771d87 subsurface.exe binary, the SIGSEGV is in
explicit_first_cylinder().
https://github.com/Subsurface-divelog/subsurface/blob/master/core/dive.c#L987
Dump of assembler code for function explicit_first_cylinder:
0x00556460 <+0>: push %esi
0x00556461 <+1>: push %ebx
0x00556462 <+2>: sub $0x14,%esp
0x00556465 <+5>: mov 0x24(%esp),%esi
0x00556469 <+9>: mov 0x20(%esp),%ebx
0x0055646d <+13>: test %esi,%esi
0x0055646f <+15>: je 0x5564a1 <explicit_first_cylinder+65>
0x00556471 <+17>: movl $0x7e8a40,0x4(%esp)
=> 0x00556479 <+25>: mov 0x50(%esi),%eax
0x0055647c <+28>: mov %eax,(%esp)
0x0055647f <+31>: call 0x584210 <get_next_event>
it happens right before the get_next_event().
ESI holds the 'dc' pointer.
it's not NULL; it's 0x558, but that's not right.
so the caller seems to pass a corrupt pointer.
actually...it happens with my build too.
#0 0x004ff179 in explicit_first_cylinder (dive=0x835540 <displayed_dive>,
dc=dc at entry=0x558) at C:\dev\subsurface\core\dive.c:990
#1 0x004bcc05 in get_gasmix (dive=<optimized out>, gasmix=0x0,
evp=<synthetic pointer>, time=<optimized out>, dc=0x558)
at C:/dev/subsurface/core/dive.h:941
#2 DivePercentageItem::paint (this=<optimized out>, painter=0x28c634,
option=0xd1f9df8, widget=0x0)
at C:\dev\subsurface\profile-widget\diveprofileitem.cpp:431
so it's Robert's patch:
https://github.com/Subsurface-divelog/subsurface/commit/a422957cd6525b9753cafacfafdf1f3eef66870d
i think it might be that:
#define displayed_dc (get_dive_dc(&displayed_dive, dc_number))
should use:
'displayed_dive' instead of '&displayed_dive'
lubomir
--
More information about the subsurface
mailing list