Bug 380736

Summary: FIXED IN SVN: Crashed while typing text
Product: [Applications] rkward Reporter: RKWard Team <rkward-devel>
Component: generalAssignee: RKWard Team <rkward-devel>
Status: RESOLVED FIXED    
Severity: normal    
Priority: NOR    
Version: unspecified   
Target Milestone: ---   
Platform: unspecified   
OS: All   
Latest Commit: Version Fixed In:
Sentry Crash Report:
Attachments: -- Originally posted by (AT sourceforge.net): nalimilan -- Full gdb stacktrace

Description RKWard Team 2011-11-04 11:48:05 UTC
-- Originally posted by (AT sourceforge.net): nalimilan --

-- This ticket was imported from http://sourceforge.net/p/rkward/bugs/107 on 2017-05-30 15:26:46 +0100 --
RKWard crashed today while I was typing text in the editor. It's the first time it happens, and I can't tell what I was doing special. I think I had just removed a selected text by hitting the backspace key.

I it can help, RKWard had been running for quite a long time, I had done many operations.

I'm using version 0.5.6z+0.5.7+devel1 on Fedora 15. Below is the trace from the relevant thread, and attach is the whole stacktrace.


Thread 1 \(Thread 0x7fc8b1d60840 \(LWP 22000\)\):
\[KCrash Handler\]
\#6  0x000000000044499d in RKCodeCompletionModel::data \(this=&lt;optimized out&gt;, index=&lt;optimized out&gt;, role=0\) at /home/milan/Dev/RKWard/rkward/rkward/windows/rkcommandeditorwindow.cpp:1006
\#7  0x00007fc89c0afad7 in KateCompletionModel::Item::Item\(bool, KateCompletionModel\*, HierarchicalModelHandler const&, QPair&lt;KTextEditor::CodeCompletionModel\*, QModelIndex&gt;\) \(\) from /usr/lib64/libkatepartinterfaces.so.4
\#8  0x00007fc89c0b3fd2 in KateCompletionModel::createItem\(HierarchicalModelHandler const&, QModelIndex const&, bool\) \(\) from /usr/lib64/libkatepartinterfaces.so.4
\#9  0x00007fc89c0b4e33 in KateCompletionModel::createItems\(HierarchicalModelHandler const&, QModelIndex const&, bool\) \(\) from /usr/lib64/libkatepartinterfaces.so.4
\#10 0x00007fc89c0b8018 in KateCompletionModel::createGroups\(\) \(\) from /usr/lib64/libkatepartinterfaces.so.4
\#11 0x00007fc89c0b84f4 in KateCompletionModel::setCompletionModels\(QList&lt;KTextEditor::CodeCompletionModel\*&gt; const&\) \(\) from /usr/lib64/libkatepartinterfaces.so.4
\#12 0x00007fc89c0a79b1 in KateCompletionWidget::startCompletion\(KTextEditor::Range const&, QList&lt;KTextEditor::CodeCompletionModel\*&gt; const&, KTextEditor::CodeCompletionModel::InvocationType\) \(\) from /usr/lib64/libkatepartinterfaces.so.4
\#13 0x00007fc89c0a9198 in KateCompletionWidget::startCompletion\(KTextEditor::Range const&, KTextEditor::CodeCompletionModel\*, KTextEditor::CodeCompletionModel::InvocationType\) \(\) from /usr/lib64/libkatepartinterfaces.so.4
\#14 0x000000000044b357 in RKCommandEditorWindow::tryCompletion \(this=0x19ace60\) at /home/milan/Dev/RKWard/rkward/rkward/windows/rkcommandeditorwindow.cpp:570
