Bug 333544

Summary: KWin crashes after running KAlgebra from git under valgrind and then pressing the Kickoff menu item.
Product: [Unmaintained] kdelibs Reporter: Shlomi Fish <shlomif>
Component: kshareddatacacheAssignee: kdelibs bugs <kdelibs-bugs>
Status: RESOLVED DUPLICATE    
Severity: crash CC: christian.gonzalez, mpyne, mwoehlke.floss, rasasi78
Priority: NOR Keywords: drkonqi
Version: 4.12.97   
Target Milestone: ---   
Platform: Mageia RPMs   
OS: Linux   
See Also: https://bugs.kde.org/show_bug.cgi?id=333475
Latest Commit: Version Fixed In:
Sentry Crash Report:
Attachments: New crash information added by DrKonqi

Description Shlomi Fish 2014-04-17 17:46:43 UTC 
Application: kwin (4.11.7)
KDE Platform Version: 4.12.97
Qt Version: 4.8.5
Operating System: Linux 3.13.10-desktop-1.mga5 x86_64
Distribution: "Mageia 5"

-- Information about the crash:
- What I was doing when the application crashed:

In the shell, I ran «valgrind "$HOME"/apps/kalgebra-TO_DEL/bin/kalgebra"» and then I pressed the "Kickoff" menu item on the panel.

- Unusual behavior I noticed:

KWin crashed.

- Custom settings of the application:

Also happens in a new user.

The crash can be reproduced sometimes.

-- Backtrace:
Application: KWin (kwin), signal: Illegal instruction
Using host libthread_db library "/lib64/libthread_db.so.1".
81	T_PSEUDO (SYSCALL_SYMBOL, SYSCALL_NAME, SYSCALL_NARGS)
[Current thread is 1 (Thread 0x7f9be7ca9780 (LWP 12398))]

Thread 2 (Thread 0x7f9bc63a2700 (LWP 12402)):
#0  pthread_cond_wait@@GLIBC_2.3.2 () at ../nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_wait.S:185
#1  0x00007f9be6688b9b in QTWTF::TCMalloc_PageHeap::scavengerThread (this=0x7f9be6986f00 <QTWTF::pageheap_memory>) at ../3rdparty/javascriptcore/JavaScriptCore/wtf/FastMalloc.cpp:2359
#2  0x00007f9be6688bd9 in QTWTF::TCMalloc_PageHeap::runScavengerThread (context=<optimized out>) at ../3rdparty/javascriptcore/JavaScriptCore/wtf/FastMalloc.cpp:1464
#3  0x00007f9be1c47fab in start_thread (arg=0x7f9bc63a2700) at pthread_create.c:309
#4  0x00007f9be749018d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:111

