370495 – heap corruption after immediately after opening folder [BackgroundParserPrivate::parseDocumentsInternal, BackgroundParserPrivate::createParseJob, DocumentParsePlan::notifyWhenReady]

Bug 370495 - heap corruption after immediately after opening folder [BackgroundParserPrivate::parseDocumentsInternal, BackgroundParserPrivate::createParseJob, DocumentParsePlan::notifyWhenReady]

Summary: heap corruption after immediately after opening folder [BackgroundParserPriva...

Status:	RESOLVED FIXED

Alias:	None

Product:	kdevplatform
Classification:	Developer tools
Component:	language (show other bugs)
Version:	5.0.0
Platform:	Microsoft Windows Microsoft Windows

Importance:	HI crash
Target Milestone:	---
Assignee:	kdevelop-bugs-null

URL:
Keywords:

Duplicates (6):	369182 369483 369848 374106 374145 378751 (view as bug list)
Depends on:
Blocks:

Reported:	2016-10-11 18:48 UTC by Christoph Obexer
Modified:	2017-04-13 21:01 UTC (History)
CC List:	6 users (show)

See Also:
Latest Commit:	http://commits.kde.org/kdevplatform/3c395340d9ee7c936f7c2a5895b28078ae4a5ce5
Version Fixed In:	5.0.2
Sentry Crash Report:

Attachments
Add an attachment

Note You need to log in before you can comment on or make changes to this bug.

Description Christoph Obexer 2016-10-11 18:48:24 UTC

Opening a folder without an existing .kdev4 file using "Open Project" from the startup screen And selecting Custom Make as project type, I get a crash with a heap corruption message (captured using Visual Studio 2012).
I couldn't really look at anything because I have no Qt tooling setup (and the guide for that is broken -.- / requires me to setup Qt, Perl and compile that VS addin myself...)

The crash reproduces almost every time, but didn't happen when I was adding all the subfolders of the primary folder before adding itself.
I also notice that the scanner seems to be working while the crash happens.

Crash backtrace:
>             ntdll.dll!RtlReportCriticalFailure‑()          Unknown
               ntdll.dll!RtlpHeapHandleError‑()              Unknown
               ntdll.dll!RtlpLogHeapFailure‑()  Unknown
               ntdll.dll!RtlFreeHeap()  Unknown
               ucrtbase.dll!free‑()        Unknown
               Qt5Core.dll!QHashData::free_helper(void (QHashData::Node *) * node_delete=0x00007ffed58f6f14) Line 545         C++
               KDevPlatformLanguage.dll!DocumentParsePlan::notifyWhenReady() Line 177               C++
               KDevPlatformLanguage.dll!KDevelop::BackgroundParserPrivate::createParseJob(const KDevelop::IndexedString & url={...}, const DocumentParsePlan & parsePlan={...}) Line 358      C++
               KDevPlatformLanguage.dll!KDevelop::BackgroundParserPrivate::parseDocumentsInternal() Line 306 C++
               KDevPlatformLanguage.dll!KDevelop::BackgroundParser::parseDocuments() Line 651               C++
               KDevPlatformLanguage.dll!KDevelop::BackgroundParser::qt_static_metacall(QObject * _o=0x000000db3f7941c0, QMetaObject::Call _c, int _id, void * * _a=0x000000db4dd4bc30) Line 269    C++
               Qt5Core.dll!QObject::event(QEvent * e) Line 1256        C++
               Qt5Widgets.dll!QApplicationPrivate::notify_helper(QObject * receiver=0x000000db3f7941c0, QEvent * e=0x000000db43e55a40) Line 3805         C++
               Qt5Widgets.dll!QApplication::notify(QObject * receiver, QEvent * e=0x000000db43e55a40) Line 3767                C++
               Qt5Core.dll!QCoreApplication::notifyInternal2(QObject * receiver=0x000000db3f7941c0, QEvent * event=0x000000db43e55a40) Line 1015               C++
               Qt5Core.dll!QCoreApplicationPrivate::sendPostedEvents(QObject * receiver=0x0000000000000000, int event_type, QThreadData * data=0x000000db3c7d57d0) Line 1650       C++
               qwindows.dll!00007ffee8e4546f()          Unknown
               Qt5Core.dll!qt_internal_proc(HWND__ * hwnd=0x00000000001c10da, unsigned int message=1025, unsigned __int64 wp=0, __int64 lp=0) Line 438    C++
               user32.dll!UserCallWinProcCheckWow()             Unknown
               user32.dll!DispatchMessageWorker()   Unknown
               Qt5Core.dll!QEventDispatcherWin32::processEvents(QFlags<enum QEventLoop::ProcessEventsFlag> flags={...}) Line 838         C++
               qwindows.dll!00007ffee8e45449()         Unknown
               Qt5Core.dll!QEventLoop::exec(QFlags<enum QEventLoop::ProcessEventsFlag> flags={...}) Line 205    C++
               Qt5Core.dll!QCoreApplication::exec() Line 1285              C++
               kdevelop.exe!main(int argc=1, char * * argv=0x000000db3c80d780) Line 763   C++
               kdevelop.exe!WinMain(HINSTANCE__ * __formal=0x0000000000000001, HINSTANCE__ * __formal=0x0000000000000000, char * __formal=0x00007ff7c7ecf000, int __formal=-940773376) Line 113        C++
               kdevelop.exe!__scrt_common_main_seh() Line 253   C++
               kernel32.dll!BaseThreadInitThunk‑()     Unknown
               ntdll.dll!RtlUserThreadStart‑()  Unknown


