Issue 30219 - segmentation fault in testcppu
Summary: segmentation fault in testcppu
Status: CLOSED DUPLICATE of issue 36037
Alias: None
Product: porting
Classification: Code
Component: code (show other issues)
Version: 680m41
Hardware: Sun Linux, all
: P3 Trivial (vote)
Target Milestone: OOo 2.0
Assignee: sparcmoz
QA Contact: issues@porting
URL:
Keywords:
Depends on:
Blocks: 28110
  Show dependency tree
 
Reported: 2004-06-15 08:11 UTC by sparcmoz
Modified: 2004-12-15 11:04 UTC (History)
2 users (show)

See Also:
Issue Type: DEFECT
Latest Confirmation in: ---
Developer Difficulty: ---

Attachments
testcppu debugger output (5.59 KB, text/plain)
2004-06-15 08:12 UTC, sparcmoz 		no flags Details
short version of trace (3.44 KB, text/plain)
2004-06-19 01:49 UTC, sparcmoz 		no flags Details
more detailed trace (6.13 KB, text/plain)
2004-06-19 01:49 UTC, sparcmoz 		no flags Details
trace calls to queryInterface (3.41 KB, text/plain)
2004-06-19 02:44 UTC, sparcmoz 		no flags Details
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this issue.
Description sparcmoz 2004-06-15 08:11:08 UTC 
linux sparc cws_src680_ooo20040620

There is a segmentation fault in testcppu.

I have tried various trace messages but not getting anywhere, I guesss this is
not related to bridges code?

I have attached a lengthy gdb output and will ask some questions in hope i can
get some hints where to look next.

Assertion Failed: File /home/jim/680/cppuhelper/source/implbase_ex.cxx, Line
114: querying for interface "com.sun.star.lang.IllegalArgumentException": no
interface type!

Question (1) Is this a problem (assertion failed)? 

It eventually fails here:
do any aRet

Program received signal SIGSEGV, Segmentation fault.
0x00000000 in ?? ()

The trace message is here:
static void checkInvalidInterfaceQuery(
	Reference< XInterface > const & xObj )
{
    try
    {
        fprintf(stderr,"do any aRet\n");
	Any aRet( xObj->queryInterface( ::getCppuType( (const
lang::IllegalArgumentException *)0 ) ) );
        fprintf(stderr,"did any aRet\n");
	OSL_ASSERT( ! aRet.hasValue() );
    }
    catch (RuntimeException &)
    {
    fprintf(stderr,"caught exception from any aRet\n");
    }

Notice this message shows the exception is thrown first time but not second time
that Any aRet is made.

Backtrace: [7] /home/jim/680/cppu/unxlngs.pro/bin/testcppu: _start+0x2c
caught exception from any aRet
Comment 1 sparcmoz 2004-06-15 08:12:08 UTC 
Created attachment 15901 [details]
testcppu debugger output
Comment 2 Stephan Bergmann 2004-06-18 11:48:31 UTC 
The assertion is ok, it does not indicate a problem (on the contrary, the call
to queryInterface is deliberately made with an invalid argument, triggering the
assertion).  The assertion should appear two times (as
checkInvalidInterfaceQuery is executed two times).  You should try to follow the
call to queryInterface in the second call to checkInvalidInterfaceQuery in the
debugger, and see where exactly the SIGSEGV happens (which probably leaves you
with a corrupted stack, but you could also try "where" after the debugger
reports the SIGSEGV).
Comment 3 sparcmoz 2004-06-19 01:47:53 UTC 
On the second call to checkInvalidInterfaceQuery:
- the segfault arrives before the assertion. 
- there is no call to checkInterface this time

I attach a summary trace and more detailed in case these contain something useful.

Are we looking for the queryInterface which is in
cppuhelper/inc/cppuhelper/queryinterface.hxx? Which one should be called - is it
with one calss Interface1, 2 classes or which one?? I will try and print a trace
from there...
Comment 4 sparcmoz 2004-06-19 01:49:07 UTC 
Created attachment 15991 [details]
short version of trace
Comment 5 sparcmoz 2004-06-19 01:49:49 UTC 
Created attachment 15992 [details]
more detailed trace
Comment 6 sparcmoz 2004-06-19 02:43:10 UTC 
on the second call to checkInvalidInterfaceQuery the SIGSEGV happens before it
gets to queryInterface. 

see the attached listing where i put a trace into each of 12 templates for
queryInterface. 

