https://bugs.kde.org/show_bug.cgi?id=358752
Bug ID: 358752 Summary: strigita_torrent_analyzer causes deepgrep to crash Product: kde Version: unspecified Platform: Fedora RPMs OS: Linux Status: UNCONFIRMED Severity: crash Priority: NOR Component: general Assignee: unassigned-b...@kde.org Reporter: goe...@uddeborg.se After installing kdenetwork-strigi-analyzers, the command "deepgrep" crashes immediately on invocation. Reproducible: Always Steps to Reproduce: 1. Install strigi and kdenetwork-strigi-analyzers 2. deepgrep xyz . Actual Results: Segmentation violation crash (with core dump if enabled). Expected Results: No crash. I couldn't find the appropriate version in the version field above, but these are the RPMs I have installed: kdenetwork-strigi-analyzers-15.04.2-4.fc23.x86_64 strigi-0.7.8-11.fc23.x86_64 I initially filed a Fedora bugzilla (https://bugzilla.redhat.com/show_bug.cgi?id=1302879) but got the advice to do this upstreams report. See below for the backtrace of the crash. I tried to understand what is wrong, but ended up in a "how could this possibly have worked" situation instead. In StreamAnalyzerPrivate::analyze (in the strigi code) a loop is executed as long as "input" is 0 or one other case. So here clearly input==0 is expected. Then connectInputStream(input) is called on the iterated object, in this case a TorrentThroughAnalyzer. In TorrentThroughAnalyzer.connectInputStream() a ByteStream object is created from the (possibly 0) "input". ByteStream initializes its "m_input" member directly from the argument. Then the prefix ++ operator is called on that new stream. ByteStream::operator++() calls refillBuffer if the "m_buffer" element is zero, which it will be since it was just initialized to zero on stream creation. And in ByteStream::refillBuffer() the member function read() of "m_input" is called. As "m_input" is still zero, I can't see how this ever could have worked. C++ can do many strange things under the hood, and I've been fooled before. But surely, a call of a virtual member function requires a valid object pointer, doesn't it? #0 0x00007f507af7521a in ByteStream::refillBuffer (this=0x7ffe980a4470) at ../../torrent/bytestream.cpp:63 #1 0x00007f507af7533d in ByteStream::operator++ (this=this@entry=0x7ffe980a4470) at ../../torrent/bytestream.cpp:54 #2 0x00007f507af784e7 in TorrentThroughAnalyzer::connectInputStream (this=0x5587521e03e0, input=0x0) at ../../torrent/torrent_analyzer.cpp:74 #3 0x00007f507ce28732 in Strigi::StreamAnalyzerPrivate::analyze (this=0x558752225af0, idx=..., input=input@entry=0x0) at /usr/src/debug/strigi-0.7.8/libstreamanalyzer/lib/streamanalyzer.cpp:392 #4 0x00007f507ce290d8 in Strigi::StreamAnalyzer::analyze (this=<optimized out>, idx=..., input=input@entry=0x0) at /usr/src/debug/strigi-0.7.8/libstreamanalyzer/lib/streamanalyzer.cpp:359 #5 0x00007f507ce03228 in Strigi::AnalysisResult::index (this=this@entry=0x7ffe980a4600, file=file@entry=0x0) at /usr/src/debug/strigi-0.7.8/libstreamanalyzer/lib/analysisresult.cpp:235 #6 0x00007f507ce0929a in Strigi::DirAnalyzer::Private::analyzeFile (this=this@entry=0x5587521ddef0, path=..., mtime=1449744713, realfile=<optimized out>) at /usr/src/debug/strigi-0.7.8/libstreamanalyzer/lib/diranalyzer.cpp:111 #7 0x00007f507ce09f37 in Strigi::DirAnalyzer::Private::analyzeDir (this=0x5587521ddef0, dir=..., nthreads=8, c=<optimized out>, lastToSkip=...) at /usr/src/debug/strigi-0.7.8/libstreamanalyzer/lib/diranalyzer.cpp:254 #8 0x00005587502f0a69 in main (argc=<optimized out>, argv=<optimized out>) at /usr/src/debug/strigi-0.7.8/strigiutils/bin/deepfind/deepgrep.cpp:82 -- You are receiving this mail because: You are watching all bug changes.