Bug 315852

Summary: Crash when accessing a query with duplicated table names
Product: [Applications] KEXI Reporter: robert leleu <robert.jean.leleu>
Component: GeneralAssignee: Jarosław Staniek <staniek>
Status: CLOSED FIXED    
Severity: crash    
Priority: HI    
Version: 2.8.3   
Target Milestone: 2.8.4   
Platform: Ubuntu   
OS: Linux   
Latest Commit: http://commits.kde.org/calligra/eaefd12562da5b422ae175351423fa15fd1a2cb4 Version Fixed In: 2.8.4
Sentry Crash Report:
Attachments: adressesk.kexi.tar.gz

Description robert leleu 2013-02-27 15:22:58 UTC 
Application: kexi (2.5.3 (Calligra 2.5.3))
KDE Platform Version: 4.9.4
Qt Version: 4.8.3
Operating System: Linux 3.5.0-17-generic x86_64
Distribution: Linux Mint 14 Nadia

-- Information about the crash:
- What I was doing when the application crashed:
Any action (Open, edit, rename, delete) on a given query or the related report crashes Kexi.
I can send the file upon request

The crash can be reproduced every time.

-- Backtrace:
Application: Kexi (kexi), signal: Segmentation fault
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
[Current thread is 1 (Thread 0x7f3c73eaf780 (LWP 14785))]

Thread 3 (Thread 0x7f3c455c1700 (LWP 14794)):
#0  pthread_cond_wait@@GLIBC_2.3.2 () at ../nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_wait.S:162
#1  0x00007f3c54ec1cd7 in ?? () from /usr/lib/x86_64-linux-gnu/libQtScript.so.4
#2  0x00007f3c54ec1d09 in ?? () from /usr/lib/x86_64-linux-gnu/libQtScript.so.4
#3  0x00007f3c6eeabe9a in start_thread (arg=0x7f3c455c1700) at pthread_create.c:308
#4  0x00007f3c71df8cbd in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:112
#5  0x0000000000000000 in ?? ()

Thread 2 (Thread 0x7f3c3b50d700 (LWP 14795)):
#0  0x00007f3c71ded303 in __GI___poll (fds=<optimized out>, nfds=<optimized out>, timeout=<optimized out>) at ../sysdeps/unix/sysv/linux/poll.c:87
#1  0x00007f3c6e9dbd84 in ?? () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#2  0x00007f3c6e9dc1e2 in g_main_loop_run () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#3  0x00007f3c6113b4a6 in ?? () from /usr/lib/x86_64-linux-gnu/libgio-2.0.so.0
#4  0x00007f3c6e9ff645 in ?? () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#5  0x00007f3c6eeabe9a in start_thread (arg=0x7f3c3b50d700) at pthread_create.c:308
#6  0x00007f3c71df8cbd in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:112
#7  0x0000000000000000 in ?? ()

