Bug 257390 - Using zzuf on Battle Tanks crashes KWin
Summary: Using zzuf on Battle Tanks crashes KWin
Status: RESOLVED WORKSFORME
Alias: None
Product: kwin
Classification: Plasma
Component: general (show other bugs)
Version: unspecified
Platform: openSUSE Linux
: NOR crash
Target Milestone: ---
Assignee: KWin default assignee
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2010-11-20 08:46 UTC by nn.dm55
Modified: 2015-05-09 23:36 UTC (History)
2 users (show)

See Also:
Latest Commit:
Version Fixed In:
Sentry Crash Report:

Attachments
Add an attachment

Note You need to log in before you can comment on or make changes to this bug.
Description nn.dm55 2010-11-20 08:46:39 UTC 
Application: kwin (4.4.4 (KDE 4.4.4) "release 3")
KDE Platform Version: 4.4.4 (KDE 4.4.4) "release 3"
Qt Version: 4.6.3
Operating System: Linux 2.6.34.7-0.5-desktop x86_64
Distribution: "openSUSE 11.3 (x86_64)"

-- Information about the crash:
I typed:
    zzuf -r0.0000001 btanks
After waiting a minute or so, Battle Tanks's window showed up. When I tried to close Battle Tanks, nothing happened. I then sent a SIGKILL; again, nothing happened. Finally, I sent a SIG12. KWin crashed shortly after.
Version of zzuf is 0.13
Version of btanks is 0.9.8083
zzuf is not on YaST2; it is at http://caca.zoy.org/wiki/zzuf

The crash does not seem to be reproducible.

