Differential D24594

[aurorae] Fix crash on KCM teardown with Qt5.14
ClosedPublic
Actions

Authored by davidedmundson on Oct 12 2019, 3:18 PM.

Details

Reviewers

zzag

Group Reviewers

KWin

Commits

R108:446e23af5a5f: [aurorae] Fix crash on KCM teardown with Qt5.14

Summary

Context behaviour subtly changed in Qt5.14 which has exposed some
questionable things in this KCM.

Auorae::Decoration is a context property of the loaded QML.

QObject::~QObject signals it's own deletion before deleting children.
This means the bindings of loaded QML update in particular

aurorae.qml

DecorationOptions {
     id: options
     deco: decoration
 }

DecorationOptions has a pointer to the previously set decoration which
is now dangling, and we crash.

Rather than adding more guards and smart pointers in DecorationOptions,
this patch deletes the QQmlContext before deleting the context
properties that we expose.

It also moves unreferring the shared qmlcontext we inherit from till
after we've deleted the child context, because it didn't make sense.

Test Plan

Opened KCM
Closed the KCM
didn't crash

Diff Detail

Repository

R108 KWin

Lint

Automatic diff as part of commit; lint not applicable.

Unit

Automatic diff as part of commit; unit tests not applicable.

davidedmundson created this revision.Oct 12 2019, 3:18 PM

Restricted Application added a project: KWin. · View Herald TranscriptOct 12 2019, 3:18 PM

Restricted Application added a subscriber: kwin. · View Herald Transcript

davidedmundson requested review of this revision.Oct 12 2019, 3:18 PM

Harbormaster completed remote builds in B17613: Diff 67792.Oct 12 2019, 3:18 PM

Relevant BT:

#0  KCrash::defaultCrashHandler (sig=11) at /home/david/projects/kde5/src/frameworks/kcrash/src/kcrash.cpp:423
#1  <signal handler called>
#2  QScopedPointer<KDecoration2::Decoration::Private, QScopedPointerDeleter<KDecoration2::Decoration::Private> >::operator-> (this=0x10)
    at /opt/qt5/include/QtCore/qscopedpointer.h:118
#3  0x00007fffec8e5f57 in KDecoration2::Decoration::client (this=0x0) at /home/david/projects/kde5/src/kde/workspace/kdecoration/src/decoration.cpp:163
#4  0x00007fffdaaea9e2 in KWin::DecorationOptions::setDecoration (this=0x555555d59e10, decoration=0x0)
    at /home/david/projects/kde5/src/kde/workspace/kwin/plugins/kdecorations/aurorae/src/decorationoptions.cpp:178
#5  0x00007fffdaae53ae in KWin::DecorationOptions::qt_static_metacall (_o=0x555555d59e10, _c=QMetaObject::WriteProperty, _id=0, _a=0x7fffffffaf20)
    at plugins/kdecorations/aurorae/src/decorationplugin_autogen/EWIEGA46WW/moc_decorationoptions.cpp:274
#6  0x00007ffff72f68d3 in QQmlPropertyData::writeProperty (this=0x7fffd401adc8, target=0x555555d59e10, value=0x7fffffffaf98, flags=...)
    at ../../include/QtQml/5.14.0/QtQml/private/../../../../../../../qt5/qtdeclarative/src/qml/qml/qqmlpropertydata_p.h:286
#7  0x00007ffff7370bae in QObjectPointerBinding::write (this=0x555555d6a6f0, result=..., isUndefined=false, flags=...)
    at /home/david/projects/qt5/qtdeclarative/src/qml/qml/qqmlbinding.cpp:697
#8  0x00007ffff7370365 in QQmlNonbindingBinding::doUpdate (this=0x555555d6a6f0, watcher=..., flags=..., scope=...)
    at /home/david/projects/qt5/qtdeclarative/src/qml/qml/qqmlbinding.cpp:250
#9  0x00007ffff736e07d in QQmlBinding::update (this=0x555555d6a6f0, flags=...) at /home/david/projects/qt5/qtdeclarative/src/qml/qml/qqmlbinding.cpp:186
#10 0x00007ffff736f0cd in QQmlBinding::expressionChanged (this=0x555555d6a6f0) at /home/david/projects/qt5/qtdeclarative/src/qml/qml/qqmlbinding.cpp:531
#11 0x00007ffff7366931 in QQmlJavaScriptExpressionGuard_callback (e=0x555555c62e78) at /home/david/projects/qt5/qtdeclarative/src/qml/qml/qqmljavascriptexpression.cpp:417
#12 0x00007ffff73451c6 in QQmlNotifier::emitNotify (endpoint=0x0, a=0x0) at /home/david/projects/qt5/qtdeclarative/src/qml/qml/qqmlnotifier.cpp:104
#13 0x00007ffff72dce16 in QQmlData::signalEmitted (object=0x555555d60f50, index=3, a=0x0) at /home/david/projects/qt5/qtdeclarative/src/qml/qml/qqmlengine.cpp:858
#14 0x00007ffff4fbeef6 in doActivate<false> (sender=0x555555d60f50, signal_index=3, argv=0x0) at /home/david/projects/qt5/qtbase/src/corelib/kernel/qobject.cpp:3762
#15 0x00007ffff4fb8e8f in QMetaObject::activate (sender=0x555555d60f50, signalOffset=3, local_signal_index=0, argv=0x0)
    at /home/david/projects/qt5/qtbase/src/corelib/kernel/qobject.cpp:3943
#16 0x00007ffff7302244 in QQmlContextPrivate::dropDestroyedQObject (this=0x555555d5cef0, name=..., destroyed=0x555555d6ff10)
    at /home/david/projects/qt5/qtdeclarative/src/qml/qml/qqmlcontext.cpp:541
#17 0x00007ffff73013d1 in QQmlContext::<lambda(QObject*)>::operator()(QObject *) const (__closure=0x555555d6f4e0, destroyed=0x555555d6ff10)
    at /home/david/projects/qt5/qtdeclarative/src/qml/qml/qqmlcontext.cpp:323
#18 0x00007ffff7303b71 in QtPrivate::FunctorCall<QtPrivate::IndexesList<0>, QtPrivate::List<QObject*>, void, QQmlContext::setContextProperty(const QString&, const QVariant&)::<lambda(QObject*)> >::call(QQmlContext::<lambda(QObject*)> &, void **) (f=..., arg=0x7fffffffcee0)
    at /home/david/projects/qt5-build/qtbase/include/QtCore/../../../../qt5/qtbase/src/corelib/kernel/qobjectdefs_impl.h:146
#19 0x00007ffff7303b32 in QtPrivate::Functor<QQmlContext::setContextProperty(const QString&, const QVariant&)::<lambda(QObject*)>, 1>::call<QtPrivate::List<QObject*>, void>(QQmlContext::<lambda(QObject*)> &, void *, void **) (f=..., arg=0x7fffffffcee0)
    at /home/david/projects/qt5-build/qtbase/include/QtCore/../../../../qt5/qtbase/src/corelib/kernel/qobjectdefs_impl.h:256
#20 0x00007ffff7303b00 in QtPrivate::QFunctorSlotObject<QQmlContext::setContextProperty(const QString&, const QVariant&)::<lambda(QObject*)>, 1, QtPrivate::List<QObject*>, void>::impl(int, QtPrivate::QSlotObjectBase *, QObject *, void **, bool *) (which=1, this_=0x555555d6f4d0, r=0x555555d60f50, a=0x7fffffffcee0, ret=0x0)
    at /home/david/projects/qt5-build/qtbase/include/QtCore/../../../../qt5/qtbase/src/corelib/kernel/qobjectdefs_impl.h:439
--Type <RET> for more, q to quit, c to continue without paging--
#21 0x00007ffff4f7dbb1 in QtPrivate::QSlotObjectBase::call (this=0x555555d6f4d0, r=0x555555d60f50, a=0x7fffffffcee0)
    at ../../include/QtCore/../../../../qt5/qtbase/src/corelib/kernel/qobjectdefs_impl.h:394
#22 0x00007ffff4fbf440 in doActivate<false> (sender=0x555555d6ff10, signal_index=0, argv=0x7fffffffcee0) at /home/david/projects/qt5/qtbase/src/corelib/kernel/qobject.cpp:3870
#23 0x00007ffff4fb8e1d in QMetaObject::activate (sender=0x555555d6ff10, m=0x7ffff5341c20 <QObject::staticMetaObject>, local_signal_index=0, argv=0x7fffffffcee0)
    at /home/david/projects/qt5/qtbase/src/corelib/kernel/qobject.cpp:3930
#24 0x00007ffff4fbbcb2 in QObject::destroyed (this=0x555555d6ff10, _t1=0x555555d6ff10) at .moc/moc_qobject.cpp:219
#25 0x00007ffff4fb1c2c in QObject::~QObject (this=0x555555d6ff10, __in_chrg=<optimized out>) at /home/david/projects/qt5/qtbase/src/corelib/kernel/qobject.cpp:1017
#26 0x00007fffec8e5ebd in KDecoration2::Decoration::~Decoration (this=0x555555d6ff10) at /home/david/projects/kde5/src/kde/workspace/kdecoration/src/decoration.cpp:154
#27 0x00007fffdbd61d4c in Aurorae::Decoration::~Decoration (this=0x555555d6ff10)
    at /home/david/projects/kde5/src/kde/workspace/kwin/plugins/kdecorations/aurorae/src/aurorae.cpp:280
#28 0x00007fffdbd61d79 in Aurorae::Decoration::~Decoration (this=0x555555d6ff10)
    at /home/david/projects/kde5/src/kde/workspace/kwin/plugins/kdecorations/aurorae/src/aurorae.cpp:268
#29 0x00007ffff4fba887 in qDeleteInEventHandler (o=0x555555d6ff10) at /home/david/projects/qt5/qtbase/src/corelib/kernel/qobject.cpp:4784
#30 0x00007ffff4fb2464 in QObject::event (this=0x555555d6ff10, e=0x5555556a5a00) at /home/david/projects/qt5/qtbase/src/corelib/kernel/qobject.cpp:1326
#31 0x00007fffec8e6e5d in KDecoration2::Decoration::event (this=0x555555d6ff10, event=0x5555556a5a00)
    at /home/david/projects/kde5/src/kde/workspace/kdecoration/src/decoration.cpp:306
#32 0x00007ffff5d59315 in QApplicationPrivate::notify_helper (this=0x55555557da10, receiver=0x555555d6ff10, e=0x5555556a5a00)
    at /home/david/projects/qt5/qtbase/src/widgets/kernel/qapplication.cpp:3690
#33 0x00007ffff5d56669 in QApplication::notify (this=0x7fffffffdf78, receiver=0x555555d6ff10, e=0x5555556a5a00)
    at /home/david/projects/qt5/qtbase/src/widgets/kernel/qapplication.cpp:3036
#34 0x00007ffff4f6bc5f in QCoreApplication::notifyInternal2 (receiver=0x555555d6ff10, event=0x5555556a5a00)
    at /home/david/projects/qt5/qtbase/src/corelib/kernel/qcoreapplication.cpp:1092
#35 0x00007ffff4f6c66c in QCoreApplication::sendEvent (receiver=0x555555d6ff10, event=0x5555556a5a00)
    at /home/david/projects/qt5/qtbase/src/corelib/kernel/qcoreapplication.cpp:1487
#36 0x00007ffff4f6d28e in QCoreApplicationPrivate::sendPostedEvents (receiver=0x0, event_type=52, data=0x555555574630)
    at /home/david/projects/qt5/qtbase/src/corelib/kernel/qcoreapplication.cpp:1832
#37 0x00007ffff4f6cbda in QCoreApplication::sendPostedEvents (receiver=0x0, event_type=52) at /home/david/projects/qt5/qtbase/src/corelib/kernel/qcoreapplication.cpp:1691
#38 0x00007ffff4f6c59d in QCoreApplicationPrivate::execCleanup (this=0x55555557da10) at /home/david/projects/qt5/qtbase/src/corelib/kernel/qcoreapplication.cpp:1422
#39 0x00007ffff4f6c4f2 in QCoreApplication::exec () at /home/david/projects/qt5/qtbase/src/corelib/kernel/qcoreapplication.cpp:1404
#40 0x00007ffff54a17e0 in QGuiApplication::exec () at /home/david/projects/qt5/qtbase/src/gui/kernel/qguiapplication.cpp:1845
#41 0x00007ffff5d55e9f in QApplication::exec () at /home/david/projects/qt5/qtbase/src/widgets/kernel/qapplication.cpp:2836
#42 0x00007ffff7fb9b81 in kdemain (_argc=2, _argv=0x7fffffffe0a8) at /home/david/projects/kde5/src/kde/workspace/kde-cli-tools/kcmshell/main.cpp:328
#43 0x0000555555555192 in main (argc=2, argv=0x7fffffffe0a8) at kcmshell/kcmshell5_dummy.cpp:3



