Bug 190068

Summary:	[testcase feed] Akregator crashes when manually fetching a specific feed [~QDom*, ~ElementWrapper, ~FeedDocument , ..., Syndication::Loader::slotRetrieverDone]
Product:	[Applications] akregator	Reporter:	Ricardo <thrawnkb>
Component:	feed parser	Assignee:	kdepim bugs <kdepim-bugs>
Status:	RESOLVED FIXED
Severity:	crash	CC:	adi, alex.svetos, andresbajotierra, christophe, daniel, dibdublin, hvulin, ivan.q.public, kdebugs, osterfeld, postmaster, rele, tm, trburkholder
Priority:	NOR
Version:	SVN
Target Milestone:	---
Platform:	openSUSE
OS:	Unspecified
Latest Commit:		Version Fixed In:
Sentry Crash Report:
Attachments:	Patch to fix the bug

Description Ricardo 2009-04-19 14:13:23 UTC

Version:            (using KDE 4.2.2)
Installed from:    SuSE RPMs

It happens when fetching some sources, not yet sure which

BACKTRACE
Application: Akregator (akregator), signal SIGSEGV
[?1034h[Thread debugging using libthread_db enabled]
[Current thread is 1 (Thread 0xb469b920 (LWP 21809))]

Thread 4 (Thread 0xafd38b90 (LWP 22330)):
#0  0xffffe430 in __kernel_vsyscall ()
#1  0xb5d80411 in select () from /lib/libc.so.6
#2  0xb6b8d477 in QProcessManager::run (this=0x807c750) at io/qprocess_unix.cpp:305
#3  0xb6abb74e in QThreadPrivate::start (arg=0x807c750) at thread/qthread_unix.cpp:189
#4  0xb6a591b5 in start_thread () from /lib/libpthread.so.0
#5  0xb5d873be in clone () from /lib/libc.so.6

Thread 3 (Thread 0xb13c2b90 (LWP 22715)):
#0  0xffffe430 in __kernel_vsyscall ()
#1  0xb6a5cf62 in pthread_cond_timedwait@@GLIBC_2.3.2 () from /lib/libpthread.so.0
#2  0xb6abc73c in QWaitCondition::wait (this=0x839cb08, mutex=0x839cb04, time=30000) at thread/qwaitcondition_unix.cpp:85
#3  0xb6ab1c26 in QThreadPoolThread::run (this=0x8365fc0) at concurrent/qthreadpool.cpp:140
#4  0xb6abb74e in QThreadPrivate::start (arg=0x8365fc0) at thread/qthread_unix.cpp:189
#5  0xb6a591b5 in start_thread () from /lib/libpthread.so.0
#6  0xb5d873be in clone () from /lib/libc.so.6

Thread 2 (Thread 0xb09ffb90 (LWP 22716)):
#0  0xffffe430 in __kernel_vsyscall ()
#1  0xb6a5cf62 in pthread_cond_timedwait@@GLIBC_2.3.2 () from /lib/libpthread.so.0
#2  0xb6abc73c in QWaitCondition::wait (this=0x839cb08, mutex=0x839cb04, time=30000) at thread/qwaitcondition_unix.cpp:85
#3  0xb6ab1c26 in QThreadPoolThread::run (this=0x86c0a48) at concurrent/qthreadpool.cpp:140
#4  0xb6abb74e in QThreadPrivate::start (arg=0x86c0a48) at thread/qthread_unix.cpp:189
#5  0xb6a591b5 in start_thread () from /lib/libpthread.so.0
#6  0xb5d873be in clone () from /lib/libc.so.6

