If you scroll up and down with the mouse through the favorites part of the Kickoff menu, then at a certain moment plasmashell will crash with a segmentation fault. This is only happening with Kickoff, as that Kicker functions normally. I have attached the crash log. Reproducible: Always Steps to Reproduce: 1. Log in to Plasma 2. Click on the Application Launcher 3. Scroll up and down through the favorites until plasmashell crashes
Created attachment 87307 [details] Crash log from plasmashell
Extracting relevant part of backtrace: Thread 1 (Thread 0x7f4c13dbe7c0 (LWP 1721)): [KCrash Handler] #5 0x00007f4c13220305 in QV4::MemoryManager::collectFromJSStack (this=this@entry=0x1646b20) at jsruntime/qv4mm.cpp:552 #6 0x00007f4c132203ad in QV4::MemoryManager::mark (this=0x1646b20) at jsruntime/qv4mm.cpp:276 #7 0x00007f4c132218d5 in QV4::MemoryManager::runGC (this=this@entry=0x1646b20) at jsruntime/qv4mm.cpp:439 #8 0x00007f4c13221e5f in QV4::MemoryManager::alloc (this=0x1646b20, size=size@entry=96) at jsruntime/qv4mm.cpp:206 #9 0x00007f4c13222ac3 in allocManaged (size=<optimized out>, this=<optimized out>) at jsruntime/qv4mm_p.h:102 #10 QV4::Managed::operator new (size=size@entry=88, mm=<optimized out>) at jsruntime/qv4managed.cpp:69 #11 0x00007f4c13335b57 in QV4::QmlTypeWrapper::create (v8=0x162ebf0, o=0x48f9550, t=0x7f4be801a8b0, mode=mode@entry=QV4::QmlTypeWrapper::ExcludeEnums) at qml/qqmltypewrapper.cpp:101 #12 0x00007f4c13288f0f in QV4::QObjectWrapper::getQmlProperty (this=0x7f4afd928340, ctx=0x7fff54e15930, qmlContext=<optimized out>, n=<optimized out>, revisionMode=QV4::QObjectWrapper::IgnoreRevision, hasProperty=0x0, includeImports=true) at jsruntime/qv4qobjectwrapper.cpp:309 #13 0x00007f4c13288fc3 in QV4::QObjectWrapper::get (m=0x7f4afd928340, name=..., hasProperty=0x0) at jsruntime/qv4qobjectwrapper.cpp:672 #14 0x00007f4c13294566 in get (hasProperty=0x0, name=..., this=<optimized out>) at jsruntime/qv4object_p.h:244 #15 QV4::Runtime::getProperty (ctx=0x7fff54e15930, object=..., name=...) at jsruntime/qv4runtime.cpp:662 #16 0x00007f4bb80b1bf6 in ?? () #17 0x00007fff54e158d0 in ?? () #18 0x00007f4bde7ff380 in ?? () #19 0x00007fff54e162f0 in ?? () #20 0x0003000000000000 in ?? () #21 0x00007f4afd926270 in ?? () #22 0x0000000001625c60 in ?? () #23 0x00007fff54e15900 in ?? () #24 0x00007fff54e15930 in ?? () #25 0x0000000001625c60 in ?? () #26 0x00007f4afd9276e0 in ?? () #27 0x00007f4bde7ff380 in ?? () #28 0x0000000004790d50 in ?? () #29 0x00007fff54e162f0 in ?? () #30 0x00007f4c1324cbd5 in QV4::SimpleScriptFunction::call (that=0x7f4afd9276e0, callData=<optimized out>) at jsruntime/qv4functionobject.cpp:529
No matter how much I scroll and also move mouse while scrolling, I cannot get it to crash. What Qt version are you running? Are you possibly running this in a virtual machine?
