Bug 469436

Summary: Every time System Settings is launched, xdg-desktop-portal-kde crashes in SettingsPortal::ReadAll()
Product: [Plasma] xdg-desktop-portal-kde Reporter: Nate Graham <nate>
Component: generalAssignee: Plasma Bugs List <plasma-bugs-null>
Status: RESOLVED FIXED    
Severity: crash CC: aleixpol, jgrulich, nate
Priority: NOR Keywords: qt6
Version First Reported In: git-master   
Target Milestone: ---   
Platform: Other   
OS: Linux   
Latest Commit: https://invent.kde.org/plasma/xdg-desktop-portal-kde/commit/dc1f5904351237ffdfc972b1975243d4a9f5ac63 Version Fixed/Implemented In:
Sentry Crash Report:
Attachments: QDBUS_DEBUG=1 log

Description Nate Graham 2023-05-07 07:40:22 UTC 
STEPS TO REPRODUCE
1. Be in a Plasma 6 session  (currently on X11, haven't tested Wayland yet)
2. Launch System settings using any method


OBSERVED RESULT
xdg-desktop-portal-kde crashes in SettingsPortal::ReadAll()

#0  __GI___pthread_sigmask (how=1, newmask=<optimized out>, oldmask=0x0) at pthread_sigmask.c:43
#1  0x00007fab1445fd4d in __GI___sigprocmask (how=<optimized out>, set=<optimized out>, 
    oset=<optimized out>) at ../sysdeps/unix/sysv/linux/sigprocmask.c:25
#2  0x00007fab163d0d98 in KCrash::setCrashHandler (handler=handler@entry=0x0)
    at /home/nate/kde/src/kcrash/src/kcrash.cpp:411
#3  0x00007fab163d190e in KCrash::defaultCrashHandler (sig=6)
    at /home/nate/kde/src/kcrash/src/kcrash.cpp:615
#4  <signal handler called>
#5  __pthread_kill_implementation (threadid=<optimized out>, signo=signo@entry=6, 
    no_tid=no_tid@entry=0) at pthread_kill.c:44
#6  0x00007fab144b08b3 in __pthread_kill_internal (signo=6, threadid=<optimized out>)
    at pthread_kill.c:78
#7  0x00007fab1445fabe in __GI_raise (sig=sig@entry=6) at ../sysdeps/posix/raise.c:26
#8  0x00007fab1444887f in __GI_abort () at abort.c:79
#9  0x00007fab13f1dcd2 in _dbus_abort () at ../../dbus/dbus-sysdeps.c:101
#10 0x00007fab13f45db2 in _dbus_warn_check_failed (
    format=0x7fab13f503f0 "Array or variant type requires that type %s be written, but %s was written.\nThe overall signature expected here was '%s' and we are on byte %d of that signature.")
    at ../../dbus/dbus-internals.c:289
#11 0x00007fab13f2f190 in write_or_verify_typecode (writer=writer@entry=0x7faafc013c50, 
    typecode=typecode@entry=125) at ../../dbus/dbus-marshal-recursive.c:1733
#12 0x00007fab13f2f2cd in _dbus_type_writer_unrecurse (writer=writer@entry=0x7faafc015560, 
    sub=sub@entry=0x7faafc013c50) at ../../dbus/dbus-marshal-recursive.c:2203
#13 0x00007fab13f31466 in dbus_message_iter_close_container (iter=0x7faafc015550, 
    sub=0x7faafc013c40) at ../../dbus/dbus-message.c:3079
#14 0x00007fab164cd146 in q_dbus_message_iter_close_container (sub=0x7faafc013c40, 
    iter=<optimized out>)
    at /usr/src/debug/qt6-qtbase-6.5.0-2.fc38.x86_64/src/dbus/qdbus_symbols_p.h:311
#15 QDBusMarshaller::close (this=0x7faafc013c20)
    at /usr/src/debug/qt6-qtbase-6.5.0-2.fc38.x86_64/src/dbus/qdbusmarshaller.cpp:333
#16 QDBusMarshaller::close (this=0x7faafc013c20)
    at /usr/src/debug/qt6-qtbase-6.5.0-2.fc38.x86_64/src/dbus/qdbusmarshaller.cpp:327
#17 QDBusMarshaller::~QDBusMarshaller (this=0x7faafc013c20, __in_chrg=<optimized out>)
    at /usr/src/debug/qt6-qtbase-6.5.0-2.fc38.x86_64/src/dbus/qdbusmarshaller.cpp:25
#18 0x00007fab164cd165 in QDBusMarshaller::~QDBusMarshaller (this=0x7faafc013c20, 
    __in_chrg=<optimized out>)
    at /usr/src/debug/qt6-qtbase-6.5.0-2.fc38.x86_64/src/dbus/qdbusmarshaller.cpp:26
#19 0x00007fab164cfbfa in QDBusMarshaller::appendRegisteredType (
    this=this@entry=0x7ffc8b60e130, arg=...)
    at /usr/src/debug/qt6-qtbase-6.5.0-2.fc38.x86_64/src/dbus/qdbusmarshaller.cpp:490
#20 0x00007fab164d1501 in QDBusMarshaller::appendVariantInternal (
    this=this@entry=0x7ffc8b60e130, arg=...)
    at /usr/src/debug/qt6-qtbase-6.5.0-2.fc38.x86_64/src/dbus/qdbusmarshaller.cpp:462
#21 0x00007fab16508bf7 in QDBusMessagePrivate::toDBusMessage (message=..., capabilities=..., 
    error=error@entry=0x7ffc8b60e400)
    at /usr/src/debug/qt6-qtbase-6.5.0-2.fc38.x86_64/src/dbus/qdbusmessage.cpp:165
#22 0x00007fab164e45f3 in QDBusConnectionPrivate::send (this=0x7faafc001720, message=...)
    at /usr/src/debug/qt6-qtbase-6.5.0-2.fc38.x86_64/src/corelib/global/qflags.h:34
#23 0x00007fab164e4d47 in QDBusConnectionPrivate::send (this=<optimized out>, message=...)
    at /usr/src/debug/qt6-qtbase-6.5.0-2.fc38.x86_64/src/dbus/qdbusintegrator.cpp:1962
