Bug 499704

Summary: Crash on Start
Product: [Applications] Discover Reporter: Steve Cossette <farchord>
Component: discoverAssignee: Plasma Bugs List <plasma-bugs-null>
Status: RESOLVED UPSTREAM    
Severity: crash CC: aleixpol, ales.astone, nate, nicolas.fella, qydwhotmail
Priority: NOR Keywords: drkonqi, regression
Version First Reported In: 6.3.0   
Target Milestone: ---   
Platform: Fedora RPMs   
OS: Linux   
Latest Commit: Version Fixed In:
Sentry Crash Report: https://crash-reports.kde.org/organizations/kde/issues/130278/events/5771f50685c945a4acbea1affc3b2bc7/
Attachments: New crash information added by DrKonqi

Description Steve Cossette 2025-02-09 00:10:34 UTC 
Application: plasma-discover (6.3.0)

ApplicationNotResponding [ANR]: false
Qt Version: 6.8.2
Frameworks Version: 6.11.0
Operating System: Linux 6.14.0-0.rc1.20250207gitbb066fe812d6.19.fc43.x86_64 x86_64
Windowing System: Wayland
Distribution: "Fedora Linux 43 (KDE Plasma Prerelease)"
DrKonqi: 6.3.0 [CoredumpBackend]

-- Information about the crash:
Fresh install of KDE Plasma 6.3.0. Start Plasma discover, and it just crashes.

The crash can be reproduced every time.

-- Backtrace (Reduced):
#5  0x00007f2352c8c91a in _int_free_chunk (av=0x7f21ff000030, p=0x7f22000025e0, size=32, have_lock=have_lock@entry=0) at malloc.c:4595
#6  0x00007f2352c8f926 in _int_free (av=<optimized out>, p=<optimized out>, have_lock=0) at malloc.c:4699
#7  __GI___libc_free (mem=<optimized out>) at malloc.c:3476
#8  0x00007f235335b5ac in QObjectPrivate::Connection::~Connection (this=0x5570bd503de0) at /usr/src/debug/qt6-qtbase-6.8.2-2.fc43.x86_64/src/corelib/kernel/qobject.cpp:1154
[...]
#10 QObjectPrivate::ConnectionData::deleteOrphaned (o=...) at /usr/src/debug/qt6-qtbase-6.8.2-2.fc43.x86_64/src/corelib/kernel/qobject.cpp:408


Reported using DrKonqi
Comment 1 Steve Cossette 2025-02-09 00:10:36 UTC 
Created attachment 178087 [details]
New crash information added by DrKonqi

