Bug 475687

Summary:	konsole crashes when changing input methods in ibus-typing-booster
Product:	[Applications] konsole	Reporter:	Mike FABIAN <mfabian>
Component:	general	Assignee:	Konsole Developer <konsole-devel>
Status:	RESOLVED UPSTREAM
Severity:	crash	CC:	ninjalj
Priority:	NOR	Keywords:	drkonqi
Version:	23.08.1
Target Milestone:	---
Platform:	Fedora RPMs
OS:	Linux
Latest Commit:		Version Fixed In:
Sentry Crash Report:

Description Mike FABIAN 2023-10-16 09:46:42 UTC

Application: konsole (23.08.1)

Qt Version: 5.15.10
Frameworks Version: 5.110.0
Operating System: Linux 6.5.5-300.fc39.x86_64 x86_64
Windowing System: Wayland
Distribution: Fedora Linux 39 (Workstation Edition)
DrKonqi: 5.27.8 [KCrashBackend]

-- Information about the crash:
Use ibus-typing-booster in konsole and switch to the next input methods in ibus-typing-booster with Control+Down

The crash can be reproduced every time.

-- Backtrace:
Application: Konsole (konsole), signal: Segmentation fault

[KCrash Handler]
#4  0x00007f3876ad8e64 in xkb_state_get_keymap () at /lib64/libxkbcommon.so.0
#5  0x00007f3875363363 in QXkbCommon::lookupLatinKeysym(xkb_state*, unsigned int) () at /usr/lib64/qt5/plugins/platforminputcontexts/libibusplatforminputcontextplugin.so
#6  0x00007f3875363f69 in QXkbCommon::keysymToQtKey(unsigned int, QFlags<Qt::KeyboardModifier>) () at /usr/lib64/qt5/plugins/platforminputcontexts/libibusplatforminputcontextplugin.so
#7  0x00007f38753588b1 in QIBusPlatformInputContext::forwardKeyEvent(unsigned int, unsigned int, unsigned int) () at /usr/lib64/qt5/plugins/platforminputcontexts/libibusplatforminputcontextplugin.so
#8  0x00007f387b8e8678 in void doActivate<false>(QObject*, int, void**) () at /lib64/libQt5Core.so.5
#9  0x00007f387535ef00 in QIBusInputContextProxy::qt_static_metacall(QObject*, QMetaObject::Call, int, void**) () at /usr/lib64/qt5/plugins/platforminputcontexts/libibusplatforminputcontextplugin.so
#10 0x00007f387535f38a in QIBusInputContextProxy::qt_metacall(QMetaObject::Call, int, void**) () at /usr/lib64/qt5/plugins/platforminputcontexts/libibusplatforminputcontextplugin.so
#11 0x00007f387a60338b in QDBusConnectionPrivate::deliverCall(QObject*, int, QDBusMessage const&, QVector<int> const&, int) () at /lib64/libQt5DBus.so.5
#12 0x00007f387b8ded9b in QObject::event(QEvent*) () at /lib64/libQt5Core.so.5
#13 0x00007f387c5aeb75 in QApplicationPrivate::notify_helper(QObject*, QEvent*) () at /lib64/libQt5Widgets.so.5
#14 0x00007f387b8b4218 in QCoreApplication::notifyInternal2(QObject*, QEvent*) () at /lib64/libQt5Core.so.5
#15 0x00007f387b8b76c5 in QCoreApplicationPrivate::sendPostedEvents(QObject*, int, QThreadData*) () at /lib64/libQt5Core.so.5
#16 0x00007f387b906c6f in postEventSourceDispatch(_GSource*, int (*)(void*), void*) () at /lib64/libQt5Core.so.5
#17 0x00007f3879a56e1c in g_main_context_dispatch_unlocked.lto_priv () at /lib64/libglib-2.0.so.0
#18 0x00007f3879ab1d78 in g_main_context_iterate_unlocked.isra () at /lib64/libglib-2.0.so.0
#19 0x00007f3879a54a93 in g_main_context_iteration () at /lib64/libglib-2.0.so.0
#20 0x00007f387b906759 in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () at /lib64/libQt5Core.so.5
#21 0x00007f387b8b2bdb in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () at /lib64/libQt5Core.so.5
#22 0x00007f387b8bae6b in QCoreApplication::exec() () at /lib64/libQt5Core.so.5
#23 0x000056281c3339e4 in main ()
[Inferior 1 (process 63952) detached]

