Bug 386098

Summary: crash when adding pictures to a running digikam
Product: [Applications] digikam Reporter: Johannes Hirte <johannes.hirte>
Component: Albums-EngineAssignee: Digikam Developers <digikam-bugs-null>
Status: RESOLVED FIXED    
Severity: crash CC: caulier.gilles, kdenis, metzpinguin
Priority: NOR    
Version: 5.8.0   
Target Milestone: ---   
Platform: Gentoo Packages   
OS: Linux   
Latest Commit: Version Fixed In: 7.0.0
Sentry Crash Report:

Description Johannes Hirte 2017-10-23 08:55:23 UTC 
This is rather hard to reproduce. It happens when adding pictures into a collection of a running digikam. In this case I've moved with dolphin several folders with pictures into a digikam collection. This kicked in digikams scan for new items an after some time it crashed.

the backtrace:

*** Error in `/usr/bin/digikam': malloc(): smallbin double linked list corrupted: 0x0000000003481f90 ***

Thread 1 "digikam" received signal SIGABRT, Aborted.
__GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:51
51      ../sysdeps/unix/sysv/linux/raise.c: No such file or directory.
(gdb) bt
#0  __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:51
#1  0x00007ffff3d00506 in __GI_abort () at abort.c:90
#2  0x00007ffff3d447b7 in __libc_message (action=action@entry=(do_abort | do_backtrace), fmt=fmt@entry=0x7ffff3e540a0 "*** Error in `%s': %s: 0x%s ***\n") at ../sysdeps/posix/libc_fatal.c:181
#3  0x00007ffff3d4c2e9 in malloc_printerr (action=<optimized out>, str=0x7ffff3e547c0 "malloc(): smallbin double linked list corrupted", ptr=<optimized out>, ar_ptr=<optimized out>) at malloc.c:5423
#4  0x00007ffff3d4faf9 in _int_malloc (av=0x7ffff4084c20 <main_arena>, bytes=<optimized out>) at malloc.c:3593
#5  0x00007ffff3d51525 in __GI___libc_malloc (bytes=24) at malloc.c:3083
#6  0x00007ffff4746d51 in QArrayData::allocate (objectSize=objectSize@entry=1, alignment=alignment@entry=8, capacity=capacity@entry=0, options=..., options@entry=...) at tools/qarraydata.cpp:118
#7  0x00007ffff474d730 in QTypedArrayData<char>::allocate (options=..., capacity=0) at ../../include/QtCore/../../src/corelib/tools/qarraydata.h:223
#8  QTypedArrayData<char>::fromRawData (options=..., n=17, data=0x7fffffffb5f0 "resetInternalData()") at ../../include/QtCore/../../src/corelib/tools/qarraydata.h:244
#9  QByteArray::fromRawData (data=data@entry=0x7fffffffb5f0 "resetInternalData()", size=size@entry=17) at tools/qbytearray.cpp:4230
#10 0x00007ffff48f4660 in QMetaObjectPrivate::decodeMethodSignature (signature=0x7fffffffb5f0 "resetInternalData()", types=...) at kernel/qmetaobject.cpp:688
#11 0x00007ffff48f8880 in QMetaObject::indexOfMethod (this=this@entry=0x7ffff5662480 <QCompletionModel::staticMetaObject>, method=<optimized out>) at kernel/qmetaobject.cpp:645
#12 0x00007ffff48fa97b in QMetaObject::invokeMethod (obj=obj@entry=0x126a1f0, member=member@entry=0x7ffff4994c1e "resetInternalData", type=type@entry=Qt::AutoConnection, ret=..., val0=..., val1=..., val2=..., val3=..., val4=..., val5=..., val6=..., 
    val7=..., val8=..., val9=...) at kernel/qmetaobject.cpp:1475
#13 0x00007ffff489435b in QMetaObject::invokeMethod (val9=..., val8=..., val7=..., val6=..., val5=..., val4=..., val3=..., val2=..., val1=..., val0=..., member=0x7ffff4994c1e "resetInternalData", obj=0x126a1f0)
    at ../../include/QtCore/../../src/corelib/kernel/qobjectdefs.h:467
#14 QAbstractItemModel::endResetModel (this=this@entry=0x126a1f0) at itemmodels/qabstractitemmodel.cpp:3229