DrKonqi auto-attaching complete backtrace.
Comment 2 Fushan Wen 2025-02-09 09:06:03 UTC 
Thread 15 (Thread 0x7f234cb4ad80 (LWP 5346)):
#0  xmlNewTextLen (content=0x7f222df374a7 "update the followers window to support text mode", content@entry=0x1001 <error: Cannot access memory at address 0x1001>, len=48) at /usr/src/debug/libxml2-2.12.9-2.fc42.x86_64/tree.c:2641
#1  0x00007f234f50e46a in xmlNewDocTextLen (doc=0x0, content=content@entry=0x1001 <error: Cannot access memory at address 0x1001>, len=<optimized out>) at /usr/src/debug/libxml2-2.12.9-2.fc42.x86_64/tree.c:2667
#2  0x00007f234f50faac in xmlNodeAddContentLen (cur=0x5570bd7a3be0, content=0x1001 <error: Cannot access memory at address 0x1001>, len=<optimized out>) at /usr/src/debug/libxml2-2.12.9-2.fc42.x86_64/tree.c:5753
#3  xmlNodeAddContentLen (cur=cur@entry=0x5570bd7a3be0, content=content@entry=0x5570bd7a3be0 "", len=<optimized out>) at /usr/src/debug/libxml2-2.12.9-2.fc42.x86_64/tree.c:5742
#4  0x00007f234f50fb49 in xmlNodeAddContent (cur=0x5570bd7a3be0, content=0x5570bd7a3be0 "") at /usr/src/debug/libxml2-2.12.9-2.fc42.x86_64/tree.c:5818
#5  0x00007f235135db56 in as_transmogrify_xbnode_to_xmlnode (xbn=0x5570bd7a1760, lxn=0x5570bd7a3be0) at ../src/as-cache.c:722
#6  0x00007f235135dc34 in as_transmogrify_xbnode_to_xmlnode (xbn=0x5570bd7804e0, lxn=0x5570bd7a16d0) at ../src/as-cache.c:739
#7  0x00007f235135dc34 in as_transmogrify_xbnode_to_xmlnode (xbn=0x5570bd76e150, lxn=0x5570bd7a1550) at ../src/as-cache.c:739
#8  0x00007f235135dc34 in as_transmogrify_xbnode_to_xmlnode (xbn=0x5570bd76e000, lxn=0x5570bd7a1350) at ../src/as-cache.c:739
#9  0x00007f235135dc34 in as_transmogrify_xbnode_to_xmlnode (xbn=0x5570bd78f260, lxn=0x5570bd787cd0) at ../src/as-cache.c:739
#10 0x00007f235135dc34 in as_transmogrify_xbnode_to_xmlnode (xbn=xbn@entry=0x5570bca31630, lxn=lxn@entry=0x5570bd7708b0) at ../src/as-cache.c:739
#11 0x00007f2351363e34 in as_cache_component_from_node (cache=cache@entry=0x5570bc005760, csec=csec@entry=0x7f221400d7d0, node=0x5570bca31630, error=0x7ffdb2364fa0) at ../src/as-cache.c:761
#12 0x00007f23513644ec in as_query_context_add_component_from_node (ctx=ctx@entry=0x5570bc8e6040, cache=cache@entry=0x5570bc005760, csec=csec@entry=0x7f221400d7d0, cpt_node=<optimized out>, match_value=match_value@entry=0, error=error@entry=0x7ffdb2364fa0) at ../src/as-cache.c:1442
#13 0x00007f2351363ad6 in as_query_context_add_component_from_nodes (ctx=<optimized out>, cache=<optimized out>, csec=<optimized out>, nodes=<optimized out>, error=<optimized out>) at ../src/as-cache.c:1475
#14 as_cache_query_components (cache=cache@entry=0x5570bc005760, xpath=0x5570bc7ab7e0 "components/component/categories/category[text()=?]/../..", context=context@entry=0x7ffdb2364eb0, error=error@entry=0x7ffdb2364fa0, is_fts=<optimized out>, limit=<optimized out>) at ../src/as-cache.c:1538
#15 0x00007f2351364987 in as_cache_get_components_by_categories (cache=0x5570bc005760, categories=0x5570bc6e2580, error=0x7ffdb2364fa0) at ../src/as-cache.c:1798
#16 0x00007f235138dbd0 in as_pool_get_components_by_categories (pool=<optimized out>, categories=0x5570bc6e2580) at ../src/as-pool.c:1976
#17 0x00007f23539b5d3b in AppStream::Pool::componentsByCategories (this=0x5570bc004720, categories=...) at /usr/include/qt6/QtCore/qscopedpointer.h:90
