284718 – KWin crashes on showing a window with special title

Bug 284718 - KWin crashes on showing a window with special title

Summary: KWin crashes on showing a window with special title

Status:	RESOLVED UPSTREAM

Alias:	None

Product:	Oxygen
Classification:	Plasma
Component:	win deco (show other bugs)
Version:	unspecified
Platform:	Compiled Sources Linux

Importance:	NOR crash
Target Milestone:	---
Assignee:	Hugo Pereira Da Costa

URL:
Keywords:

Depends on:
Blocks:

Reported:	2011-10-22 17:44 UTC by Alexey Chernov
Modified:	2011-10-27 05:56 UTC (History)
CC List:	2 users (show)

See Also:
Latest Commit:
Version Fixed In:

Attachments
New crash information added by DrKonqi (7.53 KB, text/plain) 2011-10-27 02:25 UTC, Simon Andric	Details
View All Add an attachment

Note You need to log in before you can comment on or make changes to this bug.

Description Alexey Chernov 2011-10-22 17:44:47 UTC

Application: kwin (4.7.2 (4.7.2))
KDE Platform Version: 4.7.2 (4.7.2) (Compiled from sources)
Qt Version: 4.7.4
Operating System: Linux 3.0.3 x86_64

-- Information about the crash:
- What I was doing when the application crashed:
KWin crashes when it shows a window of browser with this link opened: http://twitter.com/#!/tiesto/status/127767987531948032

Other Qt applications also crash (see bug #284709), it seems there's a bug in Qt's text part.

-- Backtrace:
Application: KWin (kwin), signal: Aborted
[Current thread is 1 (Thread 0x7f4a644bf760 (LWP 28806))]

Thread 2 (Thread 0x7f4a3e454710 (LWP 28809)):
#0  pthread_cond_wait@@GLIBC_2.3.2 () at ../nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_wait.S:162
#1  0x00007f4a63aaec61 in QTWTF::TCMalloc_PageHeap::scavengerThread (this=0x7f4a63e4b2c0) at ../3rdparty/javascriptcore/JavaScriptCore/wtf/FastMalloc.cpp:2359
#2  0x00007f4a63aae2a2 in QTWTF::TCMalloc_PageHeap::runScavengerThread (context=0x7f4a63e4b2c0) at ../3rdparty/javascriptcore/JavaScriptCore/wtf/FastMalloc.cpp:1464
#3  0x00007f4a61424aca in start_thread (arg=<value optimized out>) at pthread_create.c:297
#4  0x00007f4a5d4a258d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:115

