Serious kdecore problems
George Staikos
staikos at kde.org
Fri Oct 3 09:10:07 BST 2003
For weeks now, perhaps much longer, there have been some serious problems in
CVS-HEAD. I think they are related to kdecore, but I'm not entirely sure
because the problem is very hard to track down. The symptoms are clear, and
are seen by many people. I've seen it on 4 different systems myself
(different compilers, OS releases, etc too). We have had multiple reports of
this on bugs.kde.org. I have spent many hours trying to reproduce this,
trying to catch it in valgrind or gdb in a useful manner, trying to diagnose
it, and trying to fix it. I definitely haven't solved the problem yet,
though I do have a patch that makes it harder to reproduce.
The problem:
Changing widget styles, among other things, causes weird random crashes in
konqueror or kicker (at least) that always have a similar backtrace.
Sometimes the crash will just happen for no apparent reason, such as moving
the mouse across the screen and having it run overtop of a konqueror window.
The crashes most often have this in the backtrace:
#6 0x40e006f6 in QString::QString(QString const&) ()
#7 0x406f9e87 in KIconEffect::fingerprint(int, int) const (this=0x82da7fc,
group=-1073749796, state=0)
#8 0x40708c2e in KIconLoader::loadIcon(QString const&, KIcon::Group, int, int,
QString*, bool) const (this=0x82d0f58, _name=@0x8418d84, group=Small,
size=137257888, state=0, path_store=0x0, canReturnNull=false)
Note the size in #8 is bogus, the group in #7 is bogus. A group like that
will certainly cause a crash. It shouldn't be able to get that far though.
I have seen other similar backtraces, especially when I try to remove the
static objects (see below for more details):
#3 in _static_initialization_and_destruction_0
....
#6 in KIconLoader::loadIcon(...) with QString _name=@0x1 (!!!), state=18979792
(!!!), canReturnNull=65, size=1, etc
Also one with:
#4 KIconLoader::init() with _dirs=0x3bf0 (nice pointer)
Investigations led me to believe that there were corrupt static objects.
GDB would show null references all over the place and they all pointed to
what should have been static memory. If I remove all static objects from
KIconLoader, it becomes much more difficult to reproduce the problem but it
still happens. The backtrace is different, and looks quite bogus now
(KIconLoader::init->KIconTheme->KLocale::readMoney->QString->crash->KGlobalAccelPrivate::activate)
Null references and bad pointers are all over the place in the backtrace.
I tried to trigger this in valgrind. It's very difficult to do this for
some reason. Tonight I triggered it for the first time. Valgrind crashed
when it happened. I'm going to try again. Here is what I managed to get
before it crashed:
==27651== Invalid read of size 4
==27651== at 0x40AFF5BC: KInstance::iconLoader() const
(cvs/kdelibs/kdecore/kinstance.cpp:198)
==27651== by 0x408C11C1: KToolBarButton::setIcon(QString const&)
(cvs/kdelibs/kdeui/ktoolbarbutton.cpp:275)
