View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0002612 | 1 - Backlog | Bug | public | 2018-03-22 08:36 | 2019-06-16 17:40 |
| Reporter | KB3NPH | Assigned To | K7ZCZ | ||
| Priority | normal | Severity | crash | Reproducibility | have not tried |
| Status | assigned | Resolution | open | ||
| Summary | 0002612: Intermittent DM Crashing on frequency/mode change | ||||
| Description | Ticket Details Radio Mfgr.: Icom Radio Model: IC-7300 Windows Version: Win 10 64-bit Installed RAM in Computer: Greater than 6 GB HRD Version: 6.4.0.794 DM-780 has been doing this in just about every version, when changing frequency within the DM program, i.e. selecting the frequency from the "Mode" default, or moving the frequency up or down 500Hrz using the buttons within the program,, or at times using the "Rig Control" program to change frequency, DM-780 will crash. This time I have a "Mini Dump" for you to look at, and perhaps this will help find the problem. At the moment the problem happens almost every time I make a frequency change, but it can go days before this will happen again. | ||||
| Steps To Reproduce | A mini-dump was created and attached to the ticket: DigitalMaster_20180322_112511.zip11.8 mb I have copied this dump to the "DUMP" folder in G-drive. | ||||
| Additional Information | Ticket #141610 | ||||
| Tags | No tags attached. | ||||
| Module | DM780 | ||||
| Sub-Module | General | ||||
| Testing | Not Started | ||||
|
|
This bug says that a file named "DigitalMaster_20180322_112511.zip" is in the dumps folder of google drive, but I don't see such a file. Did it have another name? I went and found it attached to the ticket, and I'm adding a copy of it here. |
|
|
The callstack for this minidump is shown below. Throughout the HRD software architecture, the Windows message queues are abused as generic data passing mechanisms. (They're not designed for this.) Applications usually can get away with abusing the Windows message infrastructure in this way, but in this case there are a couple problems. One is the size of the data involved. An instance of the MULTIMODEOLIVIADATA_DEF structure is allocated on the C++ heap. This is a large data structure (more than 64 kilobytes!); a pointer to the structure is cast to an LPARAM and sent along with the passed with an lParam with the MSG_MULTIMODE_OLIVIA_DATA registered message. The other is the management of the lifecycle of that data. The message is received by the Digital Master CStandardFormView class in its OnMultiModeOliviaData handler. There, another PostMessage() call is made to send the same message with the same lParam to the MainFrame window. When PostMessage returns, the data is deleted. The call stack of this minidump is a result of accessing that deleted data. Unfortunately, the problems with this design don't stop there. The MULTIMODEOLIVIADATA_DEF structure is declared in HRDMultiModeImports.h, where we can see that it contains non-trivial member objects: two CStringArray instances. However, this structure offers no copy constructor or assignment operator. And, sure enough, we can find that it is the subject of a shallow copy (implemented with memcpy()) in the implementation of CModem::ReturnOliviaData(), in the HRDMultiMode001 module. There are several other memcpy() calls against this structure, but the ones I inspected were commented out. I don't think this bug will be too easy to fix. 0:000> .ecxr *** WARNING: Unable to verify checksum for Digital Master.exe eax=00000007 ebx=0f5d5ae0 ecx=ac7ad24a edx=00000007 esi=00000000 edi=13927008 eip=0116a7b1 esp=02d0fa3c ebp=02d0fad0 iopl=0 nv up ei pl zr na pe nc cs=0023 ss=002b ds=002b es=002b fs=0053 gs=002b efl=00010246 Digital_Master!COliviaAnalysisDlg::OnMultiModeOliviaData+0x71: 0116a7b1 3b872c000100 cmp eax,dword ptr [edi+1002Ch] ds:002b:13937034=???????? 