Bug 367480 - baloo_file crashes in Baloo::PostingCodec::decode
Summary: baloo_file crashes in Baloo::PostingCodec::decode
Status: RESOLVED FIXED
Alias: None
Product: frameworks-baloo
Classification: Frameworks and Libraries
Component: general (show other bugs)
Version: 5.18.0
Platform: Ubuntu Linux
: VHI crash
Target Milestone: ---
Assignee: Pinak Ahuja
URL:
Keywords: drkonqi
: 353869 354581 355551 356114 357043 358502 358794 359095 359775 359968 360242 360386 360480 360523 360708 360804 361417 361580 361741 361868 362081 362255 362299 362419 362566 363049 363342 363377 363471 363508 363541 363761 364250 365231 365854 366007 366314 368352 368353 369101 370024 370990 371742 371812 372132 372725 373692 373878 374159 374732 374863 376188 376503 378582 380167 380294 381622 381884 383798 384940 385186 385353 386269 387637 388621 389455 390363 390610 391345 391803 392258 392701 393281 393494 393981 394404 394662 394969 395472 395996 396218 396255 396323 396973 398554 399481 399583 399692 399878 400032 400107 400157 400213 400524 400756 401445 401659 401852 401990 402684 402698 403954 404097 404140 404729 404758 405183 405315 405972 406210 408098 408651 411060 411546 414197 (view as bug list)
Depends on:
Blocks:
 
Reported: 2016-08-18 07:58 UTC by peter flexer
Modified: 2020-10-26 15:47 UTC (History)
99 users (show)

See Also:
Latest Commit:
Version Fixed In: 5.51


Attachments
New crash information added by DrKonqi (7.69 KB, text/plain)
2017-12-20 09:35 UTC, Benjamin Buch
Details
New crash information added by DrKonqi (4.15 KB, text/plain)
2017-12-25 11:56 UTC, temlakos
Details
New crash information added by DrKonqi (3.97 KB, text/plain)
2018-01-03 21:59 UTC, christian tacke
Details
New crash information added by DrKonqi (4.06 KB, text/plain)
2018-07-20 10:11 UTC, Leon
Details
New crash information added by DrKonqi (4.58 KB, text/plain)
2018-08-29 18:12 UTC, Bob Miller
Details
New crash information added by DrKonqi (4.11 KB, text/plain)
2018-09-10 12:46 UTC, ppaglial
Details
New crash information added by DrKonqi (3.92 KB, text/plain)
2018-10-18 16:20 UTC, alx.kuzza
Details
New crash information added by DrKonqi (4.70 KB, text/plain)
2018-11-05 20:04 UTC, Reinhard Auner
Details
New crash information added by DrKonqi (4.14 KB, text/plain)
2018-11-19 09:01 UTC, Freek de Kruijf
Details
New crash information added by DrKonqi (7.83 KB, text/plain)
2018-11-20 18:29 UTC, Reinhard Auner
Details
New crash information added by DrKonqi (4.69 KB, text/plain)
2018-12-20 19:16 UTC, Reinhard Auner
Details
New crash information added by DrKonqi (3.96 KB, text/plain)
2019-01-04 00:41 UTC, Wantoyo
Details
backtrace (5.10 KB, text/plain)
2019-01-09 17:40 UTC, Tim Mason
Details
New crash information added by DrKonqi (6.60 KB, text/plain)
2019-02-21 23:11 UTC, Kern
Details

Note You need to log in before you can comment on or make changes to this bug.
Description peter flexer 2016-08-18 07:58:06 UTC
Application: baloo_file (5.18.0)

Qt Version: 5.5.1
Operating System: Linux 4.4.0-31-generic x86_64
Distribution: Ubuntu 16.04.1 LTS

-- Information about the crash:
- What I was doing when the application crashed:

This was the initial load after bootup of Kubuntu and login in .

-- Backtrace:
Application: Baloo File Indexing Daemon (baloo_file), signal: Segmentation fault
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
__lll_robust_lock_wait () at ../sysdeps/unix/sysv/linux/x86_64/lowlevelrobustlock.S:85
[Current thread is 1 (Thread 0x7f8af0d0b8c0 (LWP 3320))]

Thread 2 (Thread 0x7f89a5c06700 (LWP 3641)):
[KCrash Handler]
#6  QVector<unsigned long long>::reallocData (this=0x7f89a5c05aa0, asize=-201112224, aalloc=<optimized out>, options=...) at /usr/include/x86_64-linux-gnu/qt5/QtCore/qvector.h:514
#7  0x00007f8aefefd896 in QVector<unsigned long long>::resize (asize=<optimized out>, this=0x7f89a5c05aa0) at /usr/include/x86_64-linux-gnu/qt5/QtCore/qvector.h:386
#8  Baloo::PostingCodec::decode (this=this@entry=0x7f89a5c059ef, arr=...) at /build/baloo-kf5-wIK3t6/baloo-kf5-5.18.0/src/codecs/postingcodec.cpp:40
#9  0x00007f8aefee9814 in Baloo::PostingDB::get (this=this@entry=0x7f89a5c05ad0, term=...) at /build/baloo-kf5-wIK3t6/baloo-kf5-5.18.0/src/engine/postingdb.cpp:100
#10 0x00007f8aefefa3c6 in Baloo::WriteTransaction::commit (this=<optimized out>) at /build/baloo-kf5-wIK3t6/baloo-kf5-5.18.0/src/engine/writetransaction.cpp:277
#11 0x00007f8aefef2032 in Baloo::Transaction::commit (this=this@entry=0x7f89a5c05bd0) at /build/baloo-kf5-wIK3t6/baloo-kf5-5.18.0/src/engine/transaction.cpp:262
#12 0x000000000041c8e0 in Baloo::NewFileIndexer::run (this=0x2754cc0) at /build/baloo-kf5-wIK3t6/baloo-kf5-5.18.0/src/file/newfileindexer.cpp:75
#13 0x00007f8aef810343 in QThreadPoolThread::run (this=0x273d8b0) at thread/qthreadpool.cpp:93
#14 0x00007f8aef81384e in QThreadPrivate::start (arg=0x273d8b0) at thread/qthread_unix.cpp:331
#15 0x00007f8aee4776fa in start_thread (arg=0x7f89a5c06700) at pthread_create.c:333
#16 0x00007f8aeee20b5d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:109