==27651== by 0x408C0ECF: KToolBarButton::modeChange()
(cvs/kdelibs/kdeui/ktoolbarbutton.cpp:183)
==27651== by 0x408C2698: KToolBarButton::paletteChange(QPalette const&)
(cvs/kdelibs/kdeui/ktoolbarbutton.cpp:591)
==27651== by 0x40F9BADB: QWidget::setPalette(QPalette const&)
(qt-copy/src/kernel/qwidget.cpp:2682)
==27651== by 0x40F9BB8C: QWidget::unsetPalette()
(qt-copy/src/kernel/qwidget.cpp:2689)
==27651== by 0x40F9F8FC: QWidget::event(QEvent*)
(qt-copy/src/kernel/qwidget.cpp:4598)
==27651== by 0x40EE8AB6: QApplication::internalNotify(QObject*, QEvent*)
(qt-copy/src/kernel/qapplication.cpp:2582)
==27651== by 0x40EE86BF: QApplication::notify(QObject*, QEvent*)
(qt-copy/src/kernel/qapplication.cpp:2470)
==27651== by 0x40A3FD59: KApplication::notify(QObject*, QEvent*)
(cvs/kdelibs/kdecore/kapplication.cpp:492)
==27651== by 0x40E7124A: QApplication::sendEvent(QObject*, QEvent*)
(qt-copy/src/kernel/qapplication.h:490)
==27651== by 0x40F9BA69: QWidget::setPalette(QPalette const&)
(qt-copy/src/kernel/qwidget.cpp:2679)
==27651== by 0x40F9BB8C: QWidget::unsetPalette()
(qt-copy/src/kernel/qwidget.cpp:2689)
==27651== by 0x40F9F8FC: QWidget::event(QEvent*)
(qt-copy/src/kernel/qwidget.cpp:4598)
==27651== by 0x41031489: QDockWindow::event(QEvent*)
(qt-copy/src/widgets/qdockwindow.cpp:2052)
==27651== by 0x410CC7AE: QToolBar::event(QEvent*)
(qt-copy/src/widgets/qtoolbar.cpp:518)
==27651== by 0x40806B01: KToolBar::event(QEvent*)
(cvs/kdelibs/kdeui/ktoolbar.cpp:1737)
==27651== by 0x40EE8AB6: QApplication::internalNotify(QObject*, QEvent*)
(qt-copy/src/kernel/qapplication.cpp:2582)
==27651== by 0x40EE86BF: QApplication::notify(QObject*, QEvent*)
(qt-copy/src/kernel/qapplication.cpp:2470)
==27651== by 0x40A3FD59: KApplication::notify(QObject*, QEvent*)
(cvs/kdelibs/kdecore/kapplication.cpp:492)
==27651== by 0x40E7124A: QApplication::sendEvent(QObject*, QEvent*)
(qt-copy/src/kernel/qapplication.h:490)
==27651== by 0x40F9BA69: QWidget::setPalette(QPalette const&)
(qt-copy/src/kernel/qwidget.cpp:2679)
==27651== by 0x40F9BB8C: QWidget::unsetPalette()
(qt-copy/src/kernel/qwidget.cpp:2689)
==27651== by 0x40F9F8FC: QWidget::event(QEvent*)
(qt-copy/src/kernel/qwidget.cpp:4598)
==27651== by 0x40EE8AB6: QApplication::internalNotify(QObject*, QEvent*)
(qt-copy/src/kernel/qapplication.cpp:2582)
==27651== by 0x40EE86BF: QApplication::notify(QObject*, QEvent*)
(qt-copy/src/kernel/qapplication.cpp:2470)
==27651== by 0x40A3FD59: KApplication::notify(QObject*, QEvent*)
(cvs/kdelibs/kdecore/kapplication.cpp:492)
==27651== by 0x40E7124A: QApplication::sendEvent(QObject*, QEvent*)
(qt-copy/src/kernel/qapplication.h:490)
==27651== by 0x40F9BA69: QWidget::setPalette(QPalette const&)
(qt-copy/src/kernel/qwidget.cpp:2679)
==27651== by 0x40F9BB8C: QWidget::unsetPalette()
(qt-copy/src/kernel/qwidget.cpp:2689)
==27651== by 0x40F9F8FC: QWidget::event(QEvent*)
(qt-copy/src/kernel/qwidget.cpp:4598)
==27651== by 0x41083CB2: QMainWindow::event(QEvent*)
(qt-copy/src/widgets/qmainwindow.cpp:1669)
