387408 – Kgpg crashing on getting properties of empty (NULL) keys

Bug 387408 - Kgpg crashing on getting properties of empty (NULL) keys

Summary: Kgpg crashing on getting properties of empty (NULL) keys

Status:	RESOLVED FIXED

Alias:	None

Product:	kgpg
Classification:	Applications
Component:	general (show other bugs)
Version:	unspecified
Platform:	Compiled Sources macOS

Importance:	NOR crash
Target Milestone:	---
Assignee:	Rolf Eike Beer

URL:
Keywords:	drkonqi

Depends on:
Blocks:

Reported:	2017-11-28 15:54 UTC by RJVB
Modified:	2018-02-09 18:02 UTC (History)
CC List:	1 user (show)

See Also:
Latest Commit:	https://commits.kde.org/kgpg/432f03e8f3eae5d7d0e3c70c5324006a2f2a381a
Version Fixed In:	17.12.3

Attachments
after requesting the key properties of the selected item (141.94 KB, image/png) 2017-11-28 16:00 UTC, RJVB	Details
New crash information added by DrKonqi (21.50 KB, text/plain) 2017-12-02 19:00 UTC, RJVB	Details
View All Add an attachment

Note You need to log in before you can comment on or make changes to this bug.

Description RJVB 2017-11-28 15:54:51 UTC

Application: kgpg (17.08.3)
 (Compiled from sources)
Qt Version: 5.8.0
Frameworks Version: 5.38.0
Operating System: Darwin 13.4.0 x86_64
Distribution (Platform): MacPorts Packages

-- Information about the crash:
- What I was doing when the application crashed:

I tried to inspect the properties of a few strange keys I saw in the manager window (see the screenshot I'll attach)

It turns out that those correspond to entries with a NULL KGpgKeyNode instance; KgpgKeyInfo() and none of the methods it calls are prepared to receive a NULL node.

The crash can be reproduced every time.

-- Backtrace:
Application: KGpg (kgpg), signal: Segmentation fault: 11
(lldb) process attach --pid 40238
Process 40238 stopped
Executable module set to "/Applications/MacPorts/KF5/kgpg.app/Contents/MacOS/kgpg".
Architecture set to: x86_64-apple-macosx.
(lldb) set term-width 200
(lldb) thread info
thread #1: tid = 0xd1dc86, 0x00007fff8b8d3e20 libsystem_kernel.dylib`__wait4 + 8, queue = 'com.apple.main-thread', stop reason = signal SIGSTOP

