470487 – KDE Connect daemon crashes when receiving a specific jpeg image from my Android device

Bug 470487 - KDE Connect daemon crashes when receiving a specific jpeg image from my Android device

Summary: KDE Connect daemon crashes when receiving a specific jpeg image from my Andro...

Status:	RESOLVED DUPLICATE of bug 470488

Alias:	None

Product:	kdeconnect
Classification:	Applications
Component:	common (show other bugs)
Version:	23.04.1
Platform:	Arch Linux Linux

Importance:	NOR crash
Target Milestone:	---
Assignee:	Albert Vaca Cintora

URL:
Keywords:	drkonqi

Depends on:
Blocks:

Reported:	2023-05-31 13:15 UTC by Zak
Modified:	2023-12-16 14:16 UTC (History)
CC List:	2 users (show)

See Also:
Latest Commit:
Version Fixed In:

Attachments
New crash information added by DrKonqi (3.74 KB, text/plain) 2023-12-16 14:16 UTC, lordbaum	Details
View All Add an attachment

Note You need to log in before you can comment on or make changes to this bug.

Description Zak 2023-05-31 13:15:53 UTC

Application: kdeconnectd (23.04.1)

Qt Version: 5.15.9
Frameworks Version: 5.106.0
Operating System: Linux 6.3.4-arch1-1 x86_64
Windowing System: X11
Distribution: Arch Linux
DrKonqi: 5.27.5 [KCrashBackend]

-- Information about the crash:
KDE connect daemon crashes when receiving a specific image. It does not crash when receiving other files. This is true whether the image is sent as a single file, or in a batch, and whether the transfer is initiated from within KDE Connect on the Android device or the share menu of another app.

The crash can be reproduced every time.

-- Backtrace:
Application: KDE Connect Daemon (kdeconnectd), signal: Aborted
Content of s_kcrashErrorMessage: std::unique_ptr<char []> = {get() = 0x0}
[KCrash Handler]
#6  __pthread_kill_implementation (threadid=<optimized out>, signo=signo@entry=6, no_tid=no_tid@entry=0) at pthread_kill.c:44
#7  0x00007fc5e9c9f2d3 in __pthread_kill_internal (signo=6, threadid=<optimized out>) at pthread_kill.c:78
#8  0x00007fc5e9c4fa08 in __GI_raise (sig=sig@entry=6) at ../sysdeps/posix/raise.c:26
#9  0x00007fc5e9c38538 in __GI_abort () at abort.c:79
#10 0x00007fc5ea2a0098 in qt_message_fatal (message=<synthetic pointer>..., context=<optimized out>) at global/qlogging.cpp:1914
#11 QMessageLogger::fatal(char const*, ...) const (this=this@entry=0x7fc5a2215610, msg=msg@entry=0x7fc5eb9a1108 "Fatal Error: Got cmd %d, while waiting for an answer!") at global/qlogging.cpp:893
#12 0x00007fc5eb8bb090 in KIO::SlaveBase::waitForAnswer(int, int, QByteArray&, int*) (this=this@entry=0x7fc5940012e0, expected1=expected1@entry=84, expected2=expected2@entry=65, data=..., pCmd=pCmd@entry=0x7fc5a2215684) at /usr/src/debug/kio/kio-5.106.0/src/core/slavebase.cpp:1149
#13 0x00007fc5eb8fbc06 in KIO::SlaveBase::canResume(unsigned long long) (this=this@entry=0x7fc5940012e0, offset=65536) at /usr/src/debug/kio/kio-5.106.0/src/core/slavebase.cpp:1116
#14 0x00007fc5a2a26ec0 in FileProtocol::put(QUrl const&, int, QFlags<KIO::JobFlag>) (this=0x7fc5940012d0, url=<optimized out>, _mode=-1, _flags=...) at /usr/src/debug/kio/kio-5.106.0/src/ioslaves/file/file.cpp:550
#15 0x00007fc5eb8fb105 in KIO::SlaveBase::dispatch(int, QByteArray const&) (this=0x7fc5940012e0, command=68, data=...) at /usr/src/debug/kio/kio-5.106.0/src/core/slavebase.cpp:1289
#16 0x00007fc5eb8f32ae in KIO::SlaveBase::dispatchLoop() (this=0x7fc5940012e0) at /usr/src/debug/kio/kio-5.106.0/src/core/slavebase.cpp:342
#17 0x00007fc5eb9720b7 in KIO::WorkerThread::run() (this=0x55bcdf18bb00) at /usr/src/debug/kio/kio-5.106.0/src/core/workerthread.cpp:62
#18 0x00007fc5ea2f30da in operator() (__closure=<optimized out>) at thread/qthread_unix.cpp:350
#19 (anonymous namespace)::terminate_on_exception<QThreadPrivate::start(void*)::<lambda()> > (t=<optimized out>) at thread/qthread_unix.cpp:287
#20 QThreadPrivate::start(void*) (arg=0x55bcdf18bb00) at thread/qthread_unix.cpp:310
#21 0x00007fc5e9c9d44b in start_thread (arg=<optimized out>) at pthread_create.c:444
#22 0x00007fc5e9d20e40 in clone3 () at ../sysdeps/unix/sysv/linux/x86_64/clone3.S:81