Thread 1 (Thread 0xb469b920 (LWP 21809)):
[KCrash Handler]
#6  QDomNamedNodeMapPrivate::clearMap (this=0xa6cfb38) at ../../src/corelib/arch/qatomic_i386.h:132
#7  0xb69061a5 in ~QDomNamedNodeMapPrivate (this=0xa6cfb38) at dom/qdom.cpp:3058
#8  0xb6908541 in ~QDomElementPrivate (this=0xa73e248) at dom/qdom.cpp:4432
#9  0xb69071e0 in ~QDomNodePrivate (this=0xa73e010) at dom/qdom.cpp:1496
#10 0xb6908551 in ~QDomElementPrivate (this=0xa73e010) at dom/qdom.cpp:4433
#11 0xb69071e0 in ~QDomNodePrivate (this=0xa6e08d0) at dom/qdom.cpp:1496
#12 0xb6908551 in ~QDomElementPrivate (this=0xa6e08d0) at dom/qdom.cpp:4433
#13 0xb69071e0 in ~QDomNodePrivate (this=0xa94cbf0) at dom/qdom.cpp:1496
#14 0xb6908551 in ~QDomElementPrivate (this=0xa94cbf0) at dom/qdom.cpp:4433
#15 0xb69000ca in ~QDomNode (this=0xa9709b2) at dom/qdom.cpp:2107
#16 0xb547ace6 in boost::detail::sp_counted_impl_p<Syndication::ElementWrapper::ElementWrapperPrivate>::dispose() () from /usr/lib/libsyndication.so.4
#17 0xb5479a68 in ~ElementWrapper (this=0x92f9138) at /usr/include/boost/detail/sp_counted_base_gcc_x86.hpp:145
#18 0xb5461ec9 in ~FeedDocument (this=0x9758d28) at /usr/src/debug/kdepimlibs-4.2.2/syndication/atom/document.h:58
#19 0xb546a558 in boost::detail::sp_counted_impl_p<Syndication::Atom::FeedDocument>::dispose (this=0x8605250) at /usr/include/boost/checked_delete.hpp:34
#20 0xb5475b40 in Syndication::FeedAtomImpl::~FeedAtomImpl() () from /usr/lib/libsyndication.so.4
#21 0xb5484048 in boost::detail::sp_counted_impl_p<Syndication::FeedAtomImpl>::dispose (this=0xa9a7a20) at /usr/include/boost/checked_delete.hpp:34
#22 0xb548399b in Syndication::Loader::slotRetrieverDone (this=0x9f6d5c8, data=@0xbfd911f8, success=true) at /usr/include/boost/detail/sp_counted_base_gcc_x86.hpp:145
#23 0xb5483b99 in Syndication::Loader::qt_metacall (this=0x9f6d5c8, _c=QMetaObject::InvokeMetaMethod, _id=1, _a=0xbfd911b8) at /usr/src/debug/kdepimlibs-4.2.2/build/syndication/loader.moc:72
#24 0xb6bc5c88 in QMetaObject::activate (sender=0x9309a10, from_signal_index=4, to_signal_index=4, argv=0xbfd911b8) at kernel/qobject.cpp:3069
#25 0xb6bc7412 in QMetaObject::activate (sender=0x9309a10, m=0xb54a6b38, local_signal_index=0, argv=0xbfd911b8) at kernel/qobject.cpp:3143
#26 0xb5485fbf in Syndication::DataRetriever::dataRetrieved (this=0x9309a10, _t1=@0xbfd911f8, _t2=true) at /usr/src/debug/kdepimlibs-4.2.2/build/syndication/dataretriever.moc:77
#27 0xb5486d0e in Syndication::FileRetriever::slotResult (this=0x9309a10, job=0x936b178) at /usr/src/debug/kdepimlibs-4.2.2/syndication/dataretriever.cpp:132
#28 0xb548703c in Syndication::FileRetriever::qt_metacall (this=0x9309a10, _c=QMetaObject::InvokeMetaMethod, _id=3, _a=0xbfd912fc)
    at /usr/src/debug/kdepimlibs-4.2.2/build/syndication/dataretriever.moc:190
#29 0xb6bc5c88 in QMetaObject::activate (sender=0x936b178, from_signal_index=7, to_signal_index=7, argv=0xbfd912fc) at kernel/qobject.cpp:3069
#30 0xb6bc7412 in QMetaObject::activate (sender=0x936b178, m=0xb6f5bee8, local_signal_index=3, argv=0xbfd912fc) at kernel/qobject.cpp:3143
#31 0xb6de4063 in KJob::result (this=0x936b178, _t1=0x936b178) at /usr/src/debug/kdelibs-4.2.2/build/kdecore/kjob.moc:186
#32 0xb6de4509 in KJob::emitResult (this=0x936b178) at /usr/src/debug/kdelibs-4.2.2/kdecore/jobs/kjob.cpp:294
#33 0xb7412015 in KIO::SimpleJob::slotFinished (this=0x936b178) at /usr/src/debug/kdelibs-4.2.2/kio/kio/job.cpp:489
#34 0xb74135e3 in KIO::TransferJob::slotFinished (this=0x936b178) at /usr/src/debug/kdelibs-4.2.2/kio/kio/job.cpp:966
#35 0xb741466b in KIO::TransferJob::qt_metacall (this=0x936b178, _c=QMetaObject::InvokeMetaMethod, _id=7, _a=0xbfd91538) at /usr/src/debug/kdelibs-4.2.2/build/kio/jobclasses.moc:336
#36 0xb6bc5c88 in QMetaObject::activate (sender=0x82b09f8, from_signal_index=8, to_signal_index=8, argv=0x0) at kernel/qobject.cpp:3069
#37 0xb6bc7412 in QMetaObject::activate (sender=0x82b09f8, m=0xb75cee44, local_signal_index=4, argv=0x0) at kernel/qobject.cpp:3143
#38 0xb74c3997 in KIO::SlaveInterface::finished (this=0x82b09f8) at /usr/src/debug/kdelibs-4.2.2/build/kio/slaveinterface.moc:163
#39 0xb74c65ef in KIO::SlaveInterface::dispatch (this=0x82b09f8, _cmd=104, rawdata=@0xbfd916d4) at /usr/src/debug/kdelibs-4.2.2/kio/kio/slaveinterface.cpp:175
#40 0xb74c3fa7 in KIO::SlaveInterface::dispatch (this=0x82b09f8) at /usr/src/debug/kdelibs-4.2.2/kio/kio/slaveinterface.cpp:91
#41 0xb74b68a0 in KIO::Slave::gotInput (this=0x82b09f8) at /usr/src/debug/kdelibs-4.2.2/kio/kio/slave.cpp:322
#42 0xb74b6c13 in KIO::Slave::qt_metacall (this=0x82b09f8, _c=QMetaObject::InvokeMetaMethod, _id=2, _a=0xbfd917c8) at /usr/src/debug/kdelibs-4.2.2/build/kio/slave.moc:75
#43 0xb6bc5c88 in QMetaObject::activate (sender=0x9fcfdc8, from_signal_index=4, to_signal_index=4, argv=0x0) at kernel/qobject.cpp:3069
#44 0xb6bc7412 in QMetaObject::activate (sender=0x9fcfdc8, m=0xb75cb920, local_signal_index=0, argv=0x0) at kernel/qobject.cpp:3143
#45 0xb73df3c7 in KIO::Connection::readyRead (this=0x9fcfdc8) at /usr/src/debug/kdelibs-4.2.2/build/kio/connection.moc:84
#46 0xb73e0df3 in KIO::ConnectionPrivate::dequeue (this=0x9fcfdd8) at /usr/src/debug/kdelibs-4.2.2/kio/kio/connection.cpp:82
#47 0xb73e1446 in KIO::Connection::qt_metacall (this=0x9fcfdc8, _c=QMetaObject::InvokeMetaMethod, _id=1, _a=0x845d3e8) at /usr/src/debug/kdelibs-4.2.2/build/kio/connection.moc:72
#48 0xb6bbe8db in QMetaCallEvent::placeMetaCall (this=0xa56abb8, object=0x9fcfdc8) at kernel/qobject.cpp:489
#49 0xb6bc0370 in QObject::event (this=0x9fcfdc8, e=0xa56abb8) at kernel/qobject.cpp:1118
#50 0xb605eeec in QApplicationPrivate::notify_helper (this=0x807a5b8, receiver=0x9fcfdc8, e=0xa56abb8) at kernel/qapplication.cpp:4084
#51 0xb60671ae in QApplication::notify (this=0xbfd91f50, receiver=0x9fcfdc8, e=0xa56abb8) at kernel/qapplication.cpp:3631
#52 0xb716cded in KApplication::notify (this=0xbfd91f50, receiver=0x9fcfdc8, event=0xa56abb8) at /usr/src/debug/kdelibs-4.2.2/kdeui/kernel/kapplication.cpp:307
#53 0xb6baf9db in QCoreApplication::notifyInternal (this=0xbfd91f50, receiver=0x9fcfdc8, event=0xa56abb8) at kernel/qcoreapplication.cpp:602
#54 0xb6bb0625 in QCoreApplicationPrivate::sendPostedEvents (receiver=0x0, event_type=0, data=0x805a778) at kernel/qcoreapplication.h:213
#55 0xb6bb081d in QCoreApplication::sendPostedEvents (receiver=0x0, event_type=0) at kernel/qcoreapplication.cpp:1132
#56 0xb6bdb7df in postEventSourceDispatch (s=0x807c710) at kernel/qcoreapplication.h:218
#57 0xb4cfd9a8 in IA__g_main_context_dispatch (context=0x807c690) at gmain.c:2144
#58 0xb4d01063 in g_main_context_iterate (context=0x807c690, block=1, dispatch=1, self=0x807a0e0) at gmain.c:2778
#59 0xb4d01221 in IA__g_main_context_iteration (context=0x807c690, may_block=1) at gmain.c:2841
#60 0xb6bdb428 in QEventDispatcherGlib::processEvents (this=0x805fee8, flags={i = -1076289960}) at kernel/qeventdispatcher_glib.cpp:323
#61 0xb60feac5 in QGuiEventDispatcherGlib::processEvents (this=0x805fee8, flags={i = -1076289912}) at kernel/qguieventdispatcher_glib.cpp:202
#62 0xb6badffa in QEventLoop::processEvents (this=0xbfd91f00, flags={i = -1076289848}) at kernel/qeventloop.cpp:149
#63 0xb6bae43a in QEventLoop::exec (this=0xbfd91f00, flags={i = -1076289784}) at kernel/qeventloop.cpp:200
#64 0xb6bb08e9 in QCoreApplication::exec () at kernel/qcoreapplication.cpp:880
#65 0xb605ed67 in QApplication::exec () at kernel/qapplication.cpp:3553
#66 0x0804ed51 in main (argc=-1862795264, argv=0x1092f) at /usr/src/debug/kdepim-4.2.2/akregator/src/main.cpp:115

