Bug 450265

Summary: System Settings crashes in OutputModel::setRefreshRate() when trying to change monitor's frequency
Product: [Applications] systemsettings Reporter: Unknown <null>
Component: kcm_kscreenAssignee: kscreen-bugs-null <kscreen-bugs-null>
Status: RESOLVED FIXED    
Severity: crash CC: nate, plasma-bugs
Priority: NOR Keywords: drkonqi
Version: 5.24.0   
Target Milestone: ---   
Platform: Arch Linux   
OS: Linux   
Latest Commit: https://invent.kde.org/plasma/kscreen/commit/59231e0456d2a8b423c26b94c5840178cebda23d Version Fixed In: 5.24.2

Description Unknown 2022-02-15 00:26:26 UTC 
Application: systemsettings (5.24.0)

Qt Version: 5.15.2
Frameworks Version: 5.90.0
Operating System: Linux 5.16.8-arch1-1 x86_64
Windowing System: X11
Distribution: "Arch Linux"
DrKonqi: 5.24.0 [KCrashBackend]

-- Information about the crash:
- What I was doing when the application crashed:

Changed the frequency of one of my monitor.
I have two monitors (same) and one was turned off (by using meta+p popup).

Judging on backtrace (this=this@entry=0x0) this looks like null pointer dereference and hopefully shouldn't be hard to fix.

The reporter is unsure if this crash is reproducible.

-- Backtrace:
Application: Systémové nastavenia (systemsettings), signal: Segmentation fault

