Bug 892283 - [abrt] pragha-1.1.1-1.fc17: _IO_ftell: Process /usr/bin/pragha was killed by signal 11 (SIGSEGV)
Summary: [abrt] pragha-1.1.1-1.fc17: _IO_ftell: Process /usr/bin/pragha was killed by ...
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Fedora
Classification: Fedora
Component: taglib
Version: 17
Hardware: i686
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
Assignee: Rex Dieter
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard: abrt_hash:66aa0f9eb4d768d69cea6cfae5e...
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2013-01-06 10:13 UTC by Diego
Modified: 2013-10-09 14:44 UTC (History)
3 users (show)

Fixed In Version: pragha-1.1.2.1-2.fc20
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2013-02-27 02:31:52 UTC


Attachments (Terms of Use)
File: core_backtrace (758 bytes, text/plain)
2013-01-06 10:13 UTC, Diego
no flags Details
File: environ (1.39 KB, text/plain)
2013-01-06 10:13 UTC, Diego
no flags Details
File: backtrace (16.45 KB, text/plain)
2013-01-06 10:13 UTC, Diego
no flags Details
File: limits (1.29 KB, text/plain)
2013-01-06 10:13 UTC, Diego
no flags Details
File: cgroup (128 bytes, text/plain)
2013-01-06 10:13 UTC, Diego
no flags Details
File: smolt_data (2.28 KB, text/plain)
2013-01-06 10:13 UTC, Diego
no flags Details
File: xsession_errors (622 bytes, text/plain)
2013-01-06 10:13 UTC, Diego
no flags Details
File: executable (15 bytes, text/plain)
2013-01-06 10:13 UTC, Diego
no flags Details
File: maps (34.30 KB, text/plain)
2013-01-06 10:14 UTC, Diego
no flags Details
File: dso_list (11.31 KB, text/plain)
2013-01-06 10:14 UTC, Diego
no flags Details
File: proc_pid_status (772 bytes, text/plain)
2013-01-06 10:14 UTC, Diego
no flags Details
File: var_log_messages (292 bytes, text/plain)
2013-01-06 10:14 UTC, Diego
no flags Details
File: open_fds (545 bytes, text/plain)
2013-01-06 10:14 UTC, Diego
no flags Details
Quick fix patch that solves this immediate problem. (1.44 KB, patch)
2013-02-10 17:31 UTC, Tim Wegener
no flags Details | Diff

Description Diego 2013-01-06 10:13:00 UTC
Description of problem:
I double clicked on a m3u playlist an pagha crashed.

Version-Release number of selected component:
pragha-1.1.1-1.fc17

Additional info:
libreport version: 2.0.18
abrt_version:   2.0.18
backtrace_rating: 4
cmdline:        pragha
crash_function: _IO_ftell
kernel:         3.6.11-1.fc17.i686

truncated backtrace:
:Thread no. 1 (8 frames)
: #0 _IO_ftell at ioftell.c:40
: #1 TagLib::FileStream::tell at /usr/src/debug/taglib-1.8/taglib/toolkit/tfilestream.cpp:371
: #2 TagLib::File::tell at /usr/src/debug/taglib-1.8/taglib/toolkit/tfile.cpp:447
: #3 TagLib::File::find at /usr/src/debug/taglib-1.8/taglib/toolkit/tfile.cpp:260
: #4 TagLib::Ogg::File::nextPage at /usr/src/debug/taglib-1.8/taglib/ogg/oggfile.cpp:232
: #5 TagLib::Ogg::File::packet at /usr/src/debug/taglib-1.8/taglib/ogg/oggfile.cpp:93
: #6 TagLib::Vorbis::File::read at /usr/src/debug/taglib-1.8/taglib/ogg/vorbis/vorbisfile.cpp:124
: #7 ??

Comment 1 Diego 2013-01-06 10:13:03 UTC
Created attachment 673308 [details]
File: core_backtrace

Comment 2 Diego 2013-01-06 10:13:06 UTC
Created attachment 673309 [details]
File: environ

Comment 3 Diego 2013-01-06 10:13:09 UTC
Created attachment 673310 [details]
File: backtrace

Comment 4 Diego 2013-01-06 10:13:11 UTC
Created attachment 673311 [details]
File: limits

Comment 5 Diego 2013-01-06 10:13:14 UTC
Created attachment 673312 [details]
File: cgroup

Comment 6 Diego 2013-01-06 10:13:16 UTC
Created attachment 673313 [details]
File: smolt_data

