511645 – drkonqi-coredump-launcher crashes when clicking on a notification about another app crashing

Bug 511645 - drkonqi-coredump-launcher crashes when clicking on a notification about another app crashing

Summary: drkonqi-coredump-launcher crashes when clicking on a notification about anoth...

Status:	RESOLVED FIXED

Alias:	None

Product:	drkonqi
Classification:	Applications
Component:	general (other bugs)
Version First Reported In:	6.5.80
Platform:	Other Linux

Importance:	HI crash
Target Milestone:	---
Assignee:	Plasma Bugs List

URL:
Keywords:

Depends on:
Blocks:

Reported:	2025-11-04 20:06 UTC by Nate Graham
Modified:	2025-11-08 11:41 UTC (History)
CC List:	3 users (show)

See Also:
Latest Commit:	https://invent.kde.org/frameworks/knotifications/-/commit/aee924d66d83c6a9897354545a3b990603787845
Version Fixed/Implemented In:	Frameworks 6.20
Sentry Crash Report:

Attachments
Add an attachment

Note You need to log in before you can comment on or make changes to this bug.

Description Nate Graham 2025-11-04 20:06:16 UTC

A tab in my web browser crashed, and DrKonqi noticed it and sent a system notification about it.

I clicked the "Details" button in the notification. Then DrKonqi sent a second notification alerting that it had itself crashed! Here's the backtrace of that crash. Maybe it's sending an invalid hint to the notification?


Core was generated by `/usr/lib/drkonqi-coredump-launcher'.
Program terminated with signal SIGSEGV, Segmentation fault.
#0  0x00007f002f891b18 in KNotification::hints() const () from /usr/lib/libKF6Notifications.so.6
[Current thread is 1 (Thread 0x7f0029b74a00 (LWP 61705))]
(gdb) bt
#0  0x00007f002f891b18 in KNotification::hints() const () at /usr/lib/libKF6Notifications.so.6
#1  0x00007f002f894faa in ??? () at /usr/lib/libKF6Notifications.so.6
#2  0x00007f002f14a16f in QtPrivate::QSlotObjectBase::call
    (this=0x558ecd8c79a0, r=0x7f002f8bfd20, a=0x7fff4bd6ef10, this=<optimized out>, r=<optimized out>, a=<optimized out>) at /usr/src/debug/qt6-base/qtbase/src/corelib/kernel/qobjectdefs_impl.h:461
#3  doActivate<false> (sender=<optimized out>, signal_index=<optimized out>, argv=<optimized out>)
    at /usr/src/debug/qt6-base/qtbase/src/corelib/kernel/qobject.cpp:4255
#4  0x00007f002f89f9ce in ??? () at /usr/lib/libKF6Notifications.so.6
#5  0x00007f002f14a16f in QtPrivate::QSlotObjectBase::call
    (this=0x558ecd8c8180, r=0x558ecd8bba40, a=0x7fff4bd6f160, this=<optimized out>, r=<optimized out>, a=<optimized out>) at /usr/src/debug/qt6-base/qtbase/src/corelib/kernel/qobjectdefs_impl.h:461
#6  doActivate<false> (sender=<optimized out>, signal_index=<optimized out>, argv=<optimized out>)
    at /usr/src/debug/qt6-base/qtbase/src/corelib/kernel/qobject.cpp:4255
#7  0x00007f002f8b10af in ??? () at /usr/lib/libKF6Notifications.so.6
#8  0x00007f002f8b36d7 in ??? () at /usr/lib/libKF6Notifications.so.6
#9  0x00007f002dfea291 in QDBusConnectionPrivate::deliverCall
    (this=0x7f0024001480, object=0x558ecd8bba98, msg=..., metaTypes=<optimized out>, slotIdx=5)
    at /usr/src/debug/qt6-base/qtbase/src/dbus/qdbusintegrator.cpp:1008
#10 0x00007f002f137554 in QObject::event (this=<optimized out>, e=<optimized out>)
    at /usr/src/debug/qt6-base/qtbase/src/corelib/kernel/qobject.cpp:1411
#11 0x00007f002f0dd670 in doNotify (receiver=<optimized out>, event=<optimized out>)
    at /usr/src/debug/qt6-base/qtbase/src/corelib/kernel/qcoreapplication.cpp:1210
#12 QCoreApplication::notify
    (this=<optimized out>, receiver=<optimized out>, event=<optimized out>)
    at /usr/src/debug/qt6-base/qtbase/src/corelib/kernel/qcoreapplication.cpp:1193
#13 QCoreApplication::notifyInternal2 (receiver=0x558ecd8bba98, event=event@entry=0x7f0024009eb0)
    at /usr/src/debug/qt6-base/qtbase/src/corelib/kernel/qcoreapplication.cpp:1109
#14 0x00007f002f0ddab2 in QCoreApplication::sendEvent
    (receiver=<optimized out>, event=0x7f0024009eb0)
    at /usr/src/debug/qt6-base/qtbase/src/corelib/kernel/qcoreapplication.cpp:1549
#15 QCoreApplicationPrivate::sendPostedEvents (receiver=0x0, event_type=0, data=0x558ecd785b40)
    at /usr/src/debug/qt6-base/qtbase/src/corelib/kernel/qcoreapplication.cpp:1904
#16 0x00007f002f3c0b18 in QCoreApplication::sendPostedEvents (receiver=0x0, event_type=0)
    at /usr/src/debug/qt6-base/qtbase/src/corelib/kernel/qcoreapplication.cpp:1757
#17 postEventSourceDispatch (s=0x558ecd78f570)
    at /usr/src/debug/qt6-base/qtbase/src/corelib/kernel/qeventdispatcher_glib.cpp:246
#18 0x00007f002d508f8d in g_main_dispatch (context=0x558ecd78f340) at ../glib/glib/gmain.c:3565
#19 0x00007f002d50a657 in g_main_context_dispatch_unlocked (context=0x558ecd78f340)
    at ../glib/glib/gmain.c:4425
#20 g_main_context_iterate_unlocked
    (context=context@entry=0x558ecd78f340, block=block@entry=1, dispatch=dispatch@entry=1, self=<optimized out>) at ../glib/glib/gmain.c:4490
#21 0x00007f002d50a865 in g_main_context_iteration (context=0x558ecd78f340, may_block=1)
    at ../glib/glib/gmain.c:4556
#22 0x00007f002f3bd9d2 in QEventDispatcherGlib::processEvents (this=0x558ecd78f2e0, flags=...)
    at /usr/src/debug/qt6-base/qtbase/src/corelib/kernel/qeventdispatcher_glib.cpp:399
#23 0x00007f002f0e8a86 in QEventLoop::processEvents (this=0x7fff4bd6f950, flags=...)
    at /usr/src/debug/qt6-base/qtbase/src/corelib/kernel/qeventloop.cpp:104
#24 QEventLoop::exec (this=0x7fff4bd6f950, flags=...)
    at /usr/src/debug/qt6-base/qtbase/src/corelib/kernel/qeventloop.cpp:186
#25 0x00007f002f0e2171 in QCoreApplication::exec ()
    at /usr/src/debug/qt6-base/qtbase/src/corelib/kernel/qcoreapplication.cpp:1452
#26 0x0000558eb32b2da1 in ??? ()
#27 0x0000558eb32ae6fa in ??? ()
#28 0x00007f002e9a0675 in __libc_start_call_main
    (main=main@entry=0x558eb32ad6e0, argc=argc@entry=1, argv=argv@entry=0x7fff4bd70018)
    at ../sysdeps/nptl/libc_start_call_main.h:58
#29 0x00007f002e9a0729 in __libc_start_main_impl
    (main=0x558eb32ad6e0, argc=1, argv=0x7fff4bd70018, init=<optimized out>, fini=<optimized out>, rtld_fini=<optimized out>, stack_end=0x7fff4bd70008) at ../csu/libc-start.c:360
#30 0x0000558eb32aed95 in ??? ()


