STEPS TO REPRODUCE 1. Drag a file to the desktop 2. Click "Add icon" 3. Right click on icon 4. Remove it 5. Close the "Undo" notification OBSERVED RESULT #0 __pthread_kill_implementation (threadid=<optimized out>, signo=signo@entry=11, no_tid=no_tid@entry=0) at pthread_kill.c:44 #1 0x00007f34fe4d58a3 in __pthread_kill_internal (signo=11, threadid=<optimized out>) at pthread_kill.c:78 #2 0x00007f34fe4838ee in __GI_raise (sig=11) at ../sysdeps/posix/raise.c:26 #3 0x00007f35018789d8 in KCrash::defaultCrashHandler (sig=11) at /home/nico/kde/src/kcrash/src/kcrash.cpp:593 #4 0x00007f34fe4839a0 in <signal handler called> () at /lib64/libc.so.6 #5 0x00007f34fdfb3b8c in QObject::disconnect (sender=0x5415a80, signal=signal@entry=0x0, receiver=receiver@entry=0x23b5500, method=method@entry=0x0) at /home/nico/workspace/qt6/qtbase/src/corelib/kernel/qobject.cpp:3260 #6 0x00007f3500fb5ec3 in Plasma::Applet::~Applet (this=0x23b5500, __in_chrg=<optimized out>) at /home/nico/kde/src/libplasma/src/plasma/applet.cpp:75 #7 0x00007f34bc08460a in IconApplet::~IconApplet (this=0x23b5500, __in_chrg=<optimized out>) at /home/nico/kde/src/plasma-workspace/applets/icon/iconapplet.cpp:56 #8 0x00007f34bc084626 in IconApplet::~IconApplet (this=0x23b5500, __in_chrg=<optimized out>) at /home/nico/kde/src/plasma-workspace/applets/icon/iconapplet.cpp:56 #9 0x00007f34fdfaf938 in QObject::event (this=0x23b5500, e=0x50b8950) at /home/nico/workspace/qt6/qtbase/src/corelib/kernel/qobject.cpp:1437 #10 0x00007f3500981b51 in QApplicationPrivate::notify_helper (this=<optimized out>, receiver=0x23b5500, e=0x50b8950) at /home/nico/workspace/qt6/qtbase/src/widgets/kernel/qapplication.cpp:3287 #11 0x00007f34fdf5f4f8 in QCoreApplication::notifyInternal2 (receiver=0x23b5500, event=0x50b8950) at /home/nico/workspace/qt6/qtbase/src/corelib/kernel/qcoreapplication.cpp:1134 #12 0x00007f34fdf5f6b9 in QCoreApplication::sendEvent (receiver=<optimized out>, event=<optimized out>) at /home/nico/workspace/qt6/qtbase/src/corelib/kernel/qcoreapplication.cpp:1575 #13 0x00007f34fdf62c41 in QCoreApplicationPrivate::sendPostedEvents (receiver=0x0, event_type=0, data=0x1e8e230) at /home/nico/workspace/qt6/qtbase/src/corelib/kernel/qcoreapplication.cpp:1932 #14 0x00007f34fdf62f28 in QCoreApplication::sendPostedEvents (receiver=<optimized out>, event_type=<optimized out>) at /home/nico/workspace/qt6/qtbase/src/corelib/kernel/qcoreapplication.cpp:1789 #15 0x00007f34fe20b5a3 in postEventSourceDispatch (s=0x1f326f0) at /home/nico/workspace/qt6/qtbase/src/corelib/kernel/qeventdispatcher_glib.cpp:244 #16 0x00007f34fd32be5c in g_main_dispatch (context=0x7f34e4000ef0) at ../glib/gmain.c:3476 #17 g_main_context_dispatch_unlocked (context=0x7f34e4000ef0) at ../glib/gmain.c:4284 #18 0x00007f34fd386f18 in g_main_context_iterate_unlocked.isra.0 (context=context@entry=0x7f34e4000ef0, block=block@entry=1, dispatch=dispatch@entry=1, self=<optimized out>) at ../glib/gmain.c:4349 #19 0x00007f34fd329ad3 in g_main_context_iteration (context=0x7f34e4000ef0, may_block=1) at ../glib/gmain.c:4414 #20 0x00007f34fe20aebc in QEventDispatcherGlib::processEvents (this=0x1ebbbe0, flags=...) at /home/nico/workspace/qt6/qtbase/src/corelib/kernel/qeventdispatcher_glib.cpp:394 #21 0x00007f34fdf6ae6b in QEventLoop::exec (this=this@entry=0x7ffedadf2d70, flags=..., flags@entry=...) at /home/nico/workspace/qt6/qtbase/src/corelib/global/qflags.h:34 #22 0x00007f34fdf67862 in QCoreApplication::exec () at /home/nico/workspace/qt6/qtbase/src/corelib/global/qflags.h:74 #23 0x0000000000447211 in main (argc=2, argv=0x7ffedadf39e8) at /home/nico/kde/src/plasma-workspace/shell/main.cpp:211 KDE Plasma Version: master KDE Frameworks Version: master Qt Version: 6.7
==29243==ERROR: AddressSanitizer: heap-use-after-free on address 0x50200047cc50 at pc 0x7fb9e2436aae bp 0x7ffe78a4bff0 sp 0x7ffe78a4bfe8 READ of size 8 at 0x50200047cc50 thread T0 #0 0x7fb9e2436aad in QObject::disconnect(QObject const*, char const*, QObject const*, char const*) /home/nico/workspace/qt6/qtbase/src/corelib/kernel/qobject.cpp:3197 #1 0x7fb9ea6c3a7a in Plasma::Applet::~Applet() /home/nico/kde/src/libplasma/src/plasma/applet.cpp:75 #2 0x7fb9b8993bc0 in IconApplet::~IconApplet() /home/nico/kde/src/plasma-workspace/applets/icon/iconapplet.cpp:56 #3 0x7fb9b8993ce0 in IconApplet::~IconApplet() /home/nico/kde/src/plasma-workspace/applets/icon/iconapplet.cpp:56 #4 0x7fb9e242279b in qDeleteInEventHandler(QObject*) /home/nico/workspace/qt6/qtbase/src/corelib/kernel/qobject.cpp:4900 #5 0x7fb9e2430ead in QObject::event(QEvent*) /home/nico/workspace/qt6/qtbase/src/corelib/kernel/qobject.cpp:1424 #6 0x7fb9e9273811 in QApplicationPrivate::notify_helper(QObject*, QEvent*) /home/nico/workspace/qt6/qtbase/src/widgets/kernel/qapplication.cpp:3296 #7 0x7fb9e928f107 in QApplication::notify(QObject*, QEvent*) /home/nico/workspace/qt6/qtbase/src/widgets/kernel/qapplication.cpp:3247 #8 0x7fb9e2348f9f in QCoreApplication::notifyInternal2(QObject*, QEvent*) /home/nico/workspace/qt6/qtbase/src/corelib/kernel/qcoreapplication.cpp:1121 #9 0x7fb9e234911e in QCoreApplication::sendEvent(QObject*, QEvent*) /home/nico/workspace/qt6/qtbase/src/corelib/kernel/qcoreapplication.cpp:1539 #10 0x7fb9e234a451 in QCoreApplicationPrivate::sendPostedEvents(QObject*, int, QThreadData*) /home/nico/workspace/qt6/qtbase/src/corelib/kernel/qcoreapplication.cpp:1901 #11 0x7fb9e234a746 in QCoreApplication::sendPostedEvents(QObject*, int) /home/nico/workspace/qt6/qtbase/src/corelib/kernel/qcoreapplication.cpp:1760 #12 0x7fb9e2ac0c8f in postEventSourceDispatch /home/nico/workspace/qt6/qtbase/src/corelib/kernel/qeventdispatcher_glib.cpp:243 #13 0x7fb9e171270f in g_main_dispatch ../glib/gmain.c:3344 #14 0x7fb9e171270f in g_main_context_dispatch_unlocked ../glib/gmain.c:4152 #15 0x7fb9e1714357 in g_main_context_iterate_unlocked ../glib/gmain.c:4217 #16 0x7fb9e1714a0b in g_main_context_iteration ../glib/gmain.c:4282 #17 0x7fb9e2abf21f in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) /home/nico/workspace/qt6/qtbase/src/corelib/kernel/qeventdispatcher_glib.cpp:393 #18 0x7fb9e4763375 in QPAEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) /home/nico/workspace/qt6/qtbase/src/gui/platform/unix/qeventdispatcher_glib.cpp:87 #19 0x7fb9e2366453 in