Bug 372745 - Segmentation fault on connect to phone in Debian sid (kdeconnect 1.0.1-1)
Summary: Segmentation fault on connect to phone in Debian sid (kdeconnect 1.0.1-1)
Status: RESOLVED FIXED
Alias: None
Product: kdeconnect
Classification: Applications
Component: common (show other bugs)
Version: 1.3.3
Platform: Debian testing Linux
: NOR crash
Target Milestone: ---
Assignee: Albert Vaca Cintora
URL:
Keywords:
: 402839 (view as bug list)
Depends on:
Blocks:
 
Reported: 2016-11-21 16:23 UTC by Tim Small
Modified: 2020-11-29 00:57 UTC (History)
5 users (show)

See Also:
Latest Commit:
Version Fixed In:


Attachments
Fix segfault with IPv4-mapped IPv6 addresses (829 bytes, patch)
2018-09-16 12:38 UTC, Jasmin Buchert
Details

Note You need to log in before you can comment on or make changes to this bug.
Description Tim Small 2016-11-21 16:23:36 UTC
Daemon crashes when the android phone wakes up.  Always reproducible, on Debian/sid amd64.

ii  kdeconnect       1.0.1-1       amd64         connect smartphones to your KDE Plasma


PC interface info:

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: ethLAN: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel master brint state UP group default qlen 1000
3: brint: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    inet 172.19.198.5/24 brd 172.19.198.255 scope global brint
       valid_lft forever preferred_lft forever
    inet6 2001:470:1b4a:1:405:5dff:fe10:5138/64 scope global mngtmpaddr dynamic 
       valid_lft 86393sec preferred_lft 14393sec
    inet6 fe80::405:5dff:fe10:5138/64 scope link 
       valid_lft forever preferred_lft forever
4: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default qlen 1000
    inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0
       valid_lft forever preferred_lft forever

Android interface info (in both cases, interfaced without IP addresses have been removed from the output):

WiFi IP 172.19.198.115
lo	Link encap:LOOPBACK	HWaddr N/A
UP LOOPBACK 	MTU:16436
inet4 127.0.0.1 allocation Class A
inet6 ::1 allocation Reserved
wlan0	Link encap:ETHERNET	HWaddr 40 78 6A 80 AE 1F 
UP BROADCAST ETHERNET MULTICAST 	MTU:1500
inet4 172.19.198.255 allocation Broadcast
inet4 172.19.198.115 allocation Private
inet6 fe80::4278:6aff:fe80:ae1f allocation Link-Local
inet6 2001:470:1b4a:1:4278:6aff:fe80:ae1f allocation ARIN
inet6 2001:470:1b4a:1:88ee:eee3:d845:2030 allocation ARIN
DNS:
net.dns1 fe80::6666:b3ff:fef6:4a2c
net.dns2 172.19.198.253



(gdb) run
Starting program: /usr/lib/x86_64-linux-gnu/libexec/kdeconnectd 
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
[New Thread 0x7fffe5ee9700 (LWP 6437)]
[New Thread 0x7fffdedf9700 (LWP 6438)]
kdeconnect.core: KdeConnect daemon starting
[New Thread 0x7fffde5f8700 (LWP 6439)]
kdeconnect.core: onStart
kdeconnect.core: KdeConnect daemon started
kdeconnect.core: Broadcasting identity packet
kdeconnect.core: Fallback (1), try reverse connection (send udp packet) "Network unreachable"

