Bug 401480

Summary: SIGSEGV, Segmentation fault on open aduino file *.ino & kwrite et kate
Product: [Frameworks and Libraries] frameworks-syntax-highlighting Reporter: Martial Guex <martial.guex>
Component: frameworkAssignee: KWrite Developers <kwrite-bugs-null>
Status: RESOLVED FIXED    
Severity: critical CC: christoph, kare.sars, killermosi, martial.guex, thomas.surrel
Priority: NOR    
Version First Reported In: 5.51.0   
Target Milestone: ---   
Platform: Debian unstable   
OS: Linux   
Latest Commit: Version Fixed/Implemented In:
Sentry Crash Report:
Attachments: Custom syntax highlight for arduino making kate crash (memory protect)
Custom file for syntax highlight for arduino, it's generate an kate crash (memory protect)

Description Martial Guex 2018-11-27 18:27:09 UTC 
SUMMARY
SIGSEGV, Segmentation fault on open aduino file *.ino on kwrite et kate.

Debian sid(amd64), libkf5syntaxhighlighting5:amd64 5.51.0-1

STEPS TO REPRODUCE

1. open arduino file with kate or kwrite like https://raw.githubusercontent.com/letscontrolit/ESPEasy/mega/src/ESPEasy.ino

OBSERVED RESULT

backtrace kwrite
-----------------
Thread 1 "kwrite" received signal SIGSEGV, Segmentation fault.
0x00007ffff7c6e66a in ?? () from /usr/lib/x86_64-linux-gnu/libKF5TextEditor.so.5
(gdb) bt
#0  0x00007ffff7c6e66a in  () at /usr/lib/x86_64-linux-gnu/libKF5TextEditor.so.5
#1  0x00007ffff5d3dd19 in KSyntaxHighlighting::AbstractHighlighter::highlightLine(QString const&, KSyntaxHighlighting::State const&) () at /usr/lib/x86_64-linux-gnu/libKF5SyntaxHighlighting.so.5
#2  0x00007ffff7d43e3d in  () at /usr/lib/x86_64-linux-gnu/libKF5TextEditor.so.5
#3  0x00007ffff7ce7ba5 in KateBuffer::doHighlight(int, int, bool) () at /usr/lib/x86_64-linux-gnu/libKF5TextEditor.so.5
#4  0x00007ffff7cc84b3 in KTextEditor::DocumentPrivate::kateTextLine(int) () at /usr/lib/x86_64-linux-gnu/libKF5TextEditor.so.5
#5  0x00007ffff7d2c250 in  () at /usr/lib/x86_64-linux-gnu/libKF5TextEditor.so.5
#6  0x00007ffff7d24b9f in  () at /usr/lib/x86_64-linux-gnu/libKF5TextEditor.so.5
#7  0x00007ffff7d27a21 in  () at /usr/lib/x86_64-linux-gnu/libKF5TextEditor.so.5
#8  0x00007ffff7d2954a in  () at /usr/lib/x86_64-linux-gnu/libKF5TextEditor.so.5
#9  0x00007ffff7d63c0a in  () at /usr/lib/x86_64-linux-gnu/libKF5TextEditor.so.5
#10 0x00007ffff7d63ee4 in  () at /usr/lib/x86_64-linux-gnu/libKF5TextEditor.so.5
#11 0x00007ffff7d4cb16 in KTextEditor::ViewPrivate::updateView(bool) () at /usr/lib/x86_64-linux-gnu/libKF5TextEditor.so.5
#12 0x00007ffff7ccb464 in KTextEditor::DocumentPrivate::makeAttribs(bool) () at /usr/lib/x86_64-linux-gnu/libKF5TextEditor.so.5
#13 0x00007ffff7ccb4db in KTextEditor::DocumentPrivate::bufferHlChanged() () at /usr/lib/x86_64-linux-gnu/libKF5TextEditor.so.5
#14 0x00007ffff7ce79a9 in KateBuffer::setHighlight(int) () at /usr/lib/x86_64-linux-gnu/libKF5TextEditor.so.5
#15 0x00007ffff7cdad15 in KTextEditor::DocumentPrivate::updateFileType(QString const&, bool) () at /usr/lib/x86_64-linux-gnu/libKF5TextEditor.so.5
#16 0x00007ffff7cddf79 in KTextEditor::DocumentPrivate::openFile() () at /usr/lib/x86_64-linux-gnu/libKF5TextEditor.so.5
#17 0x00007ffff7b30a11 in  () at /usr/lib/x86_64-linux-gnu/libKF5Parts.so.5