Thread 1 (Thread 0x7f8af0d0b8c0 (LWP 3320)):
#0  __lll_robust_lock_wait () at ../sysdeps/unix/sysv/linux/x86_64/lowlevelrobustlock.S:85
#1  0x00007f8aee479a28 in __pthread_mutex_lock_full (mutex=0x7f8af0eb3040) at ../nptl/pthread_mutex_lock.c:256
#2  0x00007f8aed548c32 in ?? () from /usr/lib/x86_64-linux-gnu/liblmdb.so.0
#3  0x00007f8aed549f14 in mdb_txn_begin () from /usr/lib/x86_64-linux-gnu/liblmdb.so.0
#4  0x00007f8aefef199b in Baloo::Transaction::Transaction (this=0x7fffe16caad0, db=..., type=Baloo::Transaction::ReadWrite) at /build/baloo-kf5-wIK3t6/baloo-kf5-5.18.0/src/engine/transaction.cpp:53
#5  0x000000000042a004 in Baloo::MetadataMover::moveFileMetadata (this=0x256a930, from=..., to=...) at /build/baloo-kf5-wIK3t6/baloo-kf5-5.18.0/src/file/metadatamover.cpp:49
#6  0x00007f8aefa22e4f in QtPrivate::QSlotObjectBase::call (a=0x7fffe16cac30, r=0x7fffe16cb2f0, this=<optimized out>) at ../../include/QtCore/../../src/corelib/kernel/qobject_impl.h:124
#7  QMetaObject::activate (sender=sender@entry=0x256a950, signalOffset=<optimized out>, local_signal_index=local_signal_index@entry=7, argv=argv@entry=0x7fffe16cac30) at kernel/qobject.cpp:3698
#8  0x00007f8aefa237d7 in QMetaObject::activate (sender=sender@entry=0x256a950, m=m@entry=0x644cc0 <KInotify::staticMetaObject>, local_signal_index=local_signal_index@entry=7, argv=argv@entry=0x7fffe16cac30) at kernel/qobject.cpp:3578
#9  0x000000000042aaba in KInotify::moved (this=this@entry=0x256a950, _t1=..., _t2=...) at /build/baloo-kf5-wIK3t6/baloo-kf5-5.18.0/obj-x86_64-linux-gnu/src/file/moc_kinotify.cpp:330
#10 0x000000000042cbff in KInotify::slotEvent (this=<optimized out>, socket=<optimized out>) at /build/baloo-kf5-wIK3t6/baloo-kf5-5.18.0/src/file/kinotify.cpp:421
#11 0x00007f8aefa22e4f in QtPrivate::QSlotObjectBase::call (a=0x7fffe16caec0, r=0x256a950, this=<optimized out>) at ../../include/QtCore/../../src/corelib/kernel/qobject_impl.h:124
#12 QMetaObject::activate (sender=sender@entry=0x2540090, signalOffset=<optimized out>, local_signal_index=local_signal_index@entry=0, argv=argv@entry=0x7fffe16caec0) at kernel/qobject.cpp:3698
#13 0x00007f8aefa237d7 in QMetaObject::activate (sender=sender@entry=0x2540090, m=m@entry=0x7f8aefc3d780 <QSocketNotifier::staticMetaObject>, local_signal_index=local_signal_index@entry=0, argv=argv@entry=0x7fffe16caec0) at kernel/qobject.cpp:3578
#14 0x00007f8aefaa251e in QSocketNotifier::activated (this=this@entry=0x2540090, _t1=13) at .moc/moc_qsocketnotifier.cpp:134
#15 0x00007f8aefa2f47b in QSocketNotifier::event (this=0x2540090, e=<optimized out>) at kernel/qsocketnotifier.cpp:260
#16 0x00007f8aef9f460c in QCoreApplication::notify (event=0x7fffe16caf80, receiver=0x2540090, this=0x7fffe16cb250) at kernel/qcoreapplication.cpp:1038
#17 QCoreApplication::notifyInternal (this=0x7fffe16cb250, receiver=0x2540090, event=event@entry=0x7fffe16caf80) at kernel/qcoreapplication.cpp:965
#18 0x00007f8aefa4af45 in QCoreApplication::sendEvent (event=0x7fffe16caf80, receiver=<optimized out>) at ../../include/QtCore/../../src/corelib/kernel/qcoreapplication.h:224
#19 socketNotifierSourceDispatch (source=0x24ecfa0) at kernel/qeventdispatcher_glib.cpp:101
#20 0x00007f8aebfe51a7 in g_main_context_dispatch () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#21 0x00007f8aebfe5400 in ?? () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#22 0x00007f8aebfe54ac in g_main_context_iteration () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#23 0x00007f8aefa4aa7f in QEventDispatcherGlib::processEvents (this=0x24ed4d0, flags=...) at kernel/qeventdispatcher_glib.cpp:418
#24 0x00007f8aef9f1dea in QEventLoop::exec (this=this@entry=0x7fffe16cb190, flags=..., flags@entry=...) at kernel/qeventloop.cpp:204
#25 0x00007f8aef9f9e8c in QCoreApplication::exec () at kernel/qcoreapplication.cpp:1229
#26 0x000000000041698c in main (argc=1, argv=<optimized out>) at /build/baloo-kf5-wIK3t6/baloo-kf5-5.18.0/src/file/main.cpp:88

Possible duplicates by query: bug 356445.

Reported using DrKonqi
Comment 1 Christoph Cullmann 2016-09-11 13:17:24 UTC
*** Bug 368353 has been marked as a duplicate of this bug. ***
Comment 2 Christoph Cullmann 2016-09-11 13:17:50 UTC
*** Bug 366007 has been marked as a duplicate of this bug. ***
Comment 3 Christoph Cullmann 2016-09-11 13:18:56 UTC
*** Bug 365854 has been marked as a duplicate of this bug. ***
Comment 4 Christoph Cullmann 2016-09-11 13:19:28 UTC
Guess decode trips over corrupted data, this happens a lot, we have plenty of reports about similar things, will duplicate them to this one.
Comment 5 Christoph Cullmann 2016-09-11 13:20:06 UTC
*** Bug 365231 has been marked as a duplicate of this bug. ***
Comment 6 Christoph Cullmann 2016-09-11 13:21:01 UTC
*** Bug 364250 has been marked as a duplicate of this bug. ***
Comment 7 Christoph Cullmann 2016-09-11 13:22:21 UTC
*** Bug 363761 has been marked as a duplicate of this bug. ***
Comment 8 Christoph Cullmann 2016-09-11 13:22:30 UTC
*** Bug 363541 has been marked as a duplicate of this bug. ***
Comment 9 Christoph Cullmann 2016-09-11 13:22:39 UTC
*** Bug 363508 has been marked as a duplicate of this bug. ***
Comment 10 Christoph Cullmann 2016-09-11 13:23:02 UTC
*** Bug 363342 has been marked as a duplicate of this bug. ***
Comment 11 Christoph Cullmann 2016-09-11 13:23:07 UTC
*** Bug 363377 has been marked as a duplicate of this bug. ***
Comment 12 Christoph Cullmann 2016-09-11 13:23:18 UTC
*** Bug 363471 has been marked as a duplicate of this bug. ***
Comment 13 Christoph Cullmann 2016-09-11 13:24:05 UTC
*** Bug 362255 has been marked as a duplicate of this bug. ***
Comment 14 Christoph Cullmann 2016-09-11 13:24:15 UTC
*** Bug 363049 has been marked as a duplicate of this bug. ***
Comment 15 Christoph Cullmann 2016-09-11 13:27:22 UTC
We have either

#6  QVector<unsigned long long>::reallocData (this=0x7f89a5c05aa0, asize=-201112224, aalloc=<optimized out>, options=...) at /usr/include/x86_64-linux-gnu/qt5/QtCore/qvector.h:514
#7  0x00007f8aefefd896 in QVector<unsigned long long>::resize (asize=<optimized out>, this=0x7f89a5c05aa0) at /usr/include/x86_64-linux-gnu/qt5/QtCore/qvector.h:386
#8  Baloo::PostingCodec::decode (this=this@entry=0x7f89a5c059ef, arr=...) at /build/baloo-kf5-wIK3t6/baloo-kf5-5.18.0/src/codecs/postingcodec.cpp:40
#9  0x00007f8aefee9814 in Baloo::PostingDB::get (this=this@entry=0x7f89a5c05ad0, term=...) at /build/baloo-kf5-wIK3t6/baloo-kf5-5.18.0/src/engine/postingdb.cpp:100
#10 0x00007f8aefefa3c6 in Baloo::WriteTransaction::commit (this=<optimized out>) at /build/baloo-kf5-wIK3t6/baloo-kf5-5.18.0/src/engine/writetransaction.cpp:277
#11 0x00007f8aefef2032 in Baloo::Transaction::commit (this=this@entry=0x7f89a5c05bd0) at /build/baloo-kf5-wIK3t6/baloo-kf5-5.18.0/src/engine/transaction.cpp:262
#12 0x000000000041c8e0 in Baloo::NewFileIndexer::run (this=0x2754cc0) at /build/baloo-kf5-wIK3t6/baloo-kf5-5.18.0/src/file/newfileindexer.cpp:75
#13 0x00007f8aef810343 in QThreadPoolThread::run (this=0x273d8b0) at thread/qthreadpool.cpp:93
#14 0x00007f8aef81384e in QThreadPrivate::start (arg=0x273d8b0) at thread/qthread_unix.cpp:331
#15 0x00007f8aee4776fa in start_thread (arg=0x7f89a5c06700) at pthread_create.c:333
#16 0x00007f8aeee20b5d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:109

