| Summary: | Kio6 segfaults if trying to access an Samsung Galaxy S 8 via MTP in TWRP Recovery Manager | ||
|---|---|---|---|
| Product: | [Frameworks and Libraries] kio-extras | Reporter: | devzero |
| Component: | MTP | Assignee: | Unassigned bugs mailing-list <unassigned-bugs> |
| Status: | REPORTED --- | ||
| Severity: | crash | CC: | cousinmarc, elvis.angelaccio, kfm-devel, sitter |
| Priority: | NOR | ||
| Version: | 24.05.0 | ||
| Target Milestone: | --- | ||
| Platform: | Manjaro | ||
| OS: | Linux | ||
| Latest Commit: | Version Fixed In: | ||
| Sentry Crash Report: | |||
| Attachments: | kio6 backtrace from coredump | ||
Please provide a backtrace as per https://community.kde.org/Guidelines_and_HOWTOs/Debugging/How_to_create_useful_crash_reports i attached gdb first to dolphin, however that does not give anything, so I attached it to kiod6 continued it then it crashed wit the following backtrace: (gdb) continue Continuing. Thread 1 "kiod6" received signal SIGSEGV, Segmentation fault. 0x00007d721697e1dd in ?? () from /usr/lib/libc.so.6 (gdb) backtrace #0 0x00007d721697e1dd in ??? () at /usr/lib/libc.so.6 #1 0x00007d7203f3a326 in ??? () at /usr/lib/libmtp.so.9 #2 0x00007d7203f27ec4 in LIBMTP_Get_Filemetadata () at /usr/lib/libmtp.so.9 #3 0x00007d720abf15cc in ??? () at /usr/lib/qt6/plugins/kf6/kiod/kmtpd.so #4 0x00007d720abf6916 in ??? () at /usr/lib/qt6/plugins/kf6/kiod/kmtpd.so #5 0x00007d7217d8463d in ??? () at /usr/lib/libQt6DBus.so.6 #6 0x00007d7217d8538a in ??? () at /usr/lib/libQt6DBus.so.6 #7 0x00007d7217d8eecf in ??? () at /usr/lib/libQt6DBus.so.6 #8 0x00007d7217d8ef1a in ??? () at /usr/lib/libQt6DBus.so.6 #9 0x00007d7216f8c0cf in QObject::event(QEvent*) () at /usr/lib/libQt6Core.so.6 #10 0x00007d7217efc55c in QApplicationPrivate::notify_helper(QObject*, QEvent*) () at /usr/lib/libQt6Widgets.so.6 #11 0x00007d7216f44e08 in QCoreApplication::notifyInternal2(QObject*, QEvent*) () at /usr/lib/libQt6Core.so.6 #12 0x00007d7216f451cb in QCoreApplicationPrivate::sendPostedEvents(QObject*, int, QThreadData*) () at /usr/lib/libQt6Core.so.6 #13 0x00007d72171a45ec in ??? () at /usr/lib/libQt6Core.so.6 #14 0x00007d72165e4a89 in ??? () at /usr/lib/libglib-2.0.so.0 #15 0x00007d72166469b7 in ??? () at /usr/lib/libglib-2.0.so.0 #16 0x00007d72165e3f95 in g_main_context_iteration () at /usr/lib/libglib-2.0.so.0 #17 0x00007d72171a28bd in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () at /usr/lib/libQt6Core.so.6 #18 0x00007d7216f4f0de in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () at /usr/lib/libQt6Core.so.6 #19 0x00007d7216f4942d in QCoreApplication::exec() () at /usr/lib/libQt6Core.so.6 #20 0x000057f5270393d9 in ??? () #21 0x00007d7216839c88 in ??? () at /usr/lib/libc.so.6 #22 0x00007d7216839d4c in __libc_start_main () at /usr/lib/libc.so.6 #23 0x000057f5270396b5 in ??? () (gdb) Created attachment 169912 [details]
