[drkonqi] [Bug 466919] DrKonqi crashed while submitting

Mon, 04 Dec 2023 22:13:31 -0800 

https://bugs.kde.org/show_bug.cgi?id=466919

Matt Fagnani <matt.fagn...@bell.net> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |matt.fagn...@bell.net

--- Comment #1 from Matt Fagnani <matt.fagn...@bell.net> ---
I booted the Fedora Rawhide/40 KDE Plasma live image
Fedora-KDE-Live-x86_64-Rawhide-20231204.n.0.iso on bare metal. I started
Konsole in Plasma 5.90.0 on Wayland. I ran WAYLAND_DEBUG=1 plasmashell
--replace. To troubleshoot the plasmashell crashes at
https://bugs.kde.org/show_bug.cgi?id=478086 I started Dolphin I quickly moved
the cursor over the Konsole icon in the task manager to the icons to its left
(Firefox, Dolphin, Discover, System Settings). plasmashell crashed when I did
that and the panel disappeared and reappeared automatically a few seconds
later. drkonqi appeared. I selected Developer information, and created a trace.
I tried to report through bugs.kde.org through drkonqi, but drkonqi crashed at
the point that a list of possible duplicate reports was shown and I clicked on
one of the reports.

The crashing thread 7 had a segmentation fault with a trace like that in this
report.