#24 0x00007fab164d6ab0 in QDBusConnection::send (this=<optimized out>, message=...)
    at /usr/src/debug/qt6-qtbase-6.5.0-2.fc38.x86_64/src/dbus/qdbusconnection.cpp:530
#25 0x00000000004ad488 in SettingsPortal::ReadAll (this=<optimized out>, groups=...)
    at /home/nate/kde/src/xdg-desktop-portal-kde/src/settings.cpp:439
#26 0x000000000042ac28 in SettingsPortal::qt_metacall (this=0x7a7050, 
    _c=QMetaObject::InvokeMetaMethod, _id=1, _a=0x7ffc8b60e6e8)
    at /home/nate/kde/build6/xdg-desktop-portal-kde/src/xdg-desktop-portal-kde_autogen/EWIEGA46WW/moc_settings.cpp:392
#27 0x00007fab164eaed9 in QDBusConnectionPrivate::deliverCall (this=this@entry=0x7faafc001720, 
    object=object@entry=0x7a7050, msg=..., metaTypes=..., slotIdx=6)
    at /usr/src/debug/qt6-qtbase-6.5.0-2.fc38.x86_64/src/dbus/qdbusintegrator.cpp:975
#28 0x00007fab164ee808 in QDBusConnectionPrivate::activateCall (this=this@entry=0x7faafc001720, 
    object=0x7a7050, flags=flags@entry=273, msg=...)
    at /usr/src/debug/qt6-qtbase-6.5.0-2.fc38.x86_64/src/dbus/qdbusintegrator.cpp:884
#29 0x00007fab164ef04a in QDBusConnectionPrivate::activateCall (msg=..., flags=273, 
    object=<optimized out>, this=0x7faafc001720)
    at /usr/src/debug/qt6-qtbase-6.5.0-2.fc38.x86_64/src/dbus/qdbusintegrator.cpp:823
#30 QDBusConnectionPrivate::activateObject (this=0x7faafc001720, node=..., msg=..., 
    pathStartPos=<optimized out>)
    at /usr/src/debug/qt6-qtbase-6.5.0-2.fc38.x86_64/src/dbus/qdbusintegrator.cpp:1478
#31 0x00007fab164f174a in QDBusActivateObjectEvent::placeMetaCall (this=0x7faafc0148c0)
    at /usr/src/debug/qt6-qtbase-6.5.0-2.fc38.x86_64/src/dbus/qdbusintegrator.cpp:1598
#32 0x00007fab14bcf357 in QObject::event (this=0x74a2d0, e=0x7faafc0148c0)
    at /usr/src/debug/qt6-qtbase-6.5.0-2.fc38.x86_64/src/corelib/kernel/qobject.cpp:1391
#33 0x00007fab15dc09c8 in QApplicationPrivate::notify_helper (this=<optimized out>, 
    receiver=0x74a2d0, e=0x7faafc0148c0)
    at /usr/src/debug/qt6-qtbase-6.5.0-2.fc38.x86_64/src/widgets/kernel/qapplication.cpp:3284
#34 0x00007fab14b7bfc8 in QCoreApplication::notifyInternal2 (receiver=0x74a2d0, 
    event=0x7faafc0148c0)
    at /usr/src/debug/qt6-qtbase-6.5.0-2.fc38.x86_64/src/corelib/kernel/qcoreapplication.cpp:1115
#35 0x00007fab14b7c1cd in QCoreApplication::sendEvent (receiver=<optimized out>, 
    event=<optimized out>)
    at /usr/src/debug/qt6-qtbase-6.5.0-2.fc38.x86_64/src/corelib/kernel/qcoreapplication.cpp:1533
#36 0x00007fab14b7f9a5 in QCoreApplicationPrivate::sendPostedEvents (receiver=0x0, 
    event_type=0, data=0x6b29b0)
    at /usr/src/debug/qt6-qtbase-6.5.0-2.fc38.x86_64/src/corelib/kernel/qcoreapplication.cpp:1895
#37 0x00007fab14b7fcdd in QCoreApplication::sendPostedEvents (receiver=<optimized out>, 
    event_type=<optimized out>)
    at /usr/src/debug/qt6-qtbase-6.5.0-2.fc38.x86_64/src/corelib/kernel/qcoreapplication.cpp:1754
#38 0x00007fab14e1f4df in postEventSourceDispatch (s=0x751140)
    at /usr/src/debug/qt6-qtbase-6.5.0-2.fc38.x86_64/src/corelib/kernel/qeventdispatcher_glib.cpp:243
#39 0x00007fab141c239c in g_main_dispatch (context=0x7faafc000f10) at ../glib/gmain.c:3460
#40 g_main_context_dispatch (context=0x7faafc000f10) at ../glib/gmain.c:4200
#41 0x00007fab14220438 in g_main_context_iterate.isra.0 (context=0x7faafc000f10, block=1, 
    dispatch=1, self=<optimized out>) at ../glib/gmain.c:4276
#42 0x00007fab141bfa23 in g_main_context_iteration (context=0x7faafc000f10, may_block=1)
    at ../glib/gmain.c:4343
#43 0x00007fab14e1ed7f in QEventDispatcherGlib::processEvents (this=0x750950, flags=...)
    at /usr/src/debug/qt6-qtbase-6.5.0-2.fc38.x86_64/src/corelib/kernel/qeventdispatcher_glib.cpp:393
#44 0x00007fab14b88ac3 in QEventLoop::exec (this=this@entry=0x7ffc8b60efc0, flags=..., 
    flags@entry=...)
    at /usr/src/debug/qt6-qtbase-6.5.0-2.fc38.x86_64/src/corelib/global/qflags.h:34
#45 0x00007fab14b8476d in QCoreApplication::exec ()
    at /usr/src/debug/qt6-qtbase-6.5.0-2.fc38.x86_64/src/corelib/global/qflags.h:74
#46 0x00007fab153f888d in QGuiApplication::exec ()
    at /usr/src/debug/qt6-qtbase-6.5.0-2.fc38.x86_64/src/gui/kernel/qguiapplication.cpp:1886
#47 0x00007fab15dc0939 in QApplication::exec ()
    at /usr/src/debug/qt6-qtbase-6.5.0-2.fc38.x86_64/src/widgets/kernel/qapplication.cpp:2564
#48 0x00000000004265a0 in main (argc=<optimized out>, argv=<optimized out>)
    at /home/nate/kde/src/xdg-desktop-portal-kde/src/xdg-desktop-portal-kde.cpp:46


