Summary: | use-after-free crash on closing ark on previewing an archive | ||
---|---|---|---|
Product: | [Applications] ark | Reporter: | Santhiar <santhiar.anirudh> |
Component: | general | Assignee: | Elvis Angelaccio <elvis.angelaccio> |
Status: | RESOLVED WORKSFORME | ||
Severity: | crash | CC: | elvis.angelaccio |
Priority: | NOR | ||
Version: | 2.19 | ||
Target Milestone: | --- | ||
Platform: | Other | ||
OS: | Linux | ||
Latest Commit: | Version Fixed In: | ||
Attachments: | Archive file for bug repro |
Description
Santhiar
2015-12-14 05:15:39 UTC
I'm not able to reproduce it, not even on a Fedora 23 with KDE 4. What's your Linux distribution? Created attachment 96083 [details]
Archive file for bug repro
My distribution is Ubuntu 12.04, but I'm using ark built from source.
To repro, could you try this:
1. download any tar.gz file, say abc.tar.gz, and rename it to abc.tar.gz.1,
as a download manager like wget would do
2. Open this using the file menu in ark...it should show up as abc.tar.gz.1.uncompressed in ark's file list window
3. Right click on abc.tar.gz.1.uncompressed, and select preview
4. When the preview dialog is shown, close ark using qdbus from the terminal
I've attached the file that gives me the repro here...
Ok, I was able to reproduce it by renaming the archive as you suggested, on Fedora 23 with KDE 4. The backtrace I get is the same of the one in bug 355757: https://bugs.kde.org/show_bug.cgi?id=355757 Can you please post the backtrace that you get with the steps described in your last comment? I have posted the backtrace again. Please also refer to the backtrace provided by AddressSanitizer that I have posted at the bottom of the original report - AddressSanitizer reports the first problematic memory access, along with stacks the allocation and free sites of that memory. Application: Ark (ark), signal: Segmentation fault Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1". [Current thread is 1 (Thread 0x7faf45e3f780 (LWP 24731))] Thread 2 (Thread 0x7faf303ad700 (LWP 24734)): #0 0x00007faf3ec6a4ac in send () from /lib/x86_64-linux-gnu/libc.so.6 #1 0x00007faf3ec65020 in __vsyslog_chk () from /lib/x86_64-linux-gnu/libc.so.6 #2 0x00007faf3ec653af in syslog () from /lib/x86_64-linux-gnu/libc.so.6 #3 0x00007faf3f7e5c93 in QMutex::lock (this=0xe88670) at thread/qmutex.cpp:180 #4 0x00007faf3f7c4645 in QMutex::lockInline (this=0xe88670) at ../../include/QtCore/../../src/corelib/thread/qmutex.h:201 #5 0x00007faf3f7c16c0 in QMutexLocker::QMutexLocker (this=0x7faf303aca20, m=0xe88670) at ../../include/QtCore/../../src/corelib/thread/qmutex.h:109 #6 0x00007faf3f9c6e54 in QThreadData::canWaitLocked (this=0xe88620) at ../../include/QtCore/private/../../../src/corelib/thread/qthread_p.h:236 #7 0x00007faf3f9ca30b in QEventDispatcherUNIX::processEvents (this=0x7faf280008f0, flags=...) at kernel/qeventdispatcher_unix.cpp:911 #8 0x00007faf3f972f6c in QEventLoop::processEvents (this=0x7faf303acc78, flags=...) at kernel/qeventloop.cpp:149 #9 0x00007faf3f973332 in QEventLoop::exec (this=0x7faf303acc78, flags=...) at kernel/qeventloop.cpp:225 #10 0x00007faf3f7eb0a0 in QThread::exec (this=0xd938b0) at thread/qthread.cpp:659 #11 0x00007faf3f942994 in QInotifyFileSystemWatcherEngine::run (this=0xd938b0) at io/qfilesystemwatcher_inotify.cpp:265 #12 0x00007faf3f7efb2a in QThreadPrivate::start (arg=0xd938b0) at thread/qthread_unix.cpp:361 #13 0x00007faf45640e9a in start_thread () from /lib/x86_64-linux-gnu/libpthread.so.0 #14 0x00007faf3ec6938d in clone () from /lib/x86_64-linux-gnu/libc.so.6 #15 0x0000000000000000 in ?? () Thread 1 (Thread 0x7faf45e3f780 (LWP 24731)): [KCrash Handler] #6 QWidget::windowType (this=0x41) at qt/src/gui/../../include/QtGui/../../src/gui/kernel/qwidget.h:938 #7 0x00007faf413d46e5 in QWidget::isWindow (this=0x41) at qt/src/gui/../../include/QtGui/../../src/gui/kernel/qwidget.h:946 #8 0x00007faf414441eb in QWidgetPrivate::setEnabled_helper (this=0xce9cb0, enable=true) at kernel/qwidget.cpp:3386 #9 0x00007faf4144419d in QWidget::setEnabled (this=0xc6bda0, enable=true) at kernel/qwidget.cpp:3379 #10 0x00007faf352b79ef in Ark::Part::setReadyGui (this=0xb6a690) at KDE/kde/kdeutils/ark/part/part.cpp:530 #11 0x00007faf352b86fc in Ark::Part::slotPreviewExtracted (this=0xb6a690, job=<optimized out>) at KDE/kde/kdeutils/ark/part/part.cpp:620 #12 0x00007faf352ad9c0 in Ark::Part::qt_static_metacall (_o=0xb6a690, _c=<optimized out>, _id=<optimized out>, _a=0x7faf20001930) at KDE/build/kde/kdeutils/ark/part/moc_part.cpp:106 #13 0x00007faf3f99669d in QMetaCallEvent::placeMetaCall (this=0x7faf20001970, object=0xb6a690) at kernel/qobject.cpp:524 #14 0x00007faf3f998a10 in QObject::event (this=0xb6a690, e=0x7faf20001970) at kernel/qobject.cpp:1222 #15 0x00007faf413ca48f in QApplicationPrivate::notify_helper (this=0xa440f0, receiver=0xb6a690, e=0x7faf20001970) at kernel/qapplication.cpp:4565 #16 0x00007faf413cca8e in QApplication::notify (this=0x7ffff321ce68, receiver=0xb6a690, e=0x7faf20001970) at kernel/qapplication.cpp:3947 #17 0x00007faf4276df7b in KApplication::notify (this=0x7ffff321ce68, receiver=0xb6a690, event=0x7faf20001970) at KDE/kde/kdelibs/kdeui/kernel/kapplication.cpp:311 #18 0x00007faf3f977dc6 in QCoreApplication::notifyInternal (this=0x7ffff321ce68, receiver=0xb6a690, event=0x7faf20001970) at kernel/qcoreapplication.cpp:955 #19 0x00007faf3f97c54a in QCoreApplication::sendEvent (receiver=0xb6a690, event=0x7faf20001970) at qt/src/corelib/../../include/QtCore/../../src/corelib/kernel/qcoreapplication.h:231 #20 0x00007faf3f9793f4 in QCoreApplicationPrivate::sendPostedEvents (receiver=0x0, event_type=0, data=0xa154e0) at kernel/qcoreapplication.cpp:1609 #21 0x00007faf3f978338 in QCoreApplication::sendPostedEvents (receiver=0x0, event_type=0) at kernel/qcoreapplication.cpp:1477 #22 0x00007faf414d1b48 in QCoreApplication::sendPostedEvents () at qt/src/gui/../../include/QtCore/../../src/corelib/kernel/qcoreapplication.h:236 #23 0x00007faf414e2082 in QEventDispatcherX11::processEvents (this=0xa1cbc0, flags=...) at kernel/qeventdispatcher_x11.cpp:82 #24 0x00007faf3f972f6c in QEventLoop::processEvents (this=0x7ffff321cc30, flags=...) at kernel/qeventloop.cpp:149 #25 0x00007faf3f973332 in QEventLoop::exec (this=0x7ffff321cc30, flags=...) at kernel/qeventloop.cpp:225 #26 0x00007faf3f9785ee in QCoreApplication::exec () at kernel/qcoreapplication.cpp:1229 #27 0x00007faf413cc526 in QApplication::exec () at kernel/qapplication.cpp:3823 #28 0x0000000000412a4e in main (argc=<optimized out>, argv=<optimized out>) at KDE/kde/kdeutils/ark/app/main.cpp:206 Yeah, your backtrace is different than mine. How exactly have you compiled Ark? From git or from a source tarball? I have compiled ark from git. The commit at head is 9c23ca12ad5884ddd271ea46e6b4bef3b68ed3e1 I'm on the Applications/15.04 branch (that was checkout out by kdesrc-build) I have encountered a bug with a similar repro but different crash stacks. Basically opening a damaged archive and closing ark while the error window is open crashes ark. Shall I paste the details here, or open a separate bug? (In reply to Santhiar from comment #6) > I have compiled ark from git. > The commit at head is 9c23ca12ad5884ddd271ea46e6b4bef3b68ed3e1 > I'm on the Applications/15.04 branch (that was checkout out by kdesrc-build) It's the same Ark version that I have in my Fedora virtual machine, weird. If I have time, I'll try to setup an Ubuntu 12.04 VM to further investigate this. (In reply to Santhiar from comment #7) > I have encountered a bug with a similar repro but different crash stacks. > Basically opening a damaged archive and closing ark while the error window > is open crashes ark. > Shall I paste the details here, or open a separate bug? Please open another bug report. :) Done :) [https://bugs.kde.org/show_bug.cgi?id=356806] Since you were able to repro this, could you change the status to CONF? (In reply to Santhiar from comment #10) > Done :) [https://bugs.kde.org/show_bug.cgi?id=356806] > Since you were able to repro this, could you change the status to CONF? No, because I can't reproduce it on Ark 15.12, which is the latest stable release. This bug is either a duplicate of #355757, or a downstream issue. Until further investigations, let's keep it as unconfirmed. I didn't find the time to setup an Ubuntu 12.04 VM... Given that Ubuntu 16.04 is near, it doesn't make sense anymore to investigate a crash on such an old LTS release. Please reopen if you manage to reproduce it on a newer Ark release. |