0003456: Something under Refresher::sendMasterQueries() may cause a segfault if the program quits

$ gdb /tmp/doomseeker/doomseeker core GNU gdb (Debian 8.1-4) 8.1 Copyright (C) 2018 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html> This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "x86_64-linux-gnu". Type "show configuration" for configuration details. For bug reporting instructions, please see: <http://www.gnu.org/software/gdb/bugs/>. Find the GDB manual and other documentation resources online at: <http://www.gnu.org/software/gdb/documentation/>. For help, type "help". Type "apropos word" to search for commands related to "word"... Reading symbols from /tmp/doomseeker/doomseeker...(no debugging symbols found)...done. [New LWP 9904] [New LWP 9905] [New LWP 9912] [New LWP 9909] [New LWP 9914] [New LWP 9910] [New LWP 9907] [New LWP 9911] [New LWP 9906] [New LWP 9913] [New LWP 9915] [Thread debugging using libthread_db enabled] Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1". Core was generated by `/tmp/doomseeker/doomseeker'. Program terminated with signal SIGSEGV, Segmentation fault. #0 0x0000000000000001 in ?? () [Current thread is 1 (Thread 0x7f9fa4327840 (LWP 9904))] (gdb) bt #0 0x0000000000000001 in ?? () #1 0x0000557e725bda5d in Refresher::sendMasterQueries() () 0000002 0x0000557e7260992f in Refresher::qt_static_metacall(QObject*, QMetaObject::Call, int, void**) () 0000003 0x00007f9fab5917bb in QMetaObject::activate(QObject*, int, int, void**) () from /usr/lib/x86_64-linux-gnu/libQt5Core.so.5 0000004 0x00007f9fab59d5c3 in ?? () from /usr/lib/x86_64-linux-gnu/libQt5Core.so.5 0000005 0x00007f9fab59202b in QObject::event(QEvent*) () from /usr/lib/x86_64-linux-gnu/libQt5Core.so.5 0000006 0x00007f9fac1c44a1 in QApplicationPrivate::notify_helper(QObject*, QEvent*) () from /usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5 0000007 0x00007f9fac1cbae0 in QApplication::notify(QObject*, QEvent*) () from /usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5 0000008 0x00007f9fab568579 in QCoreApplication::notifyInternal2(QObject*, QEvent*) () from /usr/lib/x86_64-linux-gnu/libQt5Core.so.5 0000009 0x00007f9fab5b9638 in QTimerInfoList::activateTimers() () from /usr/lib/x86_64-linux-gnu/libQt5Core.so.5 0000010 0x00007f9fab5b9e94 in ?? () from /usr/lib/x86_64-linux-gnu/libQt5Core.so.5 0000011 0x00007f9fa9a5d287 in g_main_context_dispatch () from /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0 0000012 0x00007f9fa9a5d4c0 in ?? () from /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0 0000013 0x00007f9fa9a5d54c in g_main_context_iteration () from /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0 0000014 0x00007f9fab5ba223 in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib/x86_64-linux-gnu/libQt5Core.so.5 0000015 0x00007f9fa3fa3e51 in ?? () from /usr/lib/x86_64-linux-gnu/libQt5XcbQpa.so.5 0000016 0x00007f9fab56724b in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib/x86_64-linux-gnu/libQt5Core.so.5 0000017 0x00007f9fab56f3c2 in QCoreApplication::exec() () from /usr/lib/x86_64-linux-gnu/libQt5Core.so.5 0000018 0x0000557e725aedfc in Main::run() () 0000019 0x0000557e725b16cd in main () (gdb) i r rax 0x1 1 rbx 0x557e7320b060 94001585762400 rcx 0x0 0 rdx 0x557e7309fa40 94001584273984 rsi 0x0 0 rdi 0x557e7309fa40 94001584273984 rbp 0x7ffd78801080 0x7ffd78801080 rsp 0x7ffd78801038 0x7ffd78801038 r8 0xc 12 r9 0x1c 28 r10 0x8e606d 9330797 r11 0x3a6fbc85 980401285 r12 0xc 12 r13 0x557e7260983e 94001573173310 r14 0x557e730c7680 94001584436864 r15 0x7ffd78801190 140726625112464 rip 0x1 0x1 eflags 0x10202 [ IF RF ] cs 0x33 51 ss 0x2b 43 ds 0x0 0 es 0x0 0 fs 0x0 0 gs 0x0 0

Notes
(0019369) WubTheCaptain (reporter) 2018-08-20 23:42 edited on: 2018-08-20 23:47	Alternatively, something in Qt5 goes wonky. See gdb-QHostAddress__toIPv4Address.log. Core dumps are too big to upload here, even XZ compresssed.