Thread 1 (Thread 0x7f4a644bf760 (LWP 28806)):
[KCrash Handler]
#6  0x00007f4a5d3f4315 in *__GI_raise (sig=<value optimized out>) at ../nptl/sysdeps/unix/sysv/linux/raise.c:64
#7  0x00007f4a5d3f599f in *__GI_abort () at abort.c:92
#8  0x00007f4a616c7433 in qt_message_output (msgType=QtFatalMsg, 
    buf=0x1e56af8 "ASSERT: \"(pos == end && glyphPosition == current.num_glyphs) || logClusters[pos] == glyphPosition\" in file text/qtextlayout.cpp, line 1823") at global/qglobal.cpp:2291
#9  0x00007f4a616c7612 in qt_message (msgType=QtFatalMsg, msg=0x7f4a61896a18 "ASSERT: \"%s\" in file %s, line %d", ap=0x7fff85b25670) at global/qglobal.cpp:2337
#10 0x00007f4a616c7e7f in qFatal (msg=0x7f4a61896a18 "ASSERT: \"%s\" in file %s, line %d") at global/qglobal.cpp:2520
#11 0x00007f4a616c6f9b in qt_assert (assertion=0x7f4a60f05848 "(pos == end && glyphPosition == current.num_glyphs) || logClusters[pos] == glyphPosition", file=0x7f4a60f057e7 "text/qtextlayout.cpp", 
    line=1823) at global/qglobal.cpp:2036
#12 0x00007f4a6090cb52 in addNextCluster (pos=@0x7fff85b25888, end=67, line=..., glyphCount=@0x7fff85b25880, current=..., logClusters=0x7fff85b25d18, glyphs=...) at text/qtextlayout.cpp:1823
#13 0x00007f4a6090d7a6 in QTextLine::layout_helper (this=0x7fff85b285c0, maxGlyphs=2147483647) at text/qtextlayout.cpp:1960
#14 0x00007f4a6090c29a in QTextLine::setLineWidth (this=0x7fff85b285c0, width=8388607) at text/qtextlayout.cpp:1649
#15 0x00007f4a607a8ed7 in qt_format_text (fnt=..., _r=..., tf=134234257, option=0x0, str=..., brect=0x7fff85b289a0, tabstops=0, tabarraylen=0, painter=0x0) at painting/qpainter.cpp:8063
#16 0x00007f4a607a80ed in qt_format_text (fnt=..., _r=..., tf=16513, str=..., brect=0x7fff85b289a0, tabstops=0, ta=0x0, tabarraylen=0, painter=0x0) at painting/qpainter.cpp:7903
#17 0x00007f4a608d03b4 in QFontMetrics::boundingRect (this=0x7fff85b28a60, rect=..., flags=129, text=..., tabStops=0, tabArray=0x0) at text/qfontmetrics.cpp:798
#18 0x00007f4a3e741f0d in Oxygen::Client::titleBoundingRect (this=0x1d18290, font=<value optimized out>, rect=..., caption=...)
    at /usr/src/packages/kde4/4.7.2/kde-workspace-4.7.2/kwin/clients/oxygen/oxygenclient.cpp:421
#19 0x00007f4a3e73ea0c in Oxygen::Client::renderItem (this=0x1d18290, painter=<value optimized out>, index=0, palette=<value optimized out>)
    at /usr/src/packages/kde4/4.7.2/kde-workspace-4.7.2/kwin/clients/oxygen/oxygenclient.cpp:981
#20 0x00007f4a3e741c98 in Oxygen::Client::paintEvent (this=0x1d18290, event=<value optimized out>) at /usr/src/packages/kde4/4.7.2/kde-workspace-4.7.2/kwin/clients/oxygen/oxygenclient.cpp:1475
#21 0x00007f4a62e84c7b in KCommonDecoration::eventFilter (this=0x1d18290, o=0x1d2b510, e=0x7fff85b29720)
    at /usr/src/packages/kde4/4.7.2/kde-workspace-4.7.2/kwin/libkdecorations/kcommondecoration.cpp:877
#22 0x00007f4a3e73d9e6 in Oxygen::Client::eventFilter (this=0x1d18290, object=0x1d2b510, event=0x7fff85b29720)
    at /usr/src/packages/kde4/4.7.2/kde-workspace-4.7.2/kwin/clients/oxygen/oxygenclient.cpp:1352
#23 0x00007f4a61808463 in QCoreApplicationPrivate::sendThroughObjectEventFilters (this=0x189f080, receiver=0x1d2b510, event=0x7fff85b29720) at kernel/qcoreapplication.cpp:902
#24 0x00007f4a605d6573 in QApplicationPrivate::notify_helper (this=0x189f080, receiver=0x1d2b510, e=0x7fff85b29720) at kernel/qapplication.cpp:4477
#25 0x00007f4a605d63ee in QApplication::notify (this=0x7fff85b2af90, receiver=0x1d2b510, e=0x7fff85b29720) at kernel/qapplication.cpp:4446
#26 0x00007f4a6259d3e1 in KApplication::notify (this=0x7fff85b2af90, receiver=0x1d2b510, event=0x7fff85b29720) at /usr/src/packages/kde4/4.7.2/kdelibs-4.7.2/kdeui/kernel/kapplication.cpp:311
#27 0x00007f4a6180814c in QCoreApplication::notifyInternal (this=0x7fff85b2af90, receiver=0x1d2b510, event=0x7fff85b29720) at kernel/qcoreapplication.cpp:787
#28 0x00007f4a605d8ec3 in QCoreApplication::sendSpontaneousEvent (receiver=0x1d2b510, event=0x7fff85b29720) at ../../include/QtCore/../../src/corelib/kernel/qcoreapplication.h:218
#29 0x00007f4a606444b5 in QWidgetPrivate::drawWidget (this=0x1d2b540, pdev=0x1d2ebf8, rgn=..., offset=..., flags=14, sharedPainter=0x0, backingStore=0x0) at kernel/qwidget.cpp:5528
#30 0x00007f4a60645018 in QWidgetPrivate::render (this=0x1d2b540, target=0x1d2ebf8, targetOffset=..., sourceRegion=..., renderFlags=..., readyToRender=false) at kernel/qwidget.cpp:5664