Thread 1 (Thread 0x7f3c73eaf780 (LWP 14785)):
[KCrash Handler]
#6  KexiDB::VariableExpr::validate (this=0x16d01d0, parseInfo=...) at /build/buildd/calligra-2.5.3/kexi/kexidb/expression.cpp:825
#7  0x00007f3c71ab682d in KexiDB::BinaryExpr::validate (this=0x12099b0, parseInfo=...) at /build/buildd/calligra-2.5.3/kexi/kexidb/expression.cpp:381
#8  0x00007f3c71ab683e in KexiDB::BinaryExpr::validate (this=0x1209bb0, parseInfo=...) at /build/buildd/calligra-2.5.3/kexi/kexidb/expression.cpp:383
#9  0x00007f3c71ab683e in KexiDB::BinaryExpr::validate (this=0x16d0140, parseInfo=...) at /build/buildd/calligra-2.5.3/kexi/kexidb/expression.cpp:383
#10 0x00007f3c71ab683e in KexiDB::BinaryExpr::validate (this=0x16d02c0, parseInfo=...) at /build/buildd/calligra-2.5.3/kexi/kexidb/expression.cpp:383
#11 0x00007f3c71ab683e in KexiDB::BinaryExpr::validate (this=0x16d0300, parseInfo=...) at /build/buildd/calligra-2.5.3/kexi/kexidb/expression.cpp:383
#12 0x00007f3c71ab68ed in KexiDB::UnaryExpr::validate (this=0x12f34c0, parseInfo=...) at /build/buildd/calligra-2.5.3/kexi/kexidb/expression.cpp:312
#13 0x00007f3c71ab682d in KexiDB::BinaryExpr::validate (this=0x16d0cc0, parseInfo=...) at /build/buildd/calligra-2.5.3/kexi/kexidb/expression.cpp:381
#14 0x00007f3c71a73cd4 in buildSelectQuery (querySchema=0x16b7fa0, colViews=0x16d0980, tablesList=<optimized out>, options=0x16b8010) at /build/buildd/calligra-2.5.3/kexi/kexidb/parser/parser_p.cpp:564
#15 0x00007f3c71a6eb76 in yyparse () at sqlparser.y:737
#16 0x00007f3c71a730d5 in parseData (p=<optimized out>, data=<optimized out>) at /build/buildd/calligra-2.5.3/kexi/kexidb/parser/parser_p.cpp:192
#17 0x00007f3c71a71f59 in KexiDB::Parser::parse (this=0x11f10c0, statement=...) at /build/buildd/calligra-2.5.3/kexi/kexidb/parser/parser.cpp:156
#18 0x00007f3c71a88d8e in KexiDB::Connection::setupQuerySchema (this=this@entry=0x122e750, data=...) at /build/buildd/calligra-2.5.3/kexi/kexidb/connection.cpp:3098
#19 0x00007f3c71a8925b in KexiDB::Connection::querySchema (this=0x122e750, queryName=...) at /build/buildd/calligra-2.5.3/kexi/kexidb/connection.cpp:3130
#20 0x00007f3c48a604fc in KexiDBReportData::getSchema (this=0x16b75b0) at /build/buildd/calligra-2.5.3/kexi/plugins/reports/kexidbreportdata.cpp:118
#21 0x00007f3c48a5d096 in KexiReportView::sourceData (this=this@entry=0x15e69e0, e=...) at /build/buildd/calligra-2.5.3/kexi/plugins/reports/kexireportview.cpp:362
#22 0x00007f3c48a5d7e3 in KexiReportView::afterSwitchFrom (this=0x15e69e0, mode=<optimized out>) at /build/buildd/calligra-2.5.3/kexi/plugins/reports/kexireportview.cpp:299
#23 0x00007f3c737363ea in KexiWindow::switchToViewMode (this=0x162abc0, newViewMode=Kexi::DataViewMode, staticObjectArgs=<optimized out>, proposeOpeningInTextViewModeBecauseOfProblems=@0x7fff5035a6ce: false) at /build/buildd/calligra-2.5.3/kexi/core/KexiWindow.cpp:664
#24 0x00007f3c737413f2 in KexiPart::Part::openInstance (this=0xfd4010, parent=0x1582be0, item=..., viewMode=Kexi::DataViewMode, staticObjectArgs=0x0) at /build/buildd/calligra-2.5.3/kexi/core/kexipart.cpp:321
#25 0x00007f3c7372a9c0 in KexiProject::openObject (this=0xd869d0, parent=0x1582be0, item=..., viewMode=Kexi::DataViewMode, staticObjectArgs=0x0) at /build/buildd/calligra-2.5.3/kexi/core/kexiproject.cpp:816
#26 0x00007f3c739e856a in KexiMainWindow::openObject (this=0xe45350, item=0x11a1b60, viewMode=Kexi::DataViewMode, openingCancelled=<optimized out>, staticObjectArgs=0x0, errorMessage=<optimized out>) at /build/buildd/calligra-2.5.3/kexi/main/KexiMainWindow.cpp:3374
#27 0x00007f3c739dcd4a in openObjectFromNavigator (openingCancelled=@0x7fff5035ab4f: false, viewMode=Kexi::DataViewMode, item=0x11a1b60, this=0xe45350) at /build/buildd/calligra-2.5.3/kexi/main/KexiMainWindow.cpp:3482
#28 KexiMainWindow::openObjectFromNavigator (this=0xe45350, item=0x11a1b60, viewMode=Kexi::DataViewMode, openingCancelled=@0x7fff5035ab4f: false) at /build/buildd/calligra-2.5.3/kexi/main/KexiMainWindow.cpp:3445
#29 0x00007f3c739dce5e in KexiMainWindow::openObjectFromNavigator (this=<optimized out>, item=<optimized out>, viewMode=<optimized out>) at /build/buildd/calligra-2.5.3/kexi/main/KexiMainWindow.cpp:3441
#30 0x00007f3c739ed808 in qt_static_metacall (_a=<optimized out>, _id=<optimized out>, _o=<optimized out>, _c=<optimized out>) at /build/buildd/calligra-2.5.3/obj-x86_64-linux-gnu/kexi/main/KexiMainWindow.moc:457