#15 0x00007ffff54bd3a7 in QCompletionModel::filter (this=0x126a1f0, parts=...) at util/qcompleter.cpp:423
#16 0x00007ffff491345d in QMetaObject::activate (sender=sender@entry=0x1264c20, signalOffset=<optimized out>, local_signal_index=local_signal_index@entry=0, argv=argv@entry=0x7fffffffba10) at kernel/qobject.cpp:3766
#17 0x00007ffff4913b67 in QMetaObject::activate (sender=sender@entry=0x1264c20, m=m@entry=0x7ffff4b34680 <QAbstractItemModel::staticMetaObject>, local_signal_index=local_signal_index@entry=0, argv=argv@entry=0x7fffffffba10) at kernel/qobject.cpp:3628
#18 0x00007ffff489254c in QAbstractItemModel::dataChanged (this=this@entry=0x1264c20, _t1=..., _t2=..., _t3=...) at .moc/moc_qabstractitemmodel.cpp:568
#19 0x00007ffff48bb614 in QSortFilterProxyModelPrivate::_q_sourceDataChanged (this=<optimized out>, source_top_left=..., source_bottom_right=..., roles=...) at itemmodels/qsortfilterproxymodel.cpp:1258
#20 0x00007ffff48bc138 in QSortFilterProxyModel::qt_static_metacall (_o=<optimized out>, _c=<optimized out>, _id=<optimized out>, _a=<optimized out>) at .moc/moc_qsortfilterproxymodel.cpp:204
#21 0x00007ffff491345d in QMetaObject::activate (sender=sender@entry=0x1263d20, signalOffset=<optimized out>, local_signal_index=local_signal_index@entry=0, argv=argv@entry=0x7fffffffbd00) at kernel/qobject.cpp:3766
#22 0x00007ffff4913b67 in QMetaObject::activate (sender=sender@entry=0x1263d20, m=m@entry=0x7ffff4b34680 <QAbstractItemModel::staticMetaObject>, local_signal_index=local_signal_index@entry=0, argv=argv@entry=0x7fffffffbd00) at kernel/qobject.cpp:3628
#23 0x00007ffff489254c in QAbstractItemModel::dataChanged (this=this@entry=0x1263d20, _t1=..., _t2=..., _t3=...) at .moc/moc_qabstractitemmodel.cpp:568
#24 0x00007ffff48bb614 in QSortFilterProxyModelPrivate::_q_sourceDataChanged (this=<optimized out>, source_top_left=..., source_bottom_right=..., roles=...) at itemmodels/qsortfilterproxymodel.cpp:1258
#25 0x00007ffff48bc138 in QSortFilterProxyModel::qt_static_metacall (_o=<optimized out>, _c=<optimized out>, _id=<optimized out>, _a=<optimized out>) at .moc/moc_qsortfilterproxymodel.cpp:204
#26 0x00007ffff491345d in QMetaObject::activate (sender=sender@entry=0x1263670, signalOffset=<optimized out>, local_signal_index=local_signal_index@entry=0, argv=argv@entry=0x7fffffffbff0) at kernel/qobject.cpp:3766
#27 0x00007ffff4913b67 in QMetaObject::activate (sender=sender@entry=0x1263670, m=m@entry=0x7ffff4b34680 <QAbstractItemModel::staticMetaObject>, local_signal_index=local_signal_index@entry=0, argv=argv@entry=0x7fffffffbff0) at kernel/qobject.cpp:3628
#28 0x00007ffff489254c in QAbstractItemModel::dataChanged (this=this@entry=0x1263670, _t1=..., _t2=..., _t3=...) at .moc/moc_qabstractitemmodel.cpp:568
#29 0x00007ffff76eb3c4 in Digikam::AbstractCountingAlbumModel::updateCount (this=this@entry=0x1263670, album=album@entry=0x5654820) at /var/tmp/portage/media-gfx/digikam-9999/work/digikam-9999/libs/models/abstractalbummodel.cpp:742
#30 0x00007ffff76ebf9f in Digikam::AbstractCountingAlbumModel::includeChildrenCount (this=this@entry=0x1263670, index=...) at /var/tmp/portage/media-gfx/digikam-9999/work/digikam-9999/libs/models/abstractalbummodel.cpp:680
#31 0x00007ffff770cd07 in Digikam::AbstractCountingAlbumTreeView::slotCollapsed (this=<optimized out>, index=...) at /var/tmp/portage/media-gfx/digikam-9999/work/digikam-9999/libs/album/albumtreeview.cpp:1242
