Bug 156610 - camera:/ URL crashes konqueror and dolphin
Summary: camera:/ URL crashes konqueror and dolphin
Status: RESOLVED DUPLICATE of bug 154173
Alias: None
Product: kde
Classification: I don't know
Component: general (show other bugs)
Version: unspecified
Platform: openSUSE Linux
: NOR crash
Target Milestone: ---
Assignee: Unassigned bugs mailing-list
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2008-01-24 23:12 UTC by Szabolcs Illes
Modified: 2008-05-15 04:10 UTC (History)
1 user (show)

See Also:
Latest Commit:
Version Fixed In:
Sentry Crash Report:

Attachments
backtrace (2.92 KB, text/plain)
2008-01-24 23:13 UTC, Szabolcs Illes 		Details
View All Add an attachment

Note You need to log in before you can comment on or make changes to this bug.
Description Szabolcs Illes 2008-01-24 23:12:31 UTC 
Version:            (using KDE 4.0.0)
Installed from:    SuSE RPMs

Tried to access my digital camera (350d) using camera:/ URL but it crashed konqueror

Step(s) to reproduce:
1. Just open konq. or dolphin and type camera:/

it does not matter if the camera is on or off, same crash.
Comment 1 Szabolcs Illes 2008-01-24 23:13:20 UTC 
Created attachment 23258 [details]
backtrace
Comment 2 Oliver Putz 2008-01-25 04:54:31 UTC 
I can reproduce this crash. However, in order to make it work, I need to add my camera. (I used digikam, but I guess using the backend directly works too). If I do not do that, konqueror and dolphin do not crash. If I add the camera, they crash regardless if the camera is even connected to the computer. I'll attach a GDB backtrace and Valgrind of konqueror during the crash.

GDB backtrace (konqueror):
Starting program: /usr/kde/svn/bin/konqueror 
[Thread debugging using libthread_db enabled]
[New Thread 0xb6427a10 (LWP 6823)]
[New Thread 0xb3396b90 (LWP 6857)]
[Thread 0xb3396b90 (LWP 6857) exited]
[New Thread 0xb3396b90 (LWP 6858)]
[Thread 0xb3396b90 (LWP 6858) exited]
[New Thread 0xb3396b90 (LWP 6859)]
[Thread 0xb3396b90 (LWP 6859) exited]
[New Thread 0xb3396b90 (LWP 6860)]
[Thread 0xb3396b90 (LWP 6860) exited]
[New Thread 0xb3396b90 (LWP 6861)]
[Thread 0xb3396b90 (LWP 6861) exited]
[New Thread 0xb3396b90 (LWP 6862)]
[Thread 0xb3396b90 (LWP 6862) exited]

