Bug 749869 – Segfault (not infinite loop) on the second search

After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.

Bug 749869 - Segfault (not infinite loop) on the second search


Summary:	Segfault (not infinite loop) on the second search


Status:	RESOLVED FIXED

Product:	gnome-commander
Classification:	Other
Component:	application
Version:	1.4.x
Hardware:	Other Linux

Importance:	Normal normal
Target Milestone:	1.4
Assigned To:	GNOME Commander maintainer(s)
QA Contact:	GNOME Commander maintainer(s)

URL:
Whiteboard:

Depends on:
Blocks:

Reported:	2015-05-26 02:22 UTC by Mamoru TASAKA
Modified:	2015-05-27 19:32 UTC

See Also:
GNOME target:	---
GNOME version:	---

Attachments
gdb log (39.91 KB, text/x-log) 2015-05-26 02:22 UTC, Mamoru TASAKA		Details
Proposal patch (975 bytes, patch) 2015-05-26 02:36 UTC, Mamoru TASAKA	none	Details \| Review

Description Mamoru TASAKA 2015-05-26 02:22:28 UTC

Created attachment 303961 [details]
gdb log

With gcmd 1.4.6 (not head), the procedure described in bug 748869
i.e.

* launch gnome-commander
* Go to some non-empty directory
* Choose "File"->"Search"
* On "Search" dialog, in the text box right of
  "Path matches regex", type some string (for
  search), e.g. "mp4"
* Type enter key, then search result is shown
  (like "Found 36 matches").
* Then select the above text box (with mouse
  left click) and type enter key again.

now segfaults. Backtrace attached.

Comment 1 Mamoru TASAKA 2015-05-26 02:32:31 UTC

So:

* bug 748869 was when search result was found, the second search
  caused infinite loop, this issue was fixed by resetting default
  response when search result is found.

* And bug 745454 was when search dialog was launched (thus search result
  is empty), pressing enter key may cause segv.
  This was fixed by setting focus to pattern_combo widget.

* Now with this bug (bug 749869), the backtrace seems very similar
  with bug 745454 , but now as search result was already found,
  the focus was explicitly set to data->dialog->priv->result_list
  (not pattern_combo).

  With bug 748869 resolved, this issue did not occur on master branch
  with 5b0b3a469ab426feb596b0edfcc61cde4c0e6e80
  (and a7239bd930cc840b59cbe2b1fed0a49301a78473), however on gcmd
  1.4.6, this still crashes, even with
  7027839f724304afc27528ed35302f838db5b985 and
  e47883cd16c914158b9d20da67b7b06d8c7265a7.

  So backporting mime_exec_file() related fix will fix this, however
  please read below

Comment 2 Mamoru TASAKA 2015-05-26 02:36:57 UTC

Created attachment 303962 [details] [review]
Proposal patch

So this seems because when some matched entry is found,
focus is set to result_list entry, not no entry in result_list
may be chosen yet.

Then the next enter key goes on_list_keypressed(), because
the focus is explicitly chosen on result_list, but no entry
is chosen, then segfaults on mime_exec_file() as get_focus_file()
returns nothing.

So I think when some matched entry is found and no entry is chosen
is set, setting to the top entry should be applied.

Comment 3 Uwe Scholz 2015-05-27 19:32:22 UTC

Yes, this is true. Actually, gcmd does not crash on master branch because commit 5b0b3a4 returns NULL on  mime_exec_file() if the list of found objects is empty. On branch 1.4.6 this check is not applied. Anyway, I like your patch and will commit it on branch gcmd-1-4.