#18 0x00007ffff7b319a6 in KParts::ReadOnlyPart::openUrl(QUrl const&) () at /usr/lib/x86_64-linux-gnu/libKF5Parts.so.5
#19 0x00007ffff7cd24e1 in KTextEditor::DocumentPrivate::openUrl(QUrl const&) () at /usr/lib/x86_64-linux-gnu/libKF5TextEditor.so.5
#20 0x000055555556138a in  ()
#21 0x0000555555563688 in  ()
#22 0x0000555555563812 in  ()
#23 0x00007ffff687028b in QMetaObject::activate(QObject*, int, int, void**) () at /usr/lib/x86_64-linux-gnu/libQt5Core.so.5
#24 0x00007ffff71b6ee2 in QAction::triggered(bool) () at /usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5
#25 0x00007ffff71b94f0 in QAction::activate(QAction::ActionEvent) () at /usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5
#26 0x00007ffff72a4c8d in  () at /usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5
#27 0x00007ffff72a4ec5 in QAbstractButton::mouseReleaseEvent(QMouseEvent*) () at /usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5
#28 0x00007ffff738ec0a in QToolButton::mouseReleaseEvent(QMouseEvent*) () at /usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5
#29 0x00007ffff71fb7c8 in QWidget::event(QEvent*) () at /usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5
#30 0x00007ffff738ecb3 in QToolButton::event(QEvent*) () at /usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5
#31 0x00007ffff71bd491 in QApplicationPrivate::notify_helper(QObject*, QEvent*) () at /usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5
#32 0x00007ffff71c4d18 in QApplication::notify(QObject*, QEvent*) () at /usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5
#33 0x00007ffff6847039 in QCoreApplication::notifyInternal2(QObject*, QEvent*) () at /usr/lib/x86_64-linux-gnu/libQt5Core.so.5
#34 0x00007ffff71c4019 in QApplicationPrivate::sendMouseEvent(QWidget*, QMouseEvent*, QWidget*, QWidget*, QWidget**, QPointer<QWidget>&, bool) () at /usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5
#35 0x00007ffff7216304 in  () at /usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5
#36 0x00007ffff7218e8e in  () at /usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5
#37 0x00007ffff71bd491 in QApplicationPrivate::notify_helper(QObject*, QEvent*) () at /usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5
#38 0x00007ffff71c4ad0 in QApplication::notify(QObject*, QEvent*) () at /usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5
#39 0x00007ffff6847039 in QCoreApplication::notifyInternal2(QObject*, QEvent*) () at /usr/lib/x86_64-linux-gnu/libQt5Core.so.5
#40 0x00007ffff6bf0b2b in QGuiApplicationPrivate::processMouseEvent(QWindowSystemInterfacePrivate::MouseEvent*) () at /usr/lib/x86_64-linux-gnu/libQt5Gui.so.5
#41 0x00007ffff6bf2a25 in QGuiApplicationPrivate::processWindowSystemEvent(QWindowSystemInterfacePrivate::WindowSystemEvent*) () at /usr/lib/x86_64-linux-gnu/libQt5Gui.so.5
#42 0x00007ffff6bccd8b in QWindowSystemInterface::sendWindowSystemEvents(QFlags<QEventLoop::ProcessEventsFlag>) () at /usr/lib/x86_64-linux-gnu/libQt5Gui.so.5
#43 0x00007ffff07fc85b in  () at /usr/lib/x86_64-linux-gnu/libQt5XcbQpa.so.5
#44 0x00007ffff6845d0b in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () at /usr/lib/x86_64-linux-gnu/libQt5Core.so.5
#45 0x00007ffff684de82 in QCoreApplication::exec() () at /usr/lib/x86_64-linux-gnu/libQt5Core.so.5
#46 0x000055555555f72c in main ()

