godot icon indicating copy to clipboard operation
godot copied to clipboard

Published 20 hours ago verified publisher icon godotengine

Editor will not update and possibly crash when using search and replace multiple times

Open megalobyte opened this issue 4 years ago • 2 comments

Godot version

v4.0.dev.custom_build (4e582f9a7c)

System information

Arch

Issue description

Running the search and replace function in the same file multiple times causes the editor to no longer update the script. Closing the file and reopening it will cause godot to crash

Steps to reproduce

  1. Open a gd script using the godot editor.
    • It's probable this works with any text document and that this isn't gd script specific
  2. ctrl+shift+f search and replace any text in the file for some new text.
    • i.e. I replaced var with car, then back to var
  3. Repeat step 2
    • At this point, you should notice that the text in the editor does not update, but searching for the text again using ctrl+shift+f will yield no results
  4. Close the file
  5. Open the file again in the editor
    • godot should now crash

Minimal reproduction project

N/A. The default gd script template should suffice

megalobyte avatar Jun 15 '21 06:06 megalobyte

Address sanitizer log

=================================================================
==257079==ERROR: AddressSanitizer: heap-use-after-free on address 0x61a00017e890 at pc 0x00000d8d36fe bp 0x7fff1a5192d0 sp 0x7fff1a5192c0
READ of size 8 at 0x61a00017e890 thread T0
    #0 0xd8d36fd in FindReplaceBar::set_text_edit(CodeTextEditor*) editor/code_editor.cpp:592
    #1 0xd8f72c2 in CodeTextEditor::set_find_replace_bar(FindReplaceBar*) editor/code_editor.cpp:962
    #2 0xc95684a in ScriptTextEditor::set_find_replace_bar(FindReplaceBar*) editor/plugins/script_text_editor.cpp:1362
    #3 0xc7df98c in ScriptEditor::ensure_select_current() editor/plugins/script_editor_plugin.cpp:1643
    #4 0xc7d0d1c in ScriptEditor::_tab_changed(int) editor/plugins/script_editor_plugin.cpp:1464
    #5 0xc8fe089 in void call_with_variant_args_helper<ScriptEditor, int, 0ul>(ScriptEditor*, void (ScriptEditor::*)(int), Variant const**, Callable::CallError&, IndexSequence<0ul>) core/variant/binder_common.h:209
    #6 0xc8f4fcb in void call_with_variant_args<ScriptEditor, int>(ScriptEditor*, void (ScriptEditor::*)(int), Variant const**, int, Callable::CallError&) core/variant/binder_common.h:323
    #7 0xc8e2d0e in CallableCustomMethodPointer<ScriptEditor, int>::call(Variant const**, int, Variant&, Callable::CallError&) const core/object/callable_method_pointer.h:96
    #8 0x1602ad5e in Callable::call(Variant const**, int, Variant&, Callable::CallError&) const core/variant/callable.cpp:50
    #9 0x168df239 in Object::emit_signal(StringName const&, Variant const**, int) core/object/object.cpp:1083
    #10 0x168e11e8 in Object::emit_signal(StringName const&, Variant const&, Variant const&, Variant const&, Variant const&, Variant const&) core/object/object.cpp:1138
    #11 0xf9079c0 in TabContainer::add_child_notify(Node*) scene/gui/tab_container.cpp:735
    #12 0xea48c62 in Node::_add_child_nocheck(Node*, StringName const&) scene/main/node.cpp:1035
    #13 0xea4a592 in Node::add_child(Node*, bool) scene/main/node.cpp:1050
    #14 0xc7fbff0 in ScriptEditor::edit(Ref<Resource> const&, int, int, bool) editor/plugins/script_editor_plugin.cpp:2244
    #15 0xc88de91 in ScriptEditor::edit(Ref<Resource> const&, bool) editor/plugins/script_editor_plugin.h:465
    #16 0xc8753d3 in ScriptEditorPlugin::edit(Object*) editor/plugins/script_editor_plugin.cpp:3625
    #17 0xa2ca680 in EditorNode::_edit_current() editor/editor_node.cpp:2189
    #18 0xa2bfbe9 in EditorNode::push_item(Object*, String const&, bool) editor/editor_node.cpp:1996
    #19 0xac6f369 in InspectorDock::_resource_selected(Ref<Resource> const&, String const&) editor/inspector_dock.cpp:289
    #20 0xac761f2 in InspectorDock::edit_resource(Ref<Resource> const&) editor/inspector_dock.cpp:380
