| Summary: | Calling KIdleTime::removeIdleTimeout() during KidleTime::timeoutReached() signal causes crash | ||
|---|---|---|---|
| Product: | [Frameworks and Libraries] frameworks-kidletime | Reporter: | Ada Christine Fontaine <adachristine18> |
| Component: | general | Assignee: | kdelibs bugs <kdelibs-bugs> |
| Status: | RESOLVED FIXED | ||
| Severity: | crash | CC: | aspotashev |
| Priority: | NOR | ||
| Version: | 5.92.0 | ||
| Target Milestone: | --- | ||
| Platform: | Arch Linux | ||
| OS: | Linux | ||
| Latest Commit: | https://invent.kde.org/frameworks/kidletime/commit/cd5040684723b87c7ba5b7cc1b1a63402902a641 | Version Fixed In: | 5.93.0 |
| Sentry Crash Report: | |||
| Attachments: | backtrace | ||
Git commit cd5040684723b87c7ba5b7cc1b1a63402902a641 by Ada Christine. Committed on 27/03/2022 at 22:28. Pushed by ahmadsamir into branch 'master'. Fixed crash during KIdleTime::timeoutReached() timeoutReached() will cause a crash if an item is removed from associations during signal dispatch due to iterator invalidation. iterate over a const container of the assoication keys only triggering ones matching the current timeout value to avoid the crash and unnecessary copying M +5 -5 src/kidletime.cpp https://invent.kde.org/frameworks/kidletime/commit/cd5040684723b87c7ba5b7cc1b1a63402902a641 |
Created attachment 147756 [details] backtrace Calling KIdleTime::removeIdleTimeout() from a slot connected to KIdleTime::timeoutReached() will cause an application to crash at QHashData::nextNode() STEPS TO REPRODUCE 1. connect a slot to KIdleTime::timeoutReached() 2. call KIdletime::instance()->setTimeout() 3. wait for the timeout to occur 3. call KIdleTime::instance()->removeTimeout() with the returned key from setTimeout() inside the connected slot. 4. return from the slot OBSERVED RESULT application crashes at QHashData::nextNode() via QHash::iterator::operator++() EXPECTED RESULT application proceeds normally SOFTWARE/OS VERSIONS Linux: 5.17.0 KDE Frameworks Version: 5.92.0 Qt Version: 5.15.5 ADDITIONAL INFORMATION