Bug 332102 - Dolphin Crash in Networking
Summary: Dolphin Crash in Networking
Status: RESOLVED FIXED
Alias: None
Product: dolphin
Classification: Applications
Component: general (show other bugs)
Version: 4.12.3
Platform: Fedora RPMs Linux
: NOR crash
Target Milestone: ---
Assignee: Dolphin Bug Assignee
URL:
Keywords: drkonqi
: 333751 334655 (view as bug list)
Depends on:
Blocks:
 
Reported: 2014-03-13 16:24 UTC by Luca Botti
Modified: 2014-05-13 17:14 UTC (History)
4 users (show)

See Also:
Latest Commit:
Version Fixed In: 4.13.2


Attachments
valgrind logfile of a crash (5.26 KB, application/octet-stream)
2014-04-23 20:52 UTC, Martin Koller
Details
Suggested fix (1.14 KB, patch)
2014-04-23 21:41 UTC, Frank Reininghaus
Details
Patch including the fix, a unit test, and some debugging output (8.15 KB, patch)
2014-04-28 17:25 UTC, Frank Reininghaus
Details
New patch (including a better fix and some debug output) (10.53 KB, patch)
2014-05-08 09:29 UTC, Frank Reininghaus
Details

Note You need to log in before you can comment on or make changes to this bug.
Description Luca Botti 2014-03-13 16:24:41 UTC
Application: dolphin (4.12.3)
KDE Platform Version: 4.12.3
Qt Version: 4.8.5
Operating System: Linux 3.13.6-200.fc20.x86_64 x86_64
Distribution (Platform): Fedora RPMs

-- Information about the crash:
- What I was doing when the application crashed:
Broswing a networked disk (fish protocol) with about 150 files. Files are compressed (tar.gz or zip). Opening files over the network (ark) to check contents.

-- Backtrace:
Application: Dolphin (dolphin), signal: Segmentation fault
Using host libthread_db library "/lib64/libthread_db.so.1".
[Current thread is 1 (Thread 0x7fe18c9e18c0 (LWP 15680))]

Thread 3 (Thread 0x7fe17f6bb700 (LWP 15684)):
#0  0x00000035b6c0b1fe in pthread_mutex_unlock () from /lib64/libpthread.so.0
#1  0x00000035b908a5d1 in g_mutex_unlock () from /lib64/libglib-2.0.so.0
#2  0x00000035b9048be0 in g_main_context_prepare () from /lib64/libglib-2.0.so.0
#3  0x00000035b90494bb in g_main_context_iterate.isra.24 () from /lib64/libglib-2.0.so.0
#4  0x00000035b90496dc in g_main_context_iteration () from /lib64/libglib-2.0.so.0
#5  0x00000035c15b2ec6 in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /lib64/libQtCore.so.4
#6  0x00000035c1582edf in QEventLoop::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /lib64/libQtCore.so.4
#7  0x00000035c158322d in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () from /lib64/libQtCore.so.4
#8  0x00000035c1479baf in QThread::exec() () from /lib64/libQtCore.so.4
#9  0x00000035c1563863 in QInotifyFileSystemWatcherEngine::run() () from /lib64/libQtCore.so.4
#10 0x00000035c147c3af in QThreadPrivate::start(void*) () from /lib64/libQtCore.so.4
#11 0x00000035b6c07f33 in start_thread () from /lib64/libpthread.so.0
#12 0x00000035b64f4ded in clone () from /lib64/libc.so.6

