451124 – Switching back from simple menu to Kickoff crashes Plasma in PlaceholderModel::reset()

Bug 451124 - Switching back from simple menu to Kickoff crashes Plasma in PlaceholderModel::reset()

Summary: Switching back from simple menu to Kickoff crashes Plasma in PlaceholderModel...

Status:	REPORTED

Alias:	None

Product:	plasmashell
Classification:	Plasma
Component:	Application Launcher (Kickoff) (show other bugs)
Version:	5.24.2
Platform:	Manjaro Linux

Importance:	NOR crash
Target Milestone:	1.0
Assignee:	Plasma Bugs List

URL:
Keywords:

Depends on:
Blocks:

Reported:	2022-03-04 10:50 UTC by medin
Modified:	2023-07-24 23:55 UTC (History)
CC List:	4 users (show)

See Also:
Latest Commit:
Version Fixed In:

Attachments
Add an attachment

Note You need to log in before you can comment on or make changes to this bug.

Description medin 2022-03-04 10:50:52 UTC

If you switch from Kickoff to Simple Menu then switch back to Kickoff, the whole Plasma desktop crashes.

with Arch starting support of debug symbols via debuginfod, this is the backtrace :

[Thread debugging using libthread_db enabled]
Using host libthread_db library "/usr/lib/libthread_db.so.1".
Core was generated by `/usr/bin/plasmashell'.
Program terminated with signal SIGSEGV, Segmentation fault.
#0  0x00007f483930a34c in __pthread_kill_implementation () from /usr/lib/libc.so.6
[Current thread is 1 (Thread 0x7f4834c21a80 (LWP 25977))]
(gdb) bt
#0  0x00007f483930a34c in __pthread_kill_implementation () at /usr/lib/libc.so.6
#1  0x00007f48392bd4b8 in raise () at /usr/lib/libc.so.6
#2  0x00007f483b614384 in KCrash::defaultCrashHandler(int) (sig=11) at /usr/src/debug/kcrash-5.91.0/src/kcrash.cpp:609
#3  0x00007f48392bd560 in <signal handler called> () at /usr/lib/libc.so.6
#4  0x00007f4839a202e0 in typeinfo name for QEventTransitionPrivate () at /usr/lib/libQt5Core.so.5
#5  0x00007f48399689d3 in  () at /usr/lib/libQt5Core.so.5
#6  0x00007f480bf4a870 in PlaceholderModel::reset() (this=0x5641c7a11740) at /usr/src/debug/plasma-workspace-5.24.2/applets/kicker/plugin/placeholdermodel.cpp:231
#7  PlaceholderModel::qt_static_metacall(QObject*, QMetaObject::Call, int, void**) (_o=0x5641c7a11740, _c=<optimized out>, _id=<optimized out>, _a=0x7ffc7ce11650)
    at /usr/src/debug/build/applets/kicker/kickerplugin_autogen/7RBZBFH7CH/moc_placeholdermodel.cpp:116
#8  0x00007f4839968a1f in  () at /usr/lib/libQt5Core.so.5
#9  0x00007f4839968c24 in QObject::destroyed(QObject*) () at /usr/lib/libQt5Core.so.5
#10 0x00007f483995f1c4 in QObject::~QObject() () at /usr/lib/libQt5Core.so.5
#11 0x00007f480bf67f08 in KAStatsFavoritesModel::Private::~Private() (this=0x5641bc8168f0, this=<optimized out>)
    at /usr/src/debug/plasma-workspace-5.24.2/applets/kicker/plugin/kastatsfavoritesmodel.cpp:56
#12 KAStatsFavoritesModel::Private::~Private() (this=0x5641bc8168f0, this=<optimized out>)
    at /usr/src/debug/plasma-workspace-5.24.2/applets/kicker/plugin/kastatsfavoritesmodel.cpp:56
#13 0x00007f480bf67c01 in KAStatsFavoritesModel::~KAStatsFavoritesModel() (this=0x5641c7a11740, this=<optimized out>)
    at /usr/src/debug/plasma-workspace-5.24.2/applets/kicker/plugin/kastatsfavoritesmodel.cpp:451
#14 KAStatsFavoritesModel::~KAStatsFavoritesModel() (this=0x5641c7a11740, this=<optimized out>)
    at /usr/src/debug/plasma-workspace-5.24.2/applets/kicker/plugin/kastatsfavoritesmodel.cpp:452
#15 0x00007f483995ec05 in QObjectPrivate::deleteChildren() () at /usr/lib/libQt5Core.so.5
#16 0x00007f483995f3b9 in QObject::~QObject() () at /usr/lib/libQt5Core.so.5
#17 0x00007f480bf6ea9f in RootModel::~RootModel() (this=0x5641bf3e6150, this=<optimized out>)
    at /usr/src/debug/plasma-workspace-5.24.2/applets/kicker/plugin/rootmodel.cpp:73
#18 QQmlPrivate::QQmlElement<RootModel>::~QQmlElement() (this=0x5641bf3e6150, this=<optimized out>) at /usr/include/qt/QtQml/qqmlprivate.h:144
#19 QQmlPrivate::QQmlElement<RootModel>::~QQmlElement() (this=0x5641bf3e6150, this=<optimized out>) at /usr/include/qt/QtQml/qqmlprivate.h:144
#20 0x00007f483995ec05 in QObjectPrivate::deleteChildren() () at /usr/lib/libQt5Core.so.5
#21 0x00007f483995f3b9 in QObject::~QObject() () at /usr/lib/libQt5Core.so.5
