309093 – code folding crash

Bug 309093 - code folding crash

Summary: code folding crash

Status:	RESOLVED FIXED

Alias:	None

Product:	kate
Classification:	Applications
Component:	folding (show other bugs)
Version:	unspecified
Platform:	Debian testing Linux

Importance:	VHI crash
Target Milestone:	---
Assignee:	KWrite Developers

URL:
Keywords:

Depends on:
Blocks:

Reported:	2012-10-27 12:09 UTC by Joseph Wenninger
Modified:	2012-10-28 17:32 UTC (History)
CC List:	1 user (show)

See Also:
Latest Commit:	http://commits.kde.org/kate/a6007b4f26f95ef8e00381853ce30b6e7177236a
Version Fixed In:

Attachments
file to reproduce crash (31.32 KB, text/x-c++src) 2012-10-27 12:10 UTC, Joseph Wenninger	Details
View All Add an attachment

Note You need to log in before you can comment on or make changes to this bug.

Description Joseph Wenninger 2012-10-27 12:09:33 UTC

Application: kate (3.8.4)
KDE Platform Version: 4.8.4 (4.8.4)
Qt Version: 4.8.2
Operating System: Linux 3.2.0-3-amd64 x86_64
Distribution: Debian GNU/Linux testing (wheezy)

-- Information about the crash:
In the file I'm going to attach, do a selection from line 94 (before the "if" to line 97 directly before the "if", hit backspace -> crash 100% reproducable for me

The crash can be reproduced every time.

-- Backtrace:
Application: Kate (kate), signal: Aborted
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
[Current thread is 1 (Thread 0x7f099670d760 (LWP 9178))]

Thread 5 (Thread 0x7f09783a6700 (LWP 9184)):
#0  0x00007f099016b62e in __pthread_mutex_unlock_usercnt (mutex=0x2741c00, decr=<optimized out>) at pthread_mutex_unlock.c:52
#1  0x00007f098eb14451 in g_mutex_unlock () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#2  0x00007f098ead85d5 in ?? () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#3  0x00007f098ead8744 in g_main_context_iteration () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#4  0x00007f0993116296 in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib/x86_64-linux-gnu/libQtCore.so.4
#5  0x00007f09930e68af in QEventLoop::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib/x86_64-linux-gnu/libQtCore.so.4
#6  0x00007f09930e6b38 in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib/x86_64-linux-gnu/libQtCore.so.4
#7  0x00007f0992fe9d70 in QThread::exec() () from /usr/lib/x86_64-linux-gnu/libQtCore.so.4
#8  0x00007f09785e4476 in KateProjectWorkerThread::run (this=0x2741dc8) at /home/jowenn/development/kde/git/kate/kate/plugins/project/kateproject.h:69
#9  0x00007f0992fecd0b in ?? () from /usr/lib/x86_64-linux-gnu/libQtCore.so.4
#10 0x00007f0990167b50 in start_thread (arg=<optimized out>) at pthread_create.c:304
#11 0x00007f0991fcd70d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:112
#12 0x0000000000000000 in ?? ()

Thread 4 (Thread 0x7f0977ba5700 (LWP 9185)):
#0  0x00007fff675ff70c in ?? ()
#1  0x00007fff675ff959 in ?? ()
#2  0x00007f098d2d6e86 in *__GI_clock_gettime (clock_id=1, tp=0x7f0977ba4b90) at ../sysdeps/unix/clock_gettime.c:116
#3  0x00007f0993042b94 in ?? () from /usr/lib/x86_64-linux-gnu/libQtCore.so.4
#4  0x00007f0993116a9d in ?? () from /usr/lib/x86_64-linux-gnu/libQtCore.so.4
#5  0x00007f0993116de3 in ?? () from /usr/lib/x86_64-linux-gnu/libQtCore.so.4
#6  0x00007f099311594c in ?? () from /usr/lib/x86_64-linux-gnu/libQtCore.so.4
#7  0x00007f09931159f5 in ?? () from /usr/lib/x86_64-linux-gnu/libQtCore.so.4
#8  0x00007f098ead7e5f in g_main_context_prepare () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#9  0x00007f098ead854b in ?? () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#10 0x00007f098ead8744 in g_main_context_iteration () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#11 0x00007f0993116296 in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib/x86_64-linux-gnu/libQtCore.so.4
#12 0x00007f09930e68af in QEventLoop::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib/x86_64-linux-gnu/libQtCore.so.4
#13 0x00007f09930e6b38 in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib/x86_64-linux-gnu/libQtCore.so.4
#14 0x00007f0992fe9d70 in QThread::exec() () from /usr/lib/x86_64-linux-gnu/libQtCore.so.4
#15 0x00007f09930c71bf in ?? () from /usr/lib/x86_64-linux-gnu/libQtCore.so.4
#16 0x00007f0992fecd0b in ?? () from /usr/lib/x86_64-linux-gnu/libQtCore.so.4
#17 0x00007f0990167b50 in start_thread (arg=<optimized out>) at pthread_create.c:304
#18 0x00007f0991fcd70d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:112
#19 0x0000000000000000 in ?? ()