QEventLoop::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) /home/nico/workspace/qt6/qtbase/src/corelib/kernel/qeventloop.cpp:100 #20 0x7fb9e2367837 in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) /home/nico/workspace/qt6/qtbase/src/corelib/kernel/qeventloop.cpp:182 #21 0x7fb9e23510a0 in QCoreApplication::exec() /home/nico/workspace/qt6/qtbase/src/corelib/kernel/qcoreapplication.cpp:1442 #22 0x7fb9e39d6fc5 in QGuiApplication::exec() /home/nico/workspace/qt6/qtbase/src/gui/kernel/qguiapplication.cpp:1925 #23 0x7fb9e9272ea6 in QApplication::exec() /home/nico/workspace/qt6/qtbase/src/widgets/kernel/qapplication.cpp:2574 #24 0x42f6d5 in main /home/nico/kde/src/plasma-workspace/shell/main.cpp:211 #25 0x7fb9e182a1ef in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58 #26 0x7fb9e182a2b8 in __libc_start_main_impl ../csu/libc-start.c:360 #27 0x430af4 in _start ../sysdeps/x86_64/start.S:115 0x50200047cc50 is located 0 bytes inside of 16-byte region [0x50200047cc50,0x50200047cc60) freed by thread T0 here: #0 0x7fb9ecafd0d8 in operator delete(void*, unsigned long) ../../../../libsanitizer/asan/asan_new_delete.cpp:164 #1 0x7fb9e446ed49 in QAction::~QAction() /home/nico/workspace/qt6/qtbase/src/gui/kernel/qaction.cpp:463 #2 0x7fb9e243aee3 in QObjectPrivate::deleteChildren() /home/nico/workspace/qt6/qtbase/src/corelib/kernel/qobject.cpp:2206 #3 0x7fb9e9397306 in QWidget::~QWidget() /home/nico/workspace/qt6/qtbase/src/widgets/kernel/qwidget.cpp:1532 #4 0x7fb9e98c64e8 in QMenu::~QMenu() /home/nico/workspace/qt6/qtbase/src/widgets/widgets/qmenu.cpp:1791 #5 0x7fb9e98c654e in QMenu::~QMenu() /home/nico/workspace/qt6/qtbase/src/widgets/widgets/qmenu.cpp:1791 #6 0x7fb9e243aee3 in QObjectPrivate::deleteChildren() /home/nico/workspace/qt6/qtbase/src/corelib/kernel/qobject.cpp:2206 #7 0x7fb9e9397306 in QWidget::~QWidget() /home/nico/workspace/qt6/qtbase/src/widgets/kernel/qwidget.cpp:1532 #8 0x7fb9e98c64e8 in QMenu::~QMenu() /home/nico/workspace/qt6/qtbase/src/widgets/widgets/qmenu.cpp:1791 #9 0x7fb9e98c654e in QMenu::~QMenu() /home/nico/workspace/qt6/qtbase/src/widgets/widgets/qmenu.cpp:1791 #10 0x7fb9b89939d7 in std::default_delete<QMenu>::operator()(QMenu*) const /usr/include/c++/13/bits/unique_ptr.h:99 #11 0x7fb9b89939d7 in std::unique_ptr<QMenu, std::default_delete<QMenu> >::~unique_ptr() /usr/include/c++/13/bits/unique_ptr.h:404 #12 0x7fb9b89939d7 in IconApplet::~IconApplet() /home/nico/kde/src/plasma-workspace/applets/icon/iconapplet.cpp:56 #13 0x7fb9b8993ce0 in IconApplet::~IconApplet() /home/nico/kde/src/plasma-workspace/applets/icon/iconapplet.cpp:56 #14 0x7fb9e242279b in qDeleteInEventHandler(QObject*) /home/nico/workspace/qt6/qtbase/src/corelib/kernel/qobject.cpp:4900 #15 0x7fb9e2430ead in QObject::event(QEvent*) /home/nico/workspace/qt6/qtbase/src/corelib/kernel/qobject.cpp:1424 #16 0x7fb9e9273811 in QApplicationPrivate::notify_helper(QObject*, QEvent*) /home/nico/workspace/qt6/qtbase/src/widgets/kernel/qapplication.cpp:3296 #17 0x7fb9e928f107 in QApplication::notify(QObject*, QEvent*) /home/nico/workspace/qt6/qtbase/src/widgets/kernel/qapplication.cpp:3247 #18 0x7fb9e2348f9f in QCoreApplication::notifyInternal2(QObject*, QEvent*) /home/nico/workspace/qt6/qtbase/src/corelib/kernel/qcoreapplication.cpp:1121 #19 0x7fb9e234911e in QCoreApplication::sendEvent(QObject*, QEvent*) /home/nico/workspace/qt6/qtbase/src/corelib/kernel/qcoreapplication.cpp:1539 #20 0x7fb9e234a451 in QCoreApplicationPrivate::sendPostedEvents(QObject*, int, QThreadData*) /home/nico/workspace/qt6/qtbase/src/corelib/kernel/qcoreapplication.cpp:1901 #21 0x7fb9e234a746 in QCoreApplication::sendPostedEvents(QObject*, int) /home/nico/workspace/qt6/qtbase/src/corelib/kernel/qcoreapplication.cpp:1760 #22 0x7fb9e2ac0c8f in postEventSourceDispatch /home/nico/workspace/qt6/qtbase/src/corelib/kernel/qeventdispatcher_glib.cpp:243 #23 0x7fb9e171270f in g_main_dispatch ../glib/gmain.c:3344 #24 0x7fb9e171270f in g_main_context_dispatch_unlocked ../glib/gmain.c:4152 previously allocated by thread T0 here: #0 0x7fb9ecafc1d8 in operator new(unsigned long) ../../../../libsanitizer/asan/asan_new_delete.cpp:95 #1 0x7fb9e98baf65 in QMenuPrivate::init() /home/nico/workspace/qt6/qtbase/src/widgets/widgets/qmenu.cpp:165 #2 0x7fb9e98bb51d in QMenu::QMenu(QWidget*) /home/nico/workspace/qt6/qtbase/src/widgets/widgets/qmenu.cpp:1743 #3 0x7fb9e98bb5ac in QMenu::QMenu(QString const&, QWidget*) /home/nico/workspace/qt6/qtbase/src/widgets/widgets/qmenu.cpp:1756 #4 0x7fb9e12b6b21 in KFileItemActionsPrivate::insertOpenWithActionsTo(QAction*, QMenu*, QList<QString> const&, QString const&) /home/nico/kde/src/kio/src/widgets/kfileitemactions.cpp:747 #5 0x7fb9e12b94c8 in KFileItemActions::insertOpenWithActionsTo(QAction*, QMenu*, QList<QString> const&) /home/nico/kde/src/kio/src/widgets/kfileitemactions.cpp:264 #6 0x7fb9b89a4568 in IconApplet::extraActions() /home/nico/kde/src/plasma-workspace/applets/icon/iconapplet.cpp:346 #7 0x7fb9b8989ed8 in IconApplet::qt_static_metacall(QObject*, QMetaObject::Call, int, void**) /home/nico/kde/build/plasma-workspace/applets/icon/org.kde.plasma.icon_autogen/EWIEGA46WW/moc_iconapplet.cpp:326 #8 0x7fb9e5ea913f in QQmlPropertyData::readPropertyWithArgs(QObject*, void**) const /home/nico/workspace/qt6/qtbase/include/QtQml/6.6.1/QtQml/private/../../../../../../qtdeclarative/src/qml/qml/qqmlpropertydata_p.h:328 #9 0x7fb9e5e9450f in QQmlPropertyData::readProperty(QObject*, void*) const /home/nico/workspace/qt6/qtbase/include/QtQml/6.6.1/QtQml/private/../../../../../../qtdeclarative/src/qml/qml/qqmlpropertydata_p.h:311 #10 0x7fb9e5e9450f in loadProperty /home/nico/workspace/qt6/qtdeclarative/src/qml/jsruntime/qv4qobjectwrapper.cpp:216 #11 0x7fb9e5e95155 in QV4::QObjectWrapper::getProperty(QV4::ExecutionEngine*, QV4::Heap::Object*, QObject*, QQmlPropertyData const*, QFlags<QV4::QObjectWrapper::Flag>) /home/nico/workspace/qt6/qtdeclarative/src/qml/jsruntime/qv4qobjectwrapper.cpp:289 #12 0x7fb9e5e96789 in QV4::QObjectWrapper::getQmlProperty(QV4::ExecutionEngine*, QQmlRefPointer<QQmlContextData> const&, QV4::Heap::Object*, QObject*, QV4::String*, QFlags<QV4::QObjectWrapper::Flag>, bool*, QQmlPropertyData const**) /home/nico/workspace/qt6/qtdeclarative/src/qml/jsruntime/qv4qobjectwrapper.cpp:417 #13 0x7fb9e650edcd in QV4::QQmlTypeWrapper::virtualGet(QV4::Managed const*, QV4::PropertyKey, QV4::Value