I am running git master of Qt 5.3.2 and I am not using a virtual machine. I know another user that has similar issues with kickoff. From an IRC chat I have the following: [Friday 20 June 2014] [09:36:28] <sjraarke> einar77_work: Click menu icon => don't select anything but just hover over it, move left and right a few times, select any of the options on the bottom and hover and move some more within the menu area. Sure hit, it will crash on all my systems [Friday 20 June 2014] [09:40:47] <sjraarke> Hmmm, this is funny (I think), it happens on all "on iron" installs, it happens on all AMD based vm's, but does not happen on Intel based vm's [Friday 20 June 2014] [10:17:16] <sjraarke> Okay, simpler way to get a black screen, select menu (Application Launcher) select all applications, select system, use scroll mouse to go down, keep going it will go black I am not sure if sjaarke is using a virtual machine.
Nope, still doesn't happen here. Note that the backtrace is fully in Qt/QML engine, not with our code. It might be that it's a bug in Qt itself; can you possibly revert to Qt 5.3.1 tag and retry, then Qt 5.3.2 tag (if it's out already) and retry again?
I don't think we should consider valid backtraces down in Qt that are from unrelased git snapstots.. should really try to reproduce with released 5.3.1
(In reply to comment #6) > I don't think we should consider valid backtraces down in Qt that are from > unrelased git snapstots.. i kinda understand this point, but just means sooner or later it would hit users of next Qt stable release. anyways, i'm not a bugfixer here, so can't really say ;-) would adding exact commit hash to Qt build/snapshot help?
> just means sooner or later it would hit users of next Qt stable release That's not true, if it's a bug in between releases, it can get fixed before another final stable release and so it will not bite normal users. > would adding exact commit hash to Qt build/snapshot help? You can add it, but we're currently targeting 5.3.1.
(In reply to comment #8) > > just means sooner or later it would hit users of next Qt stable release > > That's not true, if it's a bug in between releases, it can get fixed before > another final stable release and so it will not bite normal users. offcourse, but means someone has to use it/report it :D > > would adding exact commit hash to Qt build/snapshot help? > > You can add it, but we're currently targeting 5.3.1. understood. will build it against 5.3.1 once it's out
up to you whether you want to close it (for now). in any case, looks hovering triggers memory corruption. and happens after a while while scrolling through/hovering over submenus... got this with gdb: Thread 1 (Thread 0x7ffff7f537c0 (LWP 25620)): #0 0x00007ffff1314171 in __memmove_ssse3 () from /lib64/libc.so.6 #1 0x00007ffff199f359 in memmove (__len=<optimized out>, __src=<optimized out>, __dest=<optimized out>) at /usr/include/bits/string3.h:57 #2 QListData::remove (this=this@entry=0x1239fb8, i=<optimized out>, i@entry=0) at tools/qlist.cpp:262 #3 0x00007ffff199f5f9 in QListData::erase (this=this@entry=0x1239fb8, xi=<optimized out>) at tools/qlist.cpp:327 #4 0x00007ffff79b9485 in erase (it=..., this=0x1239fb8) at /usr/include/qt5/QtCore/qlist.h:475 #5 removeFirst (this=0x1239fb8) at /usr/include/qt5/QtCore/qlist.h:298 #6 QQuickWindowPrivate::deliverHoverEvent (this=this@entry=0x1239e30, item=item@entry=0x409fde0, scenePos=..., lastScenePos=..., modifiers=..., modifiers@entry=..., accepted=@0x7fffffffce6f: true) at items/qquickwindow.cpp:1632 #7 0x00007ffff79b9106 in QQuickWindowPrivate::deliverHoverEvent (this=this@entry=0x1239e30, item=item@entry=0x45d56d0, scenePos=..., lastScenePos=..., modifiers=..., modifiers@entry=..., accepted=@0x7fffffffce6f: true) at items/qquickwindow.cpp:1612 #8 0x00007ffff79b9106 in QQuickWindowPrivate::deliverHoverEvent (this=this@entry=0x1239e30, item=item@entry=0x47f2310, scenePos=..., lastScenePos=..., modifiers=..., modifiers@entry=..., accepted=@0x7fffffffce6f: true) at items/qquickwindow.cpp:1612 #9 0x00007ffff79b9106 in QQuickWindowPrivate::deliverHoverEvent (this=this@entry=0x1239e30, item=item@entry=0x4629830, scenePos=..., lastScenePos=..., modifiers=..., modifiers@entry=..., accepted=@0x7fffffffce6f: true) at items/qquickwindow.cpp:1612 #10 0x00007ffff79b9106 in QQuickWindowPrivate::deliverHoverEvent (this=this@entry=0x1239e30, item=item@entry=0x3d5d550, scenePos=..., lastScenePos=..., modifiers=..., modifiers@entry=..., accepted=@0x7fffffffce6f: true) at items/qquickwindow.cpp:1612 #11 0x00007ffff79b9106 in QQuickWindowPrivate::deliverHoverEvent (this=this@entry=0x1239e30, item=item@entry=0x3d3bfe0, scenePos=..., lastScenePos=..., modifiers=..., modifiers@entry=..., accepted=@0x7fffffffce6f: true) at items/qquickwindow.cpp:1612 #12 0x00007ffff79b9106 in QQuickWindowPrivate::deliverHoverEvent (this=this@entry=0x1239e30, item=item@entry=0x3cb5dc0, scenePos=..., lastScenePos=..., modifiers=..., modifiers@entry=..., accepted=@0x7fffffffce6f: true) at items/qquickwindow.cpp:1612 #13 0x00007ffff79b9106 in QQuickWindowPrivate::deliverHoverEvent (this=this@entry=0x1239e30, item=item@entry=0x3cb5a30, scenePos=..., lastScenePos=..., modifiers=..., modifiers@entry=..., accepted=@0x7fffffffce6f: true) at items/qquickwindow.cpp:1612 #14 0x00007ffff79b9106 in QQuickWindowPrivate::deliverHoverEvent (this=this@entry=0x1239e30, item=item@entry=0x3d3c3f0, scenePos=..., lastScenePos=..., modifiers=..., modifiers@entry=..., accepted=@0x7fffffffce6f: true) at items/qquickwindow.cpp:1612 #15 0x00007ffff79b9106 in QQuickWindowPrivate::deliverHoverEvent (this=this@entry=0x1239e30, item=item@entry=0x3d3bbf0, scenePos=..., lastScenePos=..., modifiers=..., modifiers@entry=..., accepted=@0x7fffffffce6f: true) at items/qquickwindow.cpp:1612 #16 0x00007ffff79b9106 in QQuickWindowPrivate::deliverHoverEvent (this=this@entry=0x1239e30, item=item@entry=0x3b78450, scenePos=..., lastScenePos=..., modifiers=..., modifiers@entry=..., accepted=@0x7fffffffce6f: true) at items/qquickwindow.cpp:1612 #17 0x00007ffff79b9106 in QQuickWindowPrivate::deliverHoverEvent (this=this@entry=0x1239e30, item=item@entry=0x384e670, scenePos=..., lastScenePos=..., modifiers=..., modifiers@entry=..., accepted=@0x7fffffffce6f: true) at items/qquickwindow.cpp:1612 #18 0x00007ffff79b9106 in QQuickWindowPrivate::deliverHoverEvent (this=this@entry=0x1239e30, item=item@entry=0x384dbe0, scenePos=..., lastScenePos=..., modifiers=..., modifiers@entry=..., accepted=@0x7fffffffce6f: true) at items/qquickwindow.cpp:1612 #19 0x00007ffff79b9106 in QQuickWindowPrivate::deliverHoverEvent (this=this@entry=0x1239e30, item=item@entry=0x384d9d0, scenePos=..., lastScenePos=..., modifiers=..., modifiers@entry=..., accepted=@0x7fffffffce6f: true) at items/qquickwindow.cpp:1612 #20 0x00007ffff79b9106 in QQuickWindowPrivate::deliverHoverEvent (this=this@entry=0x1239e30, item=item@entry=0x3831490, scenePos=..., lastScenePos=..., modifiers=..., modifiers@entry=..., accepted=@0x7fffffffce6f: true) at items/qquickwindow.cpp:1612 #21 0x00007ffff79b9106 in QQuickWindowPrivate::deliverHoverEvent (this=this@entry=0x1239e30, item=item@entry=0x38347a0, scenePos=..., lastScenePos=..., modifiers=..., modifiers@entry=..., accepted=@0x7fffffffce6f: true) at items/qquickwindow.cpp:1612 #22 0x00007ffff79b9106 in QQuickWindowPrivate::deliverHoverEvent (this=this@entry=0x1239e30, item=item@entry=0x37cf450, scenePos=..., lastScenePos=..., modifiers=..., modifiers@entry=..., accepted=@0x7fffffffce6f: true) at items/qquickwindow.cpp:1612 #23 0x00007ffff79b9106 in QQuickWindowPrivate::deliverHoverEvent (this=this@entry=0x1239e30, item=item@entry=0x37c1ae0, scenePos=..., lastScenePos=..., modifiers=..., modifiers@entry=..., accepted=@0x7fffffffce6f: true) at items/qquickwindow.cpp:1612 #24 0x00007ffff79b9106 in QQuickWindowPrivate::deliverHoverEvent (this=this@entry=0x1239e30, item=item@entry=0x12374a0, scenePos=..., lastScenePos=..., modifiers=..., modifiers@entry=..., accepted=@0x7fffffffce6f: true) at items/qquickwindow.cpp:1612 #25 0x00007ffff79b9106 in QQuickWindowPrivate::deliverHoverEvent (this=this@entry=0x1239e30, item=0x12397a0, scenePos=..., lastScenePos=..., modifiers=..., accepted=@0x7fffffffce6f: true) at items/qquickwindow.cpp:1612 #26 0x00007ffff79bb3bc in QQuickWindow::mouseMoveEvent (this=<optimized out>, event=0x7fffffffd2a0) at items/qquickwindow.cpp:1583 #27 0x00007ffff20514d9 in QWindow::event (this=this@entry=0x12395e0, ev=ev@entry=0x7fffffffd2a0) at kernel/qwindow.cpp:1881 #28 0x00007ffff79bc343 in QQuickWindow::event (this=this@entry=0x12395e0, e=e@entry=0x7fffffffd2a0) at items/qquickwindow.cpp:1348 #29 0x00007ffff6087033 in PlasmaQuick::Dialog::event (this=0x12395e0, event=0x7fffffffd2a0) at /usr/src/debug/plasma-framework-4.100.0git~1403278356~55b5e81/src/plasmaquick/dialog.cpp:846 #30 0x00007ffff27b5f3c in QApplicationPrivate::notify_helper (this=this@entry=0x6a9eb0, receiver=receiver@entry=0x12395e0, e=e@entry=0x7fffffffd2a0) at kernel/qapplication.cpp:3522 #31 0x00007ffff27bafc6 in QApplication::notify (this=0x7fffffffd790, receiver=0x12395e0, e=0x7fffffffd2a0) at kernel/qapplication.cpp:3305 #32 0x00007ffff1b160e5 in QCoreApplication::notifyInternal (this=0x7fffffffd790, receiver=receiver@entry=0x12395e0, event=event@entry=0x7fffffffd2a0) at kernel/qcoreapplication.cpp:935 #33 0x00007ffff204a0f3 in sendSpontaneousEvent (event=0x7fffffffd2a0, receiver=0x12395e0) at ../../src/corelib/kernel/qcoreapplication.h:240 #34 QGuiApplicationPrivate::processMouseEvent (e=0x4472f80) at kernel/qguiapplication.cpp:1721 #35 0x00007ffff204b6c5 in QGuiApplicationPrivate::processWindowSystemEvent (e=e@entry=0x4472f80) at kernel/qguiapplication.cpp:1522 #36 0x00007ffff2032428 in QWindowSystemInterface::sendWindowSystemEvents (flags=...) at kernel/qwindowsysteminterface.cpp:579 #37 0x00007fffe432da40 in userEventSourceDispatch (source=<optimized out>) at eventdispatchers/qeventdispatcher_glib.cpp:78 #38 0x00007fffec630c54 in g_main_context_dispatch () from /usr/lib64/libglib-2.0.so.0 #39 0x00007fffec630e98 in ?? () from /usr/lib64/libglib-2.0.so.0 #40 0x00007fffec630f3c in g_main_context_iteration () from /usr/lib64/libglib-2.0.so.0 #41 0x00007ffff1b6cdcc in QEventDispatcherGlib::processEvents (this=0x6a8f50, flags=...) at kernel/qeventdispatcher_glib.cpp:426 #42 0x00007ffff1b13ffb in QEventLoop::exec (this=this@entry=0x7fffffffd620, flags=..., flags@entry=...) at kernel/qeventloop.cpp:212 #43 0x00007ffff1b1b656 in QCoreApplication::exec () at kernel/qcoreapplication.cpp:1188 #44 0x0000000000431102 in main ()
*** Bug 336565 has been marked as a duplicate of this bug. ***
*** Bug 336711 has been marked as a duplicate of this bug. ***
*** Bug 336918 has been marked as a duplicate of this bug. ***
Confirming this bug as more then 3 people reported same crash..
