More crash-proof KCrash (was Re: Konq crash backtraces)

Lubos Lunak l.lunak at suse.cz
Wed Jan 11 16:40:43 GMT 2006


On Saturday 07 January 2006 13:13, Lubos Lunak wrote:
> Dne pátek 06 leden 2006 22:31 Thiago Macieira napsal(a):
> > Dik Takken wrote:
> > >It just happened again...
> > >
> > >Konqueror crashed without leaving a single trace. I compiled KDE 3.5
> > > with full debug info, which gives me useful backtraces when a crash
> > > occurs. Konqueror is a weird exception. One of its windows can just
> > > disappear in front of your nose, without DrKonqi popping up to get a
> > > backtrace.
> > >
> > Distributions are shipping glibc with some malloc checks, which cause it
> > to abort the program when a double-free or corruption occurs, but without
> > raising SIGABRT. There must be a way of making glibc raise the signal,
> > but I don't know how. It should be enabled by default in KDE code so that
> > the crash handler can catch them.
>
>  Not really. The error checking does raise SIGABRT, it's just that our
> crash handler depends on malloc() working and locks up already in
> DCOPClient::emergencyClose(). If we want to get a crash handler for heap
> corruptions too, we need to stay away from using the corrupted malloc. I
> can give it a shot.

 Ok, it wasn't as trivial, but I have a patch. The changes are:

- no qstrdup() of static strings or actually any strings , no other things 
that result in malloc() like using QCString, i18n() or whatever. Results in 
some ugly code like KAboutData::translateInternalProgramName() but oh well.

- no DCOPClient::emergencyClose() - what's the point anyway, I'm quite sure it 
doesn't get called when I do Ctrl+C and KDE seems to work just fine, so why 
should it be called when crashing - it calls malloc() and who knows what else

- no fork() - this one doesn't actually call malloc(), but there are some 
functions called at pre-fork time that do something with malloc locks (with 
glibc at least) - that leads to lockups as well. Since no fork() means no 
executing of other executables, the only other option I see is feeding the 
data to some other already running process via a socket. Fortunately we 
incidentally have already this kdeinit thingy running that's supposed to 
launch executables when it gets told via a socket, so I copy&pasted some code 
from there. That means some more syscalls, but that should be still more 
safe. There's still a fallback to use fork() in case using kdeinit fails for 
any reason.

 This way KCrash should be more reliable and we should (hopefully) always get 
DrKonqi now. And I can confirm that after one gets used to DrKonqi just 
having an application disappearing without a reason really doesn't feel nice. 
I'd like to commit this to 3.5 branch, so it'd be nice if somebody could at 
least peek at it.

PS: One more benefit would be that we could now make drkonqi a kdeinit module 
in order to make our crashes faster.

PPS: A good way of testing is just doing a double free().

-- 
Lubos Lunak
KDE developer
---------------------------------------------------------------------
SuSE CR, s.r.o.  e-mail: l.lunak at suse.cz , l.lunak at kde.org
Drahobejlova 27  tel: +420 2 9654 2373
190 00 Praha 9   fax: +420 2 9654 2374
Czech Republic   http://www.suse.cz/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: kdecore.patch
Type: text/x-diff
Size: 16859 bytes
Desc: not available
URL: <http://mail.kde.org/pipermail/kde-core-devel/attachments/20060111/cc70bb73/attachment.patch>


More information about the kde-core-devel mailing list