Bug 217836 - Segfault while decompressing ZIP archives [qobject_cast<Kerfuffle::ListJob*>, Kerfuffle::ArchiveBase::onListFinished, Kerfuffle::ArchiveBase::qt_metacall]
Summary: Segfault while decompressing ZIP archives [qobject_cast<Kerfuffle::ListJob*>,...
Status: RESOLVED FIXED
Alias: None
Product: ark
Classification: Applications
Component: general (show other bugs)
Version: unspecified
Platform: Compiled Sources Linux
: NOR crash
Target Milestone: ---
Assignee: Raphael Kubo da Costa
URL:
Keywords:
: 217827 219001 (view as bug list)
Depends on:
Blocks:
 
Reported: 2009-12-08 09:21 UTC by Xavier Fung
Modified: 2016-04-28 20:31 UTC (History)
4 users (show)

See Also:
Latest Commit:
Version Fixed In:
Sentry Crash Report:


Attachments
New crash information added by DrKonqi (3.02 KB, text/plain)
2009-12-14 13:38 UTC, felix
Details

Note You need to log in before you can comment on or make changes to this bug.
Description Xavier Fung 2009-12-08 09:21:36 UTC
Application: ark (2.14)
KDE Platform Version: 4.3.81 (KDE 4.3.81 (KDE 4.4 >= 20091204)) (Compiled from sources)
Qt Version: 4.6.1
Operating System: Linux 2.6.32-7-generic i686
Distribution: Ubuntu lucid (development branch)

-- Information about the crash:
Ark simply crashes when it decompress a ZIP archive. I decompressed the file by using the context menu option "Extract Archive here" from Dolphin. It seems extracted something and bang! Crash with a segfault. Tried twice and get the same error.

The crash can be reproduced everytime.

 -- Backtrace:
Application: Ark (ark), signal: Segmentation fault
[Current thread is 1 (Thread 0xb7760760 (LWP 14406))]

Thread 3 (Thread 0xb5758b70 (LWP 14422)):
#0  0x00558422 in __kernel_vsyscall ()
#1  0x07d59961 in select () from /lib/tls/i686/cmov/libc.so.6
#2  0x02dc7b4f in QProcessManager::run (this=0x2ea71f0) at /media/disk/kdesvn/qt-copy/src/corelib/io/qprocess_unix.cpp:245
#3  0x02cf8663 in QThreadPrivate::start (arg=0x2ea71f0) at /media/disk/kdesvn/qt-copy/src/corelib/thread/qthread_unix.cpp:244
#4  0x003bd80e in start_thread () from /lib/tls/i686/cmov/libpthread.so.0
#5  0x07d607ce in clone () from /lib/tls/i686/cmov/libc.so.6

Thread 2 (Thread 0xb4f57b70 (LWP 14431)):
#0  0x00558422 in __kernel_vsyscall ()
#1  0x07d52b86 in poll () from /lib/tls/i686/cmov/libc.so.6
#2  0x0774f72b in g_poll () from /lib/libglib-2.0.so.0
#3  0x077426bb in ?? () from /lib/libglib-2.0.so.0
#4  0x077429b3 in g_main_context_iteration () from /lib/libglib-2.0.so.0
#5  0x02e0e515 in QEventDispatcherGlib::processEvents (this=0x8601798, flags=...) at /media/disk/kdesvn/qt-copy/src/corelib/kernel/qeventdispatcher_glib.cpp:407
#6  0x02de5969 in QEventLoop::processEvents (this=0xb4f57210, flags=) at /media/disk/kdesvn/qt-copy/src/corelib/kernel/qeventloop.cpp:149
#7  0x02de5b42 in QEventLoop::exec (this=0xb4f57210, flags=...) at /media/disk/kdesvn/qt-copy/src/corelib/kernel/qeventloop.cpp:197
#8  0x02cf63ec in QThread::exec (this=0x85ed220) at /media/disk/kdesvn/qt-copy/src/corelib/thread/qthread.cpp:487
#9  0x00883d72 in Kerfuffle::ThreadExecution::run (this=0x85ed220) at /media/disk/kdesvn/kdeutils/ark/kerfuffle/threading.cpp:47
#10 0x02cf8663 in QThreadPrivate::start (arg=0x85ed220) at /media/disk/kdesvn/qt-copy/src/corelib/thread/qthread_unix.cpp:244
#11 0x003bd80e in start_thread () from /lib/tls/i686/cmov/libpthread.so.0
#12 0x07d607ce in clone () from /lib/tls/i686/cmov/libc.so.6