kio6 backtrace from coredump
the attached backtrace from a coredump
Out of a coredump, gdb could gather more data then the 23 lines, HTH. Looks a bit like a possible bug in libmtp. Probably worth inspecting our code for possible problems though. Relevant snippet:
#0 __strlen_avx2 () at ../sysdeps/x86_64/multiarch/strlen-avx2.S:76
#1 0x00007cd3080cb326 in ptp_unpack_PTPTIME (str=0x6654c7a9 <error: Cannot access memory at address 0x6654c7a9>) at /usr/src/debug/libmtp/libmtp-1.1.21/src/ptp-pack.c:720
ptpdate = {<optimized out> <repeats 40 times>}
tmp = {<optimized out>, <optimized out>, <optimized out>, <optimized out>, <optimized out>}
ptpdatelen = <optimized out>
tm = {tm_sec = <optimized out>, tm_min = <optimized out>, tm_hour = <optimized out>, tm_mday = <optimized out>, tm_mon = <optimized out>, tm_year = <optimized out>, tm_wday = <optimized out>, tm_yday = <optimized out>, tm_isdst = <optimized out>, tm_gmtoff = <optimized out>, tm_zone = <optimized out>}
ptpdate = {<optimized out> <repeats 40 times>}
tmp = {<optimized out>, <optimized out>, <optimized out>, <optimized out>, <optimized out>}
ptpdatelen = <optimized out>
tm = {tm_sec = <optimized out>, tm_min = <optimized out>, tm_hour = <optimized out>, tm_mday = <optimized out>, tm_mon = <optimized out>, tm_year = <optimized out>, tm_wday = <optimized out>, tm_yday = <optimized out>, tm_isdst = <optimized out>, tm_gmtoff = <optimized out>, tm_zone = <optimized out>}
#2 ptp_object_want (params=0x5b54d8a63e90, handle=1, want=5, retob=<optimized out>) at /usr/src/debug/libmtp/libmtp-1.1.21/src/ptp.c:9095
i = 5
prop = 0x5b54d8a02ef8
nrofprops = <optimized out>
props = 0x5b54d8a02e80
--Type <RET> for more, q to quit, c to continue without paging--
ret = 8193
ob = <optimized out>
read64bit = <optimized out>
#3 0x00007cd3080b8ec4 in LIBMTP_Get_Filemetadata (device=0x5b54d89c90e0, fileid=<optimized out>) at /usr/src/debug/libmtp/libmtp-1.1.21/src/libmtp.c:4469
params = 0x5b54d8a63e90
ret = <optimized out>
ob = 0x5b54d8a69af0
#4 0x00007cd3081b65cc in MTPLister::run (this=0x7cd30400eaa0) at /usr/src/debug/kio-extras/kio-extras-24.05.0/mtp/kiod_module/mtplister.cpp:29
file = std::unique_ptr<LIBMTP_file_struct> = {get() = <optimized out>}
#5 0x00007cd3081bb916 in ListerAdaptor::run (this=0x5b54d8a0b460) at /usr/src/debug/kio-extras/build/mtp/kiod_module/listeradaptor.cpp:45
I also have kiod6 segfaulting, on trying to create a file on MTP storage (a BMW connectedride navigator, it seems it's an android device). My backtrace is different, should I also post it here ? |
