1 Reply Latest reply: May 8, 2012 8:51 AM by danieldk RSS

    Segmentation fault in UnionIterator::seek()

    danieldk
      When executing the query:

      //node[@cat='conj' and count(node[@rel='crd'])=1 and count(node[@rel='cnj'])=2 and number(@begin)=number(@end)-3 and node[@rel='cnj']/@pt != node[@rel='cnj']/@pt]

      We get a segmentation fault in UnionIterator::seek():

      ---
      Program received signal EXC_BAD_ACCESS, Could not access memory.
      Reason: KERN_INVALID_ADDRESS at address: 0x0000000000000000
      [Switching to process 2203 thread 0x580b]
      0x0000000101ee97bc in DbXml::UnionIterator::seek ()
      (gdb) bt
      #0 0x0000000101ee97bc in DbXml::UnionIterator::seek ()
      #1 0x0000000101eeb40a in DbXml::IntersectIterator::next ()
      #2 0x0000000101f2b227 in DbXml::NodePredicateFilter::doNext ()
      #3 0x0000000101f276cc in DbXml::NodePredicateFilter::next ()
      #4 0x0000000101f279b2 in DbXml::VarNegativeNodePredicateFilter::doNext ()
      #5 0x0000000101f27810 in DbXml::VarNegativeNodePredicateFilter::next ()
      #6 0x0000000101f12992 in DbXml::QueryPlanToASTResult::next ()
      #7 0x0000000101aa0bd1 in ResultImpl::nextOrTail ()
      #8 0x0000000101aa0b03 in ResultImpl::next ()
      #9 0x0000000101f695fd in DbXml::LazyDIResults::hasNext ()
      #10 0x0000000101f83933 in DbXml::XmlResults::hasNext ()
      #11 0x00000001012b13cd in alpinocorpus::DbCorpusReaderPrivate::DbIter::equals (this=0x10be3c0f0, that=@0x10be3c770) at /Users/daniel/git/alpinocorpus/src/DbCorpusReaderPrivate.cpp:93
      #12 0x000000010127e6a8 in alpinocorpus::CorpusReader::EntryIterator::operator== (this=0x102540110, other=@0x1099e3d38) at /Users/daniel/git/alpinocorpus/src/CorpusReader.cpp:242
      #13 0x000000010127e60d in alpinocorpus::CorpusReader::EntryIterator::operator!= (this=0x102540110, other=@0x1099e3d38) at /Users/daniel/git/alpinocorpus/src/CorpusReader.cpp:63
      #14 0x0000000100045278 in FilterModel::getEntries (this=0x102540090, begin=@0x1099e3d48, end=@0x1099e3d38, withStylesheet=false) at /Users/daniel/git/dact/src/FilterModel.cpp:305
      #15 0x00000001000449b7 in FilterModel::getEntriesWithQuery (this=0x102540090, query=@0x1040895f8, stylesheet=@0x104089600) at /Users/daniel/git/dact/src/FilterModel.cpp:274
      #16 0x0000000100047d08 in QtConcurrent::VoidStoredMemberFunctionPointerCall2<void, FilterModel, QString const&, QString, QString const&, QString>::runFunctor (this=0x1040895c0) at qtconcurrentstoredfunctioncall.h:615
      #17 0x0000000100028a27 in QtConcurrent::RunFunctionTask<void>::run (this=0x1040895c0) at qtconcurrentrunbase.h:134
      #18 0x0000000100028bcc in non-virtual thunk to QtConcurrent::RunFunctionTask<void>::run() () at qtconcurrentstoredfunctioncall.h:413
      #19 0x0000000100f67ba1 in QThreadPoolThread::run ()
      #20 0x0000000100f74c0f in QThreadPrivate::start ()
      #21 0x00007fff8eb518bf in pthreadstart ()
      #22 0x00007fff8eb54b75 in thread_start ()
      ---

      It turns out that the right_ is a null pointer (and is dereferenced). I am not sure how it gets into that state. As a workaround, I changed:

      if((next_ & RIGHT) || (right_ && isSameNID(right_, container, did, nid) < 0)) {

      to:


      if((next_ & RIGHT && right_) || (right_ && isSameNID(right_, container, did, nid) < 0)) {

      And that makes the segfault go away. Any ideas?
        • 1. Re: Segmentation fault in UnionIterator::seek()
          danieldk
          For completeness, a sample container is provided here: http://www.let.rug.nl/~dekok/corpora/cdb.dact.gz

          % gunzip cdb.dact.gz

          % dbxml

          dbxml> openContainer "cdb.dact"

          dbxml> query "collection('cdb.dact')//node[@cat='conj' and count(node[@rel='crd'])=1 and count(node[@rel='cnj'])=2 and number(@begin)=number(@end)-3 and node[@rel='cnj']/@pt != node[@rel='cnj']/@pt]"
          zsh: segmentation fault dbxml