Thread 1 "kdeconnectd" received signal SIGSEGV, Segmentation fault.
0x00007ffff7f4187e in QSslSocket::connectToHost (this=this@entry=0x6cb420, hostName=..., 
    port=port@entry=1716, openMode=..., 
    protocol=protocol@entry=QAbstractSocket::AnyIPProtocol) at ssl/qsslsocket.cpp:1934
1934        d->cachedSocketDescriptor = d->plainSocket->socketDescriptor();
(gdb) bt
#0  0x00007ffff7f4187e in QSslSocket::connectToHost (this=this@entry=0x6cb420, 
    hostName=..., port=port@entry=1716, openMode=..., 
    protocol=protocol@entry=QAbstractSocket::AnyIPProtocol) at ssl/qsslsocket.cpp:1934
#1  0x00007ffff7f179fb in QAbstractSocket::connectToHost (this=0x6cb420, address=..., 
    port=<optimized out>, openMode=...) at socket/qabstractsocket.cpp:1738
#2  0x00007ffff7b9d81e in LanLinkProvider::newUdpConnection (this=<optimized out>)
    at ./core/backends/lan/lanlinkprovider.cpp:176
#3  0x00007ffff7bca1e5 in LanLinkProvider::qt_static_metacall (_o=<optimized out>, 
    _c=<optimized out>, _id=<optimized out>, _a=<optimized out>)
    at ./obj-x86_64-linux-gnu/core/moc_lanlinkprovider.cpp:118
#4  0x00007ffff63dacd9 in QMetaObject::activate (sender=sender@entry=0x66b658, 
    signalOffset=<optimized out>, local_signal_index=local_signal_index@entry=0, 
    argv=argv@entry=0x0) at kernel/qobject.cpp:3740
#5  0x00007ffff63db5f7 in QMetaObject::activate (sender=sender@entry=0x66b658, 
    m=m@entry=0x7ffff65faec0 <QIODevice::staticMetaObject>, 
    local_signal_index=local_signal_index@entry=0, argv=argv@entry=0x0)
    at kernel/qobject.cpp:3602
#6  0x00007ffff6450cc0 in QIODevice::readyRead (this=this@entry=0x66b658)
    at .moc/moc_qiodevice.cpp:184
#7  0x00007ffff7f189a5 in QAbstractSocketPrivate::emitReadyRead (this=this@entry=0x66fde0)
    at socket/qabstractsocket.cpp:1303
#8  0x00007ffff7f18a5c in QAbstractSocketPrivate::canReadNotification (this=0x66fde0)
    at socket/qabstractsocket.cpp:724
#9  0x00007ffff7f23861 in QReadNotifier::event (this=<optimized out>, e=<optimized out>)
    at socket/qnativesocketengine.cpp:1209
#10 0x00007ffff6c95b2c in QApplicationPrivate::notify_helper (this=<optimized out>, 
    receiver=0x6bb000, e=0x7fffffffdba0) at kernel/qapplication.cpp:3799
#11 0x00007ffff6c9d2e1 in QApplication::notify (this=0x7fffffffde40, receiver=0x6bb000, 
    e=0x7fffffffdba0) at kernel/qapplication.cpp:3556
#12 0x00007ffff63af0e0 in QCoreApplication::notifyInternal2 (receiver=0x6bb000, 
    event=event@entry=0x7fffffffdba0) at kernel/qcoreapplication.cpp:988
#13 0x00007ffff6403bcd in QCoreApplication::sendEvent (event=0x7fffffffdba0, 
    receiver=<optimized out>)
    at ../../include/QtCore/../../src/corelib/kernel/qcoreapplication.h:231
#14 socketNotifierSourceDispatch (source=0x65b7b0) at kernel/qeventdispatcher_glib.cpp:106
#15 0x00007ffff11e57f7 in g_main_dispatch (context=0x7fffe00016f0)
    at ././glib/gmain.c:3203
#16 g_main_context_dispatch (context=context@entry=0x7fffe00016f0)
    at ././glib/gmain.c:3856
#17 0x00007ffff11e5a60 in g_main_context_iterate (context=context@entry=0x7fffe00016f0, 
    block=block@entry=1, dispatch=dispatch@entry=1, self=<optimized out>)
    at ././glib/gmain.c:3929
#18 0x00007ffff11e5b0c in g_main_context_iteration (context=0x7fffe00016f0, 
    may_block=may_block@entry=1) at ././glib/gmain.c:3990
#19 0x00007ffff640371f in QEventDispatcherGlib::processEvents (this=0x666340, flags=...)
    at kernel/qeventdispatcher_glib.cpp:423
#20 0x00007ffff63ad0ca in QEventLoop::exec (this=this@entry=0x7fffffffddc0, flags=..., 
    flags@entry=...) at kernel/qeventloop.cpp:212
#21 0x00007ffff63b583c in QCoreApplication::exec () at kernel/qcoreapplication.cpp:1261
#22 0x00007ffff66f22dc in QGuiApplication::exec () at kernel/qguiapplication.cpp:1633
#23 0x00007ffff6c95a85 in QApplication::exec () at kernel/qapplication.cpp:2975
#24 0x0000000000401e32 in main (argc=<optimized out>, argv=<optimized out>)
    at ./daemon/kdeconnectd.cpp:87
Comment 1 Aleix Pol 2018-01-16 22:37:07 UTC
Can you still reproduce?
Comment 2 Tobias C. Berner 2018-06-03 21:53:30 UTC
Hi there

