Bug 391955

Summary: Random crash while typing [KateCompletionDelegate::createHighlighting, KateCompletionModel::data]
Product: [Frameworks and Libraries] frameworks-ktexteditor Reporter: mujjingun <mujjingun>
Component: generalAssignee: KWrite Developers <kwrite-bugs-null>
Status: RESOLVED FIXED    
Severity: crash CC: hein, kde, simonandric5
Priority: NOR Keywords: drkonqi
Version: unspecified   
Target Milestone: ---   
Platform: Neon   
OS: Linux   
Latest Commit: https://commits.kde.org/ktexteditor/7f3d9e774129618dfb9fd871d5d5c8fbb66b4d9a Version Fixed In:
Sentry Crash Report:

Description mujjingun@gmail.com 2018-03-17 08:25:09 UTC 
Application: kate (18.03.70)

Qt Version: 5.10.0
Frameworks Version: 5.45.0
Operating System: Linux 4.13.0-37-generic x86_64
Distribution: KDE neon Developer Edition

-- Information about the crash:
- What I was doing when the application crashed: I was typing plain text, while it randomly crashed. It repeatedly crashed itself when i restarted it.

The crash can be reproduced sometimes.

-- Backtrace:
Application: Kate (kate), signal: Segmentation fault
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
[Current thread is 1 (Thread 0x7f1625ed5900 (LWP 8091))]

Thread 2 (Thread 0x7f1604c3d700 (LWP 8093)):
#0  0x00007f16205d727d in read () at ../sysdeps/unix/syscall-template.S:84
#1  0x00007f161a5b56f0 in ?? () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#2  0x00007f161a571e74 in g_main_context_check () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#3  0x00007f161a572330 in ?? () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#4  0x00007f161a57249c in g_main_context_iteration () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#5  0x00007f16212175cb in QEventDispatcherGlib::processEvents (this=0x7f16000008c0, flags=...) at kernel/qeventdispatcher_glib.cpp:425
#6  0x00007f16211be64a in QEventLoop::exec (this=this@entry=0x7f1604c3cc90, flags=..., flags@entry=...) at kernel/qeventloop.cpp:212
#7  0x00007f1620fde554 in QThread::exec (this=<optimized out>) at thread/qthread.cpp:522
#8  0x00007f162163a2c5 in ?? () from /usr/lib/x86_64-linux-gnu/libQt5DBus.so.5
#9  0x00007f1620fe36eb in QThreadPrivate::start (arg=0x7f16218aed60) at thread/qthread_unix.cpp:376
#10 0x00007f161c4536ba in start_thread (arg=0x7f1604c3d700) at pthread_create.c:333
#11 0x00007f16205e741d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:109