SUMMARY kio6 crashes and loading data in dolphin is viewed endlessly STEPS TO REPRODUCE 1. plug in phone to computer 2. turn on MTP 3. run journalctl -f and open dolphin 4. see the crash OBSERVED RESULT ``` Mai 27 18:39:26 devzero-manjaro kernel: usb 1-11: USB disconnect, device number 18 Mai 27 18:39:26 devzero-manjaro kernel: usb 1-11: new high-speed USB device number 19 using xhci_hcd Mai 27 18:39:26 devzero-manjaro kernel: usb 1-11: New USB device found, idVendor=04e8, idProduct=6860, bcdDevice= 4.04 Mai 27 18:39:26 devzero-manjaro kernel: usb 1-11: New USB device strings: Mfr=1, Product=2, SerialNumber=3 Mai 27 18:39:26 devzero-manjaro kernel: usb 1-11: Product: Galaxy S8 Mai 27 18:39:26 devzero-manjaro kernel: usb 1-11: Manufacturer: Samsung Mai 27 18:39:26 devzero-manjaro kernel: usb 1-11: SerialNumber: ce12171cad61b10802 Mai 27 18:39:31 devzero-manjaro plasmashell[1871]: kf5idletime_wayland: This plugin does not support polling idle time Mai 27 18:39:33 devzero-manjaro plasmashell[1871]: About the execute the service... Mai 27 18:39:33 devzero-manjaro plasmashell[1871]: Executed the service!!! Mai 27 18:39:33 devzero-manjaro systemd[1609]: Started kioclient5. Mai 27 18:39:33 devzero-manjaro systemd[1609]: Started Dolphin - Dateiverwaltung. Mai 27 18:39:33 devzero-manjaro plasmashell[1871]: kf5idletime_wayland: This plugin does not support polling idle time Mai 27 18:39:33 devzero-manjaro kernel: kiod6[7490]: segfault at 63f4eb0d ip 00007eba1df7e1dd sp 00007ffcd77d8f38 error 4 in libc.so.6[7eba1de38000+16c000] likely on CPU 3 (core 3, socket 0) Mai 27 18:39:33 devzero-manjaro kernel: Code: 00 00 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 89 f8 48 89 fa c5 f9 ef c0 25 ff 0f 00 00 3d e0 0f 00 00 0f 87 33 01 00 00 <c5> fd 74 0f c5 fd d7 c1 85 c0 74 57 f3 0f bc c0 c5 f8 77 c3 66 66 Mai 27 18:39:33 devzero-manjaro systemd[1]: Started Process Core Dump (PID 9337/UID 0). Mai 27 18:39:34 devzero-manjaro systemd-coredump[9341]: [🡕] Process 7490 (kiod6) of user 1000 dumped core. Stack trace of thread 7490: #0 0x00007eba1df7e1dd n/a (libc.so.6 + 0x16a1dd) #1 0x00007eba114c7326 n/a (libmtp.so.9 + 0x3d326) #2 0x00007eba114b4ec4 LIBMTP_Get_Filemetadata (libmtp.so.9 + 0x2aec4) #3 0x00007eba11e205cc n/a (kmtpd.so + 0x155cc) #4 0x00007eba11e25916 n/a (kmtpd.so + 0x1a916) #5 0x00007eba1f2c363d n/a (libQt6DBus.so.6 + 0x3c63d) #6 0x00007eba1f2c438a n/a (libQt6DBus.so.6 + 0x3d38a) #7 0x00007eba1f2cdecf n/a (libQt6DBus.so.6 + 0x46ecf) #8 0x00007eba1f2cdf1a n/a (libQt6DBus.so.6 + 0x46f1a) #9 0x00007eba1e58c0cf _ZN7QObject5eventEP6QEvent (libQt6Core.so.6 + 0x18c0cf) #10 0x00007eba1f4fc55c _ZN19QApplicationPrivate13notify_helperEP7QObjectP6QEvent (libQt6Widgets.so.6 + 0xfc55c) #11 0x00007eba1e544e08 _ZN16QCoreApplication15notifyInternal2EP7QObjectP6QEvent (libQt6Core.so.6 + 0x144e08) #12 0x00007eba1e5451cb _ZN23QCoreApplicationPrivate16sendPostedEventsEP7QObjectiP11QThreadData (libQt6Core.so.6 + 0x1451cb) #13 0x00007eba1e7a45ec n/a (libQt6Core.so.6 + 0x3a45ec) #14 0x00007eba1db94a89 n/a (libglib-2.0.so.0 + 0x5ca89) #15 0x00007eba1dbf69b7 n/a (libglib-2.0.so.0 + 0xbe9b7) #16 0x00007eba1db93f95 g_main_context_iteration (libglib-2.0.so.0 + 0x5bf95) #17 0x00007eba1e7a28bd _ZN20QEventDispatcherGlib13processEventsE6QFlagsIN10QEventLoop17ProcessEventsFlagEE (libQt6Core.so.6 + 0x3a28bd) #18 0x00007eba1e54f0de _ZN10QEventLoop4execE6QFlagsINS_17ProcessEventsFlagEE (libQt6Core.so.6 + 0x14f0de) #19 0x00007eba1e54942d _ZN16QCoreApplication4execEv (libQt6Core.so.6 + 0x14942d) #20 0x0000649007cdd3d9 n/a (kiod6 + 0x33d9) #21 0x00007eba1de39c88 n/a (libc.so.6 + 0x25c88) #22 0x00007eba1de39d4c __libc_start_main (libc.so.6 + 0x25d4c) #23 0x0000649007cdd6b5 n/a (kiod6 + 0x36b5) Stack trace of thread 7504: #0 0x00007eba1df1c39d __poll (libc.so.6 + 0x10839d) #1 0x00007eba1ae74277 n/a (libQt6WaylandClient.so.6 + 0x60277) #2 0x00007eba1e6c96b7 n/a (libQt6Core.so.6 + 0x2c96b7) #3 0x00007eba1dea6ded n/a (libc.so.6 + 0x92ded) #4 0x00007eba1df2a0dc n/a (libc.so.6 + 0x1160dc) Stack trace of thread 7503: #0 0x00007eba1df1c39d __poll (libc.so.6 + 0x10839d) #1 0x00007eba1ae74277 n/a (libQt6WaylandClient.so.6 + 0x60277) #2 0x00007eba1e6c96b7 n/a (libQt6Core.so.6 + 0x2c96b7) #3 0x00007eba1dea6ded n/a (libc.so.6 + 0x92ded) #4 0x00007eba1df2a0dc n/a (libc.so.6 + 0x1160dc) Stack trace of thread 7505: #0 0x00007eba1dea34e9 n/a (libc.so.6 + 0x8f4e9) #1 0x00007eba1dea5ed9 pthread_cond_wait (libc.so.6 + 0x91ed9) #2 0x00007eba09e9756e n/a (radeonsi_dri.so + 0x9756e) #3 0x00007eba09e7531c n/a (radeonsi_dri.so + 0x7531c) #4 0x00007eba09e9749d n/a (radeonsi_dri.so + 0x9749d) #5 0x00007eba1dea6ded n/a (libc.so.6 + 0x92ded) #6 0x00007eba1df2a0dc n/a (libc.so.6 + 0x1160dc) Stack trace of thread 7517: #0 0x00007eba1df1c39d __poll (libc.so.6 + 0x10839d) #1 0x00007eba1147e226 n/a (libusb-1.0.so.0 + 0x12226) #2 0x00007eba1dea6ded n/a (libc.so.6 + 0x92ded) #3 0x00007eba1df2a0dc n/a (libc.so.6 + 0x1160dc) Stack trace of thread 7508: #0 0x00007eba1dea34e9 n/a (libc.so.6 + 0x8f4e9) #1 0x00007eba1dea5ed9 pthread_cond_wait (libc.so.6 + 0x91ed9) #2 0x00007eba09e9756e n/a (radeonsi_dri.so + 0x9756e) #3 0x00007eba09e7531c n/a (radeonsi_dri.so + 0x7531c) #4 0x00007eba09e9749d n/a (radeonsi_dri.so + 0x9749d) #5 0x00007eba1dea6ded n/a (libc.so.6 + 0x92ded) #6 0x00007eba1df2a0dc n/a (libc.so.6 + 0x1160dc) Stack trace of thread 7506: #0 0x00007eba1dea34e9 n/a (libc.so.6 + 0x8f4e9) #1 0x00007eba1dea5ed9 pthread_cond_wait (libc.so.6 + 0x91ed9) #2 0x00007eba09e9756e n/a (radeonsi_dri.so + 0x9756e) #3 0x00007eba09e7531c n/a (radeonsi_dri.so + 0x7531c) #4 0x00007eba09e9749d n/a (radeonsi_dri.so + 0x9749d) #5 0x00007eba1dea6ded n/a (libc.so.6 + 0x92ded) #6 0x00007eba1df2a0dc n/a (libc.so.6 + 0x1160dc) Stack trace of thread 7510: #0 0x00007eba1dea34e9 n/a (libc.so.6 + 0x8f4e9) #1 0x00007eba1dea5ed9 pthread_cond_wait (libc.so.6 + 