449382 – kde-misc/kdiff3 - null pointer dereference in XQueryExtension (dpy, ...) on closing kdiff3

Bug 449382 - kde-misc/kdiff3 - null pointer dereference in XQueryExtension (dpy, ...) on closing kdiff3

Summary: kde-misc/kdiff3 - null pointer dereference in XQueryExtension (dpy, ...) on c...

Status:	RESOLVED CANTFIX

Alias:	None

Product:	Gentoo Linux
Classification:	Unclassified
Component:	[OLD] KDE (show other bugs)
Hardware:	All Linux

Importance:	Normal normal (vote)
Assignee:	Gentoo KDE team

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2012-12-31 00:45 UTC by Daniel Santos
Modified:	2013-01-04 03:58 UTC (History)
CC List:	1 user (show)

See Also:	https://bugs.kde.org/show_bug.cgi?id=312417
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Daniel Santos 2012-12-31 00:45:48 UTC

When running any KDE app (kdiff3 in this case), I get a segfault when closing it. This would appear to be some type of upstream bug with 4.8.4, but it can be nvidia drivers or local stuff as well.  Here's the backtrace.  dpy is NULL and we're de-referencing it.  It gets it this way from libGL.so (NVidia's closed source bullshit), but I haven't yet determined rather or not (as I suspect) that QT is passing it that way (from QGLContext::makeCurrent).  Please note the following local (unsupported) conditions: I've built my system with gcc 4.7.2 and my NVidia drivers with -O3 (see emerge --info bellow for details).

#0  XQueryExtension (dpy=dpy@entry=0x0, name=name@entry=0x7fffe9e12394 "GLX", major_opcode=major_opcode@entry=0x7fffffffd084, first_event=first_event@entry=0x7fffffffd088, 
    first_error=first_error@entry=0x7fffffffd08c) at /usr/src/debug/x11-libs/libX11-1.5.0/libX11-1.5.0/src/QuExt.c:43
#1  0x00007ffff3f10a82 in XInitExtension (dpy=dpy@entry=0x0, name=name@entry=0x7fffe9e12394 "GLX") at /usr/src/debug/x11-libs/libX11-1.5.0/libX11-1.5.0/src/InitExt.c:47
#2  0x00007ffff0685a56 in XextAddDisplay (extinfo=0x750cf0, dpy=0x0, ext_name=0x7fffe9e12394 "GLX", hooks=0x7fffea0412e0, nevents=<optimized out>, data=0x0)
    at /usr/src/debug/x11-libs/libXext-1.3.1/libXext-1.3.1/src/extutil.c:110
#3  0x00007fffe9dd4467 in ?? () from /usr/lib64/libGL.so.1
#4  0x00007fffe9dd4cca in ?? () from /usr/lib64/libGL.so.1
#5  0x00007fffe9dd538a in ?? () from /usr/lib64/libGL.so.1
#6  0x00007fffe9dd6749 in ?? () from /usr/lib64/libGL.so.1
#7  0x00007fffea11eee9 in QGLContext::makeCurrent (this=0xd1c370) at qgl_x11.cpp:934
#8  0x00007fffea0f9a3a in QGLShareContextScope (ctx=0xd1c370, this=<synthetic pointer>) at ../../src/opengl/qgl_p.h:493
#9  ~QGLContextGroupResource (this=0xd325f0, __in_chrg=<optimized out>) at ../../src/opengl/qgl_p.h:768
#10 QGLContextGroupResource<QGLEngineSharedShaders>::~QGLContextGroupResource (this=0xd325f0, __in_chrg=<optimized out>) at ../../src/opengl/qgl_p.h:772
#11 0x00007ffff595232a in QThreadStorageData::finish (p=0x6ba6c8) at thread/qthreadstorage.cpp:203
#12 0x00007ffff5a53b8f in QCoreApplicationPrivate::~QCoreApplicationPrivate (this=0x6e8a40, __in_chrg=<optimized out>) at kernel/qcoreapplication.cpp:470
#13 0x00007ffff6497b29 in QApplicationPrivate::~QApplicationPrivate (this=0x6e8a40, __in_chrg=<optimized out>) at kernel/qapplication.cpp:226
#14 0x00007ffff5a6747c in cleanup (pointer=<optimized out>) at ../../src/corelib/tools/qscopedpointer.h:62
#15 ~QScopedPointer (this=0x7fffffffd588, __in_chrg=<optimized out>) at ../../src/corelib/tools/qscopedpointer.h:100
#16 QObject::~QObject (this=0x7fffffffd580, __in_chrg=<optimized out>) at kernel/qobject.cpp:816
#17 0x00007ffff64a1b01 in QApplication::~QApplication (this=0x7fffffffd580, __in_chrg=<optimized out>) at kernel/qapplication.cpp:1098
#18 0x00000000004248b6 in main (argc=<optimized out>, argv=<optimized out>) at /usr/src/debug/kde-misc/kdiff3-0.9.97-r1/kdiff3-0.9.97/src-QT4/main.cpp:266