#32 0x00007ffff770cde5 in Digikam::AbstractCountingAlbumTreeView::updateShowCountState (this=0x1257b50, index=..., recurse=<optimized out>) at /var/tmp/portage/media-gfx/digikam-9999/work/digikam-9999/libs/album/albumtreeview.cpp:1226
#33 0x00007ffff7713f63 in Digikam::AbstractCountingAlbumTreeView::rowsInserted (this=this@entry=0x1257b50, parent=..., start=start@entry=42, end=end@entry=42) at /var/tmp/portage/media-gfx/digikam-9999/work/digikam-9999/libs/album/albumtreeview.cpp:1262
#34 0x00007ffff7713fbc in Digikam::AbstractCheckableAlbumTreeView::rowsInserted (this=0x1257b50, parent=..., start=42, end=42) at /var/tmp/portage/media-gfx/digikam-9999/work/digikam-9999/libs/album/albumtreeview.cpp:1417
#35 0x00007ffff53bc482 in QAbstractItemView::qt_static_metacall (_o=<optimized out>, _c=<optimized out>, _id=<optimized out>, _a=<optimized out>) at .moc/moc_qabstractitemview.cpp:412
#36 0x00007ffff491345d in QMetaObject::activate (sender=sender@entry=0x1264c20, signalOffset=<optimized out>, local_signal_index=local_signal_index@entry=10, argv=argv@entry=0x7fffffffc370) at kernel/qobject.cpp:3766
#37 0x00007ffff4913b67 in QMetaObject::activate (sender=sender@entry=0x1264c20, m=m@entry=0x7ffff4b34680 <QAbstractItemModel::staticMetaObject>, local_signal_index=local_signal_index@entry=10, argv=argv@entry=0x7fffffffc370) at kernel/qobject.cpp:3628
#38 0x00007ffff489278e in QAbstractItemModel::rowsInserted (this=this@entry=0x1264c20, _t1=..., _t2=<optimized out>, _t3=<optimized out>, _t4=...) at .moc/moc_qabstractitemmodel.cpp:603
#39 0x00007ffff48995eb in QAbstractItemModel::endInsertRows (this=0x1264c20) at itemmodels/qabstractitemmodel.cpp:2709
#40 0x00007ffff48b5efd in QSortFilterProxyModelPrivate::insert_source_items (this=this@entry=0x1264c70, source_to_proxy=..., proxy_to_source=..., source_items=..., source_parent=..., orient=orient@entry=Qt::Vertical, emit_signal=true)
    at itemmodels/qsortfilterproxymodel.cpp:722
#41 0x00007ffff48b931e in QSortFilterProxyModelPrivate::source_items_inserted (this=this@entry=0x1264c70, source_parent=..., start=<optimized out>, end=<optimized out>, orient=orient@entry=Qt::Vertical) at itemmodels/qsortfilterproxymodel.cpp:833
#42 0x00007ffff48b95ef in QSortFilterProxyModelPrivate::_q_sourceRowsInserted (this=0x1264c70, source_parent=..., start=<optimized out>, end=<optimized out>) at itemmodels/qsortfilterproxymodel.cpp:1398
#43 0x00007ffff48bc1b9 in QSortFilterProxyModel::qt_static_metacall (_o=<optimized out>, _c=<optimized out>, _id=<optimized out>, _a=<optimized out>) at .moc/moc_qsortfilterproxymodel.cpp:211
#44 0x00007ffff491345d in QMetaObject::activate (sender=sender@entry=0x1263d20, signalOffset=<optimized out>, local_signal_index=local_signal_index@entry=10, argv=argv@entry=0x7fffffffc700) at kernel/qobject.cpp:3766
#45 0x00007ffff4913b67 in QMetaObject::activate (sender=sender@entry=0x1263d20, m=m@entry=0x7ffff4b34680 <QAbstractItemModel::staticMetaObject>, local_signal_index=local_signal_index@entry=10, argv=argv@entry=0x7fffffffc700) at kernel/qobject.cpp:3628
#46 0x00007ffff489278e in QAbstractItemModel::rowsInserted (this=this@entry=0x1263d20, _t1=..., _t2=<optimized out>, _t3=<optimized out>, _t4=...) at .moc/moc_qabstractitemmodel.cpp:603
#47 0x00007ffff48995eb in QAbstractItemModel::endInsertRows (this=0x1263d20) at itemmodels/qabstractitemmodel.cpp:2709
