Bug 448592

Summary: xdg-desktop-portal-kde crashed in KCoreDirLister::clear() while browsing KDE file picker window to attach an image file in Firefox 96.0
Product: [Plasma] xdg-desktop-portal-kde Reporter: phd <phd>
Component: generalAssignee: Jan Grulich <jgrulich>
Status: RESOLVED FIXED    
Severity: crash CC: nate, sitter
Priority: NOR    
Version First Reported In: 5.23.5   
Target Milestone: ---   
Platform: Ubuntu   
OS: Linux   
Latest Commit: Version Fixed In:
Sentry Crash Report:

Description phd 2022-01-16 11:52:22 UTC 
SUMMARY
Application: xdg-desktop-portal-kde (xdg-desktop-portal-kde), signal: Segmentation fault

STEPS TO REPRODUCE
1. browsing KDE file picker window to attach an image file in Firefox 96.0
2. going to the directory above (maybe related)

SOFTWARE/OS VERSIONS
Linux: Kubuntu 21.10
KDE Plasma Version: 5.23.5
KDE Frameworks Version: 5.90.0
Qt Version: 5.15.2

ADDITIONAL INFORMATION
[KCrash Handler]
#4  __memmove_avx_unaligned_erms () at ../sysdeps/x86_64/multiarch/memmove-vec-unaligned-erms.S:502
#5  0x00007f0c059fbb9e in memmove (__len=<optimized out>, __src=<optimized out>, __dest=<optimized out>) at /usr/include/x86_64-linux-gnu/bits/string_fortified.h:36
#6  QVector<int>::erase (aend=<optimized out>, abegin=<optimized out>, this=0x561a15e8ac00) at ../../include/QtCore/../../src/corelib/tools/qvector.h:942
#7  QVector<int>::remove (n=78, i=<optimized out>, this=0x561a15e8ac00) at ../../include/QtCore/../../src/corelib/tools/qvector.h:479
#8  QSortFilterProxyModelPrivate::remove_proxy_interval (emit_signal=true, orient=Qt::Vertical, proxy_parent=..., proxy_end=<optimized out>, proxy_start=<optimized out>, proxy_to_source=..., source_to_proxy=..., this=0x561a15be33d0) at itemmodels/qsortfilterproxymodel.cpp:790
#9  QSortFilterProxyModelPrivate::remove_source_items (this=0x561a15be33d0, source_to_proxy=..., proxy_to_source=..., source_items=..., source_parent=..., orient=Qt::Vertical, emit_signal=true) at itemmodels/qsortfilterproxymodel.cpp:765
#10 0x00007f0c059fbd99 in QSortFilterProxyModelPrivate::source_items_about_to_be_removed (this=0x561a15be33d0, source_parent=..., start=0, end=77, orient=Qt::Vertical) at itemmodels/qsortfilterproxymodel.cpp:1066
#11 0x00007f0c05a60a88 in doActivate<false> (sender=0x561a13967600, signal_index=14, argv=0x7ffd3e568170) at kernel/qobject.cpp:3898
#12 0x00007f0c05a59d67 in QMetaObject::activate (sender=sender@entry=0x561a13967600, m=m@entry=0x7f0c05cc4660 <QAbstractItemModel::staticMetaObject>, local_signal_index=local_signal_index@entry=11, argv=argv@entry=0x7ffd3e568170) at kernel/qobject.cpp:3946
#13 0x00007f0c059c21b2 in QAbstractItemModel::rowsAboutToBeRemoved (this=this@entry=0x561a13967600, _t1=..., _t2=<optimized out>, _t2@entry=0, _t3=<optimized out>, _t3@entry=77, _t4=...) at .moc/moc_qabstractitemmodel.cpp:599
#14 0x00007f0c059ca136 in QAbstractItemModel::beginRemoveRows (this=0x561a13967600, parent=..., first=0, last=77) at itemmodels/qabstractitemmodel.cpp:2818
#15 0x00007f0c07c0d3e6 in KDirModelPrivate::_k_slotClear (this=0x561a15df9390) at ./src/widgets/kdirmodel.cpp:737
#16 0x00007f0c05a60a53 in QtPrivate::QSlotObjectBase::call (a=0x7ffd3e5682f0, r=0x561a13967600, this=0x561a141c1390) at ../../include/QtCore/../../src/corelib/kernel/qobjectdefs_impl.h:398