Thread 7 (Thread 0x7f95e51d86c0 (LWP 5730)):
#0  0x00007f969b11b41d in __GI___poll (fds=fds@entry=0x7f95e51d6568,
nfds=nfds@entry=1, timeout=timeout@entry=1000) at
../sysdeps/unix/sysv/linux/poll.c:29
#1  0x00007f969dea1b98 in poll (__timeout=1000, __nfds=1, __fds=0x7f95e51d6568)
at /usr/include/bits/poll2.h:39
#2  pollDrKonqiSocket (sockfd=3, pid=<optimized out>) at
/usr/src/debug/kf6-kcrash-5.246.0-1.fc40.x86_64/src/kcrash.cpp:844
#3  KCrash::startProcess (argv=argv@entry=0x7f95e51d66a8,
waitAndExit=waitAndExit@entry=true, argc=<optimized out>) at
/usr/src/debug/kf6-kcrash-5.246.0-1.fc40.x86_64/src/kcrash.cpp:706
#4  0x00007f969dea2659 in KCrash::defaultCrashHandler (sig=11) at
/usr/src/debug/kf6-kcrash-5.246.0-1.fc40.x86_64/src/kcrash.cpp:602
#5  <signal handler called>
#6  pcre2_match_data_create_from_pattern_16 (code=0x0, gcontext=0x0) at
src/pcre2_match_data.c:87
#7  0x00007f969b9836aa in QRegularExpressionPrivate::doMatch
(this=0x7f95e80011e0, priv=priv@entry=0x7f9620002a50, offset=<optimized out>,
checkSubjectStringOption=checkSubjectStringOption@entry=QRegularExpressionPrivate::CheckSubjectString,
previous=previous@entry=0x0) at
/usr/src/debug/qt6-qtbase-6.6.1-1.fc40.x86_64/src/corelib/text/qregularexpression.cpp:1146
#8  0x00007f969b983e0e in QRegularExpression::match
(this=this@entry=0x55fdaea8e1d0 <BacktraceLineGdb::parse()::regExp>,
subject=..., offset=offset@entry=0,
matchType=matchType@entry=QRegularExpression::NormalMatch, matchOptions=...,
matchOptions@entry=...) at
/usr/src/debug/qt6-qtbase-6.6.1-1.fc40.x86_64/src/corelib/text/qregularexpression.cpp:1597
#9  0x000055fdaea29b4b in BacktraceLineGdb::parse
(this=this@entry=0x7f95e51d7410) at
/usr/src/debug/plasma-drkonqi-5.90.0-1.fc40.x86_64/src/parser/backtraceparsergdb.cpp:119
#10 0x000055fdaea2af00 in BacktraceLineGdb::BacktraceLineGdb (this=<optimized
out>, lineStr=..., this=<optimized out>, lineStr=...) at
/usr/src/debug/plasma-drkonqi-5.90.0-1.fc40.x86_64/src/parser/backtraceparsergdb.cpp:22
#11 0x000055fdaea2b180 in BacktraceParserGdb::parseLine (lineStr=...,
this=<optimized out>) at
/usr/src/debug/plasma-drkonqi-5.90.0-1.fc40.x86_64/src/parser/backtraceparsergdb.cpp:200
#12 BacktraceParserGdb::newLine (this=<optimized out>, lineStr=...) at
/usr/src/debug/plasma-drkonqi-5.90.0-1.fc40.x86_64/src/parser/backtraceparsergdb.cpp:191
#13 0x00007f969b8027a8 in doActivate<false> (sender=0x7f95e51d7660,
signal_index=4, argv=0x7f95e51d76b0) at
/usr/src/debug/qt6-qtbase-6.6.1-1.fc40.x86_64/src/corelib/kernel/qobject.cpp:4033
#14 0x00007f969b7f8807 in QMetaObject::activate
(sender=sender@entry=0x7f95e51d7660, m=m@entry=0x55fdaea86900
<ParseBugBacktraces::staticMetaObject>,
local_signal_index=local_signal_index@entry=1, argv=argv@entry=0x7f95e51d76b0)
at
/usr/src/debug/qt6-qtbase-6.6.1-1.fc40.x86_64/src/corelib/kernel/qobject.cpp:4081
#15 0x000055fdaea19d9e in ParseBugBacktraces::newLine (_t1=...,
this=0x7f95e51d7660) at
/usr/src/debug/plasma-drkonqi-5.90.0-1.fc40.x86_64/redhat-linux-build/src/DrKonqiInternal_autogen/include/moc_parsebugbacktraces.cpp:188
#16 ParseBugBacktraces::parse (comment=..., this=0x7f95e51d7660) at
/usr/src/debug/plasma-drkonqi-5.90.0-1.fc40.x86_64/src/bugzillaintegration/parsebugbacktraces.cpp:126
#17 ParseBugBacktraces::parse (this=0x7f95e51d7660) at
/usr/src/debug/plasma-drkonqi-5.90.0-1.fc40.x86_64/src/bugzillaintegration/parsebugbacktraces.cpp:113
#18 operator() (__closure=0x7f95e51d7630) at
/usr/src/debug/plasma-drkonqi-5.90.0-1.fc40.x86_64/src/bugzillaintegration/duplicatefinderjob.cpp:108
#19 std::__invoke_impl<ParseBugBacktraces::DuplicateRating,
DuplicateFinderJob::slotCommentsFetched(const QList<QPointer<Bugzilla::Comment>
>&, QObject*)::<lambda()>&> (__f=...) at /usr/include/c++/13/bits/invoke.h:61
#20 std::__invoke<DuplicateFinderJob::slotCommentsFetched(const
QList<QPointer<Bugzilla::Comment> >&, QObject*)::<lambda()>&> (__fn=...) at
/usr/include/c++/13/bits/invoke.h:96
#21 std::invoke<DuplicateFinderJob::slotCommentsFetched(const
QList<QPointer<Bugzilla::Comment> >&, QObject*)::<lambda()>&> (__fn=...) at
/usr/include/c++/13/functional:113
#22 operator() (function=..., __closure=<synthetic pointer>) at
/usr/include/qt6/QtConcurrent/qtconcurrentstoredfunctioncall.h:116
#23 std::__invoke_impl<ParseBugBacktraces::DuplicateRating, const
QtConcurrent::StoredFunctionCall<DuplicateFinderJob::slotCommentsFetched(const
QList<QPointer<Bugzilla::Comment> >&, QObject*)::<lambda()>
>::runFunctor()::<lambda(std::decay_t<DuplicateFinderJob::slotCommentsFetched(const
QList<QPointer<Bugzilla::Comment> >&, QObject*)::<lambda()> >)>&,
DuplicateFinderJob::slotCommentsFetched(const QList<QPointer<Bugzilla::Comment>
>&, QObject*)::<lambda()> > (__f=<synthetic pointer>...) at
/usr/include/c++/13/bits/invoke.h:61
#24 std::__invoke<const
QtConcurrent::StoredFunctionCall<DuplicateFinderJob::slotCommentsFetched(const
QList<QPointer<Bugzilla::Comment> >&, QObject*)::<lambda()>
>::runFunctor()::<lambda(std::decay_t<DuplicateFinderJob::slotCommentsFetched(const
QList<QPointer<Bugzilla::Comment> >&, QObject*)::<lambda()> >)>&,
DuplicateFinderJob::slotCommentsFetched(const QList<QPointer<Bugzilla::Comment>
>&, QObject*)::<lambda()> > (__fn=<synthetic pointer>...) at
/usr/include/c++/13/bits/invoke.h:96
#25 std::__apply_impl<const
QtConcurrent::StoredFunctionCall<DuplicateFinderJob::slotCommentsFetched(const
QList<QPointer<Bugzilla::Comment> >&, QObject*)::<lambda()>
>::runFunctor()::<lambda(std::decay_t<DuplicateFinderJob::slotCommentsFetched(const
QList<QPointer<Bugzilla::Comment> >&, QObject*)::<lambda()> >)>&,
std::tuple<DuplicateFinderJob::slotCommentsFetched(const
QList<QPointer<Bugzilla::Comment> >&, QObject*)::<lambda()> >, 0> (__t=...,
__f=<synthetic pointer>...) at /usr/include/c++/13/tuple:2288
#26 std::apply<const
QtConcurrent::StoredFunctionCall<DuplicateFinderJob::slotCommentsFetched(const
QList<QPointer<Bugzilla::Comment> >&, QObject*)::<lambda()>
>::runFunctor()::<lambda(std::decay_t<DuplicateFinderJob::slotCommentsFetched(const
QList<QPointer<Bugzilla::Comment> >&, QObject*)::<lambda()> >)>&,
std::tuple<DuplicateFinderJob::slotCommentsFetched(const
QList<QPointer<Bugzilla::Comment> >&, QObject*)::<lambda()> > > (__t=...,
__f=<synthetic pointer>...) at /usr/include/c++/13/tuple:2299
#27
QtConcurrent::StoredFunctionCall<DuplicateFinderJob::slotCommentsFetched(const
QList<QPointer<Bugzilla::Comment> >&, QObject*)::<lambda()> >::runFunctor(void)
(this=0x55fdb12f2c20) at
/usr/include/qt6/QtConcurrent/qtconcurrentstoredfunctioncall.h:122
#28 0x000055fdaea1bcfc in
QtConcurrent::RunFunctionTaskBase<ParseBugBacktraces::DuplicateRating>::run
(this=0x55fdb12f2c20) at /usr/include/qt6/QtConcurrent/qtconcurrentrunbase.h:83
#29 0x00007f969b955e67 in QThreadPoolThread::run (this=0x55fdb327cc60) at
/usr/src/debug/qt6-qtbase-6.6.1-1.fc40.x86_64/src/corelib/thread/qthreadpool.cpp:66
#30 0x00007f969b950ace in operator() (__closure=<optimized out>) at
/usr/src/debug/qt6-qtbase-6.6.1-1.fc40.x86_64/src/corelib/thread/qthread_unix.cpp:324
#31 (anonymous
namespace)::terminate_on_exception<QThreadPrivate::start(void*)::<lambda()> >
(t=...) at
/usr/src/debug/qt6-qtbase-6.6.1-1.fc40.x86_64/src/corelib/thread/qthread_unix.cpp:260
#32 QThreadPrivate::start (arg=0x55fdb327cc60) at
/usr/src/debug/qt6-qtbase-6.6.1-1.fc40.x86_64/src/corelib/thread/qthread_unix.cpp:283
#33 0x00007f969b0a8c91 in start_thread (arg=<optimized out>) at
pthread_create.c:447
#34 0x00007f969b128f9c in clone3 () at
../sysdeps/unix/sysv/linux/x86_64/clone3.S:78