\#15 0x000000000044ceea in RKCommandEditorWindow::qt\_metacall \(this=0x19ace60, \_c=QMetaObject::InvokeMetaMethod, \_id=&lt;optimized out&gt;, \_a=0x7fff31bfb610\) at /home/milan/Dev/RKWard/rkward/build/rkward/windows/rkcommandeditorwindow.moc:234
\#16 0x00000035e4f6cfea in QMetaObject::activate \(sender=0x1ad3ec0, m=&lt;optimized out&gt;, local\_signal\_index=&lt;optimized out&gt;, argv=0x0\) at kernel/qobject.cpp:3278
\#17 0x00000035e4f708d9 in QObject::event \(this=0x1ad3ec0, e=&lt;optimized out&gt;\) at kernel/qobject.cpp:1181
\#18 0x0000003c069b9324 in notify\_helper \(e=0x7fff31bfbd10, receiver=0x1ad3ec0, this=0xe23e30\) at kernel/qapplication.cpp:4481
\#19 QApplicationPrivate::notify\_helper \(this=0xe23e30, receiver=0x1ad3ec0, e=0x7fff31bfbd10\) at kernel/qapplication.cpp:4453
\#20 0x0000003c069be1b1 in QApplication::notify \(this=0x7fff31bfc050, receiver=0x1ad3ec0, e=0x7fff31bfbd10\) at kernel/qapplication.cpp:4360
\#21 0x0000003c056431c6 in KApplication::notify\(QObject\*, QEvent\*\) \(\) from /usr/lib64/libkdeui.so.5
\#22 0x00000035e4f5a20c in QCoreApplication::notifyInternal \(this=0x7fff31bfc050, receiver=0x1ad3ec0, event=0x7fff31bfbd10\) at kernel/qcoreapplication.cpp:787
\#23 0x00000035e4f86c02 in sendEvent \(event=0x7fff31bfbd10, receiver=&lt;optimized out&gt;\) at kernel/qcoreapplication.h:215
\#24 QTimerInfoList::activateTimers \(this=0xe279e0\) at kernel/qeventdispatcher\_unix.cpp:603
\#25 0x00000035e4f84444 in timerSourceDispatch \(source=&lt;optimized out&gt;\) at kernel/qeventdispatcher\_glib.cpp:184
\#26 0x00000035df6427ed in g\_main\_dispatch \(context=0xe274e0\) at gmain.c:2441
\#27 g\_main\_context\_dispatch \(context=0xe274e0\) at gmain.c:3014
\#28 0x00000035df642fc8 in g\_main\_context\_iterate \(context=0xe274e0, block=&lt;optimized out&gt;, dispatch=1, self=&lt;optimized out&gt;\) at gmain.c:3092
\#29 0x00000035df64325c in g\_main\_context\_iteration \(context=0xe274e0, may\_block=1\) at gmain.c:3155
\#30 0x00000035e4f84dcf in QEventDispatcherGlib::processEvents \(this=0xe234d0, flags=&lt;optimized out&gt;\) at kernel/qeventdispatcher\_glib.cpp:422
\#31 0x0000003c06a5c12e in QGuiEventDispatcherGlib::processEvents \(this=&lt;optimized out&gt;, flags=&lt;optimized out&gt;\) at kernel/qguieventdispatcher\_glib.cpp:207
\#32 0x00000035e4f59722 in QEventLoop::processEvents \(this=&lt;optimized out&gt;, flags=...\) at kernel/qeventloop.cpp:149
\#33 0x00000035e4f5991f in QEventLoop::exec \(this=0x7fff31bfbfa0, flags=...\) at kernel/qeventloop.cpp:201
\#34 0x00000035e4f5da67 in QCoreApplication::exec \(\) at kernel/qcoreapplication.cpp:1064
\#35 0x0000000000433154 in main \(argc=&lt;optimized out&gt;, argv=&lt;optimized out&gt;\) at /home/milan/Dev/RKWard/rkward/rkward/main.cpp:177
Comment 1 RKWard Team 2011-11-04 11:48:06 UTC
-- Originally posted by (AT sourceforge.net): nalimilan --
Full gdb stacktrace
-- Created an attachment --
Comment 2 RKWard Team 2011-11-04 11:56:19 UTC
-- Originally posted by (AT sourceforge.net): nalimilan --
- **milestone**:  --> CRASH
Comment 3 Thomas Friedrichsmeier 2011-11-04 18:17:37 UTC
Hi\!