$ emerge --info kde-misc/kdiff3 $(qlist -IC 'x11-libs/qt') x11-libs/libX11 x11-drivers/nvidia-drivers

Portage 2.1.11.31 (default/linux/amd64/10.0/desktop, gcc-4.7.2, glibc-2.15-r3, 3.6.11-gentoo x86_64)
=================================================================
                        System Settings
=================================================================
System uname: Linux-3.6.11-gentoo-x86_64-AMD_Phenom-tm-_9850_Quad-Core_Processor-with-gentoo-2.1
Timestamp of tree: Fri, 28 Dec 2012 05:30:01 +0000
ld GNU ld (GNU Binutils) 2.22
distcc 3.1 x86_64-pc-linux-gnu [disabled]
ccache version 3.1.8 [enabled]
app-shells/bash:          4.2_p37
dev-java/java-config:     2.1.11-r3
dev-lang/python:          2.7.3-r2, 3.2.3
dev-util/ccache:          3.1.8
dev-util/cmake:           2.8.9
dev-util/pkgconfig:       0.27.1
sys-apps/baselayout:      2.1-r1
sys-apps/openrc:          0.11.8
sys-apps/sandbox:         2.5
sys-devel/autoconf:       2.13, 2.69
sys-devel/automake:       1.9.6-r3, 1.11.6
sys-devel/binutils:       2.22-r1
sys-devel/gcc:            3.4.6-r2, 4.0.4, 4.1.2, 4.2.4-r1, 4.3.6-r1, 4.4.7, 4.5.4, 4.6.3, 4.7.2
sys-devel/gcc-config:     1.7.3
sys-devel/libtool:        2.4-r1
sys-devel/make:           3.82-r4
sys-kernel/linux-headers: 3.6 (virtual/os-headers)
sys-libs/glibc:           2.15-r3
Repositories: gentoo zugaina sunrise proaudio java-overlay gamerlay arx-libertatis x-portage
ACCEPT_KEYWORDS="amd64"
ACCEPT_LICENSE="* -@EULA dlj-1.1 sun-bcla-java-vm googleearth AdobeFlash-10 AdobeFlash-10.1 PUEL google-talkplugin Oracle-BCLA-JavaSE AdobeFlash-10.3 LOKI-EULA"
CBUILD="x86_64-pc-linux-gnu"
CFLAGS="-march=native -O2 -ggdb"
CHOST="x86_64-pc-linux-gnu"
CONFIG_PROTECT="/etc /usr/share/config /usr/share/gnupg/qualified.txt /var/lib/hsqldb"
CONFIG_PROTECT_MASK="${EPREFIX}/etc/gconf /etc/ca-certificates.conf /etc/dconf /etc/env.d /etc/env.d/java/ /etc/fonts/fonts.conf /etc/games/angband/edit/ /etc/gconf /etc/gentoo-release /etc/revdep-rebuild /etc/sandbox.d /etc/splash /etc/terminfo /etc/texmf/language.dat.d /etc/texmf/language.def.d /etc/texmf/updmap.d /etc/texmf/web2c"
CXXFLAGS="-march=native -O2 -ggdb"
DISTDIR="/usr/portage/distfiles"
EMERGE_DEFAULT_OPTS="-j2"
FCFLAGS="-O2 -pipe"
FEATURES="assume-digests binpkg-logs buildpkg candy ccache config-protect-if-modified distlocks ebuild-locks fixlafiles installsources merge-sync news parallel-fetch protect-owned sandbox sfperms splitdebug strict unknown-features-warn unmerge-logs unmerge-orphans userfetch userpriv usersandbox xattr"
FFLAGS="-O2 -pipe"
GENTOO_MIRRORS="http://gentoo.cites.uiuc.edu/pub/gentoo/ http://chi-10g-1-mirror.fastsoft.net/pub/linux/gentoo/gentoo-distfiles/ http://gentoo.osuosl.org/ http://www.gtlib.gatech.edu/pub/gentoo ftp://gentoo.cites.uiuc.edu/pub/gentoo/ http://gentoo.mirrors.tds.net/gentoo http://gentoo.netnitco.net http://gentoo.llarian.net/ ftp://chi-10g-1-mirror.fastsoft.net/pub/linux/gentoo/gentoo-distfiles/ http://mirror.lug.udel.edu/pub/gentoo/"
LANG="en_US.UTF-8"
LDFLAGS="-Wl,-O1 -Wl,--as-needed"
MAKEOPTS="-j4"
PKGDIR="/usr/portage/packages"
PORTAGE_COMPRESS="bzip2"
PORTAGE_COMPRESS_FLAGS="-9"
PORTAGE_CONFIGROOT="/"
PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --human-readable --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages --exclude '/lost+found'"
PORTAGE_TMPDIR="/tmp"
PORTDIR="/usr/portage"
PORTDIR_OVERLAY="/var/lib/layman/zugaina /var/lib/layman/sunrise /var/lib/layman/pro-audio /var/lib/layman/java-overlay /var/lib/layman/gamerlay /var/lib/layman/arx-libertatis /usr/local/portage"
SYNC="rsync://rsync.gentoo.org/gentoo-portage"
USE="3dnow 3dnowext 3ds 64bit 7zip X Xaw3d a52 aac aacs aalib acl acpi adns aim aio akode alsa amd64 amr ao aotuv apache2 applet ares arts asn async attica audacious audiofile authdaemond authfile autoipd automount avahi bash-completion bazaar berkdb bidi binfilter bittorrent bl bluetooth bluray bonjour boost branding bs2b bsf bugzilla bzip2 c3p0 cairo calendar caps ccache cdaudio cdb cdda cddb cdparanoia cdr cegui celt cg cgi chm cjk cleartype cli clucene cmake commons-digester console consolekit contrib corefonts cpufreq cpulimit cracklib crypt cscope css cuda cups curl curlwrappers cvs cxx dbus declarative dedicated development devil dga dirac directfb divx djbfft djvu dmx dns dolby-record-switch