Bug 402848 - Discover 5.14.4 crashed when clicking on Checking for updates and about 50 notifications appeared
Summary: Discover 5.14.4 crashed when clicking on Checking for updates and about 50 no...
Status: RESOLVED FIXED
Alias: None
Product: Discover
Classification: Applications
Component: Flatpak Backend (show other bugs)
Version: 5.14.4
Platform: Kubuntu Linux
: NOR crash
Target Milestone: ---
Assignee: Aleix Pol
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2019-01-04 09:49 UTC by Matt Fagnani
Modified: 2022-06-02 14:58 UTC (History)
6 users (show)

See Also:
Latest Commit:
Version Fixed In: 5.25

Attachments
discover output in konsole (5.69 KB, text/plain)
2019-01-04 09:49 UTC, Matt Fagnani 		Details
full trace of all threads for discover crash (77.96 KB, text/plain)
2019-01-04 09:51 UTC, Matt Fagnani 		Details
valgrind output when run on discover (27.32 KB, text/plain)
2019-01-04 11:18 UTC, Matt Fagnani 		Details
error messages in konsole when valgrind was run on discover (7.58 KB, text/plain)
2019-01-04 11:20 UTC, Matt Fagnani 		Details
This is how I know its time to open the console and run 'sudo flatpak update' (13.54 KB, image/png)
2022-06-01 16:44 UTC, Madalee 		Details
View All Add an attachment

Note You need to log in before you can comment on or make changes to this bug.
Description Matt Fagnani 2019-01-04 09:49:23 UTC 
Created attachment 117276 [details]
discover output in konsole

SUMMARY

I ran plasma-discover & in konsole to get the error messages as discover 5.14.4 had crashed twice in the same way when I clicked on the Checking for updates button in the lower left. discover crashed and drkonqi appeared. I'll attach the error message output.

About 50 notifications of Searching for file... appeared in the plasma notifications widget. Each file found by those searches appeared to be a package name. Some example names started with plasma-, qt5-, fedora-. Other notifications included two Resolving... and one Refreshing package cache... which showed package names starting with NetworkManager-