 -- Backtrace:
Application: KWin (kwin), signal: Segmentation fault
[KCrash Handler]
#5  ref (this=0xf41910, full=true) at /usr/include/QtCore/qatomic_x86_64.h:121
#6  QString (this=0xf41910, full=true) at /usr/include/QtCore/qstring.h:715
#7  operator+ (this=0xf41910, full=true) at /usr/include/QtCore/qstring.h:1010
#8  KWin::Client::caption (this=0xf41910, full=true) at /usr/src/debug/kdebase-workspace-4.4.4/kwin/client.cpp:1672
#9  0x00007fd60149eed0 in KWin::Workspace::groupTabPopupAboutToShow (this=0x63a130) at /usr/src/debug/kdebase-workspace-4.4.4/kwin/useractions.cpp:402
#10 0x00007fd6014f787c in KWin::Workspace::qt_metacall (this=0x63a130, _c=QMetaObject::InvokeMetaMethod, _id=<value optimized out>, _a=0x7fff77687d00)
    at /usr/src/debug/kdebase-workspace-4.4.4/build/kwin/workspace.moc:513
#11 0x00007fd5fd090a1f in QMetaObject::activate(QObject*, QMetaObject const*, int, void**) () from /usr/lib64/libQtCore.so.4
#12 0x00007fd5fdbe9732 in QMenu::popup (this=0x107c7e0, p=..., atAction=0x0) at widgets/qmenu.cpp:1823
#13 0x00007fd5fdbebeb6 in QMenu::internalDelayedPopup (this=<value optimized out>) at widgets/qmenu.cpp:3016
#14 0x00007fd5fdbec384 in QMenu::timerEvent (this=0x19a0ff0, e=<value optimized out>) at widgets/qmenu.cpp:2857
#15 0x00007fd5fd08e22e in QObject::event(QEvent*) () from /usr/lib64/libQtCore.so.4
#16 0x00007fd5fd81a76d in QWidget::event (this=0x19a0ff0, event=0x7fff776889e0) at kernel/qwidget.cpp:8501
#17 0x00007fd5fdbedbcb in QMenu::event (this=0x19a0ff0, e=0x7fff776889e0) at widgets/qmenu.cpp:2421
#18 0x00007fd5fd7ca4d4 in QApplicationPrivate::notify_helper (this=0x662b90, receiver=0x19a0ff0, e=0x7fff776889e0) at kernel/qapplication.cpp:4302
#19 0x00007fd5fd7d2aca in QApplication::notify (this=<value optimized out>, receiver=0x19a0ff0, e=0x7fff776889e0) at kernel/qapplication.cpp:4185
#20 0x00007fd600c5cc06 in KApplication::notify(QObject*, QEvent*) () from /usr/lib64/libkdeui.so.5
#21 0x00007fd5fd07ce4c in QCoreApplication::notifyInternal(QObject*, QEvent*) () from /usr/lib64/libQtCore.so.4
#22 0x00007fd5fd0a80c9 in ?? () from /usr/lib64/libQtCore.so.4
#23 0x00007fd5fd0a4ff8 in ?? () from /usr/lib64/libQtCore.so.4
#24 0x00007fd5f6474a93 in g_main_context_dispatch () from /usr/lib64/libglib-2.0.so.0
#25 0x00007fd5f6475270 in ?? () from /usr/lib64/libglib-2.0.so.0
#26 0x00007fd5f6475510 in g_main_context_iteration () from /usr/lib64/libglib-2.0.so.0
#27 0x00007fd5fd0a567f in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib64/libQtCore.so.4
#28 0x00007fd5fd86b14e in QGuiEventDispatcherGlib::processEvents (this=<value optimized out>, flags=<value optimized out>) at kernel/qguieventdispatcher_glib.cpp:204
#29 0x00007fd5fd07c292 in QEventLoop::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib64/libQtCore.so.4
#30 0x00007fd5fd07c495 in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib64/libQtCore.so.4
#31 0x00007fd5fdbea065 in QMenu::exec (this=<value optimized out>, p=..., action=0x0) at widgets/qmenu.cpp:2063
#32 0x00007fd6014bc55f in KWin::Workspace::showWindowMenu (this=0x63a130, pos=..., cl=<value optimized out>) at /usr/src/debug/kdebase-workspace-4.4.4/kwin/useractions.cpp:1593
#33 0x00007fd5fffab9fb in KCommonDecoration::menuButtonPressed (this=0x420d220) at /usr/src/debug/kdebase-workspace-4.4.4/kwin/lib/kcommondecoration.cpp:717
#34 0x00007fd5fffabc1c in KCommonDecoration::qt_metacall (this=0x420d220, _c=QMetaObject::InvokeMetaMethod, _id=<value optimized out>, _a=0x7fff77688ff0)
    at /usr/src/debug/kdebase-workspace-4.4.4/build/kwin/lib/kcommondecoration.moc:118
#35 0x00007fd5ef373175 in Oxygen::OxygenClient::qt_metacall (this=0x420d220, _c=QMetaObject::InvokeMetaMethod, _id=<value optimized out>, _a=0x7fff77688ff0)
    at /usr/src/debug/kdebase-workspace-4.4.4/build/kwin/clients/oxygen/oxygenclient.moc:78
#36 0x00007fd5fd090a1f in QMetaObject::activate(QObject*, QMetaObject const*, int, void**) () from /usr/lib64/libQtCore.so.4
#37 0x00007fd5fdb6b72e in QAbstractButtonPrivate::emitPressed (this=<value optimized out>) at widgets/qabstractbutton.cpp:560
#38 0x00007fd5fdb6c1ac in QAbstractButton::mousePressEvent (this=0x28ce4e0, e=0x7fff77689090) at widgets/qabstractbutton.cpp:1096
#39 0x00007fd5fffa644a in KCommonDecorationButton::mousePressEvent (this=<value optimized out>, e=<value optimized out>) at /usr/src/debug/kdebase-workspace-4.4.4/kwin/lib/kcommondecoration.cpp:1019
#40 0x00007fd5fd81b0a9 in QWidget::event (this=0x28ce4e0, event=0x7fff776899e0) at kernel/qwidget.cpp:8040
#41 0x00007fd5fd7ca4d4 in QApplicationPrivate::notify_helper (this=0x662b90, receiver=0x28ce4e0, e=0x7fff776899e0) at kernel/qapplication.cpp:4302
#42 0x00007fd5fd7d334a in QApplication::notify (this=<value optimized out>, receiver=0x28ce4e0, e=0x7fff776899e0) at kernel/qapplication.cpp:3867
#43 0x00007fd600c5cc06 in KApplication::notify(QObject*, QEvent*) () from /usr/lib64/libkdeui.so.5
#44 0x00007fd5fd07ce4c in QCoreApplication::notifyInternal(QObject*, QEvent*) () from /usr/lib64/libQtCore.so.4
#45 0x00007fd5fd7cc1e5 in sendEvent (receiver=0x28ce4e0, event=0x7fff776899e0, alienWidget=0x0, nativeWidget=0x28ce4e0, buttonDown=0x7fd5fe276b28, lastMouseReceiver=..., spontaneous=true)
    at ../../src/corelib/kernel/qcoreapplication.h:215
#46 QApplicationPrivate::sendMouseEvent (receiver=0x28ce4e0, event=0x7fff776899e0, alienWidget=0x0, nativeWidget=0x28ce4e0, buttonDown=0x7fd5fe276b28, lastMouseReceiver=..., spontaneous=true)
    at kernel/qapplication.cpp:2967
#47 0x00007fd5fd8466c8 in QETWidget::translateMouseEvent (this=0x28ce4e0, event=<value optimized out>) at kernel/qapplication_x11.cpp:4380
#48 0x00007fd5fd844e19 in QApplication::x11ProcessEvent (this=0x7fff7768a720, event=0x7fff7768a340) at kernel/qapplication_x11.cpp:3513
#49 0x00007fd5fd86b492 in x11EventSourceDispatch (s=0x666940, callback=0, user_data=0x0) at kernel/qguieventdispatcher_glib.cpp:146
#50 0x00007fd5f6474a93 in g_main_context_dispatch () from /usr/lib64/libglib-2.0.so.0
#51 0x00007fd5f6475270 in ?? () from /usr/lib64/libglib-2.0.so.0
#52 0x00007fd5f6475510 in g_main_context_iteration () from /usr/lib64/libglib-2.0.so.0
#53 0x00007fd5fd0a567f in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib64/libQtCore.so.4
#54 0x00007fd5fd86b14e in QGuiEventDispatcherGlib::processEvents (this=<value optimized out>, flags=<value optimized out>) at kernel/qguieventdispatcher_glib.cpp:204
#55 0x00007fd5fd07c292 in QEventLoop::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib64/libQtCore.so.4
#56 0x00007fd5fd07c495 in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib64/libQtCore.so.4
#57 0x00007fd5fd08088b in QCoreApplication::exec() () from /usr/lib64/libQtCore.so.4
#58 0x00007fd6014f62cc in kdemain (argc=<value optimized out>, argv=0x7fff7768ac38) at /usr/src/debug/kdebase-workspace-4.4.4/kwin/main.cpp:526
#59 0x00007fd6010fab7d in __libc_start_main () from /lib64/libc.so.6
#60 0x0000000000400699 in _start () at ../sysdeps/x86_64/elf/start.S:113