or

#6  0x00007febc99a8460 in __memcpy_sse2_unaligned () at /lib64/libc.so.6
#7  0x00007febcacb5a0a in Baloo::PostingCodec::decode(QByteArray const&) (__len=70496, __src=<optimized out>, __dest=<optimized out>) at /usr/include/bits/string3.h:53
#8  0x00007febcacb5a0a in Baloo::PostingCodec::decode(QByteArray const&) (this=this@entry=0x7fea7fe839ff, arr=...) at /usr/src/debug/baloo-5.19.0/src/codecs/postingcodec.cpp:42
#9  0x00007febcaca20e4 in Baloo::PostingDB::get(QByteArray const&) (this=this@entry=0x7fea7fe83ae0, term=...) at /usr/src/debug/baloo-5.19.0/src/engine/postingdb.cpp:100
#10 0x00007febcacb257b in Baloo::WriteTransaction::commit() (this=<optimized out>) at /usr/src/debug/baloo-5.19.0/src/engine/writetransaction.cpp:286
#11 0x00007febcacaa592 in Baloo::Transaction::commit() (this=0x7fea7fe83be0) at /usr/src/debug/baloo-5.19.0/src/engine/transaction.cpp:262
#12 0x0000000000410319 in  ()
#13 0x00007febca3e2533 in QThreadPoolThread::run() (this=0x1ca1cb0) at thread/qthreadpool.cpp:93
#14 0x00007febca3e594f in QThreadPrivate::start(void*) (arg=0x1ca1cb0) at thread/qthread_unix.cpp:331
#15 0x00007febc8a364a4 in start_thread () at /lib64/libpthread.so.0
#16 0x00007febc99ffded in clone () at /lib64/libc.so.6

Both could happen with OOM on alloc of the array
Comment 16 Christoph Cullmann 2016-09-11 13:27:59 UTC
*** Bug 355551 has been marked as a duplicate of this bug. ***
Comment 17 Christoph Cullmann 2016-09-11 13:28:13 UTC
*** Bug 353869 has been marked as a duplicate of this bug. ***
Comment 18 Christoph Cullmann 2016-09-11 13:31:40 UTC
(or if we pass random data to that function, because get/.../ failed like for full DB, bug 364475)
Comment 19 Christoph Cullmann 2016-09-11 13:32:01 UTC
*** Bug 360386 has been marked as a duplicate of this bug. ***
Comment 20 Christoph Cullmann 2016-09-11 13:32:12 UTC
*** Bug 360242 has been marked as a duplicate of this bug. ***
Comment 21 Christoph Cullmann 2016-09-11 13:32:22 UTC
*** Bug 359775 has been marked as a duplicate of this bug. ***
Comment 22 Christoph Cullmann 2016-09-11 13:37:16 UTC
*** Bug 358502 has been marked as a duplicate of this bug. ***
Comment 23 Christoph Cullmann 2016-09-11 13:37:28 UTC
*** Bug 359095 has been marked as a duplicate of this bug. ***
Comment 24 Christoph Cullmann 2016-09-11 13:37:38 UTC
*** Bug 360480 has been marked as a duplicate of this bug. ***
Comment 25 Christoph Cullmann 2016-09-11 13:38:11 UTC
All control flow paths leading to this decode routine needs to be reviewed if we not need to care about lmdb failure codes.
Comment 26 Christoph Cullmann 2016-09-11 13:40:01 UTC
*** Bug 357043 has been marked as a duplicate of this bug. ***
Comment 27 Christoph Cullmann 2016-09-11 13:40:24 UTC
*** Bug 362081 has been marked as a duplicate of this bug. ***
Comment 28 Christoph Cullmann 2016-09-11 13:40:29 UTC
*** Bug 361868 has been marked as a duplicate of this bug. ***
Comment 29 Christoph Cullmann 2016-09-11 13:40:39 UTC
*** Bug 361741 has been marked as a duplicate of this bug. ***
Comment 30 Christoph Cullmann 2016-09-11 13:40:56 UTC
*** Bug 360804 has been marked as a duplicate of this bug. ***
Comment 31 Christoph Cullmann 2016-09-11 13:41:02 UTC
*** Bug 361417 has been marked as a duplicate of this bug. ***
Comment 32 Christoph Cullmann 2016-09-11 13:41:06 UTC
*** Bug 361580 has been marked as a duplicate of this bug. ***
Comment 33 Christoph Cullmann 2016-09-11 13:41:22 UTC
*** Bug 360708 has been marked as a duplicate of this bug. ***
Comment 34 Christoph Cullmann 2016-09-11 13:41:28 UTC
*** Bug 360523 has been marked as a duplicate of this bug. ***
Comment 35 Christoph Cullmann 2016-09-11 13:42:11 UTC
*** Bug 356114 has been marked as a duplicate of this bug. ***
Comment 36 Christoph Cullmann 2016-09-11 13:45:41 UTC
*** Bug 366314 has been marked as a duplicate of this bug. ***
Comment 37 Christoph Cullmann 2016-09-11 13:45:47 UTC
*** Bug 362419 has been marked as a duplicate of this bug. ***
Comment 38 Christoph Cullmann 2016-09-11 13:45:52 UTC
*** Bug 362299 has been marked as a duplicate of this bug. ***
Comment 39 Christoph Cullmann 2016-09-11 13:45:58 UTC
*** Bug 359968 has been marked as a duplicate of this bug. ***
Comment 40 Christoph Cullmann 2016-09-11 13:46:04 UTC
*** Bug 358794 has been marked as a duplicate of this bug. ***
Comment 41 Christoph Cullmann 2016-09-11 13:47:11 UTC
*** Bug 354581 has been marked as a duplicate of this bug. ***
Comment 42 Christoph Cullmann 2016-09-11 19:55:44 UTC
*** Bug 368352 has been marked as a duplicate of this bug. ***
Comment 43 David Edmundson 2016-12-19 13:58:56 UTC
*** Bug 373878 has been marked as a duplicate of this bug. ***
Comment 44 David Edmundson 2016-12-19 13:59:16 UTC
*** Bug 372132 has been marked as a duplicate of this bug. ***
Comment 45 David Edmundson 2016-12-19 13:59:27 UTC
*** Bug 371812 has been marked as a duplicate of this bug. ***
Comment 46 David Edmundson 2016-12-19 13:59:33 UTC
*** Bug 371742 has been marked as a duplicate of this bug. ***
Comment 47 David Edmundson 2016-12-19 13:59:36 UTC
*** Bug 370990 has been marked as a duplicate of this bug. ***
Comment 48 NightSky 2016-12-22 16:40:17 UTC
(In reply to Christoph Cullmann from comment #15)
Here is another one (Gentoo linux,  kde frameworks 5.29.0):

