Bug 243375

Summary: [PATCH] KDevelop crashes since KGlobal is deleted after KZoneAllocator is freed due to wrong behavior of KateFactory. Fixed.
Product: [Applications] kate Reporter: Konstantin Savenkov <savenkov>
Component: partAssignee: KWrite Developers <kwrite-bugs-null>
Status: RESOLVED WORKSFORME    
Severity: crash CC: christoph, kde-windows, ps_ml
Priority: NOR Keywords: triaged
Version: SVN   
Target Milestone: ---   
Platform: Compiled Sources   
OS: All   
Latest Commit: Version Fixed In:
Sentry Crash Report:
Attachments: pathc to fix the problem

Description Konstantin Savenkov 2010-07-01 18:54:22 UTC 
Created attachment 48521 [details]
pathc to fix the problem

Version:           SVN (using Devel) 
OS:                All

I debug KDE apps under win32. Under win32, deleted pointers are set to 0xDDDDDDDD, revealing all double delete and call-after-delete bugs. This bus is one of them.

KateFactory calls KGlobal::incRef() (~KateFactory calls KGlobal::decRef()) to make KGlobal wait until KateFactory is deleted. However, KGlobal incorporates KateCmd, which rely on KZoneAllocator via one of its attributes (KCompletion).

The problem is that KZoneAllocator is deleted on QApplication exit, and KFactory is deleted via QT cleanup facility _after_ QApplication exited (and, thus, after KZoneAllocator is deleted). So, since KGlobal is deleted _after_ KateFactory, it crashes on its destructor, since KZoneAllocator is already freed.

To fix that, KateFactory is no longer make incRef/decRef of the KGlobal. The positive effect is that problem situation is solved: KGlobal is deleted before QApplication exit when KZoneAllocator is alive. Since KateFactory does not depent directly on existing KGlobal, I suppose there is no negative effect of this patch. 

Reproducible: Always

Steps to Reproduce:
Open KDevelop under win32 (emerged via kde-windows). Start new project, open some text file. Close Kdevelop.

Actual Results:  
Crash on KCompTree destructor

Expected Results:  
Smooth closing

Fixed, see attached patch.
Comment 1 Christoph Cullmann 2010-07-05 15:27:59 UTC 
SVN commit 1146191 by cullmann:

cullmann
    try to fix crash
    add inc/dec ref to buffer, remove it from factory
    fixes some unit test random errors, too

BUG: 243375


 M  +5 -0      document/katebuffer.cpp  
 M  +2 -4      utils/katefactory.cpp  


WebSVN link: http://websvn.kde.org/?view=rev&revision=1146191
Comment 2 Christoph Cullmann 2010-07-07 11:54:36 UTC 
SVN commit 1147040 by cullmann:

revert the fix for bug 243375
does crash kdevelop and kate much earlier, as editor is then freed if last document is closed :(
CCBUG: 243375



 M  +4 -2      katefactory.cpp  


WebSVN link: http://websvn.kde.org/?view=rev&revision=1147040
Comment 3 Patrick Spendrin 2011-07-05 23:06:37 UTC 
*** Bug 277025 has been marked as a duplicate of this bug. ***
Comment 4 Patrick Spendrin 2011-07-06 07:43:34 UTC 
reopened this bug report.
The problem persists and it seems as if the problem is not easily solveable in kate.
Comment 5 Christoph Cullmann 2012-10-27 14:10:18 UTC 
I would need a fixed patch then, I can't solve that on my own as I have no Windows development environment for Kate around.
Comment 6 Kevin Funk 2014-01-28 01:22:24 UTC 
Git commit 8beb63bcb08568eac8578844d7a1f4f44280f685 by Kevin Funk.
Committed on 11/12/2013 at 09:48.
Pushed by kfunk into branch 'master'.

Attempt to fix KZoneAllocator issue

kcompletion.p_h: Make the static KZoneAllocator member of KCompTreeNode
a shared pointer so external users can hold a reference to it.

kcompletion.cpp: Hold a reference to KCompTreeNode's KZoneAllocator
instance so we avoid deleting the KZoneAllocator too early. See attached
bug report for possible causes. (Hint: It crashes on Windows because
~KZoneAllocator is called to early.)

kallocator.cpp: Use printf instead of qDebug(), because this code path
code might be called very late during destruction and qDebug() will
crash deep inside Qt.

