[Konsole-devel] Review Request 119004: Fix crash caused by dereferencing a deleted submenu
Kurt Hindenburg
kurt.hindenburg at gmail.com
Tue Jul 1 13:15:49 UTC 2014
> On July 1, 2014, 12:47 p.m., Kurt Hindenburg wrote:
> > Aaccording to the KDE api (4.x):
> >
> > KMenu * KActionMenu::menu ( )
> > Returns this action's menu as a KMenu, if it is one.
> > If none exists, one will be created.
> >
> > Can you provide any instances where the current code actually crashes?
>
> Arjun Ak wrote:
> Thread 1 (Thread 0x7ffc34b698c0 (LWP 8160)):
> [KCrash Handler]
> #6 0x00007ffc3715c5d6 in QScopedPointer<QObjectData, QScopedPointerDeleter<QObjectData> >::data (this=0x8) at ../../include/QtCore/qscopedpointer.h:143
> #7 0x00007ffc371bb3b5 in qGetPtrHelper<QScopedPointer<QObjectData> > (p=...) at ../../include/QtCore/qglobal.h:941
> #8 0x00007ffc371bc31c in QWidget::d_func (this=0x0) at ../../include/QtWidgets/qwidget.h:129
> #9 0x00007ffc371a6580 in QWidget::actions (this=0x0) at kernel/qwidget.cpp:3039
> #10 0x00007ffc3732a01b in QMenu::clear (this=0x0) at widgets/qmenu.cpp:1800
> #11 0x00007ffc3d533466 in Konsole::MainWindow::profileListChanged (this=0x1fb06e0, sessionActions=...) at /home/arjun/kde5-src/kde/applications/konsole/src/MainWindow.cpp:399
> #12 0x00007ffc3d53d326 in QtPrivate::FunctorCall<QtPrivate::IndexesList<0>, QtPrivate::List<QList<QAction*> const&>, void, void (Konsole::MainWindow::*)(QList<QAction*> const&)>::call (f=(void (Konsole::MainWindow::*)(Konsole::MainWindow * const, const QList<QAction*> &)) 0x7ffc3d533406 <Konsole::MainWindow::profileListChanged(QList<QAction*> const&)>, o=0x1fb06e0, arg=0x7fffebd7e550) at /home/arjun/qt5/qtbase/include/QtCore/qobjectdefs_impl.h:508
> #13 0x00007ffc3d53c2bd in QtPrivate::FunctionPointer<void (Konsole::MainWindow::*)(QList<QAction*> const&)>::call<QtPrivate::List<QList<QAction*> const&>, void> (f=(void (Konsole::MainWindow::*)(Konsole::MainWindow * const, const QList<QAction*> &)) 0x7ffc3d533406 <Konsole::MainWindow::profileListChanged(QList<QAction*> const&)>, o=0x1fb06e0, arg=0x7fffebd7e550) at /home/arjun/qt5/qtbase/include/QtCore/qobjectdefs_impl.h:527
> #14 0x00007ffc3d53b41f in QtPrivate::QSlotObject<void (Konsole::MainWindow::*)(QList<QAction*> const&), QtPrivate::List<QList<QAction*> const&>, void>::impl (which=1, this_=0x1fe42b0, r=0x1fb06e0, a=0x7fffebd7e550, ret=0x0) at /home/arjun/qt5/qtbase/include/QtCore/qobject_impl.h:151
> #15 0x00007ffc3634dcad in QtPrivate::QSlotObjectBase::call (this=0x1fe42b0, r=0x1fb06e0, a=0x7fffebd7e550) at ../../include/QtCore/qobject_impl.h:132
> #16 0x00007ffc3634ae5f in QMetaObject::activate (sender=0x20095b0, signalOffset=3, local_signal_index=1, argv=0x7fffebd7e550) at kernel/qobject.cpp:3666
> #17 0x00007ffc3634a77a in QMetaObject::activate (sender=0x20095b0, m=0x7ffc3d50cb40 <Konsole::ProfileList::staticMetaObject>, local_signal_index=1, argv=0x7fffebd7e550) at kernel/qobject.cpp:3546
> #18 0x00007ffc3d29d755 in Konsole::ProfileList::actionsChanged (this=0x20095b0, _t1=...) at /home/arjun/kde5-build/kde/applications/konsole/src/moc_ProfileList.cpp:173
> #19 0x00007ffc3d22b1ad in Konsole::ProfileList::favoriteChanged (this=0x20095b0, profile=..., isFavorite=true) at /home/arjun/kde5-src/kde/applications/konsole/src/ProfileList.cpp:146
> #20 0x00007ffc3d22c701 in QtPrivate::FunctorCall<QtPrivate::IndexesList<0, 1>, QtPrivate::List<KSharedPtr<Konsole::Profile>, bool>, void, void (Konsole::ProfileList::*)(KSharedPtr<Konsole::Profile>, bool)>::call (f=(void (Konsole::ProfileList::*)(Konsole::ProfileList * const, KSharedPtr<Konsole::Profile>, bool)) 0x7ffc3d22af40 <Konsole::ProfileList::favoriteChanged(KSharedPtr<Konsole::Profile>, bool)>, o=0x20095b0, arg=0x7fffebd7e930) at /home/arjun/qt5/qtbase/include/QtCore/qobjectdefs_impl.h:508