#6  Baloo::getVarint32Ptr (value=0x7f309520d940, limit=0x7ef11446c64f "\002\003\v\006'\017\031\f\v\006\005\n\b\016\016\017\f\a\024\t\a\004\020\003\n\003\v\003\a\n\t\004\b\004\003\b\a\005\b\a\006\003\a\006\003\f\n\023\003\006\t\004\a\004\003\r\005\v\b\003\016\004\025\b\004\b\004\033\b\005\017\a\a\004\v\005\003\005\b\a\r\020\004\004\030\n\005\020\003\037\v\005\b\003\005\002\n\006\n\t\005\b\a\004\b\005\021\004\004\v\003\a\004\a\005\003\n\006\003\t\003\003\r\t\004\017\026\a\004\t\004\020\005\b\003\004\005\v\n\004\a\020\006\005\004\004\002\b\005\r\023\n\n\t\v\003\026\026\f\003\020\a\005\b\v\003\f\005\f\022\006\003\005\003\003\005\004\022\003\n\005\002\006\006\025\031\003\024\r\003\016\003\t\016\017\b\a\017\002\f"..., p=0x0) at baloo-5.29.0/src/codecs/coding.h:97
#7  Baloo::getDifferentialVarInt32 (p=0x0, p@entry=0x7ef1143d7d27 "ddb", limit=limit@entry=0x7ef11446c64f "\002\003\v\006'\017\031\f\v\006\005\n\b\016\016\017\f\a\024\t\a\004\020\003\n\003\v\003\a\n\t\004\b\004\003\b\a\005\b\a\006\003\a\006\003\f\n\023\003\006\t\004\a\004\003\r\005\v\b\003\016\004\025\b\004\b\004\033\b\005\017\a\a\004\v\005\003\005\b\a\r\020\004\004\030\n\005\020\003\037\v\005\b\003\005\002\n\006\n\t\005\b\a\004\b\005\021\004\004\v\003\a\004\a\005\003\n\006\003\t\003\003\r\t\004\017\026\a\004\t\004\020\005\b\003\004\005\v\n\004\a\020\006\005\004\004\002\b\005\r\023\n\n\t\v\003\026\026\f\003\020\a\005\b\v\003\f\005\f\022\006\003\005\003\003\005\004\022\003\n\005\002\006\006\025\031\003\024\r\003\016\003\t\016\017\b\a\017\002\f"..., values=values@entry=0x7f309520d9f8) at baloo-5.29.0/src/codecs/coding.cpp:121
#8  0x00007f309601fbdc in Baloo::PositionCodec::decode (this=this@entry=0x7f309520da4f, arr=...) at baloo-5.29.0/src/codecs/positioncodec.cpp:56
#9  0x00007f309600a26f in Baloo::PositionDB::get (this=this@entry=0x7f309520db30, term=...) at baloo-5.29.0/src/engine/positiondb.cpp:101
#10 0x00007f309601cc03 in Baloo::WriteTransaction::commit (this=<optimized out>) at baloo-5.29.0/src/engine/writetransaction.cpp:272
#11 0x00007f309601497e in Baloo::Transaction::commit (this=this@entry=0x7f309520dc50) at baloo-5.29.0/src/engine/transaction.cpp:262
#12 0x0000000000411d6c in Baloo::FirstRunIndexer::run (this=0x235adf0) at baloo-5.29.0/src/file/firstrunindexer.cpp:81
#13 0x0000003a980b80ea in QThreadPoolThread::run (this=0x24c2120) at thread/qthreadpool.cpp:99
#14 0x0000003a980bdef6 in QThreadPrivate::start (arg=0x24c2120) at thread/qthread_unix.cpp:368
#15 0x0000003733407446 in start_thread (arg=0x7f309520e700) at pthread_create.c:334
#16 0x00000037330e8d3d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:109

I think it is due to the fact, that getVarint32PtrFallback (src/codecs/coding.cpp) can return a NULL, but neither getVarint32Ptr (src/codecs/coding.h) or getDifferentialVarInt32 (src/codecs/coding.cpp), that call it directly and indirectly, handles it.

Relevant pieces of code:
src/codecs/coding.h:
 : inline char* getVarint32Ptr(char* p, char* limit, quint32* value)
 :     ...
 :     if (p < limit) {
 :         quint32 result = *(reinterpret_cast<const unsigned char*>(p));   //<<< 'p' can be NULL
 :     ...
 :     return getVarint32PtrFallback(p, limit, value);   //<<< getVarint32PtrFallback can return NULL


src/codecs/coding.cpp:
 : char* getDifferentialVarInt32(char* p, char* limit, QVector<quint32>* values)
 :     ...
 :     while (p < limit && size) {
 :         quint32 n;
 :         p = getVarint32Ptr(p, limit, &n);   //<<< getVarint32Ptr can return NULL
 :         ...

 : char* getVarint32PtrFallback(char* p, char* limit, quint32* value)
 :     ...
 :     return NULL;
Comment 49 Christoph Feck 2017-03-24 22:20:09 UTC
*** Bug 373692 has been marked as a duplicate of this bug. ***
Comment 50 Christoph Feck 2017-07-17 20:17:25 UTC
*** Bug 369101 has been marked as a duplicate of this bug. ***
Comment 51 Christoph Feck 2017-07-17 20:17:48 UTC
*** Bug 370024 has been marked as a duplicate of this bug. ***
Comment 52 Christoph Feck 2017-07-17 20:18:05 UTC
*** Bug 372725 has been marked as a duplicate of this bug. ***
Comment 53 Christoph Feck 2017-07-17 20:18:21 UTC
*** Bug 374159 has been marked as a duplicate of this bug. ***
Comment 54 Christoph Feck 2017-07-17 20:18:34 UTC
*** Bug 374863 has been marked as a duplicate of this bug. ***
Comment 55 Christoph Feck 2017-07-17 20:18:45 UTC
*** Bug 376503 has been marked as a duplicate of this bug. ***
Comment 56 Christoph Feck 2017-07-17 20:19:01 UTC
*** Bug 378582 has been marked as a duplicate of this bug. ***
Comment 57 Christoph Feck 2017-07-17 20:19:16 UTC
*** Bug 381884 has been marked as a duplicate of this bug. ***
Comment 58 Christoph Feck 2017-07-17 20:24:44 UTC
*** Bug 380167 has been marked as a duplicate of this bug. ***
Comment 59 Christoph Feck 2017-07-17 20:25:00 UTC
*** Bug 380294 has been marked as a duplicate of this bug. ***
Comment 60 Christoph Feck 2017-07-17 20:28:32 UTC
*** Bug 381622 has been marked as a duplicate of this bug. ***
Comment 61 Nate Graham 2017-10-04 15:23:58 UTC
*** Bug 385353 has been marked as a duplicate of this bug. ***
Comment 62 Nate Graham 2017-10-27 20:06:06 UTC
*** Bug 362566 has been marked as a duplicate of this bug. ***
Comment 63 Benjamin Buch 2017-12-20 09:35:46 UTC
Created attachment 109459 [details]
New crash information added by DrKonqi

baloo_file (5.42.0) using Qt 5.9.3

- What I was doing when the application crashed:

I got a cup of coffee in the kitchen. So I did nothing.

-- Backtrace (Reduced):
#6  __memcpy_avx_unaligned () at ../sysdeps/x86_64/multiarch/memcpy-avx-unaligned.S:164
#7  0x00007fad57cf1123 in memcpy (__len=1, __src=<optimized out>, __dest=<optimized out>) at /usr/include/x86_64-linux-gnu/bits/string3.h:53
#8  Baloo::PostingCodec::decode (this=this@entry=0x7ffff7cba64f, arr=...) at /workspace/build/src/codecs/postingcodec.cpp:42
#9  0x00007fad57cdc2d4 in Baloo::PostingDB::get (this=this@entry=0x7ffff7cba750, term=...) at /workspace/build/src/engine/postingdb.cpp:100
#10 0x00007fad57cee0e1 in Baloo::WriteTransaction::commit (this=<optimized out>) at /workspace/build/src/engine/writetransaction.cpp:259
Comment 64 temlakos 2017-12-25 11:56:58 UTC
Created attachment 109507 [details]
New crash information added by DrKonqi

baloo_file_extractor (5.40.0) using Qt 5.9.2

- What I was doing when the application crashed:

System startup. Crash happened after I logged in and while KDE desktop was loading.

-- Backtrace (Reduced):
#6  0x00007fbbfabfce25 in QVector<unsigned int>::reallocData(int, int, QFlags<QArrayData::AllocationOption>) () from /lib64/libKF5BalooEngine.so.5
#7  0x00007fbbfac1aff0 in Baloo::getDifferentialVarInt32(char*, char*, QVector<unsigned int>*) () from /lib64/libKF5BalooEngine.so.5
#8  0x00007fbbfac1a9b7 in Baloo::PositionCodec::decode(QByteArray const&) () from /lib64/libKF5BalooEngine.so.5
#9  0x00007fbbfac0ad54 in Baloo::PositionDB::get(QByteArray const&) () from /lib64/libKF5BalooEngine.so.5
#10 0x00007fbbfac18c7c in Baloo::WriteTransaction::commit() () from /lib64/libKF5BalooEngine.so.5
Comment 65 christian tacke 2018-01-03 21:59:26 UTC
Created attachment 109654 [details]
New crash information added by DrKonqi

