Bug 364433

Summary: Crash when using Solve -> Add custom include path [KDevelop::IAssistantAction::executed]
Product: [Applications] kdevelop Reporter: Francis Herne <mail>
Component: Language Support: CPP (Clang-based)Assignee: kdevelop-bugs-null
Status: RESOLVED FIXED    
Severity: crash CC: mail, malcolm.mielle
Priority: VHI Keywords: release_blocker
Version: unspecified   
Target Milestone: ---   
Platform: Compiled Sources   
OS: Linux   
Latest Commit: Version Fixed In:
Sentry Crash Report:

Description Francis Herne 2016-06-17 19:58:10 UTC
When including a file that KDevelop's parser hasn't found, right-clicking on the include shows a dialog with "Solve: 'filename' not found". This has a single menu option, "Add custom include path", which opens the project configuration dialog.

When *closing* this dialog, with either "Ok" or "Cancel", KDevelop segfaults.

This doesn't happen when accessing it via the little Alt-N solution bar, or via the menus.

----

#0  0x00007ffff108091e in QMetaObject::activate(QObject*, int, int, void**) () from /usr/lib/libQt5Core.so.5
#1  0x00007ffff61b6735 in KDevelop::IAssistantAction::executed (this=0x2cf3a00, _t1=0x2cf3a00) at /home/flh/projects/kdevplatform/build/interfaces/moc_iassistant.cpp:149
#2  0x00007fffb456ff00 in AddCustomIncludePathAction::execute (this=0x2cf3a00) at /home/flh/projects/kdevelop/languages/clang/duchain/missingincludepathproblem.cpp:56
#3  0x00007ffff61a7d6e in QtPrivate::FunctorCall<QtPrivate::IndexesList<>, QtPrivate::List<>, void, void (KDevelop::IAssistantAction::*)()>::call(void (KDevelop::IAssistantAction::*)(), KDevelop::IAssistantAction*, void**) (
    f=&virtual table offset 128, o=0x2cf3a00, arg=0x7fffffffa2a0) at /usr/include/qt/QtCore/qobjectdefs_impl.h:501
#4  0x00007ffff61a7d00 in QtPrivate::FunctionPointer<void (KDevelop::IAssistantAction::*)()>::call<QtPrivate::List<>, void>(void (KDevelop::IAssistantAction::*)(), KDevelop::IAssistantAction*, void**) (
    f=&virtual table offset 128, o=0x2cf3a00, arg=0x7fffffffa2a0) at /usr/include/qt/QtCore/qobjectdefs_impl.h:520
#5  0x00007ffff61a79bb in QtPrivate::QSlotObject<void (KDevelop::IAssistantAction::*)(), QtPrivate::List<>, void>::impl(int, QtPrivate::QSlotObjectBase*, QObject*, void**, bool*) (which=1, this_=0x2ce7690, r=0x2cf3a00,
    a=0x7fffffffa2a0, ret=0x0) at /usr/include/qt/QtCore/qobject_impl.h:143
#6  0x00007ffff10812cc in QMetaObject::activate(QObject*, int, int, void**) () from /usr/lib/libQt5Core.so.5
#7  0x00007ffff1d77b32 in QAction::triggered(bool) () from /usr/lib/libQt5Widgets.so.5
#8  0x00007ffff1d7a740 in QAction::activate(QAction::ActionEvent) () from /usr/lib/libQt5Widgets.so.5
#9  0x00007ffff1f0502a in ?? () from /usr/lib/libQt5Widgets.so.5
#10 0x00007ffff1f0b1bc in ?? () from /usr/lib/libQt5Widgets.so.5
#11 0x00007ffff1f0f336 in QMenu::mouseReleaseEvent(QMouseEvent*) () from /usr/lib/libQt5Widgets.so.5
#12 0x00007ffff1dc6b38 in QWidget::event(QEvent*) () from /usr/lib/libQt5Widgets.so.5
#13 0x00007ffff1f0fdeb in QMenu::event(QEvent*) () from /usr/lib/libQt5Widgets.so.5
#14 0x00007ffff1d8106c in QApplicationPrivate::notify_helper(QObject*, QEvent*) () from /usr/lib/libQt5Widgets.so.5
#15 0x00007ffff1d873b7 in QApplication::notify(QObject*, QEvent*) () from /usr/lib/libQt5Widgets.so.5
#16 0x00007ffff1053e70 in QCoreApplication::notifyInternal2(QObject*, QEvent*) () from /usr/lib/libQt5Core.so.5
#17 0x00007ffff1d85a85 in QApplicationPrivate::sendMouseEvent(QWidget*, QMouseEvent*, QWidget*, QWidget*, QWidget**, QPointer<QWidget>&, bool) () from /usr/lib/libQt5Widgets.so.5
#18 0x00007ffff1de19c0 in ?? () from /usr/lib/libQt5Widgets.so.5
#19 0x00007ffff1de3ca3 in ?? () from /usr/lib/libQt5Widgets.so.5
#20 0x00007ffff1d8106c in QApplicationPrivate::notify_helper(QObject*, QEvent*) () from /usr/lib/libQt5Widgets.so.5
