Sublime Forum

[SOLVED] [BUG] segfault on completion

#1

I’m guessing this is the correct place to put this as I can’t find a bug tracker…

anyway ST2 crashes when I press ctrl+space for completion in a golang file.

context: i started to write a plugin for the Go package, all that’s in there is:

[code]import sublime
import sublime_plugin

class GocodeComplete(sublime_plugin.EventListener):
def on_query_completions(self, view, prefix, locations):
return ]

[/code]

I wouldn’t expect the empty list to be the cause because if I do the same in the SublimeCodeIntel plugin it works fine without crashing

backtrace:

#0 0x0012e416 in __kernel_vsyscall () #1 0x00ca1e71 in raise (sig=6) at ../nptl/sysdeps/unix/sysv/linux/raise.c:64 #2 0x00ca534e in abort () at abort.c:92 #3 0x00cd8577 in __libc_message (do_abort=2, fmt=0xdb18ac "*** glibc detected *** %s: %s: 0x%s ***\n") at ../sysdeps/unix/sysv/linux/libc_fatal.c:189 #4 0x00ce2961 in malloc_printerr (action=<value optimised out>, str=<value optimised out>, ptr=0xb52107f8) at malloc.c:6283 #5 0x00ce599c in _int_malloc (av=0xb5200010, bytes=480) at malloc.c:4636 #6 0x00ce6f53 in __libc_malloc (bytes=480) at malloc.c:3660 #7 0x00c1c679 in operator new(unsigned int) () from /usr/lib/i386-linux-gnu/libstdc++.so.6 #8 0x084ac53c in std::_Deque_base<cairo_base_render_context::state, std::allocator<cairo_base_render_context::state> >::_M_initialize_map(unsigned int) () #9 0x084a3d65 in on_expose_event(_GtkWidget*, _GdkEventExpose*, void*) () #10 0x00264a04 in ?? () from /usr/lib/libgtk-x11-2.0.so.0 #11 0x008ea372 in g_closure_invoke () from /usr/lib/i386-linux-gnu/libgobject-2.0.so.0 #12 0x008fd048 in ?? () from /usr/lib/i386-linux-gnu/libgobject-2.0.so.0 #13 0x009058d7 in g_signal_emit_valist () from /usr/lib/i386-linux-gnu/libgobject-2.0.so.0 ---Type <return> to continue, or q <return> to quit--- #14 0x00905cc2 in g_signal_emit () from /usr/lib/i386-linux-gnu/libgobject-2.0.so.0 #15 0x00399836 in ?? () from /usr/lib/libgtk-x11-2.0.so.0 #16 0x00263192 in gtk_main_do_event () from /usr/lib/libgtk-x11-2.0.so.0 #17 0x00543a78 in ?? () from /usr/lib/libgdk-x11-2.0.so.0 #18 0x00576184 in ?? () from /usr/lib/libgdk-x11-2.0.so.0 #19 0x0053e98c in ?? () from /usr/lib/libgdk-x11-2.0.so.0 #20 0x00540937 in gdk_window_process_all_updates () from /usr/lib/libgdk-x11-2.0.so.0 #21 0x005409bb in ?? () from /usr/lib/libgdk-x11-2.0.so.0 #22 0x0051ce48 in ?? () from /usr/lib/libgdk-x11-2.0.so.0 #23 0x00973311 in ?? () from /lib/i386-linux-gnu/libglib-2.0.so.0 #24 0x00977aa8 in g_main_context_dispatch () from /lib/i386-linux-gnu/libglib-2.0.so.0 #25 0x00978270 in ?? () from /lib/i386-linux-gnu/libglib-2.0.so.0 #26 0x0097892b in g_main_loop_run () from /lib/i386-linux-gnu/libglib-2.0.so.0 #27 0x00261c39 in gtk_main () from /usr/lib/libgtk-x11-2.0.so.0 #28 0x084a340e in px_run_event_loop() () #29 0x08371c97 in main ()

EDIT: … restarted it and it suddenly started working. If I return result then it appears in the list. but it then goes on to crash later

0 Likes

#2

Can you try removing the other plugins you have installed, and see if it still happens?

