[kinfocenter] [Bug 413003] KInfoCenter eventually crashes when browsing through energy information
https://bugs.kde.org/show_bug.cgi?id=413003 Harald Sitter changed: What|Removed |Added Status|CONFIRMED |ASSIGNED CC||sit...@kde.org --- Comment #12 from Harald Sitter --- https://phabricator.kde.org/D26725 Essentially when leaving the energy module, qml will delete the Battery pointers we've passed it from the cpp side, those are however internal to solid and mustn't be deleted. So, solid would implode the next time we try to get the pointers. -- You are receiving this mail because: You are watching all bug changes.
[kinfocenter] [Bug 413003] KInfoCenter eventually crashes when browsing through energy information
https://bugs.kde.org/show_bug.cgi?id=413003 Mariusz Libera changed: What|Removed |Added CC||mariusz.lib...@gmail.com -- You are receiving this mail because: You are watching all bug changes.
[kinfocenter] [Bug 413003] KInfoCenter eventually crashes when browsing through energy information
https://bugs.kde.org/show_bug.cgi?id=413003 bonfos...@gmail.com changed: What|Removed |Added Component|general |Energy Information Version|5.17.0 |5.17.5 Platform|unspecified |Fedora RPMs Assignee|hubn...@gmail.com |k...@privat.broulik.de -- You are receiving this mail because: You are watching all bug changes.
[kinfocenter] [Bug 413003] KInfoCenter eventually crashes when browsing through energy information
https://bugs.kde.org/show_bug.cgi?id=413003 bonfos...@gmail.com changed: What|Removed |Added CC||bonfos...@gmail.com -- You are receiving this mail because: You are watching all bug changes.
[kinfocenter] [Bug 413003] KInfoCenter eventually crashes when browsing through energy information
https://bugs.kde.org/show_bug.cgi?id=413003 --- Comment #10 from Postix --- *** Bug 414099 has been marked as a duplicate of this bug. *** -- You are receiving this mail because: You are watching all bug changes.
[kinfocenter] [Bug 413003] KInfoCenter eventually crashes when browsing through energy information
https://bugs.kde.org/show_bug.cgi?id=413003 Postix changed: What|Removed |Added CC||pos...@posteo.eu -- You are receiving this mail because: You are watching all bug changes.
[kinfocenter] [Bug 413003] KInfoCenter eventually crashes when browsing through energy information
https://bugs.kde.org/show_bug.cgi?id=413003 Nate Graham changed: What|Removed |Added CC||n...@kde.org -- You are receiving this mail because: You are watching all bug changes.
[kinfocenter] [Bug 413003] KInfoCenter eventually crashes when browsing through energy information
https://bugs.kde.org/show_bug.cgi?id=413003 Christoph Feck changed: What|Removed |Added CC||thesource...@gmail.com --- Comment #8 from Christoph Feck --- *** Bug 414844 has been marked as a duplicate of this bug. *** -- You are receiving this mail because: You are watching all bug changes.
[kinfocenter] [Bug 413003] KInfoCenter eventually crashes when browsing through energy information
https://bugs.kde.org/show_bug.cgi?id=413003 --- Comment #9 from Christoph Feck --- *** Bug 414817 has been marked as a duplicate of this bug. *** -- You are receiving this mail because: You are watching all bug changes.
[kinfocenter] [Bug 413003] KInfoCenter eventually crashes when browsing through energy information
https://bugs.kde.org/show_bug.cgi?id=413003 Christoph Feck changed: What|Removed |Added CC||john4deidre2...@xtra.co.nz --- Comment #7 from Christoph Feck --- *** Bug 415372 has been marked as a duplicate of this bug. *** -- You are receiving this mail because: You are watching all bug changes.
[kinfocenter] [Bug 413003] KInfoCenter eventually crashes when browsing through energy information
https://bugs.kde.org/show_bug.cgi?id=413003 Alexander Potashev changed: What|Removed |Added CC||aspotas...@gmail.com -- You are receiving this mail because: You are watching all bug changes.
[kinfocenter] [Bug 413003] KInfoCenter eventually crashes when browsing through energy information
https://bugs.kde.org/show_bug.cgi?id=413003 Christoph Feck changed: What|Removed |Added CC||freefreen...@gmail.com --- Comment #6 from Christoph Feck --- *** Bug 414209 has been marked as a duplicate of this bug. *** -- You are receiving this mail because: You are watching all bug changes.