(lldb) bt all
* thread #1: tid = 0xd1dc86, 0x00007fff8b8d3e20 libsystem_kernel.dylib`__wait4 + 8, queue = 'com.apple.main-thread', stop reason = signal SIGSTOP
  * frame #0: 0x00007fff8b8d3e20 libsystem_kernel.dylib`__wait4 + 8
    frame #1: 0x00000001057e9cde libKF5Crash.5.dylib`KCrash::startProcess(int, char const**, bool) [inlined] startProcessInternal(argc=<unavailable>, directly=<unavailable>) + 125 at kcrash.cpp:651
    frame #2: 0x00000001057e9c61 libKF5Crash.5.dylib`KCrash::startProcess(argc=<unavailable>, argv=<unavailable>, waitAndExit=<unavailable>) + 17 at kcrash.cpp:633
    frame #3: 0x00000001057e9aa5 libKF5Crash.5.dylib`KCrash::defaultCrashHandler(sig=11) + 1061 at kcrash.cpp:530
    frame #4: 0x00007fff8e69b5aa libsystem_platform.dylib`_sigtramp + 26
    frame #5: 0x000000010543fa52 kgpg`KGpgChangeKey::KGpgChangeKey(this=0x00007fe48303a860, node=0x0000000000000000, widget=0x00007fe4830645f0) + 50 at kgpgchangekey.cpp:25
    frame #6: 0x000000010542ad2a kgpg`KgpgKeyInfo::KgpgKeyInfo(this=0x00007fe4830645f0, node=0x0000000000000000, model=0x00007fe480691630, parent=<unavailable>) + 90 at keyinfodialog.cpp:107
    frame #7: 0x00000001053df4aa kgpg`KeysManager::keyproperties(this=0x00007fe480679f20) + 1114 at keysmanager.cpp:1683
    frame #8: 0x0000000108054fab QtCore`QMetaObject::activate(QObject*, int, int, void**) [inlined] QtPrivate::QSlotObjectBase::call(this=<unavailable>, r=<unavailable>, a=<unavailable>) + 2011 at qobject_impl.h:101
    frame #9: 0x0000000108054f8f QtCore`QMetaObject::activate(sender=0x00007fe4806c95d0, signalOffset=<unavailable>, local_signal_index=<unavailable>, argv=<unavailable>) + 1983 at qobject.cpp:3728
    frame #10: 0x0000000106ef9aae QtWidgets`QAction::activate(QAction::ActionEvent) [inlined] QAction::triggered(this=<unavailable>, _t1=false) + 302 at moc_qaction.cpp:371
    frame #11: 0x0000000106ef9a86 QtWidgets`QAction::activate(this=<unavailable>, event=<unavailable>) + 262 at qaction.cpp:1159
    frame #12: 0x0000000106ff4858 QtWidgets`QAbstractButtonPrivate::click(this=0x00007fe4806d0980) + 88 at qabstractbutton.cpp:393
    frame #13: 0x0000000106ff59ce QtWidgets`QAbstractButton::mouseReleaseEvent(this=<unavailable>, e=0x00007fff5a89b668) + 270 at qabstractbutton.cpp:1009
    frame #14: 0x00000001070cb26f QtWidgets`QToolButton::mouseReleaseEvent(this=<unavailable>, e=<unavailable>) + 15 at qtoolbutton.cpp:616
    frame #15: 0x0000000106f441c7 QtWidgets`QWidget::event(this=0x00007fe4806de990, event=0x00007fff5a89b668) + 1607 at qwidget.cpp:8782
    frame #16: 0x0000000106ff5723 QtWidgets`QAbstractButton::event(this=0x00007fe4806de990, e=<unavailable>) + 179 at qabstractbutton.cpp:966
    frame #17: 0x00000001070cb844 QtWidgets`QToolButton::event(this=0x00007fe4806de990, event=0x00007fff5a89b668) + 324 at qtoolbutton.cpp:982
    frame #18: 0x0000000106f02a6d QtWidgets`QApplicationPrivate::notify_helper(this=<unavailable>, receiver=0x00007fe4806de990, e=0x00007fff5a89b668) + 269 at qapplication.cpp:3745
    frame #19: 0x0000000106f06203 QtWidgets`QApplication::notify(this=<unavailable>, receiver=0x00007fe4806de990, e=0x00007fff5a89b668) + 9363 at qapplication.cpp:3219
    frame #20: 0x0000000108024717 QtCore`QCoreApplication::notifyInternal2(receiver=0x00007fe4806de990, event=0x00007fff5a89b668) + 167 at qcoreapplication.cpp:995
    frame #21: 0x0000000106f0344a QtWidgets`QApplicationPrivate::sendMouseEvent(QWidget*, QMouseEvent*, QWidget*, QWidget*, QWidget**, QPointer<QWidget>&, bool) [inlined] QCoreApplication::sendEvent(QObject*, QEvent*) + 17 at qcoreapplication.h:231
