Bug 334152 - dangeling allActivitiesGroup pointer in useractions.cpp
Summary: dangeling allActivitiesGroup pointer in useractions.cpp
Status: RESOLVED FIXED
Alias: None
Product: kwin
Classification: Plasma
Component: activities (show other bugs)
Version: 4.11.8
Platform: openSUSE Linux
: NOR crash
Target Milestone: ---
Assignee: KWin default assignee
URL: https://git.reviewboard.kde.org/r/118...
Keywords: drkonqi
: 334539 334917 334942 335215 335230 335244 335378 335459 335516 335955 336006 336136 336757 337084 337159 338984 (view as bug list)
Depends on:
Blocks:
 
Reported: 2014-04-30 19:11 UTC by Eugenio
Modified: 2014-09-10 17:06 UTC (History)
17 users (show)

See Also:
Latest Commit: http://commits.kde.org/kde-workspace/d3fe2391f6b36398ac671fe3cadef667919cc0e5
Version Fixed In: 4.11.10
thomas.luebking: ReviewRequest+

Attachments
New crash information added by DrKonqi (7.26 KB, text/plain)
2014-05-12 11:57 UTC, Mishka 		Details
View All Add an attachment

Note You need to log in before you can comment on or make changes to this bug.
Description Eugenio 2014-04-30 19:11:38 UTC 
Application: kwin (4.11.8)
KDE Platform Version: 4.13.0
Qt Version: 4.8.5
Operating System: Linux 3.11.10-7-desktop x86_64
Distribution: "openSUSE 13.1 (Bottle) (x86_64)"

-- Information about the crash:
- What I was doing when the application crashed: I dragged firefox to the top of the screen to maximize it then kwin crashed.

- Custom settings of the application: I was using kwin without compositing and with a qtcurve theme (don't know if it's relevant)

The crash can be reproduced sometimes.

-- Backtrace:
Application: KWin (kwin), signal: Segmentation fault
Using host libthread_db library "/lib64/libthread_db.so.1".
[Current thread is 1 (Thread 0x7fb7ab608880 (LWP 3617))]

Thread 2 (Thread 0x7fb77ea60700 (LWP 3627)):
#0  0x00007fb7a4ded0af in pthread_cond_wait@@GLIBC_2.3.2 () from /lib64/libpthread.so.0
#1  0x00007fb7a9fde8cb in QTWTF::TCMalloc_PageHeap::scavengerThread (this=0x7fb7aa2dcf00 <QTWTF::pageheap_memory>) at ../3rdparty/javascriptcore/JavaScriptCore/wtf/FastMalloc.cpp:2359
#2  0x00007fb7a9fde909 in QTWTF::TCMalloc_PageHeap::runScavengerThread (context=<optimized out>) at ../3rdparty/javascriptcore/JavaScriptCore/wtf/FastMalloc.cpp:1464
#3  0x00007fb7a4de90db in start_thread () from /lib64/libpthread.so.0
#4  0x00007fb7aade290d in clone () from /lib64/libc.so.6