Thread 2 (Thread 0x7fe17ed5a700 (LWP 15685)):
#0  0x00000035b908a2ea in g_mutex_get_impl () from /lib64/libglib-2.0.so.0
#1  0x00000035b908a599 in g_mutex_lock () from /lib64/libglib-2.0.so.0
#2  0x00000035b9048bf9 in g_main_context_prepare () from /lib64/libglib-2.0.so.0
#3  0x00000035b90494bb in g_main_context_iterate.isra.24 () from /lib64/libglib-2.0.so.0
#4  0x00000035b90496dc in g_main_context_iteration () from /lib64/libglib-2.0.so.0
#5  0x00000035c15b2ec6 in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /lib64/libQtCore.so.4
#6  0x00000035c1582edf in QEventLoop::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /lib64/libQtCore.so.4
#7  0x00000035c158322d in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () from /lib64/libQtCore.so.4
#8  0x00000035c1479baf in QThread::exec() () from /lib64/libQtCore.so.4
#9  0x00000035c147c3af in QThreadPrivate::start(void*) () from /lib64/libQtCore.so.4
#10 0x00000035b6c07f33 in start_thread () from /lib64/libpthread.so.0
#11 0x00000035b64f4ded in clone () from /lib64/libc.so.6

Thread 1 (Thread 0x7fe18c9e18c0 (LWP 15680)):
[KCrash Handler]
#5  0x0000003ce0864a4e in KFileItemModel::lessThan(KFileItemModel::ItemData const*, KFileItemModel::ItemData const*) const () from /lib64/libdolphinprivate.so.4
#6  0x0000003ce086cdfe in KFileItemModel::insertItems(QList<KFileItemModel::ItemData*>&) () from /lib64/libdolphinprivate.so.4
#7  0x0000003ce086d48f in KFileItemModel::dispatchPendingItemsToInsert() () from /lib64/libdolphinprivate.so.4
#8  0x0000003ce086ddb8 in KFileItemModel::slotItemsAdded(KUrl const&, KFileItemList const&) () from /lib64/libdolphinprivate.so.4
#9  0x00000035c1598cf8 in QMetaObject::activate(QObject*, QMetaObject const*, int, void**) () from /lib64/libQtCore.so.4
#10 0x0000003cdd51934a in KDirLister::itemsAdded(KUrl const&, KFileItemList const&) () from /lib64/libkio.so.5
#11 0x0000003cdd51b4db in KDirLister::Private::emitItems() () from /lib64/libkio.so.5
#12 0x0000003cdd52160c in KDirListerCache::slotEntries(KIO::Job*, QList<KIO::UDSEntry> const&) () from /lib64/libkio.so.5
#13 0x00000035c1598cf8 in QMetaObject::activate(QObject*, QMetaObject const*, int, void**) () from /lib64/libQtCore.so.4
#14 0x0000003cdd4fdc64 in KIO::ListJob::entries(KIO::Job*, QList<KIO::UDSEntry> const&) () from /lib64/libkio.so.5
#15 0x0000003cdd506870 in KIO::ListJobPrivate::slotListEntries(QList<KIO::UDSEntry> const&) () from /lib64/libkio.so.5
#16 0x00000035c1598cf8 in QMetaObject::activate(QObject*, QMetaObject const*, int, void**) () from /lib64/libQtCore.so.4
#17 0x0000003cdd5a7945 in KIO::SlaveInterface::listEntries(QList<KIO::UDSEntry> const&) () from /lib64/libkio.so.5
#18 0x0000003cdd5a964d in KIO::SlaveInterface::dispatch(int, QByteArray const&) () from /lib64/libkio.so.5
#19 0x0000003cdd5a680e in KIO::SlaveInterface::dispatch() () from /lib64/libkio.so.5
#20 0x0000003cdd59a58e in KIO::Slave::gotInput() () from /lib64/libkio.so.5
#21 0x00000035c1598cf8 in QMetaObject::activate(QObject*, QMetaObject const*, int, void**) () from /lib64/libQtCore.so.4
#22 0x0000003cdd4cd3e1 in KIO::ConnectionPrivate::dequeue() [clone .part.13] () from /lib64/libkio.so.5
#23 0x00000035c159d27e in QObject::event(QEvent*) () from /lib64/libQtCore.so.4
#24 0x00000031a83c9d8c in QApplicationPrivate::notify_helper(QObject*, QEvent*) () from /lib64/libQtGui.so.4
#25 0x00000031a83d0725 in QApplication::notify(QObject*, QEvent*) () from /lib64/libQtGui.so.4
#26 0x0000003cdc24ab0a in KApplication::notify(QObject*, QEvent*) () from /lib64/libkdeui.so.5
#27 0x00000035c158439d in QCoreApplication::notifyInternal(QObject*, QEvent*) () from /lib64/libQtCore.so.4
#28 0x00000035c1587485 in QCoreApplicationPrivate::sendPostedEvents(QObject*, int, QThreadData*) () from /lib64/libQtCore.so.4
#29 0x00000035c15b3623 in postEventSourceDispatch(_GSource*, int (*)(void*), void*) () from /lib64/libQtCore.so.4
#30 0x00000035b90492a6 in g_main_context_dispatch () from /lib64/libglib-2.0.so.0
#31 0x00000035b9049628 in g_main_context_iterate.isra.24 () from /lib64/libglib-2.0.so.0
#32 0x00000035b90496dc in g_main_context_iteration () from /lib64/libglib-2.0.so.0
#33 0x00000035c15b2ea5 in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /lib64/libQtCore.so.4
#34 0x00000031a846bca6 in QGuiEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /lib64/libQtGui.so.4
#35 0x00000035c1582edf in QEventLoop::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /lib64/libQtCore.so.4
#36 0x00000035c158322d in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () from /lib64/libQtCore.so.4
#37 0x00000035c1588749 in QCoreApplication::exec() () from /lib64/libQtCore.so.4
#38 0x0000003cde65233a in kdemain () from /lib64/libkdeinit4_dolphin.so
#39 0x00000035b6421d65 in __libc_start_main () from /lib64/libc.so.6
#40 0x00000000004008d1 in _start ()