    #21 0xa295495 in EditorNode::load_resource(String const&, bool) editor/editor_node.cpp:1073
    #22 0xab3dfb7 in FileSystemDock::_select_file(String const&, bool) editor/filesystem_dock.cpp:982
    #23 0xab3f2f9 in FileSystemDock::_tree_activate_file() editor/filesystem_dock.cpp:999
    #24 0xac0ece8 in void call_with_variant_args_helper<FileSystemDock>(FileSystemDock*, void (FileSystemDock::*)(), Variant const**, Callable::CallError&, IndexSequence<>) core/variant/binder_common.h:209
    #25 0xac0a22f in void call_with_variant_args<FileSystemDock>(FileSystemDock*, void (FileSystemDock::*)(), Variant const**, int, Callable::CallError&) core/variant/binder_common.h:323
    #26 0xac06870 in CallableCustomMethodPointer<FileSystemDock>::call(Variant const**, int, Variant&, Callable::CallError&) const core/object/callable_method_pointer.h:96
    #27 0x1602ad5e in Callable::call(Variant const**, int, Variant&, Callable::CallError&) const core/variant/callable.cpp:50
    #28 0x168df239 in Object::emit_signal(StringName const&, Variant const**, int) core/object/object.cpp:1083
    #29 0x168e11e8 in Object::emit_signal(StringName const&, Variant const&, Variant const&, Variant const&, Variant const&, Variant const&) core/object/object.cpp:1138
    #30 0xfca360e in Tree::_gui_input(Ref<InputEvent>) scene/gui/tree.cpp:3143
    #31 0xb34ceeb in void call_with_variant_args_helper<__UnexistingClass, Ref<InputEvent>, 0ul>(__UnexistingClass*, void (__UnexistingClass::*)(Ref<InputEvent>), Variant const**, Callable::CallError&, IndexSequence<0ul>) core/variant/binder_common.h:209
    #32 0xb346d21 in void call_with_variant_args_dv<__UnexistingClass, Ref<InputEvent> >(__UnexistingClass*, void (__UnexistingClass::*)(Ref<InputEvent>), Variant const**, int, Callable::CallError&, Vector<Variant> const&) core/variant/binder_common.h:356
    #33 0xb32a6f2 in MethodBindT<Ref<InputEvent> >::call(Object*, Variant const**, int, Callable::CallError&) core/object/method_bind.h:283
    #34 0xec1d55c in Viewport::_gui_call_input(Control*, Ref<InputEvent> const&) scene/main/viewport.cpp:1667
    #35 0xec26fbb in Viewport::_gui_input_event(Ref<InputEvent>) scene/main/viewport.cpp:1923
    #36 0xec5e8a0 in Viewport::input(Ref<InputEvent> const&, bool) scene/main/viewport.cpp:3073
    #37 0xed8690c in Window::_window_input(Ref<InputEvent> const&) scene/main/window.cpp:915
    #38 0xee0a552 in void call_with_variant_args_helper<Window, Ref<InputEvent> const&, 0ul>(Window*, void (Window::*)(Ref<InputEvent> const&), Variant const**, Callable::CallError&, IndexSequence<0ul>) core/variant/binder_common.h:209
    #39 0xedfa212 in void call_with_variant_args<Window, Ref<InputEvent> const&>(Window*, void (Window::*)(Ref<InputEvent> const&), Variant const**, int, Callable::CallError&) core/variant/binder_common.h:323
    #40 0xede7ee4 in CallableCustomMethodPointer<Window, Ref<InputEvent> const&>::call(Variant const**, int, Variant&, Callable::CallError&) const core/object/callable_method_pointer.h:96
    #41 0x1602ad5e in Callable::call(Variant const**, int, Variant&, Callable::CallError&) const core/variant/callable.cpp:50
    #42 0x20e634e in DisplayServerX11::_dispatch_input_event(Ref<InputEvent> const&) platform/linuxbsd/display_server_x11.cpp:2639
    #43 0x20e5a1a in DisplayServerX11::_dispatch_input_events(Ref<InputEvent> const&) platform/linuxbsd/display_server_x11.cpp:2622
    #44 0x15ed7553 in Input::_parse_input_event_impl(Ref<InputEvent> const&, bool) core/input/input.cpp:643
    #45 0x15ecd853 in Input::parse_input_event(Ref<InputEvent> const&) core/input/input.cpp:465
    #46 0x15ee00e9 in Input::flush_accumulated_events() core/input/input.cpp:858
    #47 0x2105f2f in DisplayServerX11::process_events() platform/linuxbsd/display_server_x11.cpp:3473
    #48 0x20759ce in OS_LinuxBSD::run() platform/linuxbsd/os_linuxbsd.cpp:274
    #49 0x2066041 in main platform/linuxbsd/godot_linuxbsd.cpp:58
    #50 0x7f323fe03564 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x28564)
    #51 0x2065b8d in _start (/usr/bin/godot4s+0x2065b8d)