[kinfocenter] [Bug 413003] KInfoCenter eventually crashes when browsing through energy information
https://bugs.kde.org/show_bug.cgi?id=413003 --- Comment #5 from Christoph Feck --- *** Bug 414205 has been marked as a duplicate of this bug. *** -- You are receiving this mail because: You are watching all bug changes.
[kinfocenter] [Bug 413003] KInfoCenter eventually crashes when browsing through energy information
https://bugs.kde.org/show_bug.cgi?id=413003 Christoph Feck changed: What|Removed |Added See Also||https://bugs.kde.org/show_b ||ug.cgi?id=414200 -- You are receiving this mail because: You are watching all bug changes.
[kinfocenter] [Bug 413003] KInfoCenter eventually crashes when browsing through energy information
https://bugs.kde.org/show_bug.cgi?id=413003 Christoph Feck changed: What|Removed |Added CC||alandre...@gmail.com --- Comment #4 from Christoph Feck --- *** Bug 414500 has been marked as a duplicate of this bug. *** -- You are receiving this mail because: You are watching all bug changes.
[kinfocenter] [Bug 413003] KInfoCenter eventually crashes when browsing through energy information
https://bugs.kde.org/show_bug.cgi?id=413003 Rex Dieter changed: What|Removed |Added CC||rdie...@gmail.com -- You are receiving this mail because: You are watching all bug changes.
[kinfocenter] [Bug 413003] KInfoCenter eventually crashes when browsing through energy information
https://bugs.kde.org/show_bug.cgi?id=413003 --- Comment #3 from Matt Fagnani --- Created attachment 124238 --> https://bugs.kde.org/attachment.cgi?id=124238=edit valgrind log from kinfocenter run when clicking Energy Information, File Indexer Monitor, then Energy Information I ran valgrind --log-file=valgrind-kinfocenter-energy-index-1.txt --track-origins=yes kinfocenter & I reproduced the crash in the same way as in my previous comment. The valgrind log showed an invalid read in wl_proxy_unref at wayland-client.c:229 and an invalid write in wl_proxy_unref at wayland-client.c:230 in libwayland-client. They appeared to be use-after-free errors like those I've previously reported for kwin_wayland, plasmashell, konsole, powerdevil, etc. ( https://bugs.kde.org/show_bug.cgi?id=409688 ) 84 Conditional jump or move depends on uninitialised value(s) and 13 Use of uninitialised value messages were shown. An invalid read in QMetaObject::cast at qmetaobject.cpp:381 in freed memory was followed by an invalid read "Address 0x53 is not stack'd, malloc'd or (recently) free'd" at the same line. This trace looks like that of the crashing thread. The use-after-free error might've led to the segmentation fault due to the invalid pointer. ==5320== Invalid read of size 8 ==5320==at 0x5CA7FA0: QMetaObject::cast(QObject const*) const (qmetaobject.cpp:381) ==5320==by 0x2880DAE0: qobject_cast (qobject.h:504) ==5320==by 0x2880DAE0: as (device.h:233) ==5320==by 0x2880DAE0: BatteryModel::data(QModelIndex const&, int) const (batterymodel.cpp:75) ==5320==by 0x68F874A: data (qabstractitemmodel.h:458) ==5320==by 0x68F874A: value (qqmladaptormodel.cpp:414) ==5320==by 0x68F874A: QQmlDMCachedModelData::metaCall(QMetaObject::Call, int, void**) (qqmladaptormodel.cpp:282) ==5320==by 0x6A0A043: readProperty (qqmlpropertycache_p.h:328) ==5320==by 0x6A0A043: loadProperty(QV4::ExecutionEngine*, QObject*, QQmlPropertyData const&) (qv4qobjectwrapper.cpp:178) ==5320==by 0x6A0BB3B: QV4::QObjectWrapper::virtualResolveLookupGetter(QV4::Object const*, QV4::ExecutionEngine*, QV4::Lookup*) (qv4qobjectwrapper.cpp:877) ==5320==by 0x6A2A714: QV4::Moth::VME::interpret(QV4::CppStackFrame*, QV4::ExecutionEngine*, char const*) (qv4vme_moth.cpp:621) ==5320==by 0x6A2F556: QV4::Moth::VME::exec(QV4::CppStackFrame*, QV4::ExecutionEngine*) (qv4vme_moth.cpp:447) ==5320==by 0x69BC8FE: QV4::Function::call(QV4::Value const*, QV4::Value const*, int, QV4::ExecutionContext const*) (qv4function.cpp:68) ==5320==by 0x6B45C06: QQmlJavaScriptExpression::evaluate(QV4::CallData*, bool*) (qqmljavascriptexpression.cpp:211) ==5320==by 0x6B4B9B2: QQmlBinding::evaluate(bool*) (qqmlbinding.cpp:209) ==5320==by 0x6B504E9: QQmlNonbindingBinding::doUpdate(QQmlJavaScriptExpression::DeleteWatcher const&, QFlags, QV4::Scope&) (qqmlbinding.cpp:245) ==5320==by 0x6B4CC93: QQmlBinding::update(QFlags) (qqmlbinding.cpp:185) ==5320== Address 0x2ae6bf60 is 0 bytes inside a block of size 192 free'd ==5320==at 0x483AA0C: free (vg_replace_malloc.c:540) ==5320==by 0x68EEEAF: UnknownInlinedFun (qarraydata.h:239) ==5320==by 0x68EEEAF: ~QString (qstring.h:1135) ==5320==by 0x68EEEAF: node_destruct (qlist.h:499) ==5320==by 0x68EEEAF: dealloc (qlist.h:868) ==5320==by 0x68EEEAF: QList::~QList() (qlist.h:830) ==5320==by 0x692050E: ~QStringList (qstringlist.h:99) ==5320==by 0x692050E: QV4::CompiledData::CompilationUnit::loadFromDisk(QUrl const&, QDateTime const&, QString*) (qv4compileddata.cpp:658) ==5320==by 0x6B0C07F: QQmlScriptBlob::dataReceived(QQmlDataBlob::SourceCodeData const&) (qqmltypeloader.cpp:3020) ==5320==by 0x6B04AB1: QQmlTypeLoader::setData(QQmlDataBlob*, QQmlDataBlob::SourceCodeData const&) (qqmltypeloader.cpp:1302) ==5320==by 0x6B053DC: QQmlTypeLoader::setData(QQmlDataBlob*, QString const&) (qqmltypeloader.cpp:1292) ==5320==by 0x6B0550C: QQmlTypeLoader::loadThread(QQmlDataBlob*) (qqmltypeloader.cpp:1162) ==5320==by 0x6B134FB: loadThread (qqmltypeloader.cpp:1007) ==5320==by 0x6B134FB: void QQmlTypeLoader::doLoad(PlainLoader const&, QQmlDataBlob*, QQmlTypeLoader::Mode) (qqmltypeloader.cpp:1066) ==5320==by 0x6B05779: QQmlTypeLoader::load(QQmlDataBlob*, QQmlTypeLoader::Mode) (qqmltypeloader.cpp:1098) ==5320==by 0x6B05E6E: QQmlTypeLoader::getScript(QUrl const&) (qqmltypeloader.cpp:1760) ==5320==by 0x6B0896A: QQmlTypeLoader::Blob::addImport(QV4::CompiledData::Import const*, QList*) (qqmltypeloader.cpp:1444) ==5320==by 0x6B09F6C: QQmlTypeData::tryLoadFromDiskCache() (qqmltypeloader.cpp:2215) ==5320== Block was alloc'd at ==5320==at 0x483980B: malloc (vg_replace_malloc.c:309) ==5320==by 0x5B02100: QArrayData::allocate(unsigned long, unsigned long, unsigned long, QFlags) (qarraydata.cpp:118) ==5320==by 0x5B71896: UnknownInlinedFun (qarraydata.h:224) ==5320==by 0x5B71896: QString::QString(int, Qt::Initialization) (qstring.cpp:2176)
[kinfocenter] [Bug 413003] KInfoCenter eventually crashes when browsing through energy information
https://bugs.kde.org/show_bug.cgi?id=413003 Matt Fagnani changed: What|Removed |Added CC||matthew.fagn...@utoronto.ca -- You are receiving this mail because: You are watching all bug changes.