#48 0x00007ffff48b5efd in QSortFilterProxyModelPrivate::insert_source_items (this=this@entry=0x1263d80, source_to_proxy=..., proxy_to_source=..., source_items=..., source_parent=..., orient=orient@entry=Qt::Vertical, emit_signal=true)
    at itemmodels/qsortfilterproxymodel.cpp:722
---Type <return> to continue, or q <return> to quit---
#49 0x00007ffff48b931e in QSortFilterProxyModelPrivate::source_items_inserted (this=this@entry=0x1263d80, source_parent=..., start=<optimized out>, end=<optimized out>, orient=orient@entry=Qt::Vertical) at itemmodels/qsortfilterproxymodel.cpp:833
#50 0x00007ffff48b95ef in QSortFilterProxyModelPrivate::_q_sourceRowsInserted (this=0x1263d80, source_parent=..., start=<optimized out>, end=<optimized out>) at itemmodels/qsortfilterproxymodel.cpp:1398
#51 0x00007ffff48bc1b9 in QSortFilterProxyModel::qt_static_metacall (_o=<optimized out>, _c=<optimized out>, _id=<optimized out>, _a=<optimized out>) at .moc/moc_qsortfilterproxymodel.cpp:211
#52 0x00007ffff491345d in QMetaObject::activate (sender=sender@entry=0x1263670, signalOffset=<optimized out>, local_signal_index=local_signal_index@entry=10, argv=argv@entry=0x7fffffffca90) at kernel/qobject.cpp:3766
#53 0x00007ffff4913b67 in QMetaObject::activate (sender=sender@entry=0x1263670, m=m@entry=0x7ffff4b34680 <QAbstractItemModel::staticMetaObject>, local_signal_index=local_signal_index@entry=10, argv=argv@entry=0x7fffffffca90) at kernel/qobject.cpp:3628
#54 0x00007ffff489278e in QAbstractItemModel::rowsInserted (this=this@entry=0x1263670, _t1=..., _t2=<optimized out>, _t3=<optimized out>, _t4=...) at .moc/moc_qabstractitemmodel.cpp:603
#55 0x00007ffff48995eb in QAbstractItemModel::endInsertRows (this=this@entry=0x1263670) at itemmodels/qabstractitemmodel.cpp:2709
#56 0x00007ffff76e953b in Digikam::AbstractAlbumModel::slotAlbumAdded (this=0x1263670, album=<optimized out>) at /var/tmp/portage/media-gfx/digikam-9999/work/digikam-9999/libs/models/abstractalbummodel.cpp:459
#57 0x00007ffff491345d in QMetaObject::activate (sender=sender@entry=0x7ffff7dd6460 <_ZZN7Digikam12_GLOBAL__N_113Q_QGS_creator13innerFunctionEvE6holder>, signalOffset=<optimized out>, local_signal_index=local_signal_index@entry=1, 
    argv=argv@entry=0x7fffffffcc60) at kernel/qobject.cpp:3766
#58 0x00007ffff4913b67 in QMetaObject::activate (sender=sender@entry=0x7ffff7dd6460 <_ZZN7Digikam12_GLOBAL__N_113Q_QGS_creator13innerFunctionEvE6holder>, m=m@entry=0x7ffff7dacec0 <Digikam::AlbumManager::staticMetaObject>, 
    local_signal_index=local_signal_index@entry=1, argv=argv@entry=0x7fffffffcc60) at kernel/qobject.cpp:3628
#59 0x00007ffff773c6b2 in Digikam::AlbumManager::signalAlbumAdded (this=this@entry=0x7ffff7dd6460 <_ZZN7Digikam12_GLOBAL__N_113Q_QGS_creator13innerFunctionEvE6holder>, _t1=<optimized out>, _t1@entry=0x5654820)
    at /var/tmp/portage/media-gfx/digikam-9999/work/digikam-9999_build/libs/album/digikamalbum_src_autogen/EWIEGA46WW/moc_albummanager.cpp:585
#60 0x00007ffff7727add in Digikam::AlbumManager::insertTAlbum (this=this@entry=0x7ffff7dd6460 <_ZZN7Digikam12_GLOBAL__N_113Q_QGS_creator13innerFunctionEvE6holder>, album=0x5654820, parent=parent@entry=0x2d3eed0)
    at /var/tmp/portage/media-gfx/digikam-9999/work/digikam-9999/libs/album/albummanager.cpp:3011
#61 0x00007ffff772a4d7 in Digikam::AlbumManager::scanTAlbums (this=0x7ffff7dd6460 <_ZZN7Digikam12_GLOBAL__N_113Q_QGS_creator13innerFunctionEvE6holder>) at /var/tmp/portage/media-gfx/digikam-9999/work/digikam-9999/libs/album/albummanager.cpp:1650