The following is the trace of just the crashing thread because the comment length limit is exceeded with the full trace of all threads.
-- Backtrace:
Application: Discover (plasma-discover), signal: Segmentation fault
Using host libthread_db library "/lib/libthread_db.so.1".
[Current thread is 1 (Thread 0xb205b840 (LWP 4315))]
...
Thread 13 (Thread 0x9e13eb40 (LWP 4367)):
[KCrash Handler]
#8  0xb5bfd23b in QHttpNetworkConnectionChannel::sendRequest() (this=0xb0fc9094) at access/qhttpnetworkconnectionchannel.cpp:251
#9  0xb5bfba5b in QHttpNetworkConnectionPrivate::_q_startNextRequest() (this=0x9ec296d0) at access/qhttpnetworkconnection.cpp:1044
#10 0xb5823fc6 in QMetaCallEvent::placeMetaCall(QObject*) (object=0x9bf5d3e0, this=0xb0f3b350) at kernel/qobject.cpp:506
#11 0xb5823fc6 in QMetaCallEvent::placeMetaCall(QObject*) (this=0xb0f3b350, object=0x9bf5d3e0) at kernel/qobject.cpp:501
#12 0xb58274b3 in QObject::event(QEvent*) (this=0x9bf5d3e0, e=0xb0f3b350) at kernel/qobject.cpp:1251
#13 0xb689ad8a in QApplicationPrivate::notify_helper(QObject*, QEvent*) (this=0x1878310, receiver=0x9bf5d3e0, e=0xb0f3b350) at kernel/qapplication.cpp:3726
#14 0xb68a2e39 in QApplication::notify(QObject*, QEvent*) (this=0xbf8a3634, receiver=0x9bf5d3e0, e=0xb0f3b350) at kernel/qapplication.cpp:3485
#15 0xb57fbbb6 in QCoreApplication::notifyInternal2(QObject*, QEvent*) (receiver=0x9bf5d3e0, event=0xb0f3b350) at kernel/qcoreapplication.cpp:1047
#16 0xb57ff068 in QCoreApplication::sendEvent(QObject*, QEvent*) (event=0xb0f3b350, receiver=<optimized out>) at kernel/qcoreapplication.h:234
#17 0xb57ff068 in QCoreApplicationPrivate::sendPostedEvents(QObject*, int, QThreadData*) (receiver=<optimized out>, event_type=<optimized out>, data=0x1ebdfd0) at kernel/qcoreapplication.cpp:1744
#18 0xb57ff47b in QCoreApplication::sendPostedEvents(QObject*, int) (receiver=0x0, event_type=0) at kernel/qcoreapplication.cpp:1598
#19 0xb5853167 in postEventSourceDispatch(GSource*, GSourceFunc, gpointer) (s=0x9c561ea0) at kernel/qeventdispatcher_glib.cpp:276
#20 0xb26e53f5 in g_main_dispatch (context=0xb0f79580) at gmain.c:3182
#21 0xb26e53f5 in g_main_context_dispatch (context=0xb0f79580) at gmain.c:3847
#22 0xb26e57d9 in g_main_context_iterate (context=context@entry=0xb0f79580, block=block@entry=1, dispatch=dispatch@entry=1, self=<optimized out>) at gmain.c:3920
#23 0xb26e588b in g_main_context_iteration (context=0xb0f79580, may_block=1) at gmain.c:3981
#24 0xb5852e2d in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) (this=0xa1fa5250, flags=...) at kernel/qeventdispatcher_glib.cpp:422
#25 0xb57fa8bf in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) (this=<optimized out>, flags=...) at ../../include/QtCore/../../src/corelib/global/qflags.h:140
#26 0xb5663cb1 in QThread::exec() (this=0x381fb20) at ../../include/QtCore/../../src/corelib/global/qflags.h:120
#27 0xb5663d9c in QThread::run() (this=0x381fb20) at thread/qthread.cpp:592
#28 0xb566e7e9 in QThreadPrivate::start(void*) (arg=<optimized out>) at thread/qthread_unix.cpp:367
#29 0xb4e645de in start_thread (arg=<optimized out>) at pthread_create.c:486
#30 0xb527a97a in clone () at ../sysdeps/unix/sysv/linux/i386/clone.S:108

I'll attach the full trace of all threads.

STEPS TO REPRODUCE
1. plasma-discover & (in konsole)
2. click checking for updates
3. 

OBSERVED RESULT
discover crashed when checking for updates

EXPECTED RESULT
discover checks for updates without crashing

SOFTWARE/OS VERSIONS

Linux/KDE Plasma: Fedora 29
(available in About System)
KDE Plasma Version: 5.14.4
KDE Frameworks Version: 5.53.0
Qt Version: 5.11.3

ADDITIONAL INFORMATION

The crashes were segmentation faults apparently in QHttpNetworkConnectionChannel::sendRequest() at access/qhttpnetworkconnectionchannel.cpp:251

bug 401825 also involves a crash at that line with a similar trace though the way in which that crash occurred was different.
Comment 1 Matt Fagnani 2019-01-04 09:51:22 UTC 
Created attachment 117277 [details]
full trace of all threads for discover crash
Comment 2 Matt Fagnani 2019-01-04 11:17:19 UTC 
I ran valgrind --leak-check=no --log-file=valgrind-discover-5.14.5-1.txt plasma-discover & The valgrind output following the crash showed an invalid read of size 4 in QHttpNetworkConnectionChannel::sendRequest() at qhttpnetworkconnectionchannel.cpp:251 like in the trace of the crashing thread.
The line "Address 0x0 is not stack'd, malloc'd or (recently) free'd" likely means a null pointer is involved and might be dereferenced leading to the segmentation fault.

