Bug 381080

Summary: Crash when replacing new lines with spaces
Product: [Applications] kate Reporter: John Salatas <jsalatas>
Component: generalAssignee: KWrite Developers <kwrite-bugs-null>
Status: RESOLVED FIXED    
Severity: crash CC: kdebugs, nate, samjnaa, simonandric5
Priority: NOR Keywords: drkonqi
Version: 17.04.2   
Target Milestone: ---   
Platform: Ubuntu   
OS: Linux   
Latest Commit: https://commits.kde.org/ktexteditor/c90064799dfb9afa7e5da20eb15856f486a171a3 Version Fixed In: 5.50
Sentry Crash Report:

Description John Salatas 2017-06-10 22:08:39 UTC 
Application: kate (17.04.2)

Qt Version: 5.7.1
Frameworks Version: 5.34.0
Operating System: Linux 4.8.0-54-generic x86_64
Distribution: KDE neon User Edition 5.10

-- Information about the crash:
- What I was doing when the application crashed:

Seems to happen everytime. Steps to reproduce
1) open kate and type type some lines of text, eg 
a
b
c
d

2) Press CTRL + R  to replace \n (new lines) with a single space and select mode "Escape Sequences"

3) Press ALT + A to replace all occurences

4) Press ESC to close the replace dialog 

5) Press the UP_ARROW 

Kate crashes

The crash can be reproduced sometimes.

-- Backtrace:
Application: Kate (kate), signal: Segmentation fault
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
[Current thread is 1 (Thread 0x7f838a14e8c0 (LWP 6240))]

Thread 2 (Thread 0x7f837e3b0700 (LWP 6242)):
#0  0x00007f8392968a28 in g_main_context_prepare () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#1  0x00007f83929692bb in ?? () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#2  0x00007f839296949c in g_main_context_iteration () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#3  0x00007f839853075b in QEventDispatcherGlib::processEvents (this=0x7f83780008c0, flags=...) at kernel/qeventdispatcher_glib.cpp:425
#4  0x00007f83984db0ba in QEventLoop::exec (this=this@entry=0x7f837e3afcd0, flags=..., flags@entry=...) at kernel/qeventloop.cpp:212
#5  0x00007f839830af64 in QThread::exec (this=<optimized out>) at thread/qthread.cpp:507
#6  0x00007f839c6a8735 in ?? () from /usr/lib/x86_64-linux-gnu/libQt5DBus.so.5
#7  0x00007f839830fb48 in QThreadPrivate::start (arg=0x7f839c71cd60) at thread/qthread_unix.cpp:368
#8  0x00007f8394a546ba in start_thread (arg=0x7f837e3b0700) at pthread_create.c:333
#9  0x00007f839791382d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:109

