[PATCH] Avoid crash in Konsole (TEWidget::setCursorPos)

Robert Knight robertknight at gmail.com
Fri Sep 8 11:13:45 BST 2006 

> I would like to see
> our applications not crash, even if it's not the true fix...
...
> Until that I still recommend the hasFocus() workaround.

Agreed.  I suggest committing your workaround for now, but with a
couple of lines of comments briefly mentioning the problem and
including the URL of this discussion in the mailing list archives, so
that future developers don't come along and remove it by mistake:

http://lists.kde.org/?l=kde-core-devel&m=115770546313922&w=2

Regards,
Robert.

On 08/09/06, Andras Mantia <amantia at kde.org> wrote:
> On Friday 08 September 2006 10:10, Andras Mantia wrote:
> > and nobody did anything solving the
> > problem until now, so if nobody has better idea, I would like to see
> > our applications not crash, even if it's not the true fix...
>
> I spent quite some time debugging this using gdb and valgrind, but I
> give up now. Valgrind reports:
>
> Quanta: focusW: [NewMainWindow pointer (0xb382ad8) to widget MainWindow,
> geometry=800x600+0+39] topLevelWidget: [NewMainWindow pointer
> (0xb382ad8) to widget MainWindow, geometry=800x600+0+39] x11Display:
> 0xace2ea8
> ==30009==
> ==30009== Invalid read of size 1
> ==30009==    at 0x8879680: QWidget::topLevelWidget() const
> (qwidget.cpp:2359)
> ==30009==    by 0xE58BCB5: QXIMInputContext::setMicroFocus(int, int,
> int, int, QFont*) (qximinputcontext_x11.cpp:758)
> ==30009==    by 0x87C89F3: QWidget::setMicroFocusHint(int, int, int,
> int, bool, QFont*) (qwidget_x11.cpp:981)
> ==30009==    by 0xF5C7C82: TEWidget::setCursorPos(int, int)
> (TEWidget.cpp:793)
> ==30009==    by 0xF5D8F79: TEmulation::showBulk() (TEmulation.cpp:471)
> ==30009==    by 0xF5D9027: TEmulation::setConnect(bool)
> (TEmulation.cpp:494)
> ==30009==    by 0xF5CF923: TEmuVt102::setConnect(bool)
> (TEmuVt102.cpp:1195)
> ==30009==    by 0xF5BB692: TESession::setConnect(bool) (session.cpp:352)
> ==30009==    by 0xF5B18DD: konsolePart::newSession()
> (konsole_part.cpp:1088)
> ==30009==    by 0xF5B193C: konsolePart::startProgram(QString const&,
> QStrList const&) (konsole_part.cpp:1054)
> ==30009==    by 0xF5AE81E: konsolePart::showShellInDir(QString const&)
> (konsole_part.cpp:1102)
> ==30009==    by 0xF5ADD22: konsolePart::showShell()
> (konsole_part.cpp:1117)
> ==30009==    by 0xF5ADD4F: konsolePart::autoShowShell()
> (konsole_part.cpp:212)
> ==30009==    by 0xF5B498B: konsolePart::qt_invoke(int, QUObject*)
> (konsole_part.moc:334)
> ==30009==    by 0x884B7AB: QObject::activate_signal(QConnectionList*,
> QUObject*) (qobject.cpp:2356)
> ==30009==    by 0x8B2D307: QSignal::signal(QVariant const&)
> (moc_qsignal.cpp:100)
> ==30009==    by 0x88642B4: QSignal::activate() (qsignal.cpp:212)
> ==30009==    by 0x886A8D7: QSingleShotTimer::event(QEvent*)
> (qtimer.cpp:286)
> ==30009==    by 0x87F4984: QApplication::internalNotify(QObject*,
> QEvent*) (qapplication.cpp:2636)
> ==30009==    by 0x87F55B6: QApplication::notify(QObject*, QEvent*)
> (qapplication.cpp:2359)
> ==30009==  Address 0x15403774 is not stack'd, malloc'd or (recently)
> free'd
> ==30009==
> ==30009== Invalid read of size 8
> ==30009==    at 0x887968A: QWidget::topLevelWidget() const
> (qobject.h:154)
> ==30009==    by 0xE58BCB5: QXIMInputContext::setMicroFocus(int, int,
> int, int, QFont*) (qximinputcontext_x11.cpp:758)
> ==30009==    by 0x87C89F3: QWidget::setMicroFocusHint(int, int, int,
> int, bool, QFont*) (qwidget_x11.cpp:981)
> ==30009==    by 0xF5C7C82: TEWidget::setCursorPos(int, int)
> (TEWidget.cpp:793)
> ==30009==    by 0xF5D8F79: TEmulation::showBulk() (TEmulation.cpp:471)
> ==30009==    by 0xF5D9027: TEmulation::setConnect(bool)
> (TEmulation.cpp:494)
> ==30009==    by 0xF5CF923: TEmuVt102::setConnect(bool)
> (TEmuVt102.cpp:1195)
> ==30009==    by 0xF5BB692: TESession::setConnect(bool) (session.cpp:352)
> ==30009==    by 0xF5B18DD: konsolePart::newSession()
> (konsole_part.cpp:1088)
> ==30009==    by 0xF5B193C: konsolePart::startProgram(QString const&,