==5133== Thread 9 QNetworkAccessMa:
==5133== Invalid read of size 4
==5133==    at 0x6AA623B: QHttpNetworkConnectionChannel::sendRequest() (qhttpnetworkconnectionchannel.cpp:251)
==5133==    by 0x6AA4A5A: QHttpNetworkConnectionPrivate::_q_startNextRequest() (qhttpnetworkconnection.cpp:1044)
==5133==    by 0x6F18FC5: placeMetaCall (qobject.cpp:506)
==5133==    by 0x6F18FC5: QMetaCallEvent::placeMetaCall(QObject*) (qobject.cpp:501)
==5133==    by 0x6F1C4B2: QObject::event(QEvent*) (qobject.cpp:1251)
==5133==    by 0x59ADD89: QApplicationPrivate::notify_helper(QObject*, QEvent*) (qapplication.cpp:3726)
==5133==    by 0x59B5E38: QApplication::notify(QObject*, QEvent*) (qapplication.cpp:3485)
==5133==    by 0x6EF0BB5: QCoreApplication::notifyInternal2(QObject*, QEvent*) (qcoreapplication.cpp:1047)
==5133==    by 0x6EF4067: sendEvent (qcoreapplication.h:234)
==5133==    by 0x6EF4067: QCoreApplicationPrivate::sendPostedEvents(QObject*, int, QThreadData*) (qcoreapplication.cpp:1744)
==5133==    by 0x6EF447A: QCoreApplication::sendPostedEvents(QObject*, int) (qcoreapplication.cpp:1598)
==5133==    by 0x6F48166: postEventSourceDispatch(_GSource*, int (*)(void*), void*) (qeventdispatcher_glib.cpp:276)
==5133==    by 0x9FED3F4: g_main_dispatch (gmain.c:3182)
==5133==    by 0x9FED3F4: g_main_context_dispatch (gmain.c:3847)
==5133==    by 0x9FED7D8: g_main_context_iterate.isra.20 (gmain.c:3920)
==5133==  Address 0x0 is not stack'd, malloc'd or (recently) free'd


Two invalid reads of size 2 in socketNotifierSourceCheck at qeventdispatcher_glib.cpp:88 and socketNotifierSourceCheck at qeventdispatcher_glib.cpp:79 appear to be use-after-free errors since they have lines like "Address 0xcbdff66 is 6 bytes inside a block of size 12 free'd"
Invalid data from those errors might lead to the crash.

