Version: 4.2 (using KDE 3.1.93 (CVS >= 20031028), compiled sources) Compiler: gcc version 3.3.1 (SuSE Linux) OS: Linux (i686) release 2.4.21-99-athlon With the following file kwrite crashes when pressing CTRL-w to close the window. How to reproduce: 1) Save the attached file "Brainstorming" to your file system 2) Click on it to launch kwrite 3) Press CTRL-w (or use the menu item) When you do it, kwrite crashes always. Greeting, Chris
Created attachment 2988 [details] File that makes kwrite crash on CTRL-w I uploaded as application/octet-stream, because there are special characters in the file (IIRC the german umlauts inside this file are UTF-8 coded.
I can't reproduce the crash (HEAD 20031026).
I can reproduce it anytime. Here's the gdb info (crash point, backtrace). The main reasons seems to be, that the variable "a" is a null pointer. I traced it and saw that at line 302 of katerenderer.cpp, a 0-pointer is returned, as soon as I press CTRL-W: 302 a = textLine->attributes (); Program received signal SIGSEGV, Segmentation fault. [Switching to Thread 16384 (LWP 9789)] 0x41fb1e4d in KateRenderer::paintTextLine(QPainter&, LineRange const*, int, int, KateTextCursor const*, KateTextRange const*) ( this=0x8105158, paint=@0xbfffe880, range=0x825cd20, xStart=0, xEnd=680, cursor=0x81a862c, bracketmark=0x81a865c) at katerenderer.cpp:376 376 KateAttribute* curAt = ((*a) >= atLen) ? &at[0] : &at[*a]; (gdb) bt #0 0x41fb1e4d in KateRenderer::paintTextLine(QPainter&, LineRange const*, int, int, KateTextCursor const*, KateTextRange const*) (this=0x8105158, paint=@0xbfffe880, range=0x825cd20, xStart=0, xEnd=680, cursor=0x81a862c, bracketmark=0x81a865c) at katerenderer.cpp:376 #1 0x41f92e88 in KateViewInternal::paintText(int, int, int, int, bool) (this=0x81a8560, x=0, y=0, width=680, height=400, paintOnlyDirty=true) at kateviewinternal.cpp:751 #2 0x41f9896c in KateViewInternal::paintCursor() (this=0x81a8560) at kateviewinternal.cpp:2051 #3 0x41f9a81b in KateViewInternal::cursorTimeout() (this=0x81a8560) at kateviewinternal.cpp:2547 #4 0x41f8eba7 in KateViewInternal::qt_invoke(int, QUObject*) (this=0x81a8560, _id=63, _o=0xbfffec10) at kateviewinternal.moc:279 #5 0x40ca3dd9 in QObject::activate_signal(QConnectionList*, QUObject*) (this=0x81a8768, clist=0x81a04d0, o=0xbfffec10) at kernel/qobject.cpp:2333 #6 0x40ca3c78 in QObject::activate_signal(int) (this=0x81a8768, signal=2) at kernel/qobject.cpp:2302 #7 0x40fe81ae in QTimer::timeout() (this=0x81a8768) at .moc/debug-shared-mt/moc_qtimer.cpp:82 #8 0x40cc8407 in QTimer::event(QEvent*) (this=0x81a8768, e=0xbfffee60) at kernel/qtimer.cpp:219 #9 0x40c410af in QApplication::internalNotify(QObject*, QEvent*) (this=0xbffff120, receiver=0x81a8768, e=0xbfffee60) at kernel/qapplication.cpp:2582 #10 0x40c4056c in QApplication::notify(QObject*, QEvent*) (this=0xbffff120, receiver=0x81a8768, e=0xbfffee60) at kernel/qapplication.cpp:2305 #11 0x407ac434 in KApplication::notify(QObject*, QEvent*) (this=0xbffff120, receiver=0x81a8768, event=0xbfffee60) at kapplication.cpp:509 #12 0x4002cf9d in QApplication::sendEvent(QObject*, QEvent*) (receiver=0x81a8768, event=0xbfffee60) at qapplication.h:490 #13 0x40c2f17c in QEventLoop::activateTimers() (this=0x80c2fa8) at kernel/qeventloop_unix.cpp:557 #14 0x40be9b0a in QEventLoop::processEvents(unsigned) (this=0x80c2fa8, flags=4) at kernel/qeventloop_x11.cpp:346 #15 0x40c56b02 in QEventLoop::enterLoop() (this=0x80c2fa8) at kernel/qeventloop.cpp:198 #16 0x40c56a1e in QEventLoop::exec() (this=0x80c2fa8) at kernel/qeventloop.cpp:145 #17 0x40c4122f in QApplication::exec() (this=0xbffff120) at kernel/qapplication.cpp:2705 #18 0x4002b8f3 in kdemain (argc=1, argv=0xbffff2b4) at kwritemain.cpp:676 #19 0x080486ba in main (argc=1, argv=0xbffff2b4) at kwrite.la.cpp:2 Hope this helps. Best regards, Chris PS: No, I have not (yet) found another file where the bug is triggered. I am pretty sure that it is some kind of "timing problem" (a half-destroyed object or so). I will try to debug this some more.
