192664 – segfault in kpixmapcache (triggered from kwin): KPixmapCache::Private::invalidateMmapFiles

Bug 192664 - segfault in kpixmapcache (triggered from kwin): KPixmapCache::Private::invalidateMmapFiles

Summary: segfault in kpixmapcache (triggered from kwin): KPixmapCache::Private::invali...

Status:	RESOLVED FIXED

Alias:	None

Product:	kdelibs
Classification:	Unmaintained
Component:	kdeui (show other bugs)
Version:	unspecified
Platform:	Compiled Sources Linux

Importance:	NOR crash
Target Milestone:	---
Assignee:	kdelibs bugs

URL:
Keywords:

Depends on:
Blocks:

Reported:	2009-05-14 15:22 UTC by Melchior Franz
Modified:	2009-06-24 05:14 UTC (History)
CC List:	4 users (show)

See Also:
Latest Commit:
Version Fixed In:
Sentry Crash Report:

Attachments
Add an attachment

Note You need to log in before you can comment on or make changes to this bug.

Description Melchior Franz 2009-05-14 15:22:48 UTC

Version:           svn HEAD from yesterday (2009/05/13) (using Devel)
Compiler:          gcc (SUSE Linux) 4.3.2 [gcc-4_3-branch revision 141291] 
OS:                Linux
Installed from:    Compiled sources

After closing okular I noticed that kwin had crashed. I haven't noticed when exactly, but I'm not aware of having done anything specific with/to kwin.

