Bug 220262

Summary: krdc crash on tab closing
Product: [Applications] krdc Reporter: Doualot Nicolas <nicolas>
Component: VNCAssignee: Urs Wolfer <uwolfer>
Status: RESOLVED FIXED    
Severity: crash CC: mangoo, murraytony
Priority: NOR    
Version: unspecified   
Target Milestone: ---   
Platform: Unlisted Binaries   
OS: Linux   
Latest Commit: Version Fixed In:
Sentry Crash Report:
Bug Depends on: 185464    
Bug Blocks:    

Description Doualot Nicolas 2009-12-27 13:03:13 UTC 
Application that crashed: krdc
Version of the application: 4.3.4 (KDE 4.3.4)
KDE Version: 4.3.4 (KDE 4.3.4)
Qt Version: 4.5.3
Operating System: Linux 2.6.32-ARCH x86_64

What I was doing when the application crashed:
A connection to a vnc server was not responsive (the server was still alive though), tried tio close the tab, then krdc crashed.

 -- Backtrace:
Application: KRDC (krdc), signal: Segmentation fault
[Current thread is 1 (Thread 0x7f97a52fb760 (LWP 5606))]

Thread 3 (Thread 0x7f9795b39710 (LWP 5608)):
[KCrash Handler]
#5  0x00007f97995739dc in FillRectangle () from /usr/lib/libvncclient.so.0
#6  0x00007f97995817cb in HandleRFBServerMessage () from /usr/lib/libvncclient.so.0
#7  0x00007f9799793e85 in VncClientThread::run() () from /usr/lib/kde4/krdc_vncplugin.so
#8  0x00007f97a24b2ba5 in ?? () from /usr/lib/libQtCore.so.4
#9  0x00007f97a174581a in start_thread () from /lib/libpthread.so.0
#10 0x00007f97a1ec0c7d in clone () from /lib/libc.so.6
#11 0x0000000000000000 in ?? ()

Thread 2 (Thread 0x7f9794c7d710 (LWP 5627)):
#0  0x00007f97a174a07c in pthread_cond_wait@@GLIBC_2.3.2 () from /lib/libpthread.so.0
#1  0x00007f97a24b3c6b in QWaitCondition::wait(QMutex*, unsigned long) () from /usr/lib/libQtCore.so.4
#2  0x00007f97a24afc10 in QSemaphore::acquire(int) () from /usr/lib/libQtCore.so.4
#3  0x00007f97a25acee7 in QMetaObject::activate(QObject*, int, int, void**) () from /usr/lib/libQtCore.so.4
#4  0x00007f9799792db3 in VncClientThread::imageUpdated(int, int, int, int) () from /usr/lib/kde4/krdc_vncplugin.so
#5  0x00007f9799793428 in VncClientThread::updatefb(_rfbClient*, int, int, int, int) () from /usr/lib/kde4/krdc_vncplugin.so
#6  0x00007f97995800d3 in HandleRFBServerMessage () from /usr/lib/libvncclient.so.0
#7  0x00007f9799793e85 in VncClientThread::run() () from /usr/lib/kde4/krdc_vncplugin.so
#8  0x00007f97a24b2ba5 in ?? () from /usr/lib/libQtCore.so.4
#9  0x00007f97a174581a in start_thread () from /lib/libpthread.so.0
#10 0x00007f97a1ec0c7d in clone () from /lib/libc.so.6
#11 0x0000000000000000 in ?? ()

