/usr/bin/dolphin:11:QDomNode::isElement:QDomNode::firstChildElement:KBookmarkGroup::findToolbar:KBookmarkManager::saveAs:KBookmarkManager::emitChanged

Bug #1284052 reported by errors.ubuntu.com bug bridge on 2014-02-24
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
KDE Base
Fix Released
High
kde-baseapps (Ubuntu)
Undecided
Unassigned

Bug Description

The Ubuntu Error Tracker has been receiving reports about a problem regarding kde-baseapps. This problem was most recently seen with version 4:4.12.2-0ubuntu1, the problem page at https://errors.ubuntu.com/problem/b0a4d004ef8ff1dbd3d9c93bb327d1375f1447b6 contains more details.

Download full text (15.3 KiB)

Application: dolphin (2.2)
KDE Platform Version: 4.10.2
Qt Version: 4.8.4
Operating System: Linux 3.8.0-21-generic i686
Distribution: Ubuntu 13.04

-- Information about the crash:
I have 12 partitions. When I click on the drives in Dolphin to mount them, at 12-th partition the Dolphin crash occurs. But the drive was installed.

The crash can be reproduced every time.

-- Backtrace:
Application: Dolphin (dolphin), signal: Segmentation fault
Using host libthread_db library "/lib/i386-linux-gnu/libthread_db.so.1".
[Current thread is 1 (Thread 0xaf2a6740 (LWP 2576))]

Thread 3 (Thread 0xac956b40 (LWP 2577)):
#0 0xb7741424 in __kernel_vsyscall ()
#1 0xb75db8e2 in clock_gettime () from /lib/i386-linux-gnu/libc.so.6
#2 0xb57930d5 in do_gettime (frac=0xac955eb0, sec=0xac955ea8) at tools/qelapsedtimer_unix.cpp:123
#3 qt_gettime () at tools/qelapsedtimer_unix.cpp:140
#4 0xb587a80e in QTimerInfoList::updateCurrentTime (this=this@entry=0xac0020bc) at kernel/qeventdispatcher_unix.cpp:354
#5 0xb587ab9a in QTimerInfoList::timerWait (this=0xac0020bc, tm=...) at kernel/qeventdispatcher_unix.cpp:461
#6 0xb5879373 in timerSourcePrepareHelper (src=<optimized out>, timeout=0xac955fdc) at kernel/qeventdispatcher_glib.cpp:136
#7 0xb587940d in timerSourcePrepare (source=0xac002088, timeout=0xac955fdc) at kernel/qeventdispatcher_glib.cpp:169
#8 0xb4a8dd21 in g_main_context_prepare () from /lib/i386-linux-gnu/libglib-2.0.so.0
#9 0xb4a8e5cf in ?? () from /lib/i386-linux-gnu/libglib-2.0.so.0
#10 0xb4a8e831 in g_main_context_iteration () from /lib/i386-linux-gnu/libglib-2.0.so.0
#11 0xb5879c3f in QEventDispatcherGlib::processEvents (this=0xac000488, flags=...) at kernel/qeventdispatcher_glib.cpp:426
#12 0xb58463ec in QEventLoop::processEvents (this=this@entry=0xac956178, flags=...) at kernel/qeventloop.cpp:149
#13 0xb58466e1 in QEventLoop::exec (this=this@entry=0xac956178, flags=...) at kernel/qeventloop.cpp:204
#14 0xb5731fec in QThread::exec (this=this@entry=0x8d624c0) at thread/qthread.cpp:542
#15 0xb5825f2d in QInotifyFileSystemWatcherEngine::run (this=0x8d624c0) at io/qfilesystemwatcher_inotify.cpp:256
#16 0xb5734b18 in QThreadPrivate::start (arg=0x8d624c0) at thread/qthread_unix.cpp:338
#17 0xb1799101 in ?? () from /usr/lib/nvidia-304/libGL.so.1
#18 0x5c8b0824 in ?? ()
#19 0xbab80424 in ?? ()
#20 0x65000000 in ?? ()
#21 0x001015ff in ?? ()
#22 0xd3890000 in ?? ()
#23 0xfff0013d in ?? ()
#24 0xc30173ff in ?? ()
#25 0x0fe162e8 in ?? ()
#26 0x7bc18100 in ?? ()
#27 0x8b0017fb in ?? ()
#28 0xffff1889 in ?? ()
#29 0x65d8f7ff in ?? ()
#30 0x00000d03 in ?? ()
#31 0x01890000 in ?? ()
#32 0xc3ffc883 in ?? ()
#33 0x00acec81 in ?? ()
#34 0x9c890000 in ?? ()
#35 0x0000a024 in ?? ()
#36 0xe131e800 in ?? ()
#37 0xc381000f in ?? ()
#38 0x0017fb4e in ?? ()
#39 0xa424b489 in ?? ()
#40 0x8b000000 in ?? ()
#41 0x00b024b4 in ?? ()
#42 0xbc890000 in ?? ()
#43 0x0000a824 in ?? ()
#44 0x247c8d00 in ?? ()
#45 0x247c8914 in ?? ()
#46 0x2444c708 in ?? ()
#47 0x00000004 in ?? ()
#48 0x24348900 in ?? ()
#49 0xfff84be8 in ?? ()
#50 0x78c085ff in ?? ()
#51 0xff4e8d7f in ?? ()
#52 0x000001b8 in ?? ()
#53 0xd3ca8900 in ?? ()
#54 0x248c8be0 in ?? ()
#55 0x000000b4 in ?? ()
#56 0x8505eac1 ...

