Bug 469404 - Sage backend crashes on any input
Summary: Sage backend crashes on any input
Status: RESOLVED FIXED
Alias: None
Product: cantor
Classification: Applications
Component: sage-backend (show other bugs)
Version: unspecified
Platform: Other Linux
: NOR crash
Target Milestone: ---
Assignee: Alexander Semke
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2023-05-06 07:12 UTC by Antonio Rojas
Modified: 2024-05-13 21:01 UTC (History)
1 user (show)

See Also:
Latest Commit:
Version Fixed In:
Sentry Crash Report:

Attachments
Add an attachment

Note You need to log in before you can comment on or make changes to this bug.
Description Antonio Rojas 2023-05-06 07:12:43 UTC 
On git master, the sage backend crashes on any input:

(gdb) bt
#0  0x00007fffeecaf9e9 in std::__atomic_base<QObjectPrivate::ConnectionData*>::load(std::memory_order) const (__m=<optimized out>, this=<optimized out>)
    at /usr/include/c++/12.2.1/bits/atomic_base.h:820
#1  std::atomic<QObjectPrivate::ConnectionData*>::load(std::memory_order) const (__m=<optimized out>, this=<optimized out>)
    at /usr/include/c++/12.2.1/atomic:579
#2  QAtomicOps<QObjectPrivate::ConnectionData*>::loadRelaxed<QObjectPrivate::ConnectionData*>(std::atomic<QObjectPrivate::ConnectionData*> const&)
    (_q_value=<optimized out>) at ../../include/QtCore/../../src/corelib/thread/qatomic_cxx11.h:239
#3  QBasicAtomicPointer<QObjectPrivate::ConnectionData>::loadRelaxed() const (this=<optimized out>)
    at ../../include/QtCore/../../src/corelib/thread/qbasicatomic.h:248
#4  QObjectPrivate::ensureConnectionData() (this=<optimized out>) at kernel/qobject_p.h:393
#5  QObjectPrivate::addConnection(int, QObjectPrivate::Connection*) (this=0xd58c9815ce0898f8, signal=8, c=0x5555562ced70) at kernel/qobject.cpp:325
#6  0x00007fffeecbd134 in QObjectPrivate::connectImpl(QObject const*, int, QObject const*, void**, QtPrivate::QSlotObjectBase*, Qt::ConnectionType, int const*, QMetaObject const*)
    (sender=sender@entry=0x5555562974f0, signal_index=8, receiver=receiver@entry=0x555555f20e80, slot=slot@entry=0x7fffffffd990, slotObj=slotObj@entry=0x55555621a090, type=<optimized out>, types=<optimized out>, senderMetaObject=<optimized out>)
    at ../../include/QtCore/../../src/corelib/kernel/qobject.h:132
#7  0x00007fffeecbd51e in QObject::connectImpl(QObject const*, void**, QObject const*, void**, QtPrivate::QSlotObjectBase*, Qt::ConnectionType, int const*, QMetaObject const*)
    (sender=sender@entry=0x5555562974f0, signal=signal@entry=0x7fffffffd980, receiver=receiver@entry=0x555555f20e80, slot=slot@entry=0x7fffffffd990, slotObj=0x55555621a090, type=Qt::AutoConnection, types=0x0, senderMetaObject=<optimized out>) at kernel/qobject.cpp:5038
#8  0x00007fffb80a0ab6 in QObject::connect<void (Cantor::Expression::*)(Cantor::Expression::Status), void (Cantor::Session::*)(Cantor::Expression::Status)>(QtPrivate::FunctionPointer<void (Cantor::Expression::*)(Cantor::Expression::Status)>::Object const*, void (Cantor::Expression::*)(Cantor::Expression::Status), QtPrivate::FunctionPointer<void (Cantor::Session::*)(Cantor::Expression::Status)>::Object const*, void (Cantor::Session::*)(Cantor::Expression::Status), Qt::ConnectionType)
    (type=Qt::AutoConnection, slot=(void (Cantor::Session::*)(Cantor::Session * const, Cantor::Expression::Status)) 0x7ffff7ebb750 <Cantor::Session::currentExpressionStatusChanged(Cantor::Expression::Status)>, receiver=0x555555f20e80, signal=(void (Cantor::Expression::*)(Cantor::Expression * const, Cantor::Expression::Status)) 0x7ffff7eb93a0 <Cantor::Expression::statusChanged(Cantor::Expression::Status)>, sender=0x5555562974f0)
    at /usr/include/qt/QtCore/qobject.h:268
#9  SageSession::runFirstExpression() (this=0x555555f20e80) at /usr/src/debug/cantor/cantor/src/backends/sage/sagesession.cpp:346