#62 0x00007ffff773e57f in Digikam::AlbumManager::qt_static_metacall (_o=0x7ffff7dd6460 <_ZZN7Digikam12_GLOBAL__N_113Q_QGS_creator13innerFunctionEvE6holder>, _c=<optimized out>, _id=<optimized out>, _a=<optimized out>)
    at /var/tmp/portage/media-gfx/digikam-9999/work/digikam-9999_build/libs/album/digikamalbum_src_autogen/EWIEGA46WW/moc_albummanager.cpp:336
#63 0x00007ffff491345d in QMetaObject::activate (sender=sender@entry=0x8ddb10, signalOffset=<optimized out>, local_signal_index=local_signal_index@entry=0, argv=argv@entry=0x7fffffffcf00) at kernel/qobject.cpp:3766
#64 0x00007ffff4913b67 in QMetaObject::activate (sender=sender@entry=0x8ddb10, m=m@entry=0x7ffff4b35e80 <QTimer::staticMetaObject>, local_signal_index=local_signal_index@entry=0, argv=argv@entry=0x7fffffffcf00) at kernel/qobject.cpp:3628
#65 0x00007ffff491f747 in QTimer::timeout (this=this@entry=0x8ddb10, _t1=...) at .moc/moc_qtimer.cpp:201
#66 0x00007ffff491fa28 in QTimer::timerEvent (this=0x8ddb10, e=<optimized out>) at kernel/qtimer.cpp:255
#67 0x00007ffff49141cb in QObject::event (this=0x8ddb10, e=<optimized out>) at kernel/qobject.cpp:1268
#68 0x00007ffff517785c in QApplicationPrivate::notify_helper (this=this@entry=0x703580, receiver=receiver@entry=0x8ddb10, e=e@entry=0x7fffffffd1f0) at kernel/qapplication.cpp:3722
#69 0x00007ffff517eee6 in QApplication::notify (this=0x7fffffffd580, receiver=0x8ddb10, e=0x7fffffffd1f0) at kernel/qapplication.cpp:3481
#70 0x00007ffff48ead96 in QCoreApplication::notifyInternal2 (receiver=0x8ddb10, event=event@entry=0x7fffffffd1f0) at kernel/qcoreapplication.cpp:1018
#71 0x00007ffff493a84b in QCoreApplication::sendEvent (event=0x7fffffffd1f0, receiver=<optimized out>) at ../../include/QtCore/../../src/corelib/kernel/qcoreapplication.h:233
#72 QTimerInfoList::activateTimers (this=this@entry=0x734400) at kernel/qtimerinfo_unix.cpp:643
#73 0x00007ffff493b114 in timerSourceDispatch (source=source@entry=0x7343a0) at kernel/qeventdispatcher_glib.cpp:182
#74 0x00007fffec66ff5e in g_main_dispatch (context=0x7fffd4004fc0) at /var/tmp/portage/dev-libs/glib-2.52.3/work/glib-2.52.3/glib/gmain.c:3234
#75 g_main_context_dispatch (context=context@entry=0x7fffd4004fc0) at /var/tmp/portage/dev-libs/glib-2.52.3/work/glib-2.52.3/glib/gmain.c:3899
#76 0x00007fffec670190 in g_main_context_iterate (context=context@entry=0x7fffd4004fc0, block=block@entry=1, dispatch=dispatch@entry=1, self=<optimized out>) at /var/tmp/portage/dev-libs/glib-2.52.3/work/glib-2.52.3/glib/gmain.c:3972
#77 0x00007fffec67021c in g_main_context_iteration (context=0x7fffd4004fc0, may_block=may_block@entry=1) at /var/tmp/portage/dev-libs/glib-2.52.3/work/glib-2.52.3/glib/gmain.c:4033
#78 0x00007ffff493b53f in QEventDispatcherGlib::processEvents (this=0x759c60, flags=...) at kernel/qeventdispatcher_glib.cpp:423
#79 0x00007ffff48e9ba2 in QEventLoop::exec (this=this@entry=0x7fffffffd440, flags=..., flags@entry=...) at kernel/qeventloop.cpp:212
#80 0x00007ffff48f1fac in QCoreApplication::exec () at kernel/qcoreapplication.cpp:1291
#81 0x00007ffff4c3341c in QGuiApplication::exec () at kernel/qguiapplication.cpp:1679
#82 0x00007ffff51777b5 in QApplication::exec () at kernel/qapplication.cpp:2910
#83 0x0000000000406761 in main (argc=<optimized out>, argv=<optimized out>) at /var/tmp/portage/media-gfx/digikam-9999/work/digikam-9999/app/main/main.cpp:285