Thread 3 (Thread 0x7f0975edd700 (LWP 9194)):
#0  0x00007f0991fc173d in read () at ../sysdeps/unix/syscall-template.S:82
#1  0x00007f098eb1377f in ?? () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#2  0x00007f098ead81a9 in g_main_context_check () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#3  0x00007f098ead85c2 in ?? () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#4  0x00007f098ead8744 in g_main_context_iteration () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#5  0x00007f0993116296 in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib/x86_64-linux-gnu/libQtCore.so.4
#6  0x00007f09930e68af in QEventLoop::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib/x86_64-linux-gnu/libQtCore.so.4
#7  0x00007f09930e6b38 in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib/x86_64-linux-gnu/libQtCore.so.4
#8  0x00007f0992fe9d70 in QThread::exec() () from /usr/lib/x86_64-linux-gnu/libQtCore.so.4
#9  0x00007f09930c71bf in ?? () from /usr/lib/x86_64-linux-gnu/libQtCore.so.4
#10 0x00007f0992fecd0b in ?? () from /usr/lib/x86_64-linux-gnu/libQtCore.so.4
#11 0x00007f0990167b50 in start_thread (arg=<optimized out>) at pthread_create.c:304
#12 0x00007f0991fcd70d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:112
#13 0x0000000000000000 in ?? ()

Thread 2 (Thread 0x7f0974d09700 (LWP 9206)):
#0  pthread_cond_wait@@GLIBC_2.3.2 () at ../nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_wait.S:162
#1  0x00007f098380c1d7 in ?? () from /usr/lib/x86_64-linux-gnu/libQtScript.so.4
#2  0x00007f098380c209 in ?? () from /usr/lib/x86_64-linux-gnu/libQtScript.so.4
#3  0x00007f0990167b50 in start_thread (arg=<optimized out>) at pthread_create.c:304
#4  0x00007f0991fcd70d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:112
#5  0x0000000000000000 in ?? ()