--Type <RET> for more, q to quit, c to continue without paging--
#10 0x00007fffb80a86b3 in SageSession::readStdOut() (this=0x555555f20e80) at /usr/src/debug/cantor/cantor/src/backends/sage/sagesession.cpp:263
#11 0x00007fffeecbeb41 in QtPrivate::QSlotObjectBase::call(QObject*, void**)
    (a=0x7fffffffdb30, r=<optimized out>, this=0x5555562b35c0, this=<optimized out>, r=<optimized out>, a=<optimized out>)
    at ../../include/QtCore/../../src/corelib/kernel/qobjectdefs_impl.h:398
#12 doActivate<false>(QObject*, int, void**) (sender=0x55555611e620, signal_index=3, argv=0x7fffffffdb30) at kernel/qobject.cpp:3923
#13 0x00007fffeec123da in QProcessPrivate::tryReadFromChannel(QProcessPrivate::Channel*) (this=0x55555612dfa0, channel=0x55555612e0b0)
    at io/qprocess.cpp:1068
#14 0x00007fffeec18f2d in QProcessPrivate::_q_canReadStandardError() (this=<optimized out>) at io/qprocess.cpp:1092
#15 QProcess::qt_static_metacall(QObject*, QMetaObject::Call, int, void**)
    (_o=<optimized out>, _c=<optimized out>, _id=<optimized out>, _a=0x7fffffffdd00) at .moc/moc_qprocess.cpp:210
#16 0x00007fffeecbecf0 in doActivate<false>(QObject*, int, void**) (sender=0x55555612b9b0, signal_index=3, argv=0x7fffffffdd00)
    at kernel/qobject.cpp:3935
#17 0x00007fffeecc09f4 in QSocketNotifier::activated(QSocketDescriptor, QSocketNotifier::Type, QSocketNotifier::QPrivateSignal)
    (this=this@entry=0x55555612b9b0, _t1=..., _t2=<optimized out>, _t3=...) at .moc/moc_qsocketnotifier.cpp:178
#18 0x00007fffeecc0b38 in QSocketNotifier::event(QEvent*) (this=0x55555612b9b0, e=<optimized out>) at kernel/qsocketnotifier.cpp:302
#19 0x00007fffef978b5c in QApplicationPrivate::notify_helper(QObject*, QEvent*) (this=<optimized out>, receiver=0x55555612b9b0, e=0x7fffffffde20)
    at kernel/qapplication.cpp:3640
#20 0x00007fffeec8e028 in QCoreApplication::notifyInternal2(QObject*, QEvent*) (receiver=0x55555612b9b0, event=0x7fffffffde20)
    at kernel/qcoreapplication.cpp:1064
#21 0x00007fffeecd7b96 in socketNotifierSourceDispatch(GSource*, GSourceFunc, gpointer) (source=0x555555610730) at kernel/qeventdispatcher_glib.cpp:107
#22 0x00007fffe8d0f53b in g_main_dispatch (context=0x7fffd0000ee0) at ../glib/glib/gmain.c:3460
#23 g_main_context_dispatch (context=0x7fffd0000ee0) at ../glib/glib/gmain.c:4200
#24 0x00007fffe8d6c219 in g_main_context_iterate.constprop.0 (context=0x7fffd0000ee0, block=1, dispatch=1, self=<optimized out>)
    at ../glib/glib/gmain.c:4276
#25 0x00007fffe8d0e1a2 in g_main_context_iteration (context=0x7fffd0000ee0, may_block=1) at ../glib/glib/gmain.c:4343
#26 0x00007fffeecd8d3c in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) (this=0x555555611370, flags=...)
    at kernel/qeventdispatcher_glib.cpp:423
#27 0x00007fffeec8668c in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) (this=0x7fffffffe0a0, flags=...)
--Type <RET> for more, q to quit, c to continue without paging--
    at ../../include/QtCore/../../src/corelib/global/qflags.h:69
#28 0x00007fffeec912f9 in QCoreApplication::exec() () at ../../include/QtCore/../../src/corelib/global/qflags.h:121
#29 0x00007fffef13b052 in QGuiApplication::exec() () at kernel/qguiapplication.cpp:1870
#30 0x00007fffef976f2a in QApplication::exec() () at kernel/qapplication.cpp:2832
#31 0x00005555555676ce in main(int, char**) (argc=<optimized out>, argv=<optimized out>) at /usr/src/debug/cantor/cantor/src/main.cpp:141
Comment 1 Antonio Rojas 2023-05-06 08:52:17 UTC 
Bisected to 3bd238c09be423ee95a5556aca2f7f7827959c1c
Comment 2 Alexander Semke 2023-05-18 11:54:42 UTC 
The crash is triggered  in frame9 in sagesession.cpp:346 where a simple connect is being done:

connect(expr, &Cantor::Expression::statusChanged, this, &Session::currentExpressionStatusChanged);

and it crashes later in /usr/include/c++/12.2.1/bits/atomic_base.h.