[KCrash Handler]
#4  KScreen::Mode::size (this=this@entry=0x0) at /usr/src/debug/libkscreen-5.24.0/src/mode.cpp:89
#5  0x00007f59dd537faa in operator() (mode=..., __closure=<optimized out>) at /usr/src/debug/kscreen-5.24.0/kcm/output_model.cpp:440
#6  __gnu_cxx::__ops::_Iter_pred<OutputModel::setRefreshRate(int, int)::<lambda(const ModePtr&)> >::operator()<QMap<QString, QSharedPointer<KScreen::Mode> >::const_iterator> (__it=..., this=<optimized out>) at /usr/include/c++/11.1.0/bits/predefined_ops.h:318
#7  std::__find_if<QMap<QString, QSharedPointer<KScreen::Mode> >::const_iterator, __gnu_cxx::__ops::_Iter_pred<OutputModel::setRefreshRate(int, int)::<lambda(const ModePtr&)> > > (__pred=..., __last=..., __first=...) at /usr/include/c++/11.1.0/bits/stl_algobase.h:2052
#8  std::__find_if<QMap<QString, QSharedPointer<KScreen::Mode> >::const_iterator, __gnu_cxx::__ops::_Iter_pred<OutputModel::setRefreshRate(int, int)::<lambda(const ModePtr&)> > > (__pred=..., __last=..., __first=...) at /usr/include/c++/11.1.0/bits/stl_algobase.h:2114
#9  std::find_if<QMap<QString, QSharedPointer<KScreen::Mode> >::const_iterator, OutputModel::setRefreshRate(int, int)::<lambda(const ModePtr&)> > (__pred=..., __last=..., __first=...) at /usr/include/c++/11.1.0/bits/stl_algo.h:3910
#10 OutputModel::setRefreshRate (refIndex=<optimized out>, outputIndex=0, this=0x557d6111c860) at /usr/src/debug/kscreen-5.24.0/kcm/output_model.cpp:437
#11 OutputModel::setData (this=0x557d6111c860, index=..., value=..., role=<optimized out>) at /usr/src/debug/kscreen-5.24.0/kcm/output_model.cpp:149
#12 0x00007f5a51ec7626 in QQmlDMAbstractItemModelData::setValue (this=<optimized out>, role=270, value=...) at /usr/src/debug/qtdeclarative/src/qmlmodels/qqmladaptormodel.cpp:421
#13 0x00007f5a51ec1c4d in QQmlDMCachedModelData::metaCall (this=0x557d606304c0, call=<optimized out>, id=<optimized out>, arguments=<optimized out>) at /usr/src/debug/qtdeclarative/src/qmlmodels/qqmladaptormodel.cpp:298
#14 0x00007f5a5362f706 in QQmlPropertyData::writeProperty (this=<optimized out>, target=<optimized out>, value=<optimized out>, flags=...) at ../../include/QtQml/5.15.2/QtQml/private/../../../../../../qtdeclarative/src/qml/qml/qqmlpropertydata_p.h:379
#15 0x00007f5a5356e75f in QV4::QObjectWrapper::setProperty (engine=0x557d60fd21b0, object=0x557d606304c0, property=0x557d6105b058, value=...) at /usr/include/qt/QtCore/qflags.h:120
#16 0x00007f5a5356eec5 in QV4::QObjectWrapper::setQmlProperty (value=..., revisionMode=QV4::QObjectWrapper::IgnoreRevision, name=0x4, object=0x557d606304c0, qmlContext=0x557d60c8e740, engine=0x557d60fd21b0) at /usr/src/debug/qtdeclarative/src/qml/jsruntime/qv4qobjectwrapper.cpp:435
#17 QV4::QObjectWrapper::setQmlProperty (engine=engine@entry=0x557d60fd21b0, qmlContext=qmlContext@entry=0x557d60c8e740, object=0x557d606304c0, name=name@entry=0x7f59dd016590, revisionMode=revisionMode@entry=QV4::QObjectWrapper::IgnoreRevision, value=...) at /usr/src/debug/qtdeclarative/src/qml/jsruntime/qv4qobjectwrapper.cpp:418
#18 0x00007f5a5356f061 in QV4::QObjectWrapper::virtualPut (m=0x7f59dd016550, id=..., value=..., receiver=0x7f59dd016550) at /usr/src/debug/qtdeclarative/src/qml/jsruntime/qv4qobjectwrapper.cpp:722
#19 0x00007f5a535488cf in QV4::Object::put (receiver=<optimized out>, v=..., id=..., this=<optimized out>, this=<optimized out>, id=..., v=..., receiver=<optimized out>) at /usr/src/debug/qtdeclarative/src/qml/jsruntime/qv4object_p.h:324
#20 QV4::Object::virtualResolveLookupSetter (object=0x7f59dd016550, engine=0x557d60fd21b0, lookup=0x557d61a345c0, value=...) at /usr/src/debug/qtdeclarative/src/qml/jsruntime/qv4object.cpp:804
#21 0x00007f5a53587abc in QV4::Moth::VME::interpret (frame=0x7ffe52bca510, engine=0x557d60fd21b0, code=0x7f59dcdac3c1 "\016\002") at /usr/src/debug/qtdeclarative/src/qml/jsruntime/qv4vme_moth.cpp:351
#22 0x00007f5a5358b765 in QV4::Moth::VME::exec (frame=<optimized out>, engine=<optimized out>) at /usr/src/debug/qtdeclarative/src/qml/jsruntime/qv4vme_moth.cpp:463
#23 0x00007f5a5352d46e in QV4::Function::call (this=<optimized out>, thisObject=<optimized out>, argv=<optimized out>, argc=<optimized out>, context=<optimized out>) at /usr/src/debug/qtdeclarative/src/qml/jsruntime/qv4function.cpp:69
#24 0x00007f5a5368b862 in QQmlJavaScriptExpression::evaluate (this=0x557d61d7add0, callData=0x7f59dd0164d8, isUndefined=0x0) at /usr/src/debug/qtdeclarative/src/qml/qml/qqmljavascriptexpression.cpp:212
#25 0x00007f5a53645b93 in QQmlBoundSignalExpression::evaluate (this=<optimized out>, a=<optimized out>) at /usr/src/debug/qtdeclarative/src/qml/qml/qqmlboundsignal.cpp:224
#26 0x00007f5a5364764c in QQmlBoundSignal_callback (a=0x7ffe52bcc1b0, e=0x557d61d7a280) at ../../include/QtQml/5.15.2/QtQml/private/../../../../../../qtdeclarative/src/qml/qml/qqmlboundsignalexpressionpointer_p.h:69
#27 QQmlBoundSignal_callback (e=0x557d61d7a280, a=0x7ffe52bcc1b0) at /usr/src/debug/qtdeclarative/src/qml/qml/qqmlboundsignal.cpp:341
#28 0x00007f5a5366b425 in QQmlNotifier::emitNotify (endpoint=<optimized out>, a=0x7ffe52bcc1b0) at /usr/src/debug/qtdeclarative/src/qml/qml/qqmlnotifier.cpp:104
#29 0x00007f5a54af08ee in doActivate<false> (sender=0x557d61cadef0, signal_index=61, argv=0x7ffe52bcc1b0) at kernel/qobject.cpp:3778