This time it was SIGABRT cause glibc was involved directly, but I think the SIGSEGV I've seen before could be the same bug. It looks like another concurrency problem and is not reliable reproducible. It may need thousands of pictures, moving into the collection of a running digikam, maybe several folders.
Comment 1 Denis Kurz 2018-01-31 16:13:24 UTC 
Johannes, do you recall the Qt version you experienced this with? If it was before Qt 5.8, someone might want to consider if this was caused by a Qt bug that was resolved fixed in 5.8, as described in Bug 361895, Comment 1.
Comment 2 Johannes Hirte 2018-02-02 18:54:08 UTC 
(In reply to Denis Kurz from comment #1)
> Johannes, do you recall the Qt version you experienced this with? If it was
> before Qt 5.8, someone might want to consider if this was caused by a Qt bug
> that was resolved fixed in 5.8, as described in Bug 361895, Comment 1.

I'm sure this was already Qt 5.9. I've not seen the double linked list corruption again. Instead most times I see a segfault in:

Thread 1 "digikam" received signal SIGSEGV, Segmentation fault.
QHashData::nextNode (node=node@entry=0x2dfd630) at tools/qhash.cpp:617.

But I'm not sure if this is the same bug. Maybe this one should be closed and I open a new one for the segfault in QHashData
Comment 3 caulier.gilles 2018-08-17 21:27:50 UTC 
Can you reproduce the dysfunction using digiKam 6.0.0 pre-release bundle available here :

https://files.kde.org/digikam/

Gilles Caulier
Comment 4 Johannes Hirte 2018-08-23 08:26:01 UTC 
(In reply to caulier.gilles from comment #3)
> Can you reproduce the dysfunction using digiKam 6.0.0 pre-release bundle
> available here :
> 
> https://files.kde.org/digikam/
> 
> Gilles Caulier

Yes, reproduced with git ae3ea4e7516e054c70dac55248057b1611a9dfdc

This time it happend when deleting some directories from outside of digikam.

backtrace:

Thread 1 "digikam" received signal SIGSEGV, Segmentation fault.
__memmove_ssse3_back () at ../sysdeps/x86_64/multiarch/memcpy-ssse3-back.S:1679
1679    ../sysdeps/x86_64/multiarch/memcpy-ssse3-back.S: No such file or directory.
(gdb) bt
#0  __memmove_ssse3_back () at ../sysdeps/x86_64/multiarch/memcpy-ssse3-back.S:1679
#1  0x00007ffff20d6b2d in memmove (__len=11600313152, __src=<optimized out>, __dest=<optimized out>) at /usr/include/bits/string_fortified.h:40
#2  QListData::remove (this=this@entry=0x5555566dd768, i=<optimized out>, i@entry=-1) at tools/qlist.cpp:261
#3  0x00007ffff20d6e44 in QListData::erase (this=this@entry=0x5555566dd768, xi=xi@entry=0x55555c2cb3e8) at tools/qlist.cpp:330
#4  0x00007ffff78e201d in QList<Digikam::HistoryItem>::erase (it=..., this=<optimized out>) at /usr/lib/gcc/x86_64-pc-linux-gnu/8.2.0/include/g++-v8/bits/atomic_base.h:303
#5  Digikam::AlbumHistory::deleteAlbum(Digikam::Album*) () at /var/tmp/portage/media-gfx/digikam-9999/work/digikam-9999/core/libs/album/albumhistory.cpp:307
#6  0x00007ffff78e244a in Digikam::AlbumHistory::slotAlbumDeleted(Digikam::Album*) () at /var/tmp/portage/media-gfx/digikam-9999/work/digikam-9999/core/libs/album/albumhistory.cpp:569
#7  0x00007ffff79237ac in Digikam::AlbumHistory::qt_static_metacall (_o=<optimized out>, _id=<optimized out>, _a=<optimized out>, _c=<optimized out>) at core/libs/album/digikamalbum_src_autogen/EWIEGA46WW/moc_albumhistory.cpp:124
#8  0x00007ffff223400e in QMetaObject::activate(QObject*, int, int, void**) () at kernel/qobject.cpp:3771
#9  0x00007ffff223465f in QMetaObject::activate (sender=sender@entry=0x7ffff7dd4e70 <_ZZN7Digikam12_GLOBAL__N_113Q_QGS_creator13innerFunctionEvE6holder>, m=m@entry=0x7ffff7dab780 <Digikam::AlbumManager::staticMetaObject>, 
    local_signal_index=local_signal_index@entry=3, argv=argv@entry=0x7fffffffcca0) at kernel/qobject.cpp:3633
#10 0x00007ffff7922d22 in Digikam::AlbumManager::signalAlbumDeleted (this=this@entry=0x7ffff7dd4e70 <_ZZN7Digikam12_GLOBAL__N_113Q_QGS_creator13innerFunctionEvE6holder>, _t1=<optimized out>, _t1@entry=0x5555589fc310)
    at core/libs/album/digikamalbum_src_autogen/EWIEGA46WW/moc_albummanager.cpp:600
#11 0x00007ffff7911d9a in Digikam::AlbumManager::removePAlbum(Digikam::PAlbum*) () at /var/tmp/portage/media-gfx/digikam-9999/work/digikam-9999/core/libs/album/albummanager.cpp:3137
#12 0x00007ffff7914216 in Digikam::AlbumManager::scanPAlbums() () at /var/tmp/portage/media-gfx/digikam-9999/work/digikam-9999/core/libs/album/albummanager.cpp:1375
#13 0x00007ffff7924ae2 in Digikam::AlbumManager::qt_static_metacall(QObject*, QMetaObject::Call, int, void**) () at core/libs/album/digikamalbum_src_autogen/EWIEGA46WW/moc_albummanager.cpp:336
#14 0x00007ffff223400e in QMetaObject::activate(QObject*, int, int, void**) () at kernel/qobject.cpp:3771
#15 0x00007ffff223465f in QMetaObject::activate (sender=<optimized out>, m=m@entry=0x7ffff2685dc0 <QTimer::staticMetaObject>, local_signal_index=local_signal_index@entry=0, argv=argv@entry=0x7fffffffcf90) at kernel/qobject.cpp:3633
#16 0x00007ffff223f7a7 in QTimer::timeout (this=<optimized out>, _t1=...) at .moc/moc_qtimer.cpp:200
#17 0x00007ffff2234c63 in QObject::event(QEvent*) () at kernel/qobject.cpp:1232
#18 0x00007ffff2f04d11 in QApplicationPrivate::notify_helper (this=this@entry=0x5555555f10d0, receiver=receiver@entry=0x555555837d60, e=e@entry=0x7fffffffd250) at kernel/qapplication.cpp:3727
#19 0x00007ffff2f0c1a0 in QApplication::notify(QObject*, QEvent*) () at kernel/qapplication.cpp:3486
#20 0x00007ffff220d481 in QCoreApplication::notifyInternal2(QObject*, QEvent*) () at kernel/qcoreapplication.cpp:1048
#21 0x00007ffff225a719 in QCoreApplication::sendEvent (event=0x7fffffffd250, receiver=<optimized out>) at ../../include/QtCore/../../src/corelib/kernel/qcoreapplication.h:234
#22 QTimerInfoList::activateTimers() () at kernel/qtimerinfo_unix.cpp:643
#23 0x00007ffff225af44 in timerSourceDispatch (source=<optimized out>) at kernel/qeventdispatcher_glib.cpp:182
#24 0x00007fffeaa893cd in g_main_dispatch (context=0x7fffd8004ff0) at /var/tmp/portage/dev-libs/glib-2.56.2/work/glib-2.56.2/glib/gmain.c:3176
#25 g_main_context_dispatch (context=context@entry=0x7fffd8004ff0) at /var/tmp/portage/dev-libs/glib-2.56.2/work/glib-2.56.2/glib/gmain.c:3829
#26 0x00007fffeaa89660 in g_main_context_iterate (context=context@entry=0x7fffd8004ff0, block=block@entry=1, dispatch=dispatch@entry=1, self=<optimized out>) at /var/tmp/portage/dev-libs/glib-2.56.2/work/glib-2.56.2/glib/gmain.c:3902
#27 0x00007fffeaa896ec in g_main_context_iteration (context=0x7fffd8004ff0, may_block=may_block@entry=1) at /var/tmp/portage/dev-libs/glib-2.56.2/work/glib-2.56.2/glib/gmain.c:3963
#28 0x00007ffff225b373 in QEventDispatcherGlib::processEvents (this=0x555555651710, flags=...) at kernel/qeventdispatcher_glib.cpp:423
#29 0x00007fffdec912e1 in QPAEventDispatcherGlib::processEvents (this=0x555555651710, flags=...) at qeventdispatcher_glib.cpp:69
#30 0x00007ffff220c4c3 in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () at ../../include/QtCore/../../src/corelib/global/qflags.h:140
#31 0x00007ffff2214167 in QCoreApplication::exec() () at ../../include/QtCore/../../src/corelib/global/qflags.h:120
#32 0x00005555555618c5 in main () at /var/tmp/portage/media-gfx/digikam-9999/work/digikam-9999/core/app/main/main.cpp:286
#33 0x00007ffff17dc3be in __libc_start_main (main=0x555555560ab0 <main>, argc=1, argv=0x7fffffffd8a8, init=<optimized out>, fini=<optimized out>, rtld_fini=<optimized out>, stack_end=0x7fffffffd898) at ../csu/libc-start.c:308
#34 0x00005555555627ba in _start () at /usr/include/qt5/QtCore/qdebug.h:125

Do you need the full backtrace with all threads?
Comment 5 Maik Qualmann 2018-08-23 20:45:41 UTC 
Interesting backtrace, but I see no problem in AlbumHistory::deleteAlbum(). Even after intensive debugging and trying to reproduce the crash, I have not succeeded so far. After all, it crashes in QList, but it's actually not possible for us to delete a wrong QList item with erase().