[kinfocenter] [Bug 413003] KInfoCenter eventually crashes when browsing through energy information
https://bugs.kde.org/show_bug.cgi?id=413003 --- Comment #2 from Matt Fagnani --- Created attachment 124235 --> https://bugs.kde.org/attachment.cgi?id=124235=edit New crash information added by DrKonqi kinfocenter (5.17.3) using Qt 5.12.5 - What I was doing when the application crashed: I was using Plasma 5.17.3 on Wayland in Fedora 31. I started kinfocenter. I clicked on Energy Information, File Indexer Monitor, then Energy Information. Dr. Konqi showed a segmentation fault in QMetaObject::cast at kernel/qmetaobject.cpp:381 in qt5-qtbase-5.12.5-1.fc31.x86_64. This crash happened 3/3 times I tried the steps above. -- Backtrace (Reduced): #8 0x7fcdf8222ae1 in qobject_cast (object=) at /usr/include/qt5/QtCore/qobject.h:499 #9 Solid::Device::as (this=0x7ffd448d5eb0) at /usr/include/KF5/Solid/solid/device.h:233 #10 BatteryModel::data (this=, index=..., role=) at /usr/src/debug/kinfocenter-5.17.3-1.fc31.x86_64/Modules/energy/batterymodel.cpp:75 #11 0x7fce16fbd74b in QModelIndex::data (arole=256, this=0x7ffd448d5f30) at /usr/include/qt5/QtCore/qabstractitemmodel.h:458 #12 QQmlDMAbstractItemModelData::value (role=256, this=0x563ab03a4810) at util/qqmladaptormodel.cpp:414 -- You are receiving this mail because: You are watching all bug changes.
[kinfocenter] [Bug 413003] KInfoCenter eventually crashes when browsing through energy information
https://bugs.kde.org/show_bug.cgi?id=413003 Méven Car changed: What|Removed |Added CC||k...@davidedmundson.co.uk, ||meve...@gmail.com Ever confirmed|0 |1 Status|REPORTED|CONFIRMED --- Comment #1 from Méven Car --- Seems to related to https://cgit.kde.org/kinfocenter.git/commit/?id=95569a0eae884427c7f7ab11fd63ae577f0be16d Thi is easily reproductible : 1. Open kinfocenter > energy information 2. Switch to another tab in kinfocenter (for instance memory) 3. Return to energy information tab 4. Crash [KCrash Handler] #7 0x55716942d120 in ?? () #8 0x7fdb30a388de in QMetaObject::cast (this=this@entry=0x7fdb2a551a20 , obj=0x5571698ea6f0) at kernel/qmetaobject.cpp:374 #9 0x7fdb30a38919 in QMetaObject::cast (this=this@entry=0x7fdb2a551a20 , obj=) at kernel/qmetaobject.cpp:363 #10 0x7fdb219cc721 in qobject_cast (object=) at /usr/include/x86_64-linux-gnu/qt5/QtCore/qobject.h:499 #11 Solid::Device::as (this=0x7ffc2056ec90) at /home/meven/kde/usr/include/KF5/Solid/solid/device.h:233 #12 BatteryModel::data (this=, index=..., role=) at /home/meven/kde/src/kinfocenter/Modules/energy/batterymodel.cpp:76 #13 0x7fdb2facc99c in QModelIndex::data (arole=256, this=0x7ffc2056ed10) at /usr/include/x86_64-linux-gnu/qt5/QtCore/qabstractitemmodel.h:458 #14 QQmlDMAbstractItemModelData::value (role=256, this=0x55716c74c1b0) at util/qqmladaptormodel.cpp:408 #15 QQmlDMCachedModelData::metaCall (this=0x55716c74c1b0, call=, id=, arguments=0x7ffc2056edc0) at util/qqmladaptormodel.cpp:276 #16 0x7fdb2fbd69b4 in QQmlPropertyData::readProperty (property=0x7ffc2056eda0, target=0x55716c74c1b0, this=0x55716cae2038) at ../../include/QtQml/5.12.4/QtQml/private/../../../../../src/qml/qml/qqmlpropertycache_p.h:328 #17 loadProperty (v4=0x557169bc9220, object=0x55716c74c1b0, property=...) at jsr -- You are receiving this mail because: You are watching all bug changes.
