hush
/
SilentDragon
9
1
Fork 7
Code Issues 73 Pull Requests 1 Projects Releases 8 Wiki Activity
Labels Milestones
New Issue

Segmentation fault when rescanning #155

Closed
opened 4 months ago by onryo · 11 comments
onryo commented 4 months ago
Collaborator

I was using a new Rescan feature with a specified block height, it triggered a "Segmentation fault", though yesterday I used the same feature/block height. For now just to not forget, I will debug later.

I was using a new Rescan feature with a specified block height, it triggered a "Segmentation fault", though yesterday I used the same feature/block height. For now just to not forget, I will debug later.
👀 1
onryo added the
bug
 label 4 months ago
duke commented 4 months ago
Owner

@onryo if it generated a coredump, a backtrace would be useful

@onryo if it generated a coredump, a backtrace would be useful
duke commented 3 months ago
Owner

For coredumps, run ulimit -c unlimited to make sure your shell will generate coredumps and then run the application which coredumps. In the Olden Times Linux would always make the "core" file in the same dir as the binary that makes it. But I have now seen that some new Linux distributions put them in weird places, for instance Arch puts them in /var/lib/systemd/coredump

Once you have a coredump file (which is usually called "core" or "core.XYZ" where XYZ is the PID that generated it) you can then type gdb binary_name core_filename and then type bt to generate the backtrace. We should have this info written down somewhere in our dev docs because it comes up often.

For coredumps, run `ulimit -c unlimited` to make sure your shell will generate coredumps and then run the application which coredumps. In the Olden Times Linux would always make the "core" file in the same dir as the binary that makes it. But I have now seen that some new Linux distributions put them in weird places, for instance Arch puts them in /var/lib/systemd/coredump Once you have a coredump file (which is usually called "core" or "core.XYZ" where XYZ is the PID that generated it) you can then type `gdb binary_name core_filename` and then type `bt` to generate the backtrace. We should have this info written down somewhere in our dev docs because it comes up often.
👀 1
duke commented 3 months ago
Owner

It actually seems the coredump can happen when you are not rescanning, any time you are importing privkeys. This coredump happened even though I disabled rescanning.

Here is a partial backtrace (all the rest of it is deep QT internals stuff)

Core was generated by `./silentdragonx'.
Program terminated with signal SIGSEGV, Segmentation fault.
#0  0x00007f4e7d02a601 in QLineEdit::text() const () from /lib/x86_64-linux-gnu/libQt5Widgets.so.5
[Current thread is 1 (Thread 0x7f4e79402bc0 (LWP 2938296))]
(gdb) bt
#0  0x00007f4e7d02a601 in QLineEdit::text() const () at /lib/x86_64-linux-gnu/libQt5Widgets.so.5
#1  0x0000000000445ba1 in MainWindow::importPrivKey()::$_15::operator()() const::{lambda(QJsonValue)#1}::operator()(QJsonValue) const
    (this=0x28bc3e0, response=...) at src/mainwindow.cpp:1323
#2  0x0000000000445956 in std::_Function_handler<void (QJsonValue), MainWindow::importPrivKey()::$_15::operator()() const::{lambda(QJsonValue)#1}>::_M_invoke(std::_Any_data const&, QJsonValue&&) (__functor=..., __args=...)
    at /usr/bin/../lib/gcc/x86_64-linux-gnu/9/../../../../include/c++/9/bits/std_function.h:300
#3  0x000000000052deab in std::function<void (QJsonValue)>::operator()(QJsonValue) const (this=0x28d0370, __args=...)
    at /usr/bin/../lib/gcc/x86_64-linux-gnu/9/../../../../include/c++/9/bits/std_function.h:688
#4  0x00000000005272eb in Connection::doRPC(QJsonValue const&, std::function<void (QJsonValue)> const&, std::function<void (QNetworkReply*, QJsonValue const&)> const&)::$_16::operator()() const (this=0x28d0340) at src/connection.cpp:943

It seems like the bug is in QT itself, maybe we can change our code to not trigger it. The above happened with QT 5.12.8