Thread 8 (Thread 0x7fc5c9ffb6c0 (LWP 8860) "kdeconnectd"):
#1  __pselect (nfds=5, readfds=0x7fc5c9ff2a20, writefds=0x0, exceptfds=0x0, timeout=<optimized out>, sigmask=<optimized out>) at ../sysdeps/unix/sysv/linux/pselect.c:56
#2  0x00007fc5e5be36f9 in  () at /usr/lib/libusbmuxd-2.0.so.6
#3  0x00007fc5e5be43cc in  () at /usr/lib/libusbmuxd-2.0.so.6
#4  0x00007fc5e9c9d44b in start_thread (arg=<optimized out>) at pthread_create.c:444
#5  0x00007fc5e9d20e40 in clone3 () at ../sysdeps/unix/sysv/linux/x86_64/clone3.S:81

Thread 7 (Thread 0x7fc5ca7fc6c0 (LWP 2025) "Qt bearer threa"):
#1  0x00007fc5e8910f8a in g_main_context_check (context=0x7fc5b8000c30, max_priority=<optimized out>, fds=<optimized out>, n_fds=<optimized out>) at ../glib/glib/gmain.c:4103
#2  0x00007fc5e896d998 in g_main_context_iterate.isra.0 (context=context@entry=0x7fc5b8000c30, block=block@entry=1, dispatch=dispatch@entry=1, self=<optimized out>) at ../glib/glib/gmain.c:4273
#3  0x00007fc5e890e032 in g_main_context_iteration (context=0x7fc5b8000c30, may_block=1) at ../glib/glib/gmain.c:4343
#4  0x00007fc5ea4e9f2f in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) (this=0x7fc5b8000b70, flags=...) at kernel/qeventdispatcher_glib.cpp:425
#5  0x00007fc5ea499824 in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) (this=0x7fc5ca7fbac0, flags=...) at ../../include/QtCore/../../src/corelib/global/qflags.h:69
#6  0x00007fc5ea2f6eb6 in QThread::exec() (this=<optimized out>) at ../../include/QtCore/../../src/corelib/global/qflags.h:121
#7  0x00007fc5ea2f30da in operator() (__closure=<optimized out>) at thread/qthread_unix.cpp:350
#8  (anonymous namespace)::terminate_on_exception<QThreadPrivate::start(void*)::<lambda()> > (t=<optimized out>) at thread/qthread_unix.cpp:287
#9  QThreadPrivate::start(void*) (arg=0x55bcdef57370) at thread/qthread_unix.cpp:310
#10 0x00007fc5e9c9d44b in start_thread (arg=<optimized out>) at pthread_create.c:444
#11 0x00007fc5e9d20e40 in clone3 () at ../sysdeps/unix/sysv/linux/x86_64/clone3.S:81