One potential scenario that could possibly lead to a crash with this backtrace is this: An object, which is part of a current completion list is being deleted, while the completion list is shown. At least theoretically, that could lead to a crash. But I'm not quite sure this can be achieved in practice. Anyway, does that sound like it might have happened?

I'll look into adding some safety mechanism for this case.

Regards
Thomas
Comment 4 Thomas Friedrichsmeier 2011-11-04 18:17:37 UTC
- **assigned_to**: nobody --> tfry
Comment 5 RKWard Team 2011-11-04 18:26:13 UTC
-- Originally posted by (AT sourceforge.net): nalimilan --
No, I hadn't removed any object, at least not for about one minute. I was working on code that replaced a matrix, but the matrix already existed.
Comment 6 Thomas Friedrichsmeier 2011-11-04 18:44:38 UTC
&gt; No, I hadn't removed any object, at least not for about one minute. I was
&gt; working on code that replaced a matrix, but the matrix already existed.

Well, it \*could\* still have been the issue, if the matrix has any names on it, and those names were in the completion list, and some of the changed...

Anyway, I have committed a fix for the theoretical scenario I described in SVN. This may or may not have been the source of the problem, but the code in RKCodeCompletionModel::data\(\) is very straight-forward, now, and I can't see any way it could crash \(at least not as long as the katepart calls the function with anything even remotely valid\).

So I think, it's safe to mark this as fixed. However, if you ever run into this again, or you have any more ideas on what exactly might have led to the crash, then please let me know.

Regards
Thomas

Comment 7 Thomas Friedrichsmeier 2011-11-04 18:44:38 UTC
- **summary**: Crashed while typing text --> FIXED IN SVN: Crashed while typing text
- **status**: open --> open-fixed
Comment 8 RKWard Team 2011-11-17 09:37:14 UTC
-- Originally posted by (AT sourceforge.net): nalimilan --
I've triggered this crash again today while replacing text in three scripts. I'm not sure of the SVN revision since I updated my copy without installing it, but the installed version dates back to the end of last week at least. Is the fix supposed to be present?

Dumping the new trace here:
Application: RKWard \(rkward.frontend\), signal: Segmentation fault
82	T\_PSEUDO \(SYSCALL\_SYMBOL, SYSCALL\_NAME, SYSCALL\_NARGS\)
\[Current thread is 1 \(Thread 0x7f8ce38f5840 \(LWP 21495\)\)\]

Thread 4 \(Thread 0x7f8cdc88a700 \(LWP 21500\)\):
\#0  0x00000035dd6d7423 in \_\_GI\_\_\_poll \(fds=&lt;optimized out&gt;, nfds=&lt;optimized out&gt;, timeout=&lt;optimized out&gt;\) at ../sysdeps/unix/sysv/linux/poll.c:87
\#1  0x00000035df642d24 in g\_main\_context\_poll \(n\_fds=1, fds=0x7f8cd8001110, priority=&lt;optimized out&gt;, timeout=-1, context=0xaa0b30\) at gmain.c:3405
\#2  g\_main\_context\_iterate \(context=0xaa0b30, block=&lt;optimized out&gt;, dispatch=1, self=&lt;optimized out&gt;\) at gmain.c:3087
\#3  0x00000035df64360d in g\_main\_loop\_run \(loop=0xaa0b10\) at gmain.c:3300
\#4  0x00007f8cdcbb0564 in gdbus\_shared\_thread\_func \(data=&lt;optimized out&gt;\) at gdbusprivate.c:276
\#5  0x00000035df6683a6 in g\_thread\_create\_proxy \(data=0xaa0c20\) at gthread.c:1955
\#6  0x00000035dde07b31 in start\_thread \(arg=0x7f8cdc88a700\) at pthread\_create.c:305
\#7  0x00000035dd6dfd2d in clone \(\) at ../sysdeps/unix/sysv/linux/x86\_64/clone.S:115