0:000> kb *** Stack trace for last set context - .thread/.cxr resets it # ChildEBP RetAddr Args to Child 00 02d0fad0 0129e4e0 00000000 13927008 55a487e1 Digital_Master!COliviaAnalysisDlg::OnMultiModeOliviaData+0x71 [c:\ham radio\digital master\digital master\oliviaanalysisdlg.cpp @ 400] 01 02d0fb88 010be876 016acf30 00000000 13927008 Digital_Master!CWnd::OnWndMsg+0x77b [f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\wincore.cpp @ 2679] 02 02d0fba4 0129f5ad 0000c472 00000000 13927008 Digital_Master!CXTPDialogBase<CXTPResizeDialog>::OnWndMsg+0x46 [c:\ham radio\codejock software\mfc\xtreme toolkitpro v15.0.2\source\commandbars\xtpdialogbase.h @ 194] 03 02d0fbc4 0129ac01 0000c472 00000000 13927008 Digital_Master!CWnd::WindowProc+0x22 [f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\wincore.cpp @ 2094] 04 02d0fc34 0129b3bf 0f5d5ae0 00020ef8 0000c472 Digital_Master!AfxCallWndProc+0xb0 [f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\wincore.cpp @ 285] 05 02d0fc54 7678e0bb 00020ef8 0000c472 00000000 Digital_Master!AfxWndProc+0x34 [f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\wincore.cpp @ 434] 06 02d0fc80 76798849 0129b38b 00020ef8 0000c472 user32!_InternalCallWinProc+0x2b 07 02d0fca4 7679b145 0000c472 00000000 13927008 user32!InternalCallWinProc+0x20 08 02d0fd74 767890dc 0129b38b 00000000 0000c472 user32!UserCallWinProcCheckWow+0x1be 09 02d0fde0 76788c20 ac7ad24a 02d0fe18 012ad53c user32!DispatchMessageWorker+0x4ac 0a 02d0fdec 012ad53c 0502e410 00000000 0179ce70 user32!DispatchMessageW+0x10 0b 02d0fdfc 012ad997 ffffffff 0179ce70 0179ce70 Digital_Master!AfxInternalPumpMessage+0x3e [f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\thrdcore.cpp @ 183] 0c 02d0fe18 01599273 00000000 00000020 0000000a Digital_Master!CWinThread::Run+0x57 [f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\thrdcore.cpp @ 629] 0d 02d0fe2c 01597a79 010a0000 00000000 05021d50 Digital_Master!AfxWinMain+0x66 [f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\winmain.cpp @ 47] 0e 02d0fe78 761b8654 02e5e000 761b8630 abc93ec5 Digital_Master!__tmainCRTStartup+0x12f [f:\dd\vctools\crt\crtw32\dllstuff\crtexe.c @ 618] 0f 02d0fe8c 77634a77 02e5e000 09923c71 00000000 kernel32!BaseThreadInitThunk+0x24 10 02d0fed4 77634a47 ffffffff 77659eb3 00000000 ntdll!__RtlUserThreadStart+0x2f 11 02d0fee4 00000000 01597af7 02e5e000 00000000 ntdll!_RtlUserThreadStart+0x1b |
|
|
DigitalMaster_20180322_112511.zip (12,364,891 bytes) |
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2018-03-22 08:36 | KB3NPH | New Issue | |
| 2018-03-22 10:31 | K7ZCZ | Assigned To | => K7ZCZ |
| 2018-03-22 10:31 | K7ZCZ | Status | new => assigned |
| 2018-03-22 19:24 | K7ZCZ | Note Added: 0004532 | |
| 2018-03-22 19:28 | K7ZCZ | Note Added: 0004533 | |
| 2018-03-22 19:30 | K7ZCZ | File Added: DigitalMaster_20180322_112511.zip | |
| 2018-04-13 10:22 | WA9PIE | Severity | major => crash |
| 2018-04-13 10:23 | WA9PIE | Project | 1 - Backlog => 3 - Current Dev List |
| 2018-05-14 01:40 | WA9PIE | Module | (select) => DM780 |
| 2018-05-14 01:40 | WA9PIE | Sub-Module | (select) => General |
| 2019-02-26 18:16 | WA9PIE | Summary | Ticket #141610 Intermittent DM Crashing on frequency/mode change => Intermittent DM Crashing on frequency/mode change |
| 2019-02-26 18:16 | WA9PIE | Additional Information Updated | View Revisions |
| 2019-06-16 17:40 | WA9PIE | Project | 3 - Current Dev List => 1 - Backlog |
