Bug 243067

Summary: Unlock results in crash after suspend
Product: kscreensaver Reporter: Bernhard Jungk <fire>
Component: lockerAssignee: kscreensaver bugs tracking <kscreensaver-bugs-null>
Status: RESOLVED DUPLICATE    
Severity: crash CC: arekm, hobbyblobby, kdebugs, mail, onizuka92, paulo.miguel.dias, rct+bugs
Priority: NOR    
Version: 2.0   
Target Milestone: ---   
Platform: Ubuntu   
OS: Linux   
Latest Commit: Version Fixed In:
Attachments: New crash information added by DrKonqi

Description Bernhard Jungk 2010-06-28 19:44:02 UTC
Application: kscreenlocker (2.0)
KDE Platform Version: 4.4.90 (KDE 4.4.90 (KDE 4.5 RC1))
Qt Version: 4.7.0
Operating System: Linux 2.6.32-23-generic x86_64
Distribution: Ubuntu 10.04 LTS

-- Information about the crash:
- What I was doing when the application crashed:

When unlocking the screen kscreenlocker sometimes crashes, after unlocking the screen successfully.

The crash can be reproduced some of the time.

-- Backtrace:
Application: KDE Screen Locker (kscreenlocker), signal: Segmentation fault
[Current thread is 1 (Thread 0x7ff20e1b27a0 (LWP 8641))]

Thread 3 (Thread 0x7ff1fc311710 (LWP 8706)):
#0  __lll_lock_wait_private () at ../nptl/sysdeps/unix/sysv/linux/x86_64/lowlevellock.S:97
#1  0x00007ff20ae3d3ac in _L_lock_12430 () from /lib/libc.so.6
#2  0x00007ff20ae3be48 in *__GI___libc_free (mem=0x7ff20b13ce40) at malloc.c:3736
#3  0x00007ff20e1bda6b in ?? () from /usr/lib/nvidia-current/tls/libnvidia-tls.so.1
#4  0x00007ff2061031ba in g_source_unref_internal (source=0xe13d00, context=0xe14220, have_lock=0) at /build/buildd/glib2.0-2.24.1/glib/gmain.c:1339
#5  0x00007ff20c4da4f3 in ~QEventDispatcherGlib (this=0xe14100, __in_chrg=<value optimized out>) at kernel/qeventdispatcher_glib.cpp:366
#6  0x00007ff20c3ba994 in QThreadPrivate::finish (arg=<value optimized out>) at thread/qthread_unix.cpp:302
#7  0x00007ff20c3bb156 in ~__pthread_cleanup_class (arg=0x7ff20c7def40) at /usr/include/pthread.h:535
#8  QThreadPrivate::start (arg=0x7ff20c7def40) at thread/qthread_unix.cpp:271
#9  0x00007ff20c1299ca in start_thread (arg=<value optimized out>) at pthread_create.c:300
#10 0x00007ff20aea46fd in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:112
#11 0x0000000000000000 in ?? ()