Comment 1 Dario Andres 2009-05-07 23:24:49 UTC

*** Bug 191940 has been marked as a duplicate of this bug. ***

Comment 2 Daniel Schaal 2009-07-01 11:56:20 UTC

When updating the feed http://www.long-sunday.net/long_sunday//atom.xml I get the same backtrace (but only on every 2nd or 3rd update attempt). I'm running 4.2.4

Comment 3 Christophe Marin 2009-07-06 12:39:20 UTC

bt with the feed from comment #2. To reproduce, just add the feed and try to manually fetch it.

#5  QBasicAtomicInt::deref (this=<value optimized out>) at ../../src/corelib/arch/qatomic_i386.h:132                                                     
        ret = <value optimized out>                                                                                                                      
#6  QDomNamedNodeMapPrivate::clearMap (this=<value optimized out>) at dom/qdom.cpp:3085                                                                  
No locals.                                                                                                                                               
#7  0xb68751a5 in QDomNamedNodeMapPrivate::~QDomNamedNodeMapPrivate (this=0x8b998c8, __in_chrg=<value optimized out>) at dom/qdom.cpp:3058               
No locals.                                                                                                                                               
#8  0xb6877541 in QDomElementPrivate::~QDomElementPrivate (this=0x90ac7d8, __in_chrg=<value optimized out>) at dom/qdom.cpp:4432                         
No locals.                                                                                                                                               
#9  0xb68761e0 in QDomNodePrivate::~QDomNodePrivate (this=0x90b6af0, __in_chrg=<value optimized out>) at dom/qdom.cpp:1496                               
No locals.                                                                                                                                               
#10 0xb6877551 in QDomElementPrivate::~QDomElementPrivate (this=0x90b6af0, __in_chrg=<value optimized out>) at dom/qdom.cpp:4433                         
No locals.                                                                                                                                               
#11 0xb68761e0 in QDomNodePrivate::~QDomNodePrivate (this=0x8af4360, __in_chrg=<value optimized out>) at dom/qdom.cpp:1496                               
No locals.                                                                                                                                               
#12 0xb6877551 in QDomElementPrivate::~QDomElementPrivate (this=0x8af4360, __in_chrg=<value optimized out>) at dom/qdom.cpp:4433                         
No locals.                                                                                                                                               
#13 0xb68761e0 in QDomNodePrivate::~QDomNodePrivate (this=0x8c11bd0, __in_chrg=<value optimized out>) at dom/qdom.cpp:1496                               
No locals.                                                                                                                                               
#14 0xb6877551 in QDomElementPrivate::~QDomElementPrivate (this=0x8c11bd0, __in_chrg=<value optimized out>) at dom/qdom.cpp:4433                         
                                                                                                   