Program received signal SIGABRT, Aborted.
[Switching to Thread 0xb6427a10 (LWP 6823)]
0xffffe410 in __kernel_vsyscall ()
#0  0xffffe410 in __kernel_vsyscall ()
#1  0xb66491f1 in *__GI_raise (sig=6) at ../nptl/sysdeps/unix/sysv/linux/raise.c:64
#2  0xb664a9b8 in *__GI_abort () at abort.c:88
#3  0xb7255265 in qt_message_output (msgType=QtFatalMsg, 
    buf=0xbf92e12c "ASSERT: \"result.second\" in file /var/tmp/portage/kde-base/kdelibs-9999.4/work/kdelibs-9999.4/kio/kio/kdirmodel.cpp, line 304") at global/qglobal.cpp:2160
#4  0xb725532a in qFatal (msg=0xb735c87c "ASSERT: \"%s\" in file %s, line %d") at global/qglobal.cpp:2392
#5  0xb7255555 in qt_assert (assertion=0xb7e42b8c "result.second", 
    file=0xb7e42870 "/var/tmp/portage/kde-base/kdelibs-9999.4/work/kdelibs-9999.4/kio/kio/kdirmodel.cpp", line=304)
    at global/qglobal.cpp:1917
#6  0xb7d27f49 in KDirModelPrivate::_k_slotNewItems (this=0x8434e10, items=@0x82588c8)
    at /var/tmp/portage/kde-base/kdelibs-9999.4/work/kdelibs-9999.4/kio/kio/kdirmodel.cpp:304
#7  0xb7d286d0 in KDirModel::qt_metacall (this=0x842d308, _c=QMetaObject::InvokeMetaMethod, _id=1, _a=0xbf93079c)
    at /var/tmp/portage/kde-base/kdelibs-9999.4/work/kdelibs_build/kio/kdirmodel.moc:75
#8  0xb733b1f4 in QMetaObject::activate (sender=0x84412d0, from_signal_index=13, to_signal_index=13, 
    argv=<value optimized out>) at kernel/qobject.cpp:3081
#9  0xb733bd94 in QMetaObject::activate (sender=0x84412d0, m=0xb7e613bc, local_signal_index=9, argv=0xbf93079c)
    at kernel/qobject.cpp:3140
#10 0xb7d10264 in KDirLister::newItems (this=0x84412d0, _t1=@0x82588c8)
    at /var/tmp/portage/kde-base/kdelibs-9999.4/work/kdelibs_build/kio/kdirlister.moc:252
#11 0xb7d1088a in KDirLister::Private::emitItems (this=0x8441068)
    at /var/tmp/portage/kde-base/kdelibs-9999.4/work/kdelibs-9999.4/kio/kio/kdirlister.cpp:2184
#12 0xb7d1553f in KDirListerCache::slotEntries (this=0x842f770, job=0x8248fb0, entries=@0xbf9314e0)
    at /var/tmp/portage/kde-base/kdelibs-9999.4/work/kdelibs-9999.4/kio/kio/kdirlister.cpp:961
#13 0xb7d1afd4 in KDirListerCache::qt_metacall (this=0x842f770, _c=QMetaObject::InvokeMetaMethod, _id=11, _a=0xbf930e08)
    at /var/tmp/portage/kde-base/kdelibs-9999.4/work/kdelibs_build/kio/kdirlister_p.moc:96
#14 0xb733b1f4 in QMetaObject::activate (sender=0x8248fb0, from_signal_index=40, to_signal_index=40, 
    argv=<value optimized out>) at kernel/qobject.cpp:3081
#15 0xb733bd94 in QMetaObject::activate (sender=0x8248fb0, m=0xb7e60720, local_signal_index=0, argv=0xbf930e08)
    at kernel/qobject.cpp:3140
#16 0xb7cedd87 in KIO::ListJob::entries (this=0x8248fb0, _t1=0x8248fb0, _t2=@0xbf9314e0)
    at /var/tmp/portage/kde-base/kdelibs-9999.4/work/kdelibs_build/kio/jobclasses.moc:762
#17 0xb7cf7456 in KIO::ListJobPrivate::slotListEntries (this=0x8363d78, list=@0xbf9314e0)
    at /var/tmp/portage/kde-base/kdelibs-9999.4/work/kdelibs-9999.4/kio/kio/job.cpp:2283
#18 0xb7cf775b in KIO::ListJob::qt_metacall (this=0x8248fb0, _c=QMetaObject::InvokeMetaMethod, _id=6, _a=0xbf9313bc)
    at /var/tmp/portage/kde-base/kdelibs-9999.4/work/kdelibs_build/kio/jobclasses.moc:749
#19 0xb733b1f4 in QMetaObject::activate (sender=0x8294f60, from_signal_index=10, to_signal_index=10, 
    argv=<value optimized out>) at kernel/qobject.cpp:3081
#20 0xb733bd94 in QMetaObject::activate (sender=0x8294f60, m=0xb7e63024, local_signal_index=6, argv=0xbf9313bc)
    at kernel/qobject.cpp:3140
#21 0xb7d9a694 in KIO::SlaveInterface::listEntries (this=0x8294f60, _t1=@0xbf9314e0)
    at /var/tmp/portage/kde-base/kdelibs-9999.4/work/kdelibs_build/kio/slaveinterface.moc:174