> #21 0x00007ffc3d22c433 in QtPrivate::FunctionPointer<void (Konsole::ProfileList::*)(KSharedPtr<Konsole::Profile>, bool)>::call<QtPrivate::List<KSharedPtr<Konsole::Profile>, bool>, void> (f=(void (Konsole::ProfileList::*)(Konsole::ProfileList * const, KSharedPtr<Konsole::Profile>, bool)) 0x7ffc3d22af40 <Konsole::ProfileList::favoriteChanged(KSharedPtr<Konsole::Profile>, bool)>, o=0x20095b0, arg=0x7fffebd7e930) at /home/arjun/qt5/qtbase/include/QtCore/qobjectdefs_impl.h:527
> #22 0x00007ffc3d22bf91 in QtPrivate::QSlotObject<void (Konsole::ProfileList::*)(KSharedPtr<Konsole::Profile>, bool), QtPrivate::List<KSharedPtr<Konsole::Profile>, bool>, void>::impl (which=1, this_=0x2000240, r=0x20095b0, a=0x7fffebd7e930, ret=0x0) at /home/arjun/qt5/qtbase/include/QtCore/qobject_impl.h:151
> #23 0x00007ffc3634dcad in QtPrivate::QSlotObjectBase::call (this=0x2000240, r=0x20095b0, a=0x7fffebd7e930) at ../../include/QtCore/qobject_impl.h:132
> #24 0x00007ffc3634ae5f in QMetaObject::activate (sender=0x1feec30, signalOffset=3, local_signal_index=3, argv=0x7fffebd7e930) at kernel/qobject.cpp:3666
> #25 0x00007ffc3634a77a in QMetaObject::activate (sender=0x1feec30, m=0x7ffc3d50cb80 <Konsole::ProfileManager::staticMetaObject>, local_signal_index=3, argv=0x7fffebd7e930) at kernel/qobject.cpp:3546
> #26 0x00007ffc3d29dcc4 in Konsole::ProfileManager::favoriteStatusChanged (this=0x1feec30, _t1=..., _t2=true) at /home/arjun/kde5-build/kde/applications/konsole/src/moc_ProfileManager.cpp:200
> #27 0x00007ffc3d23013f in Konsole::ProfileManager::setFavorite (this=0x1feec30, profile=..., favorite=true) at /home/arjun/kde5-src/kde/applications/konsole/src/ProfileManager.cpp:449
> #28 0x00007ffc3d21c428 in Konsole::ManageProfilesDialog::createProfile (this=0x237ad60) at /home/arjun/kde5-src/kde/applications/konsole/src/ManageProfilesDialog.cpp:346
> #29 0x00007ffc3d2223e0 in QtPrivate::FunctorCall<QtPrivate::IndexesList<>, QtPrivate::List<>, void, void (Konsole::ManageProfilesDialog::*)()>::call(void (Konsole::ManageProfilesDialog::*)(), Konsole::ManageProfilesDialog*, void**) (f=(void (Konsole::ManageProfilesDialog::*)(Konsole::ManageProfilesDialog * const)) 0x7ffc3d21c03a <Konsole::ManageProfilesDialog::createProfile()>, o=0x237ad60, arg=0x7fffebd7eda0) at /home/arjun/qt5/qtbase/include/QtCore/qobjectdefs_impl.h:508
>
>
> Arjun Ak wrote:
> Goto settings > manage profile, click on the tick mark
>
> Kurt Hindenburg wrote:
> OK thanks - I wonder if this is just KDE5/KF - have you by any chance tried crashing on KDE 4.x?
>
> Arjun Ak wrote:
> Nope, cant reproduce it in master.
Thanks, it looks like for KDE5/QT5, menu() is now from QMenu * QAction::menu() const
- Kurt
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://git.reviewboard.kde.org/r/119004/#review61384
-----------------------------------------------------------
On June 28, 2014, 7:43 p.m., Arjun Ak wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://git.reviewboard.kde.org/r/119004/
> -----------------------------------------------------------
>
> (Updated June 28, 2014, 7:43 p.m.)
>
>
> Review request for Konsole.
>
>
> Repository: konsole
>
>
> Description
> -------
>
> Submenu of new "newTabMenuAction" is dereferenced in multiple places without first checking whether it is null or not which can lead to a crash, especially since we delete it (https://projects.kde.org/projects/kde/applications/konsole/repository/revisions/c4f7f512f3bbd8235947defc8f3f848244d7ca1b/entry/src/MainWindow.cpp#L422) if there is only one profile to be shown.
>
>
> Diffs
> -----
>
> src/MainWindow.cpp 86d04de
>
> Diff: https://git.reviewboard.kde.org/r/119004/diff/
>
>
> Testing
> -------
>
>
> Thanks,
>
> Arjun Ak
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.kde.org/pipermail/konsole-devel/attachments/20140701/e57343a0/attachment.html>
More information about the konsole-devel
mailing list