Bug 306734 - Crash when calculating schedule (in rcps_solver_solve)
Summary: Crash when calculating schedule (in rcps_solver_solve)
Status: RESOLVED FIXED
Alias: None
Product: calligraplan
Classification: Applications
Component: general (show other bugs)
Version: 2.4.2
Platform: Debian testing Linux
: NOR crash
Target Milestone: ---
Assignee: Dag Andersen
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2012-09-13 10:22 UTC by Raúl
Modified: 2012-10-01 09:58 UTC (History)
0 users

See Also:
Latest Commit:
Version Fixed In:

Attachments
Test file. (14.54 KB, application/x-vnd.kde.plan)
2012-09-13 10:23 UTC, Raúl 		Details
gdb log of the crash. (8.37 KB, text/plain)
2012-09-19 11:24 UTC, Raúl 		Details
Console output log. (50.04 KB, text/plain)
2012-09-19 11:24 UTC, Raúl 		Details
View All Add an attachment

Note You need to log in before you can comment on or make changes to this bug.
Description Raúl 2012-09-13 10:22:02 UTC 
Application: calligraplan (2.4.3)
KDE Platform Version: 4.8.4 (4.8.4)
Qt Version: 4.8.2
Operating System: Linux 3.2.0-3-amd64 x86_64
Distribution: Debian GNU/Linux testing (wheezy)

-- Information about the crash:
- What I was doing when the application crashed:

I opened a plan project. I went to Editors->planning(or maybe schedulers). Probably the project already opens there.
I chose the network scheduler, by double clicking on the list, it's the first one I have.
I clicked on the Calculate toolbar button.
It's important here to make plan loose focus, for instance by working on a yakuake console or either in another virtual desktop.
Shortly after, I had the crash.

The crash can be reproduced every time.

-- Backtrace:
Application: Plan (kdeinit4), signal: Segmentation fault
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
[Current thread is 1 (Thread 0x7f6445d00760 (LWP 5751))]

Thread 2 (Thread 0x7f6423968700 (LWP 17599)):
[KCrash Handler]
#6  slist_node_getdata (n=0x0) at /tmp/buildd/calligra-2.4.3/plan/plugins/schedulers/rcps/libs/src/slist.c:81
#7  0x00007f64285551fe in run_alg (s=s@entry=0x7f641c0eb980, p=p@entry=0x7f641c0e4110) at /tmp/buildd/calligra-2.4.3/plan/plugins/schedulers/rcps/libs/src/librcps.c:758
#8  0x00007f6428555720 in rcps_solver_solve (s=0x7f641c0eb980, p=0x7f641c0e4110) at /tmp/buildd/calligra-2.4.3/plan/plugins/schedulers/rcps/libs/src/librcps.c:976
#9  0x00007f642876244d in KPlatoRCPSScheduler::solve (this=this@entry=0x2a57090) at /tmp/buildd/calligra-2.4.3/plan/plugins/schedulers/rcps/KPlatoRCPSScheduler.cpp:503
#10 0x00007f642876e180 in KPlatoRCPSScheduler::run (this=0x2a57090) at /tmp/buildd/calligra-2.4.3/plan/plugins/schedulers/rcps/KPlatoRCPSScheduler.cpp:471
#11 0x00007f6444838d0b in QThreadPrivate::start (arg=0x2a57090) at thread/qthread_unix.cpp:307
#12 0x00007f6441035b50 in start_thread (arg=<optimized out>) at pthread_create.c:304
#13 0x00007f644354a70d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:112
#14 0x0000000000000000 in ?? ()