Possible duplicates by query: bug 253841, bug 246885, bug 246169, bug 243918, bug 243415.

Reported using DrKonqi
Comment 1 Dario Andres 2010-11-20 14:39:48 UTC 
[Comment from a bug triager]
The crash looks related to bug 230000. Were you also trying to group some windows ?
Thanks
Comment 2 Martin Flöser 2010-12-18 12:35:14 UTC 
yes it looks very much like a window grouping crash. In that case it would be fixed in a later release.
Comment 3 nn.dm55 2011-07-22 14:49:53 UTC 
I was not trying to group windows.
zzuf is designed to crash other programs by modifying input bytes slightly.
Comment 4 Thomas Lübking 2011-07-22 18:49:12 UTC 
a) since it's been more than half a year and the KDE version was dated then - is --> it still reproducable at all?

b) #9  0x00007fd60149eed0 in KWin::Workspace::groupTabPopupAboutToShow
How do you explain this if you were not "grouping" (tabbing) windows?

This completely makes sense btw. the client was killed away and  the grouping code megawonky on pointer usage. A segfault was (then) expectable. The interesting question is whether it has been resolved meanwhile.
Comment 5 nn.dm55 2013-08-12 19:16:41 UTC 
I can't reproduce this anymore because Battle Tanks just crashes with a SIGBUS every time I run it under zzuf.
Battle Tanks: SVN r8098
zzuf: Git version f15879675b0ccbebe23be8443de5d8d4e405004e on git.zoy.org/zzuf.git
KWin:
     Qt: 4.8.4
     KDE Development Platform: 4.10.5 "release 1"
     KWin: 4.10.5 "release 1"
Comment 6 nn.dm55 2015-05-09 23:36:54 UTC 
Since I can't reproduce this anymore, I'll close it as WORKSFORME.