Bug 315951 - kwin crash when clicking kickoff widget ("K menu")
Summary: kwin crash when clicking kickoff widget ("K menu")
Alias: None
Product: kwin
Classification: Plasma
Component: general (show other bugs)
Version: unspecified
Platform: Compiled Sources Linux
: NOR crash
Target Milestone: 4.11
Assignee: KWin default assignee
Depends on:
Reported: 2013-03-01 12:15 UTC by Jan Binder
Modified: 2013-03-04 18:21 UTC (History)
0 users

See Also:
Latest Commit:
Version Fixed In: 4.11

Possible patch (537 bytes, patch)
2013-03-01 13:49 UTC, Martin Flöser

Note You need to log in before you can comment on or make changes to this bug.
Description Jan Binder 2013-03-01 12:15:30 UTC
Application: kwin (4.10.60)
KDE Platform Version: 4.10.60 (Compiled from sources)
Qt Version: 4.8.2
Operating System: Linux 3.8-trunk-amd64 x86_64
Distribution: Debian GNU/Linux 7.0 (wheezy)

-- Information about the crash:
- What I was doing when the application crashed:

Just logged in and clicked the K-menu. Then kwin crashed.

kwin should be from yesterday's git master, Distribution is debian unstable/experimental.

-- Backtrace:
Application: KWin (kwin), signal: Aborted
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
[Current thread is 1 (Thread 0x7f3ac8b6e7c0 (LWP 8102))]

Thread 2 (Thread 0x7f3aa94a6700 (LWP 8107)):
#0  0x00007f3ac21ad974 in pthread_cond_wait@@GLIBC_2.3.2 () from /lib/x86_64-linux-gnu/libpthread.so.0
#1  0x00007f3ac4158e77 in QTWTF::TCMalloc_PageHeap::scavengerThread (this=0x7f3ac4466640) at ../3rdparty/javascriptcore/JavaScriptCore/wtf/FastMalloc.cpp:2359
#2  0x00007f3ac4158ea9 in QTWTF::TCMalloc_PageHeap::runScavengerThread (context=<optimized out>) at ../3rdparty/javascriptcore/JavaScriptCore/wtf/FastMalloc.cpp:1464
#3  0x00007f3ac1020764 in ?? () from /usr/lib/x86_64-linux-gnu/libGL.so.1
#4  0x00007f3ac21a9e0e in start_thread () from /lib/x86_64-linux-gnu/libpthread.so.0
#5  0x00007f3ac009094d in clone () from /lib/x86_64-linux-gnu/libc.so.6

