Bug 243274

Summary: Screen lock crashes after successful password entry
Product: [Unmaintained] kscreensaver Reporter: Christopher Neufeld <kdebugs>
Component: lockerAssignee: kscreensaver bugs tracking <kscreensaver-bugs-null>
Status: RESOLVED DUPLICATE    
Severity: crash CC: mail
Priority: NOR    
Version: 2.0   
Target Milestone: ---   
Platform: Compiled Sources   
OS: Linux   
Latest Commit: Version Fixed In:
Sentry Crash Report:

Description Christopher Neufeld 2010-06-30 20:09:23 UTC
Application: kscreenlocker (2.0)
KDE Platform Version: 4.5.60 (KDE 4.5.60 (KDE 4.6 >= 20100627)) (Compiled from sources)
Qt Version: 4.6.3
Operating System: Linux 2.6.34 x86_64

-- Information about the crash:
I locked my session.  Later I unlocked it, supplying my login password.  A crash report was generated as control was returned to me.

Screen saver is set simply to blank the screen.  No graphics.

The crash can be reproduced every time.

-- Backtrace:
Application: KDE Screen Locker (kscreenlocker), signal: Segmentation fault
82	T_PSEUDO (SYSCALL_SYMBOL, SYSCALL_NAME, SYSCALL_NARGS)
[Current thread is 1 (Thread 0x7fa2c524e740 (LWP 16498))]

Thread 2 (Thread 0x7fa2b3c2f710 (LWP 16499)):
#0  __lll_lock_wait_private () at ../nptl/sysdeps/unix/sysv/linux/x86_64/lowlevellock.S:97
#1  0x00007fa2c1191ab7 in _L_lock_10956 () from /lib64/libc.so.6
#2  0x00007fa2c118ff61 in *__GI___libc_free (mem=0x7fa2c1469e60) at malloc.c:3736
#3  0x00007fa2c2f244de in ~QEventDispatcherGlib (this=0x77db40, __in_chrg=<value optimized out>) at kernel/qeventdispatcher_glib.cpp:389
#4  0x00007fa2c2e00424 in QThreadPrivate::finish (arg=<value optimized out>) at thread/qthread_unix.cpp:284
#5  0x00007fa2c2e00afd in ~__pthread_cleanup_class (arg=0x7fa2c321a4a0) at /usr/include/pthread.h:533
#6  QThreadPrivate::start (arg=0x7fa2c321a4a0) at thread/qthread_unix.cpp:253
#7  0x00007fa2c2b67427 in start_thread (arg=<value optimized out>) at pthread_create.c:297
#8  0x00007fa2c11e75ed in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:115

Thread 1 (Thread 0x7fa2c524e740 (LWP 16498)):
[KCrash Handler]
#6  malloc_consolidate (av=0x7fa2c1469e60) at malloc.c:5136
#7  0x00007fa2c118d0f9 in _int_free (av=0x7fa2c1469e60, p=0x9dcb50) at malloc.c:5015
#8  0x00007fa2c118ff6c in *__GI___libc_free (mem=<value optimized out>) at malloc.c:3738
#9  0x00007fa2c4582c73 in _XimLocalIMFree () from /usr/X11R7/lib64/libX11.so.6
#10 0x00007fa2c45838cd in _XimLocalCloseIM () from /usr/X11R7/lib64/libX11.so.6
#11 0x00007fa2c4570c50 in XCloseIM () from /usr/X11R7/lib64/libX11.so.6
#12 0x00007fa2c23e6aed in ~QXIMInputContext (this=0x96b240, __in_chrg=<value optimized out>) at inputmethod/qximinputcontext_x11.cpp:500
#13 0x00007fa2c1e689ac in qt_cleanup () at kernel/qapplication_x11.cpp:2617
#14 0x00007fa2c1df6e47 in ~QApplication (this=0x7fffaec4aa60, __in_chrg=<value optimized out>) at kernel/qapplication.cpp:1086
#15 0x00007fa2c4aab69f in ~KApplication (this=0x7fffaec4aa60, __in_chrg=<value optimized out>) at /home/neufeld/newX/kde/HEAD/kdelibs/kdeui/kernel/kapplication.cpp:907
#16 0x0000000000426a85 in ~MyApp (this=0x7fffaec4aa60, __in_chrg=<value optimized out>) at /home/neufeld/newX/kde/HEAD/kdebase/workspace/krunner/lock/main.h:27
#17 0x00000000004242c6 in main (argc=2, argv=0x7fffaec4aec8) at /home/neufeld/newX/kde/HEAD/kdebase/workspace/krunner/lock/main.cc:173

