227501 – KRDC crashed when I closed a tab

Bug 227501 - KRDC crashed when I closed a tab

Summary: KRDC crashed when I closed a tab

Status:	RESOLVED FIXED

Alias:	None

Product:	krdc
Classification:	Applications
Component:	VNC (show other bugs)
Version:	unspecified
Platform:	Compiled Sources Linux

Importance:	NOR crash
Target Milestone:	---
Assignee:	Urs Wolfer

URL:
Keywords:

Depends on:	185464
Blocks:
	Show dependency tree / graph

Reported:	2010-02-18 11:57 UTC by Claes
Modified:	2010-10-17 17:41 UTC (History)
CC List:	1 user (show)

See Also:
Latest Commit:
Version Fixed In:
Sentry Crash Report:

Attachments
Add an attachment

Note You need to log in before you can comment on or make changes to this bug.

Description Claes 2010-02-18 11:57:28 UTC

Application: krdc (4.4.00 (KDE 4.4.0))
KDE Platform Version: 4.4.00 (KDE 4.4.0) (Compiled from sources)
Qt Version: 4.6.2
Operating System: Linux 2.6.31-gentoo-r6 i686
Distribution (Platform): Gentoo Packages

-- Information about the crash:
I pressed CTRL+W, with the intent of closing a firefox tab. Instead this closed a KRDC tab, and immediately afterwards, KRDC went down all together.

The crash does not seem to be reproducible.

 -- Backtrace:
Application: KRDC (krdc), signal: Segmentation fault
[Current thread is 1 (Thread 0xb59d3700 (LWP 30402))]

Thread 3 (Thread 0xb3243b70 (LWP 31095)):
#0  0xb7893424 in __kernel_vsyscall ()
#1  0xb61ad4b3 in __lll_lock_wait_private () at ../nptl/sysdeps/unix/sysv/linux/i386/i686/../i486/lowlevellock.S:95
#2  0xb6140ecd in _L_lock_9636 () from /lib/libc.so.6
#3  0xb613f6a6 in *__GI___libc_free (mem=0x8c845f0) at malloc.c:3714
#4  0xb5cda3d2 in IA__g_free (mem=0x8c845f0) at gmem.c:190
#5  0xb5cd25ba in g_source_unref_internal (source=0x8c845f0, context=0x8e60888, have_lock=0) at gmain.c:1203
#6  0xb5cd2d1b in IA__g_source_unref (source=0xfffffe00) at gmain.c:1234
#7  0xb64eca75 in QEventDispatcherGlib::unregisterTimer (this=0x8dc11c8, timerId=0) at kernel/qeventdispatcher_glib.cpp:516
#8  0xb63d72c7 in create_current_thread_data_key () at thread/qthread_unix.cpp:129
#9  0xb63d7728 in QThread::wait (this=0xb65d1890, time=3005496176) at thread/qthread_unix.cpp:610
#10 0xb633f42f in start_thread (arg=0xb3243b70) at pthread_create.c:297
#11 0xb619fb9e in clone () at ../sysdeps/unix/sysv/linux/i386/clone.S:130

Thread 2 (Thread 0xb41ceb70 (LWP 20074)):
#0  0xb7893424 in __kernel_vsyscall ()
#1  0xb63430e5 in pthread_cond_wait@@GLIBC_2.3.2 () at ../nptl/sysdeps/unix/sysv/linux/i386/i686/../i486/pthread_cond_wait.S:122
#2  0xb63d6cd4 in QMutexPrivate::wait (this=0x8ce5958, timeout=-1) at thread/qmutex_unix.cpp:94
#3  0xb63d2917 in QBasicAtomicInt::fetchAndAddOrdered (this=0x8d77d0c) at ../../include/QtCore/../../src/corelib/arch/qatomic_i386.h:163
#4  QBasicAtomicInt::fetchAndAddAcquire (this=0x8d77d0c) at ../../include/QtCore/../../src/corelib/arch/qatomic_i386.h:296
#5  QMutex::lock (this=0x8d77d0c) at thread/qmutex.cpp:196
#6  0xb59b37d6 in QMutexLocker::relock (this=0x8d77ce4) at /usr/include/qt4/QtCore/qmutex.h:120
#7  VncClientThread::run (this=0x8d77ce4) at /var/tmp/portage/kde-base/krdc-4.4.0/work/krdc-4.4.0/krdc/vnc/vncclientthread.cpp:295
#8  0xb63d771d in QMutexLocker::relock (this=0x8d77ce4, time=3021794160) at ../../include/QtCore/../../src/corelib/thread/qmutex.h:120
#9  QMutexLocker (this=0x8d77ce4, time=3021794160) at ../../include/QtCore/../../src/corelib/thread/qmutex.h:102
#10 QThread::wait (this=0x8d77ce4, time=3021794160) at thread/qthread_unix.cpp:608
#11 0xb633f42f in start_thread (arg=0xb41ceb70) at pthread_create.c:297
#12 0xb619fb9e in clone () at ../sysdeps/unix/sysv/linux/i386/clone.S:130