#31 0x00007f4a60642604 in QWidget::render (this=0x1d2b510, target=0x1d2ebf8, targetOffset=..., sourceRegion=..., renderFlags=...) at kernel/qwidget.cpp:5127
#32 0x00007f4a641b02d6 in KWin::PaintRedirector::performPendingPaint (this=0x1d2ebd0) at /usr/src/packages/kde4/4.7.2/kde-workspace-4.7.2/kwin/paintredirector.cpp:56
#33 0x00007f4a6410c44f in KWin::Client::ensureDecorationPixmapsPainted (this=0x1d159b0) at /usr/src/packages/kde4/4.7.2/kde-workspace-4.7.2/kwin/client.cpp:529
#34 0x00007f4a6410cba8 in KWin::Client::repaintDecorationPending (this=0x1d159b0) at /usr/src/packages/kde4/4.7.2/kde-workspace-4.7.2/kwin/client.cpp:509
#35 0x00007f4a6410cc7b in KWin::Client::qt_metacall (this=0x1d159b0, _c=QMetaObject::InvokeMetaMethod, _id=<value optimized out>, _a=0x7fff85b29f60)
    at /usr/src/packages/kde4/4.7.2/kde-workspace-4.7.2/build/kwin/client.moc:144
#36 0x00007f4a61810ae5 in QMetaObject::metacall (object=0x1d159b0, cl=QMetaObject::InvokeMetaMethod, idx=33, argv=0x7fff85b29f60) at kernel/qmetaobject.cpp:237
#37 0x00007f4a61827ffc in QMetaObject::activate (sender=0x1d2ebd0, m=0x7f4a64418a80, local_signal_index=0, argv=0x0) at kernel/qobject.cpp:3278
#38 0x00007f4a641afc90 in KWin::PaintRedirector::qt_metacall (this=0x1d2ebd0, _c=QMetaObject::InvokeMetaMethod, _id=<value optimized out>, _a=<value optimized out>)
    at /usr/src/packages/kde4/4.7.2/kde-workspace-4.7.2/build/kwin/paintredirector.moc:72
#39 0x00007f4a61810ae5 in QMetaObject::metacall (object=0x1d2ebd0, cl=QMetaObject::InvokeMetaMethod, idx=4, argv=0x7fff85b2a090) at kernel/qmetaobject.cpp:237
#40 0x00007f4a61827ffc in QMetaObject::activate (sender=0x1d2ec18, m=0x7f4a61ba4600, local_signal_index=0, argv=0x0) at kernel/qobject.cpp:3278
#41 0x00007f4a61892fe9 in QTimer::timeout (this=0x1d2ec18) at .moc/debug-shared/moc_qtimer.cpp:134
#42 0x00007f4a61831c13 in QTimer::timerEvent (this=0x1d2ec18, e=0x7fff85b2aa80) at kernel/qtimer.cpp:271
#43 0x00007f4a618236b3 in QObject::event (this=0x1d2ec18, e=0x7fff85b2aa80) at kernel/qobject.cpp:1181
#44 0x00007f4a605d659c in QApplicationPrivate::notify_helper (this=0x189f080, receiver=0x1d2ec18, e=0x7fff85b2aa80) at kernel/qapplication.cpp:4481
#45 0x00007f4a605d3a80 in QApplication::notify (this=0x7fff85b2af90, receiver=0x1d2ec18, e=0x7fff85b2aa80) at kernel/qapplication.cpp:3881
#46 0x00007f4a6259d3e1 in KApplication::notify (this=0x7fff85b2af90, receiver=0x1d2ec18, event=0x7fff85b2aa80) at /usr/src/packages/kde4/4.7.2/kdelibs-4.7.2/kdeui/kernel/kapplication.cpp:311
#47 0x00007f4a6180814c in QCoreApplication::notifyInternal (this=0x7fff85b2af90, receiver=0x1d2ec18, event=0x7fff85b2aa80) at kernel/qcoreapplication.cpp:787
#48 0x00007f4a6180c0d1 in QCoreApplication::sendEvent (receiver=0x1d2ec18, event=0x7fff85b2aa80) at ../../include/QtCore/../../src/corelib/kernel/qcoreapplication.h:215
#49 0x00007f4a6184ae53 in QTimerInfoList::activateTimers (this=0x189fb00) at kernel/qeventdispatcher_unix.cpp:603
#50 0x00007f4a6184bfdb in QEventDispatcherUNIX::activateTimers (this=0x1841500) at kernel/qeventdispatcher_unix.cpp:860
#51 0x00007f4a6184c33b in QEventDispatcherUNIX::processEvents (this=0x1841500, flags=...) at kernel/qeventdispatcher_unix.cpp:922
#52 0x00007f4a606c6995 in QEventDispatcherX11::processEvents (this=0x1841500, flags=...) at kernel/qeventdispatcher_x11.cpp:152
#53 0x00007f4a61805164 in QEventLoop::processEvents (this=0x7fff85b2ae90, flags=...) at kernel/qeventloop.cpp:149
#54 0x00007f4a618052b9 in QEventLoop::exec (this=0x7fff85b2ae90, flags=...) at kernel/qeventloop.cpp:201
#55 0x00007f4a61808842 in QCoreApplication::exec () at kernel/qcoreapplication.cpp:1064
#56 0x00007f4a605d35f2 in QApplication::exec () at kernel/qapplication.cpp:3755
#57 0x00007f4a6411f612 in kdemain (argc=<value optimized out>, argv=<value optimized out>) at /usr/src/packages/kde4/4.7.2/kde-workspace-4.7.2/kwin/main.cpp:517
#58 0x00007f4a5d3dfb6d in __libc_start_main (main=<value optimized out>, argc=<value optimized out>, ubp_av=<value optimized out>, init=<value optimized out>, fini=<value optimized out>, 
    rtld_fini=<value optimized out>, stack_end=0x7fff85b2b558) at libc-start.c:226
#59 0x0000000000400809 in _start () at ../sysdeps/x86_64/elf/start.S:113