EXPECTED RESULT
No crash


SOFTWARE/OS VERSIONS
Operating System: Fedora Linux 38
KDE Plasma Version: 5.27.80
KDE Frameworks Version: 5.240.0
Qt Version: 6.5.0
Kernel Version: 6.2.14-300.fc38.x86_64 (64-bit)
Graphics Platform: X11
Processors: 8 × Intel® Core™ i7-10510U CPU @ 1.80GHz
Memory: 15.2 GiB of RAM
Graphics Processor: Mesa Intel® UHD Graphics
Comment 1 Nate Graham 2023-05-10 07:21:12 UTC 
When this happens, the console log says:

May 10 09:19:55 Liberator xdg-desktop-portal-kde[29107]: QDBusMarshaller: cannot add a null QDBusVariant
May 10 09:19:55 Liberator xdg-desktop-portal-kde[29107]: dbus[29107]: Array or variant type requires that type variant be written, but end_dict_entry was written.
May 10 09:19:55 Liberator xdg-desktop-portal-kde[29107]: The overall signature expected here was 'a{sa{sv}}' and we are on byte 6 of that signature.
May 10 09:19:55 Liberator xdg-desktop-portal-kde[29107]:   D-Bus not built with -rdynamic so unable to print a backtrace
Comment 2 Nate Graham 2023-05-10 07:27:33 UTC 
Created attachment 158817 [details]
QDBUS_DEBUG=1 log
Comment 3 Harald Sitter 2023-05-10 08:17:09 UTC 
Git commit dc1f5904351237ffdfc972b1975243d4a9f5ac63 by Harald Sitter.
Committed on 10/05/2023 at 08:13.
Pushed by sitter into branch 'master'.

settings: guard against invalid property reads

otherwise we run risk of marshalling a default constructed and thus
invalid/null variant. qdbus doesn't like to do that.

this resulted in a crash when we returned an invalid
qvariant from QObject::property

M  +3    -1    src/settings.cpp

https://invent.kde.org/plasma/xdg-desktop-portal-kde/commit/dc1f5904351237ffdfc972b1975243d4a9f5ac63