Reported using DrKonqi

Comment 1 ninjalj 2023-10-19 21:31:28 UTC

Repro pressing Ctrl+KP_Right:

#0  0x00007f3275dc1e40 in xkb_state_get_keymap () from /usr/lib64/libxkbcommon.so.0
#1  0x00007f3274b6c9f0 in QXkbCommon::lookupLatinKeysym (state=state@entry=0x0, keycode=keycode@entry=0)
    at /usr/src/debug/dev-qt/qtgui-5.15.8-r3/qtbase-everywhere-src-5.15.8/src/platformsupport/input/xkbcommon/qxkbcommon.cpp:758
#2  0x00007f3274b6d501 in QXkbCommon::keysymToQtKey (hyperAsMeta=false, superAsMeta=false, code=0, state=0x0, modifiers=..., keysym=65432)
    at /usr/src/debug/dev-qt/qtgui-5.15.8-r3/qtbase-everywhere-src-5.15.8/src/platformsupport/input/xkbcommon/qxkbcommon.cpp:528
#3  QXkbCommon::keysymToQtKey (keysym=65432, modifiers=...) at /usr/src/debug/dev-qt/qtgui-5.15.8-r3/qtbase-everywhere-src-5.15.8/src/platformsupport/input/xkbcommon/qxkbcommon.cpp:508
#4  0x00007f3274b62031 in QIBusPlatformInputContext::forwardKeyEvent (this=<optimized out>, keyval=65432, keycode=85, state=4)
    at /usr/src/debug/dev-qt/qtgui-5.15.8-r3/qtbase-everywhere-src-5.15.8/src/plugins/platforminputcontexts/ibus/qibusplatforminputcontext.cpp:357
#5  0x00007f327a790a78 in ?? () from /usr/lib64/libQt5Core.so.5
#6  0x00007f3274b6bd8b in QIBusInputContextProxy::ForwardKeyEvent (_t3=<optimized out>, _t2=<optimized out>, _t1=<optimized out>, this=<optimized out>) at .moc/moc_qibusinputcontextproxy.cpp:564
#7  QIBusInputContextProxy::qt_static_metacall (_o=0x56224c6fa3c0, _c=<optimized out>, _id=<optimized out>, _a=0x7ffc98763810) at .moc/moc_qibusinputcontextproxy.cpp:230
#8  0x00007f3274b6c1d3 in QIBusInputContextProxy::qt_metacall (this=0x56224c6fa3c0, _c=QMetaObject::InvokeMetaMethod, _id=6, _a=0x7ffc98763810) at .moc/moc_qibusinputcontextproxy.cpp:512
#9  0x00007f327943379c in ?? () from /usr/lib64/libQt5DBus.so.5
#10 0x00007f327a78880e in QObject::event(QEvent*) () from /usr/lib64/libQt5Core.so.5
#11 0x00007f327b2865e2 in QApplicationPrivate::notify_helper (this=<optimized out>, receiver=0x56224c6fa3c0, e=0x7f3268010eb0)
    at /usr/src/debug/dev-qt/qtwidgets-5.15.8-r2/qtbase-everywhere-src-5.15.8/src/widgets/kernel/qapplication.cpp:3640
#12 0x00007f327a75c138 in QCoreApplication::notifyInternal2(QObject*, QEvent*) () from /usr/lib64/libQt5Core.so.5
#13 0x00007f327a75f7a5 in QCoreApplicationPrivate::sendPostedEvents(QObject*, int, QThreadData*) () from /usr/lib64/libQt5Core.so.5
#14 0x00007f327a7afa93 in ?? () from /usr/lib64/libQt5Core.so.5
#15 0x00007f32789075cb in g_main_context_dispatch () from /usr/lib64/libglib-2.0.so.0
#16 0x00007f3278907868 in ?? () from /usr/lib64/libglib-2.0.so.0
#17 0x00007f327890792f in g_main_context_iteration () from /usr/lib64/libglib-2.0.so.0
#18 0x00007f327a7af4e8 in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib64/libQt5Core.so.5
#19 0x00007f327a75aa23 in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib64/libQt5Core.so.5
#20 0x00007f327a7630cd in QCoreApplication::exec() () from /usr/lib64/libQt5Core.so.5
#21 0x000056224c250482 in ?? ()
#22 0x00007f327a0de360 in __libc_start_call_main (main=main@entry=0x56224c24fce0, argc=argc@entry=1, argv=argv@entry=0x7ffc98763f68) at ../sysdeps/nptl/libc_start_call_main.h:58
#23 0x00007f327a0de420 in __libc_start_main_impl (main=0x56224c24fce0, argc=1, argv=0x7ffc98763f68, init=<optimized out>, fini=<optimized out>, rtld_fini=<optimized out>, stack_end=0x7ffc98763f58)
    at ../csu/libc-start.c:381
#24 0x000056224c250935 in ?? ()