Thread 1 (Thread 0x7f1625ed5900 (LWP 8091)):
[KCrash Handler]
#6  std::__atomic_base<int>::load (__m=std::memory_order_relaxed, this=0x0) at /usr/include/c++/5/bits/atomic_base.h:396
#7  QAtomicOps<int>::load<int> (_q_value=...) at /usr/include/x86_64-linux-gnu/qt5/QtCore/qatomic_cxx11.h:227
#8  QBasicAtomicInteger<int>::load (this=0x0) at /usr/include/x86_64-linux-gnu/qt5/QtCore/qbasicatomic.h:102
#9  QtPrivate::RefCount::ref (this=0x0) at /usr/include/x86_64-linux-gnu/qt5/QtCore/qrefcount.h:55
#10 0x00007f16258ce547 in QList<int>::QList (this=0x7ffc6a9fe6f0, l=...) at /usr/include/x86_64-linux-gnu/qt5/QtCore/qlist.h:809
#11 0x00007f16258ce649 in QtPrivate::QForeachContainer<QList<int> >::QForeachContainer (this=0x7ffc6a9fe6f0, t=...) at /usr/include/x86_64-linux-gnu/qt5/QtCore/qglobal.h:951
#12 0x00007f16258cae10 in QtPrivate::qMakeForeachContainer<QList<int> const&> (t=...) at /usr/include/x86_64-linux-gnu/qt5/QtCore/qglobal.h:979
#13 KateCompletionModel::data (this=0x2c85520, index=..., role=260) at /workspace/build/src/completion/katecompletionmodel.cpp:244
#14 0x00007f16258dbdfc in KateCompletionDelegate::createHighlighting (this=0x2c93370, index=..., option=...) at /workspace/build/src/completion/katecompletiondelegate.cpp:86
#15 0x00007f16258e515f in ExpandingDelegate::paint (this=0x2c93370, painter=0x7ffc6a9fef10, optionOld=..., index=...) at /workspace/build/src/completion/expandingtree/expandingdelegate.cpp:108
#16 0x00007f162290cdf2 in QTreeView::drawRow (this=this@entry=0x2c85b90, painter=painter@entry=0x7ffc6a9fef10, option=..., index=...) at itemviews/qtreeview.cpp:1760
#17 0x00007f16258e56d2 in ExpandingTree::drawRow (this=0x2c85b90, painter=0x7ffc6a9fef10, option=..., index=...) at /workspace/build/src/completion/expandingtree/expandingtree.cpp:38
#18 0x00007f1622912447 in QTreeView::drawTree (this=this@entry=0x2c85b90, painter=painter@entry=0x7ffc6a9fef10, region=...) at itemviews/qtreeview.cpp:1501
#19 0x00007f1622916d96 in QTreeView::paintEvent (this=0x2c85b90, event=0x7ffc6a9ff4d0) at itemviews/qtreeview.cpp:1330
#20 0x00007f1622697f88 in QWidget::event (this=this@entry=0x2c85b90, event=event@entry=0x7ffc6a9ff4d0) at kernel/qwidget.cpp:9197
#21 0x00007f162273d95e in QFrame::event (this=0x2c85b90, e=0x7ffc6a9ff4d0) at widgets/qframe.cpp:550
#22 0x00007f16228ae703 in QAbstractItemView::viewportEvent (this=this@entry=0x2c85b90, event=event@entry=0x7ffc6a9ff4d0) at itemviews/qabstractitemview.cpp:1748
#23 0x00007f1622917c2c in QTreeView::viewportEvent (this=0x2c85b90, event=0x7ffc6a9ff4d0) at itemviews/qtreeview.cpp:1312
#24 0x00007f16211c0132 in QCoreApplicationPrivate::sendThroughObjectEventFilters (receiver=receiver@entry=0x2c861c0, event=event@entry=0x7ffc6a9ff4d0) at kernel/qcoreapplication.cpp:1170
#25 0x00007f1622658aa5 in QApplicationPrivate::notify_helper (this=<optimized out>, receiver=0x2c861c0, e=0x7ffc6a9ff4d0) at kernel/qapplication.cpp:3728
#26 0x00007f1622660417 in QApplication::notify (this=0x7ffc6aa00670, receiver=0x2c861c0, e=0x7ffc6a9ff4d0) at kernel/qapplication.cpp:3491
#27 0x00007f16211c03c8 in QCoreApplication::notifyInternal2 (receiver=receiver@entry=0x2c861c0, event=event@entry=0x7ffc6a9ff4d0) at kernel/qcoreapplication.cpp:1044
#28 0x00007f1622690a1a in QCoreApplication::sendSpontaneousEvent (event=0x7ffc6a9ff4d0, receiver=<optimized out>) at ../../include/QtCore/../../src/corelib/kernel/qcoreapplication.h:237
#29 QWidgetPrivate::sendPaintEvent (this=this@entry=0x2c86200, toBePainted=...) at kernel/qwidget.cpp:5687
#30 0x00007f1622691122 in QWidgetPrivate::drawWidget (this=this@entry=0x2c86200, pdev=pdev@entry=0x2e09900, rgn=..., offset=..., flags=flags@entry=4, sharedPainter=sharedPainter@entry=0x0, backingStore=0x2e0a280) at kernel/qwidget.cpp:5627
#31 0x00007f1622691eac in QWidgetPrivate::paintSiblingsRecursive (this=this@entry=0x2c85bf0, pdev=pdev@entry=0x2e09900, siblings=..., index=<optimized out>, rgn=..., offset=..., flags=4, sharedPainter=0x0, backingStore=0x2e0a280) at kernel/qwidget.cpp:5822
#32 0x00007f1622690bd1 in QWidgetPrivate::drawWidget (this=this@entry=0x2c85bf0, pdev=pdev@entry=0x2e09900, rgn=..., offset=..., flags=flags@entry=4, sharedPainter=sharedPainter@entry=0x0, backingStore=0x2e0a280) at kernel/qwidget.cpp:5679
#33 0x00007f1622691eac in QWidgetPrivate::paintSiblingsRecursive (this=this@entry=0x2c852f0, pdev=pdev@entry=0x2e09900, siblings=..., index=<optimized out>, rgn=..., offset=..., flags=4, sharedPainter=0x0, backingStore=0x2e0a280) at kernel/qwidget.cpp:5822
#34 0x00007f1622690bd1 in QWidgetPrivate::drawWidget (this=0x2c852f0, pdev=0x2e09900, rgn=..., offset=..., flags=flags@entry=5, sharedPainter=sharedPainter@entry=0x0, backingStore=0x2e0a280) at kernel/qwidget.cpp:5679
#35 0x00007f16226688cb in QWidgetBackingStore::doSync (this=this@entry=0x2e0a280) at kernel/qwidgetbackingstore.cpp:1375
#36 0x00007f1622669025 in QWidgetBackingStore::sync (this=0x2e0a280, exposedWidget=0x2c85200, exposedRegion=...) at kernel/qwidgetbackingstore.cpp:1130
#37 0x00007f162267fe4f in QWidgetPrivate::syncBackingStore (this=this@entry=0x2c852f0, region=...) at kernel/qwidget.cpp:1968
#38 0x00007f16226b3f2c in QWidgetWindow::handleExposeEvent (this=this@entry=0x2e0a5a0, event=event@entry=0x7ffc6aa001f0) at kernel/qwidgetwindow.cpp:957
#39 0x00007f16226b49ab in QWidgetWindow::event (this=0x2e0a5a0, event=0x7ffc6aa001f0) at kernel/qwidgetwindow.cpp:318
#40 0x00007f1622658acc in QApplicationPrivate::notify_helper (this=<optimized out>, receiver=0x2e0a5a0, e=0x7ffc6aa001f0) at kernel/qapplication.cpp:3732
#41 0x00007f1622660417 in QApplication::notify (this=0x7ffc6aa00670, receiver=0x2e0a5a0, e=0x7ffc6aa001f0) at kernel/qapplication.cpp:3491
#42 0x00007f16211c03c8 in QCoreApplication::notifyInternal2 (receiver=receiver@entry=0x2e0a5a0, event=event@entry=0x7ffc6aa001f0) at kernel/qcoreapplication.cpp:1044
#43 0x00007f1621eb228d in QCoreApplication::sendSpontaneousEvent (event=0x7ffc6aa001f0, receiver=0x2e0a5a0) at ../../include/QtCore/../../src/corelib/kernel/qcoreapplication.h:237
#44 QGuiApplicationPrivate::processExposeEvent (e=0x2b43250) at kernel/qguiapplication.cpp:2880
#45 0x00007f1621eb2ebd in QGuiApplicationPrivate::processWindowSystemEvent (e=e@entry=0x2b43250) at kernel/qguiapplication.cpp:1803
#46 0x00007f1621e8c8fb in QWindowSystemInterface::sendWindowSystemEvents (flags=...) at kernel/qwindowsysteminterface.cpp:976
#47 0x00007f161041f1ab in QPAEventDispatcherGlib::processEvents (this=0x25ea170, flags=...) at qeventdispatcher_glib.cpp:70
#48 0x00007f16211be64a in QEventLoop::exec (this=this@entry=0x7ffc6aa003a0, flags=..., flags@entry=...) at kernel/qeventloop.cpp:212
#49 0x00007f16211c7854 in QCoreApplication::exec () at kernel/qcoreapplication.cpp:1332
#50 0x00007f1621ea883c in QGuiApplication::exec () at kernel/qguiapplication.cpp:1687
#51 0x00007f1622658a25 in QApplication::exec () at kernel/qapplication.cpp:2917
#52 0x0000000000428a0c in main (argc=3, argv=<optimized out>) at /workspace/build/kate/main.cpp:583