Reported using DrKonqi

Comment 1 Martin Flöser 2011-10-22 18:43:02 UTC

looks like a qt issue

Comment 2 Alexey Chernov 2011-10-22 18:53:26 UTC

Yes, I think so, too. Seems it crashes because of some special Unicode characters in the tweet, assertion in Qt code fails because of them.

Comment 3 Hugo Pereira Da Costa 2011-10-23 00:59:33 UTC

Well,
I can't reproduce here (kde-workspace@trunk, and using firefox as web browser to show the attached page, oh and Qt 4.7.4)
Can you reproduce with any decoration but oxygen ? 
If yes this is definitly a Qt bug, and should be reported as such.

Comment 4 Alexey Chernov 2011-10-23 09:09:41 UTC

Yes, I tried also Keramik and Plastik window decorations, the result is the same, it crashes.
I'll report the bug to Qt and write a link here.

Comment 5 Alexey Chernov 2011-10-23 17:07:56 UTC

Well, here's the report to Qt: http://bugreports.qt.nokia.com/browse/QTBUG-22275

Comment 6 Hugo Pereira Da Costa 2011-10-23 22:40:08 UTC

Thanks for forwarding to Qt ! 
And thanks for posting the link here. This way, people having the same issue ca know where to look.

Comment 7 Simon Andric 2011-10-27 02:25:58 UTC

Created attachment 64928 [details]
New crash information added by DrKonqi

kmix (3.9-plus) on KDE Platform 4.7.41 (4.7.41 (KDE 4.8 >= 20110807) using Qt 4.7.1

- What I was doing when the application crashed:

in kwin i went to playback devices tab, then i right clicked in the empty space of the window and selected "channels" from the menu that had shown itself.

-- Backtrace (Reduced):
#8  0x00d2bc8f in __GI_raise (sig=6) at ../nptl/sysdeps/unix/sysv/linux/raise.c:64
#9  0x00d2f2b5 in __GI_abort () at abort.c:92
[...]
#13 0x00f02e06 in qt_assert (assertion=0x5dff12c "!isDynamic()", file=0x5dfee30 "/build/buildd/project-neon-kdemultimedia-2+svn20111016+r13495/kmix/gui/viewbase.cpp", line=284) at global/qglobal.cpp:2027
#14 0x05dcf3b8 in ViewBase::configureView (this=0x8e221a8) at /build/buildd/project-neon-kdemultimedia-2+svn20111016+r13495/kmix/gui/viewbase.cpp:284
#15 0x05dd0339 in ViewBase::qt_metacall (this=0x8e221a8, _c=QMetaObject::InvokeMetaMethod, _id=5, _a=0xbf81cd28) at /build/buildd/project-neon-kdemultimedia-2+svn20111016+r13495/obj-i686-linux-gnu/kmix/viewbase.moc:91

Comment 8 Hugo Pereira Da Costa 2011-10-27 05:56:35 UTC

Crash of comment #7 is in kmix (not kwin, nor oxygen).
It is likely upstream (in Qt anyway).
This bug is closed. Should be reported in a separate bug report, or (better) to Qt directly.
In any case, definitly not here, where it will get no additional feedback.
Sorry.

Cheers,

Hugo