kicad-developers team mailing list archive

Thread
Date
Re: Crash (std::bad_alloc exception) when importing netlist

To: kicad-developers@xxxxxxxxxxxxxxxxxxx
From: Andrew Zonenberg <azonenberg@xxxxxxxxxxxxxxx>
Date: Tue, 12 Aug 2014 01:43:25 -0400
In-reply-to: <1407813047.1558.52.camel@rijndael.troy.drawersteak.com>
Organization:
It appears to be a bad pointer, somehow a chunk of bad memory that was
once a wxBrush is being interpreted as a NETINFO_ITEM and all hell
breaks loose.

Valgrind trace of the failure: http://pastebin.com/ax6RDF3u

Anybody have ideas on how to proceed at this point?

On Mon, 2014-08-11 at 23:10 -0400, Andrew Zonenberg wrote:
> This has been happening pretty regularly to me, this is the fourth time
> it's happened to me on this board alone. I finally managed to trigger it
> in a debug build so here's some info.
> 
> It appears that the bug happens when the ratsnest calculator resizes a
> std::vector to an absurd size (in this case, about 88 million 496-byte
> RN_NET objects, which comes out to about 40 GB).
> 
> The code triggering the issue is:
> 
> for( const D_PAD* pad = module->Pads().GetFirst(); pad; pad =
> pad->Next() )
> {
> 	net = pad->GetNetCode();
> 
> 	if( net < 1 )       // do not process unconnected items
> 		continue;
> 
> 	if( net >= (int) m_nets.size() )        // Autoresize
> 		m_nets.resize( net + 1 );
> 
> 	m_nets[net].AddItem( pad );
> }
> 
> Tracing back, pad->GetNetCode() must have returned 88490000. I'm not
> sure how this happened, though... my laptop froze for unrelated reasons
> right as I was stepping through the code and I wasn't able to figure out
> what is going on.
> 
> Steps to reproduce:
> 
> Open pcbnew with an existing board that has some unassigned footprints
> Switch to GAL
> Open cvpcb
> Assign to existing passive library footprint
> Import to pcbnew
> No crash
> Make new footprint
> Save it in library
> Assign to component in cvpcb
> Move a passive around
> Import netlist
> Crash
> 
> #0  0x00007ffff638fb90 in __cxa_throw ()
> from /usr/lib/x86_64-linux-gnu/libstdc++.so.6
> #1  0x00007ffff63900dd in operator new(unsigned long) ()
> from /usr/lib/x86_64-linux-gnu/libstdc++.so.6
> #2  0x00007fffd768107e in __gnu_cxx::new_allocator<RN_NET>::allocate
> (this=0x3081488, __n=88490001) at /usr/include/c
> ++/4.7/ext/new_allocator.h:94
> #3  0x00007fffd767d32d in std::_Vector_base<RN_NET,
> std::allocator<RN_NET> >::_M_allocate (this=0x3081488, __n=88490001)
> at /usr/include/c++/4.7/bits/stl_vector.h:169
> #4  0x00007fffd7676aef in std::vector<RN_NET, std::allocator<RN_NET>
> >::_M_fill_insert (this=0x3081488, __position=..., __n=88489817,
> __x=...) at /usr/include/c++/4.7/bits/vector.tcc:481
> #5  0x00007fffd7670136 in std::vector<RN_NET, std::allocator<RN_NET>
> >::insert (this=0x3081488, __position=..., __n=88489817, __x=...)
> at /usr/include/c++/4.7/bits/stl_vector.h:1004
> #6  0x00007fffd7669f05 in std::vector<RN_NET, std::allocator<RN_NET>
> >::resize (this=0x3081488, __new_size=88490001, __x=...)
> at /usr/include/c++/4.7/bits/stl_vector.h:687
> #7  0x00007fffd7664193 in RN_DATA::Add (this=0x3081480, aItem=0x4703bd0)
> at /nfs/home/azonenberg/Documents/local/programming/3rdparty/kicad/pcbnew/ratsnest_data.cpp:858
> #8  0x00007fffd761fff5 in BOARD::Add (this=0x307bd60,
> aBoardItem=0x4703bd0, aControl=1)
> at /nfs/home/azonenberg/Documents/local/programming/3rdparty/kicad/pcbnew/class_board.cpp:717
> #9  0x00007fffd76241be in BOARD::ReplaceNetlist (this=0x307bd60,
> aNetlist=..., aDeleteSinglePadNets=true, aReporter=0x7fffffffb9a0)
> at /nfs/home/azonenberg/Documents/local/programming/3rdparty/kicad/pcbnew/class_board.cpp:2252
> #10 0x00007fffd74fc547 in PCB_EDIT_FRAME::ReadPcbNetlist
> (this=0x10e04d0, aNetlistFileName=..., aCmpFileName=...,
> aReporter=0x7fffffffb9a0, aChangeFootprints=false,
> aDeleteUnconnectedTracks=false, aDeleteExtraFootprints=false, 
>     aSelectByTimeStamp=false, aDeleteSinglePadNets=true,
> aIsDryRun=false)
> at /nfs/home/azonenberg/Documents/local/programming/3rdparty/kicad/pcbnew/netlist.cpp:112
> #11 0x00007fffd7435130 in DIALOG_NETLIST::OnReadNetlistFileClick
> (this=0x7fffffffcae0, event=...)
> at /nfs/home/azonenberg/Documents/local/programming/3rdparty/kicad/pcbnew/dialogs/dialog_netlist.cpp:202
> #12 0x00007ffff69273f6 in
> wxEvtHandler::ProcessEventIfMatches(wxEventTableEntryBase const&,
> wxEvtHandler*, wxEvent&) ()
> from /usr/lib/x86_64-linux-gnu/libwx_baseu-2.8.so.0
> #13 0x00007ffff692779f in
> wxEvtHandler::SearchDynamicEventTable(wxEvent&) ()
> from /usr/lib/x86_64-linux-gnu/libwx_baseu-2.8.so.0
> #14 0x00007ffff6927852 in wxEvtHandler::ProcessEvent(wxEvent&) ()
> from /usr/lib/x86_64-linux-gnu/libwx_baseu-2.8.so.0
> 
> 
> _______________________________________________
> Mailing list: https://launchpad.net/~kicad-developers
> Post to     : kicad-developers@xxxxxxxxxxxxxxxxxxx
> Unsubscribe : https://launchpad.net/~kicad-developers
> More help   : https://help.launchpad.net/ListHelp

-- 
Andrew Zonenberg
PhD student, security group
Computer Science Department
Rensselaer Polytechnic Institute
http://colossus.cs.rpi.edu/~azonenberg/
Attachment: signature.asc
Description: This is a digitally signed message part
References

Crash (std::bad_alloc exception) when importing netlist
From: Andrew Zonenberg, 2014-08-12