Thread 1 (Thread 0x7fb7ab608880 (LWP 3617)):
[KCrash Handler]
#6  begin (this=0x88) at ../../src/corelib/tools/qlist.h:101
#7  contains (t=@0x7fff9fa15d68: 0x1bce5e0, this=0x88) at ../../src/corelib/tools/qlist.h:882
#8  QActionGroup::addAction (this=0x2264120, a=a@entry=0x1bce5e0) at kernel/qactiongroup.cpp:180
#9  0x00007fb7ab14f70c in KWin::UserActionsMenu::activityPopupAboutToShow (this=0x1993f60) at /usr/src/debug/kde-workspace-4.11.9/kwin/useractions.cpp:723
#10 0x00007fb7a5193d68 in QMetaObject::activate (sender=sender@entry=0x1ae3960, m=m@entry=0x7fb7a4db0c80 <QMenu::staticMetaObject>, local_signal_index=local_signal_index@entry=0, argv=argv@entry=0x0) at kernel/qobject.cpp:3556
#11 0x00007fb7a4723e20 in QMenu::aboutToShow (this=this@entry=0x1ae3960) at .moc/release-shared/moc_qmenu.cpp:164
#12 0x00007fb7a4726d1d in QMenu::popup (this=0x1ae3960, p=..., atAction=atAction@entry=0x0) at widgets/qmenu.cpp:1844
#13 0x00007fb7a472835b in QMenu::internalDelayedPopup (this=this@entry=0x1c8f700) at widgets/qmenu.cpp:3057
#14 0x00007fb7a4729dd4 in QMenu::timerEvent (this=0x1c8f700, e=<optimized out>) at widgets/qmenu.cpp:2917
#15 0x00007fb7a5197f31 in QObject::event (this=this@entry=0x1c8f700, e=e@entry=0x7fff9fa16680) at kernel/qobject.cpp:1165
#16 0x00007fb7a434ee4b in QWidget::event (this=this@entry=0x1c8f700, event=event@entry=0x7fff9fa16680) at kernel/qwidget.cpp:8846
#17 0x00007fb7a472c3eb in QMenu::event (this=0x1c8f700, e=0x7fff9fa16680) at widgets/qmenu.cpp:2481
#18 0x00007fb7a42ff8ac in QApplicationPrivate::notify_helper (this=this@entry=0x184b380, receiver=receiver@entry=0x1c8f700, e=e@entry=0x7fff9fa16680) at kernel/qapplication.cpp:4562
#19 0x00007fb7a4305e70 in QApplication::notify (this=this@entry=0x7fff9fa17720, receiver=receiver@entry=0x1c8f700, e=e@entry=0x7fff9fa16680) at kernel/qapplication.cpp:4348
#20 0x00007fb7a9a3047a in KApplication::notify (this=0x7fff9fa17720, receiver=0x1c8f700, event=0x7fff9fa16680) at /usr/src/debug/kdelibs-4.13.0/kdeui/kernel/kapplication.cpp:311
#21 0x00007fb7a51800ad in QCoreApplication::notifyInternal (this=0x7fff9fa17720, receiver=0x1c8f700, event=0x7fff9fa16680) at kernel/qcoreapplication.cpp:949
#22 0x00007fb7a51af83c in sendEvent (event=<optimized out>, receiver=<optimized out>) at kernel/qcoreapplication.h:231
#23 QTimerInfoList::activateTimers (this=0x184bde8) at kernel/qeventdispatcher_unix.cpp:636
#24 0x00007fb7a51afef0 in QEventDispatcherUNIX::activateTimers (this=this@entry=0x17e4a90) at kernel/qeventdispatcher_unix.cpp:893
#25 0x00007fb7a51b0860 in QEventDispatcherUNIX::processEvents (this=this@entry=0x17e4a90, flags=...) at kernel/qeventdispatcher_unix.cpp:955
#26 0x00007fb7a439d256 in QEventDispatcherX11::processEvents (this=0x17e4a90, flags=...) at kernel/qeventdispatcher_x11.cpp:152
#27 0x00007fb7a517ed0f in QEventLoop::processEvents (this=this@entry=0x7fff9fa169d0, flags=...) at kernel/qeventloop.cpp:149
#28 0x00007fb7a517f005 in QEventLoop::exec (this=this@entry=0x7fff9fa169d0, flags=...) at kernel/qeventloop.cpp:204
#29 0x00007fb7a472b1e7 in QMenu::exec (this=0x1c8f700, p=..., action=action@entry=0x0) at widgets/qmenu.cpp:2125
#30 0x00007fb7ab14bffa in KWin::UserActionsMenu::show (this=0x1993f60, pos=..., cl=...) at /usr/src/debug/kde-workspace-4.11.9/kwin/useractions.cpp:167
#31 0x00007fb7ab14c0bb in KWin::Workspace::showWindowMenu (this=0x1965810, pos=..., cl=cl@entry=0x1fb25b0) at /usr/src/debug/kde-workspace-4.11.9/kwin/useractions.cpp:1827
#32 0x00007fb7ab14c83a in KWin::Client::performMouseCommand (this=this@entry=0x1fb25b0, command=command@entry=KWin::Options::MouseOperationsMenu, globalPos=..., handled=handled@entry=false) at /usr/src/debug/kde-workspace-4.11.9/kwin/useractions.cpp:1227
#33 0x00007fb7ab1314d5 in KWin::Client::processDecorationButtonPress (this=0x1fb25b0, button=3, x=<optimized out>, y=<optimized out>, x_root=<optimized out>, y_root=13, ignoreMenu=ignoreMenu@entry=false) at /usr/src/debug/kde-workspace-4.11.9/kwin/events.cpp:1100
#34 0x00007fb7ab13446a in KWin::Client::processMousePressEvent (this=<optimized out>, e=<optimized out>) at /usr/src/debug/kde-workspace-4.11.9/kwin/events.cpp:1133
#35 0x00007fb7aaaf026b in KCommonDecoration::eventFilter (this=0x1a44e50, o=0x2380400, e=0x7fff9fa16fb0) at /usr/src/debug/kde-workspace-4.11.9/kwin/libkdecorations/kcommondecoration.cpp:978
#36 0x00007fb7a5180216 in QCoreApplicationPrivate::sendThroughObjectEventFilters (this=this@entry=0x184b380, receiver=receiver@entry=0x2380400, event=event@entry=0x7fff9fa16fb0) at kernel/qcoreapplication.cpp:1059
#37 0x00007fb7a42ff88c in QApplicationPrivate::notify_helper (this=this@entry=0x184b380, receiver=receiver@entry=0x2380400, e=e@entry=0x7fff9fa16fb0) at kernel/qapplication.cpp:4558
#38 0x00007fb7a4305fad in QApplication::notify (this=this@entry=0x7fff9fa17720, receiver=receiver@entry=0x2380400, e=e@entry=0x7fff9fa16fb0) at kernel/qapplication.cpp:4105
#39 0x00007fb7a9a3047a in KApplication::notify (this=0x7fff9fa17720, receiver=0x2380400, event=0x7fff9fa16fb0) at /usr/src/debug/kdelibs-4.13.0/kdeui/kernel/kapplication.cpp:311
#40 0x00007fb7a51800ad in QCoreApplication::notifyInternal (this=0x7fff9fa17720, receiver=receiver@entry=0x2380400, event=event@entry=0x7fff9fa16fb0) at kernel/qcoreapplication.cpp:949
#41 0x00007fb7a4305763 in sendEvent (event=<optimized out>, receiver=<optimized out>) at ../../src/corelib/kernel/qcoreapplication.h:231
#42 QApplicationPrivate::sendMouseEvent (receiver=receiver@entry=0x2380400, event=event@entry=0x7fff9fa16fb0, alienWidget=alienWidget@entry=0x0, nativeWidget=nativeWidget@entry=0x2380400, buttonDown=buttonDown@entry=0x7fb7a4ddd278 <qt_button_down>, lastMouseReceiver=..., spontaneous=spontaneous@entry=true) at kernel/qapplication.cpp:3173
#43 0x00007fb7a4376f7b in QETWidget::translateMouseEvent (this=this@entry=0x2380400, event=event@entry=0x7fff9fa17330) at kernel/qapplication_x11.cpp:4528
#44 0x00007fb7a43759ec in QApplication::x11ProcessEvent (this=0x7fff9fa17720, event=event@entry=0x7fff9fa17330) at kernel/qapplication_x11.cpp:3651
#45 0x00007fb7a439d1f0 in QEventDispatcherX11::processEvents (this=0x17e4a90, flags=...) at kernel/qeventdispatcher_x11.cpp:132
#46 0x00007fb7a517ed0f in QEventLoop::processEvents (this=this@entry=0x7fff9fa17590, flags=...) at kernel/qeventloop.cpp:149
#47 0x00007fb7a517f005 in QEventLoop::exec (this=this@entry=0x7fff9fa17590, flags=...) at kernel/qeventloop.cpp:204
#48 0x00007fb7a518413b in QCoreApplication::exec () at kernel/qcoreapplication.cpp:1221
#49 0x00007fb7a42fe06c in QApplication::exec () at kernel/qapplication.cpp:3823
#50 0x00007fb7ab129186 in kdemain (argc=1, argv=0x7fff9fa17868) at /usr/src/debug/kde-workspace-4.11.9/kwin/main.cpp:597
#51 0x00007fb7aad1cbe5 in __libc_start_main () from /lib64/libc.so.6
#52 0x0000000000400761 in _start () at ../sysdeps/x86_64/start.S:122