==27651== by 0x40EE8AB6: QApplication::internalNotify(QObject*, QEvent*)
(qt-copy/src/kernel/qapplication.cpp:2582)
==27651== by 0x40EE86BF: QApplication::notify(QObject*, QEvent*)
(qt-copy/src/kernel/qapplication.cpp:2470)
==27651== by 0x40A3FD59: KApplication::notify(QObject*, QEvent*)
(cvs/kdelibs/kdecore/kapplication.cpp:492)
==27651== by 0x40E7124A: QApplication::sendEvent(QObject*, QEvent*)
(qt-copy/src/kernel/qapplication.h:490)
==27651== by 0x40EE7425: QApplication::setPalette(QPalette const&, bool,
char const*) (qt-copy/src/kernel/qapplication.cpp:1850)
==27651== by 0x40EE598B: QApplication::setStyle(QStyle*)
(qt-copy/src/kernel/qapplication.cpp:1311)
==27651== by 0x40A459DA: KApplication::applyGUIStyle()
(cvs/kdelibs/kdecore/kapplication.cpp:1720)
==27651== by 0x40A46B38: KApplication::kdisplaySetStyle()
(cvs/kdelibs/kdecore/kapplication.cpp:1894)
==27651== Address 0x48FCC30C is not stack'd, malloc'd or free'd
==27651==
==27651== Invalid read of size 4
==27651== at 0x40AB6A1F: KIconLoader::loadIconSet(QString const&,
KIcon::Group, int, bool) (cvs/kdelibs/kdecore/kiconloader.cpp:1096)
==27651== by 0x40AB69FE: KIconLoader::loadIconSet(QString const&,
KIcon::Group, int) (cvs/kdelibs/kdecore/kiconloader.cpp:1073)
==27651== by 0x408C11CA: KToolBarButton::setIcon(QString const&)
(cvs/kdelibs/kdeui/ktoolbarbutton.cpp:275)
==27651== by 0x408C0ECF: KToolBarButton::modeChange()
(cvs/kdelibs/kdeui/ktoolbarbutton.cpp:183)
==27651== by 0x408C2698: KToolBarButton::paletteChange(QPalette const&)
(cvs/kdelibs/kdeui/ktoolbarbutton.cpp:591)
==27651== by 0x40F9BADB: QWidget::setPalette(QPalette const&)
(qt-copy/src/kernel/qwidget.cpp:2682)
==27651== by 0x40F9BB8C: QWidget::unsetPalette()
(qt-copy/src/kernel/qwidget.cpp:2689)
==27651== by 0x40F9F8FC: QWidget::event(QEvent*)
(qt-copy/src/kernel/qwidget.cpp:4598)
==27651== by 0x40EE8AB6: QApplication::internalNotify(QObject*, QEvent*)
(qt-copy/src/kernel/qapplication.cpp:2582)
==27651== by 0x40EE86BF: QApplication::notify(QObject*, QEvent*)
(qt-copy/src/kernel/qapplication.cpp:2470)
==27651== by 0x40A3FD59: KApplication::notify(QObject*, QEvent*)
(cvs/kdelibs/kdecore/kapplication.cpp:492)
==27651== by 0x40E7124A: QApplication::sendEvent(QObject*, QEvent*)
(qt-copy/src/kernel/qapplication.h:490)
==27651== by 0x40F9BA69: QWidget::setPalette(QPalette const&)
(qt-copy/src/kernel/qwidget.cpp:2679)
==27651== by 0x40F9BB8C: QWidget::unsetPalette()
(qt-copy/src/kernel/qwidget.cpp:2689)
==27651== by 0x40F9F8FC: QWidget::event(QEvent*)
(qt-copy/src/kernel/qwidget.cpp:4598)
==27651== by 0x41031489: QDockWindow::event(QEvent*)
(qt-copy/src/widgets/qdockwindow.cpp:2052)
==27651== by 0x410CC7AE: QToolBar::event(QEvent*)
(qt-copy/src/widgets/qtoolbar.cpp:518)
==27651== by 0x40806B01: KToolBar::event(QEvent*)
(cvs/kdelibs/kdeui/ktoolbar.cpp:1737)
==27651== by 0x40EE8AB6: QApplication::internalNotify(QObject*, QEvent*)
(qt-copy/src/kernel/qapplication.cpp:2582)
==27651== by 0x40EE86BF: QApplication::notify(QObject*, QEvent*)
