Bug 305499

Summary: kde toolbar crash
Product: [Plasma] kwin Reporter: gbappleton
Component: generalAssignee: KWin default assignee <kwin-bugs-null>
Status: RESOLVED FIXED    
Severity: crash    
Priority: NOR    
Version: 4.8.4   
Target Milestone: ---   
Platform: Compiled Sources   
OS: Linux   
Latest Commit: Version Fixed In:
Sentry Crash Report:

Description gbappleton 2012-08-20 16:06:04 UTC 
Application: kwin (4.8.4 (4.8.4))
KDE Platform Version: 4.8.4 (4.8.4) (Compiled from sources)
Qt Version: 4.8.1
Operating System: Linux 3.2.0-29-generic x86_64
Distribution: Ubuntu 12.04.1 LTS

-- Information about the crash:
- What I was doing when the application crashed: I was attempting to close a second desktop window. When I right clicked on the toolbar shortcut to desktop 2 the toolbar crashed.

The crash can be reproduced every time.

-- Backtrace:
Application: KWin (kwin), signal: Segmentation fault
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
[Current thread is 1 (Thread 0x7f9be1496780 (LWP 18969))]

Thread 2 (Thread 0x7f9bbe4f9700 (LWP 18976)):
#0  pthread_cond_wait@@GLIBC_2.3.2 () at ../nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_wait.S:162
#1  0x00007f9bdd764222 in ?? () from /usr/lib/x86_64-linux-gnu/libQtScript.so.4
#2  0x00007f9bdd764259 in ?? () from /usr/lib/x86_64-linux-gnu/libQtScript.so.4
#3  0x00007f9bd559ae9a in start_thread (arg=0x7f9bbe4f9700) at pthread_create.c:308
#4  0x00007f9be0cae4bd in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:112
#5  0x0000000000000000 in ?? ()

Thread 1 (Thread 0x7f9be1496780 (LWP 18969)):
[KCrash Handler]
#6  operator!= (this=0x30, value=1) at /usr/include/qt4/QtCore/qbasicatomic.h:75
#7  detach (this=0x1ae8f90) at /usr/include/qt4/QtCore/qvector.h:147
#8  data (this=0x1ae8f90) at /usr/include/qt4/QtCore/qvector.h:152
#9  operator[] (i=<optimized out>, this=0x1ae8f90) at /usr/include/qt4/QtCore/qvector.h:360
#10 KWin::Workspace::updateClientArea (this=0x137aef0, force=false) at ../../kwin/geometry.cpp:169
#11 0x00007f9be0fb7878 in KWin::Workspace::sendClientToDesktop (this=0x137aef0, c=<optimized out>, desk=1, dont_activate=<optimized out>) at ../../kwin/workspace.cpp:1670
#12 0x00007f9be0fbdcf7 in KWin::Workspace::setNumberOfDesktops (this=0x137aef0, n=<optimized out>) at ../../kwin/workspace.cpp:1603
#13 0x00007f9be08ceaf7 in NETRootInfo::event (this=0x1c1d930, event=0x7fffcc0452e0, properties=0x7fffcc044c20, properties_size=5) at ../../kdeui/windowmanagement/netwm.cpp:1882
#14 0x00007f9be0fe5329 in KWin::Workspace::workspaceEvent (this=0x137aef0, e=0x7fffcc0452e0) at ../../kwin/events.cpp:229
#15 0x00007f9be0fd74b8 in KWin::Application::x11EventFilter (this=0x7fffcc0455f0, e=0x7fffcc0452e0) at ../../kwin/main.cpp:359
#16 0x00007f9bdb865b85 in qt_x11EventFilter (ev=0x7fffcc0452e0) at kernel/qapplication_x11.cpp:441
#17 qt_x11EventFilter (ev=0x7fffcc0452e0) at kernel/qapplication_x11.cpp:429
#18 0x00007f9bdb874f98 in QApplication::x11ProcessEvent (this=0x7fffcc0455f0, event=0x7fffcc0452e0) at kernel/qapplication_x11.cpp:3444
#19 0x00007f9bdb89fb3a in QEventDispatcherX11::processEvents (this=0x127fad0, flags=...) at kernel/qeventdispatcher_x11.cpp:132
#20 0x00007f9bdc472c82 in QEventLoop::processEvents (this=<optimized out>, flags=...) at kernel/qeventloop.cpp:149
#21 0x00007f9bdc472ed7 in QEventLoop::exec (this=0x7fffcc045530, flags=...) at kernel/qeventloop.cpp:204
#22 0x00007f9bdc477f67 in QCoreApplication::exec () at kernel/qcoreapplication.cpp:1148
#23 0x00007f9be0fd9c36 in kdemain (argc=<optimized out>, argv=<optimized out>) at ../../kwin/main.cpp:541
#24 0x00007f9be0bdd76d in __libc_start_main (main=0x400640 <main(int, char**)>, argc=3, ubp_av=0x7fffcc045d18, init=<optimized out>, fini=<optimized out>, rtld_fini=<optimized out>, stack_end=0x7fffcc045d08) at libc-start.c:226
#25 0x0000000000400671 in _start ()

Possible duplicates by query: bug 229878.