==5133== Thread 3 QDBusConnectionM:
==5133== Invalid read of size 2
==5133==    at 0x6F47CCC: socketNotifierSourceCheck(_GSource*) (qeventdispatcher_glib.cpp:88)
==5133==    by 0x9FED0F1: g_main_context_check (gmain.c:3753)
==5133==    by 0x9FED6E4: g_main_context_iterate.isra.20 (gmain.c:3917)
==5133==    by 0x9FED88A: g_main_context_iteration (gmain.c:3981)
==5133==    by 0x6F47E2C: QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) (qeventdispatcher_glib.cpp:422)
==5133==    by 0x6EEF8BE: QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) (qeventloop.cpp:214)
==5133==    by 0x6D58CB0: QThread::exec() (qthread.cpp:525)
==5133==    by 0x580C0CF: QDBusConnectionManager::run() (qdbusconnection.cpp:178)
==5133==    by 0x6D637E8: QThreadPrivate::start(void*) (qthread_unix.cpp:367)
==5133==    by 0x78FD5DD: start_thread (pthread_create.c:486)
==5133==    by 0x7527979: clone (clone.S:108)
==5133==  Address 0xcbdff66 is 6 bytes inside a block of size 12 free'd
==5133==    at 0x4836D85: operator delete(void*, unsigned int) (vg_replace_malloc.c:591)
==5133==    by 0x6F485DF: QEventDispatcherGlib::unregisterSocketNotifier(QSocketNotifier*) (qeventdispatcher_glib.cpp:503)
==5133==    by 0x6F27AF1: QSocketNotifier::setEnabled(bool) (qsocketnotifier.cpp:246)
==5133==    by 0x6F47CC4: socketNotifierSourceCheck(_GSource*) (qeventdispatcher_glib.cpp:88)
==5133==    by 0x9FED0F1: g_main_context_check (gmain.c:3753)
==5133==    by 0x9FED6E4: g_main_context_iterate.isra.20 (gmain.c:3917)
==5133==    by 0x9FED88A: g_main_context_iteration (gmain.c:3981)
==5133==    by 0x6F47E2C: QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) (qeventdispatcher_glib.cpp:422)
==5133==    by 0x6EEF8BE: QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) (qeventloop.cpp:214)
==5133==    by 0x6D58CB0: QThread::exec() (qthread.cpp:525)
==5133==    by 0x580C0CF: QDBusConnectionManager::run() (qdbusconnection.cpp:178)
==5133==    by 0x6D637E8: QThreadPrivate::start(void*) (qthread_unix.cpp:367)
==5133==  Block was alloc'd at
==5133==    at 0x4835C89: operator new(unsigned int) (vg_replace_malloc.c:338)
==5133==    by 0x6F484AC: QEventDispatcherGlib::registerSocketNotifier(QSocketNotifier*) (qeventdispatcher_glib.cpp:459)
==5133==    by 0x6F279E5: QSocketNotifier::QSocketNotifier(int, QSocketNotifier::Type, QObject*) (qsocketnotifier.cpp:155)
==5133==    by 0x58174F8: qDBusAddWatch (qdbusintegrator.cpp:213)
==5133==    by 0x7B41688: _dbus_watch_list_set_functions (in /usr/lib/libdbus-1.so.3.19.8)
==5133==    by 0x7B25219: dbus_connection_set_watch_functions (in /usr/lib/libdbus-1.so.3.19.8)
==5133==    by 0x581A00A: q_dbus_connection_set_watch_functions (qdbus_symbols_p.h:229)
==5133==    by 0x581A00A: QDBusConnectionPrivate::setConnection(DBusConnection*, QDBusErrorInternal const&) (qdbusintegrator.cpp:1794)
==5133==    by 0x580E6F7: QDBusConnectionManager::executeConnectionRequest(QDBusConnectionManager::ConnectionRequestData*) (qdbusconnection.cpp:289)
==5133==    by 0x6F18F63: call (qobjectdefs_impl.h:376)
==5133==    by 0x6F18F63: QMetaCallEvent::placeMetaCall(QObject*) (qobject.cpp:504)
==5133==    by 0x6F1C4B2: QObject::event(QEvent*) (qobject.cpp:1251)
==5133==    by 0x6D58DDA: QThread::event(QEvent*) (qthread.cpp:832)
==5133==    by 0x6EF0B11: doNotify(QObject*, QEvent*) (qcoreapplication.cpp:1137)
