ROUND_PATH crash, after Undo

lukasclukasc
edited November 2015 in General

Hi Matthias,

I've been debugging some crashing in my PCell, and find that I can get KLayout to crash in the same way simply by using the built-in ROUND_PATH, and the GUI, only.

The procedure is as follows:

load this simple GDS, which is a path with 9 corners:

https://www.dropbox.com/s/apr3eg2358i6rfx/wg_test.gds?dl=1

Select the path, then convert to PCell – ROUND_PATH type.

Undo.

Then select the path, then convert to PCell – ROUND_PATH type.

Undo.

Repeat a few times, and it crashes. The crash report below happened after 3 times.

Here's a video of the crash, which happened upon the 1st undo operation.

https://www.dropbox.com/s/zqcofdbaic1wxjw/ROUND_PATH_crash.mp4?dl=0

I tested this on Win 8.1 and wasn't able to reproduce it.

Signal number: 11
Address: 0x0
Program Version: KLayout 0.24.3 (2015-11-05 r3062)
Backtrace:
2   libsystem_malloc.dylib              0x00007fff88e32667 malloc_zone_malloc + 71
3   klayout                             0x0000000108e01e37 _ZN3lay14InstanceMarker6renderERKNS_8ViewportERNS_16ViewObjectCanvasE + 1111
4   klayout                             0x0000000108e7093d _ZN3lay16ViewObjectWidget9do_renderERKNS_8ViewportERNS_16ViewObjectCanvasEb + 253
5   klayout                             0x000000010ccf0362 _ZN3lay12LayoutCanvas10paintEventEP11QPaintEvent + 770
6   QtGui                               0x0000000112583386 _ZN7QWidget5eventEP6QEvent + 1206
7   klayout                             0x000000010ccf1e3b _ZN3lay12LayoutCanvas5eventEP6QEvent + 43
8   QtGui                               0x000000011252e9db _ZN19QApplicationPrivate13notify_helperEP7QObjectP6QEvent + 251
9   QtGui                               0x000000011253176b _ZN12QApplication6notifyEP7QObjectP6QEvent + 6651
10  klayout                             0x0000000108da830b _ZN3lay11Application6notifyEP7QObjectP6QEvent + 11
11  QtCore                              0x0000000113033c06 _ZN16QCoreApplication14notifyInternalEP7QObjectP6QEvent + 118
12  QtGui                               0x000000011257e6b1 _ZN14QWidgetPrivate10drawWidgetEP12QPaintDeviceRK7QRegionRK6QPointiP8QPainterP19QWidgetBackingStore + 1841
13  QtGui                               0x000000011257ee5a _ZN14QWidgetPrivate22paintSiblingsRecursiveEP12QPaintDeviceRK5QListIP7QObjectEiRK7QRegionRK6QPointiP8QPainterP19QWidgetBackingStore + 1226
14  QtGui                               0x000000011257e8ae _ZN14QWidgetPrivate10drawWidgetEP12QPaintDeviceRK7QRegionRK6QPointiP8QPainterP19QWidgetBackingStore + 2350
15  QtGui                               0x000000011257ee5a _ZN14QWidgetPrivate22paintSiblingsRecursiveEP12QPaintDeviceRK5QListIP7QObjectEiRK7QRegionRK6QPointiP8QPainterP19QWidgetBackingStore + 1226
16  QtGui                               0x000000011257e8ae _ZN14QWidgetPrivate10drawWidgetEP12QPaintDeviceRK7QRegionRK6QPointiP8QPainterP19QWidgetBackingStore + 2350
17  QtGui                               0x000000011257ee5a _ZN14QWidgetPrivate22paintSiblingsRecursiveEP12QPaintDeviceRK5QListIP7QObjectEiRK7QRegionRK6QPointiP8QPainterP19QWidgetBackingStore + 1226
18  QtGui                               0x000000011257e8ae _ZN14QWidgetPrivate10drawWidgetEP12QPaintDeviceRK7QRegionRK6QPointiP8QPainterP19QWidgetBackingStore + 2350
19  QtGui                               0x000000011257ee5a _ZN14QWidgetPrivate22paintSiblingsRecursiveEP12QPaintDeviceRK5QListIP7QObjectEiRK7QRegionRK6QPointiP8QPainterP19QWidgetBackingStore + 1226
20  QtGui                               0x000000011257e8ae _ZN14QWidgetPrivate10drawWidgetEP12QPaintDeviceRK7QRegionRK6QPointiP8QPainterP19QWidgetBackingStore + 2350
21  QtGui                               0x000000011257ee5a _ZN14QWidgetPrivate22paintSiblingsRecursiveEP12QPaintDeviceRK5QListIP7QObjectEiRK7QRegionRK6QPointiP8QPainterP19QWidgetBackingStore + 1226