Backtrace kate
--------------
Thread 1 "kate" received signal SIGSEGV, Segmentation fault.
0x00007ffff7c6e66a in ?? () from /usr/lib/x86_64-linux-gnu/libKF5TextEditor.so.5
(gdb) bt
#0  0x00007ffff7c6e66a in  () at /usr/lib/x86_64-linux-gnu/libKF5TextEditor.so.5
#1  0x00007ffff57bdd19 in KSyntaxHighlighting::AbstractHighlighter::highlightLine(QString const&, KSyntaxHighlighting::State const&) () at /usr/lib/x86_64-linux-gnu/libKF5SyntaxHighlighting.so.5
#2  0x00007ffff7d43e3d in  () at /usr/lib/x86_64-linux-gnu/libKF5TextEditor.so.5
#3  0x00007ffff7ce7ba5 in KateBuffer::doHighlight(int, int, bool) () at /usr/lib/x86_64-linux-gnu/libKF5TextEditor.so.5
#4  0x00007ffff7cc84b3 in KTextEditor::DocumentPrivate::kateTextLine(int) () at /usr/lib/x86_64-linux-gnu/libKF5TextEditor.so.5
#5  0x00007ffff7d54def in KTextEditor::ViewPrivate::updateFoldingConfig() () at /usr/lib/x86_64-linux-gnu/libKF5TextEditor.so.5
#6  0x00007ffff7d5518d in KTextEditor::ViewPrivate::updateConfig() () at /usr/lib/x86_64-linux-gnu/libKF5TextEditor.so.5
#7  0x00007ffff7d5a6ae in KTextEditor::ViewPrivate::ViewPrivate(KTextEditor::DocumentPrivate*, QWidget*, KTextEditor::MainWindow*) () at /usr/lib/x86_64-linux-gnu/libKF5TextEditor.so.5
#8  0x00007ffff7cd33f8 in KTextEditor::DocumentPrivate::createView(QWidget*, KTextEditor::MainWindow*) () at /usr/lib/x86_64-linux-gnu/libKF5TextEditor.so.5
#9  0x00005555555aa2fd in  ()
#10 0x00005555555a1f5d in  ()
#11 0x00005555555a3572 in  ()
#12 0x00005555555a48ad in  ()
#13 0x00005555555d0925 in  ()
#14 0x00007ffff62f028b in QMetaObject::activate(QObject*, int, int, void**) () at /usr/lib/x86_64-linux-gnu/libQt5Core.so.5
#15 0x00007ffff6da0ee2 in QAction::triggered(bool) () at /usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5
#16 0x00007ffff6da34f0 in QAction::activate(QAction::ActionEvent) () at /usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5
#17 0x00007ffff6e8ec8d in  () at /usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5
#18 0x00007ffff6e8eec5 in QAbstractButton::mouseReleaseEvent(QMouseEvent*) () at /usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5
#19 0x00007ffff6f78c0a in QToolButton::mouseReleaseEvent(QMouseEvent*) () at /usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5
#20 0x00007ffff6de57c8 in QWidget::event(QEvent*) () at /usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5
#21 0x00007ffff6f78cb3 in QToolButton::event(QEvent*) () at /usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5
#22 0x00007ffff6da7491 in QApplicationPrivate::notify_helper(QObject*, QEvent*) () at /usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5
#23 0x00007ffff6daed18 in QApplication::notify(QObject*, QEvent*) () at /usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5
#24 0x00007ffff62c7039 in QCoreApplication::notifyInternal2(QObject*, QEvent*) () at /usr/lib/x86_64-linux-gnu/libQt5Core.so.5
#25 0x00007ffff6dae019 in QApplicationPrivate::sendMouseEvent(QWidget*, QMouseEvent*, QWidget*, QWidget*, QWidget**, QPointer<QWidget>&, bool) () at /usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5
#26 0x00007ffff6e00304 in  () at /usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5
#27 0x00007ffff6e02e8e in  () at /usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5
#28 0x00007ffff6da7491 in QApplicationPrivate::notify_helper(QObject*, QEvent*) () at /usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5
#29 0x00007ffff6daead0 in QApplication::notify(QObject*, QEvent*) () at /usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5
#30 0x00007ffff62c7039 in QCoreApplication::notifyInternal2(QObject*, QEvent*) () at /usr/lib/x86_64-linux-gnu/libQt5Core.so.5
#31 0x00007ffff67dab2b in QGuiApplicationPrivate::processMouseEvent(QWindowSystemInterfacePrivate::MouseEvent*) () at /usr/lib/x86_64-linux-gnu/libQt5Gui.so.5
#32 0x00007ffff67dca25 in QGuiApplicationPrivate::processWindowSystemEvent(QWindowSystemInterfacePrivate::WindowSystemEvent*) () at /usr/lib/x86_64-linux-gnu/libQt5Gui.so.5
#33 0x00007ffff67b6d8b in QWindowSystemInterface::sendWindowSystemEvents(QFlags<QEventLoop::ProcessEventsFlag>) () at /usr/lib/x86_64-linux-gnu/libQt5Gui.so.5
#34 0x00007ffff07fb85b in  () at /usr/lib/x86_64-linux-gnu/libQt5XcbQpa.so.5
#35 0x00007ffff62c5d0b in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () at /usr/lib/x86_64-linux-gnu/libQt5Core.so.5
#36 0x00007ffff62cde82 in QCoreApplication::exec() () at /usr/lib/x86_64-linux-gnu/libQt5Core.so.5
#37 0x0000555555581a25 in  ()
#38 0x00007ffff5d3cb17 in __libc_start_main (main=0x55555557fac0, argc=1, argv=0x7fffffffe138, init=<optimized out>, fini=<optimized out>, rtld_fini=<optimized out>, stack_end=0x7fffffffe128) at ../csu/libc-start.c:310
#39 0x00005555555830ba in _start ()


