Crash in Segy import while eject flash drive with segy file (or disconnect lan/wi-fi with source segy file)
It is extremely hard to reproduce, but bug is already exists in all releases of open-vds.
Let's discusse two different cases:
- Move source segy file to flash drive
- Import segy file (via SEGImport utils)
- Eject flash drive while processing
- Crash without any dump
Another case:
- Move source segy file to external network drive (google drive, smb or any other)
- Import segy file (via SEGImport utils)
- Unplug ethernet cable (disconnect from wifi/lan, close your corporate vpn connection or any other) while processing
- Crash without any dump
I found, that main reason of crash inside TraceDataManager
Crash will be here:
const char* header = traceDataManager.getTraceData(trace, error);
if (error.code)
{
outputPrinter.printWarning("IO", "Failed when reading data", fmt::format("{}", error.code), error.string);
break;
}
const void* data = header + SEGY::TraceHeaderSize;
int primaryTest = fileInfo.Is2D() ? 0 : SEGY::ReadFieldFromHeader(header, fileInfo.m_primaryKey, fileInfo.m_headerEndianness),
secondaryTest;
As you can see TraceDataManager::getTraceData
imp is safe.
const char
* basePtr = static_cast<const char *>(pageView->Pointer(error));
but... You loose nullptr check while return address.
I added required comparator for MVP:
And yes - basePtr
is nullptr.
Return ptr with any offset will crash application.
Solution: Add code snippet
const char *
getTraceData(int64_t traceNumber, OpenVDS::Error & error) const
{
...
// Additional check
if (basePtr == nullptr)
{
error.code = 1;
error.string = "Failed to acquire pageView pointer";
return nullptr;
}
return basePtr + (traceNumber - pageTrace) * m_traceByteSize;
}
How to 100% reproduce:
- Start SEGYImport with debug session
- Copy segy to flash, start importing and waith for 10-20-N% done.
- Set breakpoint to line:
for (int64_t trace(firstTrace); trace <= segment->m_traceStop && error.code == 0; ++trace, ++tertiaryIndex)
- Eject flash drive
- Iterate over loop up to crash :)