#30 0x00007f5a4e136343 in QQuickComboBox::activated (this=<optimized out>, _t1=<optimized out>) at .moc/moc_qquickcombobox_p.cpp:759
#31 0x00007f5a4e0b851a in QQuickComboBoxPrivate::hidePopup (this=0x557d61930fd0, accept=<optimized out>) at /usr/src/debug/qtquickcontrols2/src/quicktemplates2/qquickcombobox.cpp:323
#32 0x00007f5a54af0d93 in QtPrivate::QSlotObjectBase::call (a=<optimized out>, r=<optimized out>, this=<optimized out>, this=<optimized out>, r=<optimized out>, a=<optimized out>) at ../../include/QtCore/../../src/corelib/kernel/qobjectdefs_impl.h:398
#33 doActivate<false> (sender=0x557d605d43c0, signal_index=64, argv=0x7ffe52bcc280) at kernel/qobject.cpp:3886
#34 0x00007f5a4e0ac91a in QQuickAbstractButtonPrivate::handleRelease (this=0x557d62356f80, point=...) at /usr/src/debug/qtquickcontrols2/src/quicktemplates2/qquickabstractbutton.cpp:182
#35 0x00007f5a4e0c7a69 in QQuickControl::mouseReleaseEvent (this=<optimized out>, event=0x7ffe52bcc670) at /usr/src/debug/qtquickcontrols2/src/quicktemplates2/qquickcontrol.cpp:2151
#36 0x00007f5a53a419db in QQuickItem::event (this=0x557d605d43c0, ev=0x7ffe52bcc670) at /usr/src/debug/qtdeclarative/src/quick/items/qquickitem.cpp:8200
#37 0x00007f5a556341a6 in QApplicationPrivate::notify_helper (this=<optimized out>, receiver=0x557d605d43c0, e=0x7ffe52bcc670) at kernel/qapplication.cpp:3632
#38 0x00007f5a54ac016a in QCoreApplication::notifyInternal2 (receiver=0x557d605d43c0, event=0x7ffe52bcc670) at kernel/qcoreapplication.cpp:1064
#39 0x00007f5a53a500f1 in QQuickWindowPrivate::deliverMouseEvent (this=this@entry=0x557d60781d20, pointerEvent=0x7f5a4800b3b0) at /usr/src/debug/qtdeclarative/src/quick/items/qquickwindow.cpp:2019
#40 0x00007f5a53a50aa4 in QQuickWindowPrivate::deliverPointerEvent (this=0x557d60781d20, event=0x7f5a4800b3b0) at /usr/src/debug/qtdeclarative/src/quick/items/qquickwindow.cpp:2611
#41 0x00007f5a54fa026d in QWindow::event (this=0x557d610c0e40, ev=<optimized out>) at kernel/qwindow.cpp:2438
#42 0x00007f5a556341a6 in QApplicationPrivate::notify_helper (this=<optimized out>, receiver=0x557d610c0e40, e=0x7ffe52bcc670) at kernel/qapplication.cpp:3632
#43 0x00007f5a54ac016a in QCoreApplication::notifyInternal2 (receiver=0x557d610c0e40, event=0x7ffe52bcc670) at kernel/qcoreapplication.cpp:1064
#44 0x00007f5a52717e1e in QQuickWidget::mouseReleaseEvent (this=<optimized out>, e=0x7ffe52bccbd0) at /usr/src/debug/qtdeclarative/src/quickwidgets/qquickwidget.cpp:1416
#45 0x00007f5a5566a616 in QWidget::event (this=0x557d60fff2c0, event=0x7ffe52bccbd0) at kernel/qwidget.cpp:8646
#46 0x00007f5a556341a6 in QApplicationPrivate::notify_helper (this=this@entry=0x557d5f9304f0, receiver=receiver@entry=0x557d60fff2c0, e=e@entry=0x7ffe52bccbd0) at kernel/qapplication.cpp:3632
#47 0x00007f5a55638fd7 in QApplication::notify (this=0x7ffe52bcc860, receiver=0x557d60fff2c0, e=0x7ffe52bccbd0) at kernel/qapplication.cpp:3076
#48 0x00007f5a54ac016a in QCoreApplication::notifyInternal2 (receiver=0x557d60fff2c0, event=0x7ffe52bccbd0) at kernel/qcoreapplication.cpp:1064
#49 0x00007f5a5563799f in QApplicationPrivate::sendMouseEvent (receiver=0x557d60fff2c0, event=0x7ffe52bccbd0, alienWidget=0x557d60fff2c0, nativeWidget=0x557d5fa98210, buttonDown=<optimized out>, lastMouseReceiver=..., spontaneous=true, onlyDispatchEnterLeave=false) at kernel/qapplication.cpp:2614
#50 0x00007f5a556887d7 in QWidgetWindow::handleMouseEvent (this=0x557d5ff03600, event=0x7ffe52bccf40) at kernel/qwidgetwindow.cpp:683
#51 0x00007f5a5568a37c in QWidgetWindow::event (this=0x557d5ff03600, event=0x7ffe52bccf40) at kernel/qwidgetwindow.cpp:300
#52 0x00007f5a556341a6 in QApplicationPrivate::notify_helper (this=<optimized out>, receiver=0x557d5ff03600, e=0x7ffe52bccf40) at kernel/qapplication.cpp:3632
#53 0x00007f5a54ac016a in QCoreApplication::notifyInternal2 (receiver=0x557d5ff03600, event=0x7ffe52bccf40) at kernel/qcoreapplication.cpp:1064
#54 0x00007f5a54f90f60 in QGuiApplicationPrivate::processMouseEvent (e=0x557d6202b2b0) at kernel/qguiapplication.cpp:2282
#55 0x00007f5a54f7c5e5 in QWindowSystemInterface::sendWindowSystemEvents (flags=flags@entry=...) at kernel/qwindowsysteminterface.cpp:1169
#56 0x00007f5a4ee3ad80 in xcbSourceDispatch (source=<optimized out>) at /usr/src/debug/qtbase/src/plugins/platforms/xcb/qxcbeventdispatcher.cpp:105
#57 0x00007f5a52773f13 in g_main_context_dispatch () from /usr/lib/libglib-2.0.so.0
#58 0x00007f5a527ca0d9 in ?? () from /usr/lib/libglib-2.0.so.0
#59 0x00007f5a52771485 in g_main_context_iteration () from /usr/lib/libglib-2.0.so.0
#60 0x00007f5a54b0b44a in QEventDispatcherGlib::processEvents (this=0x557d5fa061b0, flags=...) at kernel/qeventdispatcher_glib.cpp:423
#61 0x00007f5a54ab844b in QEventLoop::exec (this=0x7ffe52bcd2d0, flags=...) at ../../include/QtCore/../../src/corelib/global/qflags.h:69
#62 0x00007f5a54ac3b97 in QCoreApplication::exec () at ../../include/QtCore/../../src/corelib/global/qflags.h:121
#63 0x00007f5a54f8c162 in QGuiApplication::exec () at kernel/qguiapplication.cpp:1867
#64 0x00007f5a5563252a in QApplication::exec () at kernel/qapplication.cpp:2824
#65 0x0000557d5f2eebfa in main (argc=<optimized out>, argv=0x7ffe52bcd400) at /usr/src/debug/systemsettings-5.24.0/app/main.cpp:183
[Inferior 1 (process 452949) detached]