(0019370) WubTheCaptain (reporter) 2018-08-20 23:55	What also works is pressing the "Get Servers" button and immediately closing the program (best to be done with a keyboard shortcut). I attempted few times on 1.1, and couldn't reproduce it there. Instead, I get "Finalizing LookupHostThread" and "Finalized LookupHost thread" messages, which are missing from 1.2~beta-180816-2126M.

(0019371) WubTheCaptain (reporter) 2018-08-20 23:59	Quote from WubTheCaptain I attempted few times on 1.1, and couldn't reproduce it there. I take that back, but it seems to be more difficult/random to reproduce. Same fault as in OP. LookupHostConsumerThread message was not displayed before the program quit with SIGSEGV, so there was also no finalization.

(0020733) Pol M (developer) 2019-06-06 19:26 edited on: 2019-06-07 19:51	Reproduced by disabling refresh on open, closing, opening, and simultaneously pressing the refresh button while closing with Alt+f4. Seems like there are a few places where it can crash. EDIT: I've been able to solve a crash that appears on MasterClient::isAddressSame from time to time, a good old bool to check that we're not destroying the function did the trick. That said, the issue of Refresher::sendMasterQueries, line pMaster->refreshStarts(); (src/core/refresher/refresher.cpp:344 as of writting this) is weird: pMaster seems to be on some sort of corrupt state, sine the function does not get called, it's not a nullptr, and at the moment of checking d->bKeepRunning is still true and pretty much all sanity checks I've thrown at it say that everything should be fine (I even checked stuff like PluginLoader::instance() != nullptr). I'll pr the minor fix, but the main problem does not seem to have a simple solution. I'll de-assign myself from this one once the commit is published :)

(0020745) WubTheCaptain (reporter) 2019-06-12 00:26	Quote needs review Where's the pull request?

(0020761) Pol M (developer) 2019-06-13 16:30	PR :) I'll continue to work on this.

**Issue Community Support**
Only registered users can voice their support. Click here to register, or here to log in.
Supporters:	No one explicitly supports this issue yet.
Opponents:	No one explicitly opposes this issue yet.

Issue Community Support

Only registered users can voice their support. Click here to register, or here to log in.

Supporters:

No one explicitly supports this issue yet.

Opponents:

No one explicitly opposes this issue yet.

Issue History
Date Modified	Username	Field	Change
2018-08-20 23:19	WubTheCaptain	New Issue
2018-08-20 23:38	WubTheCaptain	Description Updated	View Revisions
2018-08-20 23:42	WubTheCaptain	Note Added: 0019369
2018-08-20 23:42	WubTheCaptain	Description Updated	View Revisions
2018-08-20 23:43	WubTheCaptain	Note Edited: 0019369	View Revisions
2018-08-20 23:47	WubTheCaptain	File Added: gdb-QHostAddress__toIPv4Address.log
2018-08-20 23:47	WubTheCaptain	Note Edited: 0019369	View Revisions
2018-08-20 23:55	WubTheCaptain	Note Added: 0019370
2018-08-20 23:59	WubTheCaptain	Note Added: 0019371
2018-08-20 23:59	WubTheCaptain	Product Version	1.2 => 1.1
2019-06-06 19:26	Pol M	Note Added: 0020733
2019-06-06 19:26	Pol M	Assigned To	=> Pol M
2019-06-06 19:26	Pol M	Status	new => confirmed
2019-06-06 20:00	Pol M	Note Edited: 0020733	View Revisions
2019-06-06 20:54	Pol M	Status	confirmed => assigned
2019-06-07 19:42	Pol M	Note Edited: 0020733	View Revisions
2019-06-07 19:43	Pol M	Note Edited: 0020733	View Revisions
2019-06-07 19:43	Pol M	Note Edited: 0020733	View Revisions
2019-06-07 19:51	Pol M	Status	assigned => needs review
2019-06-07 19:51	Pol M	Note Edited: 0020733	View Revisions
2019-06-12 00:26	WubTheCaptain	Note Added: 0020745
2019-06-12 00:28	WubTheCaptain	Status	needs review => confirmed
2019-06-13 16:30	Pol M	Note Added: 0020761
2019-06-13 16:31	Pol M	Status	confirmed => assigned
2019-06-14 03:58	WubTheCaptain	Priority	low => normal

Relationships