Crash after rejecting public server pings

[trudnorx]

Tested with the g7ba250a version. Try to look at public servers, reject pinging. And then it crashes. And you can't open Mumble again -- it keeps crashing.

[trudnorx]

Had to delete mumble.lock and mumble.dmp to get it to open again without crashing, don't know why.

[Popkornium18]

I can't reproduce this. Do you have more info? Which OS are you running? Did you see pingserversdialogviewed=true in the consent section of the config file afterwards and disablepubliclist=true in the ui section?

[davidebeatrici]

I can reproduce it reliably:

1. Open the server dialog.
2. Expand the public list.
3. Reject pinging.
4. Open the server dialog again.

Mumble will instantly crash. It doesn't next time it's started because the setting is not saved.

@trudnorx probably closed the client after the setting was set (causing it to be saved).

[Popkornium18]

:thinking: I'm doing it exactly the same way and it does not crash. Weird.

[davidebeatrici]

Operating system? I'm testing on Debian.

[Popkornium18]

I'm trying it on Linux (Arch).

[davidebeatrici]

#0  0x0000555555693579 in QList<ServerItem*>::QList(QList<ServerItem*> const&) (this=0x7fffffffb5a0, l=...) at /usr/include/x86_64-linux-gnu/qt5/QtCore/qlist.h:837
#1  0x000055555568f74d in QtPrivate::QForeachContainer<QList<ServerItem*> >::QForeachContainer(QList<ServerItem*> const&) (this=0x7fffffffb5a0, t=...) at /usr/include/x86_64-linux-gnu/qt5/QtCore/qglobal.h:1062
#2  0x000055555568bc54 in QtPrivate::qMakeForeachContainer<QList<ServerItem*>&>(QList<ServerItem*>&) (t=...) at /usr/include/x86_64-linux-gnu/qt5/QtCore/qglobal.h:1090
#3  0x0000555555682ed7 in ConnectDialog::filterPublicServerList() const (this=0x555556774560) at ../src/mumble/ConnectDialog.cpp:1522
#4  0x0000555555685d3a in ConnectDialog::on_qcbFilter_currentIndexChanged(int) (this=0x555556774560, filterIndex=2) at ../src/mumble/ConnectDialog.cpp:1831
#5  0x00005555555d40e6 in ConnectDialog::qt_static_metacall(QObject*, QMetaObject::Call, int, void**) (_o=0x555556774560, _c=QMetaObject::InvokeMetaMethod, _id=24, _a=0x7fffffffb800) at src/mumble/mumble_autogen/EWIEGA46WW/moc_ConnectDialog.cpp:475
#6  0x00005555555d436e in ConnectDialog::qt_metacall(QMetaObject::Call, int, void**) (this=0x555556774560, _c=QMetaObject::InvokeMetaMethod, _id=24, _a=0x7fffffffb800) at src/mumble/mumble_autogen/EWIEGA46WW/moc_ConnectDialog.cpp:538
#7  0x00007ffff649b450 in doActivate<false>(QObject*, int, void**) (sender=0x5555568c9460, signal_index=12, argv=0x7fffffffb800) at /usr/include/c++/9/bits/atomic_base.h:734
#8  0x00007ffff6495ebf in QMetaObject::activate(QObject*, QMetaObject const*, int, void**)
    (sender=sender@entry=0x5555568c9460, m=m@entry=0x7ffff7e53b60 <QComboBox::staticMetaObject>, local_signal_index=local_signal_index@entry=5, argv=argv@entry=0x7fffffffb800) at kernel/qobject.cpp:3930
#9  0x00007ffff7a530e1 in QComboBox::currentIndexChanged(int) (this=this@entry=0x5555568c9460, _t1=<optimized out>) at .moc/moc_qcombobox.cpp:533
#10 0x00007ffff7a55362 in QComboBoxPrivate::_q_emitCurrentIndexChanged(QModelIndex const&) (this=this@entry=0x55555691d920, index=...) at ../../include/QtCore/../../src/corelib/itemmodels/qabstractitemmodel.h:62
#11 0x00007ffff7a57add in QComboBoxPrivate::setCurrentIndex(QModelIndex const&) (this=this@entry=0x55555691d920, mi=...) at widgets/qcombobox.cpp:2226
#12 0x00007ffff7a57d2f in QComboBox::setCurrentIndex(int) (this=this@entry=0x5555568c9460, index=index@entry=2) at widgets/qcombobox.cpp:2188
#13 0x00007ffff7a58aeb in QComboBox::setCurrentText(QString const&) (text=..., this=0x5555568c9460) at widgets/qcombobox.cpp:2198
#14 QComboBox::setCurrentText(QString const&) (this=0x5555568c9460, text=...) at widgets/qcombobox.cpp:2191
#15 0x000055555567f18e in ConnectDialog::ConnectDialog(QWidget*, bool) (this=0x555556774560, p=0x555555f142a0, autoconnect=false) at ../src/mumble/ConnectDialog.cpp:980
#16 0x00005555556f3d7e in MainWindow::on_qaServerConnect_triggered(bool) (this=0x555555f142a0, autoconnect=false) at ../src/mumble/MainWindow.cpp:1167
#17 0x00005555555d7976 in MainWindow::qt_static_metacall(QObject*, QMetaObject::Call, int, void**) (_o=0x555555f142a0, _c=QMetaObject::InvokeMetaMethod, _id=3, _a=0x7fffffffbff0) at src/mumble/mumble_autogen/EWIEGA46WW/moc_MainWindow.cpp:553
#18 0x00005555555d8d38 in MainWindow::qt_metacall(QMetaObject::Call, int, void**) (this=0x555555f142a0, _c=QMetaObject::InvokeMetaMethod, _id=3, _a=0x7fffffffbff0) at src/mumble/mumble_autogen/EWIEGA46WW/moc_MainWindow.cpp:747
#19 0x00007ffff649b450 in doActivate<false>(QObject*, int, void**) (sender=0x5555562f6850, signal_index=4, argv=0x7fffffffbff0) at /usr/include/c++/9/bits/atomic_base.h:734
#20 0x00007ffff6495ebf in QMetaObject::activate(QObject*, QMetaObject const*, int, void**)