Thread 2 (Thread 0x7ff1f8c9f710 (LWP 9641)):
#0  __lll_lock_wait_private () at ../nptl/sysdeps/unix/sysv/linux/x86_64/lowlevellock.S:97
#1  0x00007ff20ae3d3ac in _L_lock_12430 () from /lib/libc.so.6
#2  0x00007ff20ae3be48 in *__GI___libc_free (mem=0x7ff20b13ce40) at malloc.c:3736
#3  0x00007ff20e1bda6b in ?? () from /usr/lib/nvidia-current/tls/libnvidia-tls.so.1
#4  0x00007ff20c4d9de1 in socketNotifierSourceCheck (source=<value optimized out>) at kernel/qeventdispatcher_glib.cpp:92
#5  0x00007ff206106b0a in IA__g_main_context_check (context=0xecc250, max_priority=2147483647, fds=<value optimized out>, n_fds=-1) at /build/buildd/glib2.0-2.24.1/glib/gmain.c:2469
#6  0x00007ff2061074c3 in g_main_context_iterate (context=0xecc250, block=<value optimized out>, dispatch=<value optimized out>, self=<value optimized out>)
    at /build/buildd/glib2.0-2.24.1/glib/gmain.c:2588
#7  0x00007ff2061078fc in IA__g_main_context_iteration (context=0xecc250, may_block=1) at /build/buildd/glib2.0-2.24.1/glib/gmain.c:2654
#8  0x00007ff20c4d9973 in QEventDispatcherGlib::processEvents (this=0xe1c200, flags=<value optimized out>) at kernel/qeventdispatcher_glib.cpp:412
#9  0x00007ff20c4ac5b2 in QEventLoop::processEvents (this=<value optimized out>, flags=) at kernel/qeventloop.cpp:149
#10 0x00007ff20c4ac98c in QEventLoop::exec (this=0x7ff1f8c9ed70, flags=) at kernel/qeventloop.cpp:201
#11 0x00007ff20c3b81cd in QThread::exec (this=<value optimized out>) at thread/qthread.cpp:490
#12 0x00007ff20c48c4d8 in QInotifyFileSystemWatcherEngine::run (this=0xf51720) at io/qfilesystemwatcher_inotify.cpp:248
#13 0x00007ff20c3bb14e in QThreadPrivate::start (arg=0xf51720) at thread/qthread_unix.cpp:266
#14 0x00007ff20c1299ca in start_thread (arg=<value optimized out>) at pthread_create.c:300
#15 0x00007ff20aea46fd in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:112
#16 0x0000000000000000 in ?? ()

Thread 1 (Thread 0x7ff20e1b27a0 (LWP 8641)):
[KCrash Handler]
#6  malloc_consolidate (av=0x7ff20b13ce40) at malloc.c:5136
#7  0x00007ff20ae38460 in _int_free (av=0x7ff20b13ce40, p=0xf53af0) at malloc.c:5015
#8  0x00007ff20ae3be53 in *__GI___libc_free (mem=<value optimized out>) at malloc.c:3738
#9  0x00007ff20e1bda6b in ?? () from /usr/lib/nvidia-current/tls/libnvidia-tls.so.1
#10 0x00007ff20c41d119 in Free_MarkMarkPos (st=0xe58b20, lookup_type=0) at ../3rdparty/harfbuzz/src/harfbuzz-gpos.c:2904
#11 _HB_GPOS_Free_SubTable (st=0xe58b20, lookup_type=0) at ../3rdparty/harfbuzz/src/harfbuzz-gpos.c:5824
#12 0x00007ff20c424724 in Free_SubTable (l=0xe440c0, type=HB_Type_GPOS) at ../3rdparty/harfbuzz/src/harfbuzz-open.c:469
#13 Free_Lookup (l=0xe440c0, type=HB_Type_GPOS) at ../3rdparty/harfbuzz/src/harfbuzz-open.c:568
#14 0x00007ff20c4247b6 in _HB_OPEN_Free_LookupList (ll=<value optimized out>, type=HB_Type_GPOS) at ../3rdparty/harfbuzz/src/harfbuzz-open.c:655
#15 0x00007ff20c422a62 in HB_Done_GPOS_Table (gpos=0xe96f70) at ../3rdparty/harfbuzz/src/harfbuzz-gpos.c:175
#16 0x00007ff20c426347 in HB_FreeFace (face=0xe54500) at ../3rdparty/harfbuzz/src/harfbuzz-shaper.cpp:1028
#17 0x00007ff20b91cd91 in QFreetypeFace::release (this=0xf41190, face_id=...) at text/qfontengine_ft.cpp:316
#18 0x00007ff20b920e5f in ~QFontEngineFT (this=0xf3bfb0, __in_chrg=<value optimized out>) at text/qfontengine_ft.cpp:643
#19 0x00007ff20b914513 in ~QFontEngineX11FT (this=0xf3bfb0, __in_chrg=<value optimized out>) at text/qfontengine_x11.cpp:1126
#20 0x00007ff20b856737 in ~QFontEngineMulti (this=0xe59f70, __in_chrg=<value optimized out>) at text/qfontengine.cpp:1282
#21 0x00007ff20b9198ba in ~QFontEngineMultiFT (this=0xe59f70, __in_chrg=<value optimized out>) at text/qfontengine_x11.cpp:902
#22 0x00007ff20b84b352 in QFontCache::clear (this=0xe28c30) at text/qfont.cpp:2695
#23 0x00007ff20b84fe9a in ~QFontCache (this=0x7ff20b13ce40, __in_chrg=<value optimized out>) at text/qfont.cpp:2635
#24 0x00007ff20c3b9af2 in QThreadStorageData::set (this=<value optimized out>, p=0x0) at thread/qthreadstorage.cpp:148
#25 0x00007ff20b69669a in qt_cleanup () at kernel/qapplication_x11.cpp:2596
#26 0x00007ff20b6273a7 in ~QApplication (this=0x7fff2b0018f0, __in_chrg=<value optimized out>) at kernel/qapplication.cpp:1110
#27 0x000000000041f9c5 in ~MyApp (argc=<value optimized out>, argv=<value optimized out>) at ../../../krunner/lock/main.h:27
#28 main (argc=<value optimized out>, argv=<value optimized out>) at ../../../krunner/lock/main.cc:173