Thread 1 (Thread 0x7f838a14e8c0 (LWP 6240)):
[KCrash Handler]
#6  KateLineLayout::viewLineCount (this=<optimized out>) at /workspace/build/src/render/katelinelayout.cpp:178
#7  KateLineLayout::viewLine (this=0x0, viewLine=viewLine@entry=-1) at /workspace/build/src/render/katelinelayout.cpp:184
#8  0x00007f839c145456 in KateLayoutCache::textLayout (this=<optimized out>, realLine=<optimized out>, _viewLine=_viewLine@entry=-1) at /workspace/build/src/render/katelayoutcache.cpp:368
#9  0x00007f839c18bdab in KateViewInternal::previousLayout (this=this@entry=0x1c143f0) at /workspace/build/src/view/kateviewinternal.cpp:1361
#10 0x00007f839c190b41 in KateViewInternal::cursorUp (this=0x1c143f0, sel=sel@entry=false) at /workspace/build/src/view/kateviewinternal.cpp:1543
#11 0x00007f839c1774fe in KTextEditor::ViewPrivate::up (this=<optimized out>) at /workspace/build/src/view/kateview.cpp:2836
#12 0x00007f839c273e08 in KTextEditor::ViewPrivate::qt_static_metacall (_o=<optimized out>, _c=<optimized out>, _id=<optimized out>, _a=<optimized out>) at /workspace/build/obj-x86_64-linux-gnu/src/moc_kateview.cpp:680
#13 0x00007f8398507e89 in QMetaObject::activate (sender=sender@entry=0x1cfebf0, signalOffset=<optimized out>, local_signal_index=local_signal_index@entry=1, argv=argv@entry=0x7ffc973517c0) at kernel/qobject.cpp:3740
#14 0x00007f8398508837 in QMetaObject::activate (sender=sender@entry=0x1cfebf0, m=m@entry=0x7f839975de60 <QAction::staticMetaObject>, local_signal_index=local_signal_index@entry=1, argv=argv@entry=0x7ffc973517c0) at kernel/qobject.cpp:3602
#15 0x00007f8399282552 in QAction::triggered (this=this@entry=0x1cfebf0, _t1=false) at .moc/moc_qaction.cpp:369
#16 0x00007f8399284ec0 in QAction::activate (this=0x1cfebf0, event=<optimized out>) at kernel/qaction.cpp:1170
#17 0x00007f8399285834 in QAction::event (this=<optimized out>, e=<optimized out>) at kernel/qaction.cpp:1098
#18 0x00007f8399288ecc in QApplicationPrivate::notify_helper (this=<optimized out>, receiver=0x1cfebf0, e=0x7ffc97351a90) at kernel/qapplication.cpp:3799
#19 0x00007f83992908c6 in QApplication::notify (this=0x7ffc973521c0, receiver=0x1cfebf0, e=0x7ffc97351a90) at kernel/qapplication.cpp:3556
#20 0x00007f83984dd0c8 in QCoreApplication::notifyInternal2 (receiver=0x1cfebf0, event=event@entry=0x7ffc97351a90) at kernel/qcoreapplication.cpp:988
#21 0x00007f8398d1a016 in QCoreApplication::sendEvent (event=0x7ffc97351a90, receiver=<optimized out>) at ../../include/QtCore/../../src/corelib/kernel/qcoreapplication.h:231
#22 QShortcutMap::dispatchEvent (this=this@entry=0x16ae158, e=e@entry=0x7ffc97351b40) at kernel/qshortcutmap.cpp:674
#23 0x00007f8398d1a0c9 in QShortcutMap::tryShortcut (this=this@entry=0x16ae158, e=e@entry=0x7ffc97351b40) at kernel/qshortcutmap.cpp:351
#24 0x00007f8398cd2966 in QWindowSystemInterface::handleShortcutEvent (window=<optimized out>, window@entry=0x1dbf770, timestamp=<optimized out>, keyCode=16777235, modifiers=..., nativeScanCode=111, nativeVirtualKey=65362, nativeModifiers=16, text=..., autorepeat=false, count=1) at kernel/qwindowsysteminterface.cpp:235
#25 0x00007f8398cea0d4 in QGuiApplicationPrivate::processKeyEvent (e=0x2419d10) at kernel/qguiapplication.cpp:2002
#26 0x00007f8398cef485 in QGuiApplicationPrivate::processWindowSystemEvent (e=e@entry=0x2419d10) at kernel/qguiapplication.cpp:1693
#27 0x00007f8398ccd32b in QWindowSystemInterface::sendWindowSystemEvents (flags=...) at kernel/qwindowsysteminterface.cpp:659
#28 0x00007f8389dab270 in userEventSourceDispatch (source=<optimized out>) at eventdispatchers/qeventdispatcher_glib.cpp:76
#29 0x00007f8392969197 in g_main_context_dispatch () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#30 0x00007f83929693f0 in ?? () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#31 0x00007f839296949c in g_main_context_iteration () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#32 0x00007f839853073f in QEventDispatcherGlib::processEvents (this=0x1701660, flags=...) at kernel/qeventdispatcher_glib.cpp:423
#33 0x00007f83984db0ba in QEventLoop::exec (this=this@entry=0x7ffc97351ef0, flags=..., flags@entry=...) at kernel/qeventloop.cpp:212
#34 0x00007f83984e36cc in QCoreApplication::exec () at kernel/qcoreapplication.cpp:1261
#35 0x00007f8398ce524c in QGuiApplication::exec () at kernel/qguiapplication.cpp:1633
#36 0x00007f8399288e25 in QApplication::exec () at kernel/qapplication.cpp:2975
#37 0x00000000004283ac in main (argc=2, argv=<optimized out>) at /workspace/build/kate/main.cpp:583

Possible duplicates by query: bug 330221, bug 327174, bug 325133, bug 324468.

