Bug 390823

Summary: baloo_file crashes in Baloo::IdTreeDB::get()
Product: [Frameworks and Libraries] frameworks-baloo Reporter: CapSel <kdebugs>
Component: Baloo File DaemonAssignee: baloo-bugs-null
Status: RESOLVED FIXED    
Severity: crash CC: aramgrigoryan, michal.dybczak, nate, rebcamsie, suprafluid
Priority: HI Keywords: drkonqi
Version: 5.43.0   
Target Milestone: ---   
Platform: Compiled Sources   
OS: Linux   
Latest Commit: Version Fixed In:
Sentry Crash Report:

Description CapSel 2018-02-20 23:09:10 UTC 
Application: baloo_file (5.43.0)
 (Compiled from sources)
Qt Version: 5.9.4
Frameworks Version: 5.43.0
Operating System: Linux 4.15.4-gentoo x86_64
Distribution: "Gentoo Base System release 2.4.1"

-- Information about the crash:
- What I was doing when the application crashed:
balooctl check

I tried to recreate crash that is happening every day.

-- Backtrace:
Application: Baloo File Indexing Daemon (baloo_file), signal: Segmentation fault
Using host libthread_db library "/lib64/libthread_db.so.1".
[Current thread is 1 (Thread 0x7f49db07f780 (LWP 19369))]

Thread 3 (Thread 0x7f49da334700 (LWP 19390)):
[KCrash Handler]
#6  0x00007f49ded3d6a4 in ?? () from /lib64/libc.so.6
#7  0x00007f49dfa14e6a in memcpy (__len=94489280515, __src=0x7f49da333ba0, __dest=<optimized out>) at /usr/include/bits/string3.h:53
#8  Baloo::IdTreeDB::get (this=this@entry=0x7f49da333ba0, docId=<optimized out>) at /var/tmp/portage/kde-frameworks/baloo-5.43.0/work/baloo-5.43.0/src/engine/idtreedb.cpp:90
#9  0x00007f49dfa278c6 in Baloo::DocumentUrlDB::replace<Baloo::WriteTransaction::replaceDocument(const Baloo::Document&, Baloo::DocumentOperations)::<lambda(quint64)> > (shouldDeleteFolder=..., url=..., docId=<optimized out>, this=0x7f49da333b80) at /var/tmp/portage/kde-frameworks/baloo-5.43.0/work/baloo-5.43.0/src/engine/documenturldb.h:101
#10 Baloo::WriteTransaction::replaceDocument (this=<optimized out>, doc=..., operations=...) at /var/tmp/portage/kde-frameworks/baloo-5.43.0/work/baloo-5.43.0/src/engine/writetransaction.cpp:227
#11 0x00007f49dfa21e59 in Baloo::Transaction::replaceDocument (this=this@entry=0x7f49da333cb0, doc=..., operations=...) at /var/tmp/portage/kde-frameworks/baloo-5.43.0/work/baloo-5.43.0/src/engine/transaction.cpp:254
#12 0x000055bff1cb013a in Baloo::UnindexedFileIndexer::run (this=0x55bff39d7970) at /var/tmp/portage/kde-frameworks/baloo-5.43.0/work/baloo-5.43.0/src/file/unindexedfileindexer.cpp:68
#13 0x00007f49df56bc71 in ?? () from /usr/lib64/libQt5Core.so.5
#14 0x00007f49df56ef15 in ?? () from /usr/lib64/libQt5Core.so.5
#15 0x00007f49de328877 in start_thread () from /lib64/libpthread.so.0
#16 0x00007f49decf7b6f in clone () from /lib64/libc.so.6

Thread 2 (Thread 0x7f49dae37700 (LWP 19370)):
#0  0x00007f49decec75d in poll () from /lib64/libc.so.6
#1  0x00007f49dd485c69 in ?? () from /usr/lib64/libglib-2.0.so.0
#2  0x00007f49dd485d7c in g_main_context_iteration () from /usr/lib64/libglib-2.0.so.0
#3  0x00007f49df765c5b in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib64/libQt5Core.so.5
#4  0x00007f49df71329a in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib64/libQt5Core.so.5
#5  0x00007f49df56aa1a in QThread::exec() () from /usr/lib64/libQt5Core.so.5
#6  0x00007f49dfb4e5c5 in ?? () from /usr/lib64/libQt5DBus.so.5
#7  0x00007f49df56ef15 in ?? () from /usr/lib64/libQt5Core.so.5
#8  0x00007f49de328877 in start_thread () from /lib64/libpthread.so.0
#9  0x00007f49decf7b6f in clone () from /lib64/libc.so.6