0x61a00017e890 is located 16 bytes inside of 1312-byte region [0x61a00017e880,0x61a00017eda0)
freed by thread T0 here:
    #0 0x7f3240d808f7 in __interceptor_free ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:127
    #1 0x15686458 in Memory::free_static(void*, bool) core/os/memory.cpp:168
    #2 0x3752770 in void memdelete<Node>(Node*) core/os/memory.h:118
    #3 0xea28144 in Node::_notification(int) scene/main/node.cpp:169
    #4 0x28f32c5 in Node::_notificationv(int, bool) scene/main/node.h:45
    #5 0x37094f2 in CanvasItem::_notificationv(int, bool) scene/main/canvas_item.h:164
    #6 0x370c188 in Control::_notificationv(int, bool) scene/gui/control.h:47
    #7 0x3711238 in Container::_notificationv(int, bool) scene/gui/container.h:37
    #8 0x9cbaf4a in SplitContainer::_notificationv(int, bool) scene/gui/split_container.h:37
    #9 0x9cc2fd2 in VSplitContainer::_notificationv(int, bool) scene/gui/split_container.h:96
    #10 0x168d54c6 in Object::notification(int, bool) core/object/object.cpp:825
    #11 0x168c5d49 in Object::_predelete() core/object/object.cpp:354
    #12 0x168ff6f2 in predelete_handler(Object*) core/object/object.cpp:1861
    #13 0x37525a1 in void memdelete<Node>(Node*) core/os/memory.h:111
    #14 0xea28144 in Node::_notification(int) scene/main/node.cpp:169
    #15 0x28f32c5 in Node::_notificationv(int, bool) scene/main/node.h:45
    #16 0x37094f2 in CanvasItem::_notificationv(int, bool) scene/main/canvas_item.h:164
    #17 0x370c188 in Control::_notificationv(int, bool) scene/gui/control.h:47
    #18 0x3711238 in Container::_notificationv(int, bool) scene/gui/container.h:37
    #19 0x3713fd2 in BoxContainer::_notificationv(int, bool) scene/gui/box_container.h:37
    #20 0x371c592 in VBoxContainer::_notificationv(int, bool) scene/gui/box_container.h:78
    #21 0x37207a2 in ScriptEditorBase::_notificationv(int, bool) (/usr/bin/godot4s+0x37207a2)
    #22 0xc9a6d6e in ScriptTextEditor::_notificationv(int, bool) editor/plugins/script_text_editor.h:54
    #23 0x168d54c6 in Object::notification(int, bool) core/object/object.cpp:825
    #24 0x168c5d49 in Object::_predelete() core/object/object.cpp:354
    #25 0x168ff6f2 in predelete_handler(Object*) core/object/object.cpp:1861
    #26 0x37525a1 in void memdelete<Node>(Node*) core/os/memory.h:111
    #27 0xc7a5b99 in ScriptEditor::_close_tab(int, bool, bool) editor/plugins/script_editor_plugin.cpp:744
    #28 0xc7a73da in ScriptEditor::_close_current_tab(bool) editor/plugins/script_editor_plugin.cpp:766
    #29 0xc7c6927 in ScriptEditor::_menu_option(int) editor/plugins/script_editor_plugin.cpp:1334