It actually seems the coredump can happen when you are not rescanning, any time you are importing privkeys. This coredump happened even though I disabled rescanning. Here is a partial backtrace (all the rest of it is deep QT internals stuff) ``` Core was generated by `./silentdragonx'. Program terminated with signal SIGSEGV, Segmentation fault. #0 0x00007f4e7d02a601 in QLineEdit::text() const () from /lib/x86_64-linux-gnu/libQt5Widgets.so.5 [Current thread is 1 (Thread 0x7f4e79402bc0 (LWP 2938296))] (gdb) bt #0 0x00007f4e7d02a601 in QLineEdit::text() const () at /lib/x86_64-linux-gnu/libQt5Widgets.so.5 #1 0x0000000000445ba1 in MainWindow::importPrivKey()::$_15::operator()() const::{lambda(QJsonValue)#1}::operator()(QJsonValue) const (this=0x28bc3e0, response=...) at src/mainwindow.cpp:1323 #2 0x0000000000445956 in std::_Function_handler<void (QJsonValue), MainWindow::importPrivKey()::$_15::operator()() const::{lambda(QJsonValue)#1}>::_M_invoke(std::_Any_data const&, QJsonValue&&) (__functor=..., __args=...) at /usr/bin/../lib/gcc/x86_64-linux-gnu/9/../../../../include/c++/9/bits/std_function.h:300 #3 0x000000000052deab in std::function<void (QJsonValue)>::operator()(QJsonValue) const (this=0x28d0370, __args=...) at /usr/bin/../lib/gcc/x86_64-linux-gnu/9/../../../../include/c++/9/bits/std_function.h:688 #4 0x00000000005272eb in Connection::doRPC(QJsonValue const&, std::function<void (QJsonValue)> const&, std::function<void (QNetworkReply*, QJsonValue const&)> const&)::$_16::operator()() const (this=0x28d0340) at src/connection.cpp:943 ``` It seems like the bug is in QT itself, maybe we can change our code to not trigger it. The above happened with QT 5.12.8
👀 1
onryo commented 3 months ago
Poster
Collaborator

I wasn't able to reproduce the coredump yet. I am using 5.15.8, but I used the same Qt version in the past so it should trigger at some point.

I wasn't able to reproduce the coredump yet. I am using 5.15.8, but I used the same Qt version in the past so it should trigger at some point.
onryo commented 3 months ago
Poster
Collaborator

For coredumps, run ulimit -c unlimited to make sure your shell will generate coredumps and then run the application which coredumps. In the Olden Times Linux would always make the "core" file in the same dir as the binary that makes it. But I have now seen that some new Linux distributions put them in weird places, for instance Arch puts them in /var/lib/systemd/coredump

On Debian 12 it is in the same directory as well.

> For coredumps, run `ulimit -c unlimited` to make sure your shell will generate coredumps and then run the application which coredumps. In the Olden Times Linux would always make the "core" file in the same dir as the binary that makes it. But I have now seen that some new Linux distributions put them in weird places, for instance Arch puts them in /var/lib/systemd/coredump > On Debian 12 it is in the same directory as well.
onryo commented 3 months ago
Poster
Collaborator

Maybe something new for you:

#0  0x00007fa96beaa8da in QLineEdit::text() const () from /lib/x86_64-linux-gnu/libQt5Widgets.so.5
#1  0x000055fdaed27d63 in MainWindow::importPrivKey()::$_11::operator()() const::{lambda(QJsonValue)#1}::operator()(QJsonValue) const (this=0x55fdb143a6e0, response=...) at src/mainwindow.cpp:1323
#2  0x000055fdaed27c73 in std::__invoke_impl<void, MainWindow::importPrivKey()::$_11::operator()() const::{lambda(QJsonValue)#1}&, QJsonValue>(std::__invoke_other, MainWindow::importPrivKey()::$_11::operator()() const::{lambda(QJsonValue)#1}&, QJsonValue&&) (__f=..., __args=...) at /usr/bin/../lib/gcc/x86_64-linux-gnu/12/../../../../include/c++/12/bits/invoke.h:61
#3  0x000055fdaed27c02 in std::__invoke_r<void, MainWindow::importPrivKey()::$_11::operator()() const::{lambda(QJsonValue)#1}&, QJsonValue>(MainWindow::importPrivKey()::$_11::operator()() const::{lambda(QJsonValue)#1}&, QJsonValue&&) (__fn=..., __args=...) at /usr/bin/../lib/gcc/x86_64-linux-gnu/12/../../../../include/c++/12/bits/invoke.h:154
#4  0x000055fdaed27ac2 in std::_Function_handler<void (QJsonValue), MainWindow::importPrivKey()::$_11::operator()() const::{lambda(QJsonValue)#1}>::_M_invoke(std::_Any_data const&, QJsonValue&&) (
    __functor=..., __args=...) at /usr/bin/../lib/gcc/x86_64-linux-gnu/12/../../../../include/c++/12/bits/std_function.h:290
#5  0x000055fdaee0e0b5 in std::function<void (QJsonValue)>::operator()(QJsonValue) const (this=0x55fdb143bf20, __args=...)
    at /usr/bin/../lib/gcc/x86_64-linux-gnu/12/../../../../include/c++/12/bits/std_function.h:591
#6  0x000055fdaee075ad in Connection::doRPC(QJsonValue const&, std::function<void (QJsonValue)> const&, std::function<void (QNetworkReply*, QJsonValue const&)> const&)::$_16::operator()() const (
    this=0x55fdb143bef0) at src/connection.cpp:933
#7  0x000055fdaee07279 in QtPrivate::FunctorCall<QtPrivate::IndexesList<>, QtPrivate::List<>, void, Connection::doRPC(QJsonValue const&, std::function<void (QJsonValue)> const&, std::function<void (QNetworkReply*, QJsonValue const&)> const&)::$_16>::call(Connection::doRPC(QJsonValue const&, std::function<void (QJsonValue)> const&, std::function<void (QNetworkReply*, QJsonValue const&)> const&)::$_16&, void**) (f=..., 
    arg=0x7fffb3daad40) at /usr/include/x86_64-linux-gnu/qt5/QtCore/qobjectdefs_impl.h:146
#8  0x000055fdaee07251 in QtPrivate::Functor<Connection::doRPC(QJsonValue const&, std::function<void (QJsonValue)> const&, std::function<void (QNetworkReply*, QJsonValue const&)> const&)::$_16, 0>::call<QtPrivate::List<>, void>(Connection::doRPC(QJsonValue const&, std::function<void (QJsonValue)> const&, std::function<void (QNetworkReply*, QJsonValue const&)> const&)::$_16&, void*, void**) (f=..., arg=0x7fffb3daad40)
    at /usr/include/x86_64-linux-gnu/qt5/QtCore/qobjectdefs_impl.h:256
#9  0x000055fdaee071e1 in QtPrivate::QFunctorSlotObject<Connection::doRPC(QJsonValue const&, std::function<void (QJsonValue)> const&, std::function<void (QNetworkReply*, QJsonValue const&)> const&)::$_16, 0, QtPrivate::List<>, void>::impl(int, QtPrivate::QSlotObjectBase*, QObject*, void**, bool*) (which=1, this_=0x55fdb143bee0, r=0x55fdb1013240, a=0x7fffb3daad40, ret=0x0)