    frame #22: 0x0000000106f03439 QtWidgets`QApplicationPrivate::sendMouseEvent(receiver=0x00007fe4806de990, event=0x00007fff5a89b668, alienWidget=<unavailable>, nativeWidget=0x00007fe480679f20, buttonDown=<unavailable>, lastMouseReceiver=0x00000001073ae3b0, spontaneous=<unavailable>) + 1001 at qapplication.cpp:2715
    frame #23: 0x0000000106f64c7f QtWidgets`QWidgetWindow::handleMouseEvent(this=0x00007fe480490870, event=0x00007fff5a89bd28) + 1471 at qwidgetwindow.cpp:616
    frame #24: 0x0000000106f63bd9 QtWidgets`QWidgetWindow::event(this=0x00007fe480490870, event=0x00007fff5a89bd28) + 185 at qwidgetwindow.cpp:239
    frame #25: 0x0000000106f02a6d QtWidgets`QApplicationPrivate::notify_helper(this=<unavailable>, receiver=0x00007fe480490870, e=0x00007fff5a89bd28) + 269 at qapplication.cpp:3745
    frame #26: 0x0000000106f05de2 QtWidgets`QApplication::notify(this=<unavailable>, receiver=<unavailable>, e=<unavailable>) + 8306 at qapplication.cpp:3708
    frame #27: 0x0000000108024717 QtCore`QCoreApplication::notifyInternal2(receiver=0x00007fe480490870, event=0x00007fff5a89bd28) + 167 at qcoreapplication.cpp:995
    frame #28: 0x000000010772bce5 QtGui`QGuiApplicationPrivate::processMouseEvent(QWindowSystemInterfacePrivate::MouseEvent*) [inlined] QCoreApplication::sendSpontaneousEvent(receiver=0x00007fe480490870, event=0x0000000107a7c840) + 2581 at qcoreapplication.h:234
    frame #29: 0x000000010772bccf QtGui`QGuiApplicationPrivate::processMouseEvent(e=0x00007fe4804c0b20) + 2559 at qguiapplication.cpp:1931
    frame #30: 0x000000010772ab5c QtGui`QGuiApplicationPrivate::processWindowSystemEvent(e=0x00007fe4804c0b20) + 124 at qguiapplication.cpp:1715
    frame #31: 0x00000001077130bb QtGui`QWindowSystemInterface::sendWindowSystemEvents(flags=<unavailable>) + 171 at qwindowsysteminterface.cpp:710
    frame #32: 0x000000010d15edb1 libqaltcocoa.dylib`QCocoaEventDispatcherPrivate::processPostedEvents(this=<unavailable>) + 321 at qcocoaeventdispatcher.mm:899
    frame #33: 0x000000010d15f7c3 libqaltcocoa.dylib`QCocoaEventDispatcherPrivate::postedEventsSourceCallback(info=0x00007fe48061f630) + 179 at qcocoaeventdispatcher.mm:935
    frame #34: 0x00007fff962955b1 CoreFoundation`__CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ + 17
    frame #35: 0x00007fff96286c62 CoreFoundation`__CFRunLoopDoSources0 + 242
    frame #36: 0x00007fff962863ef CoreFoundation`__CFRunLoopRun + 831
    frame #37: 0x00007fff96285e75 CoreFoundation`CFRunLoopRunSpecific + 309
    frame #38: 0x00007fff8e7c6a0d HIToolbox`RunCurrentEventLoopInMode + 226
    frame #39: 0x00007fff8e7c6685 HIToolbox`ReceiveNextEventCommon + 173
    frame #40: 0x00007fff8e7c65bc HIToolbox`_BlockUntilNextEventMatchingListInModeWithFilter + 65
    frame #41: 0x00007fff8abee24e AppKit`_DPSNextEvent + 1434
    frame #42: 0x00007fff8abed89b AppKit`-[NSApplication nextEventMatchingMask:untilDate:inMode:dequeue:] + 122
    frame #43: 0x00007fff8abe199c AppKit`-[NSApplication run] + 553
    frame #44: 0x000000010d15e4a6 libqaltcocoa.dylib`QCocoaEventDispatcher::processEvents(this=0x00007fe48061db80, flags=<unavailable>) + 2918 at qcocoaeventdispatcher.mm:431
    frame #45: 0x000000010802090e QtCore`QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) [inlined] QEventLoop::processEvents(this=<unavailable>, flags=<unavailable>) + 398 at qeventloop.cpp:134
    frame #46: 0x00000001080208f4 QtCore`QEventLoop::exec(this=0x00007fff5a89d930, flags=<unavailable>) + 372 at qeventloop.cpp:212
    frame #47: 0x0000000108024dfa QtCore`QCoreApplication::exec() + 346 at qcoreapplication.cpp:1268
    frame #48: 0x0000000105411c81 kgpg`main(argc=1, argv=<unavailable>) + 4401 at main.cpp:83
    frame #49: 0x00007fff8c43d5fd libdyld.dylib`start + 1