#22 0xb7d9c3df in KIO::SlaveInterface::dispatch (this=0x8294f60, _cmd=106, rawdata=@0xbf931554)
    at /var/tmp/portage/kde-base/kdelibs-9999.4/work/kdelibs-9999.4/kio/kio/slaveinterface.cpp:196
#23 0xb7d9cf66 in KIO::SlaveInterface::dispatch (this=0x8294f60)
    at /var/tmp/portage/kde-base/kdelibs-9999.4/work/kdelibs-9999.4/kio/kio/slaveinterface.cpp:90
#24 0xb7d8f637 in KIO::Slave::gotInput (this=0x8294f60)
    at /var/tmp/portage/kde-base/kdelibs-9999.4/work/kdelibs-9999.4/kio/kio/slave.cpp:318
#25 0xb7d90b8d in KIO::Slave::qt_metacall (this=0x8294f60, _c=QMetaObject::InvokeMetaMethod, _id=2, _a=0xbf931a74)
    at /var/tmp/portage/kde-base/kdelibs-9999.4/work/kdelibs_build/kio/slave.moc:74
#26 0xb733b1f4 in QMetaObject::activate (sender=0x839ab60, from_signal_index=4, to_signal_index=4, 
    argv=<value optimized out>) at kernel/qobject.cpp:3081
#27 0xb733bd94 in QMetaObject::activate (sender=0x839ab60, m=0xb7e5ff20, local_signal_index=0, argv=0x0)
    at kernel/qobject.cpp:3140
#28 0xb7cca953 in KIO::Connection::readyRead (this=0x839ab60)
    at /var/tmp/portage/kde-base/kdelibs-9999.4/work/kdelibs_build/kio/connection.moc:83
#29 0xb7ccb7d6 in KIO::ConnectionPrivate::dequeue (this=0x839eef8)
    at /var/tmp/portage/kde-base/kdelibs-9999.4/work/kdelibs-9999.4/kio/kio/connection.cpp:82
#30 0xb7ccc585 in KIO::Connection::qt_metacall (this=0x839ab60, _c=QMetaObject::InvokeMetaMethod, _id=1, _a=0x8283780)
    at /var/tmp/portage/kde-base/kdelibs-9999.4/work/kdelibs_build/kio/connection.moc:71
#31 0xb73362f9 in QMetaCallEvent::placeMetaCall (this=0x828d678, object=0x839ab60) at kernel/qobject.cpp:536
#32 0xb7339017 in QObject::event (this=0x839ab60, e=0x1aa7) at kernel/qobject.cpp:1122
#33 0xb69c8e8a in QApplicationPrivate::notify_helper (this=0x80587c8, receiver=0x839ab60, e=0x828d678)
    at kernel/qapplication.cpp:3556
#34 0xb69ca77a in QApplication::notify (this=0xbf9323b8, receiver=0x839ab60, e=0x828d678) at kernel/qapplication.cpp:3115
#35 0xb7906083 in KApplication::notify (this=0xbf9323b8, receiver=0x839ab60, event=0x828d678)
    at /var/tmp/portage/kde-base/kdelibs-9999.4/work/kdelibs-9999.4/kdeui/kernel/kapplication.cpp:314
#36 0xb7327d7b in QCoreApplication::notifyInternal (this=0xbf9323b8, receiver=0x839ab60, event=0x828d678)
    at kernel/qcoreapplication.cpp:530
#37 0xb732921a in QCoreApplicationPrivate::sendPostedEvents (receiver=0x0, event_type=0, data=0x804ce50)
    at kernel/qcoreapplication.h:200
#38 0xb732956d in QCoreApplication::sendPostedEvents (receiver=0x0, event_type=0) at kernel/qcoreapplication.cpp:1001
#39 0xb6a52aee in QEventDispatcherX11::processEvents (this=0x8057f48, flags=@0xbf932174)
    at ../../include/QtCore/../../src/corelib/kernel/qcoreapplication.h:205
#40 0xb7327191 in QEventLoop::processEvents (this=0xbf9321e0, flags=@0xbf9321a8) at kernel/qeventloop.cpp:140
#41 0xb732729a in QEventLoop::exec (this=0xbf9321e0, flags=@0xbf9321e8) at kernel/qeventloop.cpp:186
#42 0xb7329626 in QCoreApplication::exec () at kernel/qcoreapplication.cpp:759
#43 0xb69c8487 in QApplication::exec () at kernel/qapplication.cpp:3053
#44 0xb7f9a3bf in kdemain (argc=1, argv=0xbf9326b4)
    at /var/tmp/portage/kde-base/kdebase-9999.4/work/kdebase-9999.4/apps/konqueror/src/konqmain.cpp:218
#45 0x080487e2 in main (argc=Cannot access memory at address 0x1aa7
) at /var/tmp/portage/kde-base/kdebase-9999.4/work/kdebase_build/apps/konqueror/src/konqueror_dummy.cpp:3
#46 0xb6635fdc in __libc_start_main (main=0x80487c0 <main>, argc=1, ubp_av=0xbf9326b4, init=0x8048810 <__libc_csu_init>, 
    fini=0x8048800 <__libc_csu_fini>, rtld_fini=0xb7fbd100 <_dl_fini>, stack_end=0xbf9326ac) at libc-start.c:229
#47 0x08048731 in _start ()


