474747 – akonadi_indexing_agent crashing repeatedly

Bug 474747 - akonadi_indexing_agent crashing repeatedly

Summary: akonadi_indexing_agent crashing repeatedly

Status:	RESOLVED FIXED

Alias:	None

Product:	Akonadi
Classification:	Frameworks and Libraries
Component:	general (show other bugs)
Version:	unspecified
Platform:	Arch Linux Linux

Importance:	NOR crash
Target Milestone:	---
Assignee:	Carl Schwan

URL:
Keywords:	drkonqi

Depends on:
Blocks:

Reported:	2023-09-20 22:11 UTC by nathan
Modified:	2023-11-06 07:21 UTC (History)
CC List:	3 users (show)

See Also:
Latest Commit:	https://invent.kde.org/pim/akonadi-search/-/commit/8421ace60b1befcc751b977fb06cbe179a93bc95
Version Fixed In:

Attachments
Add an attachment

Note You need to log in before you can comment on or make changes to this bug.

Description nathan 2023-09-20 22:11:12 UTC

Application: akonadi_indexing_agent (5.24.1 (23.08.1))

Qt Version: 5.15.10
Frameworks Version: 5.110.0
Operating System: Linux 6.5.3-arch1-1 x86_64
Windowing System: X11
Distribution: EndeavourOS
DrKonqi: 5.27.8 [KCrashBackend]

-- Information about the crash:
Dr. Konqi is reporting repeated crashes of akonadi_indexing_agent, this occurs on boot consistently, and reoccurs after closing the message from Dr. Konqi. I'm using X11 on EndeavourOS/Arch.

The crash can be reproduced every time.