SOFTWARE/OS VERSIONS
Operating System: KDE Linux 2025-11-04
KDE Plasma Version: 6.5.80
KDE Frameworks Version: 6.20.0
Qt Version: 6.10.0
Kernel Version: 6.17.6-arch1-1 (64-bit)
Graphics Platform: Wayland
Processors: 16 × AMD Ryzen 7 7840U w/ Radeon™ 780M Graphics
Memory: 17 GB of RAM (16.0 GB usable)
Graphics Processor: AMD Radeon 780M Graphics

Comment 1 David Edmundson 2025-11-05 11:01:09 UTC

I see it:

GlobalNotifierTruck.cpp

    connect(detailsAction, &KNotificationAction::activated, notification, [this, unit]() {
        auto job = new KIO::CommandLauncherJob(u"drkonqi-coredump-gui"_s, {unit.m_cursor}, this);
        job->exec();
    });

---

but knotification code is:

void KNotificationManager::notificationActivated(int id, const QString &actionId)
{
    if (d->notifications.contains(id)) {
        qCDebug(LOG_KNOTIFICATIONS) << id << " " << actionId;
        KNotification *n = d->notifications[id];
        n->activate(actionId);

        // Resident actions delegate control over notification lifetime to the client
        if (!n->hints().value(QStringLiteral("resident")).toBool()) {
            close(id);
        }
    }
}


So we go into application code then do something with 'n' (the notification).

Comment 2 Bug Janitor Service 2025-11-05 11:13:39 UTC

A possibly relevant merge request was started @ https://invent.kde.org/frameworks/knotifications/-/merge_requests/188

Comment 3 Harald Sitter 2025-11-05 11:32:42 UTC

Lol. Can't even use nested loops in otherwise gui-less apps. Yay.

Comment 4 David Edmundson 2025-11-05 11:52:43 UTC

Git commit aee924d66d83c6a9897354545a3b990603787845 by David Edmundson.
Committed on 05/11/2025 at 11:13.
Pushed by davidedmundson into branch 'master'.

Look up notifications again after hitting application code

The current code does:
 - fetch notification from a global hash
 - emit a signal to application code
 - use the notification

If the notification is deleted by application code in handling this
signal or the application spawns an event loop we cannot rely on our
data being valid anymore.

M  +4    -2    src/knotificationmanager.cpp

https://invent.kde.org/frameworks/knotifications/-/commit/aee924d66d83c6a9897354545a3b990603787845