[kde] [Bug 358752] New: strigita_torrent_analyzer causes deepgrep to crash
Göran Uddeborg via KDE Bugzilla
bugzilla_noreply at kde.org
Fri Jan 29 22:18:01 GMT 2016
https://bugs.kde.org/show_bug.cgi?id=358752
Bug ID: 358752
Summary: strigita_torrent_analyzer causes deepgrep to crash
Product: kde
Version: unspecified
Platform: Fedora RPMs
OS: Linux
Status: UNCONFIRMED
Severity: crash
Priority: NOR
Component: general
Assignee: unassigned-bugs at kde.org
Reporter: goeran at uddeborg.se
After installing kdenetwork-strigi-analyzers, the command "deepgrep" crashes
immediately on invocation.
Reproducible: Always
Steps to Reproduce:
1. Install strigi and kdenetwork-strigi-analyzers
2. deepgrep xyz .
Actual Results:
Segmentation violation crash (with core dump if enabled).
Expected Results:
No crash.
I couldn't find the appropriate version in the version field above, but these
are the RPMs I have installed:
kdenetwork-strigi-analyzers-15.04.2-4.fc23.x86_64
strigi-0.7.8-11.fc23.x86_64
I initially filed a Fedora bugzilla
(https://bugzilla.redhat.com/show_bug.cgi?id=1302879) but got the advice to do
this upstreams report.
See below for the backtrace of the crash. I tried to understand what is wrong,
but ended up in a "how could this possibly have worked" situation instead.
In StreamAnalyzerPrivate::analyze (in the strigi code) a loop is executed as
long as "input" is 0 or one other case. So here clearly input==0 is expected.
Then connectInputStream(input) is called on the iterated object, in this case a
TorrentThroughAnalyzer.
In TorrentThroughAnalyzer.connectInputStream() a ByteStream object is created
from the (possibly 0) "input". ByteStream initializes its "m_input" member
directly from the argument. Then the prefix ++ operator is called on that new
stream.
ByteStream::operator++() calls refillBuffer if the "m_buffer" element is zero,
which it will be since it was just initialized to zero on stream creation.
And in ByteStream::refillBuffer() the member function read() of "m_input" is
called. As "m_input" is still zero, I can't see how this ever could have
worked. C++ can do many strange things under the hood, and I've been fooled
before. But surely, a call of a virtual member function requires a valid
object pointer, doesn't it?
#0 0x00007f507af7521a in ByteStream::refillBuffer (this=0x7ffe980a4470) at
../../torrent/bytestream.cpp:63
#1 0x00007f507af7533d in ByteStream::operator++
(this=this at entry=0x7ffe980a4470) at ../../torrent/bytestream.cpp:54
#2 0x00007f507af784e7 in TorrentThroughAnalyzer::connectInputStream
(this=0x5587521e03e0, input=0x0) at ../../torrent/torrent_analyzer.cpp:74
#3 0x00007f507ce28732 in Strigi::StreamAnalyzerPrivate::analyze
(this=0x558752225af0, idx=..., input=input at entry=0x0) at
/usr/src/debug/strigi-0.7.8/libstreamanalyzer/lib/streamanalyzer.cpp:392
#4 0x00007f507ce290d8 in Strigi::StreamAnalyzer::analyze (this=<optimized
out>, idx=..., input=input at entry=0x0) at
/usr/src/debug/strigi-0.7.8/libstreamanalyzer/lib/streamanalyzer.cpp:359
#5 0x00007f507ce03228 in Strigi::AnalysisResult::index
(this=this at entry=0x7ffe980a4600, file=file at entry=0x0) at
/usr/src/debug/strigi-0.7.8/libstreamanalyzer/lib/analysisresult.cpp:235
#6 0x00007f507ce0929a in Strigi::DirAnalyzer::Private::analyzeFile
(this=this at entry=0x5587521ddef0, path=..., mtime=1449744713,
realfile=<optimized out>) at
/usr/src/debug/strigi-0.7.8/libstreamanalyzer/lib/diranalyzer.cpp:111
#7 0x00007f507ce09f37 in Strigi::DirAnalyzer::Private::analyzeDir
(this=0x5587521ddef0, dir=..., nthreads=8, c=<optimized out>, lastToSkip=...)
at /usr/src/debug/strigi-0.7.8/libstreamanalyzer/lib/diranalyzer.cpp:254
#8 0x00005587502f0a69 in main (argc=<optimized out>, argv=<optimized out>) at
/usr/src/debug/strigi-0.7.8/strigiutils/bin/deepfind/deepgrep.cpp:82
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the Unassigned-bugs
mailing list