#0  0xb7b6591e in KPixmapCache::Private::invalidateMmapFiles (this=0x8b90508) at /home/m/kde4/kdelibs/kdeui/util/kpixmapcache. cpp:441
#1  0xb7b64bc3 in KPixmapCache::recreateCacheFiles (this=0x8ba0ae0) at /home/m/kde4/kdelibs/kdeui/util/kpixmapcache.cpp:1183
#2  0xb7b65323 in KPixmapCache::Private::checkFileVersion (this=0x8b90508, filename=@0x8b90518) at /home/m/kde4/kdelibs/kdeui/ util/kpixmapcache.cpp:716
#3  0xb7b6565c in KPixmapCache::Private::init (this=0x8b90508) at /home/m/kde4/kdelibs/kdeui/util/kpixmapcache.cpp:1038
#4  0xb7b66a9f in KPixmapCache::discard (this=0x8ba0ae0) at /home/m/kde4/kdelibs/kdeui/util/kpixmapcache.cpp:1269
#5  0xb7accd54 in KIconCache::Private::checkForThemeUpdates (this=0x8b905d0) at /home/m/kde4/kdelibs/kdeui/icons/kiconcache.cp p:82
#6  0xb7acba9b in KIconCache::find (this=0x8ba0ae0, key=@0xbfc99560, pix=@0xbfc99504, path=0x0) at /home/m/kde4/kdelibs/kdeui/ icons/kiconcache.cpp:271
#7  0xb7abfe6a in KIconLoader::loadIcon (this=0x8b8c1f0, _name=@0x8b63608, group=KIconLoader::Desktop, size=16, state=0, overl ays=@0x8b6360c, path_store=0x0, canReturnNull=false) at /home/m/kde4/kdelibs/kdeui/icons/kiconloader.cpp:1139
#8  0xb7abb765 in KIconEngine::pixmap (this=0x8b635d0, size=@0xbfc99794, mode=QIcon::Normal, state=QIcon::Off) at /home/m/kde4 /kdelibs/kdeui/icons/kiconengine.cpp:119
#9  0xb6f389f4 in QIcon::pixmap(QSize const&, QIcon::Mode, QIcon::State) const () from /usr/local/qt4/lib/libQtGui.so.4
#10 0xb6f277b2 in QWidgetPrivate::setWindowIcon_sys(bool) () from /usr/local/qt4/lib/libQtGui.so.4
#11 0xb6ef3079 in QWidget::create(unsigned long, bool, bool) () from /usr/local/qt4/lib/libQtGui.so.4
#12 0xb6eee525 in QWidgetPrivate::createWinId(unsigned long) () from /usr/local/qt4/lib/libQtGui.so.4
#13 0xb6ef3597 in QWidget::winId() const () from /usr/local/qt4/lib/libQtGui.so.4
#14 0xb7eec4ca in KWin::Client::updateDecoration (this=0x8d92398, check_workspace_pos=false, force=false) at /home/m/kde4/kdeb ase/workspace/kwin/client.cpp:325
#15 0xb7f17a12 in KWin::Client::manage (this=0x8d92398, w=79691801, isMapped=false) at /home/m/kde4/kdebase/workspace/kwin/man age.cpp:299
#16 0xb7edd83e in KWin::Workspace::createClient (this=0x8b7e9a0, w=79691801, is_mapped=<value optimized out>) at /home/m/kde4/ kdebase/workspace/kwin/workspace.cpp:525
#17 0xb7f0d424 in KWin::Workspace::workspaceEvent (this=0x8b7e9a0, e=0xbfc9b1cc) at /home/m/kde4/kdebase/workspace/kwin/events .cpp:376
#18 0xb7ef8513 in KWin::Application::x11EventFilter (this=0xbfc9b50c, e=0xbfc9b1cc) at /home/m/kde4/kdebase/workspace/kwin/mai n.cpp:361
#19 0xb6efc413 in ?? () from /usr/local/qt4/lib/libQtGui.so.4
#20 0xb6f0df3d in QApplication::x11ProcessEvent(_XEvent*) () from /usr/local/qt4/lib/libQtGui.so.4
#21 0xb6f36b5d in ?? () from /usr/local/qt4/lib/libQtGui.so.4
#22 0xb4fb69c8 in g_main_context_dispatch () from /usr/lib/libglib-2.0.so.0
#23 0xb4fba083 in ?? () from /usr/lib/libglib-2.0.so.0
#24 0xb4fba241 in g_main_context_iteration () from /usr/lib/libglib-2.0.so.0
#25 0xb6c27ce4 in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/local/qt4/lib/libQtC ore.so.4
#26 0xb6f3632b in ?? () from /usr/local/qt4/lib/libQtGui.so.4
#27 0xb6bfdd00 in QEventLoop::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/local/qt4/lib/libQtCore.so.4
#28 0xb6bfe0da in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/local/qt4/lib/libQtCore.so.4
#29 0xb6c00225 in QCoreApplication::exec() () from /usr/local/qt4/lib/libQtCore.so.4
#30 0xb6ea0833 in QApplication::exec() () from /usr/local/qt4/lib/libQtGui.so.4
#31 0xb7ef997e in kdemain (argc=1, argv=0xbfc9b6f4) at /home/m/kde4/kdebase/workspace/kwin/main.cpp:525
#32 0x080487f6 in main (argc=Cannot access memory at address 0x21
) at /home/m/kde4/.kdebase/workspace/kwin/kwin_dummy.cpp:3

Comment 1 Melchior Franz 2009-05-14 15:24:43 UTC

Here's some more info (related to the above bt):

(gdb) f 0
#0  0xb7b6591e in KPixmapCache::Private::invalidateMmapFiles (this=0x8b90508) at /home/m/kde4/kdelibs/kdeui/util/kpixmapcache.cpp:441
441             mIndexMmapInfo.indexHeader->cacheId = 0;


(gdb) p mIndexMmapInfo
$5 = {
  file = 0x8d330f8,
  {
    memory = 0xb3665000 <Address 0xb3665000 out of bounds>,
    indexHeader = 0xb3665000,
    dataHeader = 0xb3665000
  },
  size = 516,
  available = 4296704
}

Comment 2 Aaron J. Seigo 2009-06-24 04:44:22 UTC

*** Bug 187724 has been marked as a duplicate of this bug. ***

Comment 3 Aaron J. Seigo 2009-06-24 04:45:54 UTC

is this addressed by the recent fixes for bug #160284?

Comment 4 Michael Pyne 2009-06-24 05:14:02 UTC

This code was addressed recently, but not as part of 160284 but for bug 182026 (which fixes pointer aliasing issues with shared memory).

Did the fix for that fix this too?  I don't know, but it's possible that pointer aliasing was causing this bug too.  I'll optimistically mark as FIXED for now, please re-open if it gets reproduced again.