No locals.                                                                                                                                               
#15 0xb686f0ca in QDomNode::~QDomNode (this=0x90b5f4a, __in_chrg=<value optimized out>) at dom/qdom.cpp:2107                                             
No locals.                                                                                                                                               
#16 0xb53a313d in QDomElement::~QDomElement (this=0x87e4c48, __in_chrg=<value optimized out>) at /usr/include/QtXml/qdom.h:477                           
No locals.                                                                                                                                               
#17 0xb53ecbbb in Syndication::ElementWrapper::ElementWrapperPrivate::~ElementWrapperPrivate (this=0x87e4c48, __in_chrg=<value optimized out>)           
    at /home/krop/kde/src/KDE/kdepimlibs/syndication/elementwrapper.cpp:34                                                                               
No locals.                                                                                                                                               
#18 0xb53ecc00 in boost::checked_delete<Syndication::ElementWrapper::ElementWrapperPrivate> (x=0x87e4c48) at /usr/include/boost/checked_delete.hpp:34    
No locals.                                                                                                                                               
#19 0xb53ecca8 in boost::detail::sp_counted_impl_p<Syndication::ElementWrapper::ElementWrapperPrivate>::dispose (this=0x8a08a40)                         
    at /usr/include/boost/detail/sp_counted_impl.hpp:78                                                                                                  
No locals.                                                                                                                                               
#20 0xb53a2e86 in boost::detail::sp_counted_base::release (this=0x8a08a40) at /usr/include/boost/detail/sp_counted_base_gcc_x86.hpp:145                  
No locals.                                                                                                                                               
#21 0xb53a2ef8 in boost::detail::shared_count::~shared_count (this=0x8939334, __in_chrg=<value optimized out>)                                           
    at /usr/include/boost/detail/shared_count.hpp:216                                                                                                    
No locals.                                                                                                                                               
#22 0xb53ec9c4 in boost::shared_ptr<Syndication::ElementWrapper::ElementWrapperPrivate>::~shared_ptr (this=0x8939330, __in_chrg=<value optimized out>)   
    at /usr/include/boost/shared_ptr.hpp:165                                                                                                             
No locals.                                                                                                                                               
#23 0xb53eb11e in Syndication::ElementWrapper::~ElementWrapper (this=0x893932c, __in_chrg=<value optimized out>)                                         
    at /home/krop/kde/src/KDE/kdepimlibs/syndication/elementwrapper.cpp:64                                                                               
No locals.                                                                                                                                               
#24 0xb53d65eb in Syndication::Atom::FeedDocument::~FeedDocument (this=0x8939328, __in_chrg=<value optimized out>)                                       
    at /home/krop/kde/src/KDE/kdepimlibs/syndication/atom/document.h:58                                                                                  
No locals.                                                                                                                                               
                                                                                                   
#25 0xb53dd0c3 in boost::checked_delete<Syndication::Atom::FeedDocument> (x=0x8939328) at /usr/include/boost/checked_delete.hpp:34                       
No locals.                                                                                                                                               
#26 0xb53dd492 in boost::detail::sp_counted_impl_p<Syndication::Atom::FeedDocument>::dispose (this=0x8966790)                                            
    at /usr/include/boost/detail/sp_counted_impl.hpp:78                                                                                                  
No locals.                                                                                                                                               
#27 0xb53a2e86 in boost::detail::sp_counted_base::release (this=0x8966790) at /usr/include/boost/detail/sp_counted_base_gcc_x86.hpp:145                  
No locals.                                                                                                                                               
#28 0xb53a2ef8 in boost::detail::shared_count::~shared_count (this=0x908dad0, __in_chrg=<value optimized out>)                                           
    at /usr/include/boost/detail/shared_count.hpp:216                                                                                                    
No locals.                                                                                                                                               
#29 0xb53dc9c4 in boost::shared_ptr<Syndication::Atom::FeedDocument>::~shared_ptr (this=0x908dacc, __in_chrg=<value optimized out>)                      
    at /usr/include/boost/shared_ptr.hpp:165                                                                                                             
No locals.                                                                                                                                               
#30 0xb53e824f in Syndication::FeedAtomImpl::~FeedAtomImpl (this=0x908dac8, __in_chrg=<value optimized out>)                                             
    at /home/krop/kde/src/KDE/kdepimlibs/syndication/mapper/feedatomimpl.h:40                                                                            
No locals.                                                                                                                                               
#31 0xb53f57f3 in boost::checked_delete<Syndication::FeedAtomImpl> (x=0x908dac8) at /usr/include/boost/checked_delete.hpp:34                             
No locals.                                                                                                                                               
#32 0xb53f6784 in boost::detail::sp_counted_impl_p<Syndication::FeedAtomImpl>::dispose (this=0x891f248)                                                  
    at /usr/include/boost/detail/sp_counted_impl.hpp:78                                                                                                  
No locals.                                                                                                                                               
#33 0xb53a2e86 in boost::detail::sp_counted_base::release (this=0x891f248) at /usr/include/boost/detail/sp_counted_base_gcc_x86.hpp:145                  
No locals.                                                                                                                                               
#34 0xb53a2ef8 in boost::detail::shared_count::~shared_count (this=0xbfbb033c, __in_chrg=<value optimized out>)                                          
    at /usr/include/boost/detail/shared_count.hpp:216                                                                                                    
No locals.                                                                                                                                               
#35 0xb53f4044 in boost::shared_ptr<Syndication::Feed>::~shared_ptr (this=0xbfbb0338, __in_chrg=<value optimized out>)                                   
                                                                                                   
    at /usr/include/boost/shared_ptr.hpp:165                                                                                                             
No locals.                                                                                                                                               
#36 0xb53f327a in Syndication::Loader::slotRetrieverDone (this=0x8cef930, data=@0xbfbb04bc, success=true)                                                
    at /home/krop/kde/src/KDE/kdepimlibs/syndication/loader.cpp:159                                                                                      
        status = Syndication::Success                                                                                                                    
        feed = {px = 0x908dac8, pn = {pi_ = 0x891f248}}                                                                                                  
        isFileRetriever = true                                                                                                                           
#37 0xb53f3b2a in Syndication::Loader::qt_metacall (this=0x8cef930, _c=QMetaObject::InvokeMetaMethod, _id=1, _a=0xbfbb0484)                              
    at /home/krop/kde/build/KDE/kdepimlibs/syndication/loader.moc:73                                                                                     
No locals.                                                                                                                                               
#38 0xb6b33788 in QMetaObject::activate (sender=0x87de738, from_signal_index=4, to_signal_index=4, argv=0xbfbb0484) at kernel/qobject.cpp:3113           
        method = 5                                                                                                                                       
        currentSender = {sender = 0x87de738, signal = 4, ref = 0}                                                                                        
        previousSender = 0x0                                                                                                                             
        i = 0                                                                                                                                            
        count = 1                                                                                                                                        
        signal = 4                                                                                                                                       
        empty_argv = {0x0}                                                                                                                               
        locker = {{mtx = 0x856bb94, val = 139901844}}                                                                                                    
        currentThreadData = 0x856bb60                                                                                                                    
        connectionLists = 0x87f2078                                                                                                                      
#39 0xb6b34412 in QMetaObject::activate (sender=0x87de738, m=0xb5423b20, local_signal_index=0, argv=0xbfbb0484) at kernel/qobject.cpp:3187               
        signal_index = 151740234                                                                                                                         
#40 0xb53f7ed7 in Syndication::DataRetriever::dataRetrieved (this=0x87de738, _t1=@0xbfbb04bc, _t2=true)                                                  
    at /home/krop/kde/build/KDE/kdepimlibs/syndication/dataretriever.moc:79                                                                              
        _a = {0x0, 0xbfbb04bc, 0xbfbb047c}                                                                                                               
#41 0xb53f7777 in Syndication::FileRetriever::slotResult (this=0x87de738, job=0x8736140)                                                                 
                                                                                                   