22  QtGui                               0x000000011257ecde _ZN14QWidgetPrivate22paintSiblingsRecursiveEP12QPaintDeviceRK5QListIP7QObjectEiRK7QRegionRK6QPointiP8QPainterP19QWidgetBackingStore + 846
23  QtGui                               0x000000011257ecde _ZN14QWidgetPrivate22paintSiblingsRecursiveEP12QPaintDeviceRK5QListIP7QObjectEiRK7QRegionRK6QPointiP8QPainterP19QWidgetBackingStore + 846
24  QtGui                               0x000000011257ecde _ZN14QWidgetPrivate22paintSiblingsRecursiveEP12QPaintDeviceRK5QListIP7QObjectEiRK7QRegionRK6QPointiP8QPainterP19QWidgetBackingStore + 846
25  QtGui                               0x000000011257e8ae _ZN14QWidgetPrivate10drawWidgetEP12QPaintDeviceRK7QRegionRK6QPointiP8QPainterP19QWidgetBackingStore + 2350
26  QtGui                               0x00000001124cee22 _ZN14QWidgetPrivate21setEnabled_helper_sysEb + 13490
27  AppKit                              0x00007fff8fead6ea -[NSView _drawRect:clip:] + 4335
28  AppKit                              0x00007fff8feaa483 -[NSView _recursiveDisplayRectIfNeededIgnoringOpacity:isVisibleRect:rectIsVisibleRectForView:topView:] + 3198
29  AppKit                              0x00007fff8feaafa0 -[NSView _recursiveDisplayRectIfNeededIgnoringOpacity:isVisibleRect:rectIsVisibleRectForView:topView:] + 6043
30  AppKit                              0x00007fff8fea92f3 -[NSThemeFrame _recursiveDisplayRectIfNeededIgnoringOpacity:isVisibleRect:rectIsVisibleRectForView:topView:] + 333
31  AppKit                              0x00007fff8fea568b -[NSView _displayRectIgnoringOpacity:isVisibleRect:rectIsVisibleRectForView:] + 2761
32  AppKit                              0x00007fff8fe5d1ae -[NSView displayIfNeeded] + 1876
33  AppKit                              0x00007fff8fe5ca09 -[NSWindow displayIfNeeded] + 236
34  AppKit                              0x00007fff8fe5c672 _handleWindowNeedsDisplayOrLayoutOrUpdateConstraints + 936
35  AppKit                              0x00007fff90592171 __83-[NSWindow _postWindowNeedsDisplayOrLayoutOrUpdateConstraintsUnlessPostingDisabled]_block_invoke1540 + 46
36  CoreFoundation                      0x00007fff8691f127 __CFRUNLOOP_IS_CALLING_OUT_TO_AN_OBSERVER_CALLBACK_FUNCTION__ + 23
37  CoreFoundation                      0x00007fff8691f080 __CFRunLoopDoObservers + 368
38  CoreFoundation                      0x00007fff86911188 __CFRunLoopRun + 872
39  CoreFoundation                      0x00007fff86910bd8 CFRunLoopRunSpecific + 296
40  HIToolbox                           0x00007fff8bf7e56f RunCurrentEventLoopInMode + 235
41  HIToolbox                           0x00007fff8bf7e1ee ReceiveNextEventCommon + 179
42  HIToolbox                           0x00007fff8bf7e12b _BlockUntilNextEventMatchingListInModeWithFilter + 71
43  AppKit                              0x00007fff8fe598ab _DPSNextEvent + 978
44  AppKit                              0x00007fff8fe58e58 -[NSApplication nextEventMatchingMask:untilDate:inMode:dequeue:] + 346
45  AppKit                              0x00007fff8fe4eaf3 -[NSApplication run] + 594
46  QtGui                               0x00000001124e245e _ZN14QDesktopWidget11resizeEventEP12QResizeEvent + 7166
47  QtCore                              0x0000000113030fd8 _ZN10QEventLoop4execE6QFlagsINS_17ProcessEventsFlagEE + 504
48  QtCore                              0x0000000113034197 _ZN16QCoreApplication4execEv + 199
49  klayout                             0x0000000108daab2b _ZN3lay11Application4execEv + 2187
50  klayout                             0x0000000108da9bd7 _ZN3lay11Application3runEv + 5207
51  klayout                             0x000000010800acf5 _Z12klayout_mainiPPc + 341
52  klayout                             0x000000010800ab0b main + 251
53  libdyld.dylib                       0x00007fff913755c9 start + 1
54  ???                                 0x0000000000000001 0x0 + 1