Thread 1 (Thread 0x7f97a52fb760 (LWP 5606)):
#0  0x00007f97a1eb8483 in poll () from /lib/libc.so.6
#1  0x00007f979ca7680a in _xcb_conn_wait () from /usr/lib/libxcb.so.1
#2  0x00007f979ca76da7 in _xcb_out_send () from /usr/lib/libxcb.so.1
#3  0x00007f979ca77055 in xcb_writev () from /usr/lib/libxcb.so.1
#4  0x00007f97a0cb6d5a in _XSend () from /usr/lib/libX11.so.6
#5  0x00007f97a0ca3293 in PutSubImage () from /usr/lib/libX11.so.6
#6  0x00007f97a0ca263b in PutSubImage () from /usr/lib/libX11.so.6
#7  0x00007f97a0ca347e in XPutImage () from /usr/lib/libX11.so.6
#8  0x00007f97a3054cc6 in qt_x11_drawImage(QRect const&, QPoint const&, QImage const&, unsigned long, _XGC*, _XDisplay*, Visual*, int) () from /usr/lib/libQtGui.so.4
#9  0x00007f97a305821d in ?? () from /usr/lib/libQtGui.so.4
#10 0x00007f97a2fc55da in QPainter::drawImage(QRectF const&, QImage const&, QRectF const&, QFlags<Qt::ImageConversionFlag>) () from /usr/lib/libQtGui.so.4
#11 0x00007f9799799111 in VncView::paintEvent(QPaintEvent*) () from /usr/lib/kde4/krdc_vncplugin.so
#12 0x00007f97a2ef68b0 in QWidget::event(QEvent*) () from /usr/lib/libQtGui.so.4
#13 0x00007f97a2ea807c in QApplicationPrivate::notify_helper(QObject*, QEvent*) () from /usr/lib/libQtGui.so.4
#14 0x00007f97a2eaf34e in QApplication::notify(QObject*, QEvent*) () from /usr/lib/libQtGui.so.4
#15 0x00007f97a3adb8f6 in KApplication::notify(QObject*, QEvent*) () from /usr/lib/libkdeui.so.5
#16 0x00007f97a2597bfc in QCoreApplication::notifyInternal(QObject*, QEvent*) () from /usr/lib/libQtCore.so.4
#17 0x00007f97a2efdca3 in QWidgetPrivate::drawWidget(QPaintDevice*, QRegion const&, QPoint const&, int, QPainter*, QWidgetBackingStore*) () from /usr/lib/libQtGui.so.4
#18 0x00007f97a2efe400 in QWidgetPrivate::paintSiblingsRecursive(QPaintDevice*, QList<QObject*> const&, int, QRegion const&, QPoint const&, int, QPainter*, QWidgetBackingStore*) ()
   from /usr/lib/libQtGui.so.4
#19 0x00007f97a2efd913 in QWidgetPrivate::drawWidget(QPaintDevice*, QRegion const&, QPoint const&, int, QPainter*, QWidgetBackingStore*) () from /usr/lib/libQtGui.so.4
#20 0x00007f97a2efe400 in QWidgetPrivate::paintSiblingsRecursive(QPaintDevice*, QList<QObject*> const&, int, QRegion const&, QPoint const&, int, QPainter*, QWidgetBackingStore*) ()
   from /usr/lib/libQtGui.so.4
#21 0x00007f97a2efd913 in QWidgetPrivate::drawWidget(QPaintDevice*, QRegion const&, QPoint const&, int, QPainter*, QWidgetBackingStore*) () from /usr/lib/libQtGui.so.4
#22 0x00007f97a2efe400 in QWidgetPrivate::paintSiblingsRecursive(QPaintDevice*, QList<QObject*> const&, int, QRegion const&, QPoint const&, int, QPainter*, QWidgetBackingStore*) ()
   from /usr/lib/libQtGui.so.4
#23 0x00007f97a2efd913 in QWidgetPrivate::drawWidget(QPaintDevice*, QRegion const&, QPoint const&, int, QPainter*, QWidgetBackingStore*) () from /usr/lib/libQtGui.so.4
#24 0x00007f97a2efe400 in QWidgetPrivate::paintSiblingsRecursive(QPaintDevice*, QList<QObject*> const&, int, QRegion const&, QPoint const&, int, QPainter*, QWidgetBackingStore*) ()
   from /usr/lib/libQtGui.so.4
#25 0x00007f97a2efe314 in QWidgetPrivate::paintSiblingsRecursive(QPaintDevice*, QList<QObject*> const&, int, QRegion const&, QPoint const&, int, QPainter*, QWidgetBackingStore*) ()
   from /usr/lib/libQtGui.so.4
#26 0x00007f97a2efd913 in QWidgetPrivate::drawWidget(QPaintDevice*, QRegion const&, QPoint const&, int, QPainter*, QWidgetBackingStore*) () from /usr/lib/libQtGui.so.4
#27 0x00007f97a2efe400 in QWidgetPrivate::paintSiblingsRecursive(QPaintDevice*, QList<QObject*> const&, int, QRegion const&, QPoint const&, int, QPainter*, QWidgetBackingStore*) ()
   from /usr/lib/libQtGui.so.4
#28 0x00007f97a2efd913 in QWidgetPrivate::drawWidget(QPaintDevice*, QRegion const&, QPoint const&, int, QPainter*, QWidgetBackingStore*) () from /usr/lib/libQtGui.so.4
#29 0x00007f97a306d88e in ?? () from /usr/lib/libQtGui.so.4
#30 0x00007f97a2ef00e0 in QWidgetPrivate::syncBackingStore() () from /usr/lib/libQtGui.so.4
#31 0x00007f97a2ef66c8 in QWidget::event(QEvent*) () from /usr/lib/libQtGui.so.4
#32 0x00007f97a326a2fb in QMainWindow::event(QEvent*) () from /usr/lib/libQtGui.so.4
#33 0x00007f97a3be6b73 in KXmlGuiWindow::event(QEvent*) () from /usr/lib/libkdeui.so.5
#34 0x00007f97a2ea807c in QApplicationPrivate::notify_helper(QObject*, QEvent*) () from /usr/lib/libQtGui.so.4
#35 0x00007f97a2eaf34e in QApplication::notify(QObject*, QEvent*) () from /usr/lib/libQtGui.so.4
#36 0x00007f97a3adb8f6 in KApplication::notify(QObject*, QEvent*) () from /usr/lib/libkdeui.so.5
#37 0x00007f97a2597bfc in QCoreApplication::notifyInternal(QObject*, QEvent*) () from /usr/lib/libQtCore.so.4
#38 0x00007f97a259880a in QCoreApplicationPrivate::sendPostedEvents(QObject*, int, QThreadData*) () from /usr/lib/libQtCore.so.4
#39 0x00007f97a25c0583 in ?? () from /usr/lib/libQtCore.so.4
#40 0x00007f979e6ad26e in g_main_context_dispatch () from /usr/lib/libglib-2.0.so.0
#41 0x00007f979e6b0c28 in g_main_context_iterate () from /usr/lib/libglib-2.0.so.0
#42 0x00007f979e6b0d50 in g_main_context_iteration () from /usr/lib/libglib-2.0.so.0
#43 0x00007f97a25c0123 in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib/libQtCore.so.4
#44 0x00007f97a2f3b14e in ?? () from /usr/lib/libQtGui.so.4
#45 0x00007f97a2596532 in QEventLoop::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib/libQtCore.so.4
#46 0x00007f97a2596904 in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib/libQtCore.so.4
#47 0x00007f97a2598ab9 in QCoreApplication::exec() () from /usr/lib/libQtCore.so.4
#48 0x00000000004294ae in _start ()