(gdb) frame 9

(gdb) print this->expressionIdentifier()   
(Qt5 QString)0xffffa2d0 length=52: "file:///opt/kde5/share/kwin/aurorae/aurorae.qml:41:9"

zzag accepted this revision.Oct 14 2019, 8:38 AM

This revision is now accepted and ready to land.Oct 14 2019, 8:38 AM

Closed by commit R108:446e23af5a5f: [aurorae] Fix crash on KCM teardown with Qt5.14 (authored by davidedmundson). · Explain WhyOct 15 2019, 11:41 AM

This revision was automatically updated to reflect the committed changes.

Revision Contents
Changeset List

			Path	Packages
M			plugins/kdecorations/aurorae/src/aurorae.h (4 lines)
M			plugins/kdecorations/aurorae/src/aurorae.cpp (18 lines)

Diff	ID	Base	Description	Created	Lint	Unit
Base			Base
Diff 1	67792	81c7330		Oct 12 2019, 3:18 PM	★	★
Diff 2	67965	82f4e03	R108:446e23af5a5fc1ff432b2435fd24da9bff537331	Oct 15 2019, 11:40 AM	★	★

[aurorae] Fix crash on KCM teardown with Qt5.14ClosedPublicActions

Details

Diff Detail

Revision ContentsChangeset List

Diff 67965

plugins/kdecorations/aurorae/src/aurorae.h

plugins/kdecorations/aurorae/src/aurorae.cpp

[aurorae] Fix crash on KCM teardown with Qt5.14
ClosedPublic
Actions

Revision Contents
Changeset List