I have the same issue on FreeBSD.

### BT
lldb) run
Process 59923 launching
Process 59923 launched: '/home/Tobias/devel/kdeconnect-kde/build/bin/kdeconnectd' (x86_64)
QNativeSocketEngine::writeDatagram() was called not in QAbstractSocket::BoundState or QAbstractSocket::ConnectedState 
kdeconnect.core: Fallback (1), try reverse connection (send udp packet) "Connection refused"
Process 59923 stopped
* thread #1, name = 'kdeconnectd', stop reason = signal SIGSEGV: invalid address (fault address: 0x0)
    frame #0: 0x000000080177db81 libQt5Network.so.5`QSslSocket::connectToHost(this=0x00000008133aabf0, hostName=0x00007fffffffb6b8, port=1716, openMode=(i = 3), protocol=AnyIPProtocol) at qsslsocket.cpp:1947
(lldb) bt all
error: libkdeconnectcore.so.1 :: Class 'QTimer' has a base class 'QObject' which does not have a complete definition.
error: libkdeconnectcore.so.1 :: Try compiling the source file with -fstandalone-debug.
* thread #1, name = 'kdeconnectd', stop reason = signal SIGSEGV: invalid address (fault address: 0x0)
  * frame #0: 0x000000080177db81 libQt5Network.so.5`QSslSocket::connectToHost(this=0x00000008133aabf0, hostName=0x00007fffffffb6b8, port=1716, openMode=(i = 3), protocol=AnyIPProtocol) at qsslsocket.cpp:1947
    frame #1: 0x000000080174c0b8 libQt5Network.so.5`QAbstractSocket::connectToHost(this=0x00000008133aabf0, address=0x00007fffffffb988, port=1716, openMode=(i = 3)) at qabstractsocket.cpp:1762
    frame #2: 0x00000008006628ee libkdeconnectcore.so.1`LanLinkProvider::newUdpConnection(this=0x0000000807f80e80) at lanlinkprovider.cpp:235
    frame #3: 0x000000080066925e libkdeconnectcore.so.1`QtPrivate::FunctorCall<QtPrivate::IndexesList<>, QtPrivate::List<>, void, void (LanLinkProvider::*)()>::call(f=10 22 66 00 08 00 00 00 00 00 00 00 00 00 00 00, o=0x0000000807f80e80, arg=0x00007fffffffbe68)(), LanLinkProvider*, void**) at qobjectdefs_impl.h:136
    frame #4: 0x00000008006691d3 libkdeconnectcore.so.1`void QtPrivate::FunctionPointer<void (LanLinkProvider::*)()>::call<QtPrivate::List<>, void>(f=10 22 66 00 08 00 00 00 00 00 00 00 00 00 00 00, o=0x0000000807f80e80, arg=0x00007fffffffbe68)(), LanLinkProvider*, void**) at qobjectdefs_impl.h:169
    frame #5: 0x00000008006690f6 libkdeconnectcore.so.1`QtPrivate::QSlotObject<void (LanLinkProvider::*)(), QtPrivate::List<>, void>::impl(which=1, this_=0x0000000802ffdb20, r=0x0000000807f80e80, a=0x00007fffffffbe68, ret=0x0000000000000000) at qobjectdefs_impl.h:398
    frame #6: 0x0000000804bb7476 libQt5Core.so.5`QtPrivate::QSlotObjectBase::call(this=0x0000000802ffdb20, r=0x0000000807f80e80, a=0x00007fffffffbe68) at qobjectdefs_impl.h:378
    frame #7: 0x0000000804bf4955 libQt5Core.so.5`QMetaObject::activate(sender=0x0000000807f80e98, signalOffset=3, local_signal_index=0, argv=0x0000000000000000) at qobject.cpp:3750
    frame #8: 0x0000000804bf3ffd libQt5Core.so.5`QMetaObject::activate(sender=0x0000000807f80e98, m=0x00000008050dd1f0, local_signal_index=0, argv=0x0000000000000000) at qobject.cpp:3629
    frame #9: 0x0000000804a991c2 libQt5Core.so.5`QIODevice::readyRead(this=0x0000000807f80e98) at moc_qiodevice.cpp:185