0x91ed9) #2 0x00007eba09e9756e n/a (radeonsi_dri.so + 0x9756e) #3 0x00007eba09e7531c n/a (radeonsi_dri.so + 0x7531c) #4 0x00007eba09e9749d n/a (radeonsi_dri.so + 0x9749d) #5 0x00007eba1dea6ded n/a (libc.so.6 + 0x92ded) #6 0x00007eba1df2a0dc n/a (libc.so.6 + 0x1160dc) Stack trace of thread 7509: #0 0x00007eba1dea34e9 n/a (libc.so.6 + 0x8f4e9) #1 0x00007eba1dea5ed9 pthread_cond_wait (libc.so.6 + 0x91ed9) #2 0x00007eba09e9756e n/a (radeonsi_dri.so + 0x9756e) #3 0x00007eba09e7531c n/a (radeonsi_dri.so + 0x7531c) #4 0x00007eba09e9749d n/a (radeonsi_dri.so + 0x9749d) #5 0x00007eba1dea6ded n/a (libc.so.6 + 0x92ded) #6 0x00007eba1df2a0dc n/a (libc.so.6 + 0x1160dc) Stack trace of thread 7498: #0 0x00007eba1df1c39d __poll (libc.so.6 + 0x10839d) #1 0x00007eba1dbf68fd n/a (libglib-2.0.so.0 + 0xbe8fd) #2 0x00007eba1db93f95 g_main_context_iteration (libglib-2.0.so.0 + 0x5bf95) #3 0x00007eba1e7a28bd _ZN20QEventDispatcherGlib13processEventsE6QFlagsIN10QEventLoop17ProcessEventsFlagEE (libQt6Core.so.6 + 0x3a28bd) #4 0x00007eba1e54f0de _ZN10QEventLoop4execE6QFlagsINS_17ProcessEventsFlagEE (libQt6Core.so.6 + 0x14f0de) #5 0x00007eba1e63a4b0 _ZN7QThread4execEv (libQt6Core.so.6 + 0x23a4b0) #6 0x00007eba1f2b4dfe n/a (libQt6DBus.so.6 + 0x2ddfe) #7 0x00007eba1e6c96b7 n/a (libQt6Core.so.6 + 0x2c96b7) #8 0x00007eba1dea6ded n/a (libc.so.6 + 0x92ded) #9 0x00007eba1df2a0dc n/a (libc.so.6 + 0x1160dc) Stack trace of thread 7507: #0 0x00007eba1dea34e9 n/a (libc.so.6 + 0x8f4e9) #1 0x00007eba1dea5ed9 pthread_cond_wait (libc.so.6 + 0x91ed9) #2 0x00007eba09e9756e n/a (radeonsi_dri.so + 0x9756e) #3 0x00007eba09e7531c n/a (radeonsi_dri.so + 0x7531c) #4 0x00007eba09e9749d n/a (radeonsi_dri.so + 0x9749d) #5 0x00007eba1dea6ded n/a (libc.so.6 + 0x92ded) #6 0x00007eba1df2a0dc n/a (libc.so.6 + 0x1160dc) ELF object binary architecture: AMD x86-64 Mai 27 18:39:34 devzero-manjaro systemd[1]: systemd-coredump@7-9337-0.service: Deactivated successfully. Mai 27 18:39:34 devzero-manjaro systemd[1609]: dbus-:1.2-org.kde.kmtpd5@7.service: Main process exited, code=dumped, status=11/SEGV Mai 27 18:39:34 devzero-manjaro systemd[1609]: dbus-:1.2-org.kde.kmtpd5@7.service: Failed with result 'core-dump'. Mai 27 18:39:34 devzero-manjaro systemd[1609]: Started dbus-:1.2-org.kde.kmtpd5@8.service. Mai 27 18:39:34 devzero-manjaro kiod6[9351]: kf.kio.kiod: loadModule "kmtpd" ``` and loading indefinitely EXPECTED RESULT see the files. In a Windows-VM on the same host with USB-Passtrough I can see the files SOFTWARE/OS VERSIONS Windows: 10 (test if the phone is the issue) Linux/KDE Plasma: Plasma 6.0.5 Linux devzero-manjaro 6.9.2-1-MANJARO #1 SMP PREEMPT_DYNAMIC Mon May 27 03:56:18 UTC 2024 x86_64 GNU/Linux (available in About System) KDE Plasma Version: 6.0.5 KDE Frameworks Version: 6.2.0 Qt Version: 6.7.1 I am using wayland ADDITIONAL INFORMATION