#31 KexiMainWindow::qt_static_metacall (_o=0xe45350, _c=<optimized out>, _id=<optimized out>, _a=0x7fff5035ad10) at /build/buildd/calligra-2.5.3/obj-x86_64-linux-gnu/kexi/main/KexiMainWindow.moc:373
#32 0x00007f3c72251f5f in QMetaObject::activate (sender=0x124b4d0, m=<optimized out>, local_signal_index=<optimized out>, argv=0x7fff5035ad10) at kernel/qobject.cpp:3547
#33 0x00007f3c712bfcc0 in KexiProjectNavigator::openOrActivateItem (this=<optimized out>, _t1=0x11a1b60, _t2=Kexi::DataViewMode) at /build/buildd/calligra-2.5.3/obj-x86_64-linux-gnu/kexi/widget/moc_KexiProjectNavigator.cpp:199
#34 0x00007f3c712c748e in KexiProjectNavigator::slotExecuteItem (this=0x124b4d0, vitem=...) at /build/buildd/calligra-2.5.3/kexi/widget/navigator/KexiProjectNavigator.cpp:289
#35 0x00007f3c72251f5f in QMetaObject::activate (sender=0x124ac80, m=<optimized out>, local_signal_index=<optimized out>, argv=0x7fff5035aeb0) at kernel/qobject.cpp:3547
#36 0x00007f3c731293e5 in QAbstractItemView::doubleClicked (this=<optimized out>, _t1=...) at .moc/release-shared/moc_qabstractitemview.cpp:355
#37 0x00007f3c73171e6d in QTreeView::mouseDoubleClickEvent (this=0x124ac80, event=0x7fff5035bad0) at itemviews/qtreeview.cpp:1876
#38 0x00007f3c72c6d86a in QWidget::event (this=0x124ac80, event=0x7fff5035bad0) at kernel/qwidget.cpp:8375
#39 0x00007f3c7301cb66 in QFrame::event (this=0x124ac80, e=0x7fff5035bad0) at widgets/qframe.cpp:557
#40 0x00007f3c7312859b in QAbstractItemView::viewportEvent (this=0x124ac80, event=0x7fff5035bad0) at itemviews/qabstractitemview.cpp:1644
#41 0x00007f3c7316cd81 in QTreeView::viewportEvent (this=0x124ac80, event=0x7fff5035bad0) at itemviews/qtreeview.cpp:1257
#42 0x00007f3c7223c6d6 in QCoreApplicationPrivate::sendThroughObjectEventFilters (this=<optimized out>, receiver=0x124c680, event=0x7fff5035bad0) at kernel/qcoreapplication.cpp:1025
#43 0x00007f3c72c1de6c in QApplicationPrivate::notify_helper (this=this@entry=0xb54db0, receiver=receiver@entry=0x124c680, e=e@entry=0x7fff5035bad0) at kernel/qapplication.cpp:4558
#44 0x00007f3c72c22b6b in QApplication::notify (this=<optimized out>, receiver=0x124c680, e=0x7fff5035bad0) at kernel/qapplication.cpp:4105
#45 0x00007f3c6fd391d6 in KApplication::notify (this=0xb40790, receiver=0x124c680, event=0x7fff5035bad0) at ../../kdeui/kernel/kapplication.cpp:311
#46 0x00007f3c7223c56e in QCoreApplication::notifyInternal (this=0xb40790, receiver=0x124c680, event=0x7fff5035bad0) at kernel/qcoreapplication.cpp:915
#47 0x00007f3c72c1ecd3 in sendEvent (event=<optimized out>, receiver=<optimized out>) at ../../include/QtCore/../../src/corelib/kernel/qcoreapplication.h:231
#48 QApplicationPrivate::sendMouseEvent (receiver=0x124c680, event=0x7fff5035bad0, alienWidget=0x124c680, nativeWidget=0xedb950, buttonDown=0x7f3c736fa308 <qt_button_down>, lastMouseReceiver=..., spontaneous=true) at kernel/qapplication.cpp:3173
#49 0x00007f3c72c9c554 in QETWidget::translateMouseEvent (this=this@entry=0xedb950, event=event@entry=0x7fff5035c250) at kernel/qapplication_x11.cpp:4622
#50 0x00007f3c72c9b44f in QApplication::x11ProcessEvent (this=0xb40790, event=0x7fff5035c250) at kernel/qapplication_x11.cpp:3737
#51 0x00007f3c72cc2fa2 in x11EventSourceDispatch (s=0xb57e00, callback=0x0, user_data=0x0) at kernel/qguieventdispatcher_glib.cpp:146
#52 0x00007f3c6e9dbab5 in g_main_context_dispatch () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#53 0x00007f3c6e9dbde8 in ?? () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#54 0x00007f3c6e9dbea4 in g_main_context_iteration () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#55 0x00007f3c7226abf6 in QEventDispatcherGlib::processEvents (this=0xad5ad0, flags=...) at kernel/qeventdispatcher_glib.cpp:424
#56 0x00007f3c72cc2c1e in QGuiEventDispatcherGlib::processEvents (this=<optimized out>, flags=...) at kernel/qguieventdispatcher_glib.cpp:204
#57 0x00007f3c7223b2bf in QEventLoop::processEvents (this=this@entry=0x7fff5035c620, flags=...) at kernel/qeventloop.cpp:149
#58 0x00007f3c7223b548 in QEventLoop::exec (this=0x7fff5035c620, flags=...) at kernel/qeventloop.cpp:204
#59 0x00007f3c72240708 in QCoreApplication::exec () at kernel/qcoreapplication.cpp:1187
#60 0x0000000000400891 in main (argc=<optimized out>, argv=0x7fff5035c758) at /build/buildd/calligra-2.5.3/kexi/main.cpp:36