Reported using DrKonqi
Comment 1 Thomas Lübking 2014-04-30 19:21:03 UTC 
did you somehow run some update at that time?

The backtrace says that
1. it's from KWin 4.11.9
2. this happened when calling the rightbutton popup menu (and the activity submenu in particular)

Where neither matches the bug description.
Comment 2 Eugenio 2014-04-30 22:33:10 UTC 
1. The last update I did was yesterday.
rpm -q reports kwin-4.11.9-1.1.x86_64, but "kwin --version" reports 4.11.8.
I think that this is a bug in the package for opensuse. But at this point I don't know what version of kwin is.
2. True, now I can reproduce the crash. The crash happens after a short time (like 1 second) after that I select the activity submenu. So the first time i was able somehow to maximize the window before the crash (and I thought that maximizing caused the crash).
So this is what I do to reproduce this crash (with two activities):
1. make sure that all the two activities are running and go to the first one (without stopping the second).
2. start dolphin, rightclick to show the popup menu and scroll through all options.
3. stop the second activity.
4. rightclick on dolphin to show the menu and scroll through all options (you should not see the activity submenu).
5. start the second activity and go back to the previous.
6. rightclick on dolphin to show the popup menu, scroll and then kwin crash.
After that dolphin is shown in all the activities.
Seems incredible but I found this bug by accident..
I don't know if it's a bug in the package or in kwin.
Comment 3 Thomas Lübking 2014-05-01 08:50:15 UTC 
the problem  is the local
static QActionGroup *allActivitiesGroup;

which is parented by, but not reset when m_activityMenu getss deleted in ::showHideActivityMenu()
Comment 4 Martin Flöser 2014-05-09 05:20:44 UTC 
*** Bug 334539 has been marked as a duplicate of this bug. ***
Comment 5 Mishka 2014-05-12 11:57:13 UTC 
Created attachment 86592 [details]
New crash information added by DrKonqi

kwin (4.11.9) on KDE Platform 4.13.0 using Qt 4.8.6

If i try to trigger system actions menu(right click on focused app in  icon-only task manger) plasma can crash.
Using Kubuntu 14.04, kde4.13, does not noticed this bug before, when i used opensuse 13.1 kde4.13