    at /home/krop/kde/src/KDE/kdepimlibs/syndication/dataretriever.cpp:132                                                                               
        data = {d = 0x934fab0}                                                                                                                           
#42 0xb53f810b in Syndication::FileRetriever::qt_metacall (this=0x87de738, _c=QMetaObject::InvokeMetaMethod, _id=3, _a=0xbfbb05bc)                       
    at /home/krop/kde/build/KDE/kdepimlibs/syndication/dataretriever.moc:195                                                                             
No locals.                                                                                                                                               
#43 0xb6b33788 in QMetaObject::activate (sender=0x8736140, from_signal_index=7, to_signal_index=7, argv=0xbfbb05bc) at kernel/qobject.cpp:3113           
        method = 8                                                                                                                                       
        currentSender = {sender = 0x8736140, signal = 7, ref = 0}                                                                                        
        previousSender = 0x0                                                                                                                             
        i = 1                                                                                                                                            
        count = 2                                                                                                                                        
        signal = 7                                                                                                                                       
        empty_argv = {0x0}                                                                                                                               
        locker = {{mtx = 0x856bb94, val = 139901844}}                                                                                                    
        currentThreadData = 0x856bb60                                                                                                                    
        connectionLists = 0x8edacb8                                                                                                                      
#44 0xb6b34412 in QMetaObject::activate (sender=0x8736140, m=0xb6ee6da8, local_signal_index=3, argv=0xbfbb05bc) at kernel/qobject.cpp:3187               
        signal_index = 151740234                                                                                                                         
#45 0xb6d583c3 in KJob::result (this=0x8736140, _t1=0x8736140) at /usr/src/debug/kdelibs-4.2.95/build/kdecore/kjob.moc:188                               
        _a = {0x0, 0xbfbb05d4}                                                                                                                           
#46 0xb6d58869 in KJob::emitResult (this=0x8736140) at /usr/src/debug/kdelibs-4.2.95/kdecore/jobs/kjob.cpp:304                                           
No locals.                                                                                                                                               
#47 0xb73cc805 in KIO::SimpleJob::slotFinished (this=0x8736140) at /usr/src/debug/kdelibs-4.2.95/kio/kio/job.cpp:477                                     
        d = 0x8b5c1d8                                                                                                                                    
#48 0xb73cd143 in KIO::TransferJob::slotFinished (this=0x8736140) at /usr/src/debug/kdelibs-4.2.95/kio/kio/job.cpp:948                                   
        d = 0x8b5c1d8                                                                                                                                    
#49 0xb73c96eb in KIO::TransferJob::qt_metacall (this=0x8736140, _c=QMetaObject::InvokeMetaMethod, _id=7, _a=0xbfbb07f8)                                 
                                                                                                   
    at /usr/src/debug/kdelibs-4.2.95/build/kio/jobclasses.moc:343                                                                                        
No locals.                                                                                                                                               
#50 0xb6b33788 in QMetaObject::activate (sender=0x87f4960, from_signal_index=8, to_signal_index=8, argv=0x0) at kernel/qobject.cpp:3113                  
        method = 47                                                                                                                                      
        currentSender = {sender = 0x87f4960, signal = 8, ref = 1}                                                                                        
        previousSender = 0x0                                                                                                                             
        i = 0                                                                                                                                            
        count = 1                                                                                                                                        
        signal = 8                                                                                                                                       
        empty_argv = {0x0}                                                                                                                               
        locker = {{mtx = 0x856bb94, val = 139901844}}                                                                                                    
        currentThreadData = 0x856bb60                                                                                                                    
        connectionLists = 0x8ea6368                                                                                                                      
#51 0xb6b34412 in QMetaObject::activate (sender=0x87f4960, m=0xb75a7f24, local_signal_index=4, argv=0x0) at kernel/qobject.cpp:3187                      
        signal_index = 151740234                                                                                                                         
#52 0xb7493d77 in KIO::SlaveInterface::finished (this=0x87f4960) at /usr/src/debug/kdelibs-4.2.95/build/kio/slaveinterface.moc:165                       
No locals.                                                                                                                                               
#53 0xb7497ab7 in KIO::SlaveInterface::dispatch (this=0x87f4960, _cmd=104, rawdata=@0xbfbb09c4)                                                          
    at /usr/src/debug/kdelibs-4.2.95/kio/kio/slaveinterface.cpp:175                                                                                      
        d = 0x8c69ee8                                                                                                                                    

        stream = {_vptr.QDataStream = 0xb6c13e18, d = 0xbfbb0998, dev = 0x8e62bd0, owndev = true, noswap = false, byteorder = QDataStream::BigEndian, 
          ver = 11, q_status = QDataStream::Ok}                                                                                                       
        str1 = {d = 0x8058510}                                                                                                                        
        i = <value optimized out>                                                                                                                     
        b = <value optimized out>                                                                                                                     
        ul = <value optimized out>                                                                                                                    
        __PRETTY_FUNCTION__ = "virtual bool KIO::SlaveInterface::dispatch(int, const QByteArray&)"                                                    
                                                                                                