dot dri dssi dtmf dts dv dvb dvd dvdr ebook editor eds eigen emboss emoticon encode enscript esd excel exif expat extraicons faac faad fam fasttrack fat fax fbcon ffmpeg fftw firefox fits flac flash fltk fluidsynth fmod font-server fontconfig fontforge foomaticdb fortran fping fpx freesound frei0r ftp fuse fusion gadu gcj gconf gd gdbm geoip geos ggi gif gimp ginac git glib glitz glut gmedia gmp gmtfull gnokii gnome gnome-keyring gnutella gpg gphoto2 gpm gps graphviz gs gsl gsm gstreamer gtalk gtk gtk3 gzip h224 h281 h323 hal hbci hddtemp html htmlhandbook httpd hwmixer icecast iceweasel iconv icq icu id3 id3tag idn ieee1394 ilbc imagemagick imap imlib inifile inotify ios ipv6 irc irda irrlicht jabber jack jackmidi jadetex java java5 java6 javascript jbig jce jingle jmx joystick jpeg jpeg2k kate kde kdrive kerberos kontact kpathsea ladspa lame lash latex lcms ldap libcaca libnotify libsamplerate libv4l libvisual libwww lirc live lm_sensors log4j logitech-mouse lto lua lv2 lzma lzo mad maildir maps math matroska md5sum meanwhile mercurial midi mikmod mime mjpeg mmap mmkeys mmx mmxext mng modperl modplug modules motif mouse mozdevelop mozilla mp2 mp3 mp4 mp4live mpeg mpeg2 mpi mplayer msn mtp mudflap multicall multilib multitarget musepack music musicbrainz mysql mysqli mythtv nas nautilus ncurses net netjack network networkmanager nfs njb nls nntp nptl nsplugin nss ntfsprogs ntp nvidia nvtv ode odk offensive ofx ogg ogm ogre okteta okular openal opencl openexr opengl openmp openxml oscar otr pam pango pcntl pcre pda pdf perl phonon php pidgin player plotutils png policykit portaudio posix postproc ppds pppd projectm pulseaudio python qalculate qos qq qt3support qt4 qthelp quicktime quotes radio rar raw readline remote rrdcgi rss rtc rtmp ruby samba sametime sasl scanner schroedinger sdl sdl-image sdl-sound semantic-desktop sensord session sharedext silc sip sipim skype slp smbsharemodes smp sms smtp sndfile snmp soap sockets sound speex spell sql sqlite sqlite3 srtp srvdir sse sse2 sse3 ssh ssl startup-notification static-libs stl stream subtitles subversion suexec svg swig syslog sysvipc t1lib taglib tagwriting tcl tcpd telnet test tga theora threads thumbnail tidy tiff timidity tinyxml tk tokenizer tools transcode translator trayicon truetype tse3 twolame type3 udev udisks unicode upnp upower urandom usb userlocales utils v4l v4l2 vaapi valgrind vcd vdpau vdr vhosts video videos vim-syntax vim-with-x visualization vlc vnc vorbis vorbis-psy vpx vst vxml wav wavpack webdav webkit wifi wma wmf wxwidgets wxwindows x264 x264-static xanim xattr xcap xcb xcomposite xface xforms xft xine xinerama xinetd xml xmlreader xmlrpc xmlwriter xpm xprint xrandr xscreensaver xsl xulrunner xv xvid xvmc yaepg yahoo yv12 zeroconf zip zlib" ALSA_CARDS="hdsp emu10k1 hda-intel" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic auth_digest authn_alias authn_dbd authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache dav dav_fs dav_lock dbd deflate dir disk_cache dumpio env expires ext_filter file_cache filter headers ident imagemap include info log_config log_forensic logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias substitute" CALLIGRA_FEATURES="kexi words flow plan sheets stage tables krita karbon braindump" CAMERAS="ptp2" COLLECTD_PLUGINS="df interface irq load memory rrdtool swap syslog" ELIBC="glibc" FOO2ZJS_DEVICES="hpp1006" GPSD_PROTOCOLS="ashtech aivdm earthmate evermore fv18 garmin garmintxt gpsclock itrax mtk3301 nmea ntrip navcom oceanserver oldstyle oncore rtcm104v2 rtcm104v3 sirf superstar2 timing tsip tripmate tnt ubx" INPUT_DEVICES="keyboard mouse joystick evdev wacom" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LIBREOFFICE_EXTENSIONS="presenter-console presenter-minimizer nlpsolver pdfimport scripting-beanshell scripting-javascript wiki-publisher" LINGUAS="en_US en" PHP_TARGETS="php5-3" PYTHON_SINGLE_TARGET="python2_7" PYTHON_TARGETS="python2_7 python3_2" RUBY_TARGETS="ruby18 ruby19" USERLAND="GNU" VIDEO_CARDS="nvidia radeon" XTABLES_ADDONS="quota2 psd pknock lscan length2 ipv4options ipset ipp2p iface geoip fuzzy condition tee tarpit sysrq steal rawnat logmark ipmark dhcpmac delude chaos account"
Unset:  CPPFLAGS, CTARGET, INSTALL_MASK, LC_ALL, PORTAGE_BUNZIP2_COMMAND, PORTAGE_RSYNC_EXTRA_OPTS, USE_PYTHON