Reported using DrKonqi
Comment 1 Martin Flöser 2012-08-20 17:03:04 UTC 
I do not understand what you mean with closing a second desktop window and which toolbar? Could you please very precisely explain what you did when the window manager crashed?
Comment 2 Thomas Lübking 2012-08-20 19:50:16 UTC 
"Toolbar" == "Titlebar" == "what users think, kwin is"

He apparently reduced the number of VD from two to one.
As consequence the windows on the second VD were moved to the first one and that causes an out of bounds (?!) access in QVector.

However i checked the code and because "desk" in
> KWin::Workspace::sendClientToDesktop (this=0x137aef0, c=<optimized out>, desk=1, dont_activate=<optimized out>) 
is actually numberOfDesktops() and that value is also used to allocate the vector in question (+1 because the code uses client::desktop() and that starts counting at one) this is either a stack corruption (somewhere else) or a downstream fix or a bug in Qt?

at least this pointer:
> #6  operator!= (this=0x30, value=1) at /usr/include/qt4/QtCore/qbasicatomic.h:75
is obviously junk

@gbappleton
a) can you reproduce this at will?
b) do you use window tabbing or tiling?
Comment 3 gbappleton 2012-08-26 17:04:07 UTC 
You have interpreted my obviously incoherent report correctly and
succinctly, proving once again that knowing the precise language is
essential for communication in any technical field. I did use window
tabbing (if you mean what I think you mean, The problem was repeatable ,
but disappeared after doing a hard reboot. Since I learned programming in
Fortran and Cobol on an old Honeywell mainframe, and went on an almost
Luddite strike with the demise of dos5 and the creation of.com domains, my
familiarity with modern programming is very limited. I used to work
comfortably on FreeBSD and early releases of Linux, I have been forced
accept that my current skill level is only fit for running an advanced
abacus. Can you perhaps recommend a good starting text/ reference to linux
and modern high level languages? I doubt that I am even capable of
memorizing the man pages, now that I am retired and drifting slowly but
steadily into an almost pleasant senility. Thank you for your help and
would appreciate any assitance in bringing my skill set into the 21st
century.
Sincerely,
         gary
gbappleton@gmail.com

On Mon, Aug 20, 2012 at 3:50 PM, Thomas Lübking
<thomas.luebking@gmail.com>wrote:

> https://bugs.kde.org/show_bug.cgi?id=305499
>
> --- Comment #2 from Thomas Lübking <thomas.luebking@gmail.com> ---
> "Toolbar" == "Titlebar" == "what users think, kwin is"
>
> He apparently reduced the number of VD from two to one.
> As consequence the windows on the second VD were moved to the first one and
> that causes an out of bounds (?!) access in QVector.
>
> However i checked the code and because "desk" in
> > KWin::Workspace::sendClientToDesktop (this=0x137aef0, c=<optimized out>,
> desk=1, dont_activate=<optimized out>)
> is actually numberOfDesktops() and that value is also used to allocate the
> vector in question (+1 because the code uses client::desktop() and that
> starts
> counting at one) this is either a stack corruption (somewhere else) or a
> downstream fix or a bug in Qt?
>
> at least this pointer:
> > #6  operator!= (this=0x30, value=1) at
> /usr/include/qt4/QtCore/qbasicatomic.h:75
> is obviously junk
>
> @gbappleton
> a) can you reproduce this at will?
> b) do you use window tabbing or tiling?
>
> --
> You are receiving this mail because:
> You reported the bug.
>
Comment 4 Thomas Lübking 2012-08-26 19:54:19 UTC 
Extrapolite ;-)

By "tabbing" i meant the feature where you can stack two or more windows into one titlebar.
The implementation used in 4.8 is... sorry, but i don't know a polite word for that =)

You should consider to either avoid it or upgrade to 4.9 (feature rewritten) or even better upcoming 4.9.1 (fixed some minor issues) because _all_ versions before are knowingly prone to corrupt the stack.

It's however not certain that this is the cause, so keep an eye on it and in case you get similar crashes (esp. with 4.9), please keep us posted.
Comment 5 Martin Flöser 2013-01-07 17:30:31 UTC 
Virtual desktop handling has been rewritten for 4.11 with a2a335064e206f0689e315d58c30bedce90decff. Although we cannot be sure what actually caused the crash we can assume that it is fixed by now either through the window tabbing improvements in 4.9 or the improvements for virtual desktops in 4.11
Comment 6 gbappleton 2013-01-08 06:00:19 UTC 
thank you
                 gary


On Mon, Jan 7, 2013 at 12:30 PM, Martin Gräßlin <mgraesslin@kde.org> wrote:

> https://bugs.kde.org/show_bug.cgi?id=305499
>
> Martin Gräßlin <mgraesslin@kde.org> changed:
>
>            What    |Removed                     |Added
>
> ----------------------------------------------------------------------------
>              Status|UNCONFIRMED                 |RESOLVED
>          Resolution|---                         |FIXED
>
> --- Comment #5 from Martin Gräßlin <mgraesslin@kde.org> ---
> Virtual desktop handling has been rewritten for 4.11 with
> a2a335064e206f0689e315d58c30bedce90decff. Although we cannot be sure what
> actually caused the crash we can assume that it is fixed by now either
> through
> the window tabbing improvements in 4.9 or the improvements for virtual
> desktops
> in 4.11
>
> --
> You are receiving this mail because:
> You reported the bug.
>