Thread 1 (Thread 0x7f9be7ca9780 (LWP 12398)):
[KCrash Handler]
#5  0x00007f9be1c513b4 in _xbegin () at ../nptl/sysdeps/unix/sysv/linux/x86/hle.h:53
#6  __lll_timedlock_elision (futex=futex@entry=0x7f9bcab73008, adapt_count=adapt_count@entry=0x7f9bcab7301c, t=0x7fffd4ac5a10, private=128) at ../nptl/sysdeps/unix/sysv/linux/x86/elision-lock.c:56
#7  0x00007f9be1c4ab8c in pthread_mutex_timedlock (mutex=0x7f9bcab73008, abstime=0x7fffd4ac5a10) at ../nptl/pthread_mutex_timedlock.c:103
#8  0x00007f9be27e258c in pthreadTimedLock::lock() () from /lib64/libkdecore.so.5
#9  0x00007f9be27e1472 in KSharedDataCache::find(QString const&, QByteArray*) const () from /lib64/libkdecore.so.5
#10 0x00007f9be608d6a0 in KIconLoaderPrivate::findCachedPixmapWithPath(QString const&, QPixmap&, QString&) () from /lib64/libkdeui.so.5
#11 0x00007f9be608d9ea in KIconLoader::loadIcon(QString const&, KIconLoader::Group, int, int, QStringList const&, QString*, bool) const () from /lib64/libkdeui.so.5
#12 0x00007f9be61fb26b in KWindowSystem::icon(unsigned long, int, int, bool, int) () from /lib64/libkdeui.so.5
#13 0x00007f9be77b5b0e in KWin::Client::getIcons() () from /lib64/libkdeinit4_kwin.so
#14 0x00007f9be77e5199 in KWin::Client::manage(unsigned int, bool) () from /lib64/libkdeinit4_kwin.so
#15 0x00007f9be77a5a1d in KWin::Workspace::createClient(unsigned int, bool) () from /lib64/libkdeinit4_kwin.so
#16 0x00007f9be77d761a in KWin::Workspace::workspaceEvent(_XEvent*) () from /lib64/libkdeinit4_kwin.so
#17 0x00007f9be77cbd80 in KWin::Application::x11EventFilter(_XEvent*) () from /lib64/libkdeinit4_kwin.so
#18 0x00007f9be11ca25c in qt_x11EventFilter (ev=0x7fffd4ac64b0) at kernel/qapplication_x11.cpp:435
#19 0x00007f9be11d7d49 in QApplication::x11ProcessEvent (this=0x7fffd4ac68a0, event=event@entry=0x7fffd4ac64b0) at kernel/qapplication_x11.cpp:3373
#20 0x00007f9be11ff710 in QEventDispatcherX11::processEvents (this=0x10c8f40, flags=...) at kernel/qeventdispatcher_x11.cpp:132
#21 0x00007f9be1fd67ff in QEventLoop::processEvents (this=this@entry=0x7fffd4ac6710, flags=...) at kernel/qeventloop.cpp:149
#22 0x00007f9be1fd6af5 in QEventLoop::exec (this=this@entry=0x7fffd4ac6710, flags=...) at kernel/qeventloop.cpp:204
#23 0x00007f9be1fdbbdb in QCoreApplication::exec () at kernel/qcoreapplication.cpp:1221
#24 0x00007f9be77ccc66 in kdemain () from /lib64/libkdeinit4_kwin.so
#25 0x00007f9be73c0c85 in __libc_start_main (main=0x400720 <main>, argc=3, argv=0x7fffd4ac69e8, init=<optimized out>, fini=<optimized out>, rtld_fini=<optimized out>, stack_end=0x7fffd4ac69d8) at libc-start.c:285
#26 0x000000000040074e in _start ()

Reported using DrKonqi
Comment 1 Matthew Woehlke 2014-07-23 15:21:27 UTC 
Created attachment 87902 [details]
New crash information added by DrKonqi

kwin (4.11.10) on KDE Platform 4.12.5 using Qt 4.8.6

Similar crash, same circumstances... running an application under valgrind takes down kwin. For me this is 100% reproducible with a development build of Slicer (http://www.slicer.org/), although that's a bit excessive as a test case, but valgrind, and not the specific application running in valgrind, appears to be the critical component.

-- Backtrace (Reduced):
#6  0x0000003866e11314 in _xbegin () at ../nptl/sysdeps/unix/sysv/linux/x86/hle.h:53
#7  __lll_timedlock_elision (futex=futex@entry=0x7f1b9fc4c008, adapt_count=adapt_count@entry=0x7f1b9fc4c01c, t=0x7fff6d02dd40, private=128) at ../nptl/sysdeps/unix/sysv/linux/x86/elision-lock.c:56
#8  0x0000003866e0ab17 in pthread_mutex_timedlock (mutex=0x7f1b9fc4c008, abstime=0x7fff6d02dd40) at ../nptl/pthread_mutex_timedlock.c:103
#9  0x000000318d83ca5c in pthreadTimedLock::lock (this=0xbaf9e0) at /usr/src/debug/kdelibs-4.12.5/kdecore/util/kshareddatacache_p.h:252
#10 0x000000318d83b93a in lock (this=0xba4a70) at /usr/src/debug/kdelibs-4.12.5/kdecore/util/kshareddatacache.cpp:1236
Comment 2 Matthew Woehlke 2014-07-23 15:28:38 UTC 
FWIW I can confirm that the same thing happens with 'valgrind /usr/bin/kcalc'.
Comment 3 Michael Pyne 2014-07-27 03:10:01 UTC 
This is what I got:

kde-svn@midna ~ $ valgrind $(which kcalc)
==3063== Memcheck, a memory error detector
==3063== Copyright (C) 2002-2013, and GNU GPL'd, by Julian Seward et al.
==3063== Using Valgrind-3.9.0 and LibVEX; rerun with -h for copyright info
==3063== Command: /home/kde-svn/kde-4/bin/kcalc
==3063== 
==3063== Conditional jump or move depends on uninitialised value(s)
==3063==    at 0x4018154: index (in /lib64/ld-2.19.so)
==3063==    by 0x400755D: expand_dynamic_string_token (in /lib64/ld-2.19.so)
==3063==    by 0x40076EC: fillin_rpath (in /lib64/ld-2.19.so)
==3063==    by 0x4007E96: _dl_init_paths (in /lib64/ld-2.19.so)
==3063==    by 0x4002CCA: dl_main (in /lib64/ld-2.19.so)
==3063==    by 0x40157EB: _dl_sysdep_start (in /lib64/ld-2.19.so)
==3063==    by 0x4004AEB: _dl_start (in /lib64/ld-2.19.so)
==3063==    by 0x40011A7: ??? (in /lib64/ld-2.19.so)
==3063== 
==3063== Conditional jump or move depends on uninitialised value(s)
==3063==    at 0x4018154: index (in /lib64/ld-2.19.so)
==3063==    by 0x400755D: expand_dynamic_string_token (in /lib64/ld-2.19.so)
==3063==    by 0x4008187: _dl_map_object (in /lib64/ld-2.19.so)
==3063==    by 0x40013DD: map_doit (in /lib64/ld-2.19.so)
==3063==    by 0x400EC52: _dl_catch_error (in /lib64/ld-2.19.so)
==3063==    by 0x4000B30: do_preload (in /lib64/ld-2.19.so)
==3063==    by 0x40041BC: dl_main (in /lib64/ld-2.19.so)
==3063==    by 0x40157EB: _dl_sysdep_start (in /lib64/ld-2.19.so)
==3063==    by 0x4004AEB: _dl_start (in /lib64/ld-2.19.so)
==3063==    by 0x40011A7: ??? (in /lib64/ld-2.19.so)
==3063== 
==3063== 
==3063== HEAP SUMMARY:
==3063==     in use at exit: 335,831 bytes in 4,508 blocks
==3063==   total heap usage: 473,709 allocs, 469,201 frees, 102,637,856 bytes allocated
==3063== 
==3063== LEAK SUMMARY:
==3063==    definitely lost: 3,592 bytes in 31 blocks
==3063==    indirectly lost: 9,488 bytes in 83 blocks
==3063==      possibly lost: 4,676 bytes in 83 blocks
==3063==    still reachable: 318,075 bytes in 4,311 blocks
==3063==         suppressed: 0 bytes in 0 blocks
==3063== Rerun with --leak-check=full to see details of leaked memory
==3063== 
==3063== For counts of detected and suppressed errors, rerun with: -v
==3063== Use --track-origins=yes to see where uninitialised values come from
==3063== ERROR SUMMARY: 3 errors from 2 contexts (suppressed: 0 from 0)

No crashes (but my Kickoff button is for Homerun Applet, so I'll try again with that as well, or see if I can find the bug from the bt itself).
Comment 4 Michael Pyne 2014-07-27 03:11:52 UTC 
Likewise with real Kickoff. It's annoying in that regard being the KSharedDataCache maintainer—it really doesn't *ever* crash for me, only for others! :(
Comment 5 Christoph Feck 2014-12-01 07:10:43 UTC 
*** Bug 341440 has been marked as a duplicate of this bug. ***
Comment 6 Dominik Haumann 2016-09-06 11:55:20 UTC 
This issue unfortunately still exists see bug #361426. There, you also can find a backtrace of KAte crashing with a recent version (2016-09-06).

*** This bug has been marked as a duplicate of bug 361426 ***