Possible duplicates by query: bug 330731, bug 326566, bug 325359, bug 325059, bug 321744.

Reported using DrKonqi
Comment 1 Frank Reininghaus 2014-03-13 17:10:22 UTC
Thanks for the bug report! We need more information in order to understand what the problem is and possibly fix it.

1. Your backtrace is missing line number information. See
http://techbase.kde.org/Development/Tutorials/Debugging/How_to_create_useful_crash_reports
for information about how you can install debugging packages for your distro.

2. If the crash is reproducible, a Valgrind log would be extremely helpful:
http://community.kde.org/Dolphin/FAQ/Crashes

3. Some more information about the circumstances of the crash might also help. E.g., what view mode did you use, did you expand folders in Details View, did you delete files prior to the crash, did you use "Sort by Name" or something else, etc.

Thanks for your help!
Comment 2 Christoph Feck 2014-04-23 17:49:05 UTC
*** Bug 333751 has been marked as a duplicate of this bug. ***
Comment 3 Christoph Feck 2014-04-23 17:51:01 UTC
Reporter from bug 333751 seems to be able to reproduce, but backtrace has no line number information for libdolphinprivate.
Comment 4 Martin Koller 2014-04-23 20:39:14 UTC
Here is again a dump including linenumbers (I will try to reproduce with valgrind and attach a log):