Thread 3 \(Thread 0x7f8ccf3ec700 \(LWP 21501\)\):
\#0  0xffffffffff60010a in ?? \(\)
\#1  0x00007f8ccf3eb7d0 in ?? \(\)
\#2  0x00007ffff41e06e2 in ?? \(\)
Backtrace stopped: previous frame identical to this frame \(corrupt stack?\)

Thread 2 \(Thread 0x7f8ccd907700 \(LWP 21505\)\):
\#0  pthread\_cond\_wait@@GLIBC\_2.3.2 \(\) at ../nptl/sysdeps/unix/sysv/linux/x86\_64/pthread\_cond\_wait.S:165
\#1  0x0000003958d84d62 in QTWTF::TCMalloc\_PageHeap::scavengerThread \(this=0x395907dc20\) at ../3rdparty/javascriptcore/JavaScriptCore/wtf/FastMalloc.cpp:2359
\#2  0x0000003958d84d99 in QTWTF::TCMalloc\_PageHeap::runScavengerThread \(context=&lt;optimized out&gt;\) at ../3rdparty/javascriptcore/JavaScriptCore/wtf/FastMalloc.cpp:1464
\#3  0x00000035dde07b31 in start\_thread \(arg=0x7f8ccd907700\) at pthread\_create.c:305
\#4  0x00000035dd6dfd2d in clone \(\) at ../sysdeps/unix/sysv/linux/x86\_64/clone.S:115

