QtDbus: KIO scheduler exit handler crashes VLC

Bug #408719 reported by Martin on 2009-08-04
652
This bug affects 101 people
Affects Status Importance Assigned to Milestone
Qt
Fix Released
Undecided
Unassigned
VLC media player
Invalid
Undecided
Unassigned
kdelibs
Won't Fix
High
Fedora
New
Undecided
Unassigned
kde4libs (Debian)
Fix Released
Unknown
qt4-x11 (Mandriva)
Unknown
Unknown
qt4-x11 (Ubuntu)
Undecided
Unassigned
vlc (Ubuntu)
Medium
Unassigned

Bug Description

Binary package hint: vlc

Description: Ubuntu karmic (development branch)
Release: 9.10

On Kubuntu, VLC crashes at exit if the open file (or save file) dialog has been ever used.

ProblemType: Crash
Architecture: i386
Date: Tue Aug 4 08:36:19 2009
DistroRelease: Ubuntu 9.10
ExecutablePath: /usr/bin/vlc
Package: vlc-nox 1.0.0-1ubuntu1
ProcCmdline: vlc
ProcEnviron:
 PATH=(custom, user)
 LANG=en_US.UTF-8
 SHELL=/bin/bash
ProcVersionSignature: Ubuntu 2.6.31-5.24-generic
SegvAnalysis:
 Segfault happened at: 0x5b1b846: mov 0x4(%edx),%ecx
 PC (0x05b1b846) ok
 source "0x4(%edx)" (0x00000004) not located in a known VMA region (needed readable region)!
 destination "%ecx" ok
SegvReason: reading NULL VMA
Signal: 11
SourcePackage: vlc
StacktraceTop:
 ?? () from /usr/lib/libQtDBus.so.4
 ?? () from /usr/lib/libQtDBus.so.4
 QMetaObject::activate(QObject*, int, int, void**) ()
 QMetaObject::activate(QObject*, QMetaObject const*, int, int, void**) () from /usr/lib/libQtCore.so.4
 QObject::destroyed(QObject*) () from /usr/lib/libQtCore.so.4
Title: vlc crashed with SIGSEGV in QMetaObject::activate()
Uname: Linux 2.6.31-5-generic i686
UserGroups: adm admin audio cdrom dialout lpadmin plugdev pulse sambashare video

Related branches

Martin (martin-zdila) wrote :

StacktraceTop:QDBusAdaptorConnector::relaySlot (this=0x9e15980,
QDBusAdaptorConnector::qt_metacall (this=0x9e15980,
QMetaObject::activate (sender=0x9e05188,
QMetaObject::activate (sender=0x9e05188, m=0x77f51a8,
QObject::destroyed (this=0x9e05188, _t1=0x9e05188)

Changed in vlc (Ubuntu):
importance: Undecided → Medium
tags: removed: need-i386-retrace
Benjamin Drung (bdrung) on 2009-09-26
visibility: private → public

It crashed after I tried to play a .wav file but couldn't hear anything. I closed vlc and it crashed. I'm not sure but I think the system isn't using PulseAudio but the integrated sound card (HDA Intel (VT1708S Analog)).

Architecture: amd64
DistroRelease: Ubuntu 9.10
NonfreeKernelModules: nvidia
Package: vlc 1.0.2-1ubuntu1
PackageArchitecture: amd64
ProcEnviron:
 SHELL=/bin/bash
 LANG=fr_CH.UTF-8
 LANGUAGE=
ProcVersionSignature: Ubuntu 2.6.31-12.41-generic
Uname: Linux 2.6.31-12-generic x86_64
UserGroups: adm admin cdrom dialout lpadmin plugdev sambashare syslog
XsessionErrors:
 (npviewer.bin:14888): Gtk-WARNING **: /usr/lib/gtk-2.0/2.10.0/engines/libqtcurve.so: mauvaise classe ELF: ELFCLASS64
 (npviewer.bin:15321): Gtk-WARNING **: /usr/lib/gtk-2.0/2.10.0/engines/libqtcurve.so: mauvaise classe ELF: ELFCLASS64
 (npviewer.bin:15854): Gtk-WARNING **: /usr/lib/gtk-2.0/2.10.0/engines/libqtcurve.so: mauvaise classe ELF: ELFCLASS64

tags: added: apport-collected

KIO is using atexit() (which is pretty much always a stupid thing to do).

VLC does not use KIO at all. Another library is causing this, most certainly Qt4 or a Qt4 theme engine.

Changed in vlc (Ubuntu):
status: New → Invalid
Jonathan Thomas (echidnaman) wrote :

There isn't an instance of atexit in any of the kio code. (KIO code is also in kde, not qt)

affects: qt4-x11 (Ubuntu) → kde4libs (Ubuntu)
Changed in kde4libs (Ubuntu):
status: New → Invalid
Rémi Denis-Courmont (rdenis) wrote :

Yeah. KDE libs does not run code at exit. Except when it does:
http://api.kde.org/4.0-api/kdelibs-apidocs/kdecore/html/group__KDEMacros.html#g75ca0c60b03dc5e4f9427263bf4043c7
Now consider line 731: http://websvn.kde.org/trunk/KDE/kdelibs/kio/kio/scheduler.cpp?view=markup

Seriously:
1/ VLC does not call KIO anywhere.