    at /usr/include/x86_64-linux-gnu/qt5/QtCore/qobjectdefs_impl.h:443
#10 0x00007fa96aee8f4f in ?? () from /lib/x86_64-linux-gnu/libQt5Core.so.5
#11 0x00007fa96b3053b8 in ?? () from /lib/x86_64-linux-gnu/libQt5Network.so.5
#12 0x00007fa96aedd6f0 in QObject::event(QEvent*) () from /lib/x86_64-linux-gnu/libQt5Core.so.5
#13 0x00007fa96bd62fae in QApplicationPrivate::notify_helper(QObject*, QEvent*) () from /lib/x86_64-linux-gnu/libQt5Widgets.so.5
#14 0x00007fa96aeb16f8 in QCoreApplication::notifyInternal2(QObject*, QEvent*) () from /lib/x86_64-linux-gnu/libQt5Core.so.5
#15 0x00007fa96aeb4681 in QCoreApplicationPrivate::sendPostedEvents(QObject*, int, QThreadData*) () from /lib/x86_64-linux-gnu/libQt5Core.so.5
#16 0x00007fa96af0a153 in ?? () from /lib/x86_64-linux-gnu/libQt5Core.so.5
#17 0x00007fa969f1e7a9 in g_main_context_dispatch () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#18 0x00007fa969f1ea38 in ?? () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#19 0x00007fa969f1eacc in g_main_context_iteration () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#20 0x00007fa96af09836 in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /lib/x86_64-linux-gnu/libQt5Core.so.5
#21 0x00007fa96aeb017b in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () from /lib/x86_64-linux-gnu/libQt5Core.so.5
#22 0x00007fa96aeb82d6 in QCoreApplication::exec() () from /lib/x86_64-linux-gnu/libQt5Core.so.5
#23 0x000055fdaed027b8 in Application::main (this=0x7fffb3dac078, argc=1, argv=0x7fffb3dac1b8) at src/main.cpp:269
#24 0x000055fdaed01053 in main (argc=1, argv=0x7fffb3dac1b8) at src/main.cpp:311
Maybe something new for you: ``` #0 0x00007fa96beaa8da in QLineEdit::text() const () from /lib/x86_64-linux-gnu/libQt5Widgets.so.5 #1 0x000055fdaed27d63 in MainWindow::importPrivKey()::$_11::operator()() const::{lambda(QJsonValue)#1}::operator()(QJsonValue) const (this=0x55fdb143a6e0, response=...) at src/mainwindow.cpp:1323 #2 0x000055fdaed27c73 in std::__invoke_impl<void, MainWindow::importPrivKey()::$_11::operator()() const::{lambda(QJsonValue)#1}&, QJsonValue>(std::__invoke_other, MainWindow::importPrivKey()::$_11::operator()() const::{lambda(QJsonValue)#1}&, QJsonValue&&) (__f=..., __args=...) at /usr/bin/../lib/gcc/x86_64-linux-gnu/12/../../../../include/c++/12/bits/invoke.h:61 #3 0x000055fdaed27c02 in std::__invoke_r<void, MainWindow::importPrivKey()::$_11::operator()() const::{lambda(QJsonValue)#1}&, QJsonValue>(MainWindow::importPrivKey()::$_11::operator()() const::{lambda(QJsonValue)#1}&, QJsonValue&&) (__fn=..., __args=...) at /usr/bin/../lib/gcc/x86_64-linux-gnu/12/../../../../include/c++/12/bits/invoke.h:154 #4 0x000055fdaed27ac2 in std::_Function_handler<void (QJsonValue), MainWindow::importPrivKey()::$_11::operator()() const::{lambda(QJsonValue)#1}>::_M_invoke(std::_Any_data const&, QJsonValue&&) ( __functor=..., __args=...) at /usr/bin/../lib/gcc/x86_64-linux-gnu/12/../../../../include/c++/12/bits/std_function.h:290 #5 0x000055fdaee0e0b5 in std::function<void (QJsonValue)>::operator()(QJsonValue) const (this=0x55fdb143bf20, __args=...) at /usr/bin/../lib/gcc/x86_64-linux-gnu/12/../../../../include/c++/12/bits/std_function.h:591 #6 0x000055fdaee075ad in