[kontact] [Bug 370646] Crash because of stale (dangling) pointers in the attribute registry

[Denis Kurz]

https://bugs.kde.org/show_bug.cgi?id=370646

Denis Kurz  changed:

   What|Removed |Added

 Resolution|WAITINGFORINFO  |UNMAINTAINED
 Status|NEEDSINFO   |RESOLVED

--- Comment #10 from Denis Kurz  ---
Just as announced in my last comment, I close this bug. If you encounter it
again in a recent version (at least 5.1 aka 15.12; preferably much more
recent), please open a new one unless it already exists. Thank you for all your
input.

-- 
You are receiving this mail because:
You are the assignee for the bug.

[kontact] [Bug 370646] Crash because of stale (dangling) pointers in the attribute registry

[Denis Kurz]

https://bugs.kde.org/show_bug.cgi?id=370646

Denis Kurz  changed:

   What|Removed |Added

 Resolution|--- |WAITINGFORINFO
 Status|UNCONFIRMED |NEEDSINFO
 CC||kde...@posteo.de

--- Comment #9 from Denis Kurz  ---
This bug has never been confirmed for a KDE PIM version that is based on KDE
Frameworks, except possibly a Technology Preview version 5.0.x. Those
Framework-based versions differ significantly from the old 4.x series.
Therefore, I plan to close it in around two or three months. In the meantime,
it is set to WAITINGFORINFO to give reporters the opportunity to check if it is
still valid. As soon as someone confirms it for a recent version (at least 5.1,
ideally even more recent), I'll gladly reopen it.

Please understand that we lack the manpower to triage bugs reported for
versions almost two years beyond their end of life.

(Thanks for your detailed analysis, RJVB, but we cannot afford to keep bugs
open just because there's a reason they *might still be relevant in recent
versions)

-- 
You are receiving this mail because:
You are the assignee for the bug.

[kontact] [Bug 370646] Crash because of stale (dangling) pointers in the attribute registry

[RJVB via KDE Bugzilla]

https://bugs.kde.org/show_bug.cgi?id=370646

RJVB  changed:

   What|Removed |Added

URL||http://arstechnica.com/civi
   ||s/viewtopic.php?p=32070659#
   ||p32070659

-- 
You are receiving this mail because:
You are the assignee for the bug.

[kontact] [Bug 370646] Crash because of stale (dangling) pointers in the attribute registry

[RJVB via KDE Bugzilla]

https://bugs.kde.org/show_bug.cgi?id=370646

--- Comment #8 from RJVB  ---
This bug has gotten under my skin. Having looked at this a bit more and asking
around a bit, the most likely explanation for the crash is this:

- KCModuleLoader::loadModule() loads the library to get a pointer to the
create_ function. The library registers its attributes.
- libnoteshared (or the kcm depending on it) doesn't have such a function, and
so KCModuleLoader::loadModule() unloads the library again
- somewhat thereafter, the library (and/or the kcm depending on it) is loaded
once more, and again registers its attributes
- the attribute factory finds a previous registration, and attempts to delete
the registered attributes
- since the library was unloaded and reloaded since those attributes were
"new'ed", the dtor lives (potentially) at a different address.
- delete *it invokes the dtor ... which may SEGV if the dtor address has
changed.

I see that `KCModuleLoader::loadModule()` has hardly changed and not at all in
the aspects outlined above. IOW, this bug is likely to occur in KDE PIM5 too if
libnoteshared hasn't obtained a create_ function since.

-- 
You are receiving this mail because:
You are the assignee for the bug.

[kontact] [Bug 370646] Crash because of stale (dangling) pointers in the attribute registry

[RJVB via KDE Bugzilla]

https://bugs.kde.org/show_bug.cgi?id=370646

RJVB  changed:

   What|Removed |Added

Summary|Crash when opening Kontact  |Crash because of stale
   |preferences |(dangling) pointers in the
   ||attribute registry

-- 
You are receiving this mail because:
You are the assignee for the bug.