Thread 1 (Thread 0xb59d3700 (LWP 30402)):
[KCrash Handler]
#6  _int_malloc (av=0xb6214380, bytes=96) at malloc.c:4311
#7  0xb613f77a in *__GI___libc_malloc (bytes=96) at malloc.c:3638
#8  0xb63d2561 in qIsFinite (d=-2.5667326850609027e-47) at global/qnumeric.cpp:49
#9  0xb642c1a4 in _hb_buffer_clear_output (buffer=0x60) at ../3rdparty/harfbuzz/src/harfbuzz-buffer.c:203
#10 0xb6a814b3 in QIconTheme (this=0xbf8e5ae4, themeName=...) at image/qiconloader.cpp:215
#11 0xb6b0d24d in QVectorPath (this=0x5, path=..., op=3213777340) at ../../include/QtGui/private/../../../src/gui/painting/qvectorpath_p.h:117
#12 QPaintEngineEx::clip (this=0x5, path=..., op=3213777340) at painting/qpaintengineex.cpp:687
#13 0xb6b06b8c in QPaintEnginePrivate::transformSystemClip (this=0xbf8e5ae4, region=...) at painting/qpaintengine_p.h:91
#14 QPaintEngine::setSystemClip (this=0xbf8e5ae4, region=...) at painting/qpaintengine.cpp:959
#15 0xb6b06c85 in QPaintEngine::drawRects (this=0xbf8e5ae4, rects=0xbf8e5b1c, rectCount=-1081189656) at painting/qpaintengine.cpp:862
#16 0xb6b99aab in QHash<unsigned long long, QGradientCache::CacheInfo>::insertMulti (this=0x91c5388, hash_val=13803053095937858289, gradient=..., opacity=144)
    at ../../include/QtCore/../../src/corelib/tools/qhash.h:769
#17 QMultiHash<unsigned long long, QGradientCache::CacheInfo>::insert (this=0x91c5388, hash_val=13803053095937858289, gradient=..., opacity=144)
    at ../../include/QtCore/../../src/corelib/tools/qhash.h:927
#18 QGradientCache::addCacheElement (this=0x91c5388, hash_val=13803053095937858289, gradient=..., opacity=144) at painting/qpaintengine_raster.cpp:4850
#19 0xb6af6260 in qDrawRoundedCorners (p=0x9286ab0, x1=-5.880019904073971e-48, y1=-4.4351877598657248e-45, x2=-0.014822220416858163, y2=-4.4848878196500286e-45, r1=..., r2=..., edge=153643696, 
    s=3213778260, c=...) at painting/qcssutil.cpp:131
#20 0xb6af6357 in qDrawRoundedCorners (p=0x9286ab0, x1=3.4513477811850047e-267, y1=-3.9556550604410205e-49, x2=1.5116202384143572e-314, y2=-7.954097662896062e-47, r1=..., r2=..., edge=147240288, 
    s=QCss::BorderStyle_Unknown, c=...) at painting/qcssutil.cpp:139
#21 0xb6af831b in ~QVector (p=0xbf8e6120, x=-1081188820, y=1, w=-1229394357, h=144900408, pal=..., sunken=false, lineWidth=-1230630520, fill=0xb7075ff4)
    at ../../include/QtCore/../../src/corelib/tools/qvector.h:119
#22 qDrawShadePanel (p=0xbf8e6120, x=-1081188820, y=1, w=-1229394357, h=144900408, pal=..., sunken=false, lineWidth=-1230630520, fill=0xb7075ff4) at painting/qdrawutil.cpp:367
#23 0xb5940758 in OxygenHelper::renderWindowBackground (this=0x8a10e20, p=0xbf8e6120, clipRect=..., widget=0x8a30138, window=0x8a30138, pal=..., y_shift=-23, gradientHeight=64)
    at /var/tmp/portage/kde-base/kstyles-4.4.0/work/kstyles-4.4.0/kstyles/oxygen/lib/helper.cpp:93
#24 0xb598d37b in OxygenHelper::renderWindowBackground (this=0x8a10e20, p=0xbf8e6120, clipRect=..., widget=0x8a30138, pal=..., y_shift=-23, gradientHeight=64)