Thanks for the bug report. You could help us to possibly find the cause of the crash by running Dolphin in Valgrind:

1. valgrind dolphin 2> log.txt
(note that Dolphin will run very slowly).

2. Reproduce the crash.

3. Attach 'log.txt' here.

Thanks for your help.

Created attachment 80027
log.txt

Thanks for your reply. So, when I run Dolphin with valgrind, the
Dolphin didn't crash, but when I run Dolphin without valgrind, I can
always reproduce the crash. I try it 3-4 times. I attach the log.txt
file here.

2013/5/22 Frank Reininghaus <email address hidden>:
> https://bugs.kde.org/show_bug.cgi?id=320006
>
> --- Comment #1 from Frank Reininghaus <email address hidden> ---
> Thanks for the bug report. You could help us to possibly find the cause of the
> crash by running Dolphin in Valgrind:
>
> 1. valgrind dolphin 2> log.txt
> (note that Dolphin will run very slowly).
>
> 2. Reproduce the crash.
>
> 3. Attach 'log.txt' here.
>
> Thanks for your help.
>
> --
> You are receiving this mail because:
> You reported the bug.

Thanks. The Valgrind log shows only invalid reads, not writes, so I don't know if the reported errors (none of which come from Dolphin itself) have anything to do with the problem.

It might have something to do with the stuff that is going on in the other threads - their backtraces are incomplete and look strange. In particular, it's very strange that there are frames from libQtDeclarative.so.4 in there. I'm not aware of anything in Dolphin that makes use of QtDeclarative.

Unfortunately, I don't have any idea what else could be done to find out more about the problem. However, it seems unlikely that the crash is Dolphin's fault.

*** Bug 322275 has been marked as a duplicate of this bug. ***

*** Bug 324726 has been marked as a duplicate of this bug. ***

*** Bug 325332 has been marked as a duplicate of this bug. ***

Created attachment 83423
New crash information added by DrKonqi

dolphin (4.11.2) on KDE Platform 4.11.2 using Qt 4.8.4

- What I was doing when the application crashed:
Just plugged in an external HDD. After that Dolphin crashed.

-- Backtrace (Reduced):
#6 0x00007f63309c87c7 in QDomNode::toElement (this=this@entry=0x7ffff1a74460) at dom/qdom.cpp:7281
#7 0x00007f6330d9e67b in KBookmarkGroup::findToolbar (this=this@entry=0x7ffff1a74590) at ../../kio/bookmarks/kbookmark.cc:253
#8 0x00007f6330da5b41 in KBookmarkManager::saveAs (this=this@entry=0x1636a40, filename=..., toolbarCache=toolbarCache@entry=true) at ../../kio/bookmarks/kbookmarkmanager.cc:415
#9 0x00007f6330da5cc1 in KBookmarkManager::save (this=this@entry=0x1636a40, toolbarCache=toolbarCache@entry=true) at ../../kio/bookmarks/kbookmarkmanager.cc:398
#10 0x00007f6330da8d48 in KBookmarkManager::emitChanged (this=0x1636a40, group=...) at ../../kio/bookmarks/kbookmarkmanager.cc:553

*** Bug 327593 has been marked as a duplicate of this bug. ***

I don't think that this is a Dolphin issue. I see nothing related to Dolphin in the backtrace. Moreover, the crashes only started with KDE SC 4.10, and there were, to my knowledge, no Places-related changes between 4.9 and 4.10 in Dophin.