==5133== 
==5133== Invalid read of size 2
==5133==    at 0x6F47C30: socketNotifierSourceCheck(_GSource*) (qeventdispatcher_glib.cpp:79)
==5133==    by 0x9FED0F1: g_main_context_check (gmain.c:3753)
==5133==    by 0x9FED6E4: g_main_context_iterate.isra.20 (gmain.c:3917)
==5133==    by 0x9FED88A: g_main_context_iteration (gmain.c:3981)
==5133==    by 0x6F47E2C: QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) (qeventdispatcher_glib.cpp:422)
==5133==    by 0x6EEF8BE: QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) (qeventloop.cpp:214)
==5133==    by 0x6D58CB0: QThread::exec() (qthread.cpp:525)
==5133==    by 0x580C0CF: QDBusConnectionManager::run() (qdbusconnection.cpp:178)
==5133==    by 0x6D637E8: QThreadPrivate::start(void*) (qthread_unix.cpp:367)
==5133==    by 0x78FD5DD: start_thread (pthread_create.c:486)
==5133==    by 0x7527979: clone (clone.S:108)
==5133==  Address 0xcbdff64 is 4 bytes inside a block of size 12 free'd
==5133==    at 0x4836D85: operator delete(void*, unsigned int) (vg_replace_malloc.c:591)
==5133==    by 0x6F485DF: QEventDispatcherGlib::unregisterSocketNotifier(QSocketNotifier*) (qeventdispatcher_glib.cpp:503)
==5133==    by 0x6F27AF1: QSocketNotifier::setEnabled(bool) (qsocketnotifier.cpp:246)
==5133==    by 0x6F47CC4: socketNotifierSourceCheck(_GSource*) (qeventdispatcher_glib.cpp:88)
==5133==    by 0x9FED0F1: g_main_context_check (gmain.c:3753)
==5133==    by 0x9FED6E4: g_main_context_iterate.isra.20 (gmain.c:3917)
==5133==    by 0x9FED88A: g_main_context_iteration (gmain.c:3981)
==5133==    by 0x6F47E2C: QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) (qeventdispatcher_glib.cpp:422)
==5133==    by 0x6EEF8BE: QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) (qeventloop.cpp:214)
==5133==    by 0x6D58CB0: QThread::exec() (qthread.cpp:525)
==5133==    by 0x580C0CF: QDBusConnectionManager::run() (qdbusconnection.cpp:178)
==5133==    by 0x6D637E8: QThreadPrivate::start(void*) (qthread_unix.cpp:367)
==5133==  Block was alloc'd at
==5133==    at 0x4835C89: operator new(unsigned int) (vg_replace_malloc.c:338)
==5133==    by 0x6F484AC: QEventDispatcherGlib::registerSocketNotifier(QSocketNotifier*) (qeventdispatcher_glib.cpp:459)
==5133==    by 0x6F279E5: QSocketNotifier::QSocketNotifier(int, QSocketNotifier::Type, QObject*) (qsocketnotifier.cpp:155)
==5133==    by 0x58174F8: qDBusAddWatch (qdbusintegrator.cpp:213)
==5133==    by 0x7B41688: _dbus_watch_list_set_functions (in /usr/lib/libdbus-1.so.3.19.8)
==5133==    by 0x7B25219: dbus_connection_set_watch_functions (in /usr/lib/libdbus-1.so.3.19.8)
==5133==    by 0x581A00A: q_dbus_connection_set_watch_functions (qdbus_symbols_p.h:229)
==5133==    by 0x581A00A: QDBusConnectionPrivate::setConnection(DBusConnection*, QDBusErrorInternal const&) (qdbusintegrator.cpp:1794)
==5133==    by 0x580E6F7: QDBusConnectionManager::executeConnectionRequest(QDBusConnectionManager::ConnectionRequestData*) (qdbusconnection.cpp:289)
==5133==    by 0x6F18F63: call (qobjectdefs_impl.h:376)
==5133==    by 0x6F18F63: QMetaCallEvent::placeMetaCall(QObject*) (qobject.cpp:504)
==5133==    by 0x6F1C4B2: QObject::event(QEvent*) (qobject.cpp:1251)
==5133==    by 0x6D58DDA: QThread::event(QEvent*) (qthread.cpp:832)
==5133==    by 0x6EF0B11: doNotify(QObject*, QEvent*) (qcoreapplication.cpp:1137)