2/ The multiple stack traces clearly show that KIO has registered an exit handler. It might be through some C++ magic rather than atexit() but that's not really relevant. I think this is clear:

#5 0x00007fa73e6f6767 in KIO::Scheduler::~Scheduler() ()
   from /usr/lib/libkio.so.5
#6 0x00007fa73e6f9f51 in ?? () from /usr/lib/libkio.so.5
#7 0x00007fa74cb23c12 in exit () from /lib/libc.so.6
#8 0x00007fa74cb09ac4 in __libc_start_main () from /lib/libc.so.6
(from LP #424708 )

or

#5 0x00007fd7aaf4b767 in ~Scheduler (this=0x1c5a530)
    at ../../kio/kio/scheduler.cpp:259
No locals.
#6 0x00007fd7aaf4ef51 in destroy () at ../../kio/kio/scheduler.cpp:102
 x = (KIO::SchedulerPrivate *) 0x1c55480
#7 0x00007fd7e9b3bc12 in *__GI_exit (status=1) at exit.c:78
No locals.
(from LP #427435)

3/ The obvious place for the KIO call to occur is through the VLC Qt4 plugin. Yeah, I know Qt4 does not use KIO either. But I guess KDE extends Qt4 if running.

4/ Similar crashes have plagged kdepim: http://bugs.kde.org/show_bug.cgi?id=199375

Problem is, VLC does not call KIO directly. So something has to call it behind its back and, I guess, leak then crash.

Changed in vlc (Ubuntu):
status: Invalid → New
Rémi Denis-Courmont (rdenis) wrote :

Someone care to explain why KIO is brought into the VLC process...

Changed in vlc (Ubuntu):
status: New → Incomplete
Rémi Denis-Courmont (rdenis) wrote :

KIO is brought in by the KDE open file dialog through the Qt4 open file dialog. This can trivially be reproduced: start VLC, go to Media / Open File, cancel, exit.

This only occurs if KDE overrides the Qt open file dialog. Then the KIO scheduler registers an exit handler which crashes at exit.

Since this is not VLC specific, and VLC has no way to prevent (or even know) that KDE will register an exit handler, this is a kdelibs bug.

Changed in vlc:
importance: Unknown → Undecided
status: Unknown → New
status: New → Invalid
Changed in kde4libs (Ubuntu):
status: Invalid → New
Changed in vlc (Ubuntu):
status: Incomplete → Invalid
Jonathan Thomas (echidnaman) wrote :

Hi there!

Thanks for reporting this bug! Your bug seems to be a problem with the KDE program itself, and not with our KDE packages. But don't worry! This issue is being tracked by the KDE developers at: http://bugs.kde.org/show_bug.cgi?id=199375
Once fixed in KDE, it will be included in Kubuntu once the KDE version the fix is in in reaches Kubuntu.

Thanks!

Changed in kde4libs (Ubuntu):
status: New → Invalid
Rémi Denis-Courmont (rdenis) wrote :

VLC-specific work-around available in 1.1.0. This is not a proper bug fix.

Changed in vlc:
milestone: none → 1.1.0
Changed in vlc:
status: Invalid → Fix Committed
summary: - vlc crashed with SIGSEGV in QMetaObject::activate()
+ KIO scheduler crashes at exit if VLC file open dialog is used
Changed in vlc:
assignee: nobody → Rémi Denis-Courmont (rdenis)

Reopening the VLC Ubuntu bug since it was "decided" that it is not a KDE bug (yeah right, *cough* *cough*).

Changed in vlc (Ubuntu):
status: Invalid → New
Changed in vlc (Ubuntu):
status: New → Confirmed
Changed in kdelibs:
status: Unknown → New
Jonathan Thomas (echidnaman) wrote :

Um yeah, because "our bug seems to be a problem with the KDE program itself, and not with our KDE packages." totally says it's not a bug at all.

Version: (using KDE 4.4.2)
Compiler: GCC
OS: Linux
Installed from: Ubuntu Packages

The Kfile plugin for Qt4 triggers registration of the destructor for the global static KIOScheduler, if the Qt4 open dialog is invoked (from a Qt4 but non-KDE application).

This causes a crash at exit, while glibc runs the exit handlers. Apparently, ~KIOScheduler tries to use QDBus (which is already deinitialized).

Ubuntu apport has recorded many occurence of this issue here: https://bugs.launchpad.net/ubuntu/+source/vlc/+bug/408719

Rémi Denis-Courmont (rdenis) wrote :

The same VLC source code, with in fact practically the same Debian package, has no such problems on Debian Sid + KDE4.

Changed in vlc:
milestone: 1.1.0 → 1.0.6
Jonathan Thomas (echidnaman) wrote :

They don't have KDE 4.4, where the KFileDialog-in-Qt-apps feature was introduced.

Changed in vlc:
status: Fix Committed → Fix Released
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package vlc - 1.0.6-1ubuntu1

---------------
vlc (1.0.6-1ubuntu1) lucid; urgency=low

  * Merge from Debian unstable, remaining changes:
    - build and install the libx264 plugin
    - add Xb-Npp header to vlc package
    - Add patches 519-526 to fix FTBFS with xulruner-1.9.2 from upstream
    - Add 600-drop-OJI-xul-192.patch to drop OJI support as xulrunner-1.9.2 on
      Linux doesn't support it
    - Add apport hook to include more vlc dependencies in bug reports
    - Drop --sourcedir=debian/tmp from dh_install to install apport hook
  * Drop 527-spanish-desktop.patch (merged upstream).

vlc (1.0.6-1) unstable; urgency=low

  * New upstream version 1.0.6
    + VideoLAN-SA-1003
    + Closes: #578799
    + LP: #408719, #464715, #465560, #502637, #525278, #542943, #568859
  * RTMP access module has been removed (vlc-nox.install, NEWS.Debian)
  * Remove patches merged upstream
 -- Benjamin Drung <email address hidden> Fri, 23 Apr 2010 12:16:15 +0200

Changed in vlc (Ubuntu):
status: Confirmed → Fix Released
Rémi Denis-Courmont (rdenis) wrote :

Fix is not working.

Changed in vlc:
status: Fix Released → Confirmed
assignee: Rémi Denis-Courmont (rdenis) → nobody
milestone: 1.0.6 → none
Changed in vlc:
milestone: none → 1.1.0
Changed in kde4libs (Debian):
status: Unknown → Confirmed
Rémi Denis-Courmont (rdenis) wrote :

As per LP#584649, the bug is still present, but there is no reliable way to fix it in VLC.