#54 0xb7494257 in KIO::SlaveInterface::dispatch (this=0x87f4960) at /usr/src/debug/kdelibs-4.2.95/kio/kio/slaveinterface.cpp:91                       
        d = <value optimized out>                                                                                                                     
        cmd = 104                                                                                                                                     
        data = {d = 0x8058558}                                                                                                                        
        ret = 1048580                                                                                                                                 
#55 0xb7485fcd in KIO::Slave::gotInput (this=0x87f4960) at /usr/src/debug/kdelibs-4.2.95/kio/kio/slave.cpp:322                                        
        __PRETTY_FUNCTION__ = "void KIO::Slave::gotInput()"                                                                                           
#56 0xb7488463 in KIO::Slave::qt_metacall (this=0x87f4960, _c=QMetaObject::InvokeMetaMethod, _id=2, _a=0xbfbb0ad8)                                    
    at /usr/src/debug/kdelibs-4.2.95/build/kio/slave.moc:76                                                                                           
No locals.                                                                                                                                            
#57 0xb6b33788 in QMetaObject::activate (sender=0x8830418, from_signal_index=4, to_signal_index=4, argv=0x0) at kernel/qobject.cpp:3113               
        method = 30                                                                                                                                   
        currentSender = {sender = 0x8830418, signal = 4, ref = 1}                                                                                     
        previousSender = 0x0                                                                                                                          
        i = 0                                                                                                                                         
        count = 1                                                                                                                                     
        signal = 4                                                                                                                                    
        empty_argv = {0x0}                                                                                                                            
        locker = {{mtx = 0x856bb94, val = 139901844}}                                                                                                 
        currentThreadData = 0x856bb60                                                                                                                 
        connectionLists = 0x8cfa0d8                                                                                                                   
#58 0xb6b34412 in QMetaObject::activate (sender=0x8830418, m=0xb75a4860, local_signal_index=0, argv=0x0) at kernel/qobject.cpp:3187                   
        signal_index = 151740234                                                                                                                      
#59 0xb73913d7 in KIO::Connection::readyRead (this=0x8830418) at /usr/src/debug/kdelibs-4.2.95/build/kio/connection.moc:86                            
No locals.                                                                                                                                            
#60 0xb7392d43 in KIO::ConnectionPrivate::dequeue (this=0x8e466d8) at /usr/src/debug/kdelibs-4.2.95/kio/kio/connection.cpp:82                         
No locals.                                                                                                                                            
                                                                                                
#61 0xb7393126 in KIO::Connection::qt_metacall (this=0x8830418, _c=QMetaObject::InvokeMetaMethod, _id=1, _a=0x9150e40)                                
    at /usr/src/debug/kdelibs-4.2.95/build/kio/connection.moc:73                                                                                      
No locals.                                                                                                                                            
#62 0xb6b2ceab in QMetaCallEvent::placeMetaCall (this=0x8cc6e20, object=0x8830418) at kernel/qobject.cpp:477                                          
No locals.                                                                                                                                            
#63 0xb6b2e970 in QObject::event (this=0x8830418, e=0x8cc6e20) at kernel/qobject.cpp:1111                                                             
        currentSender = {sender = 0x0, signal = -1, ref = 1}                                                                                          
        previousSender = 0x0                                                                                                                          
#64 0xb5ff47fc in QApplicationPrivate::notify_helper (this=0x858e498, receiver=0x8830418, e=0x8cc6e20) at kernel/qapplication.cpp:4056                
        consumed = <value optimized out>                                                                                                              

#65 0xb5ffcaee in QApplication::notify (this=0xbfbb1258, receiver=0x8830418, e=0x8cc6e20) at kernel/qapplication.cpp:3603

        res = true

#66 0xb710410d in KApplication::notify (this=0xbfbb1258, receiver=0x8830418, event=0x8cc6e20)
    at /usr/src/debug/kdelibs-4.2.95/kdeui/kernel/kapplication.cpp:302                       
No locals.                                                                                   

#67 0xb6b1e16b in QCoreApplication::notifyInternal (this=0xbfbb1258, receiver=0x8830418, event=0x8cc6e20) at kernel/qcoreapplication.cpp:610

        result = false
        cbdata = {0x8830418, 0x8cc6e20, 0xbfbb0f6b}
        threadData = 0x856bb60                     
        returnValue = <value optimized out>        


#68 0xb6b1edb5 in QCoreApplication::sendEvent (event=<value optimized out>, receiver=<value optimized out>) at kernel/qcoreapplication.h:213
No locals.                                                                                                                                  

#69 QCoreApplicationPrivate::sendPostedEvents (event=<value optimized out>, receiver=<value optimized out>) at kernel/qcoreapplication.cpp:1247

        e = 0x8cc6e20
        r = 0x8830418
        locker = {{mtx = 0x856bb88, val = 139901832}}
        startOffset = 0                              

        i = @0x856bb80                                


#70 0xb6b1efad in QCoreApplication::sendPostedEvents (receiver=0x0, event_type=0) at kernel/qcoreapplication.cpp:1140
        data = <value optimized out>                                                                                 
#71 0xb6b49c8f in QCoreApplication::sendPostedEvents () at kernel/qcoreapplication.h:218                             
No locals.                                                                                                           
#72 postEventSourceDispatch () at kernel/qeventdispatcher_glib.cpp:210                                               
No locals.                                                                                                           
#73 0xb4c689c8 in g_main_context_dispatch () from /usr/lib/libglib-2.0.so.0                                          
No symbol table info available.                                                                                      
#74 0xb4c6c083 in ?? () from /usr/lib/libglib-2.0.so.0                                                               
No symbol table info available.                                                                                      
#75 0xb4c6c241 in g_main_context_iteration () from /usr/lib/libglib-2.0.so.0                                         
No symbol table info available.                                                                                      
#76 0xb6b498d8 in QEventDispatcherGlib::processEvents (this=0x858bb40, flags={i = -1078259352}) at kernel/qeventdispatcher_glib.cpp:327
        d = 0x858e558                                                                                                                  
        canWait = true                                                                                                                 
        result = <value optimized out>                                                                                                 
#77 0xb6094cc5 in QGuiEventDispatcherGlib::processEvents (this=0x858bb40, flags={i = -1078259304}) at kernel/qguieventdispatcher_glib.cpp:202
        d = 0x858e558                                                                                                                        
        returnValue = 4                                                                                                                      
#78 0xb6b1c78a in QEventLoop::processEvents (this=0xbfbb1210, flags={i = -1078259240}) at kernel/qeventloop.cpp:149                          
        d = 0x85fd1a8                                                                                                                        
#79 0xb6b1cbd2 in QEventLoop::exec (this=0xbfbb1210, flags={i = -1078259176}) at kernel/qeventloop.cpp:201                                   
        d = 0x85fd1a8                                                                                                                        
        app = 0xbfbb1258                                                                                                                     
#80 0xb6b1f079 in QCoreApplication::exec () at kernel/qcoreapplication.cpp:888
        threadData = 0x856bb60