The packagekit daemon crashed right before discover crashed as shown in the following output.

Transaction error:  PackageKit::Transaction::Error(ErrorProcessKill) "The PackageKit daemon has crashed" PackageKit::Transaction(0xc30c550)
Transaction error:  "The PackageKit daemon has crashed" PackageKit::Transaction(0x1e2268a8)
failed PackageKit::Transaction::Exit(ExitKilled) PackageKit::Transaction(0x1e2268a8)
Transaction error:  "The PackageKit daemon has crashed" PackageKit::Transaction(0xc1aa0b8)
failed PackageKit::Transaction::Exit(ExitKilled) PackageKit::Transaction(0xc1aa0b8)
PackageKit stopped running!
Transaction error:  PackageKit::Transaction::Error(ErrorInternalError) "No such interface “org.freedesktop.PackageKit.Transaction” on object at path /29621_bbdbecad" PackageKit::Transaction(0xc30c550)
Transaction error:  "No such interface “org.freedesktop.PackageKit.Transaction” on object at path /29674_edacebda" PackageKit::Transaction(0x1e2268a8)
failed PackageKit::Transaction::Exit(ExitFailed) PackageKit::Transaction(0x1e2268a8)
Transaction error:  "No such interface “org.freedesktop.PackageKit.Transaction” on object at path /29675_eeeedbaa" PackageKit::Transaction(0xc1aa0b8)
failed PackageKit::Transaction::Exit(ExitFailed) PackageKit::Transaction(0xc1aa0b8)
KCrash: Application 'plasma-discover' crashing...
KCrash: Attempting to start /usr/libexec/drkonqi from kdeinit

The packagekitd crash was not shown in the error messages of the previous crash I reported. I'll attach the output files.
Comment 3 Matt Fagnani 2019-01-04 11:18:40 UTC 
Created attachment 117279 [details]
valgrind output when run on discover
Comment 4 Matt Fagnani 2019-01-04 11:20:00 UTC 
Created attachment 117280 [details]
error messages in konsole when valgrind was run on discover
Comment 5 Matt Fagnani 2019-01-06 04:06:00 UTC 
I ran gdb plasma-discover. The segmentation fault was shown as

Thread 79 "QNetworkAccessM" received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0x9c9ffb40 (LWP 2647)]
0xb5c9c23b in QHttpNetworkConnectionChannel::sendRequest (this=0x9ce0b114)
    at access/qhttpnetworkconnectionchannel.cpp:251
251         return protocolHandler->sendRequest();

protocolHandler and its component object had null pointers as follows.

(gdb) p protocolHandler
$1 = {d = 0x0}
(gdb) p protocolHandler.d
$2 = (QAbstractProtocolHandler *) 0x0

protocolHandler->sendRequest() seemed to be a null pointer dereference resulting in the segmentation fault at qhttpnetworkconnectionchannel.cpp:251

I saw two other segmentation faults in gdb which occurred after the one above involving gpgme, flatpak, and ostree on two different runs.