Git commit db9ef91220f05dbc6c8398515a0807c6344a9ae1 by Marco Martin. Committed on 08/07/2014 at 11:46. Pushed by mart into branch 'master'. always show both application name and description this has two reasons: works around https://bugs.kde.org/show_bug.cgi?id=336493 by removing animations and makes it look more quiet, not having things moving around (it may be the "bad" type of animation" it makes the subtitles always appear, but very faint, and go opaque only under mouse REVIEW:119173 M +2 -3 applets/kickoff/package/contents/ui/KickoffItem.qml http://commits.kde.org/plasma-desktop/db9ef91220f05dbc6c8398515a0807c6344a9ae1
I still can reproduce that. Is it really fixed? http://paste.kde.org/pd49kuojp
Can't crash it anymore.
I can reproduce this bug.. Reopening.
*** Bug 337764 has been marked as a duplicate of this bug. ***
How many apps you have in your favorites?
Sorry for the duplicate, didn't spot this bug report. Anyway, I have only the three default entries favourites (Konqueror, Dolphin, System Settings) but I can still crash plasmashell in other menus like System and Games. I think you just need the (sub)menu to be long enough to have a scrollbar to reproduce.
Actually, I think the menu must be longer than 2x the vertical space of kickoff, otherwise I can't crash plasma. I tried with tactical & strategy games (they exceed the vertical space by 2 entries) and the bug isn't reproducible.
I've managed to reproduce this crash once, somehow. It was an assert here (not sure if it helps): plasmashell(6824) qt_assert: ASSERT: "!isEmpty()" in file /home/mck182/kf5-dev/qt5/qtbase/include/QtCore/../../src/corelib/tools/qlist.h, line 298 #10 0x00007f27a4b6ac12 in qt_assert (assertion=0x7f27aba57ee3 "!isEmpty()", file=0x7f27aba57da8 "/home/mck182/kf5-dev/qt5/qtbase/include/QtCore/../../src/corelib/tools/qlist.h", line=298) at global/qglobal.cpp:2127 #11 0x00007f27ab8a12ba in QList<QQuickItem*>::removeFirst (this=0x3ecb828) at /home/mck182/kf5-dev/qt5/qtbase/include/QtCore/../../src/corelib/tools/qlist.h:298 #12 0x00007f27ab8984b8 in QQuickWindowPrivate::deliverHoverEvent (this=0x3ecb6a0, item=0x585a500, scenePos=..., lastScenePos=..., modifiers=..., accepted=@0x7fffcf8e38b6: true) at items/qquickwindow.cpp:1625 #13 0x00007f27ab89829d in QQuickWindowPrivate::deliverHoverEvent (this=0x3ecb6a0, item=0x5854f10, scenePos=..., lastScenePos=..., modifiers=..., accepted=@0x7fffcf8e38b6: true) at items/qquickwindow.cpp:1605 #14 0x00007f27ab89829d in QQuickWindowPrivate::deliverHoverEvent (this=0x3ecb6a0, item=0x577ccf0, scenePos=..., lastScenePos=..., modifiers=..., accepted=@0x7fffcf8e38b6: true) at items/qquickwindow.cpp:1605 (...lots of other ::deliverHoverEvent lines...)