Reported using DrKonqi
Comment 1 Jarosław Staniek 2013-02-28 23:33:12 UTC 
Dear Robert, yes please sent the database file, can be sent to me privately if you prefer, or compressed with zip and attached below.
Comment 2 robert leleu 2013-03-01 08:28:35 UTC 
Created attachment 77657 [details]
adressesk.kexi.tar.gz

compressed file attached
the concerned query is «liensidentite»


la 01/03/2013 00:33, Jarosław Staniek skribis (esperanto estas la unua 
internacia lingvo)
> https://bugs.kde.org/show_bug.cgi?id=315852
>
> Jarosław Staniek <staniek@kde.org> changed:
>
>             What    |Removed                     |Added
> ----------------------------------------------------------------------------
>               Status|UNCONFIRMED                 |NEEDSINFO
>           Resolution|---                         |WAITINGFORINFO
>
> --- Comment #1 from Jarosław Staniek <staniek@kde.org> ---
> Dear Robert, yes please sent the database file, can be sent to me privately if
> you prefer, or compressed with zip and attached below.
>
Comment 3 Jarosław Staniek 2013-03-17 22:57:00 UTC 
Thanks for the sample.
Comment 4 robert leleu 2014-05-12 13:00:33 UTC 
this bug is always here either with 
Version 2.8.2
or with 
Version 2.9 Pre-Alpha
Comment 5 Jarosław Staniek 2014-05-30 12:04:40 UTC 
One year later, queries need a lot more of investment!

Anyway, the SQL of the «liensidentite» query that crashes is:
SELECT identite.idcleunik FROM lieide, identite, liens, localis, codecomm, pays, liens WHERE (identite.idcleunik = lieide.idcleunik AND pays.pacleunik = codecomm.pacleunik AND codecomm.cocleunik = localis.cocleunik AND localis.locleunik = identite.locleunik AND liens.licleunik = lieide.licleunik) AND (liens.licleunik = 982)

it can be reduced it to this (and still crashes): 
SELECT liens.licleunik FROM liens, liens

So the issue nailed here is as follows: using the same table in the FROM section two times (here: liens, liens) without aliasing one of them, then referencing the table (here by: liens.licleunik) either in the SELECT section or in the WHERE or JOIN sections.

A fix for 2.8.4 in progress...

Current workaround is to remove the extra unnecessary occurrence of the 'liens' table from the FROM section of the original query. This needs creation of a new query in the SQL view however because opening the original query even in the SQL View currently crashes.
Comment 6 Jarosław Staniek 2014-06-05 19:49:46 UTC 
Git commit f8f807ebd94d9f9596977ba3a0a9973ede610eb0 by Jaroslaw Staniek.
Committed on 04/06/2014 at 11:12.
Pushed by staniek into branch 'master'.

Fix crash when accessing a query with duplicated table names

Example query that crashed: SELECT t.foo FROM t, t.
Now error message is displayed so user can fix the statement.
FIXED-IN:2.8.4
REVIEW:118519

M  +5    -11   libs/db/expression.cpp

http://commits.kde.org/calligra/f8f807ebd94d9f9596977ba3a0a9973ede610eb0
Comment 7 Jarosław Staniek 2014-06-05 19:50:09 UTC 
Git commit eaefd12562da5b422ae175351423fa15fd1a2cb4 by Jaroslaw Staniek.
Committed on 04/06/2014 at 11:12.
Pushed by staniek into branch 'calligra/2.8'.

Fix crash when accessing a query with duplicated table names

Example query that crashed: SELECT t.foo FROM t, t.
Now error message is displayed so user can fix the statement.
FIXED-IN:2.8.4

M  +5    -11   libs/db/expression.cpp

http://commits.kde.org/calligra/eaefd12562da5b422ae175351423fa15fd1a2cb4