Please suggest where is the next good place to put a trace?
Comment 7 sparcmoz 2004-06-19 02:44:18 UTC 
Created attachment 15993 [details]
trace calls to queryInterface
Comment 8 Stephan Bergmann 2004-06-24 11:07:10 UTC 
When you start testcppu from within gdb, and type "where" after gdb reports the
SIGSEGV, what is the output?
Comment 9 sparcmoz 2004-06-24 11:23:50 UTC 
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 16384 (LWP 5160)]
0x00000000 in ?? ()
(gdb) where
#0  0x00000000 in ?? ()
(gdb) where
#0  0x00000000 in ?? ()
(gdb)
Comment 10 sparcmoz 2004-06-24 11:46:34 UTC 
OK, i got a different gdb. The first one was the ketteris branch, this one is
debian:

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 16384 (LWP 6382)]
0x00000000 in ?? ()
(gdb) where
#0  0x00000000 in ?? ()
#1  0x0003fff8 in checkInvalidInterfaceQuery (xObj=@0xefffdf40)
    at /home/jim/680/cppu/test/test_di.cxx:656
#2  0x000401f4 in perform_test (xObj=@0xefffdf40, xDummy=@0xefffdf60)
    at /home/jim/680/cppu/test/test_di.cxx:679
#3  0x0004075c in test_CppBridge () at /home/jim/680/cppu/test/test_di.cxx:750
#4  0x0002a914 in main (argc=1, argv=0xefffe0a4)
    at /home/jim/680/cppu/test/testcppu.cxx:1145
(gdb)
Comment 11 sparcmoz 2004-06-27 02:30:30 UTC 
I have reported a bug for gdb and working with the maintainer on that one.
Meanwhile a trace in gdb code reveals the pc and npc values prior to the error.
(might be program counter and next program counter?)

Line 82 is the last line "}" after returning a pointer for function getCppuType
in  solver/680/unxlngs.pro/inc/com/sun/star/lang/IllegalArgumentException.hpp

gdb output with trace, please note the last line before the error where npc
becomes zero:

81      in IllegalArgumentException.hpp
(gdb)
pc=41f3c, npc= 41f40, &npc=25f81800000000, nnpc=0
pc=41f40, npc= 41f44, &npc=25f81800000000, nnpc=efffcdb8
pc=41f44, npc= 41f48, &npc=25f81800000000, nnpc=efffcdb8
82      in IllegalArgumentException.hpp
(gdb)
pc=41f48, npc= 41f4c, &npc=25f81800000000, nnpc=0
pc=41f4c, npc= 41f50, &npc=25f81800000000, nnpc=efffcdb8
pc=41f50, npc= 3ffd0, &npc=25f81800000000, nnpc=efffcdb8
pc=3ffd0, npc= 3ffd4, &npc=25f81800000000, nnpc=80080000
pc=3ffd4, npc= 3ffd8, &npc=25f81800000000, nnpc=efffcdb8
pc=3ffd8, npc= 3ffdc, &npc=25f81800000000, nnpc=efffcdb8
pc=3ffdc, npc= 3ffe0, &npc=25f81800000000, nnpc=efffcdb8
pc=3ffe0, npc= 3ffe4, &npc=25f81800000000, nnpc=efffcdb8
pc=3ffe4, npc= 3ffe8, &npc=25f81800000000, nnpc=efffcdb8
pc=3ffe8, npc= 3ffec, &npc=25f81800000000, nnpc=efffcdb8
pc=3ffec, npc= 3fff0, &npc=25f81800000000, nnpc=efffcdb8
pc=3fff0, npc= 3fff4, &npc=25f81800000000, nnpc=efffcdb8
pc=3fff4, npc= 0, &npc=25f81800000000, nnpc=efffcdb8
../../gdb/sparc-tdep.c:953: internal-error: sparc_software_single_step:
Assertion `(npc != 0) || (nnpc != 0)' failed.
A problem internal to GDB has been detected,
further debugging may prove unreliable.
Quit this debugging session? (y or n)
Comment 12 sparcmoz 2004-08-16 23:02:48 UTC 
@sb: 
are there any clues in this email from jim morrison, unfortunately I cannot
contact him just now, 
----
  I've gotten testcppu to segfault.  The obvious culprit is pFrom being
null as it is passed to uno_getmapping:
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 16384 (LWP 28991)]
0x7003acb0 in uno_getMapping (ppMapping=0xeffff940, pFrom=0x0, pTo=0x70065740, 
  pAddPurpose=0xeffff870) at ustring.hxx:159159         {

