Bug 451946 - Calling KIdleTime::removeIdleTimeout() during KidleTime::timeoutReached() signal causes crash
Summary: Calling KIdleTime::removeIdleTimeout() during KidleTime::timeoutReached() sig...
Status: RESOLVED FIXED
Alias: None
Product: frameworks-kidletime
Classification: Frameworks and Libraries
Component: general (show other bugs)
Version: 5.92.0
Platform: Arch Linux Linux
: NOR crash
Target Milestone: ---
Assignee: kdelibs bugs
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2022-03-27 01:05 UTC by Ada Christine Fontaine
Modified: 2023-03-12 16:02 UTC (History)
1 user (show)

See Also:
Latest Commit:
Version Fixed In: 5.93.0
Sentry Crash Report:


Attachments
backtrace (4.77 KB, text/plain)
2022-03-27 01:05 UTC, Ada Christine Fontaine
Details

Note You need to log in before you can comment on or make changes to this bug.
Description Ada Christine Fontaine 2022-03-27 01:05:18 UTC
Created attachment 147756 [details]
backtrace

Calling KIdleTime::removeIdleTimeout() from a slot connected to KIdleTime::timeoutReached() will cause an application to crash at QHashData::nextNode()

STEPS TO REPRODUCE
1. connect a slot to KIdleTime::timeoutReached()
2. call KIdletime::instance()->setTimeout()
3. wait for the timeout to occur
3. call KIdleTime::instance()->removeTimeout() with the returned key from setTimeout() inside the connected slot.
4. return from the slot

OBSERVED RESULT
application crashes at QHashData::nextNode() via QHash::iterator::operator++()

EXPECTED RESULT
application proceeds normally

SOFTWARE/OS VERSIONS
Linux: 5.17.0
KDE Frameworks Version: 5.92.0
Qt Version: 5.15.5

ADDITIONAL INFORMATION
Comment 1 Ada Christine Fontaine 2022-03-28 09:39:40 UTC
Git commit cd5040684723b87c7ba5b7cc1b1a63402902a641 by Ada Christine.
Committed on 27/03/2022 at 22:28.
Pushed by ahmadsamir into branch 'master'.

Fixed crash during KIdleTime::timeoutReached()

timeoutReached() will cause a crash if an item is removed from associations
during signal dispatch due to iterator invalidation. iterate over a
const container of the assoication keys only triggering ones matching
the current timeout value to avoid the crash and unnecessary copying

M  +5    -5    src/kidletime.cpp

https://invent.kde.org/frameworks/kidletime/commit/cd5040684723b87c7ba5b7cc1b1a63402902a641