Thread 1 (Thread 0xb7760760 (LWP 14406)):
[KCrash Handler]
#6  0x030000ff in ?? ()
#7  0x0088465c in qobject_cast<Kerfuffle::ListJob*> (this=0x85fc980, job=0x85ad1d0) at /media/disk/qt4/include/QtCore/qobject.h:451
#8  Kerfuffle::ArchiveBase::onListFinished (this=0x85fc980, job=0x85ad1d0) at /media/disk/kdesvn/kdeutils/ark/kerfuffle/archivebase.cpp:133
#9  0x008848dd in Kerfuffle::ArchiveBase::qt_metacall (this=0x85fc980, _c=QMetaObject::InvokeMetaMethod, _id=4, _a=0x85fc588) at /media/disk/kdesvn/build/kdeutils/ark/kerfuffle/archivebase.moc:76
#10 0x02deba0a in QMetaObject::metacall (object=0x85fc980, cl=140494216, idx=4, argv=0x85fc588) at /media/disk/kdesvn/qt-copy/src/corelib/kernel/qmetaobject.cpp:237
#11 0x02df53e6 in QMetaCallEvent::placeMetaCall (this=0x8603a30, object=0x85fc980) at /media/disk/kdesvn/qt-copy/src/corelib/kernel/qobject.cpp:573
#12 0x02df64f5 in QObject::event (this=0x85fc980, e=0x8603a30) at /media/disk/kdesvn/qt-copy/src/corelib/kernel/qobject.cpp:1256
#13 0x0107d3dc in QApplicationPrivate::notify_helper (this=0x84ecce0, receiver=0x85fc980, e=0x8603a30) at /media/disk/kdesvn/qt-copy/src/gui/kernel/qapplication.cpp:4253
#14 0x01084db7 in QApplication::notify (this=0xbfb615b8, receiver=0x85fc980, e=0x8603a30) at /media/disk/kdesvn/qt-copy/src/gui/kernel/qapplication.cpp:3663
#15 0x00c8c11a in KApplication::notify (this=0xbfb615b8, receiver=0x85fc980, event=0x8603a30) at /media/disk/kdesvn/kdelibs/kdeui/kernel/kapplication.cpp:302
#16 0x02de7108 in QCoreApplication::notifyInternal (this=0xbfb615b8, receiver=0x85fc980, event=0x8603a30) at /media/disk/kdesvn/qt-copy/src/corelib/kernel/qcoreapplication.cpp:704
#17 0x02de78d3 in QCoreApplication::sendEvent (receiver=0x0, event_type=0, data=0x84d6950) at ../../include/QtCore/../../../../qt-copy/src/corelib/kernel/qcoreapplication.h:215
#18 QCoreApplicationPrivate::sendPostedEvents (receiver=0x0, event_type=0, data=0x84d6950) at /media/disk/kdesvn/qt-copy/src/corelib/kernel/qcoreapplication.cpp:1342
#19 0x02de7a8d in QCoreApplication::sendPostedEvents (receiver=0x0, event_type=0) at /media/disk/kdesvn/qt-copy/src/corelib/kernel/qcoreapplication.cpp:1238
#20 0x02e0ea0f in QCoreApplication::sendPostedEvents (s=0x84eef00) at ../../include/QtCore/../../../../qt-copy/src/corelib/kernel/qcoreapplication.h:220
#21 postEventSourceDispatch (s=0x84eef00) at /media/disk/kdesvn/qt-copy/src/corelib/kernel/qeventdispatcher_glib.cpp:276
#22 0x0773efd8 in g_main_context_dispatch () from /lib/libglib-2.0.so.0
#23 0x07742880 in ?? () from /lib/libglib-2.0.so.0
#24 0x077429b3 in g_main_context_iteration () from /lib/libglib-2.0.so.0
#25 0x02e0e515 in QEventDispatcherGlib::processEvents (this=0x84ecc80, flags=...) at /media/disk/kdesvn/qt-copy/src/corelib/kernel/qeventdispatcher_glib.cpp:407
#26 0x01129ae5 in QGuiEventDispatcherGlib::processEvents (this=0x84ecc80, flags=...) at /media/disk/kdesvn/qt-copy/src/gui/kernel/qguieventdispatcher_glib.cpp:202
#27 0x02de5969 in QEventLoop::processEvents (this=0xbfb61514, flags=) at /media/disk/kdesvn/qt-copy/src/corelib/kernel/qeventloop.cpp:149
#28 0x02de5b42 in QEventLoop::exec (this=0xbfb61514, flags=...) at /media/disk/kdesvn/qt-copy/src/corelib/kernel/qeventloop.cpp:197
#29 0x02de7b49 in QCoreApplication::exec () at /media/disk/kdesvn/qt-copy/src/corelib/kernel/qcoreapplication.cpp:981
#30 0x0107d477 in QApplication::exec () at /media/disk/kdesvn/qt-copy/src/gui/kernel/qapplication.cpp:3572
#31 0x08050529 in main (argc=5, argv=0xbfb61954) at /media/disk/kdesvn/kdeutils/ark/app/main.cpp:210

Reported using DrKonqi
Comment 1 Raphael Kubo da Costa 2009-12-08 16:49:09 UTC

*** This bug has been marked as a duplicate of bug 217827 ***
Comment 2 Raphael Kubo da Costa 2009-12-08 16:59:12 UTC
*** Bug 217827 has been marked as a duplicate of this bug. ***
Comment 3 Raphael Kubo da Costa 2009-12-08 17:02:38 UTC
Marek and Xavier, I couldn't reproduce the issue by trying to extract the file attached to bug 217827.