        eventLoop = {<QObject> = {_vptr.QObject = 0xb6c157a8, d_ptr = 0x85fd1a8}, }
        returnCode = -1
#81 0xb5ff4677 in QApplication::exec () at kernel/qapplication.cpp:3525
No locals.
#82 0x0805022b in main (argc=1, argv=0xbfbb1344) at /home/krop/kde/src/KDE/kdepim/akregator/src/main.cpp:115
        about = {<KAboutData> = {d = 0x856f878}, <No data fields>}
        app = {<KPIM::PimApplication> = {<KUniqueApplication> = {<KApplication> = {<QApplication> = {<QCoreApplication> = {<QObject> = {
                      _vptr.QObject = 0x80536e8, d_ptr = 0x858e498}, }, }, d = 0x85df600}, d = 0x8621138}, <No data fields>}, mMainWindow = 0x85fa768}

Comment 4 Christophe Marin 2009-08-20 13:52:14 UTC

*** Bug 204516 has been marked as a duplicate of this bug. ***

Comment 5 Hrvoje Vulin 2009-08-22 19:46:08 UTC

same problem on Debian testing, akregator 1.4.4... 
when I look at All feeds there are old feeds (duplicates) marked as new and if I click on one of them it crashes with signal 11

(no debugging symbols found)
(no debugging symbols found)
[Thread debugging using libthread_db enabled]
[New Thread 0xb506c710 (LWP 5129)]
[New Thread 0xb0dffb90 (LWP 5196)]
0xb7fdd424 in __kernel_vsyscall ()
[Current thread is 0 (LWP 5129)]

Thread 2 (Thread 0xb0dffb90 (LWP 5196)):
#0  0xb7fdd424 in __kernel_vsyscall ()
#1  0xb6a7dfe1 in select () from /lib/i686/cmov/libc.so.6
#2  0xb76fec20 in ?? () from /usr/lib/libQtCore.so.4
#3  0xb762f522 in ?? () from /usr/lib/libQtCore.so.4
#4  0xb58d04b5 in start_thread () from /lib/i686/cmov/libpthread.so.0
#5  0xb6a85a5e in clone () from /lib/i686/cmov/libc.so.6

Thread 1 (Thread 0xb506c710 (LWP 5129)):
#0  0xb7fdd424 in __kernel_vsyscall ()
#1  0xb6a42676 in nanosleep () from /lib/i686/cmov/libc.so.6
#2  0xb6a4248e in sleep () from /lib/i686/cmov/libc.so.6
#3  0xb7cf10f8 in ?? () from /usr/lib/libkdeui.so.5
#4  0x00000000 in ?? ()
#0  0xb7fdd424 in __kernel_vsyscall ()

Comment 6 Dario Andres 2010-02-22 01:39:01 UTC

*** Bug 227808 has been marked as a duplicate of this bug. ***

Comment 7 Dario Andres 2010-03-16 12:49:55 UTC

From bug 230922:
-- Information about the crash:
Akregator crashed while fetching feeds and minimized to the system tray,
scheduled to fetch feeds every 720 minutes.
The crash can be reproduced every time.

Comment 8 Dario Andres 2010-03-16 12:49:59 UTC

*** Bug 230922 has been marked as a duplicate of this bug. ***

Comment 9 Dario Andres 2010-03-16 12:51:18 UTC

*** Bug 228077 has been marked as a duplicate of this bug. ***

Comment 10 Christophe Marin 2010-06-05 16:30:38 UTC

*** Bug 236801 has been marked as a duplicate of this bug. ***

Comment 11 Frank Osterfeld 2010-07-04 21:07:16 UTC

*** Bug 243098 has been marked as a duplicate of this bug. ***

Comment 12 Frank Osterfeld 2010-07-04 21:19:03 UTC

The feed from #2 seems gone. Anyone has current feed to reproduce it?

Comment 13 Frank Osterfeld 2010-07-04 21:29:24 UTC

It works if I replace the double slash in the url by a single slash. No crashes for me though.

Comment 14 alex svetos 2010-07-12 20:06:03 UTC

Akregator is absolutly unuseable since about 2010 because of this bug, had to switch to greader.

Comment 15 Nicolas L. 2010-08-12 18:22:26 UTC

*** Bug 243846 has been marked as a duplicate of this bug. ***

Comment 16 Nicolas L. 2010-08-12 18:26:24 UTC

*** Bug 243570 has been marked as a duplicate of this bug. ***

Comment 17 Nicolas L. 2010-08-12 18:29:30 UTC

*** Bug 243610 has been marked as a duplicate of this bug. ***

Comment 18 Christophe Marin 2010-09-14 22:23:02 UTC

*** Bug 251234 has been marked as a duplicate of this bug. ***

Comment 19 Christophe Marin 2010-09-16 11:01:54 UTC

*** Bug 251412 has been marked as a duplicate of this bug. ***

Comment 20 Christophe Marin 2010-09-18 14:07:33 UTC

*** Bug 251585 has been marked as a duplicate of this bug. ***

Comment 21 Christophe Marin 2010-09-22 15:26:25 UTC

*** Bug 251918 has been marked as a duplicate of this bug. ***

Comment 22 Christophe Marin 2010-09-22 15:26:30 UTC

*** Bug 251945 has been marked as a duplicate of this bug. ***

Comment 23 Christophe Marin 2010-09-22 15:26:39 UTC

*** Bug 252008 has been marked as a duplicate of this bug. ***

Comment 24 Christophe Marin 2010-09-22 15:26:51 UTC

*** Bug 251716 has been marked as a duplicate of this bug. ***

Comment 25 Christophe Marin 2010-09-24 01:45:22 UTC

*** Bug 252101 has been marked as a duplicate of this bug. ***

Comment 26 Christophe Marin 2010-09-25 11:49:44 UTC

*** Bug 252310 has been marked as a duplicate of this bug. ***

Comment 27 Christophe Marin 2010-10-13 14:02:03 UTC

*** Bug 253964 has been marked as a duplicate of this bug. ***

Comment 28 Christophe Marin 2010-10-13 14:04:44 UTC

*** Bug 253130 has been marked as a duplicate of this bug. ***

Comment 29 ivan.q.public 2010-11-08 08:58:01 UTC

I've just recently started to get this same crash. Gonna have to switch to a different feed reader soon, given the severity of the issue and the lack of progress in resolving it. A year and a half, and zero progress? Yikes.