Connection::doRPC(QJsonValue const&, std::function<void (QJsonValue)> const&, std::function<void (QNetworkReply*, QJsonValue const&)> const&)::$_16::operator()() const ( this=0x55fdb143bef0) at src/connection.cpp:933 #7 0x000055fdaee07279 in QtPrivate::FunctorCall<QtPrivate::IndexesList<>, QtPrivate::List<>, void, Connection::doRPC(QJsonValue const&, std::function<void (QJsonValue)> const&, std::function<void (QNetworkReply*, QJsonValue const&)> const&)::$_16>::call(Connection::doRPC(QJsonValue const&, std::function<void (QJsonValue)> const&, std::function<void (QNetworkReply*, QJsonValue const&)> const&)::$_16&, void**) (f=..., arg=0x7fffb3daad40) at /usr/include/x86_64-linux-gnu/qt5/QtCore/qobjectdefs_impl.h:146 #8 0x000055fdaee07251 in QtPrivate::Functor<Connection::doRPC(QJsonValue const&, std::function<void (QJsonValue)> const&, std::function<void (QNetworkReply*, QJsonValue const&)> const&)::$_16, 0>::call<QtPrivate::List<>, void>(Connection::doRPC(QJsonValue const&, std::function<void (QJsonValue)> const&, std::function<void (QNetworkReply*, QJsonValue const&)> const&)::$_16&, void*, void**) (f=..., arg=0x7fffb3daad40) at /usr/include/x86_64-linux-gnu/qt5/QtCore/qobjectdefs_impl.h:256 #9 0x000055fdaee071e1 in QtPrivate::QFunctorSlotObject<Connection::doRPC(QJsonValue const&, std::function<void (QJsonValue)> const&, std::function<void (QNetworkReply*, QJsonValue const&)> const&)::$_16, 0, QtPrivate::List<>, void>::impl(int, QtPrivate::QSlotObjectBase*, QObject*, void**, bool*) (which=1, this_=0x55fdb143bee0, r=0x55fdb1013240, a=0x7fffb3daad40, ret=0x0) at /usr/include/x86_64-linux-gnu/qt5/QtCore/qobjectdefs_impl.h:443 #10 0x00007fa96aee8f4f in ?? () from /lib/x86_64-linux-gnu/libQt5Core.so.5 #11 0x00007fa96b3053b8 in ?? () from /lib/x86_64-linux-gnu/libQt5Network.so.5 #12 0x00007fa96aedd6f0 in QObject::event(QEvent*) () from /lib/x86_64-linux-gnu/libQt5Core.so.5 #13 0x00007fa96bd62fae in QApplicationPrivate::notify_helper(QObject*, QEvent*) () from /lib/x86_64-linux-gnu/libQt5Widgets.so.5 #14 0x00007fa96aeb16f8 in QCoreApplication::notifyInternal2(QObject*, QEvent*) () from /lib/x86_64-linux-gnu/libQt5Core.so.5 #15 0x00007fa96aeb4681 in QCoreApplicationPrivate::sendPostedEvents(QObject*, int, QThreadData*) () from /lib/x86_64-linux-gnu/libQt5Core.so.5 #16 0x00007fa96af0a153 in ?? () from /lib/x86_64-linux-gnu/libQt5Core.so.5 #17 0x00007fa969f1e7a9 in g_main_context_dispatch () from /lib/x86_64-linux-gnu/libglib-2.0.so.0 #18 0x00007fa969f1ea38 in ?? () from /lib/x86_64-linux-gnu/libglib-2.0.so.0 #19 0x00007fa969f1eacc in g_main_context_iteration () from /lib/x86_64-linux-gnu/libglib-2.0.so.0 #20 0x00007fa96af09836 in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /lib/x86_64-linux-gnu/libQt5Core.so.5 #21 0x00007fa96aeb017b in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () from /lib/x86_64-linux-gnu/libQt5Core.so.5 #22 0x00007fa96aeb82d6 in QCoreApplication::exec() () from /lib/x86_64-linux-gnu/libQt5Core.so.5 #23 0x000055fdaed027b8 in Application::main (this=0x7fffb3dac078, argc=1, argv=0x7fffb3dac1b8) at src/main.cpp:269 #24 0x000055fdaed01053 in main (argc=1, argv=0x7fffb3dac1b8) at src/main.cpp:311 ```
duke commented 3 months ago
Owner

