Qgit crashes on some malformed git repos

[hosiet]

I'm using qgit 2.8 from Debian and found that qgit will crash on some certain git repositories.

Downstream Debian report: https://bugs.debian.org/926327

Compressed git repo: https://drive.google.com/open?id=1yMVLNQ3t6JP4n3Nv_Cnsp7mPrLhT3rQ1

Methods to reproduce:

1. extract the broken git repo from .tar.xz tarball
2. run "qgit" within the working directory
3. select "whole history" in range selection
4. the program will crash.

-> % qgit
ASSERT in Cache::load, corrupted SHA after �yyy�
ERROR: unable to load file names cache
[1]    17309 segmentation fault  qgit

[eraxillan]

Hi @hosiet!
Well, i was unable to reproduce your issue.
My setup: qgit built from sources from master branch, git version 2.21.0, macOS.

qgit just show warning:
warning: inexact rename detection was skipped due to too many files.
warning: you may want to set your diff.renameLimit variable to at least 3439 and retry the command.
but do not crash.

Probably Debian guys should upgrade qgit package and/or git itself.

[hosiet]

Hi @eraxillan ,

I rebuilt qgit from git master with git version either 2.20.1 or 2.22.0 (20190519 snapshot). Maybe this issue is specific to Linux. Anyway we need further investigation.

[hosiet]

Took a look at the backtrace:

Thread 1 "qgit" received signal SIGSEGV, Segmentation fault.
__strcmp_avx2 () at ../sysdeps/x86_64/multiarch/strcmp-avx2.S:737
(gdb) bt full
#0  __strcmp_avx2 () at ../sysdeps/x86_64/multiarch/strcmp-avx2.S:737
No locals.
#1  0x00005555555b2b34 in ShaString::operator== (o=..., this=0x555559a1d138) at /usr/include/x86_64-linux-gnu/qt5/QtCore/qstring.h:101
No locals.
#2  QHashNode<ShaString, RevFile const*>::same_key (key0=..., h0=429446115, this=<optimized out>) at /usr/include/x86_64-linux-gnu/qt5/QtCore/qhash.h:158
        h0 = 429446115
        key0 = @0x555559a1d138: {<QLatin1String> = {m_size = 40, m_data = 0x555557258b56 "d39038c17538de9588910d274960c06d5cb7d4f9"}, <No data fields>}
        this = <optimized out>
#3  QHash<ShaString, RevFile const*>::findNode (this=this@entry=0x555555dd1f98, akey=..., h=429446115) at /usr/include/x86_64-linux-gnu/qt5/QtCore/qhash.h:917
        node = 0x5555569dff98
#4  0x00005555555e733c in QHash<ShaString, RevFile const*>::findNode (this=this@entry=0x555555dd1f98, akey=..., ahp=ahp@entry=0x0) at /usr/include/x86_64-linux-gnu/qt5/QtCore/qhashfunctions.h:111
        h = <optimized out>
#5  0x00005555555d9226 in QHash<ShaString, RevFile const*>::contains (akey=..., this=0x555555dd1f98) at /usr/include/x86_64-linux-gnu/qt5/QtCore/qhash.h:904
No locals.
#6  Git::loadFileNames (this=0x555555dd1ee0) at ./src/git.cpp:2499
        it = 0x555559a1d138
        _eit_ = 0x555559c0fd78
        revCnt = 410
        diffTreeBuf = {static null = {<No data fields>}, d = 0x55555c84fe80}
#7  0x00007ffff7139906 in QMetaObject::activate(QObject*, int, int, void**) () from /lib/x86_64-linux-gnu/libQt5Core.so.5
No symbol table info available.
#8  0x00007ffff7145593 in ?? () from /lib/x86_64-linux-gnu/libQt5Core.so.5
No symbol table info available.
#9  0x00007ffff713a13b in QObject::event(QEvent*) () from /lib/x86_64-linux-gnu/libQt5Core.so.5
No symbol table info available.
#10 0x00007ffff7a8b4b1 in QApplicationPrivate::notify_helper(QObject*, QEvent*) () from /lib/x86_64-linux-gnu/libQt5Widgets.so.5
No symbol table info available.
#11 0x00007ffff7a92950 in QApplication::notify(QObject*, QEvent*) () from /lib/x86_64-linux-gnu/libQt5Widgets.so.5
No symbol table info available.
#12 0x00007ffff71105a9 in QCoreApplication::notifyInternal2(QObject*, QEvent*) () from /lib/x86_64-linux-gnu/libQt5Core.so.5
No symbol table info available.
#13 0x00007ffff7160c78 in QTimerInfoList::activateTimers() () from /lib/x86_64-linux-gnu/libQt5Core.so.5
No symbol table info available.
#14 0x00007ffff71614d4 in ?? () from /lib/x86_64-linux-gnu/libQt5Core.so.5
No symbol table info available.
#15 0x00007ffff5fa7f2e in g_main_dispatch (context=0x7fffec004ff0) at ../../../glib/gmain.c:3182
        dispatch = 0x7ffff71614b0
        prev_source = 0x0
        was_in_call = 0
        user_data = 0x0
        callback = 0x0
        cb_funcs = <optimized out>
        cb_data = <optimized out>
        need_destroy = <optimized out>
        source = 0x55555581a2f0
        current = 0x55555578f650
        i = 0
        current = <optimized out>
        i = <optimized out>
        __FUNCTION__ = "g_main_dispatch"
        source = <optimized out>
        _g_boolean_var_ = <optimized out>
        was_in_call = <optimized out>
        user_data = <optimized out>
        callback = <optimized out>
        cb_funcs = <optimized out>
        cb_data = <optimized out>
        need_destroy = <optimized out>
        dispatch = <optimized out>
        prev_source = <optimized out>
        _g_boolean_var_ = <optimized out>
#16 g_main_context_dispatch (context=context@entry=0x7fffec004ff0) at ../../../glib/gmain.c:3847
No locals.
#17 0x00007ffff5fa81c8 in g_main_context_iterate (context=context@entry=0x7fffec004ff0, block=block@entry=1, dispatch=dispatch@entry=1, self=<optimized out>) at ../../../glib/gmain.c:3920
        max_priority = 2147483647
        timeout = 486
        some_ready = 1
        nfds = <optimized out>
        allocated_nfds = 10
        fds = 0x555556aa7d70
#18 0x00007ffff5fa825c in g_main_context_iteration (context=0x7fffec004ff0, may_block=1) at ../../../glib/gmain.c:3981
        retval = <optimized out>
#19 0x00007ffff7161863 in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /lib/x86_64-linux-gnu/libQt5Core.so.5
No symbol table info available.
#20 0x00007ffff37773e1 in ?? () from /lib/x86_64-linux-gnu/libQt5XcbQpa.so.5
No symbol table info available.
#21 0x00007ffff710f27b in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () from /lib/x86_64-linux-gnu/libQt5Core.so.5
No symbol table info available.
#22 0x00007ffff7117262 in QCoreApplication::exec() () from /lib/x86_64-linux-gnu/libQt5Core.so.5
No symbol table info available.
#23 0x00005555555a812d in main (argc=<optimized out>, argv=<optimized out>) at ./src/qgit.cpp:39
        app = <incomplete type>
        set = <incomplete type>
        mainWin = 0x55555585ebb0
        ret = <optimized out>

