395888 – baloo_file crashes in Baloo::DocTermsCodec::decode()

Bug 395888 - baloo_file crashes in Baloo::DocTermsCodec::decode()

Summary: baloo_file crashes in Baloo::DocTermsCodec::decode()

Status:	RESOLVED FIXED

Alias:	None

Product:	frameworks-baloo
Classification:	Frameworks and Libraries
Component:	Baloo File Daemon (show other bugs)
Version:	5.45.0
Platform:	openSUSE Linux

Importance:	HI crash
Target Milestone:	---
Assignee:	baloo-bugs-null

URL:
Keywords:	drkonqi

Duplicates (2):	364356 401688 (view as bug list)
Depends on:
Blocks:

Reported:	2018-06-26 12:03 UTC by Georges Sancosme
Modified:	2020-10-26 16:15 UTC (History)
CC List:	4 users (show)

See Also:
Latest Commit:
Version Fixed In:

Attachments
New crash information added by DrKonqi (6.52 KB, text/plain) 2018-07-17 06:52 UTC, Georges Sancosme	Details
View All Add an attachment

Note You need to log in before you can comment on or make changes to this bug.

Description Georges Sancosme 2018-06-26 12:03:26 UTC

Application: baloo_file (5.45.0)

Qt Version: 5.9.4
Frameworks Version: 5.45.0
Operating System: Linux 4.12.14-lp150.12.4-default x86_64
Distribution: "openSUSE Leap 15.0"

-- Information about the crash:
Running openSUSE Leap 15.0 with all last updtates
Regular update 
Stopped the machine
New boot up
After login in, Baloo file indexing crashed

The crash can be reproduced every time.

-- Backtrace:
Application: Baloo File Indexing Daemon (baloo_file), signal: Segmentation fault
Using host libthread_db library "/lib64/libthread_db.so.1".
[Current thread is 1 (Thread 0x7f7c7f13c100 (LWP 3477))]

Thread 2 (Thread 0x7f7c74861700 (LWP 3490)):
#0  0x00007f7c7cb7208b in poll () from /lib64/libc.so.6
#1  0x00007f7c7925b109 in ?? () from /usr/lib64/libglib-2.0.so.0
#2  0x00007f7c7925b21c in g_main_context_iteration () from /usr/lib64/libglib-2.0.so.0
#3  0x00007f7c7d7ebc0b in QEventDispatcherGlib::processEvents (this=0x7f7c70000b10, flags=...) at kernel/qeventdispatcher_glib.cpp:425
#4  0x00007f7c7d79409a in QEventLoop::exec (this=this@entry=0x7f7c74860ca0, flags=..., flags@entry=...) at kernel/qeventloop.cpp:212
#5  0x00007f7c7d5c34da in QThread::exec (this=<optimized out>) at thread/qthread.cpp:515
#6  0x00007f7c7ea08985 in ?? () from /usr/lib64/libQt5DBus.so.5
#7  0x00007f7c7d5c80ce in QThreadPrivate::start (arg=0x7f7c7ec78d60) at thread/qthread_unix.cpp:368
#8  0x00007f7c7bbd3559 in start_thread () from /lib64/libpthread.so.0
#9  0x00007f7c7cb7c82f in clone () from /lib64/libc.so.6