Did it happen before beta 1? What version of unzip do you have?
Comment 4 Mark 2009-12-08 17:35:06 UTC
hi Raphael, 
i'm running kdemod on archlinux. 
no, i didn't experience it before the 4.4beta. 

my unzip info: 
//////////////////////////
unzip -v
UnZip 6.00 of 20 April 2009, by Info-ZIP.  Maintained by C. Spieler.  Send
bug reports using http://www.info-zip.org/zip-bug.html; see README for details.

Latest sources and executables are at ftp://ftp.info-zip.org/pub/infozip/ ;
see ftp://ftp.info-zip.org/pub/infozip/UnZip.html for other sites.

Compiled with gcc 4.4.0 20090526 (prerelease) for Unix (Linux ELF) on Jun 25 2009.

UnZip special compilation options:
        ACORN_FTYPE_NFS
        COPYRIGHT_CLEAN (PKZIP 0.9x unreducing method not supported)
        SET_DIR_ATTRIB
        SYMLINKS (symbolic links supported, if RTL and file system permit)
        TIMESTAMP
        UNIXBACKUP
        USE_EF_UT_TIME
        USE_UNSHRINK (PKZIP/Zip 1.x unshrinking method supported)
        USE_DEFLATE64 (PKZIP 4.x Deflate64(tm) supported)
        UNICODE_SUPPORT [wide-chars, char coding: UTF-8] (handle UTF-8 paths)
        LARGE_FILE_SUPPORT (large files over 2 GiB supported)
        ZIP64_SUPPORT (archives using Zip64 for large files supported)
        USE_BZIP2 (PKZIP 4.6+, using bzip2 lib version 1.0.5, 10-Dec-2007)
        VMS_TEXT_CONV
        WILD_STOP_AT_DIR
        [decryption, version 2.11 of 05 Jan 2007]

UnZip and ZipInfo environment options:
           UNZIP:  [none]
        UNZIPOPT:  [none]
         ZIPINFO:  [none]
      ZIPINFOOPT:  [none]
///////////////////////////////////////////////

thank you
Comment 5 Raphael Kubo da Costa 2009-12-08 23:02:13 UTC
I can confirm it now -- BSD's unzip was working fine, but infozip's unzip causes the crash.
Comment 6 Xavier Fung 2009-12-09 14:37:58 UTC
Hello Raphael,

I'm compiling KDE trunk using kdesvn-build on Ubuntu Lucid, not using beta 1.

Cheers,
Xavier
Comment 7 felix 2009-12-14 13:38:26 UTC
Created attachment 39041 [details]
New crash information added by DrKonqi
Comment 8 Raphael Kubo da Costa 2009-12-16 03:30:14 UTC
SVN commit 1062795 by rkcosta:

Do not auto delete the list job.

The result() signal was being emitted in a different thread, so we ended up having a queued connection model that resulted in a crash since the slot's object could have already been deleted.

BUG: 217836


 M  +1 -0      archivebase.cpp  


WebSVN link: http://websvn.kde.org/?view=rev&revision=1062795
Comment 9 Raphael Kubo da Costa 2009-12-17 01:25:36 UTC
*** Bug 219001 has been marked as a duplicate of this bug. ***
Comment 10 Elvis Angelaccio 2016-04-28 20:31:22 UTC
Git commit 72a46a210da54e7ac3e24d98e466ac0221071921 by Elvis Angelaccio.
Committed on 28/04/2016 at 20:21.
Pushed by elvisangelaccio into branch 'Applications/16.04'.

Auto delete ListJobs

Commit 8c21ca3 broke the preview/opening of files. This is actually due to
ListJobs not autodeleting themeselves upon completion. This was introduced by
commit 4b67603 to fix bug 217836, which doesn't seem reproducible nowadays.

Even if it was, we would need a better fix, because this line is causing also
different issues on master (where we now run CliInterface from the main
thread).

Task: T2374

M  +0    -1    kerfuffle/archive_kerfuffle.cpp

http://commits.kde.org/ark/72a46a210da54e7ac3e24d98e466ac0221071921