The crashing function pcre2_match_data_create_from_pattern_16 in pcre2 might've
been a null pointer dereference since code=0x0 and the crashing line had
pcre2_match_data_create(((pcre2_real_code *)code)->top_bracket

(gdb) thread 7
[Switching to thread 7 (Thread 0x7f95e51d86c0 (LWP 5730))]
#0  0x00007f969b11b41d in __GI___poll (fds=fds@entry=0x7f95e51d6568,
nfds=nfds@entry=1, timeout=timeout@entry=1000) at
../sysdeps/unix/sysv/linux/poll.c:29
Downloading source file
/usr/src/debug/glibc-2.38.9000-26.fc40.x86_64/io/../sysdeps/unix/sysv/linux/poll.c
29        return SYSCALL_CANCEL (poll, fds, nfds, timeout);    
(gdb) frame 6
#6  pcre2_match_data_create_from_pattern_16 (code=0x0, gcontext=0x0) at
src/pcre2_match_data.c:87
Downloading source file
/usr/src/debug/pcre2-10.42-2.fc40.x86_64/src/pcre2_match_data.c
87      return pcre2_match_data_create(((pcre2_real_code *)code)->top_bracket +
1,   

I saw this type of drkonqi crash 2 times when the list of possible duplicate
reports was shown, but the first didn't store a core dump due to space
limitations. I'll attach the trace of all threads.

-- 
You are receiving this mail because:
You are watching all bug changes.

Reply via email to