Bug 433546 - Ark creash on Kerfuffle::LoadJob::onFinished
Summary: Ark creash on Kerfuffle::LoadJob::onFinished
Status: CONFIRMED
Alias: None
Product: ark
Classification: Applications
Component: general (show other bugs)
Version: unspecified
Platform: openSUSE Linux
: NOR crash
Target Milestone: ---
Assignee: Elvis Angelaccio
URL:
Keywords: drkonqi
Depends on:
Blocks:
 
Reported: 2021-02-24 18:24 UTC by Tony
Modified: 2021-03-21 19:03 UTC (History)
2 users (show)

See Also:
Latest Commit:
Version Fixed In:

Attachments
valgrind log (165.52 KB, text/plain)
2021-02-24 22:26 UTC, Tony 		Details
video demostration (3.48 MB, video/mp4)
2021-02-24 22:33 UTC, Tony 		Details
View All Add an attachment

Note You need to log in before you can comment on or make changes to this bug.
Description Tony 2021-02-24 18:24:30 UTC 
Application: ark (21.03.70)

Qt Version: 5.15.2
Frameworks Version: 5.80.0
Operating System: Linux 5.10.16-1-default x86_64
Windowing System: X11
Drkonqi Version: 5.21.80
Distribution: "openSUSE Tumbleweed"

-- Information about the crash:
- What I was doing when the application crashed:


Fallowing the steps from bug 432891 i got this new crash recently.

Get xanmod kernel sources or the vanilla kernel sources.
Pack/compress them in a zip file.
Open the zip file with ark and while is loading close ark.

Bear in mind on fast PCs with fast drives it may be tricky to trigger since ark may load it too fast.

The crash can be reproduced every time.

-- Backtrace:
Application: Ark (ark), signal: Segmentation fault

[KCrash Handler]
#4  0x00007f7007c0c49e in QObject::setProperty (this=this@entry=0x55fd3251c460, name=name@entry=0x7f70094493fe "unpackedSize", value=...) at kernel/qobject.cpp:4031
#5  0x00007f700941dd85 in Kerfuffle::LoadJob::onFinished (this=0x55fd325363d0, result=<optimized out>) at /usr/src/debug/ark-21.03.70git.20210220T201212~7812a75d-ku.31.1.x86_64/kerfuffle/jobs.cpp:285
#6  0x00007f7007c03381 in QObject::event (this=0x55fd325363d0, e=0x7f6f90017290) at kernel/qobject.cpp:1314
#7  0x00007f70087954ff in QApplicationPrivate::notify_helper (this=<optimized out>, receiver=0x55fd325363d0, e=0x7f6f90017290) at kernel/qapplication.cpp:3632
#8  0x00007f7007bd735a in QCoreApplication::notifyInternal2 (receiver=0x55fd325363d0, event=0x7f6f90017290) at kernel/qcoreapplication.cpp:1063
#9  0x00007f7007bd9d91 in QCoreApplicationPrivate::sendPostedEvents (receiver=0x0, event_type=0, data=0x55fd31f40840) at kernel/qcoreapplication.cpp:1817
#10 0x00007f7007c2f263 in postEventSourceDispatch (s=s@entry=0x55fd32027b10) at kernel/qeventdispatcher_glib.cpp:277
#11 0x00007f7006104f57 in g_main_dispatch (context=0x7f6ffc005000) at ../glib/gmain.c:3325
#12 g_main_context_dispatch (context=0x7f6ffc005000) at ../glib/gmain.c:4043
#13 0x00007f70061052d8 in g_main_context_iterate (context=context@entry=0x7f6ffc005000, block=block@entry=1, dispatch=dispatch@entry=1, self=<optimized out>) at ../glib/gmain.c:4119
#14 0x00007f700610538f in g_main_context_iteration (context=0x7f6ffc005000, may_block=may_block@entry=1) at ../glib/gmain.c:4184
#15 0x00007f7007c2e8ef in QEventDispatcherGlib::processEvents (this=0x55fd320357a0, flags=...) at kernel/qeventdispatcher_glib.cpp:423
#16 0x00007f7007bd5d1b in QEventLoop::exec (this=this@entry=0x7fff06d0ccd0, flags=..., flags@entry=...) at ../../include/QtCore/../../src/corelib/global/qflags.h:69
#17 0x00007f7007bddf90 in QCoreApplication::exec () at ../../include/QtCore/../../src/corelib/global/qflags.h:121
#18 0x00007f700803e35c in QGuiApplication::exec () at kernel/qguiapplication.cpp:1867
#19 0x00007f7008795475 in QApplication::exec () at kernel/qapplication.cpp:2824
#20 0x000055fd307a3537 in main (argc=<optimized out>, argv=0x7fff06d0ce60) at /usr/src/debug/ark-21.03.70git.20210220T201212~7812a75d-ku.31.1.x86_64/app/main.cpp:352
[Inferior 1 (process 5833) detached]

Possible duplicates by query: bug 433533, bug 433524, bug 433252, bug 432496, bug 432084.