baloo_file_extractor (5.40.0) using Qt 5.9.2

- What I was doing when the application crashed:
System Startup

- Unusual behavior I noticed:
High Memory Cunsumption before last logout

-- Backtrace (Reduced):
#6  0x00007f10f69228ef in Baloo::getDifferentialVarInt32(char*, char*, QVector<unsigned int>*) () from /lib64/libKF5BalooEngine.so.5
#7  0x00007f10f69221c7 in Baloo::PositionCodec::decode(QByteArray const&) () from /lib64/libKF5BalooEngine.so.5
#8  0x00007f10f6912564 in Baloo::PositionDB::get(QByteArray const&) () from /lib64/libKF5BalooEngine.so.5
#9  0x00007f10f692048c in Baloo::WriteTransaction::commit() () from /lib64/libKF5BalooEngine.so.5
#10 0x00007f10f6919472 in Baloo::Transaction::commit() () from /lib64/libKF5BalooEngine.so.5
Comment 66 Dominik Haumann 2018-04-14 01:28:12 UTC
*** Bug 392701 has been marked as a duplicate of this bug. ***
Comment 67 Nate Graham 2018-05-08 17:25:34 UTC
*** Bug 393981 has been marked as a duplicate of this bug. ***
Comment 68 Nate Graham 2018-05-08 17:25:42 UTC
*** Bug 393281 has been marked as a duplicate of this bug. ***
Comment 69 Nate Graham 2018-05-08 17:25:57 UTC
*** Bug 391803 has been marked as a duplicate of this bug. ***
Comment 70 Nate Graham 2018-05-08 17:26:20 UTC
*** Bug 391345 has been marked as a duplicate of this bug. ***
Comment 71 Nate Graham 2018-05-08 17:26:29 UTC
*** Bug 390610 has been marked as a duplicate of this bug. ***
Comment 72 Christoph Feck 2018-06-01 18:48:22 UTC
*** Bug 394662 has been marked as a duplicate of this bug. ***
Comment 73 Christoph Feck 2018-06-01 18:48:39 UTC
*** Bug 393494 has been marked as a duplicate of this bug. ***
Comment 74 Nate Graham 2018-07-13 19:34:44 UTC
*** Bug 396255 has been marked as a duplicate of this bug. ***
Comment 75 Nate Graham 2018-07-13 19:35:14 UTC
*** Bug 384940 has been marked as a duplicate of this bug. ***
Comment 76 Leon 2018-07-20 10:11:33 UTC
Created attachment 114024 [details]
New crash information added by DrKonqi

baloo_file_extractor (5.47.0) using Qt 5.9.6

- What I was doing when the application crashed:
This happens when you reboot and login. when selecting restart option. the crash repeats

-- Backtrace (Reduced):
#6  0x00007f7691dba770 in Baloo::PositionCodec::decode(QByteArray const&) () from /lib64/libKF5BalooEngine.so.5
#7  0x00007f7691daace4 in Baloo::PositionDB::get(QByteArray const&) () from /lib64/libKF5BalooEngine.so.5
#8  0x00007f7691db8b34 in Baloo::WriteTransaction::commit() () from /lib64/libKF5BalooEngine.so.5
#9  0x00007f7691db1c62 in Baloo::Transaction::commit() () from /lib64/libKF5BalooEngine.so.5
#10 0x0000560a83220e2c in Baloo::App::processNextFile() ()
Comment 77 Bob Miller 2018-08-29 18:12:06 UTC
Created attachment 114688 [details]
New crash information added by DrKonqi

baloo_file_extractor (5.48.0) using Qt 5.9.6

- What I was doing when the application crashed: 
1. Something causes Baloo to crash (do not know what). I was reading kmail in this instance.
2. Logout, then login again
3, User is presented with the "baloo crashed -- restart?" graphic.
4. If restart is selected, baloo quckly consumes 100% CPU
5. Killing the process, logging out and logging back in again does not solve the problem. User is always presented with item #3 above.

My guess is that index is corrupted and no amount of restarts solves the problem. 

Workaround:
Go to ~/.local/share/baloo
Remove files from baloo directory
Logout, login. Baloo will remake the index, then be OK until the next crash.

-- Backtrace (Reduced):
#6  0x00007efd41d60770 in Baloo::PositionCodec::decode(QByteArray const&) () from /lib64/libKF5BalooEngine.so.5
#7  0x00007efd41d50ce4 in Baloo::PositionDB::get(QByteArray const&) () from /lib64/libKF5BalooEngine.so.5
#8  0x00007efd41d5eb34 in Baloo::WriteTransaction::commit() () from /lib64/libKF5BalooEngine.so.5
#9  0x00007efd41d57c62 in Baloo::Transaction::commit() () from /lib64/libKF5BalooEngine.so.5
#10 0x000055e379ff8e2c in Baloo::App::processNextFile() ()
Comment 78 ppaglial 2018-09-10 12:46:43 UTC
Created attachment 114880 [details]
New crash information added by DrKonqi

baloo_file_extractor (5.48.0) using Qt 5.10.1

- What I was doing when the application crashed:  Baloo file extractor always crashes when my KDE session starts

-- Backtrace (Reduced):
#7  0x00007fe20eca85d1 in Baloo::PostingCodec::decode(QByteArray const&) () from /lib64/libKF5BalooEngine.so.5
#8  0x00007fe20ec95f21 in Baloo::PostingDB::get(QByteArray const&) () from /lib64/libKF5BalooEngine.so.5
#9  0x00007fe20eca6082 in Baloo::WriteTransaction::commit() () from /lib64/libKF5BalooEngine.so.5
#10 0x00007fe20ec9c7f6 in Baloo::Transaction::commit() () from /lib64/libKF5BalooEngine.so.5
#11 0x00005578398fe6cc in Baloo::App::processNextFile() ()
Comment 79 Nate Graham 2018-09-13 16:47:38 UTC
*** Bug 398554 has been marked as a duplicate of this bug. ***
Comment 80 Stefan Brüns 2018-10-06 23:57:17 UTC
Git commit 2d31a8500edb755dbf253656f41a34c55223438e by Stefan Brüns.
Committed on 06/10/2018 at 23:56.
Pushed by bruns into branch 'master'.

[PositionCodec] Avoid crash in case of corrupt data

Summary:
getDifferentialVarInt* returns a nullptr in case of a decoding error.

See also D11825.

Reviewers: #frameworks, poboiko, ngraham, #baloo

Reviewed By: ngraham, #baloo

Subscribers: kde-frameworks-devel, #baloo

Tags: #frameworks, #baloo

Differential Revision: https://phabricator.kde.org/D15993

M  +3    -0    src/codecs/positioncodec.cpp

https://commits.kde.org/baloo/2d31a8500edb755dbf253656f41a34c55223438e
Comment 81 Nate Graham 2018-10-10 17:24:25 UTC
*** Bug 399583 has been marked as a duplicate of this bug. ***
Comment 82 Nate Graham 2018-10-12 23:05:18 UTC
*** Bug 388621 has been marked as a duplicate of this bug. ***
Comment 83 Nate Graham 2018-10-12 23:05:24 UTC
*** Bug 392258 has been marked as a duplicate of this bug. ***
Comment 84 Nate Graham 2018-10-12 23:05:53 UTC
*** Bug 390363 has been marked as a duplicate of this bug. ***
Comment 85 Nate Graham 2018-10-12 23:06:01 UTC
*** Bug 387637 has been marked as a duplicate of this bug. ***
Comment 86 Nate Graham 2018-10-12 23:06:15 UTC
*** Bug 385186 has been marked as a duplicate of this bug. ***
Comment 87 Nate Graham 2018-10-12 23:06:36 UTC
*** Bug 376188 has been marked as a duplicate of this bug. ***
Comment 88 Nate Graham 2018-10-12 23:06:57 UTC
*** Bug 374732 has been marked as a duplicate of this bug. ***
Comment 89 Nate Graham 2018-10-12 23:07:14 UTC
*** Bug 383798 has been marked as a duplicate of this bug. ***
Comment 90 Nate Graham 2018-10-12 23:09:18 UTC
*** Bug 389455 has been marked as a duplicate of this bug. ***
Comment 91 Nate Graham 2018-10-12 23:09:38 UTC
*** Bug 394404 has been marked as a duplicate of this bug. ***
Comment 92 Nate Graham 2018-10-12 23:09:44 UTC
*** Bug 394969 has been marked as a duplicate of this bug. ***
Comment 93 Nate Graham 2018-10-12 23:09:52 UTC
*** Bug 395472 has been marked as a duplicate of this bug. ***
Comment 94 Nate Graham 2018-10-12 23:09:58 UTC
*** Bug 395996 has been marked as a duplicate of this bug. ***
Comment 95 Nate Graham 2018-10-12 23:10:03 UTC
*** Bug 396218 has been marked as a duplicate of this bug. ***
Comment 96 Nate Graham 2018-10-12 23:10:10 UTC
*** Bug 396323 has been marked as a duplicate of this bug. ***
Comment 97 Nate Graham 2018-10-12 23:10:37 UTC
*** Bug 396973 has been marked as a duplicate of this bug. ***
Comment 98 Nate Graham 2018-10-12 23:10:42 UTC
*** Bug 399481 has been marked as a duplicate of this bug. ***
Comment 99 Nate Graham 2018-10-12 23:10:54 UTC
*** Bug 399692 has been marked as a duplicate of this bug. ***
Comment 100 Nate Graham 2018-10-17 14:38:22 UTC
*** Bug 399849 has been marked as a duplicate of this bug. ***
Comment 101 Nate Graham 2018-10-17 14:41:20 UTC
*** Bug 399878 has been marked as a duplicate of this bug. ***
Comment 102 alx.kuzza 2018-10-18 16:20:10 UTC
Created attachment 115732 [details]
New crash information added by DrKonqi