Thread 1 \(Thread 0x7f8ce38f5840 \(LWP 21495\)\):
\[KCrash Handler\]
\#6  0x000000000044509d in RKCodeCompletionModel::data \(this=&lt;optimized out&gt;, index=&lt;optimized out&gt;, role=0\) at /home/milan/Dev/rkward\_trunk/rkward/rkward/windows/rkcommandeditorwindow.cpp:1027
\#7  0x00007f8ccde0aad7 in KateCompletionModel::Item::Item\(bool, KateCompletionModel\*, HierarchicalModelHandler const&, QPair&lt;KTextEditor::CodeCompletionModel\*, QModelIndex&gt;\) \(\) from /usr/lib64/libkatepartinterfaces.so.4
\#8  0x00007f8ccde0efd2 in KateCompletionModel::createItem\(HierarchicalModelHandler const&, QModelIndex const&, bool\) \(\) from /usr/lib64/libkatepartinterfaces.so.4
\#9  0x00007f8ccde0fe33 in KateCompletionModel::createItems\(HierarchicalModelHandler const&, QModelIndex const&, bool\) \(\) from /usr/lib64/libkatepartinterfaces.so.4
\#10 0x00007f8ccde13018 in KateCompletionModel::createGroups\(\) \(\) from /usr/lib64/libkatepartinterfaces.so.4
\#11 0x00007f8ccde134f4 in KateCompletionModel::setCompletionModels\(QList&lt;KTextEditor::CodeCompletionModel\*&gt; const&\) \(\) from /usr/lib64/libkatepartinterfaces.so.4
\#12 0x00007f8ccde029b1 in KateCompletionWidget::startCompletion\(KTextEditor::Range const&, QList&lt;KTextEditor::CodeCompletionModel\*&gt; const&, KTextEditor::CodeCompletionModel::InvocationType\) \(\) from /usr/lib64/libkatepartinterfaces.so.4
\#13 0x00007f8ccde04198 in KateCompletionWidget::startCompletion\(KTextEditor::Range const&, KTextEditor::CodeCompletionModel\*, KTextEditor::CodeCompletionModel::InvocationType\) \(\) from /usr/lib64/libkatepartinterfaces.so.4
\#14 0x000000000044bc57 in RKCommandEditorWindow::tryCompletion \(this=0x241f540\) at /home/milan/Dev/rkward\_trunk/rkward/rkward/windows/rkcommandeditorwindow.cpp:591
\#15 0x000000000044d7da in RKCommandEditorWindow::qt\_metacall \(this=0x241f540, \_c=QMetaObject::InvokeMetaMethod, \_id=&lt;optimized out&gt;, \_a=0x7ffff40fb820\) at /home/milan/Dev/rkward\_trunk/rkward/build/rkward/windows/rkcommandeditorwindow.moc:234
\#16 0x000000395096d59a in QMetaObject::activate\(QObject\*, QMetaObject const\*, int, void\*\*\) \(\) from /usr/lib64/libQtCore.so.4
\#17 0x0000003950970e89 in QObject::event\(QEvent\*\) \(\) from /usr/lib64/libQtCore.so.4
\#18 0x00000039541bcc64 in QApplicationPrivate::notify\_helper\(QObject\*, QEvent\*\) \(\) from /usr/lib64/libQtGui.so.4
\#19 0x00000039541c1af1 in QApplication::notify\(QObject\*, QEvent\*\) \(\) from /usr/lib64/libQtGui.so.4
\#20 0x00000039532431c6 in KApplication::notify\(QObject\*, QEvent\*\) \(\) from /usr/lib64/libkdeui.so.5
\#21 0x000000395095a8dc in QCoreApplication::notifyInternal\(QObject\*, QEvent\*\) \(\) from /usr/lib64/libQtCore.so.4
\#22 0x0000003950987192 in ?? \(\) from /usr/lib64/libQtCore.so.4
\#23 0x0000003950984a18 in ?? \(\) from /usr/lib64/libQtCore.so.4
\#24 0x00000035df6427ed in g\_main\_dispatch \(context=0xa520e0\) at gmain.c:2441
\#25 g\_main\_context\_dispatch \(context=0xa520e0\) at gmain.c:3014
\#26 0x00000035df642fc8 in g\_main\_context\_iterate \(context=0xa520e0, block=&lt;optimized out&gt;, dispatch=1, self=&lt;optimized out&gt;\) at gmain.c:3092
\#27 0x00000035df64325c in g\_main\_context\_iteration \(context=0xa520e0, may\_block=1\) at gmain.c:3155
\#28 0x000000395098537f in QEventDispatcherGlib::processEvents\(QFlags&lt;QEventLoop::ProcessEventsFlag&gt;\) \(\) from /usr/lib64/libQtCore.so.4
\#29 0x000000395425fc0e in ?? \(\) from /usr/lib64/libQtGui.so.4
\#30 0x0000003950959df2 in QEventLoop::processEvents\(QFlags&lt;QEventLoop::ProcessEventsFlag&gt;\) \(\) from /usr/lib64/libQtCore.so.4
\#31 0x0000003950959fef in QEventLoop::exec\(QFlags&lt;QEventLoop::ProcessEventsFlag&gt;\) \(\) from /usr/lib64/libQtCore.so.4
\#32 0x000000395095e107 in QCoreApplication::exec\(\) \(\) from /usr/lib64/libQtCore.so.4
\#33 0x0000000000433694 in main \(argc=&lt;optimized out&gt;, argv=&lt;optimized out&gt;\) at /home/milan/Dev/rkward\_trunk/rkward/rkward/main.cpp:178
Comment 9 Thomas Friedrichsmeier 2011-11-17 16:33:44 UTC
Hi\!

In the latest revision of rkcommandeditorwindow.cpp \(r4021, November 7\), line 1027 is not inside RKCodeCompletionModel::data \(\). So the backtrace can't be from that version. The revision where I think I have fixed the crash was r4017 from November 4. Here, line 1027 is inside the function, but that is very unlikely to trigger a crash \(unless memory is thrashed\). The previous unfix revision was r4008, October 28. Here, line 1027 is inside the function, and it is exactly the line where a crash is to be expected, if my analysis of the cause of the problem was correct.

So, you were definitely running a version from before November 7. And my guess is that you were running version without the commit in question \(before November 4\), indeed.

Regards
Thomas
Comment 10 RKWard Team 2011-11-17 16:47:54 UTC
-- Originally posted by (AT sourceforge.net): nalimilan --
OK, sorry, I wonder how I got so confused. I'll install the new revision, and report if it ever happens again.
Comment 11 Thomas Friedrichsmeier 2012-11-21 12:08:49 UTC
- **status**: open-fixed --> closed-fixed