    (sender=sender@entry=0x5555562f6850, m=m@entry=0x7ffff7e4c360 <QAction::staticMetaObject>, local_signal_index=local_signal_index@entry=1, argv=argv@entry=0x7fffffffbff0) at kernel/qobject.cpp:3930
#21 0x00007ffff7945ad2 in QAction::triggered(bool) (this=this@entry=0x5555562f6850, _t1=<optimized out>) at .moc/moc_qaction.cpp:381
#22 0x00007ffff79480f8 in QAction::activate(QAction::ActionEvent) (this=0x5555562f6850, event=<optimized out>) at kernel/qaction.cpp:1161
#23 0x00007ffff7acd1f2 in QMenuPrivate::activateCausedStack(QVector<QPointer<QWidget> > const&, QAction*, QAction::ActionEvent, bool)
    (this=this@entry=0x5555569ab9c0, causedStack=..., action=action@entry=0x5555562f6850, action_e=action_e@entry=QAction::Trigger, self=self@entry=true) at widgets/qmenu.cpp:1353
#24 0x00007ffff7ad486a in QMenuPrivate::activateAction(QAction*, QAction::ActionEvent, bool) (this=this@entry=0x5555569ab9c0, action=action@entry=0x5555562f6850, action_e=action_e@entry=QAction::Trigger, self=self@entry=true) at widgets/qmenu.cpp:1430
#25 0x00007ffff7ad5892 in QMenu::mouseReleaseEvent(QMouseEvent*) (this=0x5555568ed160, e=0x7fffffffc6d0) at widgets/qmenu.cpp:2910
#26 0x00007ffff798e5ce in QWidget::event(QEvent*) (this=this@entry=0x5555568ed160, event=event@entry=0x7fffffffc6d0) at kernel/qwidget.cpp:8677
#27 0x00007ffff7ad7e83 in QMenu::event(QEvent*) (this=0x5555568ed160, e=0x7fffffffc6d0) at widgets/qmenu.cpp:3032
#28 0x00007ffff794bccf in QApplicationPrivate::notify_helper(QObject*, QEvent*) (this=<optimized out>, receiver=0x5555568ed160, e=0x7fffffffc6d0) at kernel/qapplication.cpp:3685
#29 0x00007ffff7955063 in QApplication::notify(QObject*, QEvent*) () at kernel/qapplication.cpp:3129
#30 0x00007ffff6466d02 in QCoreApplication::notifyInternal2(QObject*, QEvent*) (receiver=0x5555568ed160, event=0x7fffffffc6d0) at ../../include/QtCore/../../src/corelib/kernel/qobject.h:153
#31 0x00007ffff7954143 in QApplicationPrivate::sendMouseEvent(QWidget*, QMouseEvent*, QWidget*, QWidget*, QWidget**, QPointer<QWidget>&, bool, bool)
    (receiver=0x5555568ed160, event=event@entry=0x7fffffffc6d0, alienWidget=0x0, nativeWidget=0x5555568ed160, buttonDown=buttonDown@entry=0x7ffff7e7b9a0 <qt_button_down>, lastMouseReceiver=..., spontaneous=true, onlyDispatchEnterLeave=false)
    at kernel/qapplication.cpp:2615
#32 0x00007ffff79a9f94 in QWidgetWindow::handleMouseEvent(QMouseEvent*) (this=0x555556dad540, event=0x7fffffffcb50) at /usr/include/c++/9/bits/atomic_base.h:413
#33 0x00007ffff79ac4d4 in QWidgetWindow::event(QEvent*) (event=0x7fffffffcb50, this=0x555556dad540) at kernel/qwidgetwindow.cpp:295
#34 QWidgetWindow::event(QEvent*) (this=0x555556dad540, event=0x7fffffffcb50) at kernel/qwidgetwindow.cpp:238
#35 0x00007ffff794bccf in QApplicationPrivate::notify_helper(QObject*, QEvent*) (this=<optimized out>, receiver=0x555556dad540, e=0x7fffffffcb50) at kernel/qapplication.cpp:3685
#36 0x00007ffff7954e10 in QApplication::notify(QObject*, QEvent*) () at kernel/qapplication.cpp:3431
#37 0x00007ffff6466d02 in QCoreApplication::notifyInternal2(QObject*, QEvent*) (receiver=0x555556dad540, event=0x7fffffffcb50) at ../../include/QtCore/../../src/corelib/kernel/qobject.h:153
#38 0x00007ffff682e213 in QGuiApplicationPrivate::processMouseEvent(QWindowSystemInterfacePrivate::MouseEvent*) (e=e@entry=0x5555568b54d0) at kernel/qguiapplication.cpp:2203
#39 0x00007ffff682f8a5 in QGuiApplicationPrivate::processWindowSystemEvent(QWindowSystemInterfacePrivate::WindowSystemEvent*) (e=0x5555568b54d0) at kernel/qguiapplication.cpp:1935
#40 0x00007ffff680860b in QWindowSystemInterface::sendWindowSystemEvents(QFlags<QEventLoop::ProcessEventsFlag>) (flags=flags@entry=...) at kernel/qwindowsysteminterface.cpp:1170
#41 0x00007ffff21e3d7a in xcbSourceDispatch(GSource*, GSourceFunc, gpointer) (source=<optimized out>) at qxcbeventdispatcher.cpp:105
#42 0x00007ffff556b60d in g_main_dispatch (context=0x7fffec005000) at ../../../glib/gmain.c:3309
#43 g_main_context_dispatch (context=context@entry=0x7fffec005000) at ../../../glib/gmain.c:3974
#44 0x00007ffff556b890 in g_main_context_iterate (context=context@entry=0x7fffec005000, block=block@entry=1, dispatch=dispatch@entry=1, self=<optimized out>) at ../../../glib/gmain.c:4047
#45 0x00007ffff556b91f in g_main_context_iteration (context=0x7fffec005000, may_block=may_block@entry=1) at ../../../glib/gmain.c:4108
#46 0x00007ffff64bd8ee in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) (this=0x555555efadf0, flags=...) at kernel/qeventdispatcher_glib.cpp:423
#47 0x00007ffff646589b in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) (this=this@entry=0x7fffffffcef0, flags=..., flags@entry=...) at ../../include/QtCore/../../src/corelib/global/qflags.h:136
#48 0x00007ffff646d672 in QCoreApplication::exec() () at ../../include/QtCore/../../src/corelib/global/qflags.h:118
#49 0x00005555555f2b16 in main(int, char**) (argc=1, argv=0x7fffffffded8) at ../src/mumble/main.cpp:610