previously allocated by thread T0 here:
    #0 0x7f3240d80c47 in __interceptor_malloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:145
    #1 0x15685419 in Memory::alloc_static(unsigned long, bool) core/os/memory.cpp:75
    #2 0x1568532a in operator new(unsigned long, char const*) core/os/memory.cpp:40
    #3 0xc98bec0 in ScriptTextEditor::ScriptTextEditor() editor/plugins/script_text_editor.cpp:1805
    #4 0xc9972e8 in create_editor editor/plugins/script_text_editor.cpp:1905
    #5 0xc7facca in ScriptEditor::edit(Ref<Resource> const&, int, int, bool) editor/plugins/script_editor_plugin.cpp:2216
    #6 0xc88de91 in ScriptEditor::edit(Ref<Resource> const&, bool) editor/plugins/script_editor_plugin.h:465
    #7 0xc821206 in ScriptEditor::set_window_layout(Ref<ConfigFile>) editor/plugins/script_editor_plugin.cpp:2856
    #8 0xc87727f in ScriptEditorPlugin::set_window_layout(Ref<ConfigFile>) editor/plugins/script_editor_plugin.cpp:3673
    #9 0x9d461a8 in EditorData::set_plugin_window_layout(Ref<ConfigFile>) editor/editor_data.cpp:863
    #10 0xa351177 in EditorNode::_load_docks() editor/editor_node.cpp:4428
    #11 0xa28ef7f in EditorNode::_sources_changed(bool) editor/editor_node.cpp:927
    #12 0xa521d3e in void call_with_variant_args_helper<EditorNode, bool, 0ul>(EditorNode*, void (EditorNode::*)(bool), Variant const**, Callable::CallError&, IndexSequence<0ul>) core/variant/binder_common.h:209
    #13 0xa518af5 in void call_with_variant_args<EditorNode, bool>(EditorNode*, void (EditorNode::*)(bool), Variant const**, int, Callable::CallError&) core/variant/binder_common.h:323
    #14 0xa4fceb2 in CallableCustomMethodPointer<EditorNode, bool>::call(Variant const**, int, Variant&, Callable::CallError&) const core/object/callable_method_pointer.h:96
    #15 0x1602ad5e in Callable::call(Variant const**, int, Variant&, Callable::CallError&) const core/variant/callable.cpp:50
    #16 0x168df239 in Object::emit_signal(StringName const&, Variant const**, int) core/object/object.cpp:1083
    #17 0x168e11e8 in Object::emit_signal(StringName const&, Variant const&, Variant const&, Variant const&, Variant const&, Variant const&) core/object/object.cpp:1138
    #18 0x9fa546f in EditorFileSystem::_notification(int) editor/editor_file_system.cpp:1148
    #19 0x9fe387b in EditorFileSystem::_notificationv(int, bool) (/usr/bin/godot4s+0x9fe387b)
    #20 0x168d54c6 in Object::notification(int, bool) core/object/object.cpp:825
    #21 0xeb21297 in SceneTree::_notify_group_pause(StringName const&, int) scene/main/scene_tree.cpp:809
    #22 0xeb143ad in SceneTree::process(float) scene/main/scene_tree.cpp:443
    #23 0x21d393a in Main::iteration() main/main.cpp:2499
    #24 0x2075b4f in OS_LinuxBSD::run() platform/linuxbsd/os_linuxbsd.cpp:278
    #25 0x2066041 in main platform/linuxbsd/godot_linuxbsd.cpp:58
    #26 0x7f323fe03564 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x28564)

SUMMARY: AddressSanitizer: heap-use-after-free editor/code_editor.cpp:592 in FindReplaceBar::set_text_edit(CodeTextEditor*)

qarmin avatar Jun 15 '21 17:06 qarmin

Doesn't look like the code that the stacktrace points to has been changed, but I don't experience a crash with 4.0. Can you confirm @megalobyte ?

YuriSizov avatar Mar 08 '23 14:03 YuriSizov

Yes, I was able to confirm this was fixed. Looks like someone added a reload/resave function that wasn't present when I first wrote this bug.

Thanks! One less issue :)

megalobyte avatar Mar 09 '23 02:03 megalobyte