-- Backtrace:
Application: akonadi_indexing_agent (akonadi_indexing_agent), signal: Aborted
Content of s_kcrashErrorMessage: std::unique_ptr<char []> = {get() = <optimized out>}
[KCrash Handler]
#6  __pthread_kill_implementation (threadid=<optimized out>, signo=signo@entry=6, no_tid=no_tid@entry=0) at pthread_kill.c:44
#7  0x00007fbb2048e8a3 in __pthread_kill_internal (signo=6, threadid=<optimized out>) at pthread_kill.c:78
#8  0x00007fbb2043e668 in __GI_raise (sig=sig@entry=6) at ../sysdeps/posix/raise.c:26
#9  0x00007fbb204264b8 in __GI_abort () at abort.c:79
#10 0x000055e63ed17b97 in std::sys::unix::abort_internal () at library/std/src/sys/unix/mod.rs:353
#11 0x000055e63ed15fca in std::panicking::rust_panic_with_hook (payload=..., message=..., location=<optimized out>, can_unwind=false) at library/std/src/panicking.rs:724
#12 0x000055e63ed15c81 in std::panicking::begin_panic_handler::{closure#0} () at library/std/src/panicking.rs:595
#13 0x000055e63ed14c16 in std::sys_common::backtrace::__rust_end_short_backtrace<std::panicking::begin_panic_handler::{closure_env#0}, !> (f=Python Exception <class 'gdb.MemoryError'>: Cannot access memory at address 0x1d08
#14 0x000055e63ed15a12 in std::panicking::begin_panic_handler (info=0x7fffcf0627e0) at library/std/src/panicking.rs:593
#15 0x000055e63ecd1923 in core::panicking::panic_nounwind_fmt (fmt=...) at library/core/src/panicking.rs:96
#16 0x000055e63ecd19c7 in core::panicking::panic_nounwind (expr=...) at library/core/src/panicking.rs:126
#17 0x000055e63ecd1b53 in core::panicking::panic_cannot_unwind () at library/core/src/panicking.rs:189
#18 0x000055e63ed3d389 in cxx::unwind::prevent_unwind<htmlparser::ffi::_::__convert_to_text::{closure_env#0}, ()> (label=..., foreign_call=...) at /build/.cargo/registry/src/index.crates.io-6f17d22bba15001f/cxx-1.0.94/src/unwind.rs:5
#19 0x000055e63ecf5b88 in htmlparser::ffi::_::__convert_to_text (html=0x7fffcf0629a0, __return=0x7fffcf062920) at src/lib.rs:16
#20 0x000055e63ecf57c1 in convert_to_text(rust::cxxbridge1::String) (html=...) at /usr/src/debug/akonadi-search/build/./cargo/build/x86_64-unknown-linux-gnu/debug/build/htmlparser-b236400b5cdc62ff/out/cxxbridge/sources/htmlparser/src/lib.rs.cc:109
#21 0x000055e63ecdb665 in EmailIndexer::processPart(KMime::Content*, KMime::Content*) (this=this@entry=0x55e640d9bab0, content=<optimized out>, mainContent=mainContent@entry=0x0) at /usr/src/debug/akonadi-search/akonadi-search-23.08.1/agent/emailindexer.cpp:257
#22 0x000055e63ecdb825 in EmailIndexer::processPart(KMime::Content*, KMime::Content*) (this=0x55e640d9bab0, content=0x55e642efcea0, mainContent=0x0) at /usr/src/debug/akonadi-search/akonadi-search-23.08.1/agent/emailindexer.cpp:249
#23 0x000055e63ecdccfa in EmailIndexer::index(Akonadi::Item const&) (this=0x55e640d9bab0, item=...) at /usr/src/debug/akonadi-search/akonadi-search-23.08.1/agent/emailindexer.cpp:86
#24 0x000055e63ecf135d in Index::index(Akonadi::Item const&) (this=<optimized out>, item=...) at /usr/src/debug/akonadi-search/akonadi-search-23.08.1/agent/index.cpp:101
#25 0x000055e63eced260 in CollectionIndexingJob::slotPendingItemsReceived(QVector<Akonadi::Item> const&) (this=0x7fbb140132a0, items=<optimized out>) at /usr/src/debug/akonadi-search/akonadi-search-23.08.1/agent/collectionindexingjob.cpp:115
#26 0x00007fbb20ed1637 in QtPrivate::QSlotObjectBase::call(QObject*, void**) (a=0x7fffcf062e20, r=<optimized out>, this=0x55e640e02490, this=<optimized out>, r=<optimized out>, a=<optimized out>) at ../../include/QtCore/../../src/corelib/kernel/qobjectdefs_impl.h:398
#27 doActivate<false>(QObject*, int, void**) (sender=0x7fbb14010dc0, signal_index=25, argv=0x7fffcf062e20) at kernel/qobject.cpp:3925
#28 0x00007fbb21d35f67 in Akonadi::ItemFetchJob::itemsReceived(QVector<Akonadi::Item> const&) (this=this@entry=0x7fbb14010dc0, _t1=...) at /usr/src/debug/akonadi/build/src/core/KPim5AkonadiCore_autogen/include/moc_itemfetchjob.cpp:163
#29 0x00007fbb21d38de8 in Akonadi::ItemFetchJob::doHandleResponse(long long, QSharedPointer<Akonadi::Protocol::Command> const&) (this=0x7fbb14010dc0, tag=<optimized out>, response=<optimized out>) at /usr/src/debug/akonadi/akonadi-23.08.1/src/core/jobs/itemfetchjob.cpp:223
#30 0x00007fbb21d132ac in Akonadi::JobPrivate::handleResponse(long long, QSharedPointer<Akonadi::Protocol::Command> const&) (response=..., tag=5, this=<optimized out>) at /usr/src/debug/akonadi/akonadi-23.08.1/src/core/jobs/job.cpp:68
#31 Akonadi::SessionPrivate::handleCommands() (this=0x55e640b17850) at /usr/src/debug/akonadi/akonadi-23.08.1/src/core/session.cpp:134
#32 0x00007fbb21d14564 in Akonadi::Session::qt_static_metacall(QObject*, QMetaObject::Call, int, void**) (_c=<optimized out>, _a=0x7fbaf002c1a8, _id=<optimized out>, _o=<optimized out>) at /usr/include/c++/13.2.1/bits/unique_ptr.h:199
#33 Akonadi::Session::qt_static_metacall(QObject*, QMetaObject::Call, int, void**) (_o=<optimized out>, _c=<optimized out>, _id=<optimized out>, _a=0x7fbaf002c1a8) at /usr/src/debug/akonadi/build/src/core/KPim5AkonadiCore_autogen/include/moc_session.cpp:74
#34 0x00007fbb20ec4174 in QObject::event(QEvent*) (this=0x55e640ad2270, e=0x7fbaf002c160) at kernel/qobject.cpp:1347
#35 0x00007fbb21f7893f in QApplicationPrivate::notify_helper(QObject*, QEvent*) (this=<optimized out>, receiver=0x55e640ad2270, e=0x7fbaf002c160) at kernel/qapplication.cpp:3640
#36 0x00007fbb20e9c6f8 in QCoreApplication::notifyInternal2(QObject*, QEvent*) (receiver=0x55e640ad2270, event=0x7fbaf002c160) at kernel/qcoreapplication.cpp:1064
#37 0x00007fbb20ea165b in QCoreApplicationPrivate::sendPostedEvents(QObject*, int, QThreadData*) (receiver=0x0, event_type=0, data=0x55e6409b1580) at kernel/qcoreapplication.cpp:1821
#38 0x00007fbb20ee76d8 in postEventSourceDispatch(GSource*, GSourceFunc, gpointer) (s=0x55e640aa6880) at kernel/qeventdispatcher_glib.cpp:277
#39 0x00007fbb1f10df19 in g_main_dispatch (context=0x7fbb14000ec0) at ../glib/glib/gmain.c:3476
#40 0x00007fbb1f16c2b7 in g_main_context_dispatch_unlocked (context=0x7fbb14000ec0) at ../glib/glib/gmain.c:4284
#41 g_main_context_iterate_unlocked.isra.0 (context=context@entry=0x7fbb14000ec0, block=block@entry=1, dispatch=dispatch@entry=1, self=<optimized out>) at ../glib/glib/gmain.c:4349
#42 0x00007fbb1f10c112 in g_main_context_iteration (context=0x7fbb14000ec0, may_block=1) at ../glib/glib/gmain.c:4414
#43 0x00007fbb20eeb51c in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) (this=0x55e640aaafd0, flags=...) at kernel/qeventdispatcher_glib.cpp:423
#44 0x00007fbb20e9b404 in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) (this=this@entry=0x7fffcf0633b0, flags=..., flags@entry=...) at ../../include/QtCore/../../src/corelib/global/qflags.h:69
#45 0x00007fbb20e9c8a3 in QCoreApplication::exec() () at ../../include/QtCore/../../src/corelib/global/qflags.h:121
#46 0x00007fbb2133bef2 in QGuiApplication::exec() () at kernel/qguiapplication.cpp:1870
#47 0x00007fbb21f76cda in QApplication::exec() () at kernel/qapplication.cpp:2832
#48 0x00007fbb22677eea in Akonadi::AgentBase::init(Akonadi::AgentBase&) (r=...) at /usr/src/debug/akonadi/akonadi-23.08.1/src/agentbase/agentbase.cpp:943
#49 0x000055e63ecd85df in Akonadi::AgentBase::init<AkonadiIndexingAgent>(int, char**) (argc=<optimized out>, argv=<optimized out>) at /usr/include/KPim5/AkonadiAgentBase/akonadi/agentbase.h:469
#50 0x00007fbb20427cd0 in __libc_start_call_main (main=main@entry=0x55e63ecd20f0 <main(int, char**)>, argc=argc@entry=3, argv=argv@entry=0x7fffcf063688) at ../sysdeps/nptl/libc_start_call_main.h:58
#51 0x00007fbb20427d8a in __libc_start_main_impl (main=0x55e63ecd20f0 <main(int, char**)>, argc=3, argv=0x7fffcf063688, init=<optimized out>, fini=<optimized out>, rtld_fini=<optimized out>, stack_end=0x7fffcf063678) at ../csu/libc-start.c:360
#52 0x000055e63ecd2125 in _start ()
[Inferior 1 (process 7432) detached]