Reproducible: Sometimes

Steps to Reproduce:
1. import project


Actual Results:  
Crash

Expected Results:  
.

Windows Server 2012 R2

Comment 1 Kevin Funk 2016-10-11 22:48:26 UTC

I've had a similar crash a while ago. Can confirm.

    ucrtbase.dll!00007ff8628298fe() Unknown
    ucrtbase.dll!00007ff862829036() Unknown
>   kdevelop.exe!__scrt_unhandled_exception_filter(_EXCEPTION_POINTERS * const pointers) Line 75    C++
    KernelBase.dll!00007ff863e67e1e()   Unknown
    ntdll.dll!00007ff8670dd998()    Unknown
    ntdll.dll!00007ff8670c5b26()    Unknown
    ntdll.dll!00007ff8670d9afd()    Unknown
    ntdll.dll!00007ff867064fe9()    Unknown
    ntdll.dll!00007ff867066c94()    Unknown
    KernelBase.dll!00007ff863e11f28()   Unknown
    vcruntime140.dll!00007ff85beb2a10() Unknown
    ntdll.dll!00007ff8670d90e3()    Unknown
    Qt5Core.dll!QHashData::detach_helper(void(*)(QHashData::Node *, void *) node_duplicate=0x00007ff83db52004, void(*)(QHashData::Node *) node_delete=0x00007ff83db56f14, int nodeSize=48, int nodeAlign=8) Line 485    C++
    KDevPlatformLanguage.dll!QHash<DocumentParseTarget,QHashDummyValue>::detach_helper() Line 567   C++
    KDevPlatformLanguage.dll!DocumentParsePlan::priority() Line 152 C++
    KDevPlatformLanguage.dll!KDevelop::BackgroundParserPrivate::createParseJob(const KDevelop::IndexedString & url={...}, const DocumentParsePlan & parsePlan={...}) Line 370   C++
    KDevPlatformLanguage.dll!KDevelop::BackgroundParserPrivate::parseDocumentsInternal() Line 306   C++
    KDevPlatformLanguage.dll!KDevelop::BackgroundParser::parseDocuments() Line 651  C++
    KDevPlatformLanguage.dll!KDevelop::BackgroundParser::qt_static_metacall(QObject * _o=0x0000021cb981b1f0, QMetaObject::Call _c, int _id, void * * _a=0x0000021cbc6e3160) Line 269    C++
    Qt5Core.dll!QObject::event(QEvent * e) Line 1256    C++
    Qt5Widgets.dll!QApplicationPrivate::notify_helper(QObject * receiver=0x0000021cb981b1f0, QEvent * e=0x0000021cbc8988c0) Line 3805   C++
    Qt5Widgets.dll!QApplication::notify(QObject * receiver, QEvent * e=0x0000021cbc8988c0) Line 3767    C++
    Qt5Core.dll!QCoreApplication::notifyInternal2(QObject * receiver=0x0000021cb981b1f0, QEvent * event=0x0000021cbc8988c0) Line 1015   C++
    Qt5Core.dll!QCoreApplicationPrivate::sendPostedEvents(QObject * receiver=0x0000000000000000, int event_type, QThreadData * data=0x0000021cb524ed10) Line 1650   C++
    qwindows.dll!QWindowsGuiEventDispatcher::sendPostedEvents() Line 76 C++