Thread 6 (Thread 0x7fc5caffd6c0 (LWP 1987) "kdeconnect:sh2"):
#1  __futex_abstimed_wait_common (futex_word=futex_word@entry=0x55bcdeab5b10, expected=expected@entry=0, clockid=clockid@entry=0, abstime=abstime@entry=0x0, private=private@entry=0, cancel=cancel@entry=true) at futex-internal.c:87
#2  0x00007fc5e9c99f8f in __GI___futex_abstimed_wait_cancelable64 (futex_word=futex_word@entry=0x55bcdeab5b10, expected=expected@entry=0, clockid=clockid@entry=0, abstime=abstime@entry=0x0, private=private@entry=0) at futex-internal.c:139
#3  0x00007fc5e9c9c7a0 in __pthread_cond_wait_common (abstime=0x0, clockid=0, mutex=0x55bcdeab5ac0, cond=0x55bcdeab5ae8) at pthread_cond_wait.c:503
#4  ___pthread_cond_wait (cond=0x55bcdeab5ae8, mutex=0x55bcdeab5ac0) at pthread_cond_wait.c:618
#5  0x00007fc5dcac854c in  () at /usr/lib/dri/iris_dri.so
#6  0x00007fc5dcb1540c in  () at /usr/lib/dri/iris_dri.so
#7  0x00007fc5e9c9d44b in start_thread (arg=<optimized out>) at pthread_create.c:444
#8  0x00007fc5e9d20e40 in clone3 () at ../sysdeps/unix/sysv/linux/x86_64/clone3.S:81

Thread 5 (Thread 0x7fc5cb7fe6c0 (LWP 1986) "kdeconnect:sh1"):
#1  __futex_abstimed_wait_common (futex_word=futex_word@entry=0x55bcdeab5b10, expected=expected@entry=0, clockid=clockid@entry=0, abstime=abstime@entry=0x0, private=private@entry=0, cancel=cancel@entry=true) at futex-internal.c:87
#2  0x00007fc5e9c99f8f in __GI___futex_abstimed_wait_cancelable64 (futex_word=futex_word@entry=0x55bcdeab5b10, expected=expected@entry=0, clockid=clockid@entry=0, abstime=abstime@entry=0x0, private=private@entry=0) at futex-internal.c:139
#3  0x00007fc5e9c9c7a0 in __pthread_cond_wait_common (abstime=0x0, clockid=0, mutex=0x55bcdeab5ac0, cond=0x55bcdeab5ae8) at pthread_cond_wait.c:503
#4  ___pthread_cond_wait (cond=0x55bcdeab5ae8, mutex=0x55bcdeab5ac0) at pthread_cond_wait.c:618
#5  0x00007fc5dcac854c in  () at /usr/lib/dri/iris_dri.so
#6  0x00007fc5dcb1540c in  () at /usr/lib/dri/iris_dri.so
#7  0x00007fc5e9c9d44b in start_thread (arg=<optimized out>) at pthread_create.c:444
#8  0x00007fc5e9d20e40 in clone3 () at ../sysdeps/unix/sysv/linux/x86_64/clone3.S:81

Thread 4 (Thread 0x7fc5cbfff6c0 (LWP 1985) "kdeconnect:sh0"):
#1  __futex_abstimed_wait_common (futex_word=futex_word@entry=0x55bcdeab5b10, expected=expected@entry=0, clockid=clockid@entry=0, abstime=abstime@entry=0x0, private=private@entry=0, cancel=cancel@entry=true) at futex-internal.c:87
#2  0x00007fc5e9c99f8f in __GI___futex_abstimed_wait_cancelable64 (futex_word=futex_word@entry=0x55bcdeab5b10, expected=expected@entry=0, clockid=clockid@entry=0, abstime=abstime@entry=0x0, private=private@entry=0) at futex-internal.c:139
#3  0x00007fc5e9c9c7a0 in __pthread_cond_wait_common (abstime=0x0, clockid=0, mutex=0x55bcdeab5ac0, cond=0x55bcdeab5ae8) at pthread_cond_wait.c:503
#4  ___pthread_cond_wait (cond=0x55bcdeab5ae8, mutex=0x55bcdeab5ac0) at pthread_cond_wait.c:618
#5  0x00007fc5dcac854c in  () at /usr/lib/dri/iris_dri.so
#6  0x00007fc5dcb1540c in  () at /usr/lib/dri/iris_dri.so
#7  0x00007fc5e9c9d44b in start_thread (arg=<optimized out>) at pthread_create.c:444
#8  0x00007fc5e9d20e40 in clone3 () at ../sysdeps/unix/sysv/linux/x86_64/clone3.S:81