As another data point, the coredump does not seem to happen every time. I was testing and was importing one valid privkey and usually a few invalid privkeys at a time. I only got this coredump one time in about 10 imports and all imports had rescanning disabled. All valid imports I was testing with were taddr privkeys.

If somebody hits this coredump and can provide a backtrace, please also add this data:

How many valid/invalid privkeys were being imported?
Are they taddr or zaddr privkeys?
Was rescanning enabled/disabled ?

As another data point, the coredump does not seem to happen every time. I was testing and was importing one valid privkey and usually a few invalid privkeys at a time. I only got this coredump one time in about 10 imports and all imports had rescanning disabled. All valid imports I was testing with were taddr privkeys. If somebody hits this coredump and can provide a backtrace, please also add this data: How many valid/invalid privkeys were being imported? Are they taddr or zaddr privkeys? Was rescanning enabled/disabled ?
duke commented 3 months ago
Owner

UPDATE: I think I was incorrect, this bug only happens when rescan=true, because line src/mainwindow.cpp:1323 which is frame #1 in the backtrace only executes when rescan=true

UPDATE: I think I was incorrect, this bug only happens when rescan=true, because line `src/mainwindow.cpp:1323` which is frame #1 in the backtrace only executes when rescan=true
duke referenced this issue from a commit 3 months ago
Try to prevent #155
duke commented 3 months ago
Owner

@onryo see if you can reproduce the coredump with the latest commit 3a6f632b9b on dev branch.

In doing research on this I found https://forum.qt.io/topic/40088/qlineedit-settext-generating-segmentation-fault/5 and basically it seems like this kind of thing can happen when the QLineEdit object is accessed from another thread and it's already been deleted or not initialized.

@onryo see if you can reproduce the coredump with the latest commit 3a6f632b9bc94b626be88964d3934b898fa6bb25 on dev branch. In doing research on this I found https://forum.qt.io/topic/40088/qlineedit-settext-generating-segmentation-fault/5 and basically it seems like this kind of thing can happen when the QLineEdit object is accessed from another thread and it's already been deleted or not initialized.
👀 1
onryo commented 3 months ago
Poster
Collaborator

@onryo see if you can reproduce the coredump with the latest commit 3a6f632b9b on dev branch.

In doing research on this I found https://forum.qt.io/topic/40088/qlineedit-settext-generating-segmentation-fault/5 and basically it seems like this kind of thing can happen when the QLineEdit object is accessed from another thread and it's already been deleted or not initialized.

I think you got this, I was able to restore from block 0 multiple times with z-addrs.

> @onryo see if you can reproduce the coredump with the latest commit 3a6f632b9bc94b626be88964d3934b898fa6bb25 on dev branch. > > > In doing research on this I found https://forum.qt.io/topic/40088/qlineedit-settext-generating-segmentation-fault/5 and basically it seems like this kind of thing can happen when the QLineEdit object is accessed from another thread and it's already been deleted or not initialized. I think you got this, I was able to restore from block 0 multiple times with z-addrs.
👍 1
duke commented 3 months ago
Owner

This bug was caused by a callback that tries to use a variable pui.rescanfrom from the import GUI after it is gone.

This bug was caused by a callback that tries to use a variable `pui.rescanfrom` from the import GUI after it is gone.
duke closed this issue 3 months ago
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
chat
custom_themes
danger
dev
duke
importviewkey
master
no_mining_until_synced
old_duke
onryo
recurring
Labels
Apply labels
Clear labels
0-500 bounty
bounty up to 500 HUSH 2001-5000 bounty
bounty between 2001 and 5000 HUSH 501-2000 bounty
bounty between 501 and 2000 HUSH arm
something doesn't work on arm beginners
for new developers bug
may or may not be a bug build
problems building documentation
not enough information feature
new feature high priority
high priority i2p
related to i2p low priority
low priority medium priority
medium priority question
something is not clear release
release label or issue related to it tor
related to tor translation
translation update windows
related to windows wontfix
this won't be fixed
No Label 0-500 bounty 2001-5000 bounty 501-2000 bounty arm beginners bug build documentation feature high priority i2p low priority medium priority question release tor translation windows wontfix
Milestone
Set milestone
Clear milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Assign users
Clear assignees
No Assignees
2 Participants
Notifications
Due Date

No due date set.

Dependencies

This issue currently doesn't have any dependencies.

Write Preview
Loading…
Cancel
Save
There is no content yet.
Delete Branch '%!s(MISSING)'

Deleting a branch is permanent. It CANNOT be undone. Continue?

No
Yes