Thread 1 (Thread 0x7f49db07f780 (LWP 19369)):
#0  0x00007f49decec75d in poll () from /lib64/libc.so.6
#1  0x00007f49dd485c69 in ?? () from /usr/lib64/libglib-2.0.so.0
#2  0x00007f49dd485d7c in g_main_context_iteration () from /usr/lib64/libglib-2.0.so.0
#3  0x00007f49df765c5b in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib64/libQt5Core.so.5
#4  0x00007f49df71329a in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib64/libQt5Core.so.5
#5  0x00007f49df71ba14 in QCoreApplication::exec() () from /usr/lib64/libQt5Core.so.5
#6  0x000055bff1ca582c in main (argc=<optimized out>, argv=<optimized out>) at /var/tmp/portage/kde-frameworks/baloo-5.43.0/work/baloo-5.43.0/src/file/main.cpp:104

Reported using DrKonqi
Comment 1 Valerii Malov 2019-03-13 21:50:40 UTC 
Git commit eb68430ae5f4fc4c4a2e5b1798683ff6a639ad3d by Valerii Malov.
Committed on 13/03/2019 at 21:50.
Pushed by valeriymalov into branch 'master'.

Baloo engine: treat every non-success code as a failure

Summary:
Treating only MDB_NOTFOUND as an error leads to use of uninitliazed
pointers and handle IDs in other cases (e.g. when get fails with
MDB_BAD_TXN) and wreaks havoc in the application.
Related: bug 361186, bug 372880, bug 395888, bug 367480, bug 403720

Reviewers: #baloo, bruns, poboiko

Reviewed By: #baloo, bruns

Subscribers: cullmann, ngraham, bruns, kde-frameworks-devel, #baloo

Tags: #frameworks, #baloo

Differential Revision: https://phabricator.kde.org/D18664

M  +12   -9    src/engine/database.cpp
M  +26   -17   src/engine/documentdatadb.cpp
M  +30   -22   src/engine/documentdb.cpp
M  +30   -22   src/engine/documentiddb.cpp
M  +25   -16   src/engine/documenttimedb.cpp
M  +0    -1    src/engine/documenturldb.cpp
M  +4    -3    src/engine/documenturldb.h
M  +4    -5    src/engine/fsutils.cpp
M  +28   -15   src/engine/idfilenamedb.cpp
M  +22   -13   src/engine/idtreedb.cpp
M  +37   -29   src/engine/mtimedb.cpp
M  +0    -2    src/engine/phraseanditerator.cpp
M  +24   -19   src/engine/positiondb.cpp
M  +31   -27   src/engine/postingdb.cpp
M  +47   -13   src/engine/transaction.cpp
M  +4    -4    src/engine/transaction.h
M  +3    -2    src/file/extractorprocess.cpp
M  +5    -5    src/file/fileindexscheduler.cpp
M  +5    -4    src/file/indexcleaner.cpp
M  +0    -1    src/file/main.cpp
M  +1    -1    src/file/metadatamover.cpp

https://commits.kde.org/baloo/eb68430ae5f4fc4c4a2e5b1798683ff6a639ad3d
Comment 2 Nate Graham 2019-03-17 15:37:12 UTC 
*** Bug 405270 has been marked as a duplicate of this bug. ***
Comment 3 Nate Graham 2019-10-27 23:21:02 UTC 
*** Bug 413449 has been marked as a duplicate of this bug. ***
Comment 4 Ismael Asensio 2019-12-23 14:14:27 UTC 
*** Bug 415456 has been marked as a duplicate of this bug. ***
Comment 5 Nate Graham 2020-10-26 16:21:08 UTC 
No duplicate bug reports seen in almost a year and all duplicates are old, from Frameworks 5.54 or older. After all the bugfixing work done during that time, I think we can call this fixed!