Thread 1 (Thread 0x7f099670d760 (LWP 9178)):
[KCrash Handler]
#5  0x00007f0991f27475 in *__GI_raise (sig=<optimized out>) at ../nptl/sysdeps/unix/sysv/linux/raise.c:64
#6  0x00007f0991f2a6f0 in *__GI_abort () at abort.c:92
#7  0x00007f0992fe2722 in qt_message_output(QtMsgType, char const*) () from /usr/lib/x86_64-linux-gnu/libQtCore.so.4
#8  0x00007f0992fe2a98 in ?? () from /usr/lib/x86_64-linux-gnu/libQtCore.so.4
#9  0x00007f0992fe2c24 in qFatal(char const*, ...) () from /usr/lib/x86_64-linux-gnu/libQtCore.so.4
#10 0x00007f098326a669 in QVector<int>::operator[] (this=0x7fff675bd910, i=3) at /usr/include/qt4/QtCore/qvector.h:355
#11 0x00007f09832ea602 in KateCodeFoldingTree::setColumns (this=0x40e8ff0, line=93, newColumns=..., virtualNodeIndex=-1, virtualColumn=0) at /home/jowenn/development/kde/git/kate/part/syntax/katecodefolding.cpp:1251
#12 0x00007f09832eb3f7 in KateCodeFoldingTree::updateLine (this=0x40e8ff0, line=93, regionChanges=..., updated=0x7fff675bd90f, changed=false, colsChanged=true) at /home/jowenn/development/kde/git/kate/part/syntax/katecodefolding.cpp:1493
#13 0x00007f098327683d in KateBuffer::doHighlight (this=0x40e8f20, startLine=92, endLine=94, invalidate=true) at /home/jowenn/development/kde/git/kate/part/document/katebuffer.cpp:707
#14 0x00007f0983274d87 in KateBuffer::editEnd (this=0x40e8f20) at /home/jowenn/development/kde/git/kate/part/document/katebuffer.cpp:122
#15 0x00007f098324fe5d in KateDocument::editEnd (this=0x40e8830) at /home/jowenn/development/kde/git/kate/part/document/katedocument.cpp:858
#16 0x00007f09832fea60 in KateView::removeSelectedText (this=0x4137f90) at /home/jowenn/development/kde/git/kate/part/view/kateview.cpp:1851
#17 0x00007f098325961d in KateDocument::backspace (this=0x40e8830, view=0x4137f90, c=...) at /home/jowenn/development/kde/git/kate/part/document/katedocument.cpp:2776
#18 0x00007f098330902f in KateViewInternal::doBackspace (this=0x41389a0) at /home/jowenn/development/kde/git/kate/part/view/kateviewinternal.cpp:809
#19 0x00007f098330116b in KateView::backspace (this=0x4137f90) at /home/jowenn/development/kde/git/kate/part/view/kateview.cpp:2326
#20 0x00007f09832f06e9 in KateView::qt_static_metacall (_o=0x4137f90, _c=QMetaObject::InvokeMetaMethod, _id=49, _a=0x7fff675bdf70) at /home/jowenn/development/kde/build/kate/part/kateview.moc:321
#21 0x00007f09930fd54f in QMetaObject::activate(QObject*, QMetaObject const*, int, void**) () from /usr/lib/x86_64-linux-gnu/libQtCore.so.4
#22 0x00007f0993d6e502 in QAction::triggered(bool) () from /usr/lib/x86_64-linux-gnu/libQtGui.so.4
#23 0x00007f0993d6e6f0 in QAction::activate(QAction::ActionEvent) () from /usr/lib/x86_64-linux-gnu/libQtGui.so.4
#24 0x00007f0993d6e857 in QAction::event(QEvent*) () from /usr/lib/x86_64-linux-gnu/libQtGui.so.4
#25 0x00007f09949ce057 in KAction::event(QEvent*) () from /usr/lib/libkdeui.so.5
#26 0x00007f0993d7470c in QApplicationPrivate::notify_helper(QObject*, QEvent*) () from /usr/lib/x86_64-linux-gnu/libQtGui.so.4
#27 0x00007f0993d78b8a in QApplication::notify(QObject*, QEvent*) () from /usr/lib/x86_64-linux-gnu/libQtGui.so.4
#28 0x00007f0994aa78a6 in KApplication::notify(QObject*, QEvent*) () from /usr/lib/libkdeui.so.5
#29 0x00007f09930e7b5e in QCoreApplication::notifyInternal(QObject*, QEvent*) () from /usr/lib/x86_64-linux-gnu/libQtCore.so.4
#30 0x00007f0993da5474 in ?? () from /usr/lib/x86_64-linux-gnu/libQtGui.so.4
#31 0x00007f0993da6983 in ?? () from /usr/lib/x86_64-linux-gnu/libQtGui.so.4
#32 0x00007f0993d7a869 in QApplication::notify(QObject*, QEvent*) () from /usr/lib/x86_64-linux-gnu/libQtGui.so.4
#33 0x00007f0994aa78a6 in KApplication::notify(QObject*, QEvent*) () from /usr/lib/libkdeui.so.5
#34 0x00007f09930e7b5e in QCoreApplication::notifyInternal(QObject*, QEvent*) () from /usr/lib/x86_64-linux-gnu/libQtCore.so.4
#35 0x00007f0993e11a9a in ?? () from /usr/lib/x86_64-linux-gnu/libQtGui.so.4
#36 0x00007f0993e11ed1 in ?? () from /usr/lib/x86_64-linux-gnu/libQtGui.so.4
#37 0x00007f0993deeb28 in QApplication::x11ProcessEvent(_XEvent*) () from /usr/lib/x86_64-linux-gnu/libQtGui.so.4
#38 0x00007f0993e15bc2 in ?? () from /usr/lib/x86_64-linux-gnu/libQtGui.so.4
#39 0x00007f098ead8355 in g_main_context_dispatch () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#40 0x00007f098ead8688 in ?? () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#41 0x00007f098ead8744 in g_main_context_iteration () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#42 0x00007f0993116276 in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib/x86_64-linux-gnu/libQtCore.so.4
#43 0x00007f0993e1583e in ?? () from /usr/lib/x86_64-linux-gnu/libQtGui.so.4
#44 0x00007f09930e68af in QEventLoop::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib/x86_64-linux-gnu/libQtCore.so.4
#45 0x00007f09930e6b38 in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib/x86_64-linux-gnu/libQtCore.so.4
#46 0x00007f09930ebcf8 in QCoreApplication::exec() () from /usr/lib/x86_64-linux-gnu/libQtCore.so.4
#47 0x00007f099631f6e2 in kdemain (argc=1, argv=0x7fff675c0f48) at /home/jowenn/development/kde/git/kate/kate/app/katemain.cpp:377
#48 0x000000000040093e in main (argc=1, argv=0x7fff675c0f48) at /home/jowenn/development/kde/build/kate/kate/app/kate_dummy.cpp:3