#17 doActivate<false> (sender=0x561a14635830, signal_index=12, argv=0x7ffd3e5682f0) at kernel/qobject.cpp:3886
#18 0x00007f0c05a59d67 in QMetaObject::activate (sender=sender@entry=0x561a14635830, m=m@entry=0x7f0c060d5c20 <KCoreDirLister::staticMetaObject>, local_signal_index=local_signal_index@entry=9, argv=argv@entry=0x0) at kernel/qobject.cpp:3946
#19 0x00007f0c0604c577 in KCoreDirLister::clear (this=this@entry=0x561a14635830) at ./obj-x86_64-linux-gnu/src/core/KF5KIOCore_autogen/include/moc_kcoredirlister.cpp:533
#20 0x00007f0c0605f9ee in KCoreDirListerCache::forgetDirs (this=this@entry=0x7f0c060d9540 <(anonymous namespace)::Q_QGS_kDirListerCache::innerFunction()::holder>, lister=lister@entry=0x561a14635830) at ./src/core/kcoredirlister.cpp:469
#21 0x00007f0c06060d5d in KCoreDirListerCache::listDir (this=0x7f0c060d9540 <(anonymous namespace)::Q_QGS_kDirListerCache::innerFunction()::holder>, lister=<optimized out>, dirUrl=..., _keep=<optimized out>, _reload=<optimized out>) at ./src/core/kcoredirlister.cpp:124
#22 0x00007f0c07cabdaf in KDirOperatorPrivate::openUrl (this=0x561a16ef0ee0, url=..., flags=flags@entry=...) at ./src/filewidgets/kdiroperator.cpp:1077
#23 0x00007f0c07cb7094 in KDirOperator::setUrl (this=this@entry=0x561a161d6f00, _newurl=..., clearforward=clearforward@entry=true) at /usr/include/x86_64-linux-gnu/qt5/QtCore/qflags.h:121
#24 0x00007f0c07caae17 in KDirOperator::cdUp (this=0x561a161d6f00) at ./src/filewidgets/kdiroperator.cpp:1240
#25 0x00007f0c05a60a88 in doActivate<false> (sender=0x561a15c5e150, signal_index=4, argv=0x7ffd3e5686e0) at kernel/qobject.cpp:3898
#26 0x00007f0c05a59d67 in QMetaObject::activate (sender=sender@entry=0x561a15c5e150, m=m@entry=0x7f0c07847d40 <QAction::staticMetaObject>, local_signal_index=local_signal_index@entry=1, argv=argv@entry=0x7ffd3e5686e0) at kernel/qobject.cpp:3946
#27 0x00007f0c0731cb86 in QAction::triggered (this=this@entry=0x561a15c5e150, _t1=<optimized out>) at .moc/moc_qaction.cpp:376
#28 0x00007f0c0731f89c in QAction::activate (this=0x561a15c5e150, event=<optimized out>) at kernel/qaction.cpp:1161
#29 0x00007f0c0741a7ba in QAbstractButtonPrivate::click (this=0x561a160fe080) at widgets/qabstractbutton.cpp:398
#30 0x00007f0c0741a917 in QAbstractButton::mouseReleaseEvent (this=0x561a14bb7450, e=0x7ffd3e568c80) at widgets/qabstractbutton.cpp:1044
#31 0x00007f0c07516f3e in QToolButton::mouseReleaseEvent (this=<optimized out>, e=<optimized out>) at widgets/qtoolbutton.cpp:622
#32 0x00007f0c0736617e in QWidget::event (this=0x561a14bb7450, event=0x7ffd3e568c80) at kernel/qwidget.cpp:9019
#33 0x00007f0c073236b3 in QApplicationPrivate::notify_helper (this=this@entry=0x561a133f0360, receiver=receiver@entry=0x561a14bb7450, e=e@entry=0x7ffd3e568c80) at kernel/qapplication.cpp:3632
#34 0x00007f0c0732b2e4 in QApplication::notify (this=0x7ffd3e5689a0, receiver=0x561a14bb7450, e=0x7ffd3e568c80) at kernel/qapplication.cpp:3076
#35 0x00007f0c05a2916a in QCoreApplication::notifyInternal2 (receiver=0x561a14bb7450, event=0x7ffd3e568c80) at kernel/qcoreapplication.cpp:1063