#22 0x00007f483b39567b in QQmlPrivate::QQmlElement<QQuickItem>::~QQmlElement() (this=0x5641c3455580, this=<optimized out>)
    at ../../include/QtQml/../../../qtdeclarative/src/qml/qml/qqmlprivate.h:144
#23 QQmlPrivate::QQmlElement<QQuickItem>::~QQmlElement() (this=0x5641c3455580, this=<optimized out>)
    at ../../include/QtQml/../../../qtdeclarative/src/qml/qml/qqmlprivate.h:144
#24 0x00007f483b707e51 in KDeclarative::QmlObjectPrivate::~QmlObjectPrivate() (this=0x5641bdc6aff0, this=<optimized out>)
    at /usr/src/debug/kdeclarative-5.91.0/src/kdeclarative/qmlobject.cpp:60
#25 KDeclarative::QmlObject::~QmlObject() (this=0x5641c71af2c0, this=<optimized out>) at /usr/src/debug/kdeclarative-5.91.0/src/kdeclarative/qmlobject.cpp:190
#26 0x00007f483b70811e in KDeclarative::QmlObjectSharedEngine::~QmlObjectSharedEngine() (this=0x5641c71af2c0, this=<optimized out>)
    at /usr/src/debug/kdeclarative-5.91.0/src/kdeclarative/qmlobjectsharedengine.cpp:63
#27 0x00007f483995ec05 in QObjectPrivate::deleteChildren() () at /usr/lib/libQt5Core.so.5
#28 0x00007f483995f3b9 in QObject::~QObject() () at /usr/lib/libQt5Core.so.5
#29 0x00007f4831661b4d in AppletInterface::~AppletInterface() (this=0x7f482402a520, this=<optimized out>)
    at /usr/src/debug/plasma-framework-5.91.0/src/scriptengines/qml/plasmoid/appletinterface.cpp:126
#30 0x00007f483995ec05 in QObjectPrivate::deleteChildren() () at /usr/lib/libQt5Core.so.5
#31 0x00007f483995f3b9 in QObject::~QObject() () at /usr/lib/libQt5Core.so.5
#32 0x00007f483b7d32d8 in Plasma::ScriptEngine::~ScriptEngine() (this=<optimized out>, this=<optimized out>)
    at /usr/src/debug/plasma-framework-5.91.0/src/plasma/scripting/scriptengine.cpp:48
#33 0x00007f483b7d3334 in Plasma::AppletScript::~AppletScript() (this=<optimized out>, this=<optimized out>)
    at /usr/src/debug/plasma-framework-5.91.0/src/plasma/scripting/appletscript.cpp:35
#34 0x00007f4831660f40 in DeclarativeAppletScript::~DeclarativeAppletScript() (this=0x5641c52d55e0, this=<optimized out>)
    at /usr/src/debug/plasma-framework-5.91.0/src/scriptengines/qml/plasmoid/declarativeappletscript.cpp:58
#35 DeclarativeAppletScript::~DeclarativeAppletScript() (this=0x5641c52d55e0, this=<optimized out>)
    at /usr/src/debug/plasma-framework-5.91.0/src/scriptengines/qml/plasmoid/declarativeappletscript.cpp:58
#36 0x00007f483b7a11fa in Plasma::AppletPrivate::~AppletPrivate() (this=0x5641bdc9f3d0, this=<optimized out>)
    at /usr/src/debug/plasma-framework-5.91.0/src/plasma/private/applet_p.cpp:89
#37 0x00007f483b79332c in Plasma::AppletPrivate::~AppletPrivate() (this=0x5641bdc9f3d0, this=<optimized out>)
    at /usr/src/debug/plasma-framework-5.91.0/src/plasma/private/applet_p.cpp:83
#38 Plasma::Applet::~Applet() (this=0x5641bdba5840, this=<optimized out>) at /usr/src/debug/plasma-framework-5.91.0/src/plasma/applet.cpp:163
#39 0x00007f483b79338e in Plasma::Applet::~Applet() (this=0x5641bdba5840, this=<optimized out>) at /usr/src/debug/plasma-framework-5.91.0/src/plasma/applet.cpp:164
#40 0x00007f483995bbc7 in QObject::event(QEvent*) () at /usr/lib/libQt5Core.so.5
#41 0x00007f483a5891a6 in QApplicationPrivate::notify_helper(QObject*, QEvent*) () at /usr/lib/libQt5Widgets.so.5
#42 0x00007f4839937b9a in QCoreApplication::notifyInternal2(QObject*, QEvent*) () at /usr/lib/libQt5Core.so.5
#43 0x00007f4839938699 in QCoreApplicationPrivate::sendPostedEvents(QObject*, int, QThreadData*) () at /usr/lib/libQt5Core.so.5
#44 0x00007f483997fbd8 in  () at /usr/lib/libQt5Core.so.5
#45 0x00007f4837d3cf13 in g_main_context_dispatch () at /usr/lib/libglib-2.0.so.0
#46 0x00007f4837d930d9 in  () at /usr/lib/libglib-2.0.so.0
#47 0x00007f4837d3a485 in g_main_context_iteration () at /usr/lib/libglib-2.0.so.0
#48 0x00007f4839983ada in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () at /usr/lib/libQt5Core.so.5
#49 0x00007f483992fe6b in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () at /usr/lib/libQt5Core.so.5
#50 0x00007f483993b5c7 in QCoreApplication::exec() () at /usr/lib/libQt5Core.so.5
#51 0x00005641bc06d4d2 in main(int, char**) (argc=<optimized out>, argv=<optimized out>) at /usr/src/debug/plasma-workspace-5.24.2/shell/main.cpp:238