#6  KFileItemModel::lessThan (this=this@entry=0x3f6cf30, a=0x20, a@entry=0x399a440, b=0x0) at /usr/src/debug/kde-baseapps-4.13.0/dolphin/src/kitemviews/kfileitemmodel.cpp:1565
#7  0x00007fb04d15db51 in KFileItemModel::insertItems (this=0x3f6cf30, newItems=...) at /usr/src/debug/kde-baseapps-4.13.0/dolphin/src/kitemviews/kfileitemmodel.cpp:1126
#8  0x00007fb04d15e19f in KFileItemModel::dispatchPendingItemsToInsert (this=0x3b0bf10) at /usr/src/debug/kde-baseapps-4.13.0/dolphin/src/kitemviews/kfileitemmodel.cpp:1065
#9  0x00007fb0adf82d68 in QMetaObject::activate (sender=0x3f70ba0, m=<optimized out>, local_signal_index=<optimized out>, argv=0x0) at kernel/qobject.cpp:3556
#10 0x00007fb0adf86f31 in QObject::event (this=0x3f70ba0, e=<optimized out>) at kernel/qobject.cpp:1165
#11 0x00007fb0ae97e9ec in QApplicationPrivate::notify_helper (this=this@entry=0x103ca40, receiver=receiver@entry=0x3f70ba0, e=e@entry=0x7fff96301790) at kernel/qapplication.cpp:4562
#12 0x00007fb0ae984fb0 in QApplication::notify (this=this@entry=0x7fff96301bf0, receiver=receiver@entry=0x3f70ba0, e=e@entry=0x7fff96301790) at kernel/qapplication.cpp:4348
#13 0x00007fb0af69847a in KApplication::notify (this=0x7fff96301bf0, receiver=0x3f70ba0, event=0x7fff96301790) at /usr/src/debug/kdelibs-4.13.0/kdeui/kernel/kapplication.cpp:311
#14 0x00007fb0adf6f0ad in QCoreApplication::notifyInternal (this=0x7fff96301bf0, receiver=0x3f70ba0, event=0x7fff96301790) at kernel/qcoreapplication.cpp:949
#15 0x00007fb0adf9e83c in sendEvent (event=<optimized out>, receiver=<optimized out>) at kernel/qcoreapplication.h:231
<snip>
Comment 5 Martin Koller 2014-04-23 20:52:02 UTC
Here's the valgrind log.
What I see is interesting: when while the expanded subfolder is populated I collapse the folder, suddenly the files which are inside that folder appear as child nodes of the parent folder.
Comment 6 Martin Koller 2014-04-23 20:52:32 UTC
Created attachment 86237 [details]
valgrind logfile of a crash
Comment 7 Frank Reininghaus 2014-04-23 21:39:08 UTC
Thanks for the information! This was really helpful.

I haven't seen the crash myself yet, but I think I know what's going on: when the folder is collapsed, there are some of its grand-children which have not been added to the model yet. They are then added after collapsing the folder, but without a parent. Accessing their parents then results in a crash.
Comment 8 Frank Reininghaus 2014-04-23 21:41:04 UTC
Created attachment 86238 [details]
Suggested fix

Testing this patch would be appreaciated.

In principle, the crash should also be easily unit-testable now that we know what's going on, but I'm a bit too tired already. I'll try to write one during the next days.
Comment 9 Martin Koller 2014-04-26 12:10:43 UTC
On Wednesday 23 April 2014 21:41:04 you wrote:
> https://bugs.kde.org/show_bug.cgi?id=332102
> 
> --- Comment #8 from Frank Reininghaus <frank78ac@googlemail.com> ---
> Created attachment 86238 [details]
>   --> https://bugs.kde.org/attachment.cgi?id=86238&action=edit
> Suggested fix
> 
> Testing this patch would be appreaciated.

I try to test your patch. I applied the patch and recompiled kde-baseapps against 4.13.0
I have installed (openSuse 13.1).
Running dolphin and doing my tests leads now to:

ASSERT: "index >= 0 || m_items.count() == m_itemData.count()" in file /home/KDE4/source/kde-baseapps/dolphin/src/kitemviews/kfileitemmodel.cpp, line 398

I don't know it that is related though.

