Another crash-on-exit bug fixed
Kevin Funk
krf at gmx.de
Thu Feb 7 08:48:40 UTC 2013
On Thursday 07 February 2013, 09:41, Kevin Funk wrote:
> Hey,
>
> I just fixed a kdelibs bug that caused KDevelop to crash on exit in case a
> KCompositeJob was running that had subjobs with parents.
>
> Easy to reproduce:
> * Load kdevelop,kdevplatform as project
> * Trigger build
> * Immediately close KDevelop
>
> -> Crash in ~KCompositeJobPrivate
>
> Scenario:
> * Triggering build creates a BuilderJob instance
> with two MakeJobs objects as subjobs
> * Note: MakeJobs are children of MakeBuilder
> * Both the BuilderJob object and MakeJob A are registered in the
> runcontroller * On exit, MakeJob A is killed by the runcontroller
> * BuilderJob object is notified about that and removes this subjob
> * MakeJob B is still alive
> * Eventually the MakeBuilder plugin is unloaded,
> ~MakeBuilder() will delete all MakeJobs ever created.
> * Returns to event loop, BuilderJob is auto-deleted
> * BuilderJob thinks MakeJob B is still valid and tries to delete it
> => Double-free, crash
>
> The fix in kdelibs is simple:
> KCompositeJob assumes it has ownership over the subjobs but it doesn't
> reparent them in addSubjob(...) -- this is now fixed in 4.11.
>
> For us, this means ~MakeBuilder() no longer deletes MakeJob objects. Fixes
> the above scenario.
>
> To fix in KDevPlatform master I'd need to patch BuilderJob::addSubjob() with
> about 3 lines of code, if you think that's worth it, I can provide a patch.
>
> [1] https://bugs.kde.org/show_bug.cgi?id=230692
Note that never setting a parent on a KJob instance is a valid solution as
well (also recommended by dfaure).
Apparently KIO is doing that as well, hence the issue in KCompositeJob was
never discovered.
Greets
--
Kevin Funk
More information about the KDevelop-devel
mailing list