 pFrom is null!

(gdb) bt#0  0x7003acb0 in uno_getMapping (ppMapping=0xeffff940, pFrom=0x0,   
pTo=0x70065740, pAddPurpose=0xeffff870) at ustring.hxx:159#1  0x00029198 in
test_CppBridge () at mapping.hxx:256#2  0x0001fb18 in main (argc=0,
argv=0xeffffaa4)    at /OOO-680-workplace/cppu/test/testcppu.cxx:1145
(gdb) list
1145            test_CppBridge();
1146        ::rtl_unloadUnusedModules( 0 );
1147    //      void test_CBridge(void);
1148    //      void test_CBridge2(void);
(gdb) list uno_getMapping
576    
//##################################################################################################
577     void SAL_CALL uno_getMapping(
578             uno_Mapping ** ppMapping, uno_Environment * pFrom,
uno_Environment * pTo,
579             rtl_uString * pAddPurpose )
580             SAL_THROW_EXTERN_C()
581     {
582             OSL_ENSURE( ppMapping && pFrom && pTo, "### null ptr!" );

 pFrom should not be null!

583             if (*ppMapping)
584             {
585                     (*(*ppMapping)->release)( *ppMapping );

 I've got a simple change I want to test.  How do I rebuild testcppu?
-- 
Thanks,
Jim
Comment 13 Stephan Bergmann 2004-08-17 09:12:42 UTC 
I'm not sure whether pFrom is really null in uno_getMapping (it could be that
pFrom was non-null upon entering uno_getMapping, and until we reach the place
where the gdb output is generated, the CPU state has changed in such a way that
misleading output is generated).  What puzzles me is that you previously
reported an assertion from cppuhelper/source/implbase_ex.cxx, but none from
cppu/source/uno/lpmap.cxx (from the line "OSL_ENSURE( ppMapping && pFrom && pTo,
"### null ptr!" );", which should be triggered if pFrom is indeed null when
calling uno_getMapping.

Also, maybe Jim is experiencing a different problem from the one you are
experiencing, for whatever reason.  Have you checked that both of you see the
exact same program output up to the point of the SEGV?
Comment 14 sparcmoz 2004-08-30 08:48:26 UTC 
I will try a different method. 
I have tested this on both cws_src680_ooo20040704 and SRC680_m52. 

Build everything with that 680 code except _only_ the code in gcc3_linux_sparc
is checked out from cws_srx645_ooo113fix2. 

jim@sun:~/680/cppu/unxlngs.pro/bin$ ./testcppu
> invocation test succeeded!
> exception test succeeded!
> C++-UNO test (c++ <-> uno <-> c++ [component impl]) succeeded!
jim@sun:~/680/cppu/unxlngs.pro/bin$

Now I can gradually edit the bridges code from 645-->680 until the problem
re-appears.
Comment 15 sparcmoz 2004-09-14 09:22:00 UTC 
from stoc - testproxyfac