Thread 3 (Thread 0x7fc5dc9ff6c0 (LWP 1984) "kdeconn:disk$0"):
#1  __futex_abstimed_wait_common (futex_word=futex_word@entry=0x55bcdeabe0b8, expected=expected@entry=0, clockid=clockid@entry=0, abstime=abstime@entry=0x0, private=private@entry=0, cancel=cancel@entry=true) at futex-internal.c:87
#2  0x00007fc5e9c99f8f in __GI___futex_abstimed_wait_cancelable64 (futex_word=futex_word@entry=0x55bcdeabe0b8, expected=expected@entry=0, clockid=clockid@entry=0, abstime=abstime@entry=0x0, private=private@entry=0) at futex-internal.c:139
#3  0x00007fc5e9c9c7a0 in __pthread_cond_wait_common (abstime=0x0, clockid=0, mutex=0x55bcdeabe068, cond=0x55bcdeabe090) at pthread_cond_wait.c:503
#4  ___pthread_cond_wait (cond=0x55bcdeabe090, mutex=0x55bcdeabe068) at pthread_cond_wait.c:618
#5  0x00007fc5dcac854c in  () at /usr/lib/dri/iris_dri.so
#6  0x00007fc5dcb1540c in  () at /usr/lib/dri/iris_dri.so
#7  0x00007fc5e9c9d44b in start_thread (arg=<optimized out>) at pthread_create.c:444
#8  0x00007fc5e9d20e40 in clone3 () at ../sysdeps/unix/sysv/linux/x86_64/clone3.S:81

Thread 2 (Thread 0x7fc5e4f7d6c0 (LWP 1975) "QDBusConnection"):
#1  0x00007fc5e896da9f in g_main_context_poll (priority=<optimized out>, n_fds=1, fds=0x7fc5e0036330, timeout=<optimized out>, context=0x7fc5e0000c50) at ../glib/glib/gmain.c:4584
#2  g_main_context_iterate.isra.0 (context=context@entry=0x7fc5e0000c50, block=block@entry=1, dispatch=dispatch@entry=1, self=<optimized out>) at ../glib/glib/gmain.c:4271
#3  0x00007fc5e890e032 in g_main_context_iteration (context=0x7fc5e0000c50, may_block=1) at ../glib/glib/gmain.c:4343
#4  0x00007fc5ea4e9f2f in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) (this=0x7fc5e0000b70, flags=...) at kernel/qeventdispatcher_glib.cpp:425
#5  0x00007fc5ea499824 in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) (this=0x7fc5e4f7ca90, flags=...) at ../../include/QtCore/../../src/corelib/global/qflags.h:69
#6  0x00007fc5ea2f6eb6 in QThread::exec() (this=this@entry=0x7fc5eb74d660 <(anonymous namespace)::Q_QGS__q_manager::innerFunction()::holder>) at ../../include/QtCore/../../src/corelib/global/qflags.h:121
#7  0x00007fc5eb6f269a in QDBusConnectionManager::run() (this=0x7fc5eb74d660 <(anonymous namespace)::Q_QGS__q_manager::innerFunction()::holder>) at /usr/src/debug/qt5-base/qtbase/src/dbus/qdbusconnection.cpp:179
#8  0x00007fc5ea2f30da in operator() (__closure=<optimized out>) at thread/qthread_unix.cpp:350
#9  (anonymous namespace)::terminate_on_exception<QThreadPrivate::start(void*)::<lambda()> > (t=<optimized out>) at thread/qthread_unix.cpp:287
#10 QThreadPrivate::start(void*) (arg=0x7fc5eb74d660 <(anonymous namespace)::Q_QGS__q_manager::innerFunction()::holder>) at thread/qthread_unix.cpp:310
#11 0x00007fc5e9c9d44b in start_thread (arg=<optimized out>) at pthread_create.c:444
#12 0x00007fc5e9d20e40 in clone3 () at ../sysdeps/unix/sysv/linux/x86_64/clone3.S:81