However, I do see a change in kdelibs prior to 4.10 which changes the way KBookmarkManager deals with toolbars:

https://projects.kde.org/projects/kde/kdelibs/repository/revisions/92d2484a4b0ba692a78faa83ceca851a6511f4f5

It appears that this commit might be related to the cause of these crashes. I'll CC Stefan Brüns, who committed that change.

I see one possible problem here, QDomNode::toElement returns a NULL element if it is e.g. a AttributeNode or TextNode, so e.tagName(...) might crash.

Patch is available at
https://git.reviewboard.kde.org/r/113866/

Reporters:
Can you attach your bookmarks file, so I can verify if this is possibly the cause of the crash?
The file is located under:
~/.kde4/share/apps/kfileplaces/bookmarks.xml

If you have privacy concerns, this will remove the critical information:
sed -e '{s/href="\([^:]*\):.*"/href="\1:XXX"/g}' ~/.kde4/share/apps/kfileplaces/bookmarks.xml > bookmarks_cleaned.xml

*** Bug 328804 has been marked as a duplicate of this bug. ***

I tried to create a testcase, but even inserting bogus content (e.g a textnode) in the bookmarks file has not triggered the crash, so most likely a failing toElement() is out.

But unfortunately none of the reporters has provided a bookmarks file, so this can not be ruled out completely.

As the crash seems to happen randomly, can we rule out any threading issues?

*** Bug 329693 has been marked as a duplicate of this bug. ***

Git commit 9437d7700cff0331ccdcfff2875faa4a8b98cd82 by Albert Astals Cid, on behalf of Stefan Brüns.
Committed on 11/01/2014 at 16:32.
Pushed by aacid into branch 'KDE/4.12'.

kio bookmarks: Only iterate over element nodes in findToolbar()

Only iterate over element nodes, and filter on <folder> tag.

findFirstChild/nextSibling might return a node which is not an QDomElement. toElement will return NULL and accessing it will crash.

Possible fix for 320006

Acked by dfaure
REVIEW: 113866

M +5 -14 kio/bookmarks/kbookmark.cc

http://commits.kde.org/kdelibs/9437d7700cff0331ccdcfff2875faa4a8b98cd82

*** Bug 329862 has been marked as a duplicate of this bug. ***

*** Bug 329885 has been marked as a duplicate of this bug. ***

We are still seeing this crash with 4.12.2 (which ought to contain the latest commit) on the automatic Ubuntu error tracker.

This time it crashes in:
QDomNode::isElement() const () from /usr/lib/x86_64-linux-gnu/libQtXml.so.4
QDomNode::firstChildElement(QString const&) const () from /usr/lib/x86_64-linux-gnu/libQtXml.so.4
KBookmarkGroup::findToolbar() const () from /usr/lib/libkio.so.5

https://bugs.launchpad.net/kde-baseapps/+bug/1284052

Changed in kde-baseapps:
importance: Unknown → High
status: Unknown → Confirmed

Created attachment 85578
New crash information added by DrKonqi

dolphin (4.12.3) on KDE Platform 4.12.3 using Qt 4.8.5

* Opened Dolphin
* Navigated to a folder in my home directory
* Split the view
* plugged in a flash drive
* Clicked on the "Removable Media" in the Devices area in the left pane of the window
* Crash

-- Backtrace (Reduced):
#6 0x00000039a4c145eb in QDomNode::isElement (this=this@entry=0x7fffdd6f00c0) at dom/qdom.cpp:2823
#7 0x00000039a4c17ed8 in QDomNode::firstChildElement (this=this@entry=0x7fffdd6f0240, tagName=...) at dom/qdom.cpp:2951
#8 0x0000003484fc5127 in KBookmarkGroup::findToolbar (this=this@entry=0x7fffdd6f0240) at /usr/src/debug/kdelibs-4.12.3/kio/bookmarks/kbookmark.cc:251
#9 0x0000003484fccc51 in KBookmarkManager::saveAs (this=this@entry=0x1f8e6c0, filename=..., toolbarCache=toolbarCache@entry=true) at /usr/src/debug/kdelibs-4.12.3/kio/bookmarks/kbookmarkmanager.cc:415
#10 0x0000003484fccdd1 in KBookmarkManager::save (this=this@entry=0x1f8e6c0, toolbarCache=toolbarCache@entry=true) at /usr/src/debug/kdelibs-4.12.3/kio/bookmarks/kbookmarkmanager.cc:398