Here is a longer backtrace with a crash while testing your patch:

Application: Dolphin (dolphin), signal: Aborted
Using host libthread_db library "/lib64/libthread_db.so.1".
[Current thread is 1 (Thread 0x7f96e8857880 (LWP 9180))]

Thread 4 (Thread 0x7f96cc8df700 (LWP 9181)):
#0  0x00007f96ded36ffa in ?? () from /usr/lib64/libglib-2.0.so.0
#1  0x00007f96ded37289 in g_mutex_lock () from /usr/lib64/libglib-2.0.so.0
#2  0x00007f96decf6cb9 in g_main_context_prepare () from /usr/lib64/libglib-2.0.so.0
#3  0x00007f96decf7523 in ?? () from /usr/lib64/libglib-2.0.so.0
#4  0x00007f96decf770c in g_main_context_iteration () from /usr/lib64/libglib-2.0.so.0
#5  0x00007f96e3cdad76 in QEventDispatcherGlib::processEvents (this=0x7f96c80008c0, flags=...) at kernel/qeventdispatcher_glib.cpp:427
#6  0x00007f96e3cacd0f in QEventLoop::processEvents (this=this@entry=0x7f96cc8ded20, flags=...) at kernel/qeventloop.cpp:149
#7  0x00007f96e3cad005 in QEventLoop::exec (this=this@entry=0x7f96cc8ded20, flags=...) at kernel/qeventloop.cpp:204
#8  0x00007f96e3babfef in QThread::exec (this=this@entry=0x14e27c0) at thread/qthread.cpp:536
#9  0x00007f96e3c8e513 in QInotifyFileSystemWatcherEngine::run (this=0x14e27c0) at io/qfilesystemwatcher_inotify.cpp:256
#10 0x00007f96e3bae68f in QThreadPrivate::start (arg=0x14e27c0) at thread/qthread_unix.cpp:338
#11 0x00007f96e39170db in start_thread () from /lib64/libpthread.so.0
#12 0x00007f96e2ba890d in clone () from /lib64/libc.so.6

Thread 3 (Thread 0x7f96c7f55700 (LWP 9182)):
#0  0x00007f96decc9240 in pthread_mutex_lock@plt () from /usr/lib64/libglib-2.0.so.0
#1  0x00007f96ded37291 in g_mutex_lock () from /usr/lib64/libglib-2.0.so.0
#2  0x00007f96decf6898 in g_main_context_release () from /usr/lib64/libglib-2.0.so.0
#3  0x00007f96decf75b1 in ?? () from /usr/lib64/libglib-2.0.so.0
#4  0x00007f96decf770c in g_main_context_iteration () from /usr/lib64/libglib-2.0.so.0
#5  0x00007f96e3cdad76 in QEventDispatcherGlib::processEvents (this=0x7f96c00008c0, flags=...) at kernel/qeventdispatcher_glib.cpp:427
#6  0x00007f96e3cacd0f in QEventLoop::processEvents (this=this@entry=0x7f96c7f54d60, flags=...) at kernel/qeventloop.cpp:149
#7  0x00007f96e3cad005 in QEventLoop::exec (this=this@entry=0x7f96c7f54d60, flags=...) at kernel/qeventloop.cpp:204
#8  0x00007f96e3babfef in QThread::exec (this=<optimized out>) at thread/qthread.cpp:536
#9  0x00007f96e3bae68f in QThreadPrivate::start (arg=0x16237b0) at thread/qthread_unix.cpp:338
#10 0x00007f96e39170db in start_thread () from /lib64/libpthread.so.0
#11 0x00007f96e2ba890d in clone () from /lib64/libc.so.6

