[KScreen] [Bug 479718] New: kscreen-doctor heap corruption

[Tim-Rex]

https://bugs.kde.org/show_bug.cgi?id=479718

            Bug ID: 479718
           Summary: kscreen-doctor heap corruption
    Classification: Plasma
           Product: KScreen
           Version: 5.27.10
          Platform: Fedora RPMs
                OS: Linux
            Status: REPORTED
          Severity: crash
          Priority: NOR
         Component: common
          Assignee: kscreen-bugs-n...@kde.org
          Reporter: tim.k...@gmail.com
  Target Milestone: ---

Created attachment 164855
  --> https://bugs.kde.org/attachment.cgi?id=164855&action=edit
amdgpu crash

SUMMARY
Originally posted at https://invent.kde.org/plasma/libkscreen/-/issues/4

Originally raised here (https://github.com/NVIDIA/egl-wayland/issues/99) as I
thought this might be related to nVidia proprietary drivers, however I'm able
to reproduce heap corruption (even if it manifest slightly differently) with
both nouveau and amdgpu drivers

Eric was able to demonstrate with valgrind (details in the ticket referenced
above).

The issue occurs during cleanup/teardown after running `kscreen-doctor -o`

With nvidia (proprietary) drivers, the issue could be demonstrated easily
(almost every other execution attempt)
With nouveau or amdgpu drivers, the issue is much less regular, perhaps after
100 or so iterations.

The crash errors range from:
`malloc_consolidate(): unaligned fastbin chunk detected`
`Segmentation fault (core dumped)`
`malloc(): unsorted double linked list corrupted`
`corrupted double-linked list`

See attachments.

My setup:
```
System:
  Kernel: 6.6.9-200.fc39.x86_64 arch: x86_64 bits: 64 compiler: gcc
    v: 2.40-13.fc39 Desktop: KDE Plasma v: 5.27.10 Distro: Fedora release 39
    (Thirty Nine)
Machine:
  Type: Desktop Mobo: ASUSTeK model: STRIX Z270G GAMING v: Rev 1.xx
    serial: <superuser required> UEFI: American Megatrends v: 1501
    date: 07/13/2021
CPU:
  Info: quad core model: Intel Core i7-7700K bits: 64 type: MT MCP
    arch: Kaby Lake rev: 9 cache: L1: 256 KiB L2: 1024 KiB L3: 8 MiB
  Speed (MHz): avg: 800 min/max: 800/4500 cores: 1: 800 2: 800 3: 800 4: 800
    5: 800 6: 800 7: 800 8: 800 bogomips: 67200
  Flags: avx avx2 ht lm nx pae sse sse2 sse3 sse4_1 sse4_2 ssse3
Graphics:
  Device-1: NVIDIA GM204 [GeForce GTX 970] vendor: ASUSTeK driver: N/A
    arch: Maxwell bus-ID: 01:00.0
  Device-2: AMD Ellesmere [Radeon RX 470/480/570/570X/580/580X/590]
    vendor: Sapphire Nitro+ driver: amdgpu v: kernel arch: GCN-4 bus-ID:
02:00.0
    temp: 52.0 C
  Display: wayland server: X.Org v: 23.2.3 with: Xwayland v: 23.2.3
    compositor: kwin_wayland driver: X: loaded: amdgpu,nvidia
    unloaded: fbdev,modesetting,nouveau,vesa dri: swrast gpu: amdgpu
    resolution: 1: 3840x2160~60Hz 2: 1440x2560~60Hz 3: 1024x768~60Hz
  API: EGL v: 1.5 drivers: kms_swrast,radeonsi,swrast platforms:
    active: gbm,wayland,x11,surfaceless,device inactive: N/A
  API: OpenGL v: 4.6 compat-v: 4.5 vendor: mesa v: 23.3.2 glx-v: 1.4
    direct-render: yes renderer: llvmpipe (LLVM 17.0.6 256 bits)
  API: Vulkan v: 1.3.268 drivers: radv,llvmpipe surfaces: xcb,xlib,wayland
    devices: 2
```


STEPS TO REPRODUCE
1. Repeatedly execute `kscreen-doctor -o` (alternatively, valgrind)


OBSERVED RESULT
Heap corruption

EXPECTED RESULT
No heap corruption

SOFTWARE/OS VERSIONS
Linux/KDE Plasma: 

KDE Plasma Version: 5.27.10
KDE Frameworks Version: 5.111.0
Qt Version: 5.15.11

-- 
You are receiving this mail because:
You are watching all bug changes.