Comments

  • MatthiasMatthias
    edited November -1

    Hi Lukas,

    thanks for the stack traces and the helpful video.

    This stack trace looks pretty similar to what you reported some time ago (http://klayout.de/forum/comments.php?DiscussionID=734&page=1#Item_8). So I assume there is a general issue.

    I tried to reproduce this issue on Linux without success. I tried a couple of ways to do undo with and without selection. I tried valgrind (a memory checker) to find an issue - all without and hint of some malfunction.

    So I issue it's something related to MacOS.

    The stack trace tells me it's related to the redrawing function. Apparently there is a instance marker present on the screen but the corresponding instance is already gone (due to undo or refresh in the other case). I digged into the code and I find one potential implementation gap that could cause this problem: the undo and the instance marker refresh functions are basically separated - in order to optimize the execution performance, the instance markers are only refreshed after all changes have happened. This happens in a delayed operation: when a change happens, KLayout queues an event which makes the program update the instance markers (among other things). Only in this event, the markers are cleared.

    I suspect that on MacOS, the event is executed only after a redraw event is executed - as a consequence of some resizeEvent. This way, the instance markers are present, but invalid and this causes the crash.

    I guess on Windows the execution of the delayed refresh event has priority over window system-related events, hence there is no such issue.

    But this is just a hypothesis. If that is true, it would explain a lot of stability issues on MacOS.

    Although I know there are KLayout users at apple.com, they still have not made any sponsoring proposal. So I'm not capable of conducting any bug fix experiments myself.

    But here is a proposal for a patch:

    Index: src/edtService.cc
===================================================================
--- src/edtService.cc   (revision 3028)
+++ src/edtService.cc   (working copy)
@@ -1345,21 +1345,21 @@
 void 
 Service::selection_to_view ()
 {
-  dm_selection_to_view ();
-}
-
-void 
-Service::do_selection_to_view ()
-{
   //  we don't handle the transient selection properly, so clear it for safety reasons
   clear_transient_selection ();

-  //  the selection objects need to be recreated since we destroyed the old rulers
+  //  the selection objects need to be recreated since we destroyed the old markers
   for (std::vector<lay::ViewObject *>::iterator r = m_markers.begin (); r != m_markers.end (); ++r) {
     delete *r;
   }
   m_markers.clear ();

+  dm_selection_to_view ();
+}
+
+void 
+Service::do_selection_to_view ()
+{
   //  Hint: this is a lower bound:
   m_markers.reserve (m_selection.size ());

    This patch will delete the instance markers immediately. it's pretty neutral, so I think I can include it into the upcoming 0.24.4. I just can't promise a solution for your problem.

    Thanks and best regards,

    Matthias

Sign In or Register to comment.
Powered by Vanilla