=================================================================
                        Package Settings
=================================================================

kde-misc/kdiff3-0.9.97-r1 was built with the following:
USE="handbook kde (multilib) (-aqua) -debug" LINGUAS="-ar -bg -br -bs -ca -ca@valencia -cs -cy -da -de -el -en_GB -eo -es -et -fr -ga -gl -hi -hne -hr -hu -is -it -ja -ka -lt -mai -ml -nb -nds -nl -nn -pl -pt -pt_BR -ro -ru -rw -sk -sv -ta -tg -tr -ug -uk -zh_CN -zh_TW"


x11-libs/qt-assistant-4.8.4 was built with the following:
USE="doc exceptions glib (multilib) qt3support webkit (-aqua) -c++0x -compat -debug -pch -trace"


x11-libs/qt-core-4.8.4 was built with the following:
USE="exceptions glib iconv icu (multilib) qt3support ssl (-aqua) -c++0x -debug -pch"


x11-libs/qt-dbus-4.8.4 was built with the following:
USE="exceptions (multilib) (-aqua) -c++0x -debug -pch"


x11-libs/qt-declarative-4.8.4 was built with the following:
USE="accessibility exceptions (multilib) qt3support webkit (-aqua) -c++0x -debug -pch"


x11-libs/qt-gui-4.8.4 was built with the following:
USE="accessibility cups dbus exceptions gif glib gtkstyle mng (multilib) nas qt3support tiff xinerama xv (-aqua) -c++0x -debug -egl -nis -pch -trace"


x11-libs/qt-multimedia-4.8.4 was built with the following:
USE="alsa exceptions (multilib) (-aqua) -c++0x -debug -pch"


