#420 closed bug (fixed)
[ButterFly] Segment violation
Reported by: | diver | Owned by: | axeld |
---|---|---|---|
Priority: | normal | Milestone: | R1 |
Component: | - General | Version: | |
Keywords: | Cc: | oxben@… | |
Blocked By: | Blocking: | ||
Platform: | All |
Description
GNU gdb 6.3 Copyright 2004 Free Software Foundation, Inc. GDB is free software, covered by the GNU General Public License, and you are welcome to change it and/or distribute copies of it under certain conditions. Type "show copying" to see the conditions. There is absolutely no warranty for GDB. Type "show warranty" for details. This GDB was configured as "i586-pc-haiku"...(no debugging symbols found)
Thread 1829 caused an exception: Segment violation Reading symbols from /boot/beos/system/lib/libbe.so...(no debugging symbols found)...done. Loaded symbols for /boot/beos/system/lib/libbe.so Reading symbols from /boot/beos/system/lib/libtranslation.so...(no debugging symbols found)...done. Loaded symbols for /boot/beos/system/lib/libtranslation.so Reading symbols from /boot/beos/system/lib/libtracker.so... (no debugging symbols found)...done. Loaded symbols for /boot/beos/system/lib/libtracker.so Reading symbols from /boot/beos/system/lib/libnet.so...(no debugging symbols found)...done. Loaded symbols for /boot/beos/system/lib/libnet.so Reading symbols from /boot/beos/system/lib/libroot.so...done. Loaded symbols for /boot/beos/system/lib/libroot.so Reading symbols from /boot/beos/system/lib/libstdc++.hrev4.so...done. Loaded symbols for /boot/beos/system/lib/libstdc++.hrev4.so Reading symbols from /boot/beos/system/lib/libsocket.so...done. Loaded symbols for /boot/beos/system/lib/libsocket.so Reading symbols from /system/add-ons/Translators/BMPTranslator...done. Loaded symbols for /system/add-ons/Translators/BMPTranslator Reading symbols from /system/add-ons/Translators/GIFTranslator...done. Loaded symbols for /system/add-ons/Translators/GIFTranslator Reading symbols from /system/add-ons/Translators/JPEG2000Translator...done. Loaded symbols for /system/add-ons/Translators/JPEG2000Translator Reading symbols from /system/add-ons/Translators/JPEGTranslator...done. Loaded symbols for /system/add-ons/Translators/JPEGTranslator Reading symbols from /system/add-ons/Translators/PNGTranslator...done. Loaded symbols for /system/add-ons/Translators/PNGTranslator Reading symbols from /boot/beos/system/lib/libz.so...done. Loaded symbols for /boot/beos/system/lib/libz.so Reading symbols from /system/add-ons/Translators/RTF-Translator...done. Loaded symbols for /system/add-ons/Translators/RTF-Translator ButterFly crash on file selecting
Reading symbols from /system/add-ons/Translators/STXTTranslator...done. Loaded symbols for /system/add-ons/Translators/STXTTranslator
[Switching to team /BeBox/apps/Butterfly/Butterfly (1823) thread w>Butterfly 1.6.1 (1829)] 0x0034f4ed in BEntry::~BEntry () from /boot/beos/system/lib/libbe.so (gdb) bt #0 0x0034f4ed in BEntry::~BEntry () from /boot/beos/system/lib/libbe.so #1 0x0021090b in FSNav::FileSelected () Previous frame inner to this frame (corrupt stack?) (gdb)
Change History (17)
comment:1 by , 19 years ago
Resolution: | → wontfix |
---|
comment:2 by , 19 years ago
comment:3 by , 19 years ago
Status: | new → closed |
---|
comment:4 by , 19 years ago
I'll try to find the old Butterfly sources tonight. It could be interesting to see it run on Haiku.
comment:6 by , 19 years ago
I did some archeologies in my used hardware and found the source code on a old hard drive.
Here is the code of the crashing method:
void FSNav::FileSelected(int32 num) {
BListView *theList = ((InterApp*)be_app)->fileList;
if(num > 0) {
BEntry entry; BStringItem *item = (BStringItem*)theList->ItemAt(num); currentDir->FindEntry(item->Text(), &entry); BDirectory *newDir = new BDirectory(&entry); if (newDir->InitCheck() == B_OK) { it's a directory : do nothing
delete newDir;
} else {
TryToLoadBitmapFromFile(&entry);
}
}
}
I'm wondering if the cause of the crash is the local BEntry? I can't check it myself as I stopped using BeOS a few years ago.
I put the full source code there: http://oxben.free.fr/butterfly/Butterfly-src-1.6.1.zip
I hope this could help.
comment:7 by , 19 years ago
Cc: | added |
---|
comment:8 by , 19 years ago
Adding Benjamin, so he would know whats was wrong. Should we reopen this bug, Axel?
comment:9 by , 19 years ago
Resolution: | wontfix |
---|
comment:10 by , 19 years ago
Status: | closed → reopened |
---|
comment:12 by , 19 years ago
This may be useful. These are the debug messages displayed on the QEMU console when an image file is selected:
bfs: bfs_open_dir:1463: Invalid Argument vm_soft_fault: va 0xffffffe0 not covered by area in address space vm_page_fault: vm_soft_fault returned error -2147478783 on fault at 0xffffffe0, ip 0x3557cd, write 1, user 1, thread 0x97 vm_page_fault: sending team "/boot/home/Butterfly/Butterfly" 0x91 SIGSEGV, ip 0x3557cd ("libbe.so_seg0ro" +0x12d7cd)
Selecting a directory is OK.
Looks like the caller of bfs_open_dir() do not check the error code and segfaults.
In Butterfly's code, FSNav::FileSelected(), return code from currentDir->FindEntry() is not tested. May be FindEntry() behaviour changed in Haiku, and returned an error here, then the entry passed to BDirectory() is invalid and BDirectory() segfaults?
comment:13 by , 19 years ago
My previous assumption was wrong.
I instrumented my code a bit and recompile it with debug information. The crash is not related to FindEntry() or BDirectory() constructor. These two routines executes correctly, and the image is even loaded by TryToLoadBitmapFromFile().
The crash occurs at the end of the routine, when the BEntry declared on the stack is deleted.
Also, on the console, the "vm_soft_fault:" trace does not appear immediatly after the "bfs_open_dir" one. I think there is no relation between the crash and bfs_open_dir().
comment:14 by , 19 years ago
Indeed, the stack got corrupted in BEntry::GetStat() which then let the BEntry destructor (also on the stack) fail. Fixed in hrev17894.
A few notes about your code and previous assumption:
- trying to open a file as directory results in the "bfs: bfs_open_dir:1463:
Invalid Argument" message
- There also is a BEntry::IsDirectory() method you could have used :-)
- You're leaking memory when clicking on a file: if BDirectory::InitCheck()
returns an error, the object you have created still exists and must be freed.
Again, thanks a lot for giving me access to the code, that made finding the cause of this very simple!
comment:15 by , 19 years ago
Resolution: | → fixed |
---|
comment:16 by , 19 years ago
Status: | reopened → closed |
---|
comment:17 by , 19 years ago
Wow! Axel, you amazed me one more time. It's great you found the bug.
Thanks for the comments on my old code ;) I haven't touched it since 2001 or 2002 I think. But may be I'll fix it. It was fun to reboot BeOS/Haiku under Qemu on Linux.
Sorry, I can't track this down without the source of ButterFly. I suspect an application error, anyway.