Changed in vlc:
status: Confirmed → Fix Committed
Changed in vlc (Ubuntu):
status: Fix Released → Won't Fix
Changed in vlc:
status: Fix Committed → Invalid
Changed in vlc (Ubuntu):
status: Won't Fix → Invalid
Changed in vlc:
milestone: 1.1.0 → none

KDE SC 4.5 has a completely new implementation of the KIO scheduler (see http://websvn.kde.org/?revision=1075343&view=revision for the changes). Could you check if this fixed the VLC issue?

If you can provide the information requested in comment #1, please add them to this bug report.

Changed in kdelibs:
status: New → Unknown

I tried with KDE 4.5.1 as provided in Kubuntu 10.10, and I still get the exact same crash in QDBus from ~KIOScheduler from the exit handlers.

Changed in kdelibs:
status: Unknown → New

It would be nice if you could provide an updated backtrace, because the old backtrace from comment #0 contains references to code that is no longer present.

With KDE 4.5.1, I get this:

Program received signal SIGSEGV, Segmentation fault.
0x0193aaa6 in QDBusAdaptorConnector::relaySlot (this=0x84008d8,
argv=0xbffff088)
    at qdbusabstractadaptor.cpp:270
270 qdbusabstractadaptor.cpp: Aucun fichier ou dossier de ce type.
        in qdbusabstractadaptor.cpp
(gdb) bt
#0 0x0193aaa6 in QDBusAdaptorConnector::relaySlot (this=0x84008d8,
    argv=0xbffff088) at qdbusabstractadaptor.cpp:270
#1 0x0193ab24 in QDBusAdaptorConnector::qt_metacall (this=0x84008d8,
    _c=QMetaObject::InvokeMetaMethod, _id=4, _a=0xbffff088)
    at qdbusabstractadaptor.cpp:366
#2 0x016dd8ca in QMetaObject::metacall (object=0x84008d8, cl=3221221512,
    idx=4, argv=0xbffff088) at kernel/qmetaobject.cpp:237
#3 0x016f06ad in QMetaObject::activate (sender=0x8400740, m=0x1805230,
    local_signal_index=0, argv=0x84008d8) at kernel/qobject.cpp:3280
#4 0x016f0bd3 in QObject::destroyed (this=0x8400740, _t1=0x8400740)
    at .moc/release-shared/moc_qobject.cpp:149
#5 0x016f1afa in QObject::~QObject (this=0x8400740,
    __in_chrg=<value optimized out>) at kernel/qobject.cpp:842
#6 0x0228225d in KIO::Scheduler::~Scheduler (this=0x8400740,
    __in_chrg=<value optimized out>) at ../../kio/kio/scheduler.cpp:766
#7 0x02288844 in ~SchedulerPrivate () at ../../kio/kio/scheduler.cpp:667
#8 destroy () at ../../kio/kio/scheduler.cpp:730
#9 0x021cf8eb in KCleanUpGlobalStatic::~KCleanUpGlobalStatic
(this=0x239c1f0,
    __in_chrg=<value optimized out>) at ../../kdecore/kernel/kglobal.h:62
#10 0x002f469e in __run_exit_handlers (status=0, listp=0x41f324,
    run_list_atexit=true) at exit.c:78
#11 0x002f470f in exit (status=0) at exit.c:100
#12 0x002dbcef in __libc_start_main (main=0x8048e60 <main>, argc=1,
    ubp_av=0xbffff2c4, init=0x8049d90 <__libc_csu_init>,
    fini=0x8049d80 <__libc_csu_fini>, rtld_fini=0x11eac0 <_dl_fini>,
    stack_end=0xbffff2bc) at libc-start.c:258
#13 0x08048da1 in _start ()

Can you provide an efficient way of reproduce this bug and a valgrind trace?

Thanks.

Download full text (3.7 KiB)

valgrind:

(8449) KSycocaPrivate::openDatabase: Trying to open ksycoca from "/var/tmp/kdecache-remi/ksycoca4"
kfilemodule(8449)/kdecore (services) KMimeTypeFactory::parseMagic: Now parsing "/usr/share/mime/magic"
kfilemodule(8449)/kdecore (services) KMimeTypeFactory::parseMagic: Now parsing "/home/remi/.local/share/mime/magic"
==8449== Thread 1:
==8449== Invalid read of size 4
==8449== at 0x8C14CE6: QDBusAdaptorConnector::relaySlot(void**) (qdbusabstractadaptor.cpp:268)
==8449== by 0x8C15683: QDBusAdaptorConnector::qt_metacall(QMetaObject::Call, int, void**) (qdbusabstractadaptor.cpp:364)
==8449== by 0x72AE7A9: QMetaObject::metacall(QObject*, QMetaObject::Call, int, void**) (qmetaobject.cpp:237)
==8449== by 0x72BD1BA: QMetaObject::activate(QObject*, QMetaObject const*, int, void**) (qobject.cpp:3295)
==8449== by 0x72BD5F2: QObject::destroyed(QObject*) (moc_qobject.cpp:149)
==8449== by 0x72BF9D9: QObject::~QObject() (qobject.cpp:869)
==8449== by 0x7A25FAC: KIO::Scheduler::~Scheduler() (in /usr/lib/libkio.so.5.4.0)
==8449== by 0x7A29B00: ??? (in /usr/lib/libkio.so.5.4.0)
==8449== by 0x795C32A: ??? (in /usr/lib/libkio.so.5.4.0)
==8449== by 0x419007E: __run_exit_handlers (exit.c:78)
==8449== by 0x41900EE: exit (exit.c:100)
==8449== by 0x4177C7D: (below main) (libc-start.c:260)
==8449== Address 0x4 is not stack'd, malloc'd or (recently) free'd
==8449==
==8449==
==8449== Process terminating with default action of signal 11 (SIGSEGV)
==8449== Access not within mapped region at address 0x4
==8449== at 0x8C14CE6: QDBusAdaptorConnector::relaySlot(void**) (qdbusabstractadaptor.cpp:268)
==8449== by 0x8C15683: QDBusAdaptorConnector::qt_metacall(QMetaObject::Call, int, void**) (qdbusabstractadaptor.cpp:364)
==8449== by 0x72AE7A9: QMetaObject::metacall(QObject*, QMetaObject::Call, int, void**) (qmetaobject.cpp:237)
==8449== by 0x72BD1BA: QMetaObject::activate(QObject*, QMetaObject const*, int, void**) (qobject.cpp:3295)
==8449== by 0x72BD5F2: QObject::destroyed(QObject*) (moc_qobject.cpp:149)
==8449== by 0x72BF9D9: QObject::~QObject() (qobject.cpp:869)
==8449== by 0x7A25FAC: KIO::Scheduler::~Scheduler() (in /usr/lib/libkio.so.5.4.0)
==8449== by 0x7A29B00: ??? (in /usr/lib/libkio.so.5.4.0)
==8449== by 0x795C32A: ??? (in /usr/lib/libkio.so.5.4.0)
==8449== by 0x419007E: __run_exit_handlers (exit.c:78)
==8449== by 0x41900EE: exit (exit.c:100)
==8449== by 0x4177C7D: (below main) (libc-start.c:260)
==8449== If you believe this happened as a result of a stack
==8449== overflow in your program's main thread (unlikely but
==8449== possible), you can try to increase the size of the
==8449== main thread stack using the --main-stacksize= flag.
==8449== The main thread stack size used in this run was 8388608.
==8449==
==8449== HEAP SUMMARY:
==8449== in use at exit: 1,559,796 bytes in 25,684 blocks
==8449== total heap usage: 1,313,322 allocs, 1,287,638 frees, 248,976,827 bytes allocated
==8449==
==8449== LEAK SUMMARY:
==8449== definitely lost: 591 bytes in 6 blocks
==8449== indirectly lost: 160 bytes in 12 blocks
==8449== possibly lost: 953,762 bytes in 16,692 blocks
==...

Read more...

I'm trying to reproduce this bug, within a full KDE session and in fluxbox, and so far I can't :/ can you provide more details about your environment?

maybe an "env" output could provide some hints.
Thanks.

I can confirm VLC 1.1.7 crash on exit in KDE 4.6.0
http://nucleo.fedorapeople.org/vlc-1.1.7.gdb

(In reply to comment #8)
I can reproduce crash with this steps:
1. Start vlc.
2. Press Ctrl+O and then Cancel.
3. Close vlc window.

*** Bug 266872 has been marked as a duplicate of this bug. ***

Changed in kdelibs:
importance: Unknown → High

(In reply to comment #0)
> Version: (using KDE 4.4.2)
> Compiler: GCC
> OS: Linux
> Installed from: Ubuntu Packages
>
> The Kfile plugin for Qt4 triggers registration of the destructor for the global
> static KIOScheduler, if the Qt4 open dialog is invoked (from a Qt4 but non-KDE
> application).
>
> This causes a crash at exit, while glibc runs the exit handlers. Apparently,
> ~KIOScheduler tries to use QDBus (which is already deinitialized).

You got that backwards. It is not KIO::Scheduler that attemtps to use QDBus, it is QDBus that attempts to access an already destroyed object which should not happen at all.

Besides the backtraces that show otherwise, if you simply defer the deletion of the scheduler object using "q->deleteLater()" instead "delete q" in ~SchedulerPrivate, you would see that the crash goes away. As such the problem is upstream in QtDBus and friends. So long as a class register itself with QDBus, it will crash when accessed in the same manner as one that happens through VLC.

For those interested in testing the workaround patch for this crash can be found at https://git.reviewboard.kde.org/r/100577.

The reason that workaround is not committed is because Thiago said stated that he wanted to look into the cause of this problem. See http://lists.kde.org/?l=kde-core-devel&m=129693527318658&w=2

Created attachment 58893
workaround patch...

Here is Thiago's response:
http://lists.kde.org/?l=kde-core-devel&m=130268229205730&w=2

Since this is not a KDE issue and I rather avoid committing workarounds for bugs that are not KDE's fault, even when they cause crash, I have attached the workaround patch for those that want to apply it with Qt 4.7 and whatever the recent version of VLC is (v1.1.9 for me).

*** Bug 267962 has been marked as a duplicate of this bug. ***

Rémi Denis-Courmont (rdenis) wrote :

According to KDE upstream (see KDE bug), this bug actually lies in Qt and is silently gone in Qt4.8. I gather there will never be a proper back-ported fix (that is to say from Qt).

affects: kde4libs (Ubuntu) → qt4-x11 (Ubuntu)
Changed in qt4-x11 (Ubuntu):
status: Invalid → New