const*, bool*) /home/nico/workspace/qt6/qtdeclarative/src/qml/qml/qqmltypewrapper.cpp:267 #14 0x7fb9e5c356d9 in QV4::Object::get(QV4::StringOrSymbol*, bool*, QV4::Value const*) const /home/nico/workspace/qt6/qtbase/include/QtQml/6.6.1/QtQml/private/../../../../../../qtdeclarative/src/qml/jsruntime/qv4object_p.h:271 #15 0x7fb9e5df44bd in QV4::Lookup::getterFallback(QV4::Lookup*, QV4::ExecutionEngine*, QV4::Value const&) /home/nico/workspace/qt6/qtdeclarative/src/qml/jsruntime/qv4lookup.cpp:203 #16 0x7fb9e5fbeb0a in QV4::Moth::VME::interpret(QV4::JSTypesStackFrame*, QV4::ExecutionEngine*, char const*) /home/nico/workspace/qt6/qtdeclarative/src/qml/jsruntime/qv4vme_moth.cpp:771 #17 0x7fb9e5fd6adc in QV4::Moth::VME::exec(QV4::JSTypesStackFrame*, QV4::ExecutionEngine*) /home/nico/workspace/qt6/qtdeclarative/src/qml/jsruntime/qv4vme_moth.cpp:584 #18 0x7fb9e5d931dd in doCall /home/nico/workspace/qt6/qtdeclarative/src/qml/jsruntime/qv4function.cpp:54 #19 0x7fb9e5d94d5d in QV4::Function::call(QV4::Value const*, QV4::Value const*, int, QV4::ExecutionContext*) /home/nico/workspace/qt6/qtdeclarative/src/qml/jsruntime/qv4function.cpp:79 #20 0x7fb9e6295b28 in QQmlJavaScriptExpression::evaluate(QV4::CallData*, bool*) /home/nico/workspace/qt6/qtdeclarative/src/qml/qml/qqmljavascriptexpression.cpp:238 #21 0x7fb9e609eb0d in QQmlBinding::evaluate(bool*) /home/nico/workspace/qt6/qtdeclarative/src/qml/qml/qqmlbinding.cpp:188 #22 0x7fb9e609f26e in QQmlBinding::doUpdate(QQmlJavaScriptExpression::DeleteWatcher const&, QFlags<QQmlPropertyData::WriteFlag>, QV4::Scope&) /home/nico/workspace/qt6/qtdeclarative/src/qml/qml/qqmlbinding.cpp:698 #23 0x7fb9e60a5d22 in QQmlBinding::update(QFlags<QQmlPropertyData::WriteFlag>) /home/nico/workspace/qt6/qtdeclarative/src/qml/qml/qqmlbinding.cpp:164 #24 0x7fb9e60a6046 in QQmlBinding::expressionChanged() /home/nico/workspace/qt6/qtdeclarative/src/qml/qml/qqmlbinding.cpp:603 #25 0x7fb9e6293f4e in QQmlJavaScriptExpressionGuard_callback(QQmlNotifierEndpoint*, void**) /home/nico/workspace/qt6/qtdeclarative/src/qml/qml/qqmljavascriptexpression.cpp:562 #26 0x7fb9e631b839 in QQmlNotifier::emitNotify(QQmlNotifierEndpoint*, void**) /home/nico/workspace/qt6/qtdeclarative/src/qml/qml/qqmlnotifier.cpp:70 #27 0x7fb9e6151d1e in QQmlData::signalEmitted(QAbstractDeclarativeData*, QObject*, int, void**) /home/nico/workspace/qt6/qtdeclarative/src/qml/qml/qqmlengine.cpp:360 #28 0x7fb9e244a2f5 in void doActivate<false>(QObject*, int, void**) (/home/nico/kde/usr/lib64/libQt6Core.so.6+0x44a2f5) (BuildId: 31ebfd5a21f1b041b7a2d45653c253892492c7d4) #29 0x7fb9e242aba7 in QMetaObject::activate(QObject*, QMetaObject const*, int, void**) /home/nico/workspace/qt6/qtbase/src/corelib/kernel/qobject.cpp:4081 #30 0x7fb9b8989496 in IconApplet::isValidChanged() /home/nico/kde/build/plasma-workspace/applets/icon/org.kde.plasma.icon_autogen/EWIEGA46WW/moc_iconapplet.cpp:409 SUMMARY: AddressSanitizer: heap-use-after-free /home/nico/workspace/qt6/qtbase/src/corelib/kernel/qobject.cpp:3197 in QObject::disconnect(QObject const*, char const*, QObject const*, char const*)
*** This bug has been marked as a duplicate of bug 474385 ***