Maik
Comment 6 Johannes Hirte 2018-10-08 19:51:23 UTC 
Yes, it's a very nasty bug, and I'm still not sure if this may be a bug in Qt or some other component. But I've seen this only with digikam.


And it smells like some race condition to me. In the past, I've seen this once a day or more. With current digikam, I get this once a month. I have some more backtraces, always ending in:

QHashData::nextNode

As digikam is highly multithreaded, mabye the thread-sanitizer can light this up.
Comment 7 Johannes Hirte 2018-10-11 19:10:05 UTC 
Ok, just starting digikam spits me 47 ThreadSanitizer warnings. Maybe false positives, cause not all code was instrumented. For Example, glib and dbus wasn't compiled with -fsanitize=thread. I've stopped debugging after recompiled Qt with thread sanitizer support (except qtwebkit), cause this broke all remaining binaries compiled against Qt and without thread sanitizer. 

I can provide the warnings, if you're interested. But I'm not sure how useful they are.
Comment 8 Maik Qualmann 2018-10-14 20:20:45 UTC 
Git commit a3e9a0ff35cc7f3a8c1202feabdbd125e3403297 by Maik Qualmann.
Committed on 14/10/2018 at 20:18.
Pushed by mqualmann into branch 'master'.

move this qHash function into the Digikam namespace
Qt-5.11 does not seem to need this function any more and accepts
a QList also as a QHash key. In the documentation of Qt
but nothing is noted about it yet.

M  +10   -11   core/libs/album/albumhistory.cpp

https://commits.kde.org/digikam/a3e9a0ff35cc7f3a8c1202feabdbd125e3403297
Comment 9 Maik Qualmann 2018-10-14 20:22:51 UTC 
Johannes,

You can provide the logs, I'll look at them.

Maik
Comment 10 caulier.gilles 2018-12-31 11:50:15 UTC 
Can you reproduce the dysfunction using the last digiKam 6.0.0-beta3 just
released ?

https://www.digikam.org/news/2018-12-30-6.0.0-beta3_release_announcement/
Comment 11 Maik Qualmann 2019-01-01 11:50:32 UTC 
Git commit 939b2d08743e5e6c084c0c7b0b7606d178952f90 by Maik Qualmann.
Committed on 01/01/2019 at 11:49.
Pushed by mqualmann into branch 'master'.

prevent crashes when copying large video or TIF files

M  +18   -1    core/libs/threadimageio/engine/dfileoperations.cpp

https://commits.kde.org/digikam/939b2d08743e5e6c084c0c7b0b7606d178952f90
Comment 12 Johannes Hirte 2019-02-25 11:48:34 UTC 
Last crashes I've seen were without a backtrace, so I can't say what happened. I've added kcrash for catching a trace when the next crash happens. Hopefully this gives some more infos.
Comment 13 caulier.gilles 2019-03-07 05:09:58 UTC 
Good news,

After 2 weeks of works, the pre-release 6.1.0 bundles are now reconstructed from scratch with:

- All OpenCV options for CUDA, OPenMP, and OPenCL disabled to prevent crashes
in face management.
- A large upgrade of Qt5 from 5.9.7 to 5.11.3.
- An upgrade to KF5 5.55.
- An upgrade to Ffmpeg 3.3.9
- The fontconfig/freetype integration in the bundle to reduce system
dependencies

Files can be downloaded here :

https://files.kde.org/digikam/

Please test and report.

Gilles Caulier
Comment 14 caulier.gilles 2020-01-19 14:53:33 UTC 
Johannes,

We need a fresh feedback using last 7.0.0-beta AppImage pre-release. Can you reproduce the crash ?

https://files.kde.org/digikam/

Gilles Caulier
Comment 15 Johannes Hirte 2020-01-19 15:43:17 UTC 
I haven't seen this crash for a long time. So I think we can consider it as fixed.
Comment 16 caulier.gilles 2020-01-19 16:16:59 UTC 
Thanks for the feedback