    frame #10: 0x00000008017498b1 libQt5Network.so.5`QAbstractSocketPrivate::emitReadyRead(this=0x0000000804777180, channel=0) at qabstractsocket.cpp:1302
    frame #11: 0x00000008017494a9 libQt5Network.so.5`QAbstractSocketPrivate::canReadNotification(this=0x0000000804777180) at qabstractsocket.cpp:729
    frame #12: 0x000000080174f8b6 libQt5Network.so.5`QAbstractSocketPrivate::readNotification(this=0x0000000804777180) at qabstractsocket_p.h:75
    frame #13: 0x0000000801743948 libQt5Network.so.5`QAbstractSocketEngine::readNotification(this=0x00000008133aa5a0) at qabstractsocketengine.cpp:160
    frame #14: 0x000000080176062a libQt5Network.so.5`QReadNotifier::event(this=0x000000081337a9e0, e=0x00007fffffffcd80) at qnativesocketengine.cpp:1274
    frame #15: 0x000000080317dbef libQt5Widgets.so.5`QApplicationPrivate::notify_helper(this=0x0000000804777000, receiver=0x000000081337a9e0, e=0x00007fffffffcd80) at qapplication.cpp:3732
    frame #16: 0x000000080317f817 libQt5Widgets.so.5`QApplication::notify(this=0x00007fffffffd1a0, receiver=0x000000081337a9e0, e=0x00007fffffffcd80) at qapplication.cpp:3104
    frame #17: 0x0000000804ba287d libQt5Core.so.5`QCoreApplication::notifyInternal2(receiver=0x000000081337a9e0, event=0x00007fffffffcd80) at qcoreapplication.cpp:1050
    frame #18: 0x0000000804ba80d8 libQt5Core.so.5`QCoreApplication::sendEvent(receiver=0x000000081337a9e0, event=0x00007fffffffcd80) at qcoreapplication.h:234
    frame #19: 0x0000000804c3d7f5 libQt5Core.so.5`socketNotifierSourceDispatch(source=0x0000000804771b90, (null)=0x0000000000000000, (null)=0x0000000000000000)(void*), void*) at qeventdispatcher_glib.cpp:106
    frame #20: 0x0000000808b94b37 libglib-2.0.so.0`g_main_context_dispatch + 311
    frame #21: 0x0000000808b94ec4 libglib-2.0.so.0`___lldb_unnamed_symbol114$$libglib-2.0.so.0 + 516
    frame #22: 0x0000000808b94f74 libglib-2.0.so.0`g_main_context_iteration + 100
    frame #23: 0x0000000804c3c904 libQt5Core.so.5`QEventDispatcherGlib::processEvents(this=0x0000000802ff3620, flags=(i = 36)) at qeventdispatcher_glib.cpp:423
    frame #24: 0x000000080f6b9e01 libQt5XcbQpa.so.5`QPAEventDispatcherGlib::processEvents(this=0x0000000802ff3620, flags=(i = 36)) at qeventdispatcher_glib.cpp:69
    frame #25: 0x0000000804b9dcc4 libQt5Core.so.5`QEventLoop::processEvents(this=0x00007fffffffd080, flags=(i = 36)) at qeventloop.cpp:134
    frame #26: 0x0000000804b9dedc libQt5Core.so.5`QEventLoop::exec(this=0x00007fffffffd080, flags=(i = 0)) at qeventloop.cpp:212
    frame #27: 0x0000000804ba30d8 libQt5Core.so.5`QCoreApplication::exec() at qcoreapplication.cpp:1338
    frame #28: 0x0000000803d1f276 libQt5Gui.so.5`QGuiApplication::exec() at qguiapplication.cpp:1687
    frame #29: 0x000000080317f109 libQt5Widgets.so.5`QApplication::exec() at qapplication.cpp:2917
    frame #30: 0x0000000000402435 kdeconnectd`main(argc=1, argv=0x00007fffffffd218) at kdeconnectd.cpp:99
    frame #31: 0x00000000004020a5 kdeconnectd`_start(ap=<unavailable>, cleanup=<unavailable>) at crt1.c:74
  thread #2, name = 'kdeconnectd'
    frame #0: 0x000000080526258a libc.so.7`_poll at _poll.S:3
    frame #1: 0x0000000802fd3f46 libthr.so.3`__thr_poll(fds=<unavailable>, nfds=<unavailable>, timeout=<unavailable>) at thr_syscalls.c:338