Reported using DrKonqi
Comment 1 Christopher Neufeld 2010-06-30 20:12:20 UTC
Further information:  it (fortunately) does not crash if the incorrect password is presented.  I'm running svn revision 1144362 compiled from sources.
Comment 2 Christopher Neufeld 2010-07-07 22:03:19 UTC
Still happening with svn revision 1147152.  I notice that a core dump is also usually delivered after the screen-saver comes on, even without screen locking.
Comment 3 George Kiagiadakis 2010-08-02 23:07:29 UTC
I can confirm that. I'm actually running kdebase-workspace 4.4.5 with kdelibs 4.5.0 and I can reproduce it reliably, so the bug must be in kdelibs. I also tried with kscreenlocker from 4.5.0 once but I got the same results. In addition, I once got a very similar crash from kglobalaccel during logout.
Comment 4 George Kiagiadakis 2010-08-02 23:16:25 UTC
Here's my backtrace:


Application: KDE Screen Locker (kscreenlocker), signal: Segmentation fault
[Current thread is 1 (Thread 0x7fda82fa7780 (LWP 7735))]

Thread 2 (Thread 0x7fda723aa710 (LWP 7736)):
#0  0x00007fda7fd008b3 in select () at ../sysdeps/unix/syscall-template.S:82
#1  0x00007fda80401e2d in QProcessManager::run (this=0x7fda8073d920) at io/qprocess_unix.cpp:245
#2  0x00007fda80336e35 in QThreadPrivate::start (arg=0x7fda8073d920) at thread/qthread_unix.cpp:248
#3  0x00007fda7de738ba in start_thread (arg=<value optimized out>) at pthread_create.c:300
#4  0x00007fda7fd0701d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:112
#5  0x0000000000000000 in ?? ()

Thread 1 (Thread 0x7fda82fa7780 (LWP 7735)):
[KCrash Handler]
#6  malloc_consolidate (av=0x7fda7ff94e40) at malloc.c:5139
#7  0x00007fda7fcab458 in _int_free (av=0x7fda7ff94e40, p=0x207f710) at malloc.c:5018
#8  0x00007fda7fcae88c in *__GI___libc_free (mem=<value optimized out>) at malloc.c:3739
#9  0x00007fda80397729 in Free_MarkMarkPos (st=0x20464f0, lookup_type=0) at ../3rdparty/harfbuzz/src/harfbuzz-gpos.c:2904
#10 _HB_GPOS_Free_SubTable (st=0x20464f0, lookup_type=0) at ../3rdparty/harfbuzz/src/harfbuzz-gpos.c:5824
#11 0x00007fda8039ed34 in Free_SubTable (l=0x203fa20, type=HB_Type_GPOS) at ../3rdparty/harfbuzz/src/harfbuzz-open.c:469
#12 Free_Lookup (l=0x203fa20, type=HB_Type_GPOS) at ../3rdparty/harfbuzz/src/harfbuzz-open.c:568
#13 0x00007fda8039edc6 in _HB_OPEN_Free_LookupList (ll=<value optimized out>, type=HB_Type_GPOS) at ../3rdparty/harfbuzz/src/harfbuzz-open.c:655
#14 0x00007fda8039d072 in HB_Done_GPOS_Table (gpos=0x204cc20) at ../3rdparty/harfbuzz/src/harfbuzz-gpos.c:175
#15 0x00007fda803a5657 in HB_FreeFace (face=0x204dde0) at ../3rdparty/harfbuzz/src/harfbuzz-shaper.cpp:1028
#16 0x00007fda8137ada1 in QFreetypeFace::release (this=0x206de40, face_id=...) at text/qfontengine_ft.cpp:311
#17 0x00007fda8137c43f in ~QFontEngineFT (this=0x20692c0, __in_chrg=<value optimized out>) at text/qfontengine_ft.cpp:637
#18 0x00007fda81372573 in ~QFontEngineX11FT (this=0x20692c0, __in_chrg=<value optimized out>) at text/qfontengine_x11.cpp:1123
#19 0x00007fda812b8c97 in ~QFontEngineMulti (this=0x203ac20, __in_chrg=<value optimized out>) at text/qfontengine.cpp:1278
#20 0x00007fda813776d4 in ~QFontEngineMultiFT (this=0x203ac20, __in_chrg=<value optimized out>) at text/qfontengine_x11.cpp:902
#21 0x00007fda812ac402 in QFontCache::clear (this=0x2004af0) at text/qfont.cpp:2691
#22 0x00007fda812b234a in ~QFontCache (this=0x7fda7ff94e40, __in_chrg=<value optimized out>) at text/qfont.cpp:2631
#23 0x00007fda80335c32 in QThreadStorageData::set (this=<value optimized out>, p=0x0) at thread/qthreadstorage.cpp:148
#24 0x00007fda81108aca in qt_cleanup () at kernel/qapplication_x11.cpp:2593
#25 0x00007fda8109a829 in ~QApplication (this=0x7fff7481db30, __in_chrg=<value optimized out>) at kernel/qapplication.cpp:1086
#26 0x000000000041def5 in ~MyApp (argc=<value optimized out>, argv=<value optimized out>) at ../../../krunner/lock/main.h:27
#27 main (argc=<value optimized out>, argv=<value optimized out>) at ../../../krunner/lock/main.cc:173
Comment 5 George Kiagiadakis 2010-08-02 23:45:33 UTC
And here's another one that I just hit:


Application: KDE Screen Locker (kscreenlocker), signal: Aborted
[Current thread is 1 (Thread 0x7ff0c0da9780 (LWP 29304))]

Thread 2 (Thread 0x7ff0b01ac710 (LWP 29532)):
#0  __lll_lock_wait_private () at ../nptl/sysdeps/unix/sysv/linux/x86_64/lowlevellock.S:97
#1  0x00007ff0bdab2498 in _L_lock_9590 () from /lib/libc.so.6
#2  0x00007ff0bdab0881 in *__GI___libc_free (mem=0x7ff0bdd96e40) at malloc.c:3737
#3  0x00007ff0bb582fba in ?? () from /lib/libglib-2.0.so.0
#4  0x00007ff0be2521f3 in ~QEventDispatcherGlib (this=0x18d8680, __in_chrg=<value optimized out>) at kernel/qeventdispatcher_glib.cpp:366
#5  0x00007ff0be138a24 in QThreadPrivate::finish (arg=<value optimized out>) at thread/qthread_unix.cpp:284
#6  0x00007ff0be138e3d in ~__pthread_cleanup_class (arg=0x7ff0be53f920) at /usr/include/pthread.h:535
#7  QThreadPrivate::start (arg=0x7ff0be53f920) at thread/qthread_unix.cpp:253
#8  0x00007ff0bbc758ba in start_thread (arg=<value optimized out>) at pthread_create.c:300
#9  0x00007ff0bdb0901d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:112
#10 0x0000000000000000 in ?? ()