After some investigation I found out that setting the currentIndex to -1 when the onExited signal is triggered was apparently what caused the error. The system is probably trying to remove an item that is not shown, causing the segfault. I couldn't use the onMovement/flickStarted signal for some reason, so i tried with onContentYChanged and I can't reproduce the bug anymore. It would be better to check if the currentItem is still shown, but I wasn't able to do that with the visible property, so i just set currentIndex to -1 on every scroll. I attach the patch to ApplicationsView.qml, tell me if you still can reproduce the bug.
Created attachment 88083 [details] Proposed solution: Unset currentIndex onContentYChanged.
I don't think we can merge that patch. It's a workaround and not a fix. (though the fix possibly needs to be in Qt) This will cause problems for key navigation.
You are completely right. I didn't think about keyboard usage, tried with my patch applied and plasmashell crashes when i scroll down from the last element with the down arrow key. I'm no expert when it comes to Qt or QML, so this was just me trying to solve this because it gets pretty annoying... On the qt side of things, this is really weird because the code actually checks if the list is empty before attempting to remove the first item from it (and crashing), so I don't really understand how this can happen. Maybe concurrent accesses to the same list?
*** Bug 339586 has been marked as a duplicate of this bug. ***
Created attachment 88983 [details] crash 1
Created attachment 88984 [details] crash 2 - happens right after crash 1
looks like there was a similar bug reported at Qt, https://bugreports.qt-project.org/browse/QTBUG-32771 but it is marked fixed with 5.2... maybe some Plasma dev gets an idea from that one ;-)
oh, easiest way to reproduce, is to search via kickoff (a term you know it'll get quite a few results), and scroll up and down through results. after 5 seconds top, it'll segfault
still a problem for me when running the daily kubuntu ppa via project neon 5 adding some bug report file
Created attachment 89197 [details] crash log file 19.10.2014
I have the same issue, it happens, when I use the search in the application launcher and scroll down through the results using the mousewheel, the crash happens as soon as I reach the bottom.
I'm getting the same thing just now, scrolling through applications looking for firefox to launch, this is highly repeatable in my system... Started plasmashell from the command line a number of times, crash has <Unknown File>: QML Plasmoid: Cannot anchor to an item that isn't a parent or sibling. <Unknown File>: QML Plasmoid: Cannot anchor to an item that isn't a parent or sibling. <Unknown File>: QML Plasmoid: Cannot anchor to an item that isn't a parent or sibling. <Unknown File>: QML Plasmoid: Cannot anchor to an item that isn't a parent or sibling. <Unknown File>: QML Plasmoid: Cannot anchor to an item that isn't a parent or sibling. <Unknown File>: QML Plasmoid: Cannot anchor to an item that isn't a parent or sibling. <Unknown File>: QML Plasmoid: Cannot anchor to an item that isn't a parent or sibling. QQuickItem::ungrabMouse(): Item is not the mouse grabber. Application::crashHandler() called with signal 11; recent crashes: 1 *** Error in `plasmashell': malloc(): memory corruption (fast): 0x0000000006cb4c10 *** KCrash: crashing... crashRecursionCounter = 2 KCrash: Application Name = plasmashell path = /usr/bin pid = 10400 KCrash: Arguments: /usr/bin/plasmashell at the end. Software is KDE 4.10 with plasmanew ppa plasmashell --version "Theme tree: (Breeze)" plasmashell 5.1.1
This problem might be fixed by upstream with following commit. https://qt.gitorious.org/qt/qtdeclarative/commit/06514a3fa24a66ce1e29aca14c3c699d1aa8185a Which will come with Qt 5.4.
I haven't reproduced this since moving to Qt5.4
*** Bug 341770 has been marked as a duplicate of this bug. ***
*** Bug 341996 has been marked as a duplicate of this bug. ***