Thread 13 "Thread (pooled)" received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0xa2969b40 (LWP 3076)]
0xa336255f in _gpgme_debug_buffer () from /lib/libgpgme.so.11
(gdb) bt
#0  0xa336255f in _gpgme_debug_buffer () at /lib/libgpgme.so.11
#1  0xa335f7dc in _gpgme_io_read () at /lib/libgpgme.so.11
#2  0xa336586e in _gpgme_get_program_version () at /lib/libgpgme.so.11
#3  0xa3350184 in gpg_get_version () at /lib/libgpgme.so.11
#4  0xa334df9d in _gpgme_set_engine_info () at /lib/libgpgme.so.11
#5  0xa3364b4e in gpgme_ctx_set_engine_info () at /lib/libgpgme.so.11
#6  0xa3215493 in  () at /lib/libostree-1.so.1
#7  0xa3201f53 in  () at /lib/libostree-1.so.1
#8  0xa31a5c46 in  () at /lib/libostree-1.so.1
#9  0xa31ae378 in  () at /lib/libostree-1.so.1
#10 0xa31aec3a in ostree_repo_verify_summary () at /lib/libostree-1.so.1
#11 0xa31d09c1 in ostree_repo_remote_fetch_summary_with_options ()
    at /lib/libostree-1.so.1
#12 0xa31a88f2 in ostree_repo_remote_fetch_summary () at /lib/libostree-1.so.1
#13 0xa33f5ae1 in  () at /lib/libflatpak.so.0
#14 0xa33f62e4 in  () at /lib/libflatpak.so.0
#15 0xa343b4ea in flatpak_installation_list_remote_refs_sync ()
    at /lib/libflatpak.so.0
#16 0xa343b7ae in flatpak_installation_list_installed_refs_for_update ()
    at /lib/libflatpak.so.0
#17 0xa34ac059 in  () at /usr/lib/qt5/plugins/discover/flatpak-backend.so
#18 0xb5704af0 in QThreadPoolThread::run() (this=<optimized out>)
    at thread/qthreadpool.cpp:101
#19 0xb570d7e9 in QThreadPrivate::start(void*) (arg=<optimized out>)
    at thread/qthread_unix.cpp:367
#20 0xb4f035de in start_thread (arg=<optimized out>) at pthread_create.c:486
#21 0xb531997a in clone () at ../sysdeps/unix/sysv/linux/i386/clone.S:108
(gdb) bt
#0  0xa336255f in _gpgme_debug_buffer () at /lib/libgpgme.so.11
#1  0xa335f7dc in _gpgme_io_read () at /lib/libgpgme.so.11
#2  0xa336586e in _gpgme_get_program_version () at /lib/libgpgme.so.11
#3  0xa3350184 in gpg_get_version () at /lib/libgpgme.so.11
#4  0xa334df9d in _gpgme_set_engine_info () at /lib/libgpgme.so.11
#5  0xa3364b4e in gpgme_ctx_set_engine_info () at /lib/libgpgme.so.11
#6  0xa3215493 in  () at /lib/libostree-1.so.1
#7  0xa3201f53 in  () at /lib/libostree-1.so.1
#8  0xa31a5c46 in  () at /lib/libostree-1.so.1
#9  0xa31ae378 in  () at /lib/libostree-1.so.1
#10 0xa31aec3a in ostree_repo_verify_summary () at /lib/libostree-1.so.1
#11 0xa31d09c1 in ostree_repo_remote_fetch_summary_with_options ()
    at /lib/libostree-1.so.1
#12 0xa31a88f2 in ostree_repo_remote_fetch_summary () at /lib/libostree-1.so.1
#13 0xa33f5ae1 in  () at /lib/libflatpak.so.0
#14 0xa33f62e4 in  () at /lib/libflatpak.so.0
#15 0xa343b4ea in flatpak_installation_list_remote_refs_sync ()
    at /lib/libflatpak.so.0
#16 0xa343b7ae in flatpak_installation_list_installed_refs_for_update ()
    at /lib/libflatpak.so.0
#17 0xa34ac059 in  () at /usr/lib/qt5/plugins/discover/flatpak-backend.so
#18 0xb5704af0 in QThreadPoolThread::run() (this=<optimized out>)
    at thread/qthreadpool.cpp:101
#19 0xb570d7e9 in QThreadPrivate::start(void*) (arg=<optimized out>)
    at thread/qthread_unix.cpp:367
#20 0xb4f035de in start_thread (arg=<optimized out>) at pthread_create.c:486
--Type <RET> for more, q to quit, c to continue without paging--
#21 0xb531997a in clone () at ../sysdeps/unix/sysv/linux/i386/clone.S:108

Thread 13 "Thread (pooled)" received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0xa296ab40 (LWP 5956)]
0xa335e55f in _gpgme_debug_buffer (lvl=7, fmt=0xa3365b11 "%s: check: %s", 
    func=0xa3367b97 "_gpgme_io_read", buffer=0xa2969afc "", len=4294967295)
    at debug.c:393
393                   val = buffer[idx++];