Reported using DrKonqi
Comment 1 Nicolas L. 2010-07-08 09:21:27 UTC
*** Bug 243073 has been marked as a duplicate of this bug. ***
Comment 2 Nicolas L. 2010-07-08 09:21:32 UTC
*** Bug 243917 has been marked as a duplicate of this bug. ***
Comment 3 Felix Lemke 2010-07-20 16:50:15 UTC
Created attachment 49339 [details]
New crash information added by DrKonqi

kscreenlocker (2.0) on KDE Platform 4.4.93 (KDE 4.4.93 (KDE 4.5 >= 20100713)) using Qt 4.6.3

- What I was doing when the application crashed: suspend to ram -> resume -> unlock my screen. Application crashed after successful unlocking

-- Backtrace (Reduced):
#9  0x00007ff90105eec9 in Free_MarkMarkPos (st=0xa00730, lookup_type=<value optimized out>) at ../3rdparty/harfbuzz/src/harfbuzz-gpos.c:2904
#10 _HB_GPOS_Free_SubTable (st=0xa00730, lookup_type=<value optimized out>) at ../3rdparty/harfbuzz/src/harfbuzz-gpos.c:5824
#11 0x00007ff90105f8c4 in Free_SubTable (l=0x96e230, type=HB_Type_GPOS) at ../3rdparty/harfbuzz/src/harfbuzz-open.c:469
#12 Free_Lookup (l=0x96e230, type=HB_Type_GPOS) at ../3rdparty/harfbuzz/src/harfbuzz-open.c:568
#13 0x00007ff9010607c6 in _HB_OPEN_Free_LookupList (ll=<value optimized out>, type=HB_Type_GPOS) at ../3rdparty/harfbuzz/src/harfbuzz-open.c:655
Comment 4 Oswald Buddenhagen 2010-08-03 09:56:54 UTC
*** Bug 243274 has been marked as a duplicate of this bug. ***
Comment 5 Oswald Buddenhagen 2010-08-03 09:59:55 UTC
these crashes are pretty obviously a result of memory corruption. as such a valgrind/memcheck trace would be more useful than the backtraces.
Comment 6 George Kiagiadakis 2010-08-19 23:18:33 UTC
After doing some debugging with valgrind today, I found the root cause of this issue. It is the same issue as in bug 243540. Just adding the patch from that bug to the kdelibs source tree that I used to build my 4.5.0 packages and rebuilding fixes this memory corruption for me.

Note that this bug has been fixed in the 4.5 branch a bit after the first set of 4.5.0 tarballs were given to the packagers, however the 4.5.0 tarballs were re-done at a later point, so the "official" 4.5.0 released by KDE does not have this bug. If some distributions still have this bug in 4.5.0, this means that they ship kdelibs 4.5.0 from the pre-release tarball.

*** This bug has been marked as a duplicate of bug 243540 ***