  thread #2: tid = 0xd1dc87, 0x00007fff8b8d4662 libsystem_kernel.dylib`kevent64 + 10, queue = 'com.apple.libdispatch-manager'
    frame #0: 0x00007fff8b8d4662 libsystem_kernel.dylib`kevent64 + 10
    frame #1: 0x00007fff8fc23421 libdispatch.dylib`_dispatch_mgr_invoke + 239
    frame #2: 0x00007fff8fc23136 libdispatch.dylib`_dispatch_mgr_thread + 52

  thread #3: tid = 0xd1dcb4, 0x00007fff8b8d494a libsystem_kernel.dylib`poll + 10, name = 'QDBusConnectionManager'
    frame #0: 0x00007fff8b8d494a libsystem_kernel.dylib`poll + 10
    frame #1: 0x0000000108076cd0 QtCore`qt_safe_poll(pollfd*, unsigned int, timespec const*) [inlined] qt_ppoll(fds=0x00007fe4806bb7b8, nfds=3) + 528 at qcore_unix.cpp:83
    frame #2: 0x0000000108076cbb QtCore`qt_safe_poll(fds=0x00007fe4806bb7b8, nfds=3, timeout_ts=0x0000000000000000) + 507 at qcore_unix.cpp:102
    frame #3: 0x0000000108078359 QtCore`QEventDispatcherUNIX::processEvents(this=<unavailable>, flags=<unavailable>) + 857 at qeventdispatcher_unix.cpp:500
    frame #4: 0x000000010802090e QtCore`QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) [inlined] QEventLoop::processEvents(this=<unavailable>, flags=<unavailable>) + 398 at qeventloop.cpp:134
    frame #5: 0x00000001080208f4 QtCore`QEventLoop::exec(this=0x00000001103f6e30, flags=<unavailable>) + 372 at qeventloop.cpp:212
    frame #6: 0x0000000107e60e62 QtCore`QThread::exec(this=<unavailable>) + 114 at qthread.cpp:507
    frame #7: 0x0000000107d09783 QtDBus`QDBusConnectionManager::run(this=0x00007fe48055b470) + 19 at qdbusconnection.cpp:170
    frame #8: 0x0000000107e64867 QtCore`QThreadPrivate::start(arg=0x00007fe48055b470) + 359 at qthread_unix.cpp:368
    frame #9: 0x00007fff899d8899 libsystem_pthread.dylib`_pthread_body + 138
    frame #10: 0x00007fff899d872a libsystem_pthread.dylib`_pthread_start + 137
    frame #11: 0x00007fff899dcfc9 libsystem_pthread.dylib`thread_start + 13

  thread #4: tid = 0xd1dcdc, 0x00007fff8b8d39aa libsystem_kernel.dylib`__select + 10, name = 'com.apple.CFSocket.private'
    frame #0: 0x00007fff8b8d39aa libsystem_kernel.dylib`__select + 10
    frame #1: 0x00007fff962d2a03 CoreFoundation`__CFSocketManager + 867
    frame #2: 0x00007fff899d8899 libsystem_pthread.dylib`_pthread_body + 138
    frame #3: 0x00007fff899d872a libsystem_pthread.dylib`_pthread_start + 137
    frame #4: 0x00007fff899dcfc9 libsystem_pthread.dylib`thread_start + 13

