Segfault при запросе авторизации от другого клиента

Bug #250508 reported by 0xd34df00d
12
This bug affects 2 people
Affects Status Importance Assigned to Milestone
qutim
Fix Released
Undecided
Unassigned

Bug Description

При запросе авторизации от другого клиента, не находящегося в контакт-листе, qutIM вылетает.
SVN rev 174, дебаг-сборка, Debian lenny/sid.

Программа прогонялась под valgrind'овским callgrind'ом в момент падения. Бектрейс прилагается:
==15166== Process terminating with default action of signal 11 (SIGSEGV)
==15166== Access not within mapped region at address 0x48
==15166== at 0x4C67F1: contactListTree::youWereAdded(unsigned short) (contactlist.cpp:4817)
==15166== by 0x631AE9: contactListTree::qt_metacall(QMetaObject::Call, int, void**) (moc_contactlist.cpp:334)
==15166== by 0x5E18763: QMetaObject::activate(QObject*, int, int, void**) (qobject.cpp:3010)
==15166== by 0x634EB0: snacChannel::youWereAdded(unsigned short) (moc_snacchannel.cpp:294)
==15166== by 0x586C17: snacChannel::readData(unsigned short) (snacchannel.cpp:217)
==15166== by 0x54EE9A: oscarProtocol::readDataFromSocket() (oscarprotocol.cpp:380)
==15166== by 0x63400A: oscarProtocol::qt_metacall(QMetaObject::Call, int, void**) (moc_oscarprotocol.cpp:130)
==15166== by 0x5E18763: QMetaObject::activate(QObject*, int, int, void**) (qobject.cpp:3010)
==15166== by 0x5A393EE: QAbstractSocketPrivate::canReadNotification() (qabstractsocket.cpp:576)
==15166== by 0x5A2A250: QReadNotifier::event(QEvent*) (qnativesocketengine.cpp:974)
==15166== by 0x502CE5C: QApplicationPrivate::notify_helper(QObject*, QEvent*) (qapplication.cpp:3772)
==15166== by 0x5034B29: QApplication::notify(QObject*, QEvent*) (qapplication.cpp:3739)

Последующие попытки выйти в онлайн также завершаются сегфолтом:
(gdb) run
Starting program: /home/d34df00d/Programming/qutim/build/build/bin/qutIM
[Thread debugging using libthread_db enabled]
[New Thread 0x2ac612cf4c30 (LWP 15526)]
[New Thread 0x40800950 (LWP 15533)]