#36 0x00007f0c07329dc7 in QApplicationPrivate::sendMouseEvent (receiver=receiver@entry=0x561a14bb7450, event=event@entry=0x7ffd3e568c80, alienWidget=alienWidget@entry=0x561a14bb7450, nativeWidget=0x561a169454f0, buttonDown=<optimized out>, lastMouseReceiver=..., spontaneous=true, onlyDispatchEnterLeave=false) at kernel/qapplication.cpp:2614
#37 0x00007f0c0737f9b0 in QWidgetWindow::handleMouseEvent (this=0x561a166286c0, event=0x7ffd3e568f50) at kernel/qwidgetwindow.cpp:683
#38 0x00007f0c07382c45 in QWidgetWindow::event (this=0x561a166286c0, event=0x7ffd3e568f50) at kernel/qwidgetwindow.cpp:300
#39 0x00007f0c073236b3 in QApplicationPrivate::notify_helper (this=<optimized out>, receiver=0x561a166286c0, e=0x7ffd3e568f50) at kernel/qapplication.cpp:3632
#40 0x00007f0c05a2916a in QCoreApplication::notifyInternal2 (receiver=0x561a166286c0, event=0x7ffd3e568f50) at kernel/qcoreapplication.cpp:1063
#41 0x00007f0c066a4257 in QGuiApplicationPrivate::processMouseEvent (e=0x561a16dcfdb0) at kernel/qguiapplication.cpp:2282
#42 0x00007f0c066799bc in QWindowSystemInterface::sendWindowSystemEvents (flags=flags@entry=...) at kernel/qwindowsysteminterface.cpp:1169
#43 0x00007f0c00c7ab9e in xcbSourceDispatch (source=<optimized out>) at ./src/plugins/platforms/xcb/qxcbeventdispatcher.cpp:105
#44 0x00007f0c03ffc8bb in g_main_context_dispatch () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#45 0x00007f0c0404ff08 in ?? () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#46 0x00007f0c03ffa003 in g_main_context_iteration () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#47 0x00007f0c05a82548 in QEventDispatcherGlib::processEvents (this=0x561a134c1f80, flags=...) at kernel/qeventdispatcher_glib.cpp:423
#48 0x00007f0c05a27a9b in QEventLoop::exec (this=this@entry=0x7ffd3e569280, flags=..., flags@entry=...) at ../../include/QtCore/../../src/corelib/global/qflags.h:69
#49 0x00007f0c07533642 in QDialog::exec (this=0x561a169454f0) at ../../include/QtCore/../../src/corelib/global/qflags.h:121
#50 0x0000561a11837adc in FileChooserPortal::SaveFile(QDBusObjectPath const&, QString const&, QString const&, QString const&, QMap<QString, QVariant> const&, QMap<QString, QVariant>&) [clone .constprop.0] (this=this@entry=0x561a134dc5e0, handle=..., parent_window=..., title=..., options=..., results=..., app_id=...) at ./src/filechooser.cpp:461
#51 0x0000561a117ffec3 in FileChooserPortal::qt_static_metacall (_o=_o@entry=0x561a134dc5e0, _c=_c@entry=QMetaObject::InvokeMetaMethod, _id=_id@entry=1, _a=_a@entry=0x7ffd3e569580) at ./obj-x86_64-linux-gnu/src/xdg-desktop-portal-kde_autogen/EWIEGA46WW/moc_filechooser.cpp:164
#52 0x0000561a11807c93 in FileChooserPortal::qt_metacall (this=0x561a134dc5e0, _c=QMetaObject::InvokeMetaMethod, _id=1, _a=0x7ffd3e569580) at ./obj-x86_64-linux-gnu/src/xdg-desktop-portal-kde_autogen/EWIEGA46WW/moc_filechooser.cpp:219
#53 0x00007f0c05cf256b in QDBusConnectionPrivate::deliverCall (this=<optimized out>, object=<optimized out>, msg=..., metaTypes=..., slotIdx=<optimized out>) at ../../include/QtCore/../../src/corelib/tools/qvarlengtharray.h:201
#54 0x00007f0c05cf6257 in QDBusConnectionPrivate::activateCall (this=this@entry=0x7f0bf4003a00, object=0x561a134dc5e0, flags=flags@entry=273, msg=...) at ./src/dbus/qdbusintegrator.cpp:911