#21 0x00007ffff1d864ff in QApplication::notify(QObject*, QEvent*) () from /usr/lib/libQt5Widgets.so.5
#22 0x00007ffff1053e70 in QCoreApplication::notifyInternal2(QObject*, QEvent*) () from /usr/lib/libQt5Core.so.5
#23 0x00007ffff15a0113 in QGuiApplicationPrivate::processMouseEvent(QWindowSystemInterfacePrivate::MouseEvent*) () from /usr/lib/libQt5Gui.so.5
#24 0x00007ffff15a1925 in QGuiApplicationPrivate::processWindowSystemEvent(QWindowSystemInterfacePrivate::WindowSystemEvent*) () from /usr/lib/libQt5Gui.so.5
#25 0x00007ffff157f5fb in QWindowSystemInterface::sendWindowSystemEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib/libQt5Gui.so.5
#26 0x00007fffd75c74d0 in ?? () from /usr/lib/libQt5XcbQpa.so.5
#27 0x00007fffe612edd7 in g_main_context_dispatch () from /usr/lib/libglib-2.0.so.0
#28 0x00007fffe612f040 in ?? () from /usr/lib/libglib-2.0.so.0
#29 0x00007fffe612f0ec in g_main_context_iteration () from /usr/lib/libglib-2.0.so.0
#30 0x00007ffff10aa2cf in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib/libQt5Core.so.5
#31 0x00007ffff105202a in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib/libQt5Core.so.5
#32 0x00007ffff1f09ffd in QMenu::exec(QPoint const&, QAction*) () from /usr/lib/libQt5Widgets.so.5
#33 0x00007ffff1f1a915 in ?? () from /usr/lib/libQt5Widgets.so.5
#34 0x00007ffff1081229 in QMetaObject::activate(QObject*, int, int, void**) () from /usr/lib/libQt5Core.so.5
#35 0x00007ffff1e80087 in ?? () from /usr/lib/libQt5Widgets.so.5
#36 0x00007ffff1e80751 in QAbstractButton::mousePressEvent(QMouseEvent*) () from /usr/lib/libQt5Widgets.so.5
#37 0x00007ffff1dc73af in QWidget::event(QEvent*) () from /usr/lib/libQt5Widgets.so.5
#38 0x00007ffff1d8106c in QApplicationPrivate::notify_helper(QObject*, QEvent*) () from /usr/lib/libQt5Widgets.so.5
#39 0x00007ffff1d873b7 in QApplication::notify(QObject*, QEvent*) () from /usr/lib/libQt5Widgets.so.5
#40 0x00007ffff1053e70 in QCoreApplication::notifyInternal2(QObject*, QEvent*) () from /usr/lib/libQt5Core.so.5
#41 0x00007ffff1d85a85 in QApplicationPrivate::sendMouseEvent(QWidget*, QMouseEvent*, QWidget*, QWidget*, QWidget**, QPointer<QWidget>&, bool) () from /usr/lib/libQt5Widgets.so.5
#42 0x00007ffff1de1386 in ?? () from /usr/lib/libQt5Widgets.so.5
#43 0x00007ffff1de3ca3 in ?? () from /usr/lib/libQt5Widgets.so.5
#44 0x00007ffff1d8106c in QApplicationPrivate::notify_helper(QObject*, QEvent*) () from /usr/lib/libQt5Widgets.so.5
#45 0x00007ffff1d864ff in QApplication::notify(QObject*, QEvent*) () from /usr/lib/libQt5Widgets.so.5
#46 0x00007ffff1053e70 in QCoreApplication::notifyInternal2(QObject*, QEvent*) () from /usr/lib/libQt5Core.so.5
#47 0x00007ffff15a0113 in QGuiApplicationPrivate::processMouseEvent(QWindowSystemInterfacePrivate::MouseEvent*) () from /usr/lib/libQt5Gui.so.5
#48 0x00007ffff15a1925 in QGuiApplicationPrivate::processWindowSystemEvent(QWindowSystemInterfacePrivate::WindowSystemEvent*) () from /usr/lib/libQt5Gui.so.5
#49 0x00007ffff157f5fb in QWindowSystemInterface::sendWindowSystemEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib/libQt5Gui.so.5
#50 0x00007fffd75c74d0 in ?? () from /usr/lib/libQt5XcbQpa.so.5
#51 0x00007fffe612edd7 in g_main_context_dispatch () from /usr/lib/libglib-2.0.so.0
#52 0x00007fffe612f040 in ?? () from /usr/lib/libglib-2.0.so.0
#53 0x00007fffe612f0ec in g_main_context_iteration () from /usr/lib/libglib-2.0.so.0
---Type <return> to continue, or q <return> to quit---
#54 0x00007ffff10aa2cf in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib/libQt5Core.so.5
#55 0x00007ffff105202a in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib/libQt5Core.so.5
#56 0x00007ffff105a5bc in QCoreApplication::exec() () from /usr/lib/libQt5Core.so.5
#57 0x000000000040f1c4 in main (argc=1, argv=0x7fffffffe288) at /home/flh/projects/kdevelop/app/main.cpp:720

