search

termux / termux-packages

A package build system for Termux.
https://termux.dev
Other
13.31k stars 3.06k forks source link

[Bug]: newsboat crashes while processing certain feed #7498

Closed mglh closed 3 years ago

mglh commented 3 years ago

Problem description

Feed: https://www.goingelectric.de/forum/feed/topics

Error Message: stack corruption detected (-fstack-protector)

What steps will reproduce the bug?

Just "reload".

What is the expected behavior?

No response

System information

termux-info:

Application version:
0.117
Packages CPU architecture:
aarch64
Subscribed repositories:
# sources.list
deb https://grimler.se/termux-packages-24/ stable main
# science-repo (sources.list.d/science.list)
deb https://packages.termux.org/apt/termux-science science stable
# game-repo (sources.list.d/game.list)
deb https://packages.termux.org/apt/termux-games games stable
Updatable packages:
All packages up to date
Android version:
9
Kernel build information:
Linux localhost 4.4.153-perf+ #1 SMP PREEMPT Mon May 6 16:27:58 2019 aarch64 Android
Device manufacturer:
Sony
Device model:
H4113
Grimler91 commented 3 years ago

Still an issue? I was able to reproduce it, but now it works, so I guess that the issue was with one of the entries that have been removed from the feed now. I'll open an issue in the newsboat repo with backtrace and the broken .xml file in any case

Issue is caused by smileys, and does not occur when newsboat is compiled on device. Probably something is mis-configured when newsboat is cross-compiled, and/or something is weird with our libandroid-support.

Adding this:

<?xml version="1.0" encoding="UTF-8"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="de">
  <link rel="self" type="application/atom+xml" href="https://www.goingelectric.de/forum/feed/topics"/>

  <title>Elektroauto Forum</title>
  <subtitle>Elektroauto Forum auf GoingElectric.de</subtitle>
  <link href="https://www.goingelectric.de/forum/index.php"/>
  <updated>2021-09-08T19:53:14+02:00</updated>

  <author><name><![CDATA[Elektroauto Forum]]></name></author>
  <id>https://www.goingelectric.de/forum/feed/topics</id>
    <entry>
    <author><name><![CDATA[ ]]></name></author>
    <updated>2021-09-08T11:25:52+02:00</updated>

    <published>2021-09-08T11:25:52+02:00</published>
    <id>https://www.goingelectric.de/forum/viewtopic.php?t=71495&amp;p=1674610#p1674610</id>
    <link href="https://www.goingelectric.de/forum/viewtopic.php?t=71495&amp;p=1674610#p1674610"/>
    <title type="html"><![CDATA[ID.4 - Allgemeine Themen • Lichtleiste hinten steht ab&#128530;]]></title>
     <category term="ID.4 - Allgemeine Themen" scheme="https://www.goingelectric.de/forum/viewforum.php?f=464" label="ID.4 - Allgemeine Themen"/>
    <content type="html" xml:base="https://www.goingelectric.de/forum/viewtopic.php?t=71495&amp;p=1674610#p1674610"><![CDATA[]]></content>
  </entry>
</feed>

to a feed.xml file, and then adding that file to .newsboat/urls (echo file:///data/data/com.termux/files/home/path/to/feed.xml >> ~/.newsboat/urls) and then running newsboat and refreshing is enough to trigger the issue. A gdb backtrace shows:

0x0000007fb68dc240 in abort () from /apex/com.android.runtime/lib64/bionic/libc.so
(gdb) bt
#0  0x0000007fb68dc240 in abort () from /apex/com.android.runtime/lib64/bionic/libc.so
#1  0x0000007fb68f0568 in __stack_chk_fail () from /apex/com.android.runtime/lib64/bionic/libc.so
#2  0x0000005555609f08 in newsboat::TagSoupPullParser::decode_entity (this=<optimized out>, s=...) at src/tagsouppullparser.cpp:513
#3  0x0000005555609bb8 in newsboat::TagSoupPullParser::decode_entities (this=<optimized out>, s=...) at src/tagsouppullparser.cpp:164
#4  0x000000555560963c in newsboat::TagSoupPullParser::handle_text (this=0x7d25dbf238, c=<optimized out>) at src/tagsouppullparser.cpp:606
#5  0x00000055556094f8 in newsboat::TagSoupPullParser::next (this=0x7d25dbf238) at src/tagsouppullparser.cpp:79
#6  0x00000055555dccc4 in newsboat::HtmlRenderer::render (this=0x7d25dbf518, input=..., lines=..., links=..., url=...) at src/htmlrenderer.cpp:138
#7  0x00000055555dcc00 in newsboat::HtmlRenderer::render (this=0x0, source=..., lines=..., links=..., url=...) at src/htmlrenderer.cpp:70
#8  0x000000555560f1d8 in newsboat::RssParser::render_xhtml_title (this=<optimized out>, title=..., link=...) at src/rssparser.cpp:115
#9  0x0000005555610828 in newsboat::RssParser::set_item_title (this=<optimized out>, feed=..., x=..., item=...) at src/rssparser.cpp:471
#10 0x000000555560e77c in newsboat::RssParser::fill_feed_items (this=0x7d25dbf880, feed=...) at src/rssparser.cpp:349
#11 0x000000555560e0c4 in newsboat::RssParser::parse (this=0x7d25dbf880) at src/rssparser.cpp:73
#12 0x0000005555685c10 in newsboat::Reloader::reload (this=0x7de5f11dc0, pos=0, show_progress=<optimized out>, unattended=false, easyhandle=0x7d25dbfad8) at src/reloader.cpp:97
#13 0x0000005555686744 in newsboat::Reloader::reload_range (this=0x7de5f11dc0, start=<optimized out>, end=<optimized out>, unattended=<optimized out>) at src/reloader.cpp:243
#14 0x000000555568627c in newsboat::Reloader::reload_all (this=0x7de5f11dc0, unattended=false) at src/reloader.cpp:153
#15 0x000000555560bf50 in newsboat::DownloadThread::operator() (this=0x7dd5f10e98) at src/downloadthread.cpp:24
#16 0x0000005555688694 in std::__ndk1::__thread_proxy<std::__ndk1::tuple<std::__ndk1::unique_ptr<std::__ndk1::__thread_struct, std::__ndk1::default_delete<std::__ndk1::__thread_struct> >, newsboat::DownloadThread> > (   __vp=<optimized out>) at /home/builder/.termux-build/_cache/android-r21d-api-24-v5/bin/../sysroot/usr/include/c++/v1/thread:283
#17 0x0000007fb693f070 in __pthread_start(void*) () from /apex/com.android.runtime/lib64/bionic/libc.so
#18 0x0000007fb68de200 in __start_thread () from /apex/com.android.runtime/lib64/bionic/libc.so

newsboat --log-level 6 --log-file newsboat.log -r also shows that the smiley is the issue:

[2021-09-08 22:31:47] DEBUG: Reloader::reload_range: reloading feed #1
[2021-09-08 22:31:47] DEBUG: ListFormatter::add_line: `<unread>   2 N       (1/1) Elektroauto Forum</>'
[2021-09-08 22:31:47] DEBUG: Reloader::reload: pos = 1
[2021-09-08 22:31:47] INFO: ReloadThread: waiting 0 seconds between reloads
[2021-09-08 22:31:47] INFO: ReloadThread: starting reload
[2021-09-08 22:31:47] DEBUG: FeedListFormAction::prepare: doing redraw
[2021-09-08 22:31:47] DEBUG: Reloader::reload: created parser
[2021-09-08 22:31:47] DEBUG: ListFormatter::add_line: `<unread>   1 N      (9/10) Elektroauto Forum</>'
[2021-09-08 22:31:47] DEBUG: ListFormatter::add_line: `<unread>   2 N       (1/1) Elektroauto Forum</>'
[2021-09-08 22:31:47] INFO: Parser::parse_file: encoding = UTF-8
[2021-09-08 22:31:47] DEBUG: RssParser::parse: parsed file /data/data/com.termux/files/home/test.xml, valid = true
[2021-09-08 22:31:47] DEBUG: RssParser::parse: feed title = `Elektroauto Forum' link = `file:///data/data/com.termux/files/home/test.xml'
[2021-09-08 22:31:47] DEBUG: TagSoupPullParser::decode_entity: decoding '#128530'...
[2021-09-08 22:31:47] DEBUG: TagSoupPullParser::decode_entity: wc = 128530 pos = 4 mbc = '😒'
ghost commented 3 years ago

Possibly related to 93f4fbb30ff8a58bb1553b5c7659a3909feaf7c5.

Issue: https://github.com/termux/termux-packages/issues/4334

Grimler91 commented 3 years ago

Looks pretty identical indeed. I suppose you removed the patch after https://github.com/newsboat/newsboat/commit/1e36d490d08010e9cbb025ed029bdbca495d7d82.

Bash, readline and a bunch of other software makes sure MB_LEN_MAX is at least 16, maybe newsboat should have a similar check (could open an issue in the newsboat repo to discuss it)

Minoru commented 3 years ago

Hi, Newsboat maintainer here :wave: I suspect this is fixed by https://github.com/newsboat/newsboat/pull/1747.

Grimler91 commented 3 years ago

@Minoru Hi, yes, that commit fixes it as well (for the example feed above). Thanks for the info, I have replaced the patched used.