segfault when using the removeSymbol function

[emaddocks]

We are running WinCC OA v3.18 Patch 4 on RHEL 8.4

On some occasions when removing a symbol via the removeSymbol() function the vision crashes and produces nothing in the WinCC OA log viewer. Looking into the RHEL /var/log/messages log we see the following messages:

Code: Select all

Dec  7 07:55:19 ws01 kernel: WCCOAui[42444]: segfault at 0 ip 0000000000000000 sp 00007ffdaaef1758 error 14 in WCCOAui[400000+710000]
Dec  7 07:55:19 ws01 kernel: Code: Unable to access opcode bytes at RIP 0xffffffffffffffd6.
Dec  7 07:55:20 ws01 systemd[1]: Started Process Core Dump (PID 57727/UID 0).
Dec  7 07:55:20 ws01 systemd-coredump[57729]: Removed old coredump core.WCCOAui.10002.026c5bf38bc64554aa42cccca0398c20.14727.1701751136000000.lz4.
Dec  7 07:55:20 ws01 systemd-coredump[57729]: Removed old coredump core.WCCOAui.10002.026c5bf38bc64554aa42cccca0398c20.15437.1701816109000000.lz4.
Dec  7 07:55:39 ws01 systemd-coredump[57729]: Process 42444 (WCCOAui) of user 10002 dumped core.#012#012Stack trace of thread 42444:#012#0  0x0000000000000000 n/a (n/a)
Dec  7 07:55:39 ws01 systemd[1]: systemd-coredump@17-57727-0.service: Succeeded.

I only happens occasionally so is hard to reproduce reliably. Is this something that is known about and has been fixed in recent patches?

[kilianvp]

Its fixed in Patch 12

150447/1-6709066314:
UI crashes when removeSymbol() is called as first
statement in a script started via uiConnect()/triggerEvent()
from within the to-be-removed PanelRef.
removeSymbol() is now a waiting function.