Reproducible: Always

Steps to Reproduce:
1. Add a #include of a nonexistent file.
2. Right-click the filename.
3. Select Solve -> Add custom include path.
3. Close the resulting dialog.

Actual Results:  
KDevelop segfaults.

Expected Results:  
KDevelop doesn't segfault (obviously).

Using latest 5.0 heads:
kdevplatform a921a9cf
kdevelop 2fb22c1a
Compiled on Arch Linux.
Comment 1 Francis Herne 2016-06-26 18:22:58 UTC
With today's 5.0-git, occurs about one time in three.
Comment 2 Kevin Funk 2016-06-26 20:40:47 UTC
Yep, confirmed. A pretty bad bug as well.
Comment 3 Sven Brauch 2016-06-26 21:46:52 UTC
*** Bug 360894 has been marked as a duplicate of this bug. ***
Comment 4 Sven Brauch 2016-06-26 22:26:52 UTC
I can reproduce this as well, and I see it with Python too. The backtrace with the new assistant is different:


Thread 1 (Thread 0x7f1393626800 (LWP 4533)):
[KCrash Handler]
#5  0x00007f138c8928e0 in typeinfo name for QObjectPrivate () from /usr/lib/libQt5Core.so.5
#6  0x00007f13936267f0 in ?? ()
#7  0x00007f138d5bc9ec in QTextEdit::mouseReleaseEvent(QMouseEvent*) () from /usr/lib/libQt5Widgets.so.5
#8  0x00007f138d460f18 in QWidget::event(QEvent*) () from /usr/lib/libQt5Widgets.so.5
#9  0x00007f138d54862e in QFrame::event(QEvent*) () from /usr/lib/libQt5Widgets.so.5
#10 0x00007f138c7399e1 in QCoreApplicationPrivate::sendThroughObjectEventFilters(QObject*, QEvent*) () from /usr/lib/libQt5Core.so.5
#11 0x00007f138d419e15 in QApplicationPrivate::notify_helper(QObject*, QEvent*) () from /usr/lib/libQt5Widgets.so.5
#12 0x00007f138d42246d in QApplication::notify(QObject*, QEvent*) () from /usr/lib/libQt5Widgets.so.5
#13 0x00007f138c739c80 in QCoreApplication::notifyInternal2(QObject*, QEvent*) () from /usr/lib/libQt5Core.so.5
#14 0x00007f138d420b1d in QApplicationPrivate::sendMouseEvent(QWidget*, QMouseEvent*, QWidget*, QWidget*, QWidget**, QPointer<QWidget>&, bool) () from /usr/lib/libQt5Widgets.so.5
#15 0x00007f138d47afc0 in ?? () from /usr/lib/libQt5Widgets.so.5
#16 0x00007f138d47d763 in ?? () from /usr/lib/libQt5Widgets.so.5
#17 0x00007f138d419e3c in QApplicationPrivate::notify_helper(QObject*, QEvent*) () from /usr/lib/libQt5Widgets.so.5
#18 0x00007f138d4215b1 in QApplication::notify(QObject*, QEvent*) () from /usr/lib/libQt5Widgets.so.5
#19 0x00007f138c739c80 in QCoreApplication::notifyInternal2(QObject*, QEvent*) () from /usr/lib/libQt5Core.so.5
#20 0x00007f138cc880e3 in QGuiApplicationPrivate::processMouseEvent(QWindowSystemInterfacePrivate::MouseEvent*) () from /usr/lib/libQt5Gui.so.5
#21 0x00007f138cc89c65 in QGuiApplicationPrivate::processWindowSystemEvent(QWindowSystemInterfacePrivate::WindowSystemEvent*) () from /usr/lib/libQt5Gui.so.5
#22 0x00007f138cc67cbb in QWindowSystemInterface::sendWindowSystemEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib/libQt5Gui.so.5
#23 0x00007f1374847310 in ?? () from /usr/lib/libQt5XcbQpa.so.5
#24 0x00007f1380489dd7 in g_main_context_dispatch () from /usr/lib/libglib-2.0.so.0
#25 0x00007f138048a040 in ?? () from /usr/lib/libglib-2.0.so.0
#26 0x00007f138048a0ec in g_main_context_iteration () from /usr/lib/libglib-2.0.so.0
#27 0x00007f138c78e57f in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib/libQt5Core.so.5
#28 0x00007f138c7380da in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib/libQt5Core.so.5
#29 0x00007f138c7405cc in QCoreApplication::exec() () from /usr/lib/libQt5Core.so.5
#30 0x000000000040df15 in main (argc=1, argv=0x7ffec2acccd8) at ../app/main.cpp:759

