https://bugs.kde.org/show_bug.cgi?id=437862
--- Comment #10 from nyanpasu64 <nyanpas...@tuta.io> --- Created attachment 140702 --> https://bugs.kde.org/attachment.cgi?id=140702&action=edit Screenshot of the crash's code and variable viewer in Qt Creator's debugger. Seems `QModelIndex ProcessDataModel::parent(const QModelIndex &index) const` is being passed an index whose internalPointer(), when casted to a KSysGuard::Process *, has a corrupted d-pointer with value 0x21 (close to a nullptr). I made several execution runs with debug statements in libksysguard's Process and ~Process, and found that this happens when a Process is created at addr, freed at addr, and then internalPointer() has value addr + 0x10. I also found crashes where a Process is created at addr, freed at addr, and then proc->parent() has value addr (a dangling pointer) but ProcessDataModel::parent() calls d->getQModelIndex(proc->parent(), 0) anyway. Backtrace at https://gist.github.com/nyanpasu64/0efbf70fc300203700233d1a56488453/raw/2ef75597b717c9dcf945acfa1afcf0e77b7e07d0/gistfile1.txt. I think the bug is that when a system creates a parent process with a child, it's represented as a parent and child Process. And when the parent gets killed before the child, I guess there's a race condition where sometimes the Process::d::parent pointer isn't updated to init by Process::setParent(). I also saw another crash where index.internalPointer() was null: https://gist.githubusercontent.com/nyanpasu64/0efbf70fc300203700233d1a56488453/raw/2ef75597b717c9dcf945acfa1afcf0e77b7e07d0/gistfile2.txt I didn't investigate how this happened though. -- You are receiving this mail because: You are watching all bug changes.