Thread 1 (Thread 0x7fc5e5549ac0 (LWP 1877) "kdeconnectd"):
#1  0x00007fc5ea2ef47c in QtLinuxFutex::_q_futex(int*, int, int, unsigned long long, int*, int) (val3=0, addr2=0x0, val2=0, val=<optimized out>, op=0, addr=<optimized out>, addr=<optimized out>, op=<optimized out>, val=<optimized out>, val2=<optimized out>, addr2=<optimized out>, val3=<optimized out>) at thread/qfutex_p.h:114
#2  QtLinuxFutex::futexWait<QBasicAtomicInteger<unsigned int> >(QBasicAtomicInteger<unsigned int>&, QBasicAtomicInteger<unsigned int>::Type) (expectedValue=<optimized out>, futex=<optimized out>) at thread/qfutex_p.h:133
#3  futexSemaphoreTryAcquire_loop<false>(QBasicAtomicInteger<unsigned long long>&, unsigned long long, unsigned long long, int) (timeout=-1, nn=8589934593, curValue=<optimized out>, u=...) at thread/qsemaphore.cpp:219
#4  futexSemaphoreTryAcquire<false>(QBasicAtomicInteger<unsigned long long>&, int, int) (timeout=-1, n=<optimized out>, u=...) at thread/qsemaphore.cpp:262
#5  QSemaphore::acquire(int) (this=0x7ffdcf1a1ab0, n=<optimized out>) at thread/qsemaphore.cpp:326
#6  0x00007fc5ea4d00f6 in doActivate<false>(QObject*, int, void**) (sender=0x55bcdf165f10, signal_index=0, argv=0x7ffdcf1a1b30) at kernel/qobject.cpp:3904
#7  0x00007fc5ea4d03e4 in QObject::destroyed(QObject*) (this=<optimized out>, _t1=<optimized out>) at .moc/moc_qobject.cpp:219
#8  0x00007fc5ea4c651c in QObject::~QObject() (this=0x55bcdf165f10, this=<optimized out>) at kernel/qobject.cpp:1010
#9  0x00007fc5eb7265ce in QDBusServiceWatcher::~QDBusServiceWatcher() (this=0x55bcdf165f10, this=<optimized out>) at /usr/src/debug/qt5-base/qtbase/src/dbus/qdbusservicewatcher.cpp:260
#10 0x00007fc5ea787d36 in std::default_delete<QDBusServiceWatcher>::operator()(QDBusServiceWatcher*) const (__ptr=<optimized out>, this=<optimized out>) at /usr/include/c++/13.1.1/bits/unique_ptr.h:99
#11 std::unique_ptr<QDBusServiceWatcher, std::default_delete<QDBusServiceWatcher> >::~unique_ptr() (this=0x7fc5ea79e078 <_ZZN12_GLOBAL__N_117Q_QGS_serverProxy13innerFunctionEvE6holder.lto_priv.1+24>, this=<optimized out>) at /usr/include/c++/13.1.1/bits/unique_ptr.h:404
#12 KSharedUiServerV2Proxy::~KSharedUiServerV2Proxy() (this=0x7fc5ea79e060 <_ZZN12_GLOBAL__N_117Q_QGS_serverProxy13innerFunctionEvE6holder.lto_priv.1>, this=<optimized out>) at /usr/src/debug/kjobwidgets/kjobwidgets-5.106.0/src/kuiserverv2jobtracker.cpp:416
#13 0x00007fc5ea787dad in (anonymous namespace)::Q_QGS_serverProxy::innerFunction()::Holder::~Holder() [clone .lto_priv.1] () at /usr/src/debug/kjobwidgets/kjobwidgets-5.106.0/src/kuiserverv2jobtracker.cpp:25
#14 0x00007fc5e9c52066 in __run_exit_handlers (status=status@entry=1, listp=0x7fc5e9df1760 <__exit_funcs>, run_list_atexit=run_list_atexit@entry=true, run_dtors=run_dtors@entry=true) at exit.c:111
#15 0x00007fc5e9c521b0 in __GI_exit (status=status@entry=1) at exit.c:141
#16 0x00007fc5e5056066 in QXcbConnection::processXcbEvents(QFlags<QEventLoop::ProcessEventsFlag>) (this=0x55bcde80f6f0, flags=...) at /usr/src/debug/qt5-base/qtbase/src/plugins/platforms/xcb/qxcbconnection.cpp:1047
#17 0x00007fc5e5085708 in xcbSourceDispatch(GSource*, GSourceFunc, gpointer) (source=<optimized out>) at /usr/src/debug/qt5-base/qtbase/src/plugins/platforms/xcb/qxcbeventdispatcher.cpp:103
#18 0x00007fc5e8910981 in g_main_dispatch (context=0x7fc5e0000ee0) at ../glib/glib/gmain.c:3460
#19 g_main_context_dispatch (context=0x7fc5e0000ee0) at ../glib/glib/gmain.c:4200
#20 0x00007fc5e896db39 in g_main_context_iterate.isra.0 (context=context@entry=0x7fc5e0000ee0, block=block@entry=1, dispatch=dispatch@entry=1, self=<optimized out>) at ../glib/glib/gmain.c:4276
#21 0x00007fc5e890e032 in g_main_context_iteration (context=0x7fc5e0000ee0, may_block=1) at ../glib/glib/gmain.c:4343
#22 0x00007fc5ea4e9f0c in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) (this=0x55bcde9b3ca0, flags=...) at kernel/qeventdispatcher_glib.cpp:423
#23 0x00007fc5ea499824 in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) (this=this@entry=0x7ffdcf1a1f80, flags=..., flags@entry=...) at ../../include/QtCore/../../src/corelib/global/qflags.h:69
#24 0x00007fc5ea49acc3 in QCoreApplication::exec() () at ../../include/QtCore/../../src/corelib/global/qflags.h:121
#25 0x00007fc5ea93b7c2 in QGuiApplication::exec() () at kernel/qguiapplication.cpp:1870
#26 0x00007fc5eb176cda in QApplication::exec() () at kernel/qapplication.cpp:2832
#27 0x000055bcdd8d7597 in main(int, char**) (argc=<optimized out>, argv=<optimized out>) at /usr/src/debug/kdeconnect/kdeconnect-kde-23.04.1/daemon/kdeconnectd.cpp:185
Warning: the current language does not match this frame.
[Inferior 1 (process 1877) detached]