baloo_file (5.45.0) using Qt 5.9.4

Just logged in to the system and baloo crashed as usual. That is happening for about 3 years with no fixes.

-- Backtrace (Reduced):
#6  __memmove_sse2_unaligned_erms () at ../sysdeps/x86_64/multiarch/memmove-vec-unaligned-erms.S:253
#7  0x00007f3f76023a93 in memcpy (__len=2055, __src=<optimized out>, __dest=<optimized out>) at /usr/include/bits/string_fortified.h:34
#8  Baloo::PostingCodec::decode (this=this@entry=0x7f3f6bc3c997, arr=...) at /usr/src/debug/baloo5-5.45.0-lp150.2.1.x86_64/src/codecs/postingcodec.cpp:42
#9  0x00007f3f76014f64 in Baloo::PostingDB::get (this=this@entry=0x7f3f6bc3ca80, term=...) at /usr/src/debug/baloo5-5.45.0-lp150.2.1.x86_64/src/engine/postingdb.cpp:100
#10 0x00007f3f76021180 in Baloo::WriteTransaction::commit (this=0x7eff5c0286f0) at /usr/src/debug/baloo5-5.45.0-lp150.2.1.x86_64/src/engine/writetransaction.cpp:259
Comment 103 Nate Graham 2018-10-18 16:26:26 UTC
(In reply to alx.kuzza from comment #102)
> Created attachment 115732 [details]
> New crash information added by DrKonqi
> 
> baloo_file (5.45.0) using Qt 5.9.4
> 
> Just logged in to the system and baloo crashed as usual. That is happening
> for about 3 years with no fixes.

Well you might try using the fixed version. :) This is fixed in Frameworks 5.51, but you're still using an old one.
Comment 104 peter flexer 2018-10-18 16:29:31 UTC
good to know as an top of the page it says fixed but "fixed in:" is empty..
Comment 105 Don Curtis 2018-10-18 16:39:08 UTC
@alx.kuzza@gmail.com:

As a workaround until such time as your Distro updates to Frameworks 5.51, you can add a symbolic link to this Bash script in '~/.config/plasma-workspace/env/':

#!/bin/bash
#
# Clean Baloo …
#
if [[ -f ~/.local/share/baloo/dateLastCleaned ]]
then
  declare -i BalooLastDate
  BalooLastDate="$(cat ~/.local/share/baloo/dateLastCleaned)"
  declare -i TwoDaysAgo
  TwoDaysAgo="$(date --date='2 days ago' +%Y%m%d)"
  if (( $BalooLastDate < $TwoDaysAgo ))
  then
    balooctl stop
    rm ~/.local/share/baloo/dateLastCleaned
    find ~/.config/ -maxdepth 1 -iname '*baloo*' -execdir /usr/bin/rm '{}' \;
    find ~/.local/share/baloo/ -iname '*index*' -execdir /usr/bin/rm '{}' \;
    date +%Y%m%d > ~/.local/share/baloo/dateLastCleaned
  fi
else
  balooctl stop
  find ~/.config/ -maxdepth 1 -iname '*baloo*' -execdir /usr/bin/rm '{}' \;
  find ~/.local/share/baloo/ -iname '*index*' -execdir /usr/bin/rm '{}' \;
  date +%Y%m%d > ~/.local/share/baloo/dateLastCleaned
fi
#
Comment 106 hotmusicfan 2018-10-19 20:56:05 UTC
(In reply to Don Curtis from comment #105)
> @alx.kuzza@gmail.com:
> 
> As a workaround until such time as your Distro updates to Frameworks 5.51,
> you can add a symbolic link to this Bash script in
> '~/.config/plasma-workspace/env/':
> 
> #!/bin/bash
> #
> # Clean Baloo …
> #
> if [[ -f ~/.local/share/baloo/dateLastCleaned ]]
> then
>   declare -i BalooLastDate
>   BalooLastDate="$(cat ~/.local/share/baloo/dateLastCleaned)"
>   declare -i TwoDaysAgo
>   TwoDaysAgo="$(date --date='2 days ago' +%Y%m%d)"
>   if (( $BalooLastDate < $TwoDaysAgo ))
>   then
>     balooctl stop
>     rm ~/.local/share/baloo/dateLastCleaned
>     find ~/.config/ -maxdepth 1 -iname '*baloo*' -execdir /usr/bin/rm '{}' \;
>     find ~/.local/share/baloo/ -iname '*index*' -execdir /usr/bin/rm '{}' \;
>     date +%Y%m%d > ~/.local/share/baloo/dateLastCleaned
>   fi
> else
>   balooctl stop
>   find ~/.config/ -maxdepth 1 -iname '*baloo*' -execdir /usr/bin/rm '{}' \;
>   find ~/.local/share/baloo/ -iname '*index*' -execdir /usr/bin/rm '{}' \;
>   date +%Y%m%d > ~/.local/share/baloo/dateLastCleaned
> fi
> #

Thank you so much! Works perfectly! I placed the script directly into the folder btw.
Comment 107 Nate Graham 2018-10-20 04:15:56 UTC
*** Bug 400032 has been marked as a duplicate of this bug. ***
Comment 108 Nate Graham 2018-10-21 17:42:12 UTC
*** Bug 400107 has been marked as a duplicate of this bug. ***
Comment 109 Nate Graham 2018-10-23 15:09:19 UTC
*** Bug 400157 has been marked as a duplicate of this bug. ***
Comment 110 Nate Graham 2018-10-23 19:29:51 UTC
*** Bug 400213 has been marked as a duplicate of this bug. ***
Comment 111 Nate Graham 2018-11-01 19:14:27 UTC
*** Bug 400524 has been marked as a duplicate of this bug. ***
Comment 112 Reinhard Auner 2018-11-05 20:04:00 UTC
Created attachment 116114 [details]
New crash information added by DrKonqi

baloo_file (5.45.0) using Qt 5.9.4

- What I was doing when the application crashed:

I had open Google Chrome, amarok, nothing else, when Baloo suddenly crashed.

-- Backtrace (Reduced):
#7  0x00007ff255365a93 in memcpy (__len=2067, __src=<optimized out>, __dest=<optimized out>) at /usr/include/bits/string_fortified.h:34
#8  Baloo::PostingCodec::decode (this=this@entry=0x7ff24ae018f7, arr=...) at /usr/src/debug/baloo5-5.45.0-lp150.2.1.x86_64/src/codecs/postingcodec.cpp:42
#9  0x00007ff255356f64 in Baloo::PostingDB::get (this=this@entry=0x7ff24ae019e0, term=...) at /usr/src/debug/baloo5-5.45.0-lp150.2.1.x86_64/src/engine/postingdb.cpp:100
#10 0x00007ff255363180 in Baloo::WriteTransaction::commit (this=0x7fb23c030640) at /usr/src/debug/baloo5-5.45.0-lp150.2.1.x86_64/src/engine/writetransaction.cpp:259
#11 0x00007ff25535c4c2 in Baloo::Transaction::commit (this=this@entry=0x7ff24ae01af0) at /usr/src/debug/baloo5-5.45.0-lp150.2.1.x86_64/src/engine/transaction.cpp:262
Comment 113 Nate Graham 2018-11-07 04:10:41 UTC
*** Bug 400756 has been marked as a duplicate of this bug. ***
Comment 114 Freek de Kruijf 2018-11-19 09:01:16 UTC
Created attachment 116400 [details]
New crash information added by DrKonqi

baloo_file (5.52.0) using Qt 5.11.2

- What I was doing when the application crashed:
This crash occurs just when starting a Plasma session. It occurred right after the latest upgrade of openSUSE Tumbleweed 20181116.