I cannot reproduce this issue on my side. Everything works fine for me with g++ 12.2.1, Qt5.15.9 on openSuse Leap 15.4.  Thogh, valgrind is reporting an invalid read in SageSession::readStdOut() (sagesession.cpp:193, frame 10 in your call-stack) which I don't completely understand yet, I'll check it now. This might be related.

You managed to bisect it to 3bd238c09be423ee95a5556aca2f7f7827959c1c. Thank you! Does it work for you if your roll-back my recent changes and refactoring for Sage? Did Sage work for you in cantor earlier and does it work now if you revert 68d7944c08dc9899d85baffbf4caae8cc932d816 and 3bd238c09be423ee95a5556aca2f7f7827959c1c temporarily?
Comment 3 Antonio Rojas 2023-05-18 12:01:25 UTC 
This is specifically triggered by the line

"print('%s %s' % ('____TMP_DIR____', sage.misc.misc.SAGE_TMP))\n"

which throws a deprecation warning in recent Sage, so stderr is non-empty. I think this was deprecated in 9.7, which version of Sage are you testing with?
Comment 4 Alexander Semke 2023-05-18 12:23:02 UTC 
(In reply to Antonio Rojas from comment #3)
> This is specifically triggered by the line
> 
> "print('%s %s' % ('____TMP_DIR____', sage.misc.misc.SAGE_TMP))\n"
> 
> which throws a deprecation warning in recent Sage, so stderr is non-empty. I
> think this was deprecated in 9.7, which version of Sage are you testing with?
I was testing with 9.5 and can reproduce the problem with 9.8 now. I'll check.
Comment 5 Alexander Semke 2023-05-18 13:26:09 UTC 
(In reply to Antonio Rojas from comment #3)
> This is specifically triggered by the line
> 
> "print('%s %s' % ('____TMP_DIR____', sage.misc.misc.SAGE_TMP))\n"
> 
> which throws a deprecation warning in recent Sage, so stderr is non-empty. I
> think this was deprecated in 9.7, which version of Sage are you testing with?

This crash can be avoided by adding a simple if (out.contains( QLatin1String("___TMP_DIR___") ) ) return in SageSession::readStdErr() but it looks like Sage is not writing anything anymore into this temp folder. So, plotting is broken in Cantor with Sage 9.8. Can you confirm this?
Comment 6 Alexander Semke 2023-05-18 13:28:55 UTC 
The deprecation warning is pointing to python's tempfile and to https://trac.sagemath.org/33213 which seems to be dead. I'll need to check how sage is working with tempfile now... Are you contributing to Sage?
Comment 7 Bug Janitor Service 2023-05-18 17:24:39 UTC 
A possibly relevant merge request was started @ https://invent.kde.org/education/cantor/-/merge_requests/55
Comment 8 Antonio Rojas 2023-05-18 17:27:17 UTC 
(In reply to Alexander Semke from comment #6)
> The deprecation warning is pointing to python's tempfile and to
> https://trac.sagemath.org/33213 which seems to be dead. I'll need to check
> how sage is working with tempfile now... Are you contributing to Sage?

Yes. Sage development has moved to github, the correct link is now https://github.com/sagemath/sage/issues/33213

The linked MR should fix this particular instance of the crash, but this may reappear at any time if any command in the preamble throws a deprecation warning in the future, so it would be better to fix the actual root cause.
Comment 9 Antonio Rojas 2023-05-20 06:35:23 UTC 
Git commit 6b14d7d5960c5383aaec96b7aea1ce4bd3680f1e by Antonio Rojas.
Committed on 18/05/2023 at 17:21.
Pushed by asemke into branch 'master'.

Fix displaying plots in sagemath>=9.7

The temporary file location has moved under /tmp, so we need to monitor the new path. This also works around a crash in git master caused by a deprecation warning.
Related: bug 468598

M  +5    -1    src/backends/sage/sagesession.cpp

https://invent.kde.org/education/cantor/commit/6b14d7d5960c5383aaec96b7aea1ce4bd3680f1e
Comment 10 Bug Janitor Service 2023-05-20 09:01:30 UTC 
A possibly relevant merge request was started @ https://invent.kde.org/education/cantor/-/merge_requests/57
Comment 11 Antonio Rojas 2023-05-20 17:33:07 UTC 
Git commit d7d3ec2809eec1e818a5ec15c7018b3dc0b587cd by Antonio Rojas.
Committed on 20/05/2023 at 09:00.
Pushed by arojas into branch 'release/23.04'.

Fix displaying plots in sagemath>=9.7

The temporary file location has moved under /tmp, so we need to monitor the new path. This also works around a crash in git master caused by a deprecation warning.
Related: bug 468598


(cherry picked from commit 6b14d7d5960c5383aaec96b7aea1ce4bd3680f1e)

M  +5    -1    src/backends/sage/sagesession.cpp

https://invent.kde.org/education/cantor/commit/d7d3ec2809eec1e818a5ec15c7018b3dc0b587cd