https://bugs.kde.org/show_bug.cgi?id=452237
Christof Kaufmann <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|REPORTED |CONFIRMED Ever confirmed|0 |1 CC| |christofkaufmann.dev@gmail. | |com --- Comment #2 from Christof Kaufmann <[email protected]> --- I can confirm this bug and investigated why it occurs. I like to share my findings. This bug also occurs on Ubuntu 22.04 and generally when using Frameworks versions 5.92 and probably also 5.93. It is independent on the version of KTimeTracker. The bug hides in KIdleTime and has been resolved before 5.94 in this commit: https://invent.kde.org/frameworks/kidletime/-/commit/cd5040684723b87c7ba5b7cc1b1a63402902a641 It is triggered, when the IdleTimeDetector::timeoutReached method returns, because it removes the timeout within the timeoutReached event: https://invent.kde.org/pim/ktimetracker/-/blob/master/src/idletimedetector.cpp#L67 This invalidates the iterators of the loop that iterates the timeouts: https://invent.kde.org/frameworks/kidletime/-/commit/cd5040684723b87c7ba5b7cc1b1a63402902a641#6d37565e8c6a5cca30eb46326cb4141a54de39df_291_291 A valgrind backtrace is "appended" below Though it has been fixed upstream, I like to discuss how to workaround the issue. The proper solution is to update Frameworks (including KIdleTime), but for Ubuntu this requires to update from 22.04 (LTS) to 22.10 (non-LTS). A backport seems not to be available. What's the best way to avoid that bug? valgrind backtrace: Invalid read of size 8 at: QHashData::nextNode(QHashData::Node*) (qhash.cpp:589) by: QtPrivate::QFunctorSlotObject<KIdleTime::KIdleTime()::{lambda(int)#2}, 1, QtPrivate::List<int>, void>::impl(int, QtPrivate::QSlotObjectBase*, QObject*, void**, bool*) (qhash.h:426) by: call (qobjectdefs_impl.h:398) by: void doActivate<false>(QObject*, int, void**) (qobject.cpp:3886) by: AbstractSystemPoller::timeoutReached(int) (moc_abstractsystempoller.cpp:189) by: UnknownInlinedFun (xsyncbasedpoller.cpp:295) by: UnknownInlinedFun (xsyncbasedpoller.cpp:279) by: UnknownInlinedFun (xsyncbasedpoller.cpp:44) by: XSyncBasedPollerHelper::nativeEventFilter(QByteArray const&, void*, long*) (xsyncbasedpoller.cpp:39) by: QAbstractEventDispatcher::filterNativeEvent(QByteArray const&, void*, long*) (qabstracteventdispatcher.cpp:495) by: QXcbConnection::handleXcbEvent(xcb_generic_event_t*) (qxcbconnection.cpp:536) by: QXcbConnection::processXcbEvents(QFlags<QEventLoop::ProcessEventsFlag>) (qxcbconnection.cpp:1014) by: xcbSourceDispatch(_GSource*, int (*)(void*), void*) (qxcbeventdispatcher.cpp:103) by: g_main_context_dispatch (in /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0.7200.1) by: ??? (in /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0.7200.1) by: g_main_context_iteration (in /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0.7200.1) Address 0xb9de0a0 is 0 bytes inside a block of size 24 free'd atF: free (in /usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so) by: UnknownInlinedFun (qhash.h:586) by: UnknownInlinedFun (qhash.h:886) by: KIdleTime::removeIdleTimeout(int) (kidletime.cpp:144) by: IdleTimeDetector::stopIdleDetection() (idletimedetector.cpp:129) by: IdleTimeDetector::timeoutReached(int, int) (idletimedetector.cpp:67) by: QtPrivate::FunctorCall<QtPrivate::IndexesList<0, 