-- Backtrace (Reduced):
#7  0x00007f07cb03ad5d in memcpy (__len=1, __src=0x7ec7b811ad00, __dest=<optimized out>) at /usr/include/bits/string_fortified.h:34
#8  Baloo::PostingCodec::decode (this=this@entry=0x7ec7bfffe8d7, arr=...) at /usr/src/debug/baloo5-5.52.0-1.1.x86_64/src/codecs/postingcodec.cpp:42
#9  0x00007f07cb028499 in Baloo::PostingDB::get (this=this@entry=0x7ec7bfffe9c0, term=...) at /usr/src/debug/baloo5-5.52.0-1.1.x86_64/src/engine/postingdb.cpp:100
#10 0x00007f07cb03868a in Baloo::WriteTransaction::commit (this=0x7ec7b80441c0) at /usr/src/debug/baloo5-5.52.0-1.1.x86_64/src/engine/writetransaction.cpp:264
#11 0x00007f07cb02ecf2 in Baloo::Transaction::commit (this=this@entry=0x7ec7bfffeb20) at /usr/src/debug/baloo5-5.52.0-1.1.x86_64/src/engine/transaction.cpp:269
Comment 115 Reinhard Auner 2018-11-20 18:29:17 UTC
Created attachment 116429 [details]
New crash information added by DrKonqi

baloo_file (5.45.0) using Qt 5.9.4

- What I was doing when the application crashed:

I had open Google Chrome, surfing the web, when Baloo crashed..

-- Backtrace (Reduced):
#7  0x00007fbcb73d5a93 in memcpy (__len=2067, __src=<optimized out>, __dest=<optimized out>) at /usr/include/bits/string_fortified.h:34
#8  Baloo::PostingCodec::decode (this=this@entry=0x7fbcace79997, arr=...) at /usr/src/debug/baloo5-5.45.0-lp150.2.1.x86_64/src/codecs/postingcodec.cpp:42
#9  0x00007fbcb73c6f64 in Baloo::PostingDB::get (this=this@entry=0x7fbcace79a80, term=...) at /usr/src/debug/baloo5-5.45.0-lp150.2.1.x86_64/src/engine/postingdb.cpp:100
#10 0x00007fbcb73d3180 in Baloo::WriteTransaction::commit (this=0x7f7ca0004600) at /usr/src/debug/baloo5-5.45.0-lp150.2.1.x86_64/src/engine/writetransaction.cpp:259
#11 0x00007fbcb73cc4c2 in Baloo::Transaction::commit (this=this@entry=0x7fbcace79b90) at /usr/src/debug/baloo5-5.45.0-lp150.2.1.x86_64/src/engine/transaction.cpp:262
Comment 116 Nate Graham 2018-11-26 22:01:52 UTC
*** Bug 386269 has been marked as a duplicate of this bug. ***
Comment 117 Nate Graham 2018-11-26 22:05:48 UTC
*** Bug 401445 has been marked as a duplicate of this bug. ***
Comment 118 Nate Graham 2018-11-26 22:08:05 UTC
We have now gotten two reports of this happening in Frameworks 5.52: Bug 367480 and in Comment 114.

Stefan, should we re-open this, or are they different crashes?
Comment 119 Nate Graham 2018-12-07 23:05:41 UTC
*** Bug 401659 has been marked as a duplicate of this bug. ***
Comment 120 Nate Graham 2018-12-07 23:06:14 UTC
Just got a third one (Bug 367480). Re-opening this. :(
Comment 121 Nate Graham 2018-12-08 04:30:16 UTC
*** Bug 401852 has been marked as a duplicate of this bug. ***
Comment 122 Nate Graham 2018-12-11 18:21:18 UTC
*** Bug 401990 has been marked as a duplicate of this bug. ***
Comment 123 Reinhard Auner 2018-12-20 19:16:06 UTC
Created attachment 117034 [details]
New crash information added by DrKonqi

baloo_file (5.45.0) using Qt 5.9.4

- What I was doing when the application crashed:

I was surfing the internet, had amarok running, nothing else.

-- Backtrace (Reduced):
#7  0x00007fd2e3905a93 in memcpy (__len=2067, __src=<optimized out>, __dest=<optimized out>) at /usr/include/bits/string_fortified.h:34
#8  Baloo::PostingCodec::decode (this=this@entry=0x7fd2d93a98f7, arr=...) at /usr/src/debug/baloo5-5.45.0-lp150.2.1.x86_64/src/codecs/postingcodec.cpp:42
#9  0x00007fd2e38f6f64 in Baloo::PostingDB::get (this=this@entry=0x7fd2d93a99e0, term=...) at /usr/src/debug/baloo5-5.45.0-lp150.2.1.x86_64/src/engine/postingdb.cpp:100
#10 0x00007fd2e3903180 in Baloo::WriteTransaction::commit (this=0x7f92cc008570) at /usr/src/debug/baloo5-5.45.0-lp150.2.1.x86_64/src/engine/writetransaction.cpp:259
#11 0x00007fd2e38fc4c2 in Baloo::Transaction::commit (this=this@entry=0x7fd2d93a9af0) at /usr/src/debug/baloo5-5.45.0-lp150.2.1.x86_64/src/engine/transaction.cpp:262
Comment 124 Nate Graham 2018-12-30 17:15:58 UTC
*** Bug 402698 has been marked as a duplicate of this bug. ***
Comment 125 Nate Graham 2018-12-31 06:06:39 UTC
*** Bug 402684 has been marked as a duplicate of this bug. ***
Comment 126 Wantoyo 2019-01-04 00:41:59 UTC
Created attachment 117274 [details]
New crash information added by DrKonqi

baloo_file (5.53.0) using Qt 5.12.0

- What I was doing when the application crashed:

I'm just startup my system login and suddenly show this bug on pupup notifications

-- Backtrace (Reduced):
#7  0x00007f382076d8cd in memcpy (__len=203667448, __src=0x7ef80c2f44a8, __dest=<optimized out>) at /usr/include/bits/string_fortified.h:34
#8  Baloo::PostingCodec::decode (this=this@entry=0x7f381a1438c7, arr=...) at /usr/src/debug/baloo5-5.53.0-1.1.x86_64/src/codecs/postingcodec.cpp:42
#9  0x00007f382075aee9 in Baloo::PostingDB::get (this=this@entry=0x7f381a1439b0, term=...) at /usr/src/debug/baloo5-5.53.0-1.1.x86_64/src/engine/postingdb.cpp:100
#10 0x00007f382076b13a in Baloo::WriteTransaction::commit (this=0x7ef80c003400) at /usr/src/debug/baloo5-5.53.0-1.1.x86_64/src/engine/writetransaction.cpp:275
#11 0x00007f3820761712 in Baloo::Transaction::commit (this=this@entry=0x7f381a143ae0) at /usr/src/debug/baloo5-5.53.0-1.1.x86_64/src/engine/transaction.cpp:269
Comment 127 Tim Mason 2019-01-09 17:40:50 UTC
Created attachment 117370 [details]
backtrace
Comment 128 Valerii Malov 2019-02-02 12:01:04 UTC
This seems to be a somewhat multi-layered issue

A lot of crashes seem to be caused by unsafe handling of LMDB calls, namely mdb_dbi_open, mdb_dbi_create and mdb_dbi_get aren't checked for errors other than MDB_NOTFOUND, which allows the application to proceed as normal even if the call erorred out, so the output buffers passed to those functions aren't filled out. What makes it worse is that those buffers aren't initalized in the baloo engine either, so we end up with random database handles and random value pointers. Then those random handles/pointers are passed somewhere else where they cause a crash.