Possible duplicates by query: bug 384419, bug 381329, bug 372712.

Reported using DrKonqi
Comment 1 Eike Hein 2018-03-17 08:30:51 UTC 
Which file type were you editing / what options are active under Mode and Highlighting in the Tools menu? This crash is in the completion model, so the contents of the model can be subject to document-specific state.
Comment 2 mujjingun@gmail.com 2018-03-17 08:32:42 UTC 
After some more experimenting, I found a way to consistently reproduce the crash:

1. open Kate
2. type "experiment" on the first line and hit enter
3. on the second line, type "experi" and hit backspace
4. program crashes.
Comment 3 mujjingun@gmail.com 2018-03-17 08:33:33 UTC 
(In reply to Eike Hein from comment #1)
> Which file type were you editing / what options are active under Mode and
> Highlighting in the Tools menu? This crash is in the completion model, so
> the contents of the model can be subject to document-specific state.

it's the initial "None" mode.
Comment 4 Eike Hein 2018-03-17 08:41:45 UTC 
I can reproduce this crash with the steps in comment #2.

Interestingly I couldn't reproduce it at first with builds of ktexteditor and Kate that were about two weeks older than $HEAD, which means this is a recent regression and should be easy to bisect.
Comment 5 Eike Hein 2018-03-17 08:53:50 UTC 
git bisect suggests it's probably due to 92e21fb03b7fd01eab6fd6f4a116b849cb93ef9e in ktexteditor.git, derived from:

https://phabricator.kde.org/D11278

CC'ing Kai.
Comment 6 Christoph Cullmann 2018-03-18 12:34:38 UTC 
Git commit 7f3d9e774129618dfb9fd871d5d5c8fbb66b4d9a by Christoph Cullmann.
Committed on 18/03/2018 at 12:33.
Pushed by cullmann into branch 'master'.

Revert "[KateCompletionWidget] Create configuration interface on demand"

This reverts commit 92e21fb03b7fd01eab6fd6f4a116b849cb93ef9e.

KateCompletionConfig construction seems to have some side-effects that are necessary
(e.g. initial config loading)

M  +1    -5    src/completion/katecompletionwidget.cpp

https://commits.kde.org/ktexteditor/7f3d9e774129618dfb9fd871d5d5c8fbb66b4d9a