Bug 350821

Summary: KWin crashes on invalid _NET_WM_ICON data
Product: [Plasma] kwin Reporter: Robert Kausch <robert.kausch>
Component: compatibilityAssignee: KWin default assignee <kwin-bugs-null>
Status: RESOLVED DUPLICATE    
Severity: crash    
Priority: NOR    
Version: 5.3.2   
Target Milestone: ---   
Platform: unspecified   
OS: All   
See Also: https://bugs.kde.org/show_bug.cgi?id=350173
Latest Commit: Version Fixed In:
Sentry Crash Report:

Description Robert Kausch 2015-07-31 11:30:31 UTC 
This is bug #90944 from 2004 reintroduced in Plasma 5.

I'm not sure if I should open a new ticket for this, but as I couldn't change the status of the old ticket back to open, I'm just reporting it as new.

The exact code posted by Billy Biggs in 2004 crashes KWin 5.3.2 again.

See ticket #90944 https://bugs.kde.org/show_bug.cgi?id=90944 and https://sourceforge.net/p/bonkenc/bugs/104/ for reference.

Reproducible: Always

Steps to Reproduce:
1. Compile the code posted in ticket #90944.
2. Run it.
3. Watch KWin crash and hang up the desktop.

Actual Results:  
KWin crashes and hangs the Plasma desktop.

Expected Results:  
Invalid data should be ignored.
Comment 1 Thomas Lübking 2015-07-31 14:03:50 UTC 
bug #350173 ?
=> backtrace, we always want to see backtraces ;-P
Comment 2 Robert Kausch 2015-07-31 14:41:43 UTC 
Yes, this seems to be the same as bug #350173

I'll check again once kwindowsystem 5.13 packages are available for Arch Linux.

Thanks!

Backtrace:

#0  0x00007fe0835bef4d in nanosleep () from /lib/libc.so.6
#1  0x00007fe0835bede4 in sleep () from /lib/libc.so.6
#2  0x00007fe080852d6a in ?? () from /usr/lib/libKF5Crash.so.5
#3  0x00007fe0808531f0 in KCrash::defaultCrashHandler(int) () from /usr/lib/libKF5Crash.so.5
#4  <signal handler called>
#5  0x00007fe083597734 in __memcpy_sse2_unaligned () from /lib/libc.so.6
#6  0x00007fe082a11de1 in NETWinInfo::update(QFlags<NET::Property>, QFlags<NET::Property2>) ()
   from /usr/lib/libKF5WindowSystem.so.5
#7  0x00007fe08310ee76 in ?? () from /usr/lib/libkwin.so.5
#8  0x00007fe083148910 in ?? () from /usr/lib/libkwin.so.5
#9  0x00007fe0830e0f9d in KWin::Workspace::createClient(unsigned int, bool) () from /usr/lib/libkwin.so.5
#10 0x00007fe08312ffd2 in KWin::Workspace::workspaceEvent(xcb_generic_event_t*) () from /usr/lib/libkwin.so.5
#11 0x00007fe081bcb3d0 in QAbstractEventDispatcher::filterNativeEvent(QByteArray const&, void*, long*) ()
   from /usr/lib/libQt5Core.so.5
#12 0x00007fe06cbd4d25 in QXcbConnection::handleXcbEvent(xcb_generic_event_t*) () from /usr/lib/libQt5XcbQpa.so.5
#13 0x00007fe06cbd6dcb in QXcbConnection::processXcbEvents() () from /usr/lib/libQt5XcbQpa.so.5
#14 0x00007fe081bfdee2 in QObject::event(QEvent*) () from /usr/lib/libQt5Core.so.5
#15 0x00007fe0824c2fcc in QApplicationPrivate::notify_helper(QObject*, QEvent*) () from /usr/lib/libQt5Widgets.so.5
#16 0x00007fe0824c8140 in QApplication::notify(QObject*, QEvent*) () from /usr/lib/libQt5Widgets.so.5
#17 0x00007fe081bce603 in QCoreApplication::notifyInternal(QObject*, QEvent*) () from /usr/lib/libQt5Core.so.5
#18 0x00007fe081bd0873 in QCoreApplicationPrivate::sendPostedEvents(QObject*, int, QThreadData*) ()
   from /usr/lib/libQt5Core.so.5
#19 0x00007fe081c221d2 in QEventDispatcherUNIX::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) ()
   from /usr/lib/libQt5Core.so.5
#20 0x00007fe06cc3639d in ?? () from /usr/lib/libQt5XcbQpa.so.5
#21 0x00007fe081bcc1a2 in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib/libQt5Core.so.5
#22 0x00007fe081bd3cdd in QCoreApplication::exec() () from /usr/lib/libQt5Core.so.5
#23 0x00007fe0838af277 in kdemain () from /usr/lib/libkdeinit5_kwin_x11.so
#24 0x00007fe083527800 in __libc_start_main () from /lib/libc.so.6
#25 0x0000000000400759 in _start ()
Comment 3 Thomas Lübking 2015-07-31 14:57:42 UTC 
Thanks for the update.

Pre-emptively duping then - please re-open the bug in case it's not fixed by that patch.

*** This bug has been marked as a duplicate of bug 350173 ***
Comment 4 Robert Kausch 2015-08-18 12:56:17 UTC 
Just confirmed, kwindowsystem 5.13 indeed fixes this bug.