EXPECTED RESULT

Open file -:)

SOFTWARE/OS VERSIONS

Linux/KDE Plasma: 5.14.3-1
Qt Version: 5.11.2

ADDITIONAL INFORMATION

None
Comment 1 Thomas Surrel 2018-11-28 08:55:52 UTC 
The example file you pointed to works fine for me in Kate and Kwrite. What synthax highlighting is active when opening the file ?
Comment 2 Martial Guex 2018-11-28 14:47:24 UTC 
Created attachment 116548 [details]
Custom syntax highlight for arduino making kate crash (memory protect)
Comment 3 Martial Guex 2018-11-28 14:50:26 UTC 
Created attachment 116549 [details]
Custom file for syntax highlight for arduino, it's generate an kate crash (memory protect)
Comment 4 Martial Guex 2018-11-28 15:02:10 UTC 
Oops -:(

I found the same custom highlight file for arduino on two folders ~ / .kde / share / apps / katepart / syntax / and / usr / share / katepart5 / syntax /.

I deleted files and the problem is gone.

I attached this file to check on your side.

Inadvertently I joined the same file twice to improve the definition so if you have a way to remove one, I did not find a way to do it.

Sorry for the inconvenience to everyone.
Comment 5 Dominik Haumann 2018-12-15 21:47:20 UTC 
This needs investigation, since if such a setup crashes KSyntaxHighlighting, possibly many users might hit this.
Comment 6 Kåre Särs 2018-12-16 16:28:56 UTC 
I also get a crash with this arduino highlight file.

I get the crash from an Q_ASSERT(format.isValid()) in KateHighlighting::applyFormat(...)

replacing the assert with an early return stops the crash, but there is no highlighting and a lot of debug messages about the broken HL file. 

As expected not returning early also results in a crash.
Comment 7 Kåre Särs 2018-12-16 16:36:43 UTC 
PS.

Adding the <!DOCTYPE> tag from isocpp.xml to the Arduino HL file also stops the crash, but there are still a bunch of debug warnings.
Comment 8 Dominik Haumann 2018-12-16 19:16:16 UTC 
Ok, that means it's missing the entities such as &separators; and &punctators;. Imo KSyntaxHighlighting should reject these files somehow... But that's tricky with lazy loading...
Comment 9 Dominik Haumann 2018-12-16 19:22:46 UTC 
Btw, adding this file to KSyntaxHighlighting, the syntax highlighting indexer says:

Error FODC0002 in file:///home/dh/kde/kf5/src/frameworks/syntax-highlighting/data/syntax/arduino.xml, at line 287, column 78: Entity 'separators' not declared.

--> KSyntaxHighlighting should somehow reject this file entirely when not compiled in as resource.
Comment 10 Kåre Särs 2018-12-21 12:49:39 UTC 
*** Bug 402421 has been marked as a duplicate of this bug. ***
Comment 11 Kåre Särs 2018-12-30 21:09:05 UTC 
*** Bug 401162 has been marked as a duplicate of this bug. ***
Comment 12 Christoph Cullmann 2019-07-13 21:56:31 UTC 
This got fixed ;=)

Don't crash on malformed syntax highlighting files

    Test Plan:
    1. Create malformed syntax highlighting file with missing end tags
    2. Place it in ~/.local/share/katepart5/syntax/
    3. Open Kate with file which uses that syntax highlighting

    Reviewers: cullmann, dhaumann

    Reviewed By: cullmann

    Subscribers: kwrite-devel, kde-frameworks-devel

    Tags: #kate, #frameworks

    Differential Revision: https://phabricator.kde.org/D19533