  thread #5: tid = 0xd1dcf1, 0x00007fff8b8d494a libsystem_kernel.dylib`poll + 10, name = 'Qt bearer thread'
    frame #0: 0x00007fff8b8d494a libsystem_kernel.dylib`poll + 10
    frame #1: 0x0000000108076cd0 QtCore`qt_safe_poll(pollfd*, unsigned int, timespec const*) [inlined] qt_ppoll(fds=0x00007fe4804c9648, nfds=1) + 528 at qcore_unix.cpp:83
    frame #2: 0x0000000108076cbb QtCore`qt_safe_poll(fds=0x00007fe4804c9648, nfds=1, timeout_ts=0x0000000000000000) + 507 at qcore_unix.cpp:102
    frame #3: 0x0000000108078359 QtCore`QEventDispatcherUNIX::processEvents(this=<unavailable>, flags=<unavailable>) + 857 at qeventdispatcher_unix.cpp:500
    frame #4: 0x000000010802090e QtCore`QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) [inlined] QEventLoop::processEvents(this=<unavailable>, flags=<unavailable>) + 398 at qeventloop.cpp:134
    frame #5: 0x00000001080208f4 QtCore`QEventLoop::exec(this=0x000000011121de60, flags=<unavailable>) + 372 at qeventloop.cpp:212
    frame #6: 0x0000000107e60e62 QtCore`QThread::exec(this=<unavailable>) + 114 at qthread.cpp:507
    frame #7: 0x0000000107e64867 QtCore`QThreadPrivate::start(arg=0x00007fe4806530c0) + 359 at qthread_unix.cpp:368
    frame #8: 0x00007fff899d8899 libsystem_pthread.dylib`_pthread_body + 138
    frame #9: 0x00007fff899d872a libsystem_pthread.dylib`_pthread_start + 137
    frame #10: 0x00007fff899dcfc9 libsystem_pthread.dylib`thread_start + 13

  thread #6: tid = 0xd1dd75, 0x00007fff8b8cfa1a libsystem_kernel.dylib`mach_msg_trap + 10
    frame #0: 0x00007fff8b8cfa1a libsystem_kernel.dylib`mach_msg_trap + 10
    frame #1: 0x00007fff8b8ced18 libsystem_kernel.dylib`mach_msg + 64
    frame #2: 0x00007fff96286f15 CoreFoundation`__CFRunLoopServiceMachPort + 181
    frame #3: 0x00007fff96286539 CoreFoundation`__CFRunLoopRun + 1161
    frame #4: 0x00007fff96285e75 CoreFoundation`CFRunLoopRunSpecific + 309
    frame #5: 0x00007fff8ad8e05e AppKit`_NSEventThread + 144
    frame #6: 0x00007fff899d8899 libsystem_pthread.dylib`_pthread_body + 138
    frame #7: 0x00007fff899d872a libsystem_pthread.dylib`_pthread_start + 137
    frame #8: 0x00007fff899dcfc9 libsystem_pthread.dylib`thread_start + 13

  thread #7: tid = 0xd20245, 0x00007fff8b8d3e6a libsystem_kernel.dylib`__workq_kernreturn + 10
    frame #0: 0x00007fff8b8d3e6a libsystem_kernel.dylib`__workq_kernreturn + 10
    frame #1: 0x00007fff899d9f08 libsystem_pthread.dylib`_pthread_wqthread + 330
    frame #2: 0x00007fff899dcfb9 libsystem_pthread.dylib`start_wqthread + 13

  thread #8: tid = 0xd2047e, 0x00007fff8b8d3e6a libsystem_kernel.dylib`__workq_kernreturn + 10
    frame #0: 0x00007fff8b8d3e6a libsystem_kernel.dylib`__workq_kernreturn + 10
    frame #1: 0x00007fff899d9f08 libsystem_pthread.dylib`_pthread_wqthread + 330
    frame #2: 0x00007fff899dcfb9 libsystem_pthread.dylib`start_wqthread + 13
(lldb) detach
Process 40238 detached

Possible duplicates by query: bug 387393, bug 387316, bug 387132, bug 387035, bug 386980.

Reported using DrKonqi

Comment 1 RJVB 2017-11-28 16:00:11 UTC

Created attachment 109097 [details]
after requesting the key properties of the selected item

Comment 2 Rolf Eike Beer 2017-12-01 20:27:42 UTC

Can you share the key? If you don't want to put it somewhere in public you can send it encrypted to me.