0 Likes

#3

I haven’t installed any additional plugins or style (or anything else). When I remove my plugin the issue persists. What I did notice was that it appears to crash sometimes if a completion is not available but there is a prefix i.e

obj.| doesn’t usually crash while obj.x| does
this occurs in Python and PHP and in my Go completion plugin (which works fine btw, just random crashes)

it’s always the same backtrace.


unless by remove the other plugins, you meant remove the plugins that are installed as opposed to just the ones i installed myself.
FWIW, I can’t reproduce it on Windows build 2104. I don’t have a Linux machine to test on right now, but the crashes came on all builds i tried up to and including build 2103.
From the list of packages I can see one difference is that the SublimeCodeIntel package is not in my Windows installation so maybe that has something to do with it

EDIT:

FWIW, I removed the SublimeCodeIntel package and so far it hasn’t crashed. I’ll give it some more time before considering this one being solved and possibly changing the focus to SublimeCodeIntel

0 Likes

#4

jps,
I believe I found a workaround for the SublimeCodeIntel issue:

github.com/Kronuz/SublimeCodeIntel/pull/43

There is something funny happening with “hide_auto_complete”. I haven’t been able to make a reproducible small test plugin that reproduces the behavior, so I suspect there’s a race condition in window drawing for the auto_complete box, since there are timeouts/callbacks in the SublimeCodeIntel codebase. I was able to use the associated bug to reproducibly crash Sublime in both OSX 10.7 and Ubuntu 10.04, both related to modifying some data after freeing. Using Sublime v2126.

Here’s an OSX stack trace, which is similar to the GTK stack trace for Ubuntu:

Application Specific Information:
objc[63284]: garbage collection is OFF
*** error for object 0x7fd0cee2b0c8: incorrect checksum for freed object - object was probably modified after being freed.

Thread 0 Crashed:: Dispatch queue: com.apple.main-thread
0 libsystem_kernel.dylib 0x00007fff87ec1ce2 __pthread_kill + 10
1 libsystem_c.dylib 0x00007fff84ef57d2 pthread_kill + 95
2 libsystem_c.dylib 0x00007fff84ee6a7a abort + 143
3 libsystem_c.dylib 0x00007fff84f084ac szone_error + 459
4 libsystem_c.dylib 0x00007fff84f084e8 free_list_checksum_botch + 29
5 libsystem_c.dylib 0x00007fff84f0f463 tiny_malloc_from_free_list + 360
6 libsystem_c.dylib 0x00007fff84f1000e szone_malloc_should_clear + 1115
7 libsystem_c.dylib 0x00007fff84f453c8 malloc_zone_malloc + 77
8 com.apple.CoreFoundation 0x00007fff838b4a00 _CFRuntimeCreateInstance + 400
9 com.apple.CoreGraphics 0x00007fff841a4db6 CGTypeCreateInstanceWithAllocator + 69
10 com.apple.CoreGraphics 0x00007fff841ed827 CGSRegionEnumeratorCreate + 46
11 com.apple.CoreGraphics 0x00007fff841ed7ad CGSRegionEnumeratorWithDirection + 98
12 com.apple.AppKit 0x00007fff8c6509cc -[NSRegion getRects:count:] + 174
13 com.apple.AppKit 0x00007fff8c6508d6 -[NSRectSet initWithRegion:] + 181
14 com.apple.AppKit 0x00007fff8c64e8a1 -[NSView _displayRectIgnoringOpacity:isVisibleRect:rectIsVisibleRectForView:] + 1718
15 com.apple.AppKit 0x00007fff8c647ec7 -[NSView displayIfNeeded] + 1676
16 com.apple.AppKit 0x00007fff8c647607 _handleWindowNeedsDisplayOrLayoutOrUpdateConstraints + 648
17 com.apple.CoreFoundation 0x00007fff83914647 CFRUNLOOP_IS_CALLING_OUT_TO_AN_OBSERVER_CALLBACK_FUNCTION + 23
18 com.apple.CoreFoundation 0x00007fff839145a6 __CFRunLoopDoObservers + 374
19 com.apple.CoreFoundation 0x00007fff838e9889 __CFRunLoopRun + 825
20 com.apple.CoreFoundation 0x00007fff838e9216 CFRunLoopRunSpecific + 230
21 com.apple.HIToolbox 0x00007fff8ba414ff RunCurrentEventLoopInMode + 277
22 com.apple.HIToolbox 0x00007fff8ba48b73 ReceiveNextEventCommon + 181
23 com.apple.HIToolbox 0x00007fff8ba48aae BlockUntilNextEventMatchingListInMode + 62
24 com.apple.AppKit 0x00007fff8c60bfc5 _DPSNextEvent + 659
25 com.apple.AppKit 0x00007fff8c60b8c9 -[NSApplication nextEventMatchingMask:untilDate:inMode:dequeue:] + 135
26 com.apple.AppKit 0x00007fff8c60820a -[NSApplication run] + 463
27 com.sublimetext.2 0x0000000105351c27 main + 1287
28 com.sublimetext.2 0x00000001052877e4 start + 52

0 Likes

#5

Indeed, this seems to fix the problems as i did not had a single crash since this “workaround”. Can you take a look at it ?

Thanks !

0 Likes

#6

Many thanks for the repro teejae, I’ll look into it.

0 Likes

#7

jps,
Thanks for fixing the bug. It now works in 2132!

0 Likes