The reporter indicates this bug may be a duplicate of or related to bug 342277, bug 347564, bug 413460, bug 419428, bug 436107, bug 437643, bug 442945, bug 445771, bug 450135, bug 454054, bug 457436, bug 467277.

Reported using DrKonqi

Comment 1 Zak 2023-05-31 19:55:00 UTC

DrKonqi hung rather than indicating that this bug report was successfully filed. I'm closing it as a dupe of #470488, which contains more information.

*** This bug has been marked as a duplicate of bug 470488 ***

Comment 2 lordbaum 2023-12-16 14:16:31 UTC

Created attachment 164224 [details]
New crash information added by DrKonqi

kdeconnectd (23.08.4) using Qt 5.15.11

I shared a jpeg from my whatsapp direclty over KDEConnect to My Laptop. The first one went fine. the two pictures half an hour ago (the system was not rebooted between) also did not cause a problem. But this one just cruashed the Kde Connect deamon 3 Times. I can't rember to have had this bug befor with another image. I use an LinageOS with MicroG smartphone.

-- Backtrace (Reduced):
#4  doActivate<false>(QObject*, int, void**) (sender=0x55786f06a910, signal_index=4, argv=0x7ffd0685d5d0) at ../../include/QtCore/../../src/corelib/kernel/qobject.h:132
#5  0x00007efccb1f3506 in QIODevice::channelReadyRead(int) (this=this@entry=0x55786f06a910, _t1=<optimized out>, _t1@entry=0) at .moc/moc_qiodevice.cpp:197
#6  0x00007efccaf885de in QSslSocketBackendPrivate::transmit() (this=0x55786f46aea0) at ssl/qsslsocket_openssl.cpp:1202
#7  0x00007efccb2d1253 in doActivate<false>(QObject*, int, void**) (sender=0x55786f368630, signal_index=3, argv=0x7ffd0685e720) at kernel/qobject.cpp:3937
#8  0x00007efccaf505c0 in QAbstractSocketPrivate::emitReadyRead(int) (channel=0, this=0x55786f4c23c0) at socket/qabstractsocket.cpp:1323