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 16384 (LWP 12677)]
0x00000000 in ?? ()
(gdb) bt
#0  0x00000000 in ?? ()
#1  0x7099edfc in cpp_acquire (pCppI=0x7092e6b4) at genfunc.hxx:85
#2  0x7003e394 in uno_type_isAssignableFromData ()
   from /home/jim/680/solver/680/unxlngs.pro/lib/libcppu.so.3
#3  0x7003e4cc in uno_type_isAssignableFromData ()
   from /home/jim/680/solver/680/unxlngs.pro/lib/libcppu.so.3
#4  0x700408e0 in uno_any_assign ()
   from /home/jim/680/solver/680/unxlngs.pro/lib/libcppu.so.3
#5  0x7099ef14 in com::sun::star::uno::Any::setValue (this=0xefffe290,
    pData_=0xefffe188, pTypeDescr=0x7092bce0) at Any.hxx:158
#6  0x7099c844 in (anonymous namespace)::ProxyRoot::queryAggregation (
    this=0x7092d5e8, rType=@0x20058)
    at /home/jim/680/stoc/source/proxy_factory/proxyfac.cxx:430
#7  0x0001d024 in TestMaster::queryInterface (this=0x7092d728, rType=@0x20058)
    at /home/jim/680/stoc/test/testproxyfac.cxx:163
#8  0x0001c468 in com::sun::star::uno::BaseReference::iquery (
    pInterface=0x7092d728, rType=@0x20058) at Reference.hxx:93
#9  0x0001c4e4 in com::sun::star::uno::BaseReference::iquery_throw (
    pInterface=0x7092d728, rType=@0x20058) at Reference.hxx:120
#10 0x0001bf98 in
com::sun::star::uno::Reference<com::sun::star::reflection::XProxyFactory>::iquery_throw
(pInterface=0x7092d728) at Reference.hxx:132
#11 0x0001a884 in Reference (this=0xefffe4c0, rRef=@0xefffe650)
    at Reference.hxx:202
---Type <return> to continue, or q <return> to quit---
#12 0x000184e0 in test_proxyfac_ (xMaster=@0xefffe650, test=@0xefffe628,
    xProxyFac=@0xefffe638) at /home/jim/680/stoc/test/testproxyfac.cxx:210
#13 0x00019004 in test_proxyfac (xMaster=@0xefffe650, test=@0xefffe628,
    xProxyFac=@0xefffe638) at /home/jim/680/stoc/test/testproxyfac.cxx:262
#14 0x000198ac in main (argc=1, argv=0xefffe744)
    at /home/jim/680/stoc/test/testproxyfac.cxx:318
Comment 16 sparcmoz 2004-11-17 22:13:17 UTC 
A great leap forward for linux sparc! I made some changes to bridges code and
now I get a stacktrace from inside the bridges. I need do some more editing then
i will commit some new code in a cws for reviewing and debugging. I wonder what
are the valid values for these? nFunctionIndex=0, nVtableOffset=-268446224

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 16384 (LWP 22659)]
0x709e1264 in bridges::cpp_uno::shared::CppInterfaceProxy::getTypeDescr (
    this=0x5c) at cppinterfaceproxy.hxx:99
99      cppinterfaceproxy.hxx: No such file or directory.
        in cppinterfaceproxy.hxx
(gdb) bt
#0  0x709e1264 in bridges::cpp_uno::shared::CppInterfaceProxy::getTypeDescr (
    this=0x5c) at cppinterfaceproxy.hxx:99
#1  0x709dff68 in cpp_mediate (nFunctionIndex=0, nVtableOffset=-268446224,
    pCallStack=0x70a0fa04, pRegisterReturn=0xefffd5d0)
    at /home/jim/680/bridges/source/cpp_uno/gcc3_linux_sparc/cpp2uno.cxx:285
#2  0x709e08a0 in cpp_vtable_call ()
    at /home/jim/680/bridges/source/cpp_uno/gcc3_linux_sparc/cpp2uno.cxx:426
#3  0x000393b0 in checkInvalidInterfaceQuery (xObj=@0xefffd798)
    at /home/jim/680/cppu/test/test_di.cxx:653
#4  0x000395ac in perform_test (xObj=@0xefffd798, xDummy=@0xefffd7b8)
    at /home/jim/680/cppu/test/test_di.cxx:676
#5  0x00039ad4 in test_CppBridge () at /home/jim/680/cppu/test/test_di.cxx:747
#6  0x00027e34 in main (argc=1, argv=0xefffd944)
    at /home/jim/680/cppu/test/testcppu.cxx:1143
Comment 17 sparcmoz 2004-12-15 11:03:20 UTC 
bridges fixed in cws_src680_unxlngs01

*** This issue has been marked as a duplicate of 36037 ***
Comment 18 sparcmoz 2004-12-15 11:04:14 UTC 
closing