Reported using DrKonqi
Comment 1 Albert Astals Cid 2021-02-24 20:54:31 UTC 
Are you running an unreleased version of ark on purpose?

Does running ark under valgrind crash/give you any output log?

Can you please turn 
"
Get xanmod kernel sources or the vanilla kernel sources.
Pack/compress them in a zip file.
Open the zip file with ark and while is loading close ark.
"
into a series of command lines so we don't have to guess what you did?
Comment 2 Tony 2021-02-24 22:01:44 UTC 
(In reply to Albert Astals Cid from comment #1)
> Are you running an unreleased version of ark on purpose?
> 
> Does running ark under valgrind crash/give you any output log?
> 
> Can you please turn 
> "
> Get xanmod kernel sources or the vanilla kernel sources.
> Pack/compress them in a zip file.
> Open the zip file with ark and while is loading close ark.
> "
> into a series of command lines so we don't have to guess what you did?

1) mkdir test && cd test
2) Get the sources with : wget https://github.com/xanmod/linux/archive/5.10.18-xanmod1.zip
3) ark 5.10.18-xanmod1.zip
4) While ark is loading the file close its window, either by hitting "X" on the top right corner or ALT+F4.
Comment 3 Tony 2021-02-24 22:26:30 UTC 
Created attachment 136127 [details]
valgrind log

valgrind --log-file=arkcrash ark "zip file"

It does crashes if you fallow the same steps BUT is waaaaaaaaaaay less frequent.
Comment 4 Tony 2021-02-24 22:33:03 UTC 
Created attachment 136128 [details]
video demostration
Comment 5 Albert Astals Cid 2021-02-24 22:34:10 UTC 
I can confirm the crash, valgrind says