Comment 7 Diego 2013-01-06 10:13:18 UTC
Created attachment 673314 [details]
File: xsession_errors

Comment 8 Diego 2013-01-06 10:13:20 UTC
Created attachment 673315 [details]
File: executable

Comment 9 Diego 2013-01-06 10:14:14 UTC
Created attachment 673316 [details]
File: maps

Comment 10 Diego 2013-01-06 10:14:16 UTC
Created attachment 673317 [details]
File: dso_list

Comment 11 Diego 2013-01-06 10:14:19 UTC
Created attachment 673318 [details]
File: proc_pid_status

Comment 12 Diego 2013-01-06 10:14:21 UTC
Created attachment 673319 [details]
File: var_log_messages

Comment 13 Diego 2013-01-06 10:14:23 UTC
Created attachment 673320 [details]
File: open_fds

Comment 14 Tim Wegener 2013-02-10 12:06:12 UTC
I've hit a crash in taglib in the same location, but via the clementine audio player. In my case it was attempting to read the tags for a file for which the current user did not have permission to access, but did have permission to access the directory in which it resided. This is readily reproducible.

taglib-1.8-2.fc18.x86_64
clementine-1.0.1-12.fc18.x86_64

#0  __GI__IO_ftell (fp=0x0) at ioftell.c:38
#1  0x00007f19270fb2fd in TagLib::File::find (this=0x7f18b00e71b0, pattern=..., fromOffset=0, before=...) at /usr/src/debug/taglib-1.8/taglib/toolkit/tfile.cpp:260
#2  0x00007f19270e5339 in TagLib::Ogg::File::nextPage (this=this@entry=0x7f18b00e71b0) at /usr/src/debug/taglib-1.8/taglib/ogg/oggfile.cpp:232
#3  0x00007f19270e5d60 in TagLib::Ogg::File::packet (this=0x7f18b00e71b0, i=1) at /usr/src/debug/taglib-1.8/taglib/ogg/oggfile.cpp:93
#4  0x00007f19270ebcf1 in TagLib::Vorbis::File::read (this=this@entry=0x7f18b00e71b0, readProperties=readProperties@entry=true, 
    propertiesStyle=propertiesStyle@entry=TagLib::AudioProperties::Average) at /usr/src/debug/taglib-1.8/taglib/ogg/vorbis/vorbisfile.cpp:124
#5  0x00007f19270ebf29 in TagLib::Vorbis::File::File (this=0x7f18b00e71b0, file=<optimized out>, readProperties=true, propertiesStyle=TagLib::AudioProperties::Average)
    at /usr/src/debug/taglib-1.8/taglib/ogg/vorbis/vorbisfile.cpp:70
#6  0x00007f1927120964 in TagLib::FileRef::create (fileName=0x7f18b00e23f8 "/redacted_yes_read_permission/redacted_no_read_permission.ogg", 
    readAudioProperties=true, audioPropertiesStyle=TagLib::AudioProperties::Average) at /usr/src/debug/taglib-1.8/taglib/fileref.cpp:238
#7  0x00007f192712177f in TagLib::FileRef::FileRef (this=0x7f18b00cf090, fileName=<optimized out>, readAudioProperties=<optimized out>, audioPropertiesStyle=<optimized out>)
    at /usr/src/debug/taglib-1.8/taglib/fileref.cpp:85
#8  0x0000000000571158 in TagLibFileRefFactory::GetFileRef (this=<optimized out>, filename=...) at /usr/src/debug/clementine-1.0.1/src/core/song.cpp:261
#9  0x000000000057ca23 in Song::InitFromFile (this=0x7f18d2ffab10, filename=..., directory_id=-1) at /usr/src/debug/clementine-1.0.1/src/core/song.cpp:477
#10 0x000000000074bdec in LibraryWatcher::ScanNewFile (this=this@entry=0x7f18b0001f20, file=..., path=..., matching_cue=..., 
    cues_processed=cues_processed@entry=0x7f18d2ffacd0) at /usr/src/debug/clementine-1.0.1/src/library/librarywatcher.cpp:491

Comment 15 Tim Wegener 2013-02-10 17:25:56 UTC
Similar issue exists when non-accessible (e.g. non-existent) files are given to taglib for the following formats:
.spx
.ape
.ogg
.oga

Compiling the demo from taglib-devel provides an easy to run reproduction (just give it a non-existent file with one of the above extensions to trigger the segfault):

/usr/share/doc/taglib-devel-1.8/examples/tagreader.cpp

Comment 16 Tim Wegener 2013-02-10 17:31:19 UTC
Created attachment 695858 [details]
Quick fix patch that solves this immediate problem.