*** Bug 332266 has been marked as a duplicate of this bug. ***

*** Bug 332861 has been marked as a duplicate of this bug. ***

*** Bug 333004 has been marked as a duplicate of this bug. ***

*** Bug 333406 has been marked as a duplicate of this bug. ***

*** Bug 333974 has been marked as a duplicate of this bug. ***

*** Bug 335167 has been marked as a duplicate of this bug. ***

*** Bug 335807 has been marked as a duplicate of this bug. ***

*** Bug 336762 has been marked as a duplicate of this bug. ***

my apologies - it has just been explained to me that:
open source is a meritocracy

And now I Understand why michael young warned against the rise of the
meritocracy
http://books.google.co.uk/books/about/The_rise_of_the_meritocracy.html?id=e_rTyIMJR9kC

because its no different from any other form of:
small secret society corruption
of who are you?
of what have you contributed?
of why should I treat you with any respect?

So I guess i shouldn't be surprised that open sources is not new - its
just the same old pigs in the masters clothing

On 26/06/14 18:33, Christoph Feck wrote:
> https://bugs.kde.org/show_bug.cgi?id=320006
>
> Christoph Feck <email address hidden> changed:
>
> What |Removed |Added
> ----------------------------------------------------------------------------
> CC| |pleasecanyounotspamme@gmail
> | |.com
>
> --- Comment #26 from Christoph Feck <email address hidden> ---
> *** Bug 336762 has been marked as a duplicate of this bug. ***
>

Please do not mail privately.

When comparing the backtraces of this bug (the 4.11 version of it), and bug 336762, you will see that they are identical, even if the steps are different. As such, we mark those bugs as duplicates.

In case there is something I missed, please add a comment here.

*** Bug 337030 has been marked as a duplicate of this bug. ***

Created attachment 87759
New crash information added by DrKonqi

dolphin (4.11.5) on KDE Platform 4.11.5 using Qt 4.8.5

- What I was doing when the application crashed:

I just plug a USB pen on my laptop and dolphin crashed

-- Backtrace (Reduced):
#6 0x00007fb40dced377 in QDomNode::toElement (this=this@entry=0x7fffb60f8970) at dom/qdom.cpp:7281
#7 0x00007fb40683828b in KBookmarkGroup::findToolbar (this=this@entry=0x7fffb60f8aa0) at /usr/src/debug/kdelibs-4.11.5/kio/bookmarks/kbookmark.cc:253
#8 0x00007fb40683f6c1 in KBookmarkManager::saveAs (this=this@entry=0xc18600, filename=..., toolbarCache=toolbarCache@entry=true) at /usr/src/debug/kdelibs-4.11.5/kio/bookmarks/kbookmarkmanager.cc:415
#9 0x00007fb40683f841 in KBookmarkManager::save (this=this@entry=0xc18600, toolbarCache=toolbarCache@entry=true) at /usr/src/debug/kdelibs-4.11.5/kio/bookmarks/kbookmarkmanager.cc:398
#10 0x00007fb4068427c8 in KBookmarkManager::emitChanged (this=0xc18600, group=...) at /usr/src/debug/kdelibs-4.11.5/kio/bookmarks/kbookmarkmanager.cc:553

*** Bug 337888 has been marked as a duplicate of this bug. ***

*** Bug 340832 has been marked as a duplicate of this bug. ***

Download full text (7.5 KiB)

Application: dolphin (4.13.3)
KDE Platform Version: 4.13.3
Qt Version: 4.8.6
Operating System: Linux 3.13.0-43-generic x86_64
Distribution: Linux Mint 17 Qiana

-- Information about the crash:
- What I was doing when the application crashed:
Just connected my Kobo Aura HD to the USB port, while Calibre was open.

-- Backtrace:
Application: Dolphin (dolphin), signal: Segmentation fault
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
[Current thread is 1 (Thread 0x7ff60ad477c0 (LWP 4365))]