Reported using DrKonqi
Comment 1 Tomasz Chmielewski 2010-04-09 17:46:02 UTC 
Lots of similar or identical reports: #226304, #227501, #229295, #231773, #233780, #209932, #220262, perhaps others when you search for "krdc" and then "crash".

For me, it's very trivial to reproduce - connect a few sessions (VNC, RDP), close the tab, connect to the same IP where you just closed the tab... Do it for a while, krdc will crash pretty fast.
Comment 2 Tony Murray 2010-05-26 18:37:10 UTC 
SVN commit 1130864 by murrant:

Workaround for a common crash when disconnecting a VNC connection.

This is included in KDE SC 4.5 Beta 2.  Please test and confirm.  The patch can be found here: 
http://reviewboard.kde.org/r/4041/diff/raw/

REVIEW: 4041
CCBUG: 220262
CCBUG: 220456
CCBUG: 220688
CCBUG: 229295
CCBUG: 229944
CCBUG: 230478
CCBUG: 231773
CCBUG: 232762
CCBUG: 233780


 M  +15 -16    mainwindow.cpp  
 M  +3 -3      vnc/vncclientthread.cpp  


WebSVN link: http://websvn.kde.org/?view=rev&revision=1130864
Comment 3 Urs Wolfer 2010-06-12 11:10:08 UTC 
Can anybody confirm if this bug is fixed (fix applied for KDE SC 4.5 Beta 2)?
Comment 4 Urs Wolfer 2010-09-19 13:44:23 UTC 
We have fixed some crashes in the VNC plugin recently. Can you still reproduce this issue with a recent version of KRDC (from KDE SC 4.5 or later)?
Comment 5 Urs Wolfer 2010-10-17 17:40:38 UTC 
Closing as fixed since nobody can reproduce this crashes anymore with the fixes from KRDC 4.5.