Possible duplicates by query: bug 449953, bug 449869, bug 449589, bug 448104, bug 447910.

Reported using DrKonqi
Comment 1 Unknown 2022-02-15 00:33:00 UTC 
I also noticed this weird behavior:

- as I said, I have the same monitor with 60Hz
- I use the popup meta+p to turn them on/off
- when I have both turned on system settings correctly shows 60Hz for each
- when I turn off the left one, system settings shows only the remaining monitor but with 72Hz (weird)
- when i turn on the left monitor both switch back to 60hz
Comment 2 Nate Graham 2022-02-16 20:00:45 UTC 
> Judging on backtrace (this=this@entry=0x0) this looks like null pointer dereference
> and hopefully shouldn't be hard to fix.
Would you be interested in giving it a shot?
Comment 3 Unknown 2022-02-16 21:22:17 UTC 
(In reply to Nate Graham from comment #2)
> > Judging on backtrace (this=this@entry=0x0) this looks like null pointer dereference
> > and hopefully shouldn't be hard to fix.
> Would you be interested in giving it a shot?

Sure, why not.
Comment 4 Bug Janitor Service 2022-02-17 03:12:29 UTC 
A possibly relevant merge request was started @ https://invent.kde.org/plasma/kscreen/-/merge_requests/86
Comment 5 Nate Graham 2022-02-21 17:11:04 UTC 
Git commit d6cc54337b6eefc7b7a320a6777f10e23d20dddb by Nate Graham, on behalf of Marek Beleščiak.
Committed on 21/02/2022 at 17:10.
Pushed by ngraham into branch 'master'.

KCM: fix crash when editing disabled display output's refresh rate

When display output was disabled, Output::currentMode() returned
a null pointer and used it shortly afterwards.
FIXED-IN: 5.24.2

M  +1    -1    kcm/output_model.cpp

https://invent.kde.org/plasma/kscreen/commit/d6cc54337b6eefc7b7a320a6777f10e23d20dddb
Comment 6 Nate Graham 2022-02-21 17:11:51 UTC 
Git commit 59231e0456d2a8b423c26b94c5840178cebda23d by Nate Graham, on behalf of Marek Beleščiak.
Committed on 21/02/2022 at 17:11.
Pushed by ngraham into branch 'Plasma/5.24'.

KCM: fix crash when editing disabled display output's refresh rate

When display output was disabled, Output::currentMode() returned
a null pointer and used it shortly afterwards.
FIXED-IN: 5.24.2


(cherry picked from commit d6cc54337b6eefc7b7a320a6777f10e23d20dddb)

M  +1    -1    kcm/output_model.cpp

https://invent.kde.org/plasma/kscreen/commit/59231e0456d2a8b423c26b94c5840178cebda23d