Thread 2 (Thread 0x7f96c70b7700 (LWP 9183)):
#0  0x00007f96e2b9fb3d in poll () from /lib64/libc.so.6
#1  0x00007f96decf7604 in ?? () from /usr/lib64/libglib-2.0.so.0
#2  0x00007f96decf770c in g_main_context_iteration () from /usr/lib64/libglib-2.0.so.0
#3  0x00007f96e3cdad76 in QEventDispatcherGlib::processEvents (this=0x7f96b80008c0, flags=...) at kernel/qeventdispatcher_glib.cpp:427
#4  0x00007f96e3cacd0f in QEventLoop::processEvents (this=this@entry=0x7f96c70b6d20, flags=...) at kernel/qeventloop.cpp:149
#5  0x00007f96e3cad005 in QEventLoop::exec (this=this@entry=0x7f96c70b6d20, flags=...) at kernel/qeventloop.cpp:204
#6  0x00007f96e3babfef in QThread::exec (this=this@entry=0x15c5e60) at thread/qthread.cpp:536
#7  0x00007f96e3c8e513 in QInotifyFileSystemWatcherEngine::run (this=0x15c5e60) at io/qfilesystemwatcher_inotify.cpp:256
#8  0x00007f96e3bae68f in QThreadPrivate::start (arg=0x15c5e60) at thread/qthread_unix.cpp:338
#9  0x00007f96e39170db in start_thread () from /lib64/libpthread.so.0
#10 0x00007f96e2ba890d in clone () from /lib64/libc.so.6