Comment 3 RJVB 2017-12-01 20:56:31 UTC

I would if I knew what key this was. When I open the group edit dialog window the "keys in the group" list contains a large number which looks like it could well be my entire key collection (my own and imported keys).

I tried moving out a single key from one of those weird groups, and that emptied the entire "keys in the group" list. After that the bogus entry was gone from the group representation in the manager window too.

Comment 4 RJVB 2017-12-01 20:59:57 UTC

Belay that: the bogus entry was gone but comes back as soon as I restart kgpg.

I don't see the groups in other gnupg utilities, are they a kgpg feature? Where are their definitions stored?

Comment 5 Rolf Eike Beer 2017-12-01 21:03:02 UTC

They are stored in the GnuPG configuration file.

Comment 6 RJVB 2017-12-01 21:37:10 UTC

Indeed, somehow I missed that.

So it looks like these bogus entries happen for me in all empty groups. I can recreate the issue as follows:

- in kgpg, create a group (foo1) from one or more keys 
- quit kgpg, open gpg.conf in a text editor, create a new group by copying the line with the new group and changing the groupname to foo2
- (launch kgpg to verify foo2 exists with the expected content)
- in the text editor, remove all keys from foo2 leaving a line with just "foo2 ="
- launch kgpg; I now see a bogus entry in foo2

Comment 7 RJVB 2017-12-02 19:00:45 UTC

Created attachment 109179 [details]
New crash information added by DrKonqi

kgpg (17.08.3) using Qt 5.8.0

The issue can be reproduced on Linux following the instructions provided in my previous comments.

Note that this will also happen with groups that are emptied via the key manager. They will appear empty immediately after doing that, but will contain the bogus key after restarting the application.

-- Backtrace (Reduced):
#6  0x00000000004eaaec in KGpgChangeKey::KGpgChangeKey (this=0x2bd4880, node=0x0, widget=0x2bd98d0) at /opt/local/var/lnxports/build/_opt_local_site-ports_kf5_kf5-kgpg/kf5-kgpg/work/kgpg-17.08.3/kgpgchangekey.cpp:25
#7  0x00000000004da428 in KgpgKeyInfo::KgpgKeyInfo (this=0x2bd98d0, node=0x0, model=0x26614e0, parent=<optimized out>) at /opt/local/var/lnxports/build/_opt_local_site-ports_kf5_kf5-kgpg/kf5-kgpg/work/kgpg-17.08.3/keyinfodialog.cpp:101
#8  0x00000000004972ff in KeysManager::keyproperties (this=0x2635a00) at /opt/local/var/lnxports/build/_opt_local_site-ports_kf5_kf5-kgpg/kf5-kgpg/work/kgpg-17.08.3/keysmanager.cpp:1683
#9  0x00007f791936332e in call (a=0x7ffcff2739e0, r=0x2635a00, this=<optimized out>) at /opt/local/var/lnxports/build/_opt_local_site-ports_aqua_qt5-kde-devel/qt5-kde-devel/work/qt-everywhere-opensource-src-5.8.0/qtbase/include/QtCore/../../src/corelib/kernel/qobject_impl.h:101
[...]
#12 0x00007f791a59d902 in QAction::triggered (this=this@entry=0x28d0020, _t1=<optimized out>) at .moc/moc_qaction.cpp:371

Comment 8 Rolf Eike Beer 2018-02-09 18:02:06 UTC

Git commit 432f03e8f3eae5d7d0e3c70c5324006a2f2a381a by Rolf Eike Beer.
Committed on 09/02/2018 at 18:01.
Pushed by dakon into branch 'Applications/17.12'.

ignore empty entries in key groups
FIXED-IN:17.12.3

M  +1    -1    core/KGpgRootNode.cpp

https://commits.kde.org/kgpg/432f03e8f3eae5d7d0e3c70c5324006a2f2a381a