Comment 1 Nate Graham 2022-03-22 02:10:44 UTC

Oh, those debug symbols are super helpful.

> #6  0x00007f480bf4a870 in PlaceholderModel::reset() (this=0x5641c7a11740) at /usr/src/debug/plasma-workspace-5.24.2/applets/kicker/plugin/placeholdermodel.cpp:231
> #7  PlaceholderModel::qt_static_metacall(QObject*, QMetaObject::Call, int, void**) (_o=0x5641c7a11740, _c=<optimized out>, _id=<optimized out>, _a=0x7ffc7ce11650)
>     at /usr/src/debug/build/applets/kicker/kickerplugin_autogen/7RBZBFH7CH/moc_placeholdermodel.cpp:116
> #8  0x00007f4839968a1f in  () at /usr/lib/libQt5Core.so.5
> #9  0x00007f4839968c24 in QObject::destroyed(QObject*) () at /usr/lib/libQt5Core.so.5
> #10 0x00007f483995f1c4 in QObject::~QObject() () at /usr/lib/libQt5Core.so.5
> #11 0x00007f480bf67f08 in KAStatsFavoritesModel::Private::~Private() (this=0x5641bc8168f0, this=<optimized out>)
>     at /usr/src/debug/plasma-workspace-5.24.2/applets/kicker/plugin/kastatsfavoritesmodel.cpp:56
> #12 KAStatsFavoritesModel::Private::~Private() (this=0x5641bc8168f0, this=<optimized out>)
>     at /usr/src/debug/plasma-workspace-5.24.2/applets/kicker/plugin/kastatsfavoritesmodel.cpp:56
> #13 0x00007f480bf67c01 in KAStatsFavoritesModel::~KAStatsFavoritesModel() (this=0x5641c7a11740, this=<optimized out>)
>     at /usr/src/debug/plasma-workspace-5.24.2/applets/kicker/plugin/kastatsfavoritesmodel.cpp:451
> #14 KAStatsFavoritesModel::~KAStatsFavoritesModel() (this=0x5641c7a11740, this=<optimized out>)
>     at /usr/src/debug/plasma-workspace-5.24.2/applets/kicker/plugin/kastatsfavoritesmodel.cpp:452

Comment 2 medin 2022-07-17 23:00:49 UTC

This also happens with:

Operating System: Manjaro Linux
KDE Plasma Version: 5.25.80
KDE Frameworks Version: 5.97.0
Qt Version: 5.15.5
Kernel Version: 5.18.12-2-MANJARO (64-bit)
Graphics Platform: X11

Comment 3 David Edmundson 2022-07-17 23:13:17 UTC

KAStatsModel is setting the PlaceholderSourceModel to itself (or rather the d-pointer)

PlaceholderSourceModel calls, so when "d" gets destroyed we're still alive enough to invoke the slot.
    connect(sourceModelPtr, SIGNAL(destroyed()), this, SLOT(reset()));

This means we handle the reset during KAStatsModel's own destructor. 
It's weird, but because we're in the leaf subclass it shouldn't be an issue?

My only theory is that going through the old style syntax means we go via metaObject which means calling a virtual method. Calling a virtual from a destructor is awkward.

Comment 4 David Edmundson 2022-07-17 23:15:35 UTC

If you can build KDE and can reliably reproduce can you change:

placeholdermodel.cpp line 246 from

    connect(sourceModelPtr, SIGNAL(destroyed()), this, SLOT(reset()));

to
    connect(sourceModelPtr, &QObject::destroyed, this, &PlaceholderModel::reset);

Otherwise I'll submit it anyway and we can see what happens.

Comment 5 medin 2022-08-02 14:03:20 UTC

(In reply to David Edmundson from comment #4)
> Otherwise I'll submit it anyway and we can see what happens.

I did full upgrade today using kde-unstable repo on Manjaro but the problem is still repro.

Comment 6 Nate Graham 2023-07-24 23:55:15 UTC

David, did that change ever get submitted?