Valgrind log (konqueror):

==6918== Memcheck, a memory error detector.
==6918== Copyright (C) 2002-2007, and GNU GPL'd, by Julian Seward et al.
==6918== Using LibVEX rev 1732, a library for dynamic binary translation.
==6918== Copyright (C) 2004-2007, and GNU GPL'd, by OpenWorks LLP.
==6918== Using valgrind-3.2.3, a dynamic binary instrumentation framework.
==6918== Copyright (C) 2000-2007, and GNU GPL'd, by Julian Seward et al.
==6918== For more details, rerun with: -v
==6918== 
==6918== My PID = 6918, parent PID = 5862.  Prog and args are:
==6918==    konqueror
==6918== 
==6918== Conditional jump or move depends on uninitialised value(s)
==6918==    at 0x400A9B5: _dl_relocate_object (do-rel.h:65)
==6918==    by 0x400454C: dl_main (rtld.c:2214)
==6918==    by 0x4013C45: _dl_sysdep_start (dl-sysdep.c:239)
==6918==    by 0x400124E: _dl_start (rtld.c:327)
==6918==    by 0x40008A6: (within /lib/ld-2.6.1.so)
==6918== 
==6918== Conditional jump or move depends on uninitialised value(s)
==6918==    at 0x400A9BD: _dl_relocate_object (do-rel.h:68)
==6918==    by 0x400454C: dl_main (rtld.c:2214)
==6918==    by 0x4013C45: _dl_sysdep_start (dl-sysdep.c:239)
==6918==    by 0x400124E: _dl_start (rtld.c:327)
==6918==    by 0x40008A6: (within /lib/ld-2.6.1.so)
==6918== 
==6918== Conditional jump or move depends on uninitialised value(s)
==6918==    at 0x400B053: _dl_relocate_object (do-rel.h:104)
==6918==    by 0x400454C: dl_main (rtld.c:2214)
==6918==    by 0x4013C45: _dl_sysdep_start (dl-sysdep.c:239)
==6918==    by 0x400124E: _dl_start (rtld.c:327)
==6918==    by 0x40008A6: (within /lib/ld-2.6.1.so)
==6918== 
==6918== Conditional jump or move depends on uninitialised value(s)
==6918==    at 0x400AAF3: _dl_relocate_object (do-rel.h:117)
==6918==    by 0x400454C: dl_main (rtld.c:2214)
==6918==    by 0x4013C45: _dl_sysdep_start (dl-sysdep.c:239)
==6918==    by 0x400124E: _dl_start (rtld.c:327)
==6918==    by 0x40008A6: (within /lib/ld-2.6.1.so)
==6918== 
==6918== Conditional jump or move depends on uninitialised value(s)
==6918==    at 0x400A9B5: _dl_relocate_object (do-rel.h:65)
==6918==    by 0x4004169: dl_main (rtld.c:2284)
==6918==    by 0x4013C45: _dl_sysdep_start (dl-sysdep.c:239)
==6918==    by 0x400124E: _dl_start (rtld.c:327)
==6918==    by 0x40008A6: (within /lib/ld-2.6.1.so)
==6918== 
==6918== Conditional jump or move depends on uninitialised value(s)
==6918==    at 0x400A9BD: _dl_relocate_object (do-rel.h:68)
==6918==    by 0x4004169: dl_main (rtld.c:2284)
==6918==    by 0x4013C45: _dl_sysdep_start (dl-sysdep.c:239)
==6918==    by 0x400124E: _dl_start (rtld.c:327)
==6918==    by 0x40008A6: (within /lib/ld-2.6.1.so)
==6918== 
==6918== Conditional jump or move depends on uninitialised value(s)
==6918==    at 0x400AAF3: _dl_relocate_object (do-rel.h:117)
==6918==    by 0x4004169: dl_main (rtld.c:2284)
==6918==    by 0x4013C45: _dl_sysdep_start (dl-sysdep.c:239)
==6918==    by 0x400124E: _dl_start (rtld.c:327)
==6918==    by 0x40008A6: (within /lib/ld-2.6.1.so)
==6918== 
==6918== Source and destination overlap in mempcpy(0x785E288, 0x785E288, 21)
==6918==    at 0x4021E3A: (within /usr/lib/valgrind/x86-linux/vgpreload_memcheck.so)
==6918==    by 0x4022781: mempcpy (in /usr/lib/valgrind/x86-linux/vgpreload_memcheck.so)
==6918==    by 0x58E51D2: _IO_default_xsputn (genops.c:463)
