Bug 301456

Summary: crash in KWin::TabGroup::contains
Product: [Plasma] kwin Reporter: Jaime Torres <jtamate>
Component: window-tabbingAssignee: KWin default assignee <kwin-bugs-null>
Status: RESOLVED FIXED    
Severity: crash Flags: thomas.luebking: ReviewRequest+
Priority: NOR    
Version: git master   
Target Milestone: ---   
Platform: Compiled Sources   
OS: Linux   
Latest Commit: http://commits.kde.org/kde-workspace/75c4d09d66c41be226313ee19e05c95ba5e291b4 Version Fixed In: 4.9
Sentry Crash Report:

Description Jaime Torres 2012-06-08 16:01:31 UTC 
Application: kwin (4.8.3 (4.8.3))
KDE Platform Version: 4.8.3 (4.8.3) (Compiled from sources)
Qt Version: 4.8.2
Operating System: Linux 3.4.0-rc6-1-desktop x86_64
Distribution: "openSUSE 12.2 Beta 1 (x86_64)"

-- Information about the crash:
As far as I know, I'm using git HEAD, just compiled today.

- What I was doing when the application crashed:

I was just closing okular errors windows not finding temporary pdfs.
After clicking in one okular error window, I just pressed alt-tab, and crash.

This is what I see in .xsession-errors
share/apps/kwin/tabbox/present_windows/contents/ui/main.qml:98:13: QML Item: Binding loop detected for property "height"

-- Backtrace:
Application: KWin (kwin), signal: Segmentation fault
[KCrash Handler]
#6  QListData::begin (this=0x404f800000000000) at /usr/lib/qt4.5/include/QtCore/qlist.h:101
#7  0x00007f711de06913 in QList<KWin::Client*>::contains (this=0x404f800000000000, t=@0x7fff1b963b58) at /usr/lib/qt4.5/include/QtCore/qlist.h:882
#8  0x00007f711de1d5f8 in KWin::TabGroup::contains (this=<optimized out>, c=0x7fff1b963b58) at /g/kdegit/kde-workspace/kwin/tabgroup.h:172
#9  0x00007f711de1cf39 in KWin::TabGroup::add (this=0x404f800000000000, c=0x7f7108303000, other=0x7f7108301c00, after=true, becomeVisible=true) at /g/kdegit/kde-workspace/kwin/tabgroup.cpp:65
#10 0x00007f711de1361b in KWin::Client::tabTo (this=<optimized out>, other=0x7f7108301c00, behind=true, activate=true) at /g/kdegit/kde-workspace/kwin/client.cpp:1930
#11 0x00007f711de453fc in KWin::Client::manage (this=<optimized out>, w=<optimized out>, isMapped=false) at /g/kdegit/kde-workspace/kwin/manage.cpp:316
#12 0x00007f711ddfdc25 in KWin::Workspace::createClient (this=0x7f71082fa900, w=67108887, is_mapped=false) at /g/kdegit/kde-workspace/kwin/workspace.cpp:567
#13 0x00007f711de3463d in KWin::Workspace::workspaceEvent (this=0x7f71082fa900, e=0x7fff1b964700) at /g/kdegit/kde-workspace/kwin/events.cpp:359
#14 0x00007f711de28701 in KWin::Application::x11EventFilter (this=0x7fff1b964bd0, e=0x7fff1b964700) at /g/kdegit/kde-workspace/kwin/main.cpp:362
#15 0x00007f71182503f4 in qt_x11EventFilter (ev=0x7fff1b964700) at /g/kdegit/qt/src/gui/kernel/qapplication_x11.cpp:435
#16 qt_x11EventFilter (ev=0x7fff1b964700) at /g/kdegit/qt/src/gui/kernel/qapplication_x11.cpp:423
#17 0x00007f711825ebf3 in QApplication::x11ProcessEvent (this=0x7fff1b964bd0, event=0x7fff1b964700) at /g/kdegit/qt/src/gui/kernel/qapplication_x11.cpp:3337
#18 0x00007f7118287467 in QEventDispatcherX11::processEvents (this=0x7f71080311e0, flags=...) at /g/kdegit/qt/src/gui/kernel/qeventdispatcher_x11.cpp:132
#19 0x00007f711917e20f in QEventLoop::processEvents (this=<optimized out>, flags=...) at /g/kdegit/qt/src/corelib/kernel/qeventloop.cpp:149
#20 0x00007f711917e4c8 in QEventLoop::exec (this=0x7fff1b964960, flags=...) at /g/kdegit/qt/src/corelib/kernel/qeventloop.cpp:204
#21 0x00007f7119183a48 in QCoreApplication::exec () at /g/kdegit/qt/src/corelib/kernel/qcoreapplication.cpp:1187
#22 0x00007f711de29edc in kdemain (argc=3, argv=0x7fff1b964d18) at /g/kdegit/kde-workspace/kwin/main.cpp:545
#23 0x00007f7116b0f455 in __libc_start_main (main=0x400920 <main(int, char**)>, argc=3, ubp_av=0x7fff1b964d18, init=<optimized out>, fini=<optimized out>, rtld_fini=<optimized out>, stack_end=0x7fff1b964d08) at libc-start.c:226
#24 0x0000000000400951 in _start () at ../sysdeps/x86_64/elf/start.S:113

Reported using DrKonqi
Comment 1 Thomas Lübking 2012-06-08 18:32:22 UTC 
#11 0x00007f711de453fc in KWin::Client::manage (this=<optimized out>, w=<optimized out>, isMapped=false) at /g/kdegit/kde-workspace/kwin/manage.cpp:316

This is from session restorage and this pointer "this=0x404f800000000000" at least "looks" weird (i suspect the session->tabGroupClient to be invalid)

It looks like the manage occurs for a session restart and the previously assigned tabGrupClient has been deleted interim (but not nulled) so checking whether "workspace()->hasClient(info->tabGrupClient)" will likely prevent this bug (and should probably be required) but while i'm not really keen in session management (i more or less kept it for tabbing as it was...), this somehow sounds like a wider bug - why is there session restorage while kwin is running??

@Jaime
Did kwin crash couple of times in a row or so?
Comment 2 Thomas Lübking 2012-06-08 18:48:55 UTC 
http://git.reviewboard.kde.org/r/105186/
Comment 3 Jaime Torres 2012-06-09 07:39:00 UTC 
@Thomas:
No, I don't think so. But kwin restart was so fast that I only noticed because I saw a drkonki window.

I've checked your patch. Before applying it, okular windows where not grouped. After your patch, they are grouped after login and no crash so far doing the same as yesterday.
Comment 4 Thomas Lübking 2012-06-09 10:14:32 UTC 
Git commit 75c4d09d66c41be226313ee19e05c95ba5e291b4 by Thomas Lübking.
Committed on 08/06/2012 at 20:39.
Pushed by luebking into branch 'master'.

check whether SessionInfo::tabGroupClient is (still) in workspace before using it
FIXED-IN: 4.9
REVIEW: 105186

M  +2    -0    kwin/manage.cpp

http://commits.kde.org/kde-workspace/75c4d09d66c41be226313ee19e05c95ba5e291b4