talloc_abort in notmuch_thread_get_tags () when db has been modified

2016-01-18 Thread Gaute Hope 

Hi,

a user of astroid [0] ran into a issue [1] (full trace at issue) where
reading a long query causes a talloc_abort in notmuch_thread_get_tags
(). 'notmuch new' is running at the same time, and most likely a thread
in the query has been modified since the query was done. Note that a
notmuch_thread_get_authors () call returns NULL without causing a full
crash. The code causing the crash is:

```
   for (tags = notmuch_thread_get_tags (nm_thread);
notmuch_tags_valid (tags);
notmuch_tags_move_to_next (tags))
   {
 tag = notmuch_tags_get (tags); // tag belongs to tags
   }

   // or db.cc:508 in astroid/src.
```

while:

```
   const char * auths = notmuch_thread_get_authors (nm_thread);
```

returns `NULL`, but does not crash.

Is there a way for me to handle this from the application side?
Admittedly I do keep query objects around for a while
(astroid/src/thread_index.cc:141), but in this case the issue would
probably occur anyway since it simply takes a long time to read the
query.

Regards, Gaute

[0] https://github.com/gauteh/astroid
[1] https://github.com/gauteh/astroid/issues/64
___
notmuch mailing list
notmuch@notmuchmail.org
https://notmuchmail.org/mailman/listinfo/notmuch

Re: talloc_abort in notmuch_thread_get_tags () when db has been modified

2016-01-18 Thread David Bremner 
Gaute Hope  writes:

> Hi,
>
> a user of astroid [0] ran into a issue [1] (full trace at issue) where
> reading a long query causes a talloc_abort in notmuch_thread_get_tags
> (). 'notmuch new' is running at the same time, and most likely a thread
> in the query has been modified since the query was done. Note that a
> notmuch_thread_get_authors () call returns NULL without causing a full
> crash. The code causing the crash is:
>
> ```
> for (tags = notmuch_thread_get_tags (nm_thread);
>  notmuch_tags_valid (tags);
>  notmuch_tags_move_to_next (tags))
> {
>   tag = notmuch_tags_get (tags); // tag belongs to tags
> }
>
> // or db.cc:508 in astroid/src.
> ```
>

The most likely cause of such a crash looks to me like nm_thread is NULL
or corrupted when passed in to get_tags. It's used without checking as a
talloc context, and that call to talloc never returns.
___
notmuch mailing list
notmuch@notmuchmail.org
https://notmuchmail.org/mailman/listinfo/notmuch

Re: talloc_abort in notmuch_thread_get_tags () when db has been modified

2016-01-18 Thread Gaute Hope 

David Bremner writes on January 18, 2016 13:25:

The most likely cause of such a crash looks to me like nm_thread is NULL
or corrupted when passed in to get_tags. It's used without checking as a
talloc context, and that call to talloc never returns.



Ok, I'll check some further. I am checking whether nm_thread is NULL
though, the preceding code is as follows
(astroid/src/modes/thread_index/thread_index.cc:258):

```
   for (;
notmuch_threads_valid (threads);
notmuch_threads_move_to_next (threads)) {

 notmuch_thread_t  * thread;
 thread = notmuch_threads_get (threads);

 if (thread == NULL) {
   log << error << "ti: error: could not get thread." << endl;
   throw database_error ("ti: could not get thread (is NULL)");
 }

 /* test for revision discarded */
 const char * ti = notmuch_thread_get_thread_id (thread);
 if (ti == NULL) {
   log << error << "ti: revision discarded, trying to reopen." << endl;
   reopen_tries++;
   refresh (all, current_thread + count, false);
   return;
 }


 NotmuchThread *t = new NotmuchThread (thread); // get_tags is inside here

 notmuch_thread_destroy (thread);

```

(note that there is a bit of code there trying to determine whether the
db is still valid, or needs to be re-opened)

- g
___
notmuch mailing list
notmuch@notmuchmail.org
https://notmuchmail.org/mailman/listinfo/notmuch