    frame #2: 0x0000000809f8fe32 libxcb.so.1`___lldb_unnamed_symbol3$$libxcb.so.1 + 226
    frame #3: 0x0000000809f91ffb libxcb.so.1`xcb_wait_for_event + 123
    frame #4: 0x000000080f5f8d45 libQt5XcbQpa.so.5`QXcbEventReader::run(this=0x00000008047e4000) at qxcbconnection.cpp:1370
    frame #5: 0x00000008048d7ee6 libQt5Core.so.5`QThreadPrivate::start(arg=0x00000008047e4000) at qthread_unix.cpp:376
    frame #6: 0x0000000802fd1426 libthr.so.3`thread_start(curthread=0x0000000802feef00) at thr_create.c:291
  thread #3, name = 'kdeconnectd'
    frame #0: 0x000000080526258a libc.so.7`_poll at _poll.S:3
    frame #1: 0x0000000802fd3f46 libthr.so.3`__thr_poll(fds=<unavailable>, nfds=<unavailable>, timeout=<unavailable>) at thr_syscalls.c:338
    frame #2: 0x0000000808b94e67 libglib-2.0.so.0`___lldb_unnamed_symbol114$$libglib-2.0.so.0 + 423
    frame #3: 0x0000000808b94f74 libglib-2.0.so.0`g_main_context_iteration + 100
    frame #4: 0x0000000804c3c904 libQt5Core.so.5`QEventDispatcherGlib::processEvents(this=0x0000000807feb000, flags=(i = 36)) at qeventdispatcher_glib.cpp:423
    frame #5: 0x0000000804b9dcc4 libQt5Core.so.5`QEventLoop::processEvents(this=0x00007fffdfdfbe28, flags=(i = 36)) at qeventloop.cpp:134
    frame #6: 0x0000000804b9dedc libQt5Core.so.5`QEventLoop::exec(this=0x00007fffdfdfbe28, flags=(i = 0)) at qeventloop.cpp:212
    frame #7: 0x00000008048cdf43 libQt5Core.so.5`QThread::exec(this=0x0000000804769ff8) at qthread.cpp:522
    frame #8: 0x00000008044ca31f libQt5DBus.so.5`QDBusConnectionManager::run(this=0x0000000804769ff8) at qdbusconnection.cpp:178
    frame #9: 0x00000008048d7ee6 libQt5Core.so.5`QThreadPrivate::start(arg=0x0000000804769ff8) at qthread_unix.cpp:376
    frame #10: 0x0000000802fd1426 libthr.so.3`thread_start(curthread=0x0000000802ff0800) at thr_create.c:291
  thread #4, name = 'kdeconnectd'
    frame #0: 0x000000080526258a libc.so.7`_poll at _poll.S:3
    frame #1: 0x0000000802fd3f46 libthr.so.3`__thr_poll(fds=<unavailable>, nfds=<unavailable>, timeout=<unavailable>) at thr_syscalls.c:338
    frame #2: 0x0000000808b94e67 libglib-2.0.so.0`___lldb_unnamed_symbol114$$libglib-2.0.so.0 + 423
    frame #3: 0x0000000808b94f74 libglib-2.0.so.0`g_main_context_iteration + 100
    frame #4: 0x0000000804c3c904 libQt5Core.so.5`QEventDispatcherGlib::processEvents(this=0x000000080d38a000, flags=(i = 36)) at qeventdispatcher_glib.cpp:423
    frame #5: 0x0000000804b9dcc4 libQt5Core.so.5`QEventLoop::processEvents(this=0x00007fffdfbfae68, flags=(i = 36)) at qeventloop.cpp:134
    frame #6: 0x0000000804b9dedc libQt5Core.so.5`QEventLoop::exec(this=0x00007fffdfbfae68, flags=(i = 0)) at qeventloop.cpp:212
    frame #7: 0x00000008048cdf43 libQt5Core.so.5`QThread::exec(this=0x0000000803b9a340) at qthread.cpp:522
    frame #8: 0x00000008048ce135 libQt5Core.so.5`QThread::run(this=0x0000000803b9a340) at qthread.cpp:589
    frame #9: 0x00000008048d7ee6 libQt5Core.so.5`QThreadPrivate::start(arg=0x0000000803b9a340) at qthread_unix.cpp:376
    frame #10: 0x0000000802fd1426 libthr.so.3`thread_start(curthread=0x0000000802ff1200) at thr_create.c:291

