latest Android Beta

Dirk Hohndel dirk at hohndel.org
Mon Sep 23 08:13:52 PDT 2019 

You've done this absolutely correctly - thank you for figuring this out. It really helps us significantly.
You are confirming the suspicion that Berthold and I have had that this is indeed a bug in how we deal with a dynamic data structure for the downloaded dives.

> On Sep 23, 2019, at 5:37 AM, John Smith <noseygit at hotmail.com> wrote:
> 
> I dont know if Ive done this right as I have never used Android Studio and ADB before.
> 
> However, this is the verbose logcat from roughly the point that I start the process to download via bluetooth and then pressing the cancel button to generate the crash.
> 
> 2019-09-23 13:26:07.691 14241-14305/? D//android/subsurface/qt-models/messagehandlermodel.cpp: INFO: "39.777: Starting import ..."
> 2019-09-23 13:26:07.842 14241-14305/? D//android/subsurface/qt-models/messagehandlermodel.cpp: INFO: "39.928: model=Petrel firmware=71 serial=940387021"
> 2019-09-23 13:26:14.497 14241-14305/? D//android/subsurface/qt-models/messagehandlermodel.cpp: INFO: "46.583: Dive 1: Sun 8 Sep 2019 10:23"
> 2019-09-23 13:26:18.712 14241-14305/? D//android/subsurface/qt-models/messagehandlermodel.cpp: INFO: "50.798: Dive 2: Sat 7 Sep 2019 16:07"
> 2019-09-23 13:26:22.928 14241-14305/? D//android/subsurface/qt-models/messagehandlermodel.cpp: INFO: "55.014: Dive 3: Sat 7 Sep 2019 12:46"

So we downloaded three dives.

> 2019-09-23 13:26:25.667 14241-14256/? D//android/subsurface/qt-models/messagehandlermodel.cpp: INFO: "57.754: exit DCDownload screen"
> 2019-09-23 13:26:25.767 14241-14306/? D//android/subsurface/qt-models/messagehandlermodel.cpp: INFO: Executing queued closeSocket()
> 2019-09-23 13:26:25.768 14241-14306/? D//android/subsurface/qt-models/messagehandlermodel.cpp: INFO: Executing queued closeSocket()
> 2019-09-23 13:26:25.768 14241-14305/? D//android/subsurface/qt-models/messagehandlermodel.cpp: INFO: Finishing download thread: "Dive data import error"

We finish the thread and return with an error since it was canceled and then things go KABOOM

> 2019-09-23 13:26:25.772 14241-14256/? A/libc: Fatal signal 11 (SIGSEGV), code 1, fault addr 0x0 in tid 14256 (qtMainLoopThrea), pid 14241 (edivelog.mobile)
> 2019-09-23 13:26:25.822 14327-14327/? W/crash_dump32: type=1400 audit(0.0:560): avc: denied { search } for name="org.subsurfacedivelog.mobile" dev="dm-0" ino=523313 scontext=u:r:crash_dump:s0:c512,c768 tcontext=u:object_r:app_data_file:s0:c512,c768 tclass=dir permissive=0
> 2019-09-23 13:26:25.861 14327-14327/? I/crash_dump32: obtaining output fd from tombstoned, type: kDebuggerdTombstone
> 2019-09-23 13:26:25.861 853-853/? I//system/bin/tombstoned: received crash request for pid 14241
> 2019-09-23 13:26:25.863 14327-14327/? I/crash_dump32: performing dump of process 14241 (target tid = 14256)
> 2019-09-23 13:26:25.863 14327-14327/? A/DEBUG: *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
> 2019-09-23 13:26:25.863 14327-14327/? A/DEBUG: Build fingerprint: 'Lenovo/LenovoTB-X605F/X605F:8.1.0/OPM1.171019.019/S000037_190321_ROW:user/release-keys'
> 2019-09-23 13:26:25.863 14327-14327/? A/DEBUG: Revision: '0'
> 2019-09-23 13:26:25.863 14327-14327/? A/DEBUG: ABI: 'arm'
> 2019-09-23 13:26:25.863 14327-14327/? A/DEBUG: pid: 14241, tid: 14256, name: qtMainLoopThrea  >>> org.subsurfacedivelog.mobile <<<
> 2019-09-23 13:26:25.863 14327-14327/? A/DEBUG: signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0x0
> 2019-09-23 13:26:25.863 14327-14327/? A/DEBUG: Cause: null pointer dereference
> 2019-09-23 13:26:25.864 14327-14327/? A/DEBUG:     r0 c5d56070  r1 00000000  r2 00000000  r3 c0c947d9
> 2019-09-23 13:26:25.864 14327-14327/? A/DEBUG:     r4 c5d56060  r5 00000000  r6 00000000  r7 ca3dc490
> 2019-09-23 13:26:25.864 14327-14327/? A/DEBUG:     r8 ca3dc530  r9 e60ec1b8  sl ca3dc598  fp c69445e0
> 2019-09-23 13:26:25.864 14327-14327/? A/DEBUG:     ip ca1ee9b0  sp ca3dc480  lr c9f6b1c1  pc c7b40eba  cpsr 600f0030
> 2019-09-23 13:26:25.866 14327-14327/? A/DEBUG: backtrace:
> 2019-09-23 13:26:25.866 14327-14327/? A/DEBUG:     #00 pc 00179eba  /data/app/org.subsurfacedivelog.mobile-gmY_LEbFeZjVPkWL1sB1Sw==/lib/arm/libsubsurface-mobile.so (DiveImportedModel::repopulate(dive_table*, dive_site_table*)+33)
> 2019-09-23 13:26:25.866 14327-14327/? A/DEBUG:     #01 pc 001840f9  /data/app/org.subsurfacedivelog.mobile-gmY_LEbFeZjVPkWL1sB1Sw==/lib/arm/libsubsurface-mobile.so (DiveImportedModel::qt_metacall(QMetaObject::Call, int, void**)+52)
> 2019-09-23 13:26:25.866 14327-14327/? A/DEBUG:     #02 pc 000f673b  /data/app/org.subsurfacedivelog.mobile-gmY_LEbFeZjVPkWL1sB1Sw==/lib/arm/libQt5Qml.so

And it's almost certainly dereferencing an invalid pointer in DiveImportedModel::repopulate()

I repeat: Thank you for helping us confirm this suspicion.

/D
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.subsurface-divelog.org/pipermail/subsurface/attachments/20190923/69bcc5ab/attachment.html>

More information about the subsurface mailing list