(qt-copy/src/kernel/qapplication.cpp:2470)
==27651== by 0x40A3FD59: KApplication::notify(QObject*, QEvent*)
(cvs/kdelibs/kdecore/kapplication.cpp:492)
==27651== by 0x40E7124A: QApplication::sendEvent(QObject*, QEvent*)
(qt-copy/src/kernel/qapplication.h:490)
==27651== by 0x40F9BA69: QWidget::setPalette(QPalette const&)
(qt-copy/src/kernel/qwidget.cpp:2679)
==27651== by 0x40F9BB8C: QWidget::unsetPalette()
(qt-copy/src/kernel/qwidget.cpp:2689)
==27651== by 0x40F9F8FC: QWidget::event(QEvent*)
(qt-copy/src/kernel/qwidget.cpp:4598)
==27651== by 0x40EE8AB6: QApplication::internalNotify(QObject*, QEvent*)
(qt-copy/src/kernel/qapplication.cpp:2582)
==27651== by 0x40EE86BF: QApplication::notify(QObject*, QEvent*)
(qt-copy/src/kernel/qapplication.cpp:2470)
==27651== by 0x40A3FD59: KApplication::notify(QObject*, QEvent*)
(cvs/kdelibs/kdecore/kapplication.cpp:492)
==27651== by 0x40E7124A: QApplication::sendEvent(QObject*, QEvent*)
(qt-copy/src/kernel/qapplication.h:490)
==27651== by 0x40F9BA69: QWidget::setPalette(QPalette const&)
(qt-copy/src/kernel/qwidget.cpp:2679)
==27651== by 0x40F9BB8C: QWidget::unsetPalette()
(qt-copy/src/kernel/qwidget.cpp:2689)
==27651== by 0x40F9F8FC: QWidget::event(QEvent*)
(qt-copy/src/kernel/qwidget.cpp:4598)
==27651== by 0x41083CB2: QMainWindow::event(QEvent*)
(qt-copy/src/widgets/qmainwindow.cpp:1669)
==27651== by 0x40EE8AB6: QApplication::internalNotify(QObject*, QEvent*)
(qt-copy/src/kernel/qapplication.cpp:2582)
==27651== by 0x40EE86BF: QApplication::notify(QObject*, QEvent*)
(qt-copy/src/kernel/qapplication.cpp:2470)
==27651== by 0x40A3FD59: KApplication::notify(QObject*, QEvent*)
(cvs/kdelibs/kdecore/kapplication.cpp:492)
==27651== by 0x40E7124A: QApplication::sendEvent(QObject*, QEvent*)
(qt-copy/src/kernel/qapplication.h:490)
==27651== by 0x40EE7425: QApplication::setPalette(QPalette const&, bool,
char const*) (qt-copy/src/kernel/qapplication.cpp:1850)
==27651== by 0x40EE598B: QApplication::setStyle(QStyle*)
(qt-copy/src/kernel/qapplication.cpp:1311)
==27651== by 0x40A459DA: KApplication::applyGUIStyle()
(cvs/kdelibs/kdecore/kapplication.cpp:1720)
==27651== Address 0xFFFFFFE2 is not stack'd, malloc'd or free'd
Meanwhile what else am I trying? I read through cvs history and noticed a
change that could remotely be an influence in some way. In kinstance.cpp
near line 200 delayed iconset loading was enabled in the not-too-distant
past. I tried disabling this and I have been completely unable to reproduce
the crashes since. Does anyone have some insight into this? Carsten? Of
course I'm not declaring this to be the cause of the problems because they
are so unpredictable, but normally I can trigger a crash fairly easily given
this much time. I'm getting suspicious that this is what triggered the start
of these crashes.
Does anyone have some input on this?
--
George Staikos
KDE Developer http://www.kde.org/
Staikos Computing Services Inc. http://www.staikos.net/
More information about the kde-core-devel
mailing list