    at /var/tmp/portage/kde-base/kstyles-4.4.0/work/kstyles-4.4.0/kstyles/oxygen/lib/helper.h:69
#25 0xb597094d in OxygenStyle::eventFilter (this=0x89b7950, obj=0x8a30138, ev=0xbf8e66d8) at /var/tmp/portage/kde-base/kstyles-4.4.0/work/kstyles-4.4.0/kstyles/oxygen/oxygen.cpp:6208
#26 0xb64c26a8 in QVector<QEventLoop*>::resize (this=0x89b45c0, asize=144900408) at ../../include/QtCore/../../src/corelib/tools/qvector.h:329
#27 0xb69ca0dd in QActionGroupPrivate::_q_actionTriggered (this=0x89b45c0) at kernel/qactiongroup.cpp:93
#28 0xb69d3dd4 in QApplication::notify (this=0xbf8e7278, receiver=0x8a30138, e=0xbf8e66d8) at kernel/qapplication.cpp:4258
#29 0xb723e06c in QCompleter::staticMetaObject () from /usr/lib/libkdeui.so.5
#30 0xb64c31fa in QCoreApplication::applicationPid () at kernel/qcoreapplication.cpp:1965
#31 0xb6a206bd in QWidget::raise (this=0x8a2e560) at kernel/qwidget.cpp:10968
#32 0xb6ba4463 in qt_alphargbblit_quint32 (rasterBuffer=0x8b7e968, x=144891472, y=1108, color=176, src=0x9279898, mapWidth=1471, mapHeight=152199216, srcStride=-1224253452, clip=0x8c88ee0)
    at painting/qdrawhelper.cpp:7365
#33 0xb6a12720 in QColorGroup (t=0x8a2e560) at kernel/qpalette.h:205
#34 qMetaTypeConstructHelper<QColorGroup> (t=0x8a2e560) at ../../include/QtCore/../../src/corelib/kernel/qmetatype.h:137
#35 0xb6a1ccda in QWidgetPrivate::getOpaqueChildren (this=0x8a30138) at kernel/qwidget.cpp:1864
#36 0xb6d62c94 in operator/ (arg1=..., arg2=...) at widgets/qabstractspinbox.cpp:2030
#37 0xb7318f25 in KMainWindow::event (this=0x8a30138, ev=0x8c88ee0) at /var/tmp/portage/kde-base/kdelibs-4.4.0/work/kdelibs-4.4.0/kdeui/widgets/kmainwindow.cpp:1103
#38 0xb7358d42 in KXmlGuiWindow::event (this=0x8a30138, ev=0x8c88ee0) at /var/tmp/portage/kde-base/kdelibs-4.4.0/work/kdelibs-4.4.0/kdeui/xmlgui/kxmlguiwindow.cpp:131
#39 0xb69ca0ed in QActionGroupPrivate::_q_actionTriggered (this=0x89b45c0) at kernel/qactiongroup.cpp:95
#40 0xb69d3dd4 in QApplication::notify (this=0xbf8e7278, receiver=0x8a30138, e=0x8c88ee0) at kernel/qapplication.cpp:4258
#41 0xb723e06c in QCompleter::staticMetaObject () from /usr/lib/libkdeui.so.5
#42 0xb64c31fa in QCoreApplication::applicationPid () at kernel/qcoreapplication.cpp:1965
#43 0xb64c3efd in QCoreApplication::removePostedEvents (receiver=0x0, eventType=0) at kernel/qcoreapplication.cpp:1475
#44 0xb64c4120 in QMutexLocker::unlock (event=0x0) at ../../include/QtCore/../../src/corelib/thread/qmutex.h:109
#45 ~QMutexLocker (event=0x0) at ../../include/QtCore/../../src/corelib/thread/qmutex.h:104
#46 QCoreApplicationPrivate::removePostedEvent (event=0x0) at kernel/qcoreapplication.cpp:1521
#47 0xb64ed2b8 in timerSourceCheckHelper (src=0x8c88b) at kernel/qeventdispatcher_glib.cpp:144
#48 0xb5cd2a75 in g_main_dispatch (context=0x89b6a20) at gmain.c:1824
#49 IA__g_main_context_dispatch (context=0x89b6a20) at gmain.c:2377
#50 0xb5cd59c2 in g_main_context_iterate (context=0x89b6a20, block=1, dispatch=1, self=0x89b4808) at gmain.c:2455
#51 0xb5cd5ad0 in IA__g_main_context_iteration (context=0x89b6a20, may_block=1) at gmain.c:2518