Reported using DrKonqi

Comment 1 dehe_tian 2023-09-25 05:24:33 UTC

I can confirm this issue too.
---
Operating System: Arch Linux 
KDE Plasma Version: 5.27.8
KDE Frameworks Version: 5.110.0
Qt Version: 5.15.10
Kernel Version: 6.5.2-arch1-2-lily (64-bit)
Graphics Platform: X11

Comment 2 Carl Schwan 2023-09-27 08:11:10 UTC

I can't reproduce the issue locally and the crash seems to happen in the rust part of the indexer which should converted untrusted html code to plain text. The backtrace is not that helpful since it only contains 'Cannot access memory at address 0x1d08' as interesting bits which doesn't explain much where the issue happens.

I added some explicit unit tests to test the conversion from html to plain text: https://invent.kde.org/pim/akonadi-search/-/commit/97bbcee3336e52162bab3f5c2116a4dd6805f085 but that doesn't trigger any crash. I have a small suspicion that this might be caused by a linking issue somewhere on Arch but I don't have a test system with arch to test that.

Comment 3 Carl Schwan 2023-09-27 08:14:06 UTC

Probably a good idea would be to move the conversion from html to plain text as even rust is not a silver bullet.

Comment 4 Bug Janitor Service 2023-09-27 08:47:36 UTC

A possibly relevant merge request was started @ https://invent.kde.org/pim/akonadi-search/-/merge_requests/26

Comment 5 Carl Schwan 2023-09-27 08:55:14 UTC

Git commit 299c4d3144413edab1d9ff8c0d687f0979cd4c91 by Carl Schwan.
Committed on 27/09/2023 at 10:49.
Pushed by carlschwan into branch 'master'.

Move convertion from html to text out-of-process

This will decrease futher the likelihood of the indexer crashing on
invalid html.

M  +25   -9    agent/CMakeLists.txt
M  +1    -10   agent/autotests/CMakeLists.txt
M  +16   -14   agent/emailindexer.cpp
A  +72   -0    agent/htmltotext.cpp     [License: LGPL(v2.0+)]

https://invent.kde.org/pim/akonadi-search/-/commit/299c4d3144413edab1d9ff8c0d687f0979cd4c91

Comment 6 Carl Schwan 2023-09-27 09:01:23 UTC

Git commit 8421ace60b1befcc751b977fb06cbe179a93bc95 by Carl Schwan.
Committed on 27/09/2023 at 10:59.
Pushed by carlschwan into branch 'release/23.08'.

Move convertion from html to text out-of-process

This will decrease futher the likelihood of the indexer crashing on
invalid html.
(cherry picked from commit 299c4d3144413edab1d9ff8c0d687f0979cd4c91)

M  +25   -9    agent/CMakeLists.txt
M  +16   -14   agent/emailindexer.cpp
A  +72   -0    agent/htmltotext.cpp     [License: LGPL(v2.0+)]

https://invent.kde.org/pim/akonadi-search/-/commit/8421ace60b1befcc751b977fb06cbe179a93bc95