Thread 1 (Thread 0x7ff0c0da9780 (LWP 29304)):
[KCrash Handler]
#6  0x00007ff0bda6c175 in *__GI_raise (sig=<value optimized out>) at ../nptl/sysdeps/unix/sysv/linux/raise.c:64
#7  0x00007ff0bda6ef80 in *__GI_abort () at abort.c:92
#8  0x00007ff0bdaa22bb in __libc_message (do_abort=<value optimized out>, fmt=<value optimized out>) at ../sysdeps/unix/sysv/linux/libc_fatal.c:189
#9  0x00007ff0bdaabb16 in malloc_printerr (action=3, str=0x7ff0bdb62d08 "malloc(): memory corruption (fast)", ptr=<value optimized out>) at malloc.c:6267
#10 0x00007ff0bdaaf42d in _int_malloc (av=0x7ff0bdd96e40, bytes=<value optimized out>) at malloc.c:4309
#11 0x00007ff0bdab0970 in *__GI___libc_malloc (bytes=16) at malloc.c:3661
#12 0x00007ff0bc8b1024 in ?? () from /usr/lib/libxcb.so.1
#13 0x00007ff0bc8af973 in ?? () from /usr/lib/libxcb.so.1
#14 0x00007ff0bc8b1c0c in xcb_wait_for_reply () from /usr/lib/libxcb.so.1
#15 0x00007ff0c004d804 in _XReply () from /usr/lib/libX11.so.6
#16 0x00007ff0c002abb3 in XGetSelectionOwner () from /usr/lib/libX11.so.6
#17 0x00007ff0bef1c5c4 in QClipboard::event (this=0x17d6d70, e=<value optimized out>) at kernel/qclipboard_x11.cpp:928
#18 0x00007ff0bee8f32c in QApplicationPrivate::notify_helper (this=0x17d6dc0, receiver=0x17d6d70, e=0x7fffef88e5e0) at kernel/qapplication.cpp:4302
#19 0x00007ff0bee9580b in QApplication::notify (this=0x7fffef88e7f0, receiver=0x17d6d70, e=0x7fffef88e5e0) at kernel/qapplication.cpp:4185
#20 0x00007ff0be22815c in QCoreApplication::notifyInternal (this=0x7fffef88e7f0, receiver=0x17d6d70, event=0x7fffef88e5e0) at kernel/qcoreapplication.cpp:726
#21 0x00007ff0bee9c4bb in QCoreApplication::sendEvent (this=0x7fffef88e7f0, __in_chrg=<value optimized out>) at ../../include/QtCore/../../src/corelib/kernel/qcoreapplication.h:215
#22 ~QApplication (this=0x7fffef88e7f0, __in_chrg=<value optimized out>) at kernel/qapplication.cpp:1013
#23 0x000000000041def5 in ~MyApp (argc=<value optimized out>, argv=<value optimized out>) at ../../../krunner/lock/main.h:27
#24 main (argc=<value optimized out>, argv=<value optimized out>) at ../../../krunner/lock/main.cc:173
Comment 6 George Kiagiadakis 2010-08-03 01:10:54 UTC
And the crash I got from kglobalaccel:


Application: KDE Global Shortcuts Service (kglobalaccel), signal: Segmentation fault
[KCrash Handler]
#6  malloc_consolidate (av=0x7f6cc849fe40) at malloc.c:5139
#7  0x00007f6cc81b6458 in _int_free (av=0x7f6cc849fe40, p=0x22fdea0) at malloc.c:5018
#8  0x00007f6cc81b988c in *__GI___libc_free (mem=<value optimized out>) at malloc.c:3739
#9  0x00007f6cc61cf946 in ~QByteArray (this=<value optimized out>, x=0x2240380) at /usr/include/qt4/QtCore/qbytearray.h:382
#10 ~KEntry (this=<value optimized out>, x=0x2240380) at ../../kdecore/config/kconfigdata.h:36
#11 QMap<KEntryKey, KEntry>::freeData (this=<value optimized out>, x=0x2240380) at /usr/include/qt4/QtCore/qmap.h:626
#12 0x00007f6cc61d022b in KConfigPrivate::~KConfigPrivate() () from /usr/lib/libkdecore.so.5
#13 0x00007f6cc61ca933 in ~KConfig (this=0x2244ea8, __in_chrg=<value optimized out>) at ../../kdecore/config/kconfig.cpp:195
#14 0x00007f6cc84b4a09 in ~GlobalShortcutsRegistry (this=0x2244e80, __in_chrg=<value optimized out>) at ../../kglobalaccel/globalshortcutsregistry.cpp:66
#15 0x00007f6cc81795f2 in __run_exit_handlers (status=0, listp=0x7f6cc849e4a8, run_list_atexit=true) at exit.c:78
#16 0x00007f6cc8179645 in *__GI_exit (status=-934674880) at exit.c:100
#17 0x00007f6cc8161c54 in __libc_start_main (main=<value optimized out>, argc=<value optimized out>, ubp_av=<value optimized out>, init=<value optimized out>, fini=<value optimized out>, 
    rtld_fini=<value optimized out>, stack_end=0x7fff657e6108) at libc-start.c:260
#18 0x00000000004006b9 in _start ()
Comment 7 Oswald Buddenhagen 2010-08-03 09:56:54 UTC

*** This bug has been marked as a duplicate of bug 243067 ***