I have no idea what is going on here. It's some kind of memory corruption, but I really don't know where it comes from or why it happens. QTextEdit is always in the backtrace for some reason.
Comment 5 Milian Wolff 2016-06-27 09:35:17 UTC
I think that's because of some exec going on somewhere, most probably  when the dialog is shown. Then the  combo box menu or tooltip gets deleted but when the dialog is closed now-freed memory is being accessed. Using show() instead somewhere with a WA_DeleteOnClose should fix this, I hope.
Comment 6 Sven Brauch 2016-06-28 20:59:05 UTC
@milian, any more ideas on this one? I spent quite some time digging around by now but could neither fix it nor find the cause.
Comment 7 Milian Wolff 2016-06-29 11:26:33 UTC
Did you run it through valgrind or ASAN? Both should tell you the reason why it crashes. GDB is not a good tool to debug this. Also, I'd inspect the code that runs the "add include path" action, and see if that one uses `QDialog::exec` or similar. If so, rewrite that to not induce a nested eventloop (i.e. use `::show()` and set `WA_DeleteOnClose` instead).
Comment 8 Sven Brauch 2016-07-09 12:33:37 UTC
Git commit f74ec1e6ec16c7e58d34d7fae05867292370b00d by Sven Brauch.
Committed on 09/07/2016 at 12:31.
Pushed by brauch into branch '5.0'.

Fix crash on closing the "missing include" wizard

M  +16   -9    duchain/assistants/missingincludeassistant.cpp

http://commits.kde.org/kdev-python/f74ec1e6ec16c7e58d34d7fae05867292370b00d
Comment 9 Sven Brauch 2016-07-09 12:48:52 UTC
Git commit 7cac941ea94fff5fffda448030f5f9ef105fc3e2 by Sven Brauch.
Committed on 09/07/2016 at 12:46.
Pushed by brauch into branch 'master'.

Project controller: make displaying project config dialog async

M  +12   -12   shell/projectcontroller.cpp

http://commits.kde.org/kdevplatform/7cac941ea94fff5fffda448030f5f9ef105fc3e2
Comment 10 Sven Brauch 2016-07-09 12:49:47 UTC
Git commit 002fbc583524bbb662f47fcdbcbd0395f007a738 by Sven Brauch.
Committed on 09/07/2016 at 12:48.
Pushed by brauch into branch '5.0'.

IADM: Show config dialog asynchroneously

M  +9    -7    languages/plugins/custom-definesandincludes/noprojectincludesanddefines/noprojectincludepathsmanager.cpp

http://commits.kde.org/kdevelop/002fbc583524bbb662f47fcdbcbd0395f007a738
Comment 11 Sven Brauch 2016-07-09 12:50:49 UTC
This should do. I do however still not understand why the but originally happened ... valgrind doesn't tell me much either :/
Comment 12 Sven Brauch 2016-07-09 13:00:44 UTC
Git commit 80bb2205945f53f683c96a38715f185965944ae1 by Sven Brauch.
Committed on 09/07/2016 at 12:58.
Pushed by brauch into branch '5.0'.

Project controller: make displaying project config dialog async

M  +12   -12   shell/projectcontroller.cpp

http://commits.kde.org/kdevplatform/80bb2205945f53f683c96a38715f185965944ae1
Comment 13 Milian Wolff 2016-07-10 22:22:20 UTC
Good work, patches look fine to me. Crashes are gone as well, you say? Awesome!
Comment 14 Sven Brauch 2016-07-11 07:14:06 UTC
Couldn't reproduce it any more at least, let me know if you observe something else. :)
Comment 15 Kevin Funk 2016-07-12 06:52:55 UTC
*** Bug 364056 has been marked as a duplicate of this bug. ***