Bug#741564: libkio5: libkio : segmentation fault caused by KFileItemDelegate

[Paul Chavent <paul.chavent@fnac.net>]

On 03/14/2014 11:58 AM, Maximiliano Curia wrote:
> In article <532237B1.8030603__30393.1409529925$1394751274$gmane$org@fnac.net> you wrote:
> > Some precisions.
>
> > The SIGSEGV arise when we hover mouse on files in the file chooser dialog.
>
> > The problems seems to be that KFileItemDelegate::paint ask for a state with
> > d->animationState(...) and get a state that can have been deleted meanwhile
> > (see kio/kio/kfileitemdelegate.cpp:~1271).
>
> > Indeed, DelegateAnimationHandler::animationState (in
> > kio/kio/delegateanimationhandler.cpp:~330) calls setSequenceIndex(0) which
> > has the effect of finally call DelegateAnimationHandler::runAnimations and
> > delete state (in kio/kio/delegateanimationhandler.cpp:~440).
>
> Interesting, can you check if this bug is still present in kde4.12.3 (it's
> currently available in experimental), and if so, report it upstream? Also, if
> you seem to be quite close the produce a patch, which may attract more eyes.
I've only checked by code review, and yes the suspicious code seems unchanged in the current git tree.

I've filled a report on the kde bug tracker : https://bugs.kde.org/show_bug.cgi?id=332132

I can write a patch that workaround the problem, but I'm not sure to find the solution the authors of this code would imagine.

> In any case, the "backtrace" that you provide could be improved adding the
> corresponding states to the involved variables, so even someone foreing to
> this code (like myself), can understand somthing like why is that state is not
> forward and not valid.
I won't be able to use the monitor features of gdb since the bug disappear if i attach to the process.

However i can add printf traces and still reproduce the bug. Is it what you mean ?

> Thanks,

Cheers.