#52 0xb64ec98c in QEventDispatcherGlib (this=0x89b45a0, dd=..., parent=0x0) at kernel/qeventdispatcher_glib.cpp:585
#53 0xb6a65186 in QX11Data::motifdndObtainData (this=0xbf8e7188, mimeType=0x8b6f25c "\330\021\200\263\250^\030\tx\365\316\b\260\204#\t") at kernel/qmotifdnd_x11.cpp:740
#54 0xb64c1b0b in ?? () from /usr/lib/qt4/libQtCore.so.4
#55 0x089b45a0 in ?? ()
#56 0xbf8e7188 in ?? ()
#57 0x08b6f25c in ?? ()
#58 0x08b6f25c in ?? ()
#59 0xb6380e94 in ?? () from /usr/lib/qt4/libQtCore.so.4
#60 0xbf8e71c0 in ?? ()
#61 0x00000024 in ?? ()
#62 0xb65d0ff4 in QString (this=0xbf8e7200, service=..., path=..., interface=..., receiver=0xb6380e94, signal=0xbf8e7278 "H\307=\267\300E\233\bP\f\241\b\004")
    at ../../include/QtCore/../../src/corelib/tools/qstring.h:868
#63 SignalHook (this=0xbf8e7200, service=..., path=..., interface=..., receiver=0xb6380e94, signal=0xbf8e7278 "H\307=\267\300E\233\bP\f\241\b\004") at qdbusconnection_p.h:121
#64 QDBusConnectionPrivate::disconnectRelay (this=0xbf8e7200, service=..., path=..., interface=..., receiver=0xb6380e94, signal=0xbf8e7278 "H\307=\267\300E\233\bP\f\241\b\004")
    at qdbusintegrator.cpp:2207
#65 0xb64c1edc in QEventLoop::isRunning (this=0xbf8e7200) at kernel/qeventloop.cpp:295
#66 0xb64c4209 in QMutexLocker::relock (receiver=0xbf8e7278, event_type=-1081183420, data=0x8bf2508) at ../../include/QtCore/../../src/corelib/thread/qmutex.h:121
#67 QMutexLocker (receiver=0xbf8e7278, event_type=-1081183420, data=0x8bf2508) at ../../include/QtCore/../../src/corelib/thread/qmutex.h:102
#68 QCoreApplicationPrivate::sendPostedEvents (receiver=0xbf8e7278, event_type=-1081183420, data=0x8bf2508) at kernel/qcoreapplication.cpp:1271
#69 0xb69ca136 in qobject_cast<QAction*> (this=0xbf8e7334) at ../../include/QtCore/../../src/corelib/kernel/qobject.h:455
#70 QActionGroupPrivate::_q_actionChanged (this=0xbf8e7334) at kernel/qactiongroup.cpp:73
#71 0x0806bf0c in main (argc=3, argv=0xbf8e7434) at /var/tmp/portage/kde-base/krdc-4.4.0/work/krdc-4.4.0/krdc/main.cpp:103

Reported using DrKonqi

Comment 1 Urs Wolfer 2010-02-18 21:18:44 UTC

Please correct me if you were not using VNC.

Comment 2 Claes 2010-02-19 10:06:08 UTC

I mix both vnc and rdp, but I do believe the tab I closed was using VNC, yes.

Comment 3 Tomasz Chmielewski 2010-04-09 17:42:47 UTC

Lots of similar or identical reports: #226304, #227501, #229295, #231773, #233780, #209932, #220262, perhaps others when you search for "krdc" and then "crash".

For me, it's very trivial to reproduce - connect a few sessions (VNC, RDP), close the tab, connect to the same IP where you just closed the tab... Do it for a while, krdc will crash pretty fast.

Comment 4 Urs Wolfer 2010-09-19 13:42:23 UTC

We have fixed some crashes in the VNC plugin recently. Can you still reproduce this issue with a recent version of KRDC (from KDE SC 4.5 or later)?

Comment 5 Urs Wolfer 2010-10-17 17:41:07 UTC

Closing as fixed since nobody can reproduce this crashes anymore with the fixes from KRDC 4.5.