Thread 1 (Thread 0x7f3ac8b6e7c0 (LWP 8102)):
[KCrash Handler]
#6  0x00007f3abffdd2a5 in raise () from /lib/x86_64-linux-gnu/libc.so.6
#7  0x00007f3abffe0448 in abort () from /lib/x86_64-linux-gnu/libc.so.6
#8  0x00007f3ac2435722 in qt_message_output (msgType=msgType@entry=QtFatalMsg, buf=0x1591698 "ASSERT: \"!isEmpty()\" in file /usr/include/qt4/QtCore/qlist.h, line 284") at global/qglobal.cpp:2284
#9  0x00007f3ac2435a98 in qt_message(QtMsgType, const char *, typedef __va_list_tag __va_list_tag *) (msgType=msgType@entry=QtFatalMsg, msg=0x7f3ac259d528 "ASSERT: \"%s\" in file %s, line %d", ap=ap@entry=0x7fffe99d9988) at global/qglobal.cpp:2330
#10 0x00007f3ac2435c24 in qFatal (msg=<optimized out>) at global/qglobal.cpp:2513
#11 0x00007f3ac867b649 in QList<KWin::Client*>::last (this=this@entry=0x1505090) at /usr/include/qt4/QtCore/qlist.h:284
#12 0x00007f3ac867c0e9 in KWin::FocusChain::insertClientIntoChain (this=this@entry=0x1507e10, client=0x1587290, chain=...) at /media/wares/kdesrc/kde/kde-workspace/kwin/focuschain.cpp:152
#13 0x00007f3ac867c328 in KWin::FocusChain::update (this=0x1507e10, client=0x1587290, change=KWin::FocusChain::MakeFirst) at /media/wares/kdesrc/kde/kde-workspace/kwin/focuschain.cpp:114
#14 0x00007f3ac866e773 in KWin::Client::updateActivities (this=this@entry=0x1587290, includeTransients=includeTransients@entry=false) at /media/wares/kdesrc/kde/kde-workspace/kwin/client.cpp:1561
#15 0x00007f3ac866f2fa in KWin::Client::setOnActivities (this=0x1587290, newActivitiesList=...) at /media/wares/kdesrc/kde/kde-workspace/kwin/client.cpp:1547
#16 0x00007f3ac86c9f2f in KWin::Client::applyWindowRules (this=0x1587290) at /media/wares/kdesrc/kde/kde-workspace/kwin/rules.cpp:873
#17 0x00007f3ac86a5130 in KWin::Client::manage (this=<optimized out>, w=<optimized out>, isMapped=false) at /media/wares/kdesrc/kde/kde-workspace/kwin/manage.cpp:622
#18 0x00007f3ac86595d2 in KWin::Workspace::createClient (this=0x1464690, w=44040390, is_mapped=false) at /media/wares/kdesrc/kde/kde-workspace/kwin/workspace.cpp:587
#19 0x00007f3ac8693187 in KWin::Workspace::workspaceEvent (this=0x1464690, e=0x7fffe99da790) at /media/wares/kdesrc/kde/kde-workspace/kwin/events.cpp:375
#20 0x00007f3ac8686d81 in KWin::Application::x11EventFilter (this=0x7fffe99dac70, e=0x7fffe99da790) at /media/wares/kdesrc/kde/kde-workspace/kwin/main.cpp:361
#21 0x00007f3ac173465c in qt_x11EventFilter (ev=0x7fffe99da790) at kernel/qapplication_x11.cpp:435
#22 qt_x11EventFilter (ev=0x7fffe99da790) at kernel/qapplication_x11.cpp:423
#23 0x00007f3ac174231b in QApplication::x11ProcessEvent (this=0x7fffe99dac70, event=0x7fffe99da790) at kernel/qapplication_x11.cpp:3358
#24 0x00007f3ac176a579 in QEventDispatcherX11::processEvents (this=0x11e2b90, flags=...) at kernel/qeventdispatcher_x11.cpp:132
#25 0x00007f3ac25398af in QEventLoop::processEvents (this=this@entry=0x7fffe99daa00, flags=...) at kernel/qeventloop.cpp:149
#26 0x00007f3ac2539b38 in QEventLoop::exec (this=0x7fffe99daa00, flags=...) at kernel/qeventloop.cpp:204
#27 0x00007f3ac253ecf8 in QCoreApplication::exec () at kernel/qcoreapplication.cpp:1187
#28 0x00007f3ac8688edc in kdemain (argc=1, argv=0x7fffe99dadb8) at /media/wares/kdesrc/kde/kde-workspace/kwin/main.cpp:536
#29 0x00007f3abffc9a55 in __libc_start_main () from /lib/x86_64-linux-gnu/libc.so.6
#30 0x0000000000400a51 in _start ()

Reported using DrKonqi
Comment 1 Jan Binder 2013-03-01 12:32:43 UTC
Ok, this can happen
Comment 2 Jan Binder 2013-03-01 12:36:30 UTC
Ok, this happens once per freshly added kickoff widget.
When I click the widget, the plasma-style kickoff menu is shown for a second or two and then kwin crashes.
After that, the widget does not work any more, as in "the menu does not show when clicking".

Sorry for the bug report editing spam.
Comment 3 Martin Flöser 2013-03-01 13:47:41 UTC
chain.last() without checking whether the chain is empty. Yeah not surprising that assert. I assume you can easily try a patch?
Comment 4 Martin Flöser 2013-03-01 13:49:32 UTC
Created attachment 77665 [details]
Possible patch

Please give that one a try
Comment 5 Jan Binder 2013-03-02 12:29:01 UTC
The attached patch fixes the crash for me.
Comment 6 Thomas Lübking 2013-03-02 14:21:34 UTC
Git commit 909efd0ae2d0019b886ddc6e56cbaf8c69496e7e by Michael Jansen.
Committed on 02/03/2013 at 12:10.
Pushed by mjansen into branch 'master'.

Don't crash if the focus chain is empty()

M  +1    -1    kwin/focuschain.cpp


diff --git a/kwin/focuschain.cpp b/kwin/focuschain.cpp
index 73ab467..1687ec8 100644
--- a/kwin/focuschain.cpp
+++ b/kwin/focuschain.cpp
@@ -149,7 +149,7 @@ void FocusChain::insertClientIntoChain(Client *client, QList< Client * >& chain)
     if (m_activeClient && m_activeClient != client &&
-            chain.last() == m_activeClient) {
+            !chain.empty() && chain.last() == m_activeClient) {
         // Add it after the active client
         chain.insert(chain.size() - 1, client);
     } else {