As a workardound I've added more strict error checks across baloo engine, if anyone wants to help with the review or testing:
https://phabricator.kde.org/D18664
Posting in the most popular bug to expedite things (^:

Hard to tell exactly which crashes on the bugtracker this addresses due to nature of crashes. This fixes crashes I've had on my machine, however this doesn't really address other issues.

First, I have no idea why baloo makes so many calls that fail in the first place (corrupted database?). In my case after applying the fix on each run it's spending around 5-10 minutes using 1 core for 100%, spamming logs with a MDB_BAD_TXN error, and then calms down.  From user point of view this is probably worse than crashing.

Second, overall I think baloo engine needs some refactoring because it has a lot of duplicate code. Probably a proper way to fix this would be a safe wrapper around LMDB api.
Comment 129 Nate Graham 2019-02-05 20:08:02 UTC
*** Bug 403954 has been marked as a duplicate of this bug. ***
Comment 130 Nate Graham 2019-02-08 17:41:16 UTC
*** Bug 404097 has been marked as a duplicate of this bug. ***
Comment 131 Nate Graham 2019-02-11 20:10:51 UTC
*** Bug 404140 has been marked as a duplicate of this bug. ***
Comment 132 Kern 2019-02-21 23:11:35 UTC
Created attachment 118263 [details]
New crash information added by DrKonqi

baloo_file_extractor (5.54.0) using Qt 5.11.1

- What I was doing when the application crashed:
I was attempting to install a theme by unzipping a theme to my default folder. The option to install or close was presented in systemsettings5 and I clicked close. 

Tried 2nd time to install but it would not create a dir. I don't have a user nor default sddm.conf, so I tried using 'sddm -configure' but that didn't work so I restarted sddm in TTY. 

Once in desktop, my taskbar was filled with weird symbols and my title bars are currently missing so I can only see half of the error report. Running 'sddm sddm-kcm' gives me this (apologies for the poor formatting, when I try to click 'help and examples' I am spammed with Wine browsers infinitely until I run pkill wine*):

[14:58:10.719] (II) DAEMON: Running: /usr/bin/X -nolisten tcp -auth /var/run/sddm/{3d2453e3-66f9-44d0-888c-c76ca5528a4f} -background none -noreset -displayfd 16 -seat seat0 vt1
[14:58:10.721] (EE) DAEMON: Failed to read display number from pipe
[14:58:10.721] (EE) DAEMON: Display server failed to start. Exiting
Aborted (core dumped)

Running 'sudo sddm sddm-kcm' hangs. It's probably related to the missing titlebars due to ownership of my own userfiles being root.
 	
- Unusual behavior I noticed:
Title bars missing, global shortcuts not working such as alt + tab (my own are, though; ctrl + alt + T for terminal for instance), resizing windows not working, wine browser is not set as a default application to open webpages and somehow opens infinitely. This is my first report so I'm not sure if I should be including all of this, I'd gladly submit separate reports given an understanding and ability to do so. 

Many packages for themes in repos are downloaded in a tar ball that need to be manually unzipped. 

- Custom settings of the application:
Baloo is untouched, attempt of custom KDE theme, 18.10 backports from PPA.

-- Backtrace (Reduced):
#6  __memmove_avx_unaligned_erms () at ../sysdeps/x86_64/multiarch/memmove-vec-unaligned-erms.S:432
[...]
#8  0x00007fca984f3ee9 in Baloo::PostingDB::get(QByteArray const&) () from /usr/lib/x86_64-linux-gnu/libKF5BalooEngine.so.5
#9  0x00007fca9850413a in Baloo::WriteTransaction::commit() () from /usr/lib/x86_64-linux-gnu/libKF5BalooEngine.so.5
#10 0x00007fca984fa712 in Baloo::Transaction::commit() () from /usr/lib/x86_64-linux-gnu/libKF5BalooEngine.so.5
[...]
#13 0x00007fca974a8f4b in QObject::event(QEvent*) () from /usr/lib/x86_64-linux-gnu/libQt5Core.so.5
Comment 133 Nate Graham 2019-02-26 04:46:29 UTC
*** Bug 404758 has been marked as a duplicate of this bug. ***
Comment 134 Nate Graham 2019-03-07 23:52:59 UTC
*** Bug 404729 has been marked as a duplicate of this bug. ***
Comment 135 Nate Graham 2019-03-07 23:53:20 UTC
*** Bug 405183 has been marked as a duplicate of this bug. ***
Comment 136 Valerii Malov 2019-03-13 21:50:41 UTC
Git commit eb68430ae5f4fc4c4a2e5b1798683ff6a639ad3d by Valerii Malov.
Committed on 13/03/2019 at 21:50.
Pushed by valeriymalov into branch 'master'.

Baloo engine: treat every non-success code as a failure

Summary:
Treating only MDB_NOTFOUND as an error leads to use of uninitliazed
pointers and handle IDs in other cases (e.g. when get fails with
MDB_BAD_TXN) and wreaks havoc in the application.
Related: bug 361186, bug 390823, bug 372880, bug 395888, bug 403720

Reviewers: #baloo, bruns, poboiko

Reviewed By: #baloo, bruns

Subscribers: cullmann, ngraham, bruns, kde-frameworks-devel, #baloo

Tags: #frameworks, #baloo

Differential Revision: https://phabricator.kde.org/D18664

M  +12   -9    src/engine/database.cpp
M  +26   -17   src/engine/documentdatadb.cpp
M  +30   -22   src/engine/documentdb.cpp
M  +30   -22   src/engine/documentiddb.cpp
M  +25   -16   src/engine/documenttimedb.cpp
M  +0    -1    src/engine/documenturldb.cpp
M  +4    -3    src/engine/documenturldb.h
M  +4    -5    src/engine/fsutils.cpp
M  +28   -15   src/engine/idfilenamedb.cpp
M  +22   -13   src/engine/idtreedb.cpp
M  +37   -29   src/engine/mtimedb.cpp
M  +0    -2    src/engine/phraseanditerator.cpp
M  +24   -19   src/engine/positiondb.cpp
M  +31   -27   src/engine/postingdb.cpp
M  +47   -13   src/engine/transaction.cpp
M  +4    -4    src/engine/transaction.h
M  +3    -2    src/file/extractorprocess.cpp
M  +5    -5    src/file/fileindexscheduler.cpp
M  +5    -4    src/file/indexcleaner.cpp
M  +0    -1    src/file/main.cpp
M  +1    -1    src/file/metadatamover.cpp

https://commits.kde.org/baloo/eb68430ae5f4fc4c4a2e5b1798683ff6a639ad3d
Comment 137 Nate Graham 2019-03-17 14:02:20 UTC
*** Bug 405315 has been marked as a duplicate of this bug. ***
Comment 138 Nate Graham 2019-04-01 17:39:09 UTC
*** Bug 405972 has been marked as a duplicate of this bug. ***
Comment 139 Christoph Feck 2019-04-25 09:46:38 UTC
*** Bug 406210 has been marked as a duplicate of this bug. ***
Comment 140 Nate Graham 2019-06-02 18:52:18 UTC
*** Bug 408098 has been marked as a duplicate of this bug. ***
Comment 141 Nate Graham 2019-06-13 20:47:21 UTC
*** Bug 408651 has been marked as a duplicate of this bug. ***
Comment 142 Nate Graham 2019-08-19 15:50:01 UTC
*** Bug 411060 has been marked as a duplicate of this bug. ***
Comment 143 Nate Graham 2019-09-03 17:08:13 UTC
*** Bug 411546 has been marked as a duplicate of this bug. ***
Comment 144 Nate Graham 2019-11-19 15:52:22 UTC
*** Bug 414197 has been marked as a duplicate of this bug. ***
Comment 145 Nate Graham 2020-10-26 15:47:07 UTC
No duplicate bug reports seen in almost a year. After all the bugfixing work done during that tie, I think we can call this fixed!