[Krzmbrzl]

I can't reproduce either.

And the error trace of you @davidebeatrici is really weird, since

#4  0x0000555555685d3a in ConnectDialog::on_qcbFilter_currentIndexChanged(int) (this=0x555556774560, filterIndex=2) at ../src/mumble/ConnectDialog.cpp:1831

is https://github.com/mumble-voip/mumble/blob/180f44fbac23014d623adfcfe5d705e9b3b5f15e/src/mumble/ConnectDialog.cpp#L1831-L1833

(note that line 1831 is not the call to filterPublicServerList)

and

#3  0x0000555555682ed7 in ConnectDialog::filterPublicServerList() const (this=0x555556774560) at ../src/mumble/ConnectDialog.cpp:1522

is https://github.com/mumble-voip/mumble/blob/180f44fbac23014d623adfcfe5d705e9b3b5f15e/src/mumble/ConnectDialog.cpp#L1522

However the crash dump continues and complains about foreach, which happens only after this check.

@davidebeatrici are you sure you were running the latest master branch when this crash happened?

@trudnorx could you also provide a backtrace, please?

[trudnorx]

@trudnorx probably closed the client after the setting was set (causing it to be saved).

There was no setting set in the registry, though, and I had to delete mumble.lock and mumble.dmp to get it to stop crashing. How come? Is that another bug -- like the crash report system causes it to keep crashing infinitely too? Using Windows here, BTW.

Also, I'm running g7ba250a, which maybe is just a recent version, not necessarily the latest one -- sorry for any confusion.

[Popkornium18]

Deleting the .dmp file shouldn't be necessary, that's just dumped memory from the crash.

Does the crash happen when you use the latest commit?

[Krzmbrzl]

It seems like 7ba250a does not belong to any branch at all. I guess the actual commit would thus be e28855e9632fa3fb945e7eea4304c8b5e87ce86b

With that commit I can reproduce the crash.

my theory would thus be that you (@trudnorx) and @davidebeatrici were running the original version provided by @Popkornium18 which seems to contain this bug. However the respective file was patched shortly after by @TimMThomas and he seemed to have fixed the issue with his changes. This would also explain the weird line numbering in @davidebeatrici's backtrace.

Could you check out the latest master branch and see whether the issue persists @trudnorx?

[trudnorx]

Crash not happening with latest version!

[Krzmbrzl]

Perfect! :D

[davidebeatrici]

Confirmed, sorry for the confusion.

I built from my cmake branch without realizing the issue was fixed after last time it was rebased against master.