This quick fix solves the problem and makes consumers such as clementine happy.
However, a proper fix would involve adding tests and possibly a wider re-factor to generalise checking for files that cannot be opened, so that it doesn't have to be done per file type.

Comment 17 Rex Dieter 2013-02-10 21:46:47 UTC
May be worth querying on taglib mailing list about the provided FileRef api, about guarantees/assumptions one can make about non-existent or non-readable files.

Comment 18 Rex Dieter 2013-02-10 21:48:07 UTC
(hit return too quickly), otherwise Tim's suggested approach per patch in comment #16 seems reasonable.

Comment 19 Rex Dieter 2013-02-10 22:07:03 UTC
Started a mailing list thread on the topic,
http://mail.kde.org/pipermail/taglib-devel/2013-February/002441.html

Comment 20 Rex Dieter 2013-02-11 12:53:50 UTC
Looks like we may have a fix to try out,
https://github.com/taglib/taglib/issues/78

Comment 21 Fedora Update System 2013-02-11 13:16:44 UTC
taglib-1.8-3.20121215git.fc17 has been submitted as an update for Fedora 17.
https://admin.fedoraproject.org/updates/taglib-1.8-3.20121215git.fc17

Comment 22 Fedora Update System 2013-02-11 13:18:52 UTC
taglib-1.8-3.20121215git.fc18 has been submitted as an update for Fedora 18.
https://admin.fedoraproject.org/updates/taglib-1.8-3.20121215git.fc18

Comment 23 Fedora Update System 2013-02-12 04:56:58 UTC
Package taglib-1.8-3.20121215git.fc17:
* should fix your issue,
* was pushed to the Fedora 17 testing repository,
* should be available at your local mirror within two days.
Update it with:
# su -c 'yum update --enablerepo=updates-testing taglib-1.8-3.20121215git.fc17'
as soon as you are able to.
Please go to the following url:
https://admin.fedoraproject.org/updates/FEDORA-2013-2304/taglib-1.8-3.20121215git.fc17
then log in and leave karma (feedback).

Comment 24 Tim Wegener 2013-02-14 11:45:41 UTC
(In reply to comment #17)
> May be worth querying on taglib mailing list about the provided FileRef api,
> about guarantees/assumptions one can make about non-existent or non-readable
> files.


It broke existing consumers with an update, so there was an implicit guarantee.

Anyway, the update in Comment 22 works for me.

Tested with Clementine, Pragha, and the taglib-devel demo. All of these no longer crash when supplied with a non-existent or inaccessible .ogg file. Full library scans in both Clementine and Pragha were successful.

The taglib-devel demo also doesn't crash for non-existent .spx, .ape and .oga.

Thanks, Rex!

Comment 25 Fedora Update System 2013-02-27 02:31:55 UTC
taglib-1.8-3.20121215git.fc17 has been pushed to the Fedora 17 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 26 Fedora Update System 2013-02-27 02:42:42 UTC
taglib-1.8-3.20121215git.fc18 has been pushed to the Fedora 18 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 27 Fedora Update System 2013-09-27 18:40:44 UTC
pragha-1.1.2.1-1.fc20 has been submitted as an update for Fedora 20.
https://admin.fedoraproject.org/updates/pragha-1.1.2.1-1.fc20

Comment 28 Fedora Update System 2013-09-27 18:41:12 UTC
pragha-1.1.2.1-1.fc19 has been submitted as an update for Fedora 19.
https://admin.fedoraproject.org/updates/pragha-1.1.2.1-1.fc19

Comment 29 Fedora Update System 2013-09-27 18:43:27 UTC
pragha-1.1.2.1-1.fc18 has been submitted as an update for Fedora 18.
https://admin.fedoraproject.org/updates/pragha-1.1.2.1-1.fc18

Comment 30 Fedora Update System 2013-10-08 11:27:04 UTC
pragha-1.1.2.1-2.fc18 has been pushed to the Fedora 18 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 31 Fedora Update System 2013-10-08 11:34:50 UTC
pragha-1.1.2.1-2.fc19 has been pushed to the Fedora 19 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 32 Fedora Update System 2013-10-09 14:44:04 UTC
pragha-1.1.2.1-2.fc20 has been pushed to the Fedora 20 stable repository.  If problems still persist, please make note of it in this bug report.


Note You need to log in before you can comment on or make changes to this bug.