[Gambas-user] Super cool crash when reading settings twice
Benoît Minisini
gambas at ...1...
Thu Oct 8 02:56:17 CEST 2015
Le 07/10/2015 22:11, Tobias Boege a écrit :
> Hi Benoit,
>
> I have a crash in one of my projects. I managed to isolate the problem to
> the attached project. I have a class which has a Settings As Collection
> property for use with Settings' Read() and Write() methods.
>
> What I now do is write the object to the settings and then read it *twice*
> in a row (I hit the bug because I happened to initialise some module twice
> during startup in my project). The Settings_Write() implementation is
> crucial as it seems:
>
> Public Number As Integer
>
> Public Sub Settings_Write(Value As Collection)
> Number = Value["Number", 0]
> End
>
> When executing this code, the interpreter segfaults somewhere deep down:
>
> Program received signal SIGSEGV, Segmentation fault.
> EXEC_object_real (val=val at ...2861...=0x7ffff65cd140, pobject=pobject at ...2861...=0x7fffffffddb8) at gbx_exec.c:1448
> 1448 gbx_exec.c: No such file or directory.
> (gdb) bt
> #0 EXEC_object_real (val=val at ...2861...=0x7ffff65cd140, pobject=pobject at ...2861...=0x7fffffffddb8) at gbx_exec.c:1448
> #1 0x0000000000436033 in _push_array (code=code at ...2861...=960) at gbx_exec_loop.c:3576
> #2 0x0000000000438b70 in EXEC_loop () at gbx_exec_loop.c:573
> #3 0x000000000040a4a4 in EXEC_function_loop () at gbx_exec.c:931
> #4 0x000000000040ab7f in EXEC_function_real () at gbx_exec.c:895
> #5 0x000000000040dcbd in EXEC_pop_unknown () at gbx_exec_pop.c:257
> #6 0x00000000004385c3 in EXEC_loop () at gbx_exec_loop.c:672
> #7 0x000000000040a4a4 in EXEC_function_loop () at gbx_exec.c:931
> #8 0x000000000040ab7f in EXEC_function_real () at gbx_exec.c:895
> #9 0x000000000040b976 in EXEC_public_desc (class=<optimized out>, object=object at ...2861...=0x0, desc=desc at ...2861...=0x6746d8, nparam=nparam at ...2861...=0) at gbx_exec.c:1616
> #10 0x0000000000404829 in main (argc=1, argv=0x7fffffffe6a8) at gbx.c:416
>
> This is the faulty line:
>
> 1448 else if (!class->is_virtual)
>
> The valgrind log reveals that there is something strange going on with the
> "class" variable:
>
> ==1330== Invalid read of size 1
> ==1330== at 0x40B862: EXEC_object_real (gbx_exec.c:1448)
> ==1330== by 0x436032: _push_array (gbx_exec_loop.c:3576)
> ==1330== by 0x438B6F: EXEC_loop (gbx_exec_loop.c:573)
> ==1330== by 0x40A4A3: EXEC_function_loop (gbx_exec.c:931)
> ==1330== by 0x40AB7E: EXEC_function_real (gbx_exec.c:895)
> ==1330== by 0x40DCBC: EXEC_pop_unknown (gbx_exec_pop.c:257)
> ==1330== by 0x4385C2: EXEC_loop (gbx_exec_loop.c:672)
> ==1330== by 0x40A4A3: EXEC_function_loop (gbx_exec.c:931)
> ==1330== by 0x40AB7E: EXEC_function_real (gbx_exec.c:895)
> ==1330== by 0x404828: main (gbx.c:416)
> ==1330== Address 0x2b is not stack'd, malloc'd or (recently) free'd
> ==1330==
> ==1330==
> ==1330== Process terminating with default action of signal 11 (SIGSEGV): dumping core
> ==1330== Access not within mapped region at address 0x2B
> ==1330== at 0x40B862: EXEC_object_real (gbx_exec.c:1448)
> ==1330== by 0x436032: _push_array (gbx_exec_loop.c:3576)
> ==1330== by 0x438B6F: EXEC_loop (gbx_exec_loop.c:573)
> ==1330== by 0x40A4A3: EXEC_function_loop (gbx_exec.c:931)
> ==1330== by 0x40AB7E: EXEC_function_real (gbx_exec.c:895)
> ==1330== by 0x40DCBC: EXEC_pop_unknown (gbx_exec_pop.c:257)
> ==1330== by 0x4385C2: EXEC_loop (gbx_exec_loop.c:672)
> ==1330== by 0x40A4A3: EXEC_function_loop (gbx_exec.c:931)
> ==1330== by 0x40AB7E: EXEC_function_real (gbx_exec.c:895)
> ==1330== by 0x404828: main (gbx.c:416)
>
> And the best thing is that if I replace the line
>
> Number = Value["Number", 0]
>
> with either of
>
> Number = Value!Number ' or
> Number = Value["Number"]
>
> then there is no segfault. Also, if I read the settings only once, the crash
> disappears.
>
> Regards,
> Tobi
>
Fixed in revision #7395.
Regards,
--
Benoît Minisini
More information about the User
mailing list