-- Backtrace (Reduced):
#5  0x00007fb5916dcc6c in begin (this=0x266df68) at ../../include/QtCore/../../src/corelib/tools/qlist.h:101
#6  contains (t=@0x7fffda8a8198: 0x233c360, this=0x266df68) at ../../include/QtCore/../../src/corelib/tools/qlist.h:882
#7  QActionGroup::addAction (this=0x27c4bc0, a=0x233c360) at kernel/qactiongroup.cpp:180
[...]
#10 0x00007fb591b091c0 in QMenu::aboutToShow (this=this@entry=0x25e9b40) at .moc/release-shared/moc_qmenu.cpp:164
#11 0x00007fb591b0c0bd in QMenu::popup (this=0x25e9b40, p=..., atAction=atAction@entry=0x0) at widgets/qmenu.cpp:1844
Comment 6 Martin Flöser 2014-05-17 07:01:53 UTC 
*** Bug 334917 has been marked as a duplicate of this bug. ***
Comment 7 Martin Flöser 2014-05-19 05:42:02 UTC 
*** Bug 334942 has been marked as a duplicate of this bug. ***
Comment 8 Thomas Lübking 2014-05-22 20:15:57 UTC 
*** Bug 335215 has been marked as a duplicate of this bug. ***
Comment 9 Martin Flöser 2014-05-23 05:26:49 UTC 
*** Bug 335230 has been marked as a duplicate of this bug. ***
Comment 10 Thomas Lübking 2014-05-23 15:33:06 UTC 
*** Bug 335244 has been marked as a duplicate of this bug. ***
Comment 11 Martin Flöser 2014-05-26 17:52:02 UTC 
*** Bug 335378 has been marked as a duplicate of this bug. ***
Comment 12 Thomas Lübking 2014-05-28 10:21:12 UTC 
*** Bug 335459 has been marked as a duplicate of this bug. ***
Comment 13 Thomas Lübking 2014-05-29 11:55:20 UTC 
*** Bug 335516 has been marked as a duplicate of this bug. ***
Comment 14 Thomas Lübking 2014-05-30 21:55:02 UTC 
Git commit d3fe2391f6b36398ac671fe3cadef667919cc0e5 by Thomas Lübking.
Committed on 01/05/2014 at 14:22.
Pushed by luebking into branch 'KDE/4.11'.

fix dangeling allActivitiesGroup pointer crash
REVIEW: 118411
FIXED-IN: 4.11.10

M  +2    -1    kwin/useractions.cpp

http://commits.kde.org/kde-workspace/d3fe2391f6b36398ac671fe3cadef667919cc0e5
Comment 15 Martin Flöser 2014-06-04 14:40:28 UTC 
Git commit 00bb7672918d28a660acfd7e7e16274930dbb8ca by Martin Gräßlin, on behalf of Thomas Lübking.
Committed on 01/05/2014 at 14:22.
Pushed by graesslin into branch 'master'.

fix dangeling allActivitiesGroup pointer crash

Forward port of d3fe2391f6b36398ac671fe3cadef667919cc0e5 from kde-workspace

M  +2    -1    useractions.cpp

http://commits.kde.org/kwin/00bb7672918d28a660acfd7e7e16274930dbb8ca
Comment 16 Thomas Lübking 2014-06-08 13:52:50 UTC 
*** Bug 335955 has been marked as a duplicate of this bug. ***
Comment 17 Martin Flöser 2014-06-10 05:33:28 UTC 
*** Bug 336006 has been marked as a duplicate of this bug. ***
Comment 18 Thomas Lübking 2014-06-12 17:01:34 UTC 
*** Bug 336136 has been marked as a duplicate of this bug. ***
Comment 19 Thomas Lübking 2014-06-26 13:27:44 UTC 
*** Bug 336757 has been marked as a duplicate of this bug. ***
Comment 20 Thomas Lübking 2014-07-04 18:54:58 UTC 
*** Bug 337084 has been marked as a duplicate of this bug. ***
Comment 21 Thomas Lübking 2014-09-10 17:06:33 UTC 
*** Bug 337159 has been marked as a duplicate of this bug. ***
Comment 22 Thomas Lübking 2014-09-10 17:06:52 UTC 
*** Bug 338984 has been marked as a duplicate of this bug. ***