Thread 1 (Thread 0x7f96e8857880 (LWP 9180)):
[KCrash Handler]
#6  0x00007f96e2af6849 in raise () from /lib64/libc.so.6
#7  0x00007f96e2af7cd8 in abort () from /lib64/libc.so.6
#8  0x00007f96e3ba4204 in qt_message_output (msgType=msgType@entry=QtFatalMsg, buf=<optimized out>) at global/qglobal.cpp:2323
#9  0x00007f96e3ba4389 in qt_message(QtMsgType, const char *, typedef __va_list_tag __va_list_tag *) (msgType=msgType@entry=QtFatalMsg, msg=msg@entry=0x7f96e3d0f518 "ASSERT: \"%s\" in file %s, line %d", ap=ap@entry=0x7fff4db48738) at global/qglobal.cpp:2369
#10 0x00007f96e3ba4b94 in qFatal (msg=msg@entry=0x7f96e3d0f518 "ASSERT: \"%s\" in file %s, line %d") at global/qglobal.cpp:2552
#11 0x00007f96e3ba4bda in qt_assert (assertion=<optimized out>, file=<optimized out>, line=<optimized out>) at global/qglobal.cpp:2018
#12 0x00007f96e80e69c8 in KFileItemModel::index (this=0x1622070, url=...) at /home/KDE4/source/kde-baseapps/dolphin/src/kitemviews/kfileitemmodel.cpp:398
#13 0x00007f96e80e8d12 in KFileItemModel::slotItemsAdded (this=0x1622070, directoryUrl=..., items=...) at /home/KDE4/source/kde-baseapps/dolphin/src/kitemviews/kfileitemmodel.cpp:881
#14 0x00007f96e80efb0c in KFileItemModel::qt_static_metacall (_o=0x1622070, _c=QMetaObject::InvokeMetaMethod, _id=12, _a=0x7fff4db48ae0) at /home/KDE4/build/kde-baseapps/dolphin/src/kfileitemmodel.moc:93
#15 0x00007f96e3cc1d68 in QMetaObject::activate (sender=0x16221f0, m=m@entry=0x7f96e6989740 <KDirLister::staticMetaObject>, local_signal_index=local_signal_index@entry=10, argv=argv@entry=0x7fff4db48ae0) at kernel/qobject.cpp:3556
#16 0x00007f96e6604b7a in KDirLister::itemsAdded (this=<optimized out>, _t1=..., _t2=...) at /usr/src/debug/kdelibs-4.13.0/build/kio/kdirlister.moc:287
#17 0x00007f96e6606a6b in KDirLister::Private::emitItems (this=this@entry=0x15fcd60) at /usr/src/debug/kdelibs-4.13.0/kio/kio/kdirlister.cpp:2505
#18 0x00007f96e6611dab in KDirListerCache::emitItemsFromCache (this=0x14ebfc0, cachedItemsJob=cachedItemsJob@entry=0x18fc320, lister=lister@entry=0x16221f0, _url=..., _reload=false, _emitCompleted=<optimized out>) at /usr/src/debug/kdelibs-4.13.0/kio/kio/kdirlister.cpp:343
#19 0x00007f96e6611f72 in KDirLister::Private::CachedItemsJob::done (this=0x18fc320) at /usr/src/debug/kdelibs-4.13.0/kio/kio/kdirlister.cpp:307
#20 0x00007f96e3cc611e in QObject::event (this=0x18fc320, e=<optimized out>) at kernel/qobject.cpp:1203
#21 0x00007f96e4b308ac in QApplicationPrivate::notify_helper(QObject*, QEvent*) () from /usr/lib64/libQtGui.so.4
#22 0x00007f96e4b36e70 in QApplication::notify(QObject*, QEvent*) () from /usr/lib64/libQtGui.so.4
#23 0x00007f96e584747a in KApplication::notify (this=0x7fff4db492e0, receiver=0x18fc320, event=0x1b68ec0) at /usr/src/debug/kdelibs-4.13.0/kdeui/kernel/kapplication.cpp:311
#24 0x00007f96e3cae0ad in QCoreApplication::notifyInternal (this=0x7fff4db492e0, receiver=receiver@entry=0x18fc320, event=event@entry=0x1b68ec0) at kernel/qcoreapplication.cpp:949
#25 0x00007f96e3cb10ff in sendEvent (event=0x1b68ec0, receiver=0x18fc320) at kernel/qcoreapplication.h:231
#26 QCoreApplicationPrivate::sendPostedEvents (receiver=receiver@entry=0x0, event_type=event_type@entry=0, data=0x11e81e0) at kernel/qcoreapplication.cpp:1573
#27 0x00007f96e3cb15a3 in QCoreApplication::sendPostedEvents (receiver=receiver@entry=0x0, event_type=event_type@entry=0) at kernel/qcoreapplication.cpp:1466
#28 0x00007f96e3cdb493 in sendPostedEvents () at kernel/qcoreapplication.h:236
#29 postEventSourceDispatch (s=0x120a590) at kernel/qeventdispatcher_glib.cpp:280
#30 0x00007f96decf7316 in g_main_context_dispatch () from /usr/lib64/libglib-2.0.so.0
#31 0x00007f96decf7668 in ?? () from /usr/lib64/libglib-2.0.so.0
#32 0x00007f96decf770c in g_main_context_iteration () from /usr/lib64/libglib-2.0.so.0
#33 0x00007f96e3cdad55 in QEventDispatcherGlib::processEvents (this=0x1216630, flags=...) at kernel/qeventdispatcher_glib.cpp:425
#34 0x00007f96e4bcd936 in ?? () from /usr/lib64/libQtGui.so.4
#35 0x00007f96e3cacd0f in QEventLoop::processEvents (this=this@entry=0x7fff4db49260, flags=...) at kernel/qeventloop.cpp:149
#36 0x00007f96e3cad005 in QEventLoop::exec (this=this@entry=0x7fff4db49260, flags=...) at kernel/qeventloop.cpp:204
#37 0x00007f96e3cb213b in QCoreApplication::exec () at kernel/qcoreapplication.cpp:1221
#38 0x00007f96e842c851 in kdemain (argc=1, argv=0x7fff4db49888) at /home/KDE4/source/kde-baseapps/dolphin/src/main.cpp:93
#39 0x0000000000400a22 in main (argc=1, argv=0x7fff4db49888) at /home/KDE4/build/kde-baseapps/dolphin/src/dolphin_dummy.cpp:3
Comment 10 Frank Reininghaus 2014-04-28 17:25:42 UTC
Created attachment 86316 [details]
Patch including the fix, a unit test, and some debugging output

Thanks for testing it! I think that the new crash might be due to a different problem, but I'd prefer to understand why it happens and fix this problem too before we make any changes to the KDE/4.13 branch.