Thread 1 (Thread 0x7f7c7f13c100 (LWP 3477)):
[KCrash Handler]
#6  0x00007f7c7e161488 in QByteArray::operator[] (i=0, this=0x7ffebd4a23b8) at /usr/include/qt5/QtCore/qbytearray.h:469
#7  Baloo::DocTermsCodec::decode (this=this@entry=0x7ffebd4a23b7, full=...) at /usr/src/debug/baloo5-5.45.0-lp150.2.1.x86_64/src/codecs/doctermscodec.cpp:60
#8  0x00007f7c7e1440b3 in Baloo::DocumentDB::get (this=this@entry=0x7ffebd4a24c0, docId=<optimized out>, docId@entry=1273700163973612291) at /usr/src/debug/baloo5-5.45.0-lp150.2.1.x86_64/src/engine/documentdb.cpp:99
#9  0x00007f7c7e15e6a0 in Baloo::WriteTransaction::replaceDocument (this=0x55fc8fa93be0, doc=..., operations=...) at /usr/src/debug/baloo5-5.45.0-lp150.2.1.x86_64/src/engine/writetransaction.cpp:200
#10 0x00007f7c7e1584a9 in Baloo::Transaction::replaceDocument (this=this@entry=0x7ffebd4a2750, doc=..., operations=..., operations@entry=...) at /usr/src/debug/baloo5-5.45.0-lp150.2.1.x86_64/src/engine/transaction.cpp:254
#11 0x000055fc8e4df79b in Baloo::MetadataMover::updateMetadata (this=this@entry=0x55fc8f9b8a80, tr=tr@entry=0x7ffebd4a2750, from=..., to=...) at /usr/src/debug/baloo5-5.45.0-lp150.2.1.x86_64/src/file/metadatamover.cpp:116
#12 0x000055fc8e4dfbe6 in Baloo::MetadataMover::moveFileMetadata (this=0x55fc8f9b8a80, from=..., to=...) at /usr/src/debug/baloo5-5.45.0-lp150.2.1.x86_64/src/file/metadatamover.cpp:56
#13 0x00007f7c7d7c314c in QtPrivate::QSlotObjectBase::call (a=0x7ffebd4a2980, r=0x7ffebd4a2f20, this=0x55fc8f9cb230) at ../../include/QtCore/../../src/corelib/kernel/qobject_impl.h:101
#14 QMetaObject::activate (sender=sender@entry=0x55fc8f9b6580, signalOffset=<optimized out>, local_signal_index=local_signal_index@entry=7, argv=argv@entry=0x7ffebd4a2980) at kernel/qobject.cpp:3749
#15 0x00007f7c7d7c3757 in QMetaObject::activate (sender=sender@entry=0x55fc8f9b6580, m=m@entry=0x55fc8e6fbba0 <KInotify::staticMetaObject>, local_signal_index=local_signal_index@entry=7, argv=argv@entry=0x7ffebd4a2980) at kernel/qobject.cpp:3628
#16 0x000055fc8e4e2af4 in KInotify::moved (_t2=..., _t1=..., this=0x55fc8f9b6580) at /usr/src/debug/baloo5-5.45.0-lp150.2.1.x86_64/build/src/file/baloofilecommon_autogen/include/moc_kinotify.cpp:343
#17 KInotify::slotEvent (this=0x55fc8f9b6580, socket=<optimized out>) at /usr/src/debug/baloo5-5.45.0-lp150.2.1.x86_64/src/file/kinotify.cpp:421
#18 0x00007f7c7d7c314c in QtPrivate::QSlotObjectBase::call (a=0x7ffebd4a2ae0, r=0x55fc8f9b6580, this=0x55fc8f9fad30) at ../../include/QtCore/../../src/corelib/kernel/qobject_impl.h:101
#19 QMetaObject::activate (sender=sender@entry=0x55fc8fa34410, signalOffset=<optimized out>, local_signal_index=local_signal_index@entry=0, argv=argv@entry=0x7ffebd4a2ae0) at kernel/qobject.cpp:3749
#20 0x00007f7c7d7c3757 in QMetaObject::activate (sender=sender@entry=0x55fc8fa34410, m=m@entry=0x7f7c7dc4dd40 <QSocketNotifier::staticMetaObject>, local_signal_index=local_signal_index@entry=0, argv=argv@entry=0x7ffebd4a2ae0) at kernel/qobject.cpp:3628
#21 0x00007f7c7d7ceeb8 in QSocketNotifier::activated (this=this@entry=0x55fc8fa34410, _t1=<optimized out>, _t2=...) at .moc/moc_qsocketnotifier.cpp:136
#22 0x00007f7c7d7cf222 in QSocketNotifier::event (this=0x55fc8fa34410, e=0x7ffebd4a2bc0) at kernel/qsocketnotifier.cpp:266
#23 0x00007f7c7d795a71 in doNotify (event=0x7ffebd4a2bc0, receiver=0x55fc8fa34410) at kernel/qcoreapplication.cpp:1091
#24 QCoreApplication::notify (event=<optimized out>, receiver=<optimized out>, this=<optimized out>) at kernel/qcoreapplication.cpp:1077
#25 QCoreApplication::notifyInternal2 (receiver=0x55fc8fa34410, event=event@entry=0x7ffebd4a2bc0) at kernel/qcoreapplication.cpp:1016
#26 0x00007f7c7d7ec7ed in QCoreApplication::sendEvent (event=0x7ffebd4a2bc0, receiver=<optimized out>) at ../../include/QtCore/../../src/corelib/kernel/qcoreapplication.h:233
#27 socketNotifierSourceDispatch (source=0x55fc8f9b05b0) at kernel/qeventdispatcher_glib.cpp:106
#28 0x00007f7c7925af57 in g_main_context_dispatch () from /usr/lib64/libglib-2.0.so.0
#29 0x00007f7c7925b190 in ?? () from /usr/lib64/libglib-2.0.so.0
#30 0x00007f7c7925b21c in g_main_context_iteration () from /usr/lib64/libglib-2.0.so.0
#31 0x00007f7c7d7ebbef in QEventDispatcherGlib::processEvents (this=0x55fc8f9ad990, flags=...) at kernel/qeventdispatcher_glib.cpp:423
#32 0x00007f7c7d79409a in QEventLoop::exec (this=this@entry=0x7ffebd4a2dd0, flags=..., flags@entry=...) at kernel/qeventloop.cpp:212
#33 0x00007f7c7d79c9e4 in QCoreApplication::exec () at kernel/qcoreapplication.cpp:1289
#34 0x000055fc8e4c921c in main (argc=<optimized out>, argv=<optimized out>) at /usr/src/debug/baloo5-5.45.0-lp150.2.1.x86_64/src/file/main.cpp:104