#55 0x00007f0c05cf6999 in QDBusConnectionPrivate::activateCall (msg=..., flags=273, object=<optimized out>, this=0x7f0bf4003a00) at ./src/dbus/qdbusintegrator.cpp:853
#56 QDBusConnectionPrivate::activateObject (this=0x7f0bf4003a00, node=..., msg=..., pathStartPos=<optimized out>) at ./src/dbus/qdbusintegrator.cpp:1497
#57 0x00007f0c05cf8d4c in QDBusActivateObjectEvent::placeMetaCall (this=0x561a164231b0) at ./src/dbus/qdbusintegrator.cpp:1617
#58 0x00007f0c05a5673e in QObject::event (this=0x561a134f41e0, e=0x561a164231b0) at kernel/qobject.cpp:1314
#59 0x00007f0c073236b3 in QApplicationPrivate::notify_helper (this=<optimized out>, receiver=0x561a134f41e0, e=0x561a164231b0) at kernel/qapplication.cpp:3632
#60 0x00007f0c05a2916a in QCoreApplication::notifyInternal2 (receiver=0x561a134f41e0, event=0x561a164231b0) at kernel/qcoreapplication.cpp:1063
#61 0x00007f0c05a2c257 in QCoreApplicationPrivate::sendPostedEvents (receiver=0x0, event_type=0, data=0x561a133d24b0) at kernel/qcoreapplication.cpp:1817
#62 0x00007f0c05a82ef7 in postEventSourceDispatch (s=0x561a134ad6c0) at kernel/qeventdispatcher_glib.cpp:277
#63 0x00007f0c03ffc8bb in g_main_context_dispatch () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#64 0x00007f0c0404ff08 in ?? () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#65 0x00007f0c03ffa003 in g_main_context_iteration () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#66 0x00007f0c05a82548 in QEventDispatcherGlib::processEvents (this=0x561a134c1f80, flags=...) at kernel/qeventdispatcher_glib.cpp:423
#67 0x00007f0c05a27a9b in QEventLoop::exec (this=this@entry=0x7ffd3e569b60, flags=..., flags@entry=...) at ../../include/QtCore/../../src/corelib/global/qflags.h:69
#68 0x00007f0c05a30024 in QCoreApplication::exec () at ../../include/QtCore/../../src/corelib/global/qflags.h:121
#69 0x00007f0c06697d10 in QGuiApplication::exec () at kernel/qguiapplication.cpp:1867
#70 0x00007f0c07323629 in QApplication::exec () at kernel/qapplication.cpp:2824
#71 0x0000561a117fdf39 in main (argc=<optimized out>, argv=<optimized out>) at ./src/xdg-desktop-portal-kde.cpp:39
[Inferior 1 (process 7623) detached]
Comment 1 Harald Sitter 2022-04-07 12:30:22 UTC 
Is this reproducible at all?
Comment 2 Bug Janitor Service 2022-04-22 04:35:03 UTC 
Dear Bug Submitter,

This bug has been in NEEDSINFO status with no change for at least
15 days. Please provide the requested information as soon as
possible and set the bug status as REPORTED. Due to regular bug
tracker maintenance, if the bug is still in NEEDSINFO status with
no change in 30 days the bug will be closed as RESOLVED > WORKSFORME
due to lack of needed information.

For more information about our bug triaging procedures please read the
wiki located here:
https://community.kde.org/Guidelines_and_HOWTOs/Bug_triaging

If you have already provided the requested information, please
mark the bug as REPORTED so that the KDE team knows that the bug is
ready to be confirmed.

Thank you for helping us make KDE software even better for everyone!
Comment 3 phd 2022-04-23 12:06:01 UTC 
@Harald Sitter
I wasn't able to reproduce this issue.
Comment 4 Nate Graham 2022-04-24 13:20:32 UTC 
Cool, thanks. Assuming it's been fixed since it was reported.