I noticed discover output various errors for firefox, kde, gnome flatpak remotes I had added months ago using the flatpak cli. I removed the firefox, kde, gnome flatpak remotes in groups one at a time using flatpak remote-delete, but the same segmentation faults occurred though the error messages of the removed remotes no longer were shown. I removed the flathub remote which was the last remote I had added using the cli. After removing the flathub remote, the segmentation faults and crashes haven't occurred when I clicked on Checking for updates which showed that no updates were available. The segmentation faults seemed to be when checking for flatpak remote information.  Something might have changed with the flatpak remotes or backend that triggered the crashes with the configuration I had. I added the flathub remote again in the settings part of discover, and discover didn't crash though the checking for updates didn't seem to finish.
Comment 6 Thomas Pfeiffer 2021-11-25 23:01:24 UTC 
I'm having a similar crash, every time I start Discover if there are any updates available.

Plasma 5.23.3
KDE Frameworks: 5.88.0
Qt: 5.15.3
Kernel: 5.11.0

I could not produce a useful backtrace because the automatic debug package installer could not find a debug package for the flatpak-backend.so (with the below output)

[] RESOLVED "plasma-discover-backend-flatpak;5.23.3.1-0xneon+20.04+focal+release+build47;amd64;installed:user_focal-focal-main" "plasma-discover-dbgsym;5.23.3.1-0xneon+20.04+focal+release+build47;amd64;installed:user_focal-focal-main" 1
[] FileResolver(0x55d8fe712f40) ++ packages for "plasma-discover-backend-flatpak;5.23.3.1-0xneon+20.04+focal+release+build47;amd64;installed:user_focal-focal-main" "plasma-discover-dbgsym;5.23.3.1-0xneon+20.04+focal+release+build47;amd64;installed:user_focal-focal-main"
[] RESOLVED "plasma-discover;5.23.3.1-0xneon+20.04+focal+release+build47;amd64;installed:user_focal-focal-main" "plasma-discover-dbgsym;5.23.3.1-0xneon+20.04+focal+release+build47;amd64;installed:user_focal-focal-main" 2
[] FileResolver(0x55d8fe6adec0) ++ packages for "plasma-discover;5.23.3.1-0xneon+20.04+focal+release+build47;amd64;installed:user_focal-focal-main" "plasma-discover-dbgsym;5.23.3.1-0xneon+20.04+focal+release+build47;amd64;installed:user_focal-focal-main"
[] candidates ("plasma-discover-backend-flatpak-dbgsym", "plasma-discover-backend-flatpak-dbg", "plasma-discover-dbg", "plasma-discover-dbgsym")
[] FileResolver(0x55d8fe712f40) found "plasma-discover-backend-flatpak;5.23.3.1-0xneon+20.04+focal+release+build47;amd64;installed:user_focal-focal-main"
[] candidates ("plasma-discover-dbgsym", "plasma-discover-dbg", "plasma-discover-dbg", "plasma-discover-dbgsym")
[] FileResolver(0x55d8fe6adec0) found "plasma-discover;5.23.3.1-0xneon+20.04+focal+release+build47;amd64;installed:user_focal-focal-main"
[] ("neon-repositories-ubuntu-ddebs")
[] "[repository::system/package/os/org.kde.neon.com.ubuntu.ddebs/*]> name: Ubuntu Debug Symbols | summary: Debug Symbols for Ubuntu | package: neon-repositories-ubuntu-ddebs"
[] ("org.kde.neon.com.ubuntu.ddebs") 1
[] files: ("/usr/bin/plasma-discover", "/usr/lib/x86_64-linux-gnu/qt5/plugins/discover/flatpak-backend.so")
Comment 7 Madalee 2022-06-01 16:44:52 UTC 
Created attachment 149382 [details]
This is how I know its time to open the console and run 'sudo flatpak update'

This has been a very consistent crash across so many versions.
Comment 8 Nate Graham 2022-06-02 14:58:48 UTC 
A variety of Flatpak crashes should be fixed in 5.25.

If you're still experiencing any, please file a new bug report. Thanks!