Reported using DrKonqi

Comment 1 Georges Sancosme 2018-07-17 06:52:43 UTC

Created attachment 113982 [details]
New crash information added by DrKonqi

baloo_file (5.45.0) using Qt 5.9.4

Simply at Plasma Workspace startup. Clean startup (boot from scratch) and login.

-- Backtrace (Reduced):
#6  0x00007fcd7a5e6488 in QByteArray::operator[] (i=10960, this=0x7fff6174f418) at /usr/include/qt5/QtCore/qbytearray.h:469
#7  Baloo::DocTermsCodec::decode (this=this@entry=0x7fff6174f417, full=...) at /usr/src/debug/baloo5-5.45.0-lp150.2.1.x86_64/src/codecs/doctermscodec.cpp:60
#8  0x00007fcd7a5c90b3 in Baloo::DocumentDB::get (this=this@entry=0x7fff6174f520, docId=<optimized out>, docId@entry=3467025612831523587) at /usr/src/debug/baloo5-5.45.0-lp150.2.1.x86_64/src/engine/documentdb.cpp:99
#9  0x00007fcd7a5e26b3 in Baloo::WriteTransaction::removeDocument (this=this@entry=0x556dfddeb960, id=id@entry=3467025612831523587) at /usr/src/debug/baloo5-5.45.0-lp150.2.1.x86_64/src/engine/writetransaction.cpp:123
#10 0x00007fcd7a5e31e5 in Baloo::WriteTransaction::removeRecursively (this=0x556dfddeb960, parentId=3467025612831523587) at /usr/src/debug/baloo5-5.45.0-lp150.2.1.x86_64/src/engine/writetransaction.cpp:166

Comment 2 Nate Graham 2018-11-26 19:30:22 UTC

*** Bug 364356 has been marked as a duplicate of this bug. ***

Comment 3 Nate Graham 2018-12-07 23:01:41 UTC

*** Bug 401688 has been marked as a duplicate of this bug. ***

Comment 4 Valerii Malov 2019-03-13 21:50:40 UTC

Git commit eb68430ae5f4fc4c4a2e5b1798683ff6a639ad3d by Valerii Malov.
Committed on 13/03/2019 at 21:50.
Pushed by valeriymalov into branch 'master'.

Baloo engine: treat every non-success code as a failure

Summary:
Treating only MDB_NOTFOUND as an error leads to use of uninitliazed
pointers and handle IDs in other cases (e.g. when get fails with
MDB_BAD_TXN) and wreaks havoc in the application.
Related: bug 361186, bug 390823, bug 372880, bug 367480, bug 403720

Reviewers: #baloo, bruns, poboiko

Reviewed By: #baloo, bruns

Subscribers: cullmann, ngraham, bruns, kde-frameworks-devel, #baloo

Tags: #frameworks, #baloo

Differential Revision: https://phabricator.kde.org/D18664

M  +12   -9    src/engine/database.cpp
M  +26   -17   src/engine/documentdatadb.cpp
M  +30   -22   src/engine/documentdb.cpp
M  +30   -22   src/engine/documentiddb.cpp
M  +25   -16   src/engine/documenttimedb.cpp
M  +0    -1    src/engine/documenturldb.cpp
M  +4    -3    src/engine/documenturldb.h
M  +4    -5    src/engine/fsutils.cpp
M  +28   -15   src/engine/idfilenamedb.cpp
M  +22   -13   src/engine/idtreedb.cpp
M  +37   -29   src/engine/mtimedb.cpp
M  +0    -2    src/engine/phraseanditerator.cpp
M  +24   -19   src/engine/positiondb.cpp
M  +31   -27   src/engine/postingdb.cpp
M  +47   -13   src/engine/transaction.cpp
M  +4    -4    src/engine/transaction.h
M  +3    -2    src/file/extractorprocess.cpp
M  +5    -5    src/file/fileindexscheduler.cpp
M  +5    -4    src/file/indexcleaner.cpp
M  +0    -1    src/file/main.cpp
M  +1    -1    src/file/metadatamover.cpp

https://commits.kde.org/baloo/eb68430ae5f4fc4c4a2e5b1798683ff6a639ad3d

Comment 5 Nate Graham 2020-10-26 16:15:58 UTC

No duplicate bug reports seen in over a year. After all the bugfixing work done during that time, I think we can call this fixed!