Not quite sure what happened but the problem should be in Git::loadFileNames of src/git.cpp. BTW this backtrace was from qgit 2.8 ( https://sources.debian.org/src/qgit/2.8-1/src/git.cpp/#L2499 ).

[tibirna]

From the first error message you report, your cache file became corrupt somehow.

Please go to the root of your webwml repo and do

mv .git/qgit_cache.dat .

Then launch qgit again. It will not crash this time and it will continue to work properly. If you inspect the two cache files:

ls ./qgit_cache.dat .git/qgit_cache.dat

you will see that the first (the one you moved aside initially) is much smaller in size.

I don't know how this could happen, but I guess you might have lacked disk space at some time or stopped qgit by killing it e.g. with SIGKILL just as it was writing its cache.

This is a bug in the sense that qgit doesn't gracefully recover from such situations (should just regenerate the cache if it can't read it). Thanks for reporting.

[tibirna]

Please see #71

[hosiet]

Thanks. By moving the old qgit_cache.dat away, qgit is no longer crashing:

% LC_ALL=C ls -la ./qgit_cache.dat .git/qgit_cache.dat
-rw-r--r-- 1 hosiet hosiet 4942262 Apr  3 11:25 ./qgit_cache.dat
-rw-r--r-- 1 hosiet hosiet   35399 May 26 14:18 .git/qgit_cache.dat

Looking forward to the future fix for corrupted qgit cache file.