Comment 30 ivan.q.public 2010-11-08 11:04:26 UTC

Ok, I found a specific feed of mine that was causing the crash, and then I whittled it down to a minimal testcase:

<?xml version="1.0" encoding="utf-8"?>
<feed version="0.3" xmlns="http://purl.org/atom/ns#">
  <entry>
    <content type="xhtml" xml:base="derp">
      <div xmlns="derp"></div>
    </content>
  </entry>
  <entry>
    <content type="xhtml" xml:base="derp">
      <div xmlns="derp"></div>
    </content>
  </entry>
</feed>

Why should this cause a crash? I have no idea. To reproduce, save that xml snippet in a file, create a new feed with the appropriate file:// URL, then highlight the new feed and hit F5 several times until you get a crash. Derp.

Comment 31 ivan.q.public 2010-11-11 03:34:53 UTC

Good news, everyone!

I used valgrind for the first time, and I tracked this bug down. I'm not a C++ coder, but here's my understanding of what's going on.

It's a subtle scoping problem in the function Loader::slotRetrieverDone of libsyndication (kdepimlibs, syndication/loader.cpp). The variable 'src' gets created within the scope of the if statement (line 132) and thus gets automatically destroyed before 'emit loadingComplete(this, feed, status)' happens. This is apparently a problem because 'feed' involves 'src' somehow.

Moving and duplicating the 'emit loadingComplete(...)' statement to the ends of both branches of the if statement seems to resolve the problem.

However, I still don't know why this bug only rarely caused problems. Perhaps someone with a better knowledge of the source code can comment on that.

Comment 32 Frank Osterfeld 2010-11-11 08:50:08 UTC

What is the valgrind error you get?

I don't see what should be wrong with this code, DocumentSource is not stored in Feed, and if it was, it would be copied (the d pointer handling in there is a bit fishy though and might be buggy). Also, this rather looks like a double deletion of the feed. Well, if your change fixes it, that's definitely worth investigating.

Comment 33 Frank Osterfeld 2010-11-11 08:53:18 UTC

Ah, hmm. The Feed of course contains dom elements from the QDomDocument created in DocumentSource...

Comment 34 Frank Osterfeld 2010-11-11 10:21:14 UTC

I can't reproduce the crash, but I see Invalid reads in valgrind when fetching the feed. Looks indeed like the QDomNodes are deleted twice. Will look into it.

Comment 35 Frank Osterfeld 2010-11-11 10:45:48 UTC

Created attachment 53316 [details]
Patch to fix the bug

This patch silences the warnings for me. Please test if it fixes the crash for you.

Comment 36 adi 2010-11-11 17:32:04 UTC

(In reply to comment #35)
> Created an attachment (id=53316) [details]
> Patch to fix the bug
> 
> This patch silences the warnings for me. Please test if it fixes the crash for
> you.

Seems to fix the issue for me... 2 hours without crash and still counting. Thanks Ivan for tracking this down and thanks for the patch.

For the records: I am using kdepimlibs 4.4.5-1 from Debian/unstable

Comment 37 ivan.q.public 2010-11-11 21:12:01 UTC

The patch seems to fix the crash, and it eliminates the invalid reads. Thanks for your quick response.

I meant to include more details on the valgrind output, but I was so pleased with my interpretation of it that I forgot. For the record, here's what I was seeing:

5 invalid reads of size 8 in QDomNodePrivate and QDomNodeListPrivate functions, which traced back through Syndication::ElementWrapper::childNodesAsXML() and further back to loader.cpp:157 (the 'emit loadingComplete(...)' statement)

The invalid reads were at an address 120 bytes inside a block of size 128 free'd by Syndication::DocumentSource::~DocumentSource(), called from loader.cpp:139 (the end of the if clause)

The segfault (when not running in valgrind) traces back to loader.cpp:159 (the 'delete this' statement at the end of Loader::slotRetrieverDone).

Comment 38 Frank Osterfeld 2010-11-12 08:11:15 UTC

SVN commit 1195852 by osterfeld:

Fix invalid reads (and for some people crashes) when keeping QDomElements around while their QDomDocument is already destroyed.
Thanks to ivan.q.public at gmail.com for test input and valgrinding.

BUG:190068

 M  +3 -0      elementwrapper.cpp  
 A             tests/atom/bug-190068.xml  


WebSVN link: http://websvn.kde.org/?view=rev&revision=1195852

Comment 39 Frank Osterfeld 2010-11-12 08:12:18 UTC

SVN commit 1195853 by osterfeld:

backport 1195852:

Fix invalid reads (and for some people crashes) when keeping QDomElements around while their QDomDocument is already destroyed.
Thanks to ivan.q.public at gmail.com for test input and valgrinding.

BUG:190068

 M  +3 -0      elementwrapper.cpp  
 A             tests/atom/bug-190068.xml  


WebSVN link: http://websvn.kde.org/?view=rev&revision=1195853

Comment 40 Frank Osterfeld 2010-11-12 08:12:52 UTC

SVN commit 1195854 by osterfeld:

backport 1195852:

Fix invalid reads (and for some people crashes) when keeping QDomElements around while their QDomDocument is already destroyed.
Thanks to ivan.q.public at gmail.com for test input and valgrinding.

BUG:190068



 M  +3 -0      elementwrapper.cpp  
 A             tests/atom/bug-190068.xml  


WebSVN link: http://websvn.kde.org/?view=rev&revision=1195854