> QStrList const&) (konsole_part.cpp:1054)
> ==30009==    by 0xF5AE81E: konsolePart::showShellInDir(QString const&)
> (konsole_part.cpp:1102)
> ==30009==    by 0xF5ADD22: konsolePart::showShell()
> (konsole_part.cpp:1117)
> ==30009==    by 0xF5ADD4F: konsolePart::autoShowShell()
> (konsole_part.cpp:212)
> ==30009==    by 0xF5B498B: konsolePart::qt_invoke(int, QUObject*)
> (konsole_part.moc:334)
> ==30009==    by 0x884B7AB: QObject::activate_signal(QConnectionList*,
> QUObject*) (qobject.cpp:2356)
> ==30009==    by 0x8B2D307: QSignal::signal(QVariant const&)
> (moc_qsignal.cpp:100)
> ==30009==    by 0x88642B4: QSignal::activate() (qsignal.cpp:212)
> ==30009==    by 0x886A8D7: QSingleShotTimer::event(QEvent*)
> (qtimer.cpp:286)
> ==30009==    by 0x87F4984: QApplication::internalNotify(QObject*,
> QEvent*) (qapplication.cpp:2636)
> ==30009==    by 0x87F55B6: QApplication::notify(QObject*, QEvent*)
> (qapplication.cpp:2359)
> ==30009==  Address 0x15403708 is not stack'd, malloc'd or (recently)
> free'd
> ==30009==
> ==30009== Invalid read of size 1
> ==30009==    at 0x88796A8: QWidget::topLevelWidget() const
> (qwidget.cpp:2359)
> ==30009==    by 0xE58BCB5: QXIMInputContext::setMicroFocus(int, int,
> int, int, QFont*) (qximinputcontext_x11.cpp:758)
> ==30009==    by 0x87C89F3: QWidget::setMicroFocusHint(int, int, int,
> int, bool, QFont*) (qwidget_x11.cpp:981)
> ==30009==    by 0xF5C7C82: TEWidget::setCursorPos(int, int)
> (TEWidget.cpp:793)
> ==30009==    by 0xF5D8F79: TEmulation::showBulk() (TEmulation.cpp:471)
> ==30009==    by 0xF5D9027: TEmulation::setConnect(bool)
> (TEmulation.cpp:494)
> ==30009==    by 0xF5CF923: TEmuVt102::setConnect(bool)
> (TEmuVt102.cpp:1195)
> ==30009==    by 0xF5BB692: TESession::setConnect(bool) (session.cpp:352)
> ==30009==    by 0xF5B18DD: konsolePart::newSession()
> (konsole_part.cpp:1088)
> ==30009==    by 0xF5B193C: konsolePart::startProgram(QString const&,
> QStrList const&) (konsole_part.cpp:1054)
> ==30009==    by 0xF5AE81E: konsolePart::showShellInDir(QString const&)
> (konsole_part.cpp:1102)
> ==30009==    by 0xF5ADD22: konsolePart::showShell()
> (konsole_part.cpp:1117)
> ==30009==    by 0xF5ADD4F: konsolePart::autoShowShell()
> (konsole_part.cpp:212)
> ==30009==    by 0xF5B498B: konsolePart::qt_invoke(int, QUObject*)
> (konsole_part.moc:334)
> ==30009==    by 0x884B7AB: QObject::activate_signal(QConnectionList*,
> QUObject*) (qobject.cpp:2356)
> ==30009==    by 0x8B2D307: QSignal::signal(QVariant const&)
> (moc_qsignal.cpp:100)
> ==30009==    by 0x88642B4: QSignal::activate() (qsignal.cpp:212)
> ==30009==    by 0x886A8D7: QSingleShotTimer::event(QEvent*)
> (qtimer.cpp:286)
> ==30009==    by 0x87F4984: QApplication::internalNotify(QObject*,
> QEvent*) (qapplication.cpp:2636)
> ==30009==    by 0x87F55B6: QApplication::notify(QObject*, QEvent*)
> (qapplication.cpp:2359)
> ==30009==  Address 0x73006E006F00E7 is not stack'd, malloc'd or
> (recently) free'd
> KCrash: crashing... crashRecursionCounter = 2
> KCrash: Application Name = kdevelop path = <unknown> pid = 30009
>
>
> Which gives a hint that the topLevelWidget might be corrupted. I copied
> the code from QXIMInputContext::setMicroFocus into the konsole part
> just before the setMicroFocusHint is called and it does not crash
> there. The problem might be that the QXIMInputContext itself is
> corrupted! In QWidget::setMicroFocusHint the inputcontext is created,
> or retrieved from icWidget->topData()->xic. Might be a problem
> somewhere here and in some cases this returns an invalid pointer.
> It is true that I do not see any assignment to QWidget::topData()->xic
> [=QWidget::extra->topExtra->xic] but one place to set it to 0 and
> commented as "created lazily", altough it is used in many places.
>
> Maybe someone can look at it and see if I'm right here, or the problem
> is in another place.
> Until that I still recommend the hasFocus() workaround.
>
> Andras
>
> --
> Quanta Plus developer - http://quanta.kdewebdev.org
> K Desktop Environment - http://www.kde.org
>
>
>

More information about the kde-core-devel mailing list