Thread 4 (Thread 0x7ff5ed286700 (LWP 4366)):
#0 0x00007ff60a622ad4 in pthread_mutex_lock (mutex=0x7ff5e8000a60) at forward.c:192
#1 0x00007ff6015b8981 in g_mutex_lock () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#2 0x00007ff601576fca in ?? () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#3 0x00007ff6015770ec in g_main_context_iteration () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#4 0x00007ff6066767be in QEventDispatcherGlib::processEvents (this=0x7ff5e80008c0, flags=...) at kernel/qeventdispatcher_glib.cpp:436
#5 0x00007ff6066480af in QEventLoop::processEvents (this=this@entry=0x7ff5ed285de0, flags=...) at kernel/qeventloop.cpp:149
#6 0x00007ff6066483a5 in QEventLoop::exec (this=this@entry=0x7ff5ed285de0, flags=...) at kernel/qeventloop.cpp:204
#7 0x00007ff606544c5f in QThread::exec (this=this@entry=0x100e9c0) at thread/qthread.cpp:537
#8 0x00007ff606629823 in QInotifyFileSystemWatcherEngine::run (this=0x100e9c0) at io/qfilesystemwatcher_inotify.cpp:265
#9 0x00007ff60654732f in QThreadPrivate::start (arg=0x100e9c0) at thread/qthread_unix.cpp:349
#10 0x00007ff601a56182 in start_thread (arg=0x7ff5ed286700) at pthread_create.c:312
#11 0x00007ff60a614efd in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:111

Thread 3 (Thread 0x7ff5ec925700 (LWP 4367)):
#0 0x00007ff60a607bad in poll () at ../sysdeps/unix/syscall-template.S:81
#1 0x00007ff601576fe4 in ?? () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#2 0x00007ff6015770ec in g_main_context_iteration () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#3 0x00007ff6066767be in QEventDispatcherGlib::processEvents (this=0x7ff5e00008c0, flags=...) at kernel/qeventdispatcher_glib.cpp:436
#4 0x00007ff6066480af in QEventLoop::processEvents (this=this@entry=0x7ff5ec924e20, flags=...) at kernel/qeventloop.cpp:149
#5 0x00007ff6066483a5 in QEventLoop::exec (this=this@entry=0x7ff5ec924e20, flags=...) at kernel/qeventloop.cpp:204
#6 0x00007ff606544c5f in QThread::exec (this=<optimized out>) at thread/qthread.cpp:537
#7 0x00007ff60654732f in QThreadPrivate::start (arg=0x1325660) at thread/qthread_unix.cpp:349
#8 0x00007ff601a56182 in start_thread (arg=0x7ff5ec925700) at pthread_create.c:312
#9 0x00007ff60a614efd in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:111

Thread 2 (Thread 0x7ff5e7987700 (LWP 4368)):
#0 0x00007ff60a607bad in poll () at ../sysdeps/unix/syscall-template.S:81
#1 0x00007ff601576fe4 in ?? () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#2 0x00007ff6015770ec in g_main_context_iteration () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#3 0x00007ff6066767be in QEventDispatcherGlib::processEvents (this=0x7ff5dc0008c0, flags=...) at kernel/qeventdispat...

Read more...

*** Bug 342400 has been marked as a duplicate of this bug. ***

Created attachment 90411
New crash information added by DrKonqi

dolphin (4.14.2) on KDE Platform 4.14.2 using Qt 4.8.6

- What I was doing when the application crashed:

Mounted USB flash and chosen to open with Dolphin.
It happens quite often with other USB storages.

-- Backtrace (Reduced):
#6 0x00007f49ddeb0392 in QDomNode::isElement (this=this@entry=0x7fffc80e9f60) at dom/qdom.cpp:2823
#7 0x00007f49ddeb3a28 in QDomNode::firstChildElement (this=this@entry=0x7fffc80ea0e0, tagName=...) at dom/qdom.cpp:2951
#8 0x00007f49de289967 in KBookmarkGroup::findToolbar (this=this@entry=0x7fffc80ea0e0) at ../../kio/bookmarks/kbookmark.cc:251
#9 0x00007f49de290e91 in KBookmarkManager::saveAs (this=this@entry=0xa7cf20, filename=..., toolbarCache=toolbarCache@entry=true) at ../../kio/bookmarks/kbookmarkmanager.cc:415
#10 0x00007f49de291011 in KBookmarkManager::save (this=this@entry=0xa7cf20, toolbarCache=toolbarCache@entry=true) at ../../kio/bookmarks/kbookmarkmanager.cc:398

Would this patch help?
http://www.davidfaure.fr/2015/kbookmarkgroup.diff

Otherwise I would need a valgrind log.

*** Bug 345576 has been marked as a duplicate of this bug. ***

*** Bug 346367 has been marked as a duplicate of this bug. ***

*** Bug 349548 has been marked as a duplicate of this bug. ***

*** Bug 352443 has been marked as a duplicate of this bug. ***

Changed in kde-baseapps:
status: Confirmed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.