For other program but with like call QT mechanism I have backtrace for the error:
(gdb) bt
#0 0x00007f927bbd26fb in QDBusAdaptorConnector::relaySlot (this=0x2941280, argv=0x7fffd1abfc40) at qdbusabstractadaptor.cpp:270
#1 0x00007f927bbd2a05 in QDBusAdaptorConnector::qt_metacall (this=0x2941280, _c=QMetaObject::InvokeMetaMethod, _id=<value optimized out>, _a=0x7fffd1abfc40)
    at qdbusabstractadaptor.cpp:366
#2 0x00007f928697947d in QMetaObject::activate (sender=0x29413d0, m=<value optimized out>, local_signal_index=<value optimized out>, argv=0x7fffd1abfc40)
    at kernel/qobject.cpp:3283
#3 0x00007f928697988f in QObject::destroyed (this=<value optimized out>, _t1=0x29413d0) at .moc/release-shared/moc_qobject.cpp:149
#4 0x00007f928697b975 in QObject::~QObject (this=0x29413d0, __in_chrg=<value optimized out>) at kernel/qobject.cpp:843
#5 0x00007f9282037179 in KIO::Scheduler::~Scheduler() () from /usr/lib64/libkio.so.5
#6 0x00007f928203d487 in ?? () from /usr/lib64/libkio.so.5
#7 0x00007f9282039979 in ?? () from /usr/lib64/libkio.so.5
#8 0x00007f928ca4d221 in __run_exit_handlers (status=10, listp=0x7f928cd7b4a8, run_list_atexit=true) at exit.c:78
#9 0x00007f928ca4d275 in exit (status=43258496) at exit.c:100
#10 0x00007f928ca36c64 in __libc_start_main (main=0x4010c0 <main(int, char**, char**)>, argc=2, ubp_av=0x7fffd1abfe98, init=<value optimized out>,
    fini=<value optimized out>, rtld_fini=<value optimized out>, stack_end=0x7fffd1abfe88) at libc-start.c:258
#11 0x0000000000400ff9 in _start () at ../sysdeps/x86_64/elf/start.S:113

From the bt I see what:
- QT call (QFileDialog::getSaveFileName()) to KDE4 the file name select plugin through qOverride mechanism where been create KIO::Scheduler::Scheduler() object.
- Next, on finish, QT objects have been full free by delete QApplication().
- Next, QT-module of the program have been unlinked by dlclose().
- And after all that we have crash on freeing try for IO::Scheduler::Scheduler() which should be removed together with all QT infrastructure freeing by QApplication() delete.

Who must be remove KIO::Scheduler::Scheduler()?

P.S. And other bug. KDE4 override file dialog, from QFileDialog::getSaveFileName(), have not been localized and the warning have place on start:
KGlobal::locale::Warning your global KLocale is being recreated with a valid
main component instead of a fake component, this usually means you tried to
call i18n related functions before your main component was created. You should
not do that since it most likely will not work

At that time QColorDialog KDE4 override dialog work fine and full localized!

(In reply to comment #15)
> For other program but with like call QT mechanism I have backtrace for the
> error:
> (gdb) bt
> #0 0x00007f927bbd26fb in QDBusAdaptorConnector::relaySlot (this=0x2941280,
> argv=0x7fffd1abfc40) at qdbusabstractadaptor.cpp:270
> #1 0x00007f927bbd2a05 in QDBusAdaptorConnector::qt_metacall (this=0x2941280,
> _c=QMetaObject::InvokeMetaMethod, _id=<value optimized out>, _a=0x7fffd1abfc40)
> at qdbusabstractadaptor.cpp:366
> #2 0x00007f928697947d in QMetaObject::activate (sender=0x29413d0, m=<value
> optimized out>, local_signal_index=<value optimized out>, argv=0x7fffd1abfc40)
> at kernel/qobject.cpp:3283
> #3 0x00007f928697988f in QObject::destroyed (this=<value optimized out>,
> _t1=0x29413d0) at .moc/release-shared/moc_qobject.cpp:149
> #4 0x00007f928697b975 in QObject::~QObject (this=0x29413d0, __in_chrg=<value
> optimized out>) at kernel/qobject.cpp:843
> #5 0x00007f9282037179 in KIO::Scheduler::~Scheduler() () from
> /usr/lib64/libkio.so.5
> #6 0x00007f928203d487 in ?? () from /usr/lib64/libkio.so.5
> #7 0x00007f9282039979 in ?? () from /usr/lib64/libkio.so.5
> #8 0x00007f928ca4d221 in __run_exit_handlers (status=10, listp=0x7f928cd7b4a8,
> run_list_atexit=true) at exit.c:78
> #9 0x00007f928ca4d275 in exit (status=43258496) at exit.c:100
> #10 0x00007f928ca36c64 in __libc_start_main (main=0x4010c0 <main(int, char**,
> char**)>, argc=2, ubp_av=0x7fffd1abfe98, init=<value optimized out>,
> fini=<value optimized out>, rtld_fini=<value optimized out>,
> stack_end=0x7fffd1abfe88) at libc-start.c:258
> #11 0x0000000000400ff9 in _start () at ../sysdeps/x86_64/elf/start.S:113
>
> From the bt I see what:
> - QT call (QFileDialog::getSaveFileName()) to KDE4 the file name select plugin
> through qOverride mechanism where been create KIO::Scheduler::Scheduler()
> object.
> - Next, on finish, QT objects have been full free by delete QApplication().
> - Next, QT-module of the program have been unlinked by dlclose().
> - And after all that we have crash on freeing try for
> IO::Scheduler::Scheduler() which should be removed together with all QT
> infrastructure freeing by QApplication() delete.
>
> Who must be remove KIO::Scheduler::Scheduler()?

I have no idea how you see any of that from the back trace snippet you posted, but as it has already been stated the original issue reported here is not a KDE bug. See comments #12 and #13 ; especially the link given in comment 13.

> P.S. And other bug. KDE4 override file dialog, from
> QFileDialog::getSaveFileName(), have not been localized and the warning have
> place on start:
> KGlobal::locale::Warning your global KLocale is being recreated with a valid
> main component instead of a fake component, this usually means you tried to
> call i18n related functions before your main component was created. You should
> not do that since it most likely will not work

Please do not mix unrelated bug reports. You are free to open another ticket for this issue if one already does not exist for it.

*** Bug 279013 has been marked as a duplicate of this bug. ***

description: updated

*** This bug has been confirmed by popular vote. ***

Hi all,

I reported this bug here and here:

* https://bugs.mageia.org/show_bug.cgi?id=1968

* https://trac.videolan.org/vlc/ticket/5148#comment:1

Was it reported to the Qt developers?

Regards,

-- Shlomi Fish

A possible similiar issue has been reported to the Qt developers, which also cores at "QDBusAdaptorConnector::relaySlot" as a result of a cross-thread delete of QDBusAbstractAdaptor. See the stacktrace.log at the bugreport: https://bugreports.qt.nokia.com/browse/QTBUG-18205

Might be the same issue.