Also see discussion:
http://lists.kde.org/?l=kde-devel&m=138583383708455&w=1
Related: bug 327599
REVIEW: 114715

M  +5    -3    kdecore/util/kallocator.cpp
M  +4    -1    kdeui/util/kcompletion.cpp
M  +11   -3    kdeui/util/kcompletion_p.h

http://commits.kde.org/kdelibs/8beb63bcb08568eac8578844d7a1f4f44280f685
Comment 7 Kevin Funk 2014-01-28 01:42:04 UTC 
Git commit d10d52e0cc6b57f01dbe92a11eea94d0b12aa166 by Kevin Funk.
Committed on 28/01/2014 at 01:38.
Pushed by kfunk into branch 'master'.

Attempt to fix KZoneAllocator issue

kcompletion.p_h: Make the static KZoneAllocator member of KCompTreeNode
a shared pointer so external users can hold a reference to it.

kcompletion.cpp: Hold a reference to KCompTreeNode's KZoneAllocator
instance so we avoid deleting the KZoneAllocator too early. See attached
bug report for possible causes. (Hint: It crashes on Windows because
~KZoneAllocator is called to early.)

kallocator.cpp: Use printf instead of qDebug(), because this code path
code might be called very late during destruction and qDebug() will
crash deep inside Qt.

Also see discussion:
http://lists.kde.org/?l=kde-devel&m=138583383708455&w=1
Related: bug 327599
REVIEW: 114715

M  +4    -1    src/kcompletion.cpp
M  +11   -3    src/kcompletion_p.h
M  +5    -2    src/kzoneallocator.cpp

http://commits.kde.org/kcompletion/d10d52e0cc6b57f01dbe92a11eea94d0b12aa166
Comment 8 Albert Astals Cid 2014-02-10 19:37:32 UTC 
Git commit c34045e2a2263865c825927de44c51faf5926132 by Albert Astals Cid, on behalf of Kevin Funk.
Committed on 11/12/2013 at 09:48.
Pushed by aacid into branch 'KDE/4.12'.

Attempt to fix KZoneAllocator issue

kcompletion.p_h: Make the static KZoneAllocator member of KCompTreeNode
a shared pointer so external users can hold a reference to it.

kcompletion.cpp: Hold a reference to KCompTreeNode's KZoneAllocator
instance so we avoid deleting the KZoneAllocator too early. See attached
bug report for possible causes. (Hint: It crashes on Windows because
~KZoneAllocator is called to early.)

kallocator.cpp: Use printf instead of qDebug(), because this code path
code might be called very late during destruction and qDebug() will
crash deep inside Qt.

Also see discussion:
http://lists.kde.org/?l=kde-devel&m=138583383708455&w=1
Related: bug 327599
REVIEW: 114715

M  +5    -3    kdecore/util/kallocator.cpp
M  +4    -1    kdeui/util/kcompletion.cpp
M  +11   -3    kdeui/util/kcompletion_p.h

http://commits.kde.org/kdelibs/c34045e2a2263865c825927de44c51faf5926132
Comment 9 Andrew Crouthamel 2018-09-25 03:32:01 UTC 
Dear Bug Submitter,

This bug has been in NEEDSINFO status with no change for at least 15 days. Please provide the requested information as soon as possible and set the bug status as REPORTED. Due to regular bug tracker maintenance, if the bug is still in NEEDSINFO status with no change in 30 days, the bug will be closed as RESOLVED > WORKSFORME due to lack of needed information.

For more information about our bug triaging procedures please read the wiki located here: https://community.kde.org/Guidelines_and_HOWTOs/Bug_triaging

If you have already provided the requested information, please set the bug status as REPORTED so that the KDE team knows that the bug is ready to be confirmed.

Thank you for helping us make KDE software even better for everyone!
Comment 10 Andrew Crouthamel 2018-10-27 03:56:12 UTC 
Dear Bug Submitter,

This bug has been in NEEDSINFO status with no change for at least 30 days. The bug is now closed as RESOLVED > WORKSFORME due to lack of needed information.

For more information about our bug triaging procedures please read the wiki located here: https://community.kde.org/Guidelines_and_HOWTOs/Bug_triaging

Thank you for helping us make KDE software even better for everyone!