Thread 1 (Thread 0x7f6445d00760 (LWP 5751)):
#0  0x00007f644353e73d in read () at ../sysdeps/unix/syscall-template.S:82
#1  0x00007f644059250f in ?? () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#2  0x00007f6440557059 in g_main_context_check () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#3  0x00007f6440557472 in ?? () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#4  0x00007f64405575f4 in g_main_context_iteration () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#5  0x00007f6444962276 in QEventDispatcherGlib::processEvents (this=0x13d17d0, flags=...) at kernel/qeventdispatcher_glib.cpp:424
#6  0x00007f6443d7e83e in QGuiEventDispatcherGlib::processEvents (this=<optimized out>, flags=...) at kernel/qguieventdispatcher_glib.cpp:204
#7  0x00007f64449328af in QEventLoop::processEvents (this=this@entry=0x7fff21029fa0, flags=...) at kernel/qeventloop.cpp:149
#8  0x00007f6444932b38 in QEventLoop::exec (this=0x7fff21029fa0, flags=...) at kernel/qeventloop.cpp:204
#9  0x00007f6444937cf8 in QCoreApplication::exec () at kernel/qcoreapplication.cpp:1187
#10 0x00007f643c31c965 in kdemain (argc=<optimized out>, argv=0x14249d0) at /tmp/buildd/calligra-2.4.3/plan/main.cpp:41
#11 0x0000000000408a62 in launch (argc=argc@entry=2, _name=_name@entry=0x14252b8 "/usr/bin/calligraplan", args=0x14252f4 "\001", args@entry=0x14252ce "/home/rasasi/repos/ihm/docs/test.plan", cwd=cwd@entry=0x0, envc=envc@entry=1, envs=<optimized out>, envs@entry=0x14252fc "DISPLAY=:0", reset_env=false, tty=tty@entry=0x0, avoid_loops=false, startup_id_str=startup_id_str@entry=0x142530f "IG1247;1347525891;889915;5781_TIME224880858") at ../../kinit/kinit.cpp:746
#12 0x0000000000409b7b in handle_launcher_request (sock=7, who=<error reading variable: Unhandled dwarf expression opcode 0xfa>) at ../../kinit/kinit.cpp:1238
#13 0x000000000040a1eb in handle_requests (waitForPid=waitForPid@entry=0) at ../../kinit/kinit.cpp:1431
#14 0x00000000004058e7 in main (argc=2, argv=<optimized out>, envp=0x7fff2102ae00) at ../../kinit/kinit.cpp:1919

Reported using DrKonqi
Comment 1 Raúl 2012-09-13 10:23:20 UTC 
Created attachment 73883 [details]
Test file.
Comment 2 Dag Andersen 2012-09-14 07:46:11 UTC 
Git commit 6095f32920e2cd46a428167874280f29612cf137 by Dag Andersen.
Committed on 14/09/2012 at 08:29.
Pushed by danders into branch 'master'.

Fix potential crash if irand returns max value.

This *may* be the cause of bug 306734 but I am not certain

M  +1    -1    plan/plugins/schedulers/rcps/libs/src/librcps.c

http://commits.kde.org/calligra/6095f32920e2cd46a428167874280f29612cf137
Comment 3 Dag Andersen 2012-09-19 09:47:09 UTC 
Git commit 47fd94b3959015c29ee5e5fc2249a7d0f07e8caf by Dag Andersen.
Committed on 19/09/2012 at 09:24.
Pushed by danders into branch 'calligra/2.5'.

Backport: Fix potential crash if irand returns max value.

    This *may* be the cause of bug 306734 but I am not certain

M  +1    -1    plan/plugins/schedulers/rcps/libs/src/librcps.c

http://commits.kde.org/calligra/47fd94b3959015c29ee5e5fc2249a7d0f07e8caf
Comment 4 Raúl 2012-09-19 11:23:37 UTC 
I've backported the patch to 2.4. I don't know if is there any other change that prevents the patch to work, but I had the crash again.
I'm attaching a gdb log of the crash, and the console output log.
Comment 5 Raúl 2012-09-19 11:24:15 UTC 
Created attachment 74025 [details]
gdb log of the crash.
Comment 6 Raúl 2012-09-19 11:24:48 UTC 
Created attachment 74026 [details]
Console output log.
Comment 7 Dag Andersen 2012-09-20 07:55:22 UTC 
Git commit 645b463b51f04ee8a7aec98d067ccda729ef4227 by Dag Andersen.
Committed on 20/09/2012 at 09:48.
Pushed by danders into branch 'master'.

Keep population size correct to avoid accessing lists outside boundaries

Raul: could you possibly test this to on 2.4.2?
(I managed to crash it in the same place, but AFAICS not in exactly the same *way* as you)

M  +8    -6    plan/plugins/schedulers/rcps/libs/src/librcps.c

http://commits.kde.org/calligra/645b463b51f04ee8a7aec98d067ccda729ef4227
Comment 8 Dag Andersen 2012-09-20 12:36:58 UTC 
Git commit 4964623298f50677738d6a9a7075471940f2aedf by Dag Andersen.
Committed on 20/09/2012 at 14:36.
Pushed by danders into branch 'calligra/2.5'.

Keep population size correct to avoid accessing lists outside boundaries

M  +8    -6    plan/plugins/schedulers/rcps/libs/src/librcps.c

http://commits.kde.org/calligra/4964623298f50677738d6a9a7075471940f2aedf
Comment 9 Raúl 2012-09-20 21:57:21 UTC 
Hi:
Thanks for your fast replies. I've tried the new patch on top on the previous one backported to 2.4.3, this is both patches applied. My first tests shows that crash is gone but I'd still like to test it a little further.
Comment 10 Raúl 2012-10-01 09:58:24 UTC 
After some more tests I see the bug is not reproducible anymore, I'm therefore closing. Tested on 2.4.3+backported patch and 2.5.x
Thanks for the fixes.