I don't think it's the same issue, even though the stack traces end in the same function. The root causes for the problems are different.

And QTBUG-18205 is invalid because of an earlier error in the application: you cannot delete an object from outside its thread.

Changed in kdelibs:
status: New → Confirmed
Changed in qt4-x11 (Ubuntu):
status: New → Confirmed
Changed in kdelibs:
status: Confirmed → Won't Fix
Maarten Bezemer (veger) wrote :

It sems to be fixed for Kubuntu 11.10.
VLC does not crash anymore after using the dialog and exiting the application.

Rémi Denis-Courmont (rdenis) wrote :

Still crashing the exact same way in Kubuntu 11.10:

Program received signal SIGSEGV, Segmentation fault.
0x00007fffeae7bbdb in ?? () from /usr/lib/x86_64-linux-gnu/libQtDBus.so.4
(gdb) bt
#0 0x00007fffeae7bbdb in ?? () from /usr/lib/x86_64-linux-gnu/libQtDBus.so.4
#1 0x00007fffeae7bf75 in ?? () from /usr/lib/x86_64-linux-gnu/libQtDBus.so.4
#2 0x00007ffff0c18eba in QMetaObject::activate(QObject*, QMetaObject const*, int, void**) () from /usr/lib/x86_64-linux-gnu/libQtCore.so.4
#3 0x00007ffff0c1936f in QObject::destroyed(QObject*) ()
   from /usr/lib/x86_64-linux-gnu/libQtCore.so.4
#4 0x00007ffff0c1cef7 in QObject::~QObject() ()
   from /usr/lib/x86_64-linux-gnu/libQtCore.so.4
#5 0x00007fffed17c8b9 in KIO::Scheduler::~Scheduler() ()
   from /usr/lib/libkio.so.5
#6 0x00007fffed18772b in ?? () from /usr/lib/libkio.so.5
#7 0x00007fffed180067 in ?? () from /usr/lib/libkio.so.5
#8 0x00007ffff7154821 in __run_exit_handlers (status=0, listp=0x7ffff74b15a8,
    run_list_atexit=true) at exit.c:78
#9 0x00007ffff71548a5 in __GI_exit (status=<optimized out>) at exit.c:100
#10 0x00007ffff713a314 in __libc_start_main (main=0x400f60 <main>, argc=1,
    ubp_av=0x7fffffffe0c8, init=<optimized out>, fini=<optimized out>,
    rtld_fini=<optimized out>, stack_end=0x7fffffffe0b8) at libc-start.c:258
#11 0x000000000040169d in _start ()

Maarten Bezemer (veger) wrote :

Weird, for me it works... Anything I can provide to find the differences between our installations?

Mine was a clean (not update) installation from live CD and I enabled ppa:kubuntu-ppa/ppa for receiving the latest kubuntu/kde updates

Rémi Denis-Courmont (rdenis) wrote :

Your PPA are probably the difference. I just have plain Kubuntu with official updates and backports.

For me, my config was created with Kubuntu Oneiric alpha 1 and updated
dayly. I dont use ppa repository.

If it helps ...

Regards.

Le 05/12/2011 11:26, Maarten Bezemer a écrit :
> Weird, for me it works... Anything I can provide to find the differences
> between our installations?
>
> Mine was a clean (not update) installation from live CD and I enabled
> ppa:kubuntu-ppa/ppa for receiving the latest kubuntu/kde updates
>

So the ppa contains the updated QT? It would be nice if someone could add the PPA and see if it indeed fixes to problem, so the bug status can be updated.

Using VLC 1.1.12 on KDE 4.8rc1 with Qt 4.8.0, I can still reproduce the crash with the steps provided in comment #10, so it either is still not fixed in Qt 4.8, or the fix did not affect KDE.

Is there a link to an open Qt bug?

Program received signal SIGSEGV, Segmentation fault.
0xaec68807 in QDBusAdaptorConnector::relaySlot (this=0x8473160, argv=0xbfffef58) at /local/git/Qt/frameworks/qt/src/dbus/qdbusabstractadaptor.cpp:270
270 relay(d->currentSender->sender, d->currentSender->signal, argv);

(gdb) bt
#0 0xaec68807 in QDBusAdaptorConnector::relaySlot (this=0x8473160, argv=0xbfffef58) at /local/git/Qt/frameworks/qt/src/dbus/qdbusabstractadaptor.cpp:270
#1 0xaec68b27 in QDBusAdaptorConnector::qt_metacall (this=0x8473160, _c=QMetaObject::InvokeMetaMethod, _id=0, _a=0xbfffef58) at /local/git/Qt/frameworks/qt/src/dbus/qdbusabstractadaptor.cpp:366
#2 0xb3794926 in QMetaObject::metacall (object=0x8473160, cl=QMetaObject::InvokeMetaMethod, idx=4, argv=0xbfffef58) at /local/git/Qt/frameworks/qt/src/corelib/kernel/qmetaobject.cpp:245
#3 0xb37a8720 in QMetaObject::activate (sender=0x8473148, m=0xb3937cc4, local_signal_index=0, argv=0xbfffef58) at /local/git/Qt/frameworks/qt/src/corelib/kernel/qobject.cpp:3566
#4 0xb37a9fc8 in QObject::destroyed (this=0x8473148, _t1=0x8473148) at .moc/debug-shared/moc_qobject.cpp:149
#5 0xb37a33d1 in QObject::~QObject (this=0x8473148, __in_chrg=<optimized out>) at /local/git/Qt/frameworks/qt/src/corelib/kernel/qobject.cpp:844
#6 0xaf82cc5d in KIO::Scheduler::~Scheduler (this=0x8473148, __in_chrg=<optimized out>) at /local/git/KDE/libs/kdelibs/kio/kio/scheduler.cpp:777
#7 0xaf82cc97 in KIO::Scheduler::~Scheduler (this=0x8473148, __in_chrg=<optimized out>) at /local/git/KDE/libs/kdelibs/kio/kio/scheduler.cpp:779
#8 0xaf831583 in KIO::SchedulerPrivate::~SchedulerPrivate (this=0x84730a8, __in_chrg=<optimized out>) at /local/git/KDE/libs/kdelibs/kio/kio/scheduler.cpp:667
#9 0xaf82c956 in destroy () at /local/git/KDE/libs/kdelibs/kio/kio/scheduler.cpp:736
#10 0xaf781c5d in KCleanUpGlobalStatic::~KCleanUpGlobalStatic (this=0xaf9aac94, __in_chrg=<optimized out>) at /local/git/KDE/libs/kdelibs/kdecore/kernel/kglobal.h:62
#11 0xb7d48931 in __run_exit_handlers (status=0, listp=0xb7e80304, run_list_atexit=true) at exit.c:78
#12 0xb7d489bd in __GI_exit (status=0) at exit.c:100
#13 0xb7d3100b in __libc_start_main (main=0x8048ca0, argc=1, ubp_av=0xbffff194, init=0x80499c0, fini=0x8049a30, rtld_fini=0xb7fedca0 <_dl_fini>, stack_end=0xbffff18c) at libc-start.c:258
#14 0x080493cd in ?? ()
Backtrace stopped: Not enough registers or memory available to unwind further