###



mfg Tobias
Comment 3 Tobias C. Berner 2018-06-04 10:52:38 UTC
The problem seems to be mapped Ipv4 addresses "::ffff:172.16.0.103".
Comment 4 Jasmin Buchert 2018-09-16 12:38:49 UTC
Created attachment 115008 [details]
Fix segfault with IPv4-mapped IPv6 addresses

Works for me(TM)
Comment 5 Aleix Pol 2018-09-19 12:20:28 UTC
Can you please submit it to phabricator? There we can discuss the patch.

To me it feels weird to translate from ipv6 to 4 though, but maybe I just don't understand well the bug.
Comment 6 Christoph Feck 2019-01-04 00:55:05 UTC
*** Bug 402839 has been marked as a duplicate of this bug. ***
Comment 7 Ariel Garcia 2019-01-04 01:18:18 UTC
I still see this bug in kdeconnect 1.3.3, Debian testing (see backtrace in Bug #402839).

Any hint how to "workaround" this at the network level?
Comment 8 Justin Zobel 2020-11-12 09:03:40 UTC
I haven't been able to reproduce this on kdeconnect from git master.

Can you please test and confirm if this issue is still occurring or if this bug report can be marked as resolved. I'm setting status to "needsinfo" pending your response, please change back to "reported" or "resolved" when you respond, thanks.
Comment 9 Bug Janitor Service 2020-11-27 04:34:00 UTC
Dear Bug Submitter,

This bug has been in NEEDSINFO status with no change for at least
15 days. Please provide the requested information as soon as
possible and set the bug status as REPORTED. Due to regular bug
tracker maintenance, if the bug is still in NEEDSINFO status with
no change in 30 days the bug will be closed as RESOLVED > WORKSFORME
due to lack of needed information.

For more information about our bug triaging procedures please read the
wiki located here:
https://community.kde.org/Guidelines_and_HOWTOs/Bug_triaging

If you have already provided the requested information, please
mark the bug as REPORTED so that the KDE team knows that the bug is
ready to be confirmed.

Thank you for helping us make KDE software even better for everyone!
Comment 10 Ariel Garcia 2020-11-27 10:25:15 UTC
I am now running kde connect from the current Debian testing:

ii  kdeconnect     20.08.3-1    amd64     connect smartphones to your KDE Plasma Workspace

It does not crash anymore upon connecting to the phone.
(I could not transfer files anyways, but that must be some other issue :-(
Comment 11 Justin Zobel 2020-11-29 00:57:06 UTC
Thanks for the update. If there are other unrelated issues please report a bug if there is not one existing for it already, thanks!