My personal workaround is in katerenderer.cpp: // text + attrib data from line a = textLine->attributes (); + if ( a == 0 ) { + return; + } BTW: It only happens with kwrite, not with kate. The bug has been there at least since 2003-09-26. I did not want to report it then, to exclude the possibility of a broken installation. I have compiled/installed KDE CVS today *completely*, so I decided to report this now.
Confirmed, will fix soon...
*** Bug 63857 has been marked as a duplicate of this bug. ***
Hmm. For the record, the final cause of this crashing is the first time the cursor blinks after the file is closed. However, the reason for us getting into a crashable state remains a mystery to me. I am now unable to reproduce the crash :( I didn't change much, just recompiled qt, but neither a debug nor a non-debug build trigger the crash any more. So, I'm committing a workaround which I know will stop the crash, but not get to the root of the problem, whatever it is. I can't think of anything else to do at the moment. Christoph - any ideas why the sidebar doesn't get properly repainted after closing this file in kwrite? For other longer files it is repainted fine...
Subject: kdelibs/kate/part CVS commit by rodda: Workaround-fix for mystery renderer crash bug. CCMAIL: 67065-done@bugs.kde.org M +3 -2 katerenderer.cpp 1.34 --- kdelibs/kate/part/katerenderer.cpp #1.33:1.34 @@ -301,4 +301,5 @@ void KateRenderer::paintTextLine(QPainte // text + attrib data from line a = textLine->attributes (); + bool noAttribs = !a; // adjust to startcol ;) @@ -374,5 +375,5 @@ void KateRenderer::paintTextLine(QPainte // Determine current syntax highlighting attribute // A bit legacy but doesn't need to change - KateAttribute* curAt = ((*a) >= atLen) ? &at[0] : &at[*a]; + KateAttribute* curAt = (!noAttribs && (*a) >= atLen) ? &at[0] : &at[*a]; // X position calculation. Incorrect for fonts with non-zero leftBearing() and rightBearing() results. @@ -466,5 +467,5 @@ void KateRenderer::paintTextLine(QPainte // it is a different attribute OR - (curAt != &at[*(a+1)]) || + (!noAttribs && curAt != &at[*(a+1)]) || // the selection boundary was crossed OR
kwrite craches when closing : Using host libthread_db library "/lib/tls/libthread_db.so.1". [Thread debugging using libthread_db enabled] [New Thread 1096250656 (LWP 14425)] [KCrash handler] #9 0x41ea1056 in KJS::Identifier::remove () from /opt/kde3/lib/libkjs.so.1 #10 0x41ea3178 in KJS::UString::Rep::destroy () from /opt/kde3/lib/libkjs.so.1 #11 0x41ea44fe in KJS::UString::release () from /opt/kde3/lib/libkjs.so.1 #12 0x41ea48f0 in __tcf_25 () from /opt/kde3/lib/libkjs.so.1 #13 0x40f71820 in exit () from /lib/tls/libc.so.6 #14 0x0804e1fa in launch () #15 0x0804f08c in handle_launcher_request () #16 0x0804f649 in handle_requests () #17 0x0804fec1 in main ()