x11-libs/qt-opengl-4.8.4 was built with the following:
USE="exceptions (multilib) qt3support (-aqua) -c++0x -debug -egl -pch"


x11-libs/qt-qt3support-4.8.4 was built with the following:
USE="accessibility exceptions (multilib) (-aqua) -c++0x -debug -pch"


x11-libs/qt-script-4.8.4 was built with the following:
USE="exceptions iconv (multilib) (-aqua) -c++0x -debug (-jit) -pch"


x11-libs/qt-sql-4.8.4 was built with the following:
USE="exceptions (multilib) mysql qt3support sqlite (-aqua) -c++0x -debug -firebird -freetds -oci8 -odbc -pch -postgres"


x11-libs/qt-svg-4.8.4 was built with the following:
USE="accessibility exceptions (multilib) (-aqua) -c++0x -debug -pch"


x11-libs/qt-test-4.8.4 was built with the following:
USE="exceptions (multilib) (-aqua) -c++0x -debug -pch"


x11-libs/qt-webkit-4.8.4 was built with the following:
USE="exceptions gstreamer icu jit (multilib) (-aqua) -debug -pch"


x11-libs/qt-xmlpatterns-4.8.4 was built with the following:
USE="(multilib) (-aqua) -c++0x -debug -pch"


x11-libs/libX11-1.5.0 was built with the following:
USE="ipv6 (multilib) static-libs -doc -test"


x11-drivers/nvidia-drivers-310.19 was built with the following:
USE="X acpi (multilib) tools -pax_kernel"
CFLAGS="-march=native -O3 -ggdb"
CXXFLAGS="-march=native -O3 -ggdb"

Comment 1 Daniel Santos 2012-12-31 01:22:15 UTC

OK, I did verify that the null pointer is passed to glXMakeCurrent() implementation from QGLContext::makeCurrent() (the result of "xinfo->display()").  I'll probably build x11-libs/qt-opengl-4.8.4 with "-O0 -g3" to see if I can figure out what the hell it's doing and check upstream as well.

Comment 2 Daniel Santos 2012-12-31 04:16:42 UTC

Changing bug title. I got it to crash once on another KDE app, but not since then (and I forgot which one it crashed on). I also missed this important output prior to the crash:

kdiff3(30330)/kparts KParts::Part::~Part: deleting widget KDiff3App(0xb1e9a0, name = "KDiff3App") "KDiff3App"
X Error: BadMatch (invalid parameter attributes) 8
  Extension:    152 (Uknown extension)
  Minor opcode: 5 (Unknown request)
  Resource id:  0x5400017
QGLContext::makeCurrent(): Failed.

This occurs prior to the call to QGLContext::makeCurrent() that actually causes the crash so it looks like, in addition, we have a problem of not properly responding to an error condition.

Comment 3 Daniel Santos 2012-12-31 05:29:10 UTC

ok, I opened an upstream bug: https://bugs.kde.org/show_bug.cgi?id=312417

Comment 4 Daniel Santos 2012-12-31 20:44:26 UTC

Here is a work-around:

QT_GRAPHICSSYSTEM=raster kdiff3

This tells QT to use an alternate rendering system (other than opengl).

Comment 5 Jekyll Wu 2013-01-03 16:45:45 UTC

So you are using the opengl graphics system ? That is still experimental AFAIK.

Comment 6 Davide Pesavento (RETIRED) gentoo-dev

2013-01-04 00:01:23 UTC

(In reply to comment #5)
> So you are using the opengl graphics system ? That is still experimental
> AFAIK.

Yep, the opengl graphicssystem is experimental and completely unsupported, in fact it doesn't work at all for me.

Comment 7 Daniel Santos 2013-01-04 03:17:14 UTC

(In reply to comment #5)
> So you are using the opengl graphics system ? That is still experimental
> AFAIK.

Correct, I was using "eselect qtgraphicssystem set opengl" with the 310.19 nvidia closed-source driver. This was actually the only problem I've had using it, although I haven't yet attempted to launch the full KDE desktop using it (just running various KDE apps from Gnome).

Comment 8 Davide Pesavento (RETIRED) gentoo-dev

2013-01-04 03:58:20 UTC

Closing as CANTFIX because the opengl graphicssystem is known to be broken in several ways and upstream (i.e. qt devs) don't care enough and they will probably never fix the bugs.

I also recommend closing the bugs.kde.org report you opened, because this is not a kdiff3 issue.