#18 0x00007f23560448ad in AppStreamUtils::componentsByCategoriesTask(AppStreamUtils::_ZN14AppStreamUtils26componentsByCategoriesTaskEPN9AppStream4PoolEP8CategoryNS0_6Bundle4KindE.Frame*) [clone .actor] () from /usr/lib64/plasma-discover/libDiscoverCommon.so
#19 0x00007f235335eefa in QtPrivate::QSlotObjectBase::call (this=0x5570bcd9dd20, r=0x5570bca55e58, a=0x7ffdb23652f0) at /usr/src/debug/qt6-qtbase-6.8.2-2.fc43.x86_64/src/corelib/kernel/qobjectdefs_impl.h:486
#20 doActivate<false> (sender=0x5570bca55e58, signal_index=3, argv=argv@entry=0x7ffdb23652f0) at /usr/src/debug/qt6-qtbase-6.8.2-2.fc43.x86_64/src/corelib/kernel/qobject.cpp:4115
#21 0x00007f23533558a9 in QMetaObject::activate (sender=<optimized out>, m=m@entry=0x7f2353883060, local_signal_index=local_signal_index@entry=0, argv=argv@entry=0x7ffdb23652f0) at /usr/src/debug/qt6-qtbase-6.8.2-2.fc43.x86_64/src/corelib/kernel/qobject.cpp:4175
#22 0x00007f235336ef0d in QTimer::timeout (this=<optimized out>, _t1=...) at /usr/src/debug/qt6-qtbase-6.8.2-2.fc43.x86_64/redhat-linux-build/src/corelib/Core_autogen/include/moc_qtimer.cpp:223
#23 0x00007f235334f9b5 in QObject::event (this=<optimized out>, e=<optimized out>) at /usr/src/debug/qt6-qtbase-6.8.2-2.fc43.x86_64/src/corelib/kernel/qobject.cpp:1448
#24 0x00007f235563d4ca in QApplicationPrivate::notify_helper (this=<optimized out>, receiver=0x5570bca55e58, e=0x7ffdb23654b0) at /usr/src/debug/qt6-qtbase-6.8.2-2.fc43.x86_64/src/widgets/kernel/qapplication.cpp:3296
#25 0x00007f23532f549c in QCoreApplication::notifyInternal2 (receiver=0x5570bca55e58, event=0x7ffdb23654b0) at /usr/src/debug/qt6-qtbase-6.8.2-2.fc43.x86_64/src/corelib/kernel/qcoreapplication.cpp:1172
#26 0x00007f23532f56ed in QCoreApplication::sendEvent (receiver=<optimized out>, event=<optimized out>) at /usr/src/debug/qt6-qtbase-6.8.2-2.fc43.x86_64/src/corelib/kernel/qcoreapplication.cpp:1612
#27 0x00007f23534b9d78 in QTimerInfoList::activateTimers (this=<optimized out>) at /usr/src/debug/qt6-qtbase-6.8.2-2.fc43.x86_64/src/corelib/kernel/qtimerinfo_unix.cpp:426
#28 0x00007f23535f69b9 in timerSourceDispatch (source=<optimized out>) at /usr/src/debug/qt6-qtbase-6.8.2-2.fc43.x86_64/src/corelib/kernel/qeventdispatcher_glib.cpp:152
#29 0x00007f2351eeaf16 in g_main_dispatch (context=0x7f2338000f00) at ../glib/gmain.c:3361
#30 g_main_context_dispatch_unlocked (context=0x7f2338000f00) at ../glib/gmain.c:4212
#31 0x00007f2351ef4068 in g_main_context_iterate_unlocked (context=context@entry=0x7f2338000f00, block=block@entry=1, dispatch=dispatch@entry=1, self=<optimized out>) at ../glib/gmain.c:4277
#32 0x00007f2351ef4217 in g_main_context_iteration (context=0x7f2338000f00, may_block=1) at ../glib/gmain.c:4342
#33 0x00007f23535f6cc3 in QEventDispatcherGlib::processEvents (this=0x5570b83b10e0, flags=...) at /usr/src/debug/qt6-qtbase-6.8.2-2.fc43.x86_64/src/corelib/kernel/qeventdispatcher_glib.cpp:399
#34 0x00007f23533026d3 in QEventLoop::exec (this=this@entry=0x7ffdb2365770, flags=..., flags@entry=...) at /usr/src/debug/qt6-qtbase-6.8.2-2.fc43.x86_64/src/corelib/global/qflags.h:34
#35 0x00007f23532fe1d5 in QCoreApplication::exec () at /usr/src/debug/qt6-qtbase-6.8.2-2.fc43.x86_64/src/corelib/kernel/qcoreapplication.cpp:1515
#36 0x00005570ae67fc6a in main ()
Comment 3 Alessandro Astone 2025-02-09 10:54:53 UTC 
I get a slightly different backtrace here, but still pointing to `componentsByCategoriesTask` which uses coroutines:

#0  QArrayDataPointer<QString>::deref (this=0x7fffffffce70) at /usr/include/qt6/QtCore/qarraydatapointer.h:439
#1  QArrayDataPointer<QString>::~QArrayDataPointer (this=0x7fffffffce70, this=<optimized out>) at /usr/include/qt6/QtCore/qarraydatapointer.h:108
#2  0x00007ffff7e58bd9 in QList<QString>::~QList (this=0x7fffffffce70, this=<optimized out>) at /usr/include/qt6/QtCore/qlist.h:83
#3  AppStreamUtils::componentsByCategoriesTask (frame_ptr=0x555559b61940)
    at /usr/src/debug/plasma-discover-6.3.0-2.fc43.x86_64/libdiscover/appstream/AppStreamUtils.cpp:203
#4  0x00007ffff515eefa in QtPrivate::QSlotObjectBase::call (this=0x55555997f040, r=0x555559b619d8, a=0x7fffffffcff0)
    at /usr/src/debug/qt6-qtbase-6.8.2-2.fc43.x86_64/src/corelib/kernel/qobjectdefs_impl.h:486
#5  doActivate<false> (sender=0x555559b619d8, signal_index=3, argv=argv@entry=0x7fffffffcff0)
    at /usr/src/debug/qt6-qtbase-6.8.2-2.fc43.x86_64/src/corelib/kernel/qobject.cpp:4115
#6  0x00007ffff51558a9 in QMetaObject::activate
    (sender=<optimized out>, m=m@entry=0x7ffff5683060, local_signal_index=local_signal_index@entry=0, argv=argv@entry=0x7fffffffcff0)
    at /usr/src/debug/qt6-qtbase-6.8.2-2.fc43.x86_64/src/corelib/kernel/qobject.cpp:4175
#7  0x00007ffff516ef0d in QTimer::timeout (this=<optimized out>, _t1=...)
    at /usr/src/debug/qt6-qtbase-6.8.2-2.fc43.x86_64/redhat-linux-build/src/corelib/Core_autogen/include/moc_qtimer.cpp:223
#8  0x00007ffff514f9b5 in QObject::event (this=<optimized out>, e=<optimized out>)
    at /usr/src/debug/qt6-qtbase-6.8.2-2.fc43.x86_64/src/corelib/kernel/qobject.cpp:1448
#9  0x00007ffff743d4ca in QApplicationPrivate::notify_helper (this=<optimized out>, receiver=0x555559b619d8, e=0x7fffffffd1b0)
    at /usr/src/debug/qt6-qtbase-6.8.2-2.fc43.x86_64/src/widgets/kernel/qapplication.cpp:3296
#10 0x00007ffff50f549c in QCoreApplication::notifyInternal2 (receiver=0x555559b619d8, event=0x7fffffffd1b0)
    at /usr/src/debug/qt6-qtbase-6.8.2-2.fc43.x86_64/src/corelib/kernel/qcoreapplication.cpp:1172
#11 0x00007ffff50f56ed in QCoreApplication::sendEvent (receiver=<optimized out>, event=<optimized out>)
    at /usr/src/debug/qt6-qtbase-6.8.2-2.fc43.x86_64/src/corelib/kernel/qcoreapplication.cpp:1612
#12 0x00007ffff52b9d78 in QTimerInfoList::activateTimers (this=<optimized out>)
    at /usr/src/debug/qt6-qtbase-6.8.2-2.fc43.x86_64/src/corelib/kernel/qtimerinfo_unix.cpp:426
#13 0x00007ffff53f69b9 in timerSourceDispatch (source=<optimized out>)
    at /usr/src/debug/qt6-qtbase-6.8.2-2.fc43.x86_64/src/corelib/kernel/qeventdispatcher_glib.cpp:152
#14 0x00007ffff3ceaf16 in g_main_dispatch (context=0x7fffd8000f00) at ../glib/gmain.c:3361
Comment 4 Nicolas Fella 2025-02-09 13:54:01 UTC 
See https://bugzilla.redhat.com/show_bug.cgi?id=2342065