Reported using DrKonqi

Comment 1 Joseph Wenninger 2012-10-27 12:10:48 UTC

Created attachment 74828 [details]
file to reproduce crash

Comment 2 Dominik Haumann 2012-10-27 15:07:07 UTC

Git commit 5d8e230ac5d925b12538b76af5af0ad7145c3031 by Dominik Haumann.
Committed on 27/10/2012 at 17:06.
Pushed by dhaumann into branch 'master'.

add unit test for bug 309093

run it with:
./run.sh ./kate/build/tests/bug309093_test.shell

M  +11   -0    part/tests/CMakeLists.txt
A  +76   -0    part/tests/bug309093.cpp     [License: LGPL (v2+)]
A  +41   -0    part/tests/bug309093.h     [License: LGPL (v2+)]
A  +1066 -0    part/tests/bug309093_example.cpp     [License: LGPL (v2+)]

http://commits.kde.org/kate/5d8e230ac5d925b12538b76af5af0ad7145c3031

Comment 3 Joseph Wenninger 2012-10-28 17:32:44 UTC

Git commit a6007b4f26f95ef8e00381853ce30b6e7177236a by Joseph Wenninger.
Committed on 28/10/2012 at 18:01.
Pushed by jowenn into branch 'master'.

This should hopefully fix #309093. I think a similar behaviour in wrapLine could also be needed.

The the cause of the crash was:

1: if (......) {
2: ......;
3: ......;
4: } else if { ....
5: .....

If the text from infront of the first if to just infront of the second if got deleted a line unwrapping action took place
The kate buffer just kept the { of line 1 and removed the information about the } { in line 4 during unwrapping, without
triggering a tree update.

1: if { ....
2: .....

When doing highlighting again it found again that the new block had a single { in the new line 1, therefore it triggered a
column only update within the folding tree. The tree on the other hand thought that it still had two region changes in the
now new line 1 and tried to update all columns as being told by the buffer, but the information it got from the highlighting
system containd only one opening region -> access to an elemnt in the vector that was out of bounds -> assert/crash

Now unwrapping just joins the region changes of the involved lines and the tree checks if the lenghtes of the vectors
matche, so it should always do a complete update of the meta information if needed

M +7 -0 part/buffer/katetextblock.cpp
M +4 -10 part/document/katebuffer.cpp
M +0 -2 part/document/katebuffer.h
M +9 -0 part/syntax/katecodefolding.cpp

http://commits.kde.org/kate/a6007b4f26f95ef8e00381853ce30b6e7177236a