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0x2ac612cf4c30 (LWP 15526)]
0x00000000004d2b98 in contactListTree::getOfflineMessage (this=0xb7ff30)
    at ../protocol/oscar/icq/contactlist.cpp:1618
1618 buddy = new treeBuddyItem(icqUin, statusIconObject->getOfflineIcon(), this, group->offlineList);
(gdb) bt
#0 0x00000000004d2b98 in contactListTree::getOfflineMessage (this=0xb7ff30)
    at ../protocol/oscar/icq/contactlist.cpp:1618
#1 0x0000000000631299 in contactListTree::qt_metacall (this=0xb7ff30, _c=QMetaObject::InvokeMetaMethod,
    _id=24, _a=0x7fff9d5e7b70) at build/moc/moc_contactlist.cpp:295
#2 0x00002ac60e8d8764 in QMetaObject::activate (sender=0xab7420, from_signal_index=<value optimized out>,
    to_signal_index=18, argv=0x15) at kernel/qobject.cpp:3010
#3 0x000000000063505a in snacChannel::getOfflineMessage (this=0xab7420) at build/moc/moc_snacchannel.cpp:246
#4 0x00000000005858bf in snacChannel::getMetaData (this=0xab7420, notAlone=true)
    at ../protocol/oscar/icq/snacchannel.cpp:682
#5 0x0000000000586c79 in snacChannel::readData (this=0xab7420, length=40)
    at ../protocol/oscar/icq/snacchannel.cpp:240
#6 0x000000000054ee9b in oscarProtocol::readDataFromSocket (this=0x9fc070)
    at ../protocol/oscar/icq/oscarprotocol.cpp:380
#7 0x000000000063400b in oscarProtocol::qt_metacall (this=0x9fc070, _c=QMetaObject::InvokeMetaMethod,
    _id=12, _a=0x7fff9d5e7f30) at build/moc/moc_oscarprotocol.cpp:130
#8 0x00002ac60e8d8764 in QMetaObject::activate (sender=0xab2bc0, from_signal_index=<value optimized out>,
    to_signal_index=4, argv=0x15) at kernel/qobject.cpp:3010
#9 0x00002ac60e4f83ef in QAbstractSocketPrivate::canReadNotification (this=0xa87830)
    at socket/qabstractsocket.cpp:576
#10 0x00002ac60e4e9251 in QReadNotifier::event (this=<value optimized out>, e=0x2ac60f8bfc50)
    at socket/qnativesocketengine.cpp:974
#11 0x00002ac60daebe5d in QApplicationPrivate::notify_helper (this=0x9468f0, receiver=0xa666f0,
    e=0x7fff9d5e83b0) at kernel/qapplication.cpp:3772
#12 0x00002ac60daf3b2a in QApplication::notify (this=0x7fff9d5e8830, receiver=0xa666f0, e=0x7fff9d5e83b0)
    at kernel/qapplication.cpp:3739
#13 0x00002ac60e8c4411 in QCoreApplication::notifyInternal (this=0x7fff9d5e8830, receiver=0xa666f0,
    event=0x7fff9d5e83b0) at kernel/qcoreapplication.cpp:587
#14 0x00002ac60e8ecab9 in socketNotifierSourceDispatch (source=0x953ac0)
    at ../../include/QtCore/../../src/corelib/kernel/qcoreapplication.h:215
#15 0x00002ac610376892 in g_main_context_dispatch () from /usr/lib/libglib-2.0.so.0
#16 0x00002ac61037a01d in ?? () from /usr/lib/libglib-2.0.so.0
#17 0x00002ac61037a1db in g_main_context_iteration () from /usr/lib/libglib-2.0.so.0
#18 0x00002ac60e8ec83f in QEventDispatcherGlib::processEvents (this=0x950570, flags=<value optimized out>)
    at kernel/qeventdispatcher_glib.cpp:325
#19 0x00002ac60db7d16f in QGuiEventDispatcherGlib::processEvents (this=0xfe000404,
    flags=<value optimized out>) at kernel/qguieventdispatcher_glib.cpp:204
#20 0x00002ac60e8c2d22 in QEventLoop::processEvents (this=<value optimized out>, flags={i = -1654749744})
    at kernel/qeventloop.cpp:149
#21 0x00002ac60e8c2ead in QEventLoop::exec (this=0x7fff9d5e8610, flags={i = -1654749664})
    at kernel/qeventloop.cpp:200
#22 0x00002ac60e8c537d in QCoreApplication::exec () at kernel/qcoreapplication.cpp:845
#23 0x000000000041ccd8 in main (argc=1, argv=0x7fff9d5e8968) at ../main.cpp:45

Tags: crash qutim
0xd34df00d (0xd34df00d)
Changed in qutim:
status: New → Confirmed
Revision history for this message
0xd34df00d (0xd34df00d) wrote :

gdb показал, что в указываемых строчках переменна group равна 0.

Revision history for this message
0xd34df00d (0xd34df00d) wrote :

Кажется, понятно, в чем ошибка.

Если аккаунт был только создан, и нет еще ни одной группы, то вокруг указанных строчек переменная group будет равна нулю, и соответствующий код будет сегфолтиться. Наверное, надо создавать какую-то группу по умолчанию, если их еще нет, или что-то в этом духе.

Revision history for this message
0xd34df00d (0xd34df00d) wrote :

Предлагаемый фикс. Больше не валится.

Sergei Andreev (seajey)
Changed in qutim:
status: Confirmed → Fix Committed
Changed in qutim:
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.