This patch will print some debugging output if you start Dolphin or Konqueror from a shell. It might help to understand what goes wrong before the crash. It would be cool if you could apply the patch, reproduce the new crash, and attach the output here.

Note that the output will contain file and directory names, and possibly names of Samba shares. If there is anything that you want to keep private, feel free to obfuscate some of the information. Alternatively, you can send me the output by private mail - I promise to only use it for debugging purposes and not make it public.

Thanks for your help!
Comment 11 Frank Reininghaus 2014-05-08 09:29:08 UTC
Created attachment 86520 [details]
New patch (including a better fix and some debug output)

Thanks to Martin for sending me his debug output, which was very useful.

It turns out that the problem occurred when collapsing a top-level folder which had expanded children that KDirLister had not finished listing yet. In that case, we would receive new items for these folders at some later point, even though the folder was not not in the model any more.

The new items were then inserted into the model as top-level items (because their parent could not be found). The model was thus in an inconsistent state, which could cause all kinds of trouble later on (e.g., when re-expanding the top-level folder).

The bug exists at least since Dolphin 2.0/KDE SC 4.8, by the way, but it would just cause a messed-up view, and no crash, because the assert was added only recently.

On top of the previous fix, the new patch now tells KDirLister to stop listing any (direct and indirect) children of a collapsed folder.

I hope that this fixes the problem. If there is still a crash, or the view gets messed up in some way (like grandchildren of a collapsed top-level item being shown as top-level items), it would be cool if I could get some updated debug output.

Thank you very much for your help!
Comment 12 Martin Koller 2014-05-08 15:02:58 UTC
That last patch looks good. I played with it for a few minutes and could no longer crash dolphin.
Great!
Thanks!
Comment 13 Frank Reininghaus 2014-05-08 15:42:59 UTC
Cool, thanks for the quick update! I've removed the debug output and added some further explanations here:

https://git.reviewboard.kde.org/r/118055/
Comment 14 Frank Reininghaus 2014-05-12 12:22:14 UTC
*** Bug 334655 has been marked as a duplicate of this bug. ***
Comment 15 Frank Reininghaus 2014-05-13 17:13:59 UTC
Git commit e0aec6f923f849bc5af1981ee1bfe83687a7de5c by Frank Reininghaus.
Committed on 13/05/2014 at 17:04.
Pushed by freininghaus into branch 'KDE/4.13'.

Ensure that all children of a collapsed folder are removed

Before this patch, any (direct or indirect) children that might have
been in m_pendingItemsToInsert, i.e., that were not inserted into the
model yet because KDirLister had not finished listing the directory
yet, would be added to the model later without a proper parent. This
could cause a crash later on.
FIXED-IN: 4.13.2

M  +12   -0    dolphin/src/kitemviews/kfileitemmodel.cpp
M  +78   -0    dolphin/src/tests/kfileitemmodeltest.cpp

http://commits.kde.org/kde-baseapps/e0aec6f923f849bc5af1981ee1bfe83687a7de5c
Comment 16 Frank Reininghaus 2014-05-13 17:14:00 UTC
Git commit 4642301ea0f4b87a3da2e7f810af6154b29dd612 by Frank Reininghaus.
Committed on 13/05/2014 at 17:06.
Pushed by freininghaus into branch 'KDE/4.13'.

Stop listing children of collapsed folders

Before this patch, KDirLister would continue listing any children of
collapsed folders, even though the children themselves were removed
from the model. This could lead to new items being inserted as
top-level items at some later point, because no parent could be found
for them. This inconsistent model state could lead to a crash later on.

Many thanks to Martin Koller for helping to debug this problem!
REVIEW: 118055
FIXED-IN: 4.13.2

M  +2    -0    dolphin/src/kitemviews/kfileitemmodel.cpp

http://commits.kde.org/kde-baseapps/4642301ea0f4b87a3da2e7f810af6154b29dd612