    Qt5Core.dll!qt_internal_proc(HWND__ * hwnd=0x00000000000806b2, unsigned int message=1025, unsigned __int64 wp=0, __int64 lp=0) Line 438 C++
    user32.dll!00007ff866a61169()   Unknown
    user32.dll!00007ff866a60c97()   Unknown
    Qt5Core.dll!QEventDispatcherWin32::processEvents(QFlags<enum QEventLoop::ProcessEventsFlag> flags={...}) Line 838   C++
    qwindows.dll!QWindowsGuiEventDispatcher::processEvents(QFlags<enum QEventLoop::ProcessEventsFlag> flags={...}) Line 69  C++
    Qt5Core.dll!QEventLoop::exec(QFlags<enum QEventLoop::ProcessEventsFlag> flags={...}) Line 205   C++
    Qt5Core.dll!QCoreApplication::exec() Line 1285  C++
    kdevelop.exe!main(int argc=1, char * * argv=0x0000021cb5250810) Line 763    C++
    kdevelop.exe!WinMain(HINSTANCE__ * __formal=0x000000000000000a, HINSTANCE__ * __formal=0x0000000000000000, char * __formal=0x000000b3d2578000, int __formal=-766017536) Line 113    C++
    kdevelop.exe!__scrt_common_main_seh() Line 253  C++
    kernel32.dll!00007ff864a68102() Unknown
    ntdll.dll!00007ff86708c5b4()    Unknown

Comment 2 Kevin Funk 2016-10-11 23:45:54 UTC

Git commit 3c395340d9ee7c936f7c2a5895b28078ae4a5ce5 by Kevin Funk.
Committed on 11/10/2016 at 23:40.
Pushed by kfunk into branch '5.0'.

BackgroundParserPrivate::createParseJob: Fix race

While creating a parse job we temporarily unlock the mutex used to
ensure access to the BackgroundParsers shared data is exclusive.

But this is problematic:
 a) we use data which can be modified by other threads
 b) we use iterators which could have become invalid
    since the underlying container got modified by other threads

This almost instantly crashes the KDevelop on Windows version when there
multiple language plugins creating parse jobs in parallel.
FIXED-IN: 5.0.2

M  +16   -6    language/backgroundparser/backgroundparser.cpp

http://commits.kde.org/kdevplatform/3c395340d9ee7c936f7c2a5895b28078ae4a5ce5

Comment 3 Kevin Funk 2016-12-12 08:03:23 UTC

*** Bug 369182 has been marked as a duplicate of this bug. ***

Comment 4 Kevin Funk 2016-12-27 10:16:33 UTC

*** Bug 374145 has been marked as a duplicate of this bug. ***

Comment 5 Kevin Funk 2017-04-13 20:59:02 UTC

*** Bug 378751 has been marked as a duplicate of this bug. ***

Comment 6 Kevin Funk 2017-04-13 20:59:27 UTC

*** Bug 369848 has been marked as a duplicate of this bug. ***

Comment 7 Kevin Funk 2017-04-13 21:00:17 UTC

*** Bug 374106 has been marked as a duplicate of this bug. ***

Comment 8 Kevin Funk 2017-04-13 21:01:37 UTC

*** Bug 369483 has been marked as a duplicate of this bug. ***