Download full text (3.3 KiB)

(In reply to comment #23)
> Using VLC 1.1.12 on KDE 4.8rc1 with Qt 4.8.0, I can still reproduce the crash
> with the steps provided in comment #10, so it either is still not fixed in Qt
> 4.8, or the fix did not affect KDE.
>
> Is there a link to an open Qt bug?

Nope, but there is always the workaround patch I provided in comment #12 that defers the deletion of all static objects that register themselves with QDBusConnection.

It fixes the problem, but it does not really address the question why QDBusConnection attempts to access an already deleted object. Perhaps this is the result of the fact that all these objects that cause such crashes are static objects ? Anyways, unregistering the object from the QDBusConnection before deletion does not help either ; so the issue remains an upstream issue until someone can show otherwise.

> Program received signal SIGSEGV, Segmentation fault.
> 0xaec68807 in QDBusAdaptorConnector::relaySlot (this=0x8473160,
> argv=0xbfffef58) at
> /local/git/Qt/frameworks/qt/src/dbus/qdbusabstractadaptor.cpp:270
> 270 relay(d->currentSender->sender, d->currentSender->signal, argv);
>
> (gdb) bt
> #0 0xaec68807 in QDBusAdaptorConnector::relaySlot (this=0x8473160,
> argv=0xbfffef58) at
> /local/git/Qt/frameworks/qt/src/dbus/qdbusabstractadaptor.cpp:270
> #1 0xaec68b27 in QDBusAdaptorConnector::qt_metacall (this=0x8473160,
> _c=QMetaObject::InvokeMetaMethod, _id=0, _a=0xbfffef58) at
> /local/git/Qt/frameworks/qt/src/dbus/qdbusabstractadaptor.cpp:366
> #2 0xb3794926 in QMetaObject::metacall (object=0x8473160,
> cl=QMetaObject::InvokeMetaMethod, idx=4, argv=0xbfffef58) at
> /local/git/Qt/frameworks/qt/src/corelib/kernel/qmetaobject.cpp:245
> #3 0xb37a8720 in QMetaObject::activate (sender=0x8473148, m=0xb3937cc4,
> local_signal_index=0, argv=0xbfffef58) at
> /local/git/Qt/frameworks/qt/src/corelib/kernel/qobject.cpp:3566
> #4 0xb37a9fc8 in QObject::destroyed (this=0x8473148, _t1=0x8473148) at
> .moc/debug-shared/moc_qobject.cpp:149
> #5 0xb37a33d1 in QObject::~QObject (this=0x8473148, __in_chrg=<optimized out>)
> at /local/git/Qt/frameworks/qt/src/corelib/kernel/qobject.cpp:844
> #6 0xaf82cc5d in KIO::Scheduler::~Scheduler (this=0x8473148,
> __in_chrg=<optimized out>) at
> /local/git/KDE/libs/kdelibs/kio/kio/scheduler.cpp:777
> #7 0xaf82cc97 in KIO::Scheduler::~Scheduler (this=0x8473148,
> __in_chrg=<optimized out>) at
> /local/git/KDE/libs/kdelibs/kio/kio/scheduler.cpp:779
> #8 0xaf831583 in KIO::SchedulerPrivate::~SchedulerPrivate (this=0x84730a8,
> __in_chrg=<optimized out>) at
> /local/git/KDE/libs/kdelibs/kio/kio/scheduler.cpp:667
> #9 0xaf82c956 in destroy () at
> /local/git/KDE/libs/kdelibs/kio/kio/scheduler.cpp:736
> #10 0xaf781c5d in KCleanUpGlobalStatic::~KCleanUpGlobalStatic (this=0xaf9aac94,
> __in_chrg=<optimized out>) at
> /local/git/KDE/libs/kdelibs/kdecore/kernel/kglobal.h:62
> #11 0xb7d48931 in __run_exit_handlers (status=0, listp=0xb7e80304,
> run_list_atexit=true) at exit.c:78
> #12 0xb7d489bd in __GI_exit (status=0) at exit.c:100
> #13 0xb7d3100b in __libc_start_main (main=0x8048ca0, argc=1, ubp_av=0xbffff194,
> init=0x80499c0, fini=0x8049a30, rtld_fini=0xb7fedca0 <_dl_fini>,
> stac...

Read more...

