[plasmashell] [Bug 472378] Plasma Shell crash when unpinning taskbar shortcut

Will Mon, 24 Jul 2023 23:11:06 -0700

https://bugs.kde.org/show_bug.cgi?id=472378


Will <tcosproje...@gmail.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
           Assignee|plasma-b...@kde.org         |tcosproje...@gmail.com
             Status|REPORTED                    |CONFIRMED
     Ever confirmed|0                           |1

--- Comment #1 from Will <tcosproje...@gmail.com> ---
I've created a test case to reliably reproduce this issue and am preparing a
merge request with the fix

As a launcher is removed by url, the ref count decreases until it is
deallocated, but the url can be used after free when attempting a remove from
appCacheData. 

The issue occurs at launchertasksmodel.cpp:257

launchersOrder.removeAt(row); // Removes one reference, this is the same as
'launcher'
activitiesForLauncher.remove(url); // Can remove last reference if url ==
launcher and it is not present in appDataCache
appDataCache.remove(launcher); // Uses free'd launcher and crashes

-- 
You are receiving this mail because:
You are watching all bug changes.

[plasmashell] [Bug 472378] Plasma Shell crash when unpinning taskbar shortcut

Reply via email to