1>, QtPrivate::List<int, int>, void, void (IdleTimeDetector::*)(int, int)>::call(void (IdleTimeDetector::*)(int, int), IdleTimeDetector*, void**) (qobjectdefs_impl.h:152) by: void QtPrivate::FunctionPointer<void (IdleTimeDetector::*)(int, int)>::call<QtPrivate::List<int, int>, void>(void (IdleTimeDetector::*)(int, int), IdleTimeDetector*, void**) (qobjectdefs_impl.h:185) by: QtPrivate::QSlotObject<void (IdleTimeDetector::*)(int, int), QtPrivate::List<int, int>, void>::impl(int, QtPrivate::QSlotObjectBase*, QObject*, void**, bool*) (qobjectdefs_impl.h:418) by: call (qobjectdefs_impl.h:398) by: void doActivate<false>(QObject*, int, void**) (qobject.cpp:3886) by: KIdleTime::timeoutReached(int, int) (moc_kidletime.cpp:195) by: QtPrivate::QFunctorSlotObject<KIdleTime::KIdleTime()::{lambda(int)#2}, 1, QtPrivate::List<int>, void>::impl(int, QtPrivate::QSlotObjectBase*, QObject*, void**, bool*) (kidletime.cpp:296) by: call (qobjectdefs_impl.h:398) by: void doActivate<false>(QObject*, int, void**) (qobject.cpp:3886) by: AbstractSystemPoller::timeoutReached(int) (moc_abstractsystempoller.cpp:189) Block was alloc'd at at: malloc (in /usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so) by: QHashData::allocateNode(int) (qhash.cpp:479) by: UnknownInlinedFun (qhash.h:610) by: UnknownInlinedFun (qhash.h:761) by: KIdleTime::addIdleTimeout(int) (kidletime.cpp:128) by: IdleTimeDetector::startIdleDetection() (idletimedetector.cpp:122) by: TaskView::startTimerFor(Task*, QDateTime const&) (taskview.cpp:268) by: TaskView::startTimerForNow(Task*) (taskview.cpp:284) by: TaskView::startCurrentTimer() (taskview.cpp:257) by: TaskView::onTaskDoubleClicked(Task*) (taskview.cpp:612) by: QtPrivate::FunctorCall<QtPrivate::IndexesList<0>, QtPrivate::List<Task*>, void, void (TaskView::*)(Task*)>::call(void (TaskView::*)(Task*), TaskView*, void**) (qobjectdefs_impl.h:152) by: void QtPrivate::FunctionPointer<void (TaskView::*)(Task*)>::call<QtPrivate::List<Task*>, void>(void (TaskView::*)(Task*), TaskView*, void**) (qobjectdefs_impl.h:185) by: QtPrivate::QSlotObject<void (TaskView::*)(Task*), QtPrivate::List<Task*>, void>::impl(int, QtPrivate::QSlotObjectBase*, QObject*, void**, bool*) (qobjectdefs_impl.h:418) by: call (qobjectdefs_impl.h:398) by: void doActivate<false>(QObject*, int, void**) (qobject.cpp:3886) Invalid read of size 4 at: QHashData::nextNode(QHashData::Node*) (qhash.cpp:594) by: QtPrivate::QFunctorSlotObject<KIdleTime::KIdleTime()::{lambda(int)#2}, 1, QtPrivate::List<int>, void>::impl(int, QtPrivate::QSlotObjectBase*, QObject*, void**, bool*) (qhash.h:426) by: call (qobjectdefs_impl.h:398) by: void doActivate<false>(QObject*, int, void**) (qobject.cpp:3886) by: AbstractSystemPoller::timeoutReached(int) (moc_abstractsystempoller.cpp:189) by: UnknownInlinedFun (xsyncbasedpoller.cpp:295) by: UnknownInlinedFun (xsyncbasedpoller.cpp:279) by: UnknownInlinedFun (xsyncbasedpoller.cpp:44) by: XSyncBasedPollerHelper::nativeEventFilter(QByteArray const&, void*, long*) (xsyncbasedpoller.cpp:39) by: QAbstractEventDispatcher::filterNativeEvent(QByteArray const&, void*, long*) (qabstracteventdispatcher.cpp:495) by: QXcbConnection::handleXcbEvent(xcb_generic_event_t*) (qxcbconnection.cpp:536) by: QXcbConnection::processXcbEvents(QFlags<QEventLoop::ProcessEventsFlag>) (qxcbconnection.cpp:1014) by: xcbSourceDispatch(_GSource*, int (*)(void*), void*) (qxcbeventdispatcher.cpp:103) by: g_main_context_dispatch (in /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0.7200.1) by: ??? (in /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0.7200.1) by: g_main_context_iteration (in /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0.7200.1) Address 0xb9de0a8 is 8 bytes inside a block of size 24 free'd at: free (in /usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so) by: UnknownInlinedFun (qhash.h:586) by: UnknownInlinedFun (qhash.h:886) by: KIdleTime::removeIdleTimeout(int) (kidletime.cpp:144) by: IdleTimeDetector::stopIdleDetection() (idletimedetector.cpp:129) by: IdleTimeDetector::timeoutReached(int, int) (idletimedetector.cpp:67) by: QtPrivate::FunctorCall<QtPrivate::IndexesList<0, 1>, QtPrivate::List<int, int>, void, void (IdleTimeDetector::*)(int, int)>::call(void (IdleTimeDetector::*)(int, int), IdleTimeDetector*, void**) (qobjectdefs_impl.h:152) by: void QtPrivate::FunctionPointer<void (IdleTimeDetector::*)(int, int)>::call<QtPrivate::List<int, int>, void>(void (IdleTimeDetector::*)(int, int), IdleTimeDetector*, void**) (qobjectdefs_impl.h:185) by: QtPrivate::QSlotObject<void (IdleTimeDetector::*)(int, int), QtPrivate::List<int, int>, void>::impl(int, QtPrivate::QSlotObjectBase*, QObject*, void**, bool*) (qobjectdefs_impl.h:418) by: call (qobjectdefs_impl.h:398) by: void doActivate<false>(QObject*, int, void**) (qobject.cpp:3886) by: KIdleTime::timeoutReached(int, int) (moc_kidletime.cpp:195) by: QtPrivate::QFunctorSlotObject<KIdleTime::KIdleTime()::{lambda(int)#2}, 1, QtPrivate::List<int>, void>::impl(int, QtPrivate::QSlotObjectBase*, QObject*, void**, bool*) (kidletime.cpp:296) by: call (qobjectdefs_impl.h:398) by: void doActivate<false>(QObject*, int, void**) (qobject.cpp:3886) by: AbstractSystemPoller::timeoutReached(int) (moc_abstractsystempoller.cpp:189) Block was alloc'd at at: malloc (in /usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so) by: QHashData::allocateNode(int) (qhash.cpp:479) by: UnknownInlinedFun (qhash.h:610) by: UnknownInlinedFun (qhash.h:761) by: KIdleTime::addIdleTimeout(int) (kidletime.cpp:128) by: IdleTimeDetector::startIdleDetection() (idletimedetector.cpp:122) by: TaskView::startTimerFor(Task*, QDateTime const&) (taskview.cpp:268) by: TaskView::startTimerForNow(Task*) (taskview.cpp:284) by: TaskView::startCurrentTimer() (taskview.cpp:257) by: TaskView::onTaskDoubleClicked(Task*) (taskview.cpp:612) by: QtPrivate::FunctorCall<QtPrivate::IndexesList<0>, QtPrivate::List<Task*>, void, void (TaskView::*)(Task*)>::call(void (TaskView::*)(Task*), TaskView*, void**) (qobjectdefs_impl.h:152) by: void QtPrivate::FunctionPointer<void (TaskView::*)(Task*)>::call<QtPrivate::List<Task*>, void>(void (TaskView::*)(Task*), TaskView*, void**) (qobjectdefs_impl.h:185) by: QtPrivate::QSlotObject<void (TaskView::*)(Task*), QtPrivate::List<Task*>, void>::impl(int, QtPrivate::QSlotObjectBase*, QObject*, void**, bool*) (qobjectdefs_impl.h:418) by: call (qobjectdefs_impl.h:398) by: void doActivate<false>(QObject*, int, void**) (qobject.cpp:3886) -- You are receiving this mail because: You are watching all bug changes.
