Summary: | crash in KWindowSystem (stack smashing detected) | ||
---|---|---|---|
Product: | [Frameworks and Libraries] frameworks-kwindowsystem | Reporter: | Mathias Kraus <k.hias> |
Component: | general | Assignee: | Martin Flöser <mgraesslin> |
Status: | RESOLVED FIXED | ||
Severity: | crash | CC: | fredrik, jr, kdelibs-bugs, simonandric5, sitter |
Priority: | NOR | ||
Version: | 5.1.0 | ||
Target Milestone: | --- | ||
Platform: | Kubuntu | ||
OS: | Linux | ||
URL: | https://git.reviewboard.kde.org/r/120539/ | ||
Latest Commit: | http://commits.kde.org/kwindowsystem/3576df163c8c64ebba74fc51c95de900dbf0220e | Version Fixed In: |
Description
Mathias Kraus
2014-10-07 20:55:52 UTC
@Harald: that looks similar to the crash trace you sent me the other day. Might it be that there is a problem with the kubuntu packages? If it affects all applications using KWindowSystem it should also crash the unit test applications on our CI system. Yep, that seems to be the same issue. It is entirely possible that it is a kubuntu thing, in which case I'd be hard pressed to find out where the problem is as we have no patches against kwindowsystem (as is the case with just about all of frameworks). Furthermore it is suspicious that it does not appear on 64bit. One random bit about the backtrace at hand I'll highlight though: QEventDispatcherUNIX. Unless Qt5 changed that, this is the !glib dispatcher and has all sorts of issue to begin with (e.g. polkit will not work at all). (In reply to Harald Sitter from comment #2) > Furthermore it is suspicious that it does not appear on 64bit. that is a good starting point! And could explain why I cannot reproduce. > > One random bit about the backtrace at hand I'll highlight though: > QEventDispatcherUNIX. Unless Qt5 changed that, this is the !glib dispatcher > and has all sorts of issue to begin with (e.g. polkit will not work at all). ah yes, KWin disables the glib dispatcher because it caused all kind of problems which are specific to a window manager. No, the backtrace and the error message is a good starting point. The backtrace tells us that the abort() happened in create_netwm_atoms() and the error message that we walked off the end of an array allocated on the stack. If we count the members of the atoms[] array we find that it has 92 atoms, while netAtomCount is 91. This means that we write one element past the end of the cookies[] array. whoops, that's embarrassing. review request created: https://git.reviewboard.kde.org/r/120539/ Git commit 3576df163c8c64ebba74fc51c95de900dbf0220e by Martin Gräßlin. Committed on 09/10/2014 at 09:06. Pushed by graesslin into branch 'master'. Fix incorrect count of netwm atoms This fixes a regression introduced with 59cb063b99e6ec13c0bc3cf3fd95a01258184e86. The commit added 4 new atoms but only incremented the atom count by 3. Which can cause a crash as soon as the NET classes are used. To ensure that such an error is not introduced again, an assert is added. REVIEW: 120539 M +2 -1 src/netwm.cpp http://commits.kde.org/kwindowsystem/3576df163c8c64ebba74fc51c95de900dbf0220e also put this as a patch in Kubuntu packages |