Created attachment 68440
Valgrind trace with Qt 4.8 with full debugging information

The interesting part before the crash is

==26284== Thread 1:
==26284== Invalid read of size 4
==26284== at 0x4BB781DD: QDBusAdaptorConnector::relaySlot(void**) (qdbusabstractadaptor.cpp:270)
==26284== by 0x4BB7854B: QDBusAdaptorConnector::qt_metacall(QMetaObject::Call, int, void**) (qdbusabstractadaptor.cpp:366)
==26284== by 0x1BE98052: QMetaObject::metacall(QObject*, QMetaObject::Call, int, void**) (qmetaobject.cpp:245)
==26284== by 0x1BEAE402: QMetaObject::activate(QObject*, QMetaObject const*, int, void**) (qobject.cpp:3566)
==26284== by 0x1BEAFF46: QObject::destroyed(QObject*) (moc_qobject.cpp:149)
==26284== by 0x1BEA843D: QObject::~QObject() (qobject.cpp:844)
==26284== by 0x4A603DCB: KIO::Scheduler::~Scheduler() (scheduler.cpp:777)
==26284== by 0x4A603DFD: KIO::Scheduler::~Scheduler() (scheduler.cpp:779)
==26284== by 0x4A608A86: KIO::SchedulerPrivate::~SchedulerPrivate() (scheduler.cpp:667)
==26284== by 0x4A603AD9: ._229::destroy() (scheduler.cpp:736)
==26284== by 0x4A54C320: KCleanUpGlobalStatic::~KCleanUpGlobalStatic() (kglobal.h:62)
==26284== by 0x57895A0: __run_exit_handlers (in /lib64/libc-2.11.3.so)
==26284== Address 0x8 is not stack'd, malloc'd or (recently) free'd
==26284==
==26284==
==26284== Process terminating with default action of signal 11 (SIGSEGV)
==26284== Access not within mapped region at address 0x8
==26284== at 0x4BB781DD: QDBusAdaptorConnector::relaySlot(void**) (qdbusabstractadaptor.cpp:270)
==26284== by 0x4BB7854B: QDBusAdaptorConnector::qt_metacall(QMetaObject::Call, int, void**) (qdbusabstractadaptor.cpp:366)
==26284== by 0x1BE98052: QMetaObject::metacall(QObject*, QMetaObject::Call, int, void**) (qmetaobject.cpp:245)
==26284== by 0x1BEAE402: QMetaObject::activate(QObject*, QMetaObject const*, int, void**) (qobject.cpp:3566)
==26284== by 0x1BEAFF46: QObject::destroyed(QObject*) (moc_qobject.cpp:149)
==26284== by 0x1BEA843D: QObject::~QObject() (qobject.cpp:844)
==26284== by 0x4A603DCB: KIO::Scheduler::~Scheduler() (scheduler.cpp:777)
==26284== by 0x4A603DFD: KIO::Scheduler::~Scheduler() (scheduler.cpp:779)
==26284== by 0x4A608A86: KIO::SchedulerPrivate::~SchedulerPrivate() (scheduler.cpp:667)
==26284== by 0x4A603AD9: ._229::destroy() (scheduler.cpp:736)
==26284== by 0x4A54C320: KCleanUpGlobalStatic::~KCleanUpGlobalStatic() (kglobal.h:62)
==26284== by 0x57895A0: __run_exit_handlers (in /lib64/libc-2.11.3.so)

*** Bug 270164 has been marked as a duplicate of this bug. ***

tags: added: precise

*** Bug 281716 has been marked as a duplicate of this bug. ***

summary: - KIO scheduler crashes at exit if VLC file open dialog is used
+ QtDbus: KIO scheduler exit handler crashes VLC

*** Bug 307514 has been marked as a duplicate of this bug. ***

Rémi Denis-Courmont (rdenis) wrote :

Reported upstream as http://bugreports.qt-project.org/browse/QTBUG-31932
Launchpad does not recognize Qt bug tracker URLs...

It seems, the problem is still not resolved upstream. I observe Vlc 2.1.3 crash on exit with very similar symptoms each time.

Backtrace:
#0 0x00007fffdb1920bb in QDBusAdaptorConnector::relaySlot () from /usr/lib64/libQtDBus.so.4
#1 0x00007fffdb192435 in QDBusAdaptorConnector::qt_metacall () from /usr/lib64/libQtDBus.so.4
#2 0x00007fffed403df2 in QMetaObject::activate () from /usr/lib64/libQtCore.so.4
#3 0x00007fffed40469f in QObject::destroyed () from /usr/lib64/libQtCore.so.4
#4 0x00007fffed4049b3 in QObject::~QObject () from /usr/lib64/libQtCore.so.4
#5 0x00007fffdd4aa309 in KIO::Scheduler::~Scheduler() () from /usr/lib64/libkio.so.5
#6 0x00007fffdd4b5e3b in ?? () from /usr/lib64/libkio.so.5
#7 0x00007fffdd4b0a77 in ?? () from /usr/lib64/libkio.so.5
#8 0x00007ffff387add1 in __run_exit_handlers (status=0, listp=0x7ffff3bf4688, run_list_atexit=<optimized out>) at exit.c:78
#9 0x00007ffff387ae55 in __GI_exit (status=<optimized out>) at exit.c:100
#10 0x00007ffff386374c in __libc_start_main (main=0x401836 <main>, argc=1, ubp_av=0x7fffffffdb88, init=<optimized out>,
    fini=<optimized out>, rtld_fini=<optimized out>, stack_end=0x7fffffffdb78) at libc-start.c:258
#11 0x00000000004015bd in _start () at ../sysdeps/x86_64/elf/start.S:113

OS: ROSA Fresh x64
Qt: 4.8.5
KDE: 4.12.3

Changed in kde4libs (Debian):
status: Confirmed → Fix Released
Rémi Denis-Courmont (rdenis) wrote :

Fixed in Qt 4.8.6 according to upstream bug.

Changed in qt:
status: New → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.