==3546== Thread 13 Kerfuffle::Job:::
==3546== Invalid read of size 8
==3546==    at 0x2330F6BC: std::enable_if<std::__and_<std::__not_<std::__is_tuple_like<QTypedArrayData<unsigned short>*> >, std::is_move_constructible<QTypedArrayData<unsigned short>*>, std::is_move_assignable<QTypedArrayData<unsigned short>*> >::value, void>::type std::swap<QTypedArrayData<unsigned short>*>(QTypedArrayData<unsigned short>*&, QTypedArrayData<unsigned short>*&) (move.h:197)
==3546==    by 0x2330E8CD: void qSwap<QTypedArrayData<unsigned short>*>(QTypedArrayData<unsigned short>*&, QTypedArrayData<unsigned short>*&) (qglobal.h:969)
==3546==    by 0x2330DC80: QString::operator=(QString&&) (qstring.h:275)
==3546==    by 0x2330531D: LibzipPlugin::list() (libzipplugin.cpp:88)
==3546==    by 0x489615B: Kerfuffle::LoadJob::doWork() (jobs.cpp:271)
==3546==    by 0x4894D41: Kerfuffle::Job::Private::run() (jobs.cpp:64)
==3546==    by 0x6577EFE: ??? (in /usr/lib/libQt5Core.so.5.15.2)
==3546==    by 0x7291298: start_thread (in /usr/lib/libpthread-2.33.so)
==3546==    by 0x6E3C052: clone (in /usr/lib/libc-2.33.so)
==3546==  Address 0xad1a130 is 16 bytes inside a block of size 112 free'd
==3546==    at 0x483FEAB: operator delete(void*) (vg_replace_malloc.c:584)
==3546==    by 0x23305017: LibzipPlugin::~LibzipPlugin() (libzipplugin.cpp:68)
==3546==    by 0x678A0BD: QObjectPrivate::deleteChildren() (in /usr/lib/libQt5Core.so.5.15.2)
==3546==    by 0x6794F24: QObject::~QObject() (in /usr/lib/libQt5Core.so.5.15.2)
==3546==    by 0x488C4B7: Kerfuffle::Archive::~Archive() (archive_kerfuffle.cpp:202)
==3546==    by 0x488C4D3: Kerfuffle::Archive::~Archive() (archive_kerfuffle.cpp:204)
==3546==    by 0x678A0BD: QObjectPrivate::deleteChildren() (in /usr/lib/libQt5Core.so.5.15.2)
==3546==    by 0x6794F24: QObject::~QObject() (in /usr/lib/libQt5Core.so.5.15.2)
==3546==    by 0x14D670EF: ??? (in /home/tsdgeos/devel/kde/install/lib/plugins/arkpart.so)
==3546==    by 0x14D6710B: ??? (in /home/tsdgeos/devel/kde/install/lib/plugins/arkpart.so)
==3546==    by 0x678A0BD: QObjectPrivate::deleteChildren() (in /usr/lib/libQt5Core.so.5.15.2)
==3546==    by 0x6794F24: QObject::~QObject() (in /usr/lib/libQt5Core.so.5.15.2)
==3546==  Block was alloc'd at
==3546==    at 0x483EDEF: operator new(unsigned long) (vg_replace_malloc.c:342)
==3546==    by 0x23310049: QObject* KPluginFactory::createInstance<LibzipPlugin, QObject>(QWidget*, QObject*, QList<QVariant> const&) (kpluginfactory.h:700)
==3546==    by 0x56CAB84: KPluginFactory::create(char const*, QWidget*, QObject*, QList<QVariant> const&, QString const&) (in /usr/lib/libKF5CoreAddons.so.5.79.0)
==3546==    by 0x488EAF7: Kerfuffle::ReadOnlyArchiveInterface* KPluginFactory::create<Kerfuffle::ReadOnlyArchiveInterface>(QObject*, QList<QVariant> const&) (kpluginfactory.h:745)
==3546==    by 0x488B76A: Kerfuffle::Archive::create(QString const&, Kerfuffle::Plugin*, QObject*) (archive_kerfuffle.cpp:90)
==3546==    by 0x488B1F8: Kerfuffle::Archive::create(QString const&, QString const&, QObject*) (archive_kerfuffle.cpp:65)
==3546==    by 0x488BDC5: Kerfuffle::Archive::load(QString const&, QString const&, QObject*) (archive_kerfuffle.cpp:136)
==3546==    by 0x14D6A88B: ??? (in /home/tsdgeos/devel/kde/install/lib/plugins/arkpart.so)
==3546==    by 0x14D47A1C: ??? (in /home/tsdgeos/devel/kde/install/lib/plugins/arkpart.so)
==3546==    by 0x14D4959E: ??? (in /home/tsdgeos/devel/kde/install/lib/plugins/arkpart.so)
==3546==    by 0x4A71314: ??? (in /usr/lib/libKF5Parts.so.5.79.0)
==3546==    by 0x4A720E3: KParts::ReadOnlyPart::openUrl(QUrl const&) (in /usr/lib/libKF5Parts.so.5.79.0)
Comment 6 Elvis Angelaccio 2021-03-21 18:27:34 UTC 
@Alber: are you on Wayland? I can reproduce the crash from a wayland session, but not if I run `ark --platform xcb`.

Also, my backtrace is somewhat different:

==26376== Invalid read of size 4
==26376==    at 0x4891CD4: Kerfuffle::Archive::isValid() const (archive_kerfuffle.cpp:376)
==26376==    by 0x489D7AC: Kerfuffle::Job::onFinished(bool) (jobs.cpp:212)
==26376==    by 0x489E305: Kerfuffle::LoadJob::onFinished(bool) (jobs.cpp:294)
==26376==    by 0x48A2AB7: Kerfuffle::LoadJob::doWork()::$_1::operator()() const (jobs.cpp:277)
==26376==    by 0x48A2A55: QtPrivate::FunctorCall<QtPrivate::IndexesList<>, QtPrivate::List<>, void, Kerfuffle::LoadJob::doWork()::$_1>::call(Kerfuffle::LoadJob::doWork()::$_1&, void**) (qobjectdefs_impl.h:146)
==26376==    by 0x48A2A20: void QtPrivate::Functor<Kerfuffle::LoadJob::doWork()::$_1, 0>::call<QtPrivate::List<>, void>(Kerfuffle::LoadJob::doWork()::$_1&, void*, void**) (qobjectdefs_impl.h:256)
==26376==    by 0x48A29CB: QtPrivate::QFunctorSlotObject<Kerfuffle::LoadJob::doWork()::$_1, 0, QtPrivate::List<>, void>::impl(int, QtPrivate::QSlotObjectBase*, QObject*, void**, bool*) (qobjectdefs_impl.h:443)
==26376==    by 0x674B531: QObject::event(QEvent*) (in /usr/lib/libQt5Core.so.5.15.2)
==26376==    by 0x5861751: QApplicationPrivate::notify_helper(QObject*, QEvent*) (in /usr/lib/libQt5Widgets.so.5.15.2)
==26376==    by 0x671EA29: QCoreApplication::notifyInternal2(QObject*, QEvent*) (in /usr/lib/libQt5Core.so.5.15.2)
==26376==    by 0x6721522: QCoreApplicationPrivate::sendPostedEvents(QObject*, int, QThreadData*) (in /usr/lib/libQt5Core.so.5.15.2)
==26376==    by 0x6778053: ??? (in /usr/lib/libQt5Core.so.5.15.2)
==26376==  Address 0x220bb800 is 48 bytes inside a block of size 80 free'd
==26376==    at 0x483FEAB: operator delete(void*) (vg_replace_malloc.c:584)
==26376==    by 0x4892697: Kerfuffle::Archive::~Archive() (archive_kerfuffle.cpp:203)
==26376==    by 0x67490BD: QObjectPrivate::deleteChildren() (in /usr/lib/libQt5Core.so.5.15.2)
==26376==    by 0x6753F24: QObject::~QObject() (in /usr/lib/libQt5Core.so.5.15.2)
==26376==    by 0x21465FEE: ??? (in /home/elvis/install/lib/plugins/arkpart.so)
==26376==    by 0x2146601B: ??? (in /home/elvis/install/lib/plugins/arkpart.so)
==26376==    by 0x67490BD: QObjectPrivate::deleteChildren() (in /usr/lib/libQt5Core.so.5.15.2)
==26376==    by 0x6753F24: QObject::~QObject() (in /usr/lib/libQt5Core.so.5.15.2)
==26376==    by 0x2143E817: ??? (in /home/elvis/install/lib/plugins/arkpart.so)
==26376==    by 0x2143E862: ??? (in /home/elvis/install/lib/plugins/arkpart.so)
==26376==    by 0x2143E8FB: ??? (in /home/elvis/install/lib/plugins/arkpart.so)
==26376==    by 0x124E27: MainWindow::~MainWindow() (mainwindow.cpp:76)
==26376==  Block was alloc'd at
==26376==    at 0x483EDEF: operator new(unsigned long) (vg_replace_malloc.c:342)
==26376==    by 0x4891C0A: Kerfuffle::Archive::create(QString const&, Kerfuffle::Plugin*, QObject*) (archive_kerfuffle.cpp:102)
==26376==    by 0x4891266: Kerfuffle::Archive::create(QString const&, QString const&, QObject*) (archive_kerfuffle.cpp:65)
==26376==    by 0x4891F24: Kerfuffle::Archive::load(QString const&, QString const&, QObject*) (archive_kerfuffle.cpp:136)
==26376==    by 0x21469CBB: ??? (in /home/elvis/install/lib/plugins/arkpart.so)
==26376==    by 0x21443C58: ??? (in /home/elvis/install/lib/plugins/arkpart.so)
==26376==    by 0x21445B99: ??? (in /home/elvis/install/lib/plugins/arkpart.so)
==26376==    by 0x4A4F314: ??? (in /usr/lib/libKF5Parts.so.5.80.0)
==26376==    by 0x4A500E3: KParts::ReadOnlyPart::openUrl(QUrl const&) (in /usr/lib/libKF5Parts.so.5.80.0)
==26376==    by 0x125446: MainWindow::openUrl(QUrl const&) (mainwindow.cpp:232)
==26376==    by 0x12B0C8: QtPrivate::FunctorCall<QtPrivate::IndexesList<0>, QtPrivate::List<QUrl const&>, void, void (MainWindow::*)(QUrl const&)>::call(void (MainWindow::*)(QUrl const&), MainWindow*, void**) (qobjectdefs_impl.h:152)
==26376==    by 0x12B027: void QtPrivate::FunctionPointer<void (MainWindow::*)(QUrl const&)>::call<QtPrivate::List<QUrl const&>, void>(void (MainWindow::*)(QUrl const&), MainWindow*, void**) (qobjectdefs_impl.h:185)
Comment 7 Albert Astals Cid 2021-03-21 19:03:45 UTC 
no, no wayland, try again and still get a very similar crash to comment #5