Reported using DrKonqi
Comment 1 Christoph Feck 2017-06-19 20:40:38 UTC 
I could reproduce with 'kwrite' but not with 'kate'.

After closing the replace bar using Esc, the statusbar still says 'Line 5', despite the cursor forcefully being moved to line 1 (the only line remaining after the replace).
Comment 2 John Salatas 2017-06-19 20:54:14 UTC 
(In reply to Christoph Feck from comment #1)
> I could reproduce with 'kwrite' but not with 'kate'.
> 
> After closing the replace bar using Esc, the statusbar still says 'Line 5',
> despite the cursor forcefully being moved to line 1 (the only line remaining
> after the replace).

It still happens to me. Please notice the following:

1) if mode is in "regular expression" it works ok (aka no crash). The crash happens only in "Escape Sequences" mode.
2) the crash happens when there at least on empty line in the end of the document. So (visualizing new line characters)
a\n
b\n
c\n
d\n
crashes

a\n
b\n
c\n
d
doesn't crash

I confirm that it also happens in kwrite as well.
Comment 3 John Salatas 2017-07-03 22:02:50 UTC 
Just created a patch review which tries to fix it 

https://phabricator.kde.org/D6473
Comment 4 Dominik Haumann 2018-08-14 13:44:15 UTC 
Confirmed, with an empty line at the end of the document.

Backtrace:
Thread 1 (Thread 0x7fc97eaec980 (LWP 8039)):
[KCrash Handler]
#9  0x00007fc978deb7d9 in qt_assert(char const*, char const*, int) () from /usr/lib64/libQt5Core.so.5
#10 0x00007fc97e4843a4 in KateViewInternal::cursorUp (this=0x11ca5f0, sel=false) at /home/dh/kde/kf5/src/frameworks/ktexteditor/src/view/kateviewinternal.cpp:1587
#11 0x00007fc97e47644a in KTextEditor::ViewPrivate::up (this=0xc3e1f0) at /home/dh/kde/kf5/src/frameworks/ktexteditor/src/view/kateview.cpp:2846

Indeed, the cursor is at an invalid text position.
Comment 6 Dominik Haumann 2018-08-14 19:57:25 UTC 
Git commit c90064799dfb9afa7e5da20eb15856f486a171a3 by Dominik Haumann.
Committed on 14/08/2018 at 16:24.
Pushed by dhaumann into branch 'master'.

Fix crash when replacing \n around empty lines

Summary:
The problem is that QString("").startsWith("") returns false.
Similarly, QString("").endsWith("") also returns false.
However, the code previously was assuming that both cases return true.

This is now fixed, and verified through unit tests.

This deprecates patch D6473

Test Plan: make && make test

Reviewers: jsalatas, ltoscano, kfunk, cullmann, anthonyfieroni, mwolff

Reviewed By: cullmann

Subscribers: kwrite-devel, kde-frameworks-devel

Tags: #kate, #frameworks

Differential Revision: https://phabricator.kde.org/D14847

M  +40   -1    autotests/src/searchbar_test.cpp
M  +3    -0    autotests/src/searchbar_test.h
M  +7    -2    src/search/kateplaintextsearch.cpp

https://commits.kde.org/ktexteditor/c90064799dfb9afa7e5da20eb15856f486a171a3
Comment 7 Dominik Haumann 2018-08-15 09:13:16 UTC 
*** Bug 394545 has been marked as a duplicate of this bug. ***
Comment 8 Dominik Haumann 2018-08-15 09:16:43 UTC 
*** Bug 386512 has been marked as a duplicate of this bug. ***
Comment 9 Dominik Haumann 2018-08-15 19:58:58 UTC 
*** Bug 365642 has been marked as a duplicate of this bug. ***