==6918==    by 0x58C021E: vfprintf (vfprintf.c:1568)
==6918==    by 0x58D9CBA: vsprintf (iovsprintf.c:43)
==6918==    by 0x58C5ADD: sprintf (sprintf.c:34)
==6918==    by 0x4970942: parse_fontdata (omGeneric.c:618)
==6918==    by 0x4970AE2: parse_vw (omGeneric.c:1095)
==6918==    by 0x4971301: create_oc (omGeneric.c:1233)
==6918==    by 0x4930C0A: XCreateOC (OCWrap.c:53)
==6918==    by 0x49270A9: XCreateFontSet (FSWrap.c:185)
==6918==    by 0x551969D: getFontSet(QFont const&) (qximinputcontext_x11.cpp:319)
==6918== 
==6918== Syscall param write(buf) points to uninitialised byte(s)
==6918==    at 0x4DBAFAB: (within /lib/libpthread-2.6.1.so)
==6918==    by 0x4946767: _X11TransWrite (Xtrans.c:900)
==6918==    by 0x4940066: _XFlushInt (XlibInt.c:675)
==6918==    by 0x494015E: _XReply (XlibInt.c:1708)
==6918==    by 0x4929D8E: _XGetWindowAttributes (GetWAttrs.c:116)
==6918==    by 0x4929EA3: XGetWindowAttributes (GetWAttrs.c:151)
==6918==    by 0x4968B13: _XimDefaultColormap (imRm.c:627)
==6918==    by 0x49680AE: _XimSetICDefaults (imRm.c:2713)
==6918==    by 0x496806E: _XimSetICDefaults (imRm.c:2693)
==6918==    by 0x495FA84: _XimLocalCreateIC (imLcIc.c:187)
==6918==    by 0x494CBB2: XCreateIC (ICWrap.c:253)
==6918==    by 0x55197E9: QXIMInputContext::createICData(QWidget*) (qximinputcontext_x11.cpp:712)
==6918==  Address 0x5D9F3E3 is 7,171 bytes inside a block of size 16,384 alloc'd
==6918==    at 0x40207D3: calloc (in /usr/lib/valgrind/x86-linux/vgpreload_memcheck.so)
==6918==    by 0x4931578: XOpenDisplay (OpenDis.c:289)
==6918==    by 0x5010318: qt_init(QApplicationPrivate*, int, _XDisplay*, unsigned long, unsigned long) (qapplication_x11.cpp:1530)
==6918==    by 0x4FB16B8: QApplicationPrivate::construct(_XDisplay*, unsigned long, unsigned long) (qapplication.cpp:709)
==6918==    by 0x4FB2253: QApplication::QApplication(int&, char**, bool, int) (qapplication.cpp:667)
==6918==    by 0x47136BE: KApplication::KApplication(bool) (kapplication.cpp:349)
==6918==    by 0x404966C: KonquerorApplication::KonquerorApplication() (konqapplication.cpp:29)
==6918==    by 0x40CDCEC: kdemain (konqmain.cpp:67)
==6918==    by 0x80487E1: main (konqueror_dummy.cpp:3)
==6918== Warning: invalid file descriptor -1 in syscall write()
==6918== Warning: invalid file descriptor -1 in syscall write()
==6918== Warning: invalid file descriptor -1 in syscall read()
==6918== 
==6918== ERROR SUMMARY: 19 errors from 9 contexts (suppressed: 6 from 2)
==6918== malloc/free: in use at exit: 3,043,759 bytes in 39,241 blocks.
==6918== malloc/free: 449,266 allocs, 410,025 frees, 94,927,376 bytes allocated.
==6918== For counts of detected errors, rerun with: -v
==6918== searching for pointers to 39,241 not-freed blocks.
==6918== checked 23,211,576 bytes.
==6918== 
==6918== LEAK SUMMARY:
==6918==    definitely lost: 8,937 bytes in 345 blocks.
==6918==      possibly lost: 59,228 bytes in 2,309 blocks.
==6918==    still reachable: 2,975,594 bytes in 36,587 blocks.
==6918==         suppressed: 0 bytes in 0 blocks.
==6918== Rerun with --leak-check=full to see details of leaked memory.
Comment 3 FiNeX 2008-01-26 13:48:22 UTC 
Crash confirmed on revision 764637
Comment 4 Oliver Putz 2008-02-12 04:16:01 UTC 
Looks like this bug is the same as bug #156221 and bug #154173.
Comment 5 A. Spehr 2008-05-15 04:10:04 UTC 

*** This bug has been marked as a duplicate of 154173 ***