Comment 2 ninjalj 2023-10-19 21:33:16 UTC

Kate and tagainijisho also crash, seems like a bug in Qt's IBus support?

Comment 3 Mike FABIAN 2023-10-19 21:45:21 UTC

It is a Qt bug actually, this commit fixed it:

$ git show e68a0da0b90
commit e68a0da0b907af7980481a3cf30f6b4b97c06b6e
Author: Alexander Volkov <avolkov@astralinux.ru>
Date:   Mon Mar 6 18:10:34 2023 +0300

    Avoid crash when keysymToQtKey(keysym, Qt::ControlModifier) is called
    
    For example when Ctrl+Home is sent by virtual keyboard on Wayland.
    
    Pick-to: 6.6 6.5 6.2 5.15
    Change-Id: I41f1d2a28c9091efa621d5826a3b9e3e0e481ceb
    Reviewed-by: Liang Qi <liang.qi@qt.io>

diff --git a/src/gui/platform/unix/qxkbcommon.cpp b/src/gui/platform/unix/qxkbcommon.cpp
index d254aeecdc..162ba90efe 100644
--- a/src/gui/platform/unix/qxkbcommon.cpp
+++ b/src/gui/platform/unix/qxkbcommon.cpp
@@ -731,6 +731,8 @@ xkb_keysym_t QXkbCommon::lookupLatinKeysym(xkb_state *state, xkb_keycode_t keyco
 {
     xkb_layout_index_t layout;
     xkb_keysym_t sym = XKB_KEY_NoSymbol;
+    if (!state)
+        return sym;
     xkb_keymap *keymap = xkb_state_get_keymap(state);
     const xkb_layout_index_t layoutCount = xkb_keymap_num_layouts_for_key(keymap, keycode);
     // Look at user layouts in the order in which they are defined in system

Comment 4 Mike FABIAN 2023-10-19 21:45:52 UTC

https://codereview.qt-project.org/c/qt/qtbase/+/464846/3/src/gui/platform/unix/qxkbcommon.cpp

Comment 5 ninjalj 2023-10-19 22:25:25 UTC

Already included on KDE's Qt5 patch collection (https://community.kde.org/Qt5PatchCollection):

https://invent.kde.org/qt/qt/qtbase/-/commit/b41ede9d67856a605e7ed79d1ce751f80c4fa034