Bug 475810

Created attachment 162412 [details]
full trace with all threads of rkward crash

SUMMARY

I ran rkward 0.7.5 using R-4.3.1-3.fc39.x86_64 in Plasma 5.27.8 on Wayland in a Fedora 39 KDE Plasma installation.  I closed RKWard by clicking the x button at the top right and selecting Discard all in the box showing the following
"Save modified - RKWard 
The following items have been modified. Do you want to save them before closing? 
RWorkspace (Data and Functions) Not saved"

rkward.rbackend segmentation faulted in QString::isEmpty when closing 4/4 times. 

Core was generated by `/usr/libexec/rkward.rbackend --debug-level=3 --server-name=%2Ftmp%2FrkwardDflqE'.
Program terminated with signal SIGSEGV, Segmentation fault.
#0  0x00007fa0bee0310d in QString::isEmpty (this=<optimized out>)
    at ../../include/QtCore/../../src/corelib/text/qstring.h:1078
1078    ../../include/QtCore/../../src/corelib/text/qstring.h: No such file or directory.
[Current thread is 1 (Thread 0x7fa089dff6c0 (LWP 9507))]

(gdb) bt
#0  0x00007fa0bee0310d in QString::isEmpty() const (this=<optimized out>)
    at ../../include/QtCore/../../src/corelib/text/qstring.h:1078
#1  QIODevice::errorString() const (this=0x0) at io/qiodevice.cpp:2104
#2  0x000055edfce94c76 in RKAbstractTransmitter::disconnected() (this=0x7ffc9ce45660)
    at /usr/src/debug/rkward-0.7.5-1.fc39.x86_64/rkward/rbackend/rktransmitter.cpp:272
#3  0x00007fa0beee8821 in QtPrivate::QSlotObjectBase::call(QObject*, void**)
    (a=0x7fa089dfdca0, r=<optimized out>, this=0x7fa0840024a0)
    at ../../include/QtCore/../../src/corelib/kernel/qobjectdefs_impl.h:398
#4  doActivate<false>(QObject*, int, void**)
    (sender=0x7fa0840012d0, signal_index=10, argv=0x7fa089dfdca0) at kernel/qobject.cpp:3925
#5  0x00007fa0beee89a8 in doActivate<false>(QObject*, int, void**)
    (sender=0x7fa0840013b0, signal_index=11, argv=0x7fa089dfdd70) at kernel/qobject.cpp:3937
#6  0x00007fa0beee3747 in QMetaObject::activate(QObject*, QMetaObject const*, int, void**)
    (sender=sender@entry=0x7fa0840013b0, m=m@entry=0x7fa0bf3f57a0 <QAbstractSocket::staticMetaObject>, local_signal_index=local_signal_index@entry=2, argv=argv@entry=0x0) at kernel/qobject.cpp:3985
#7  0x00007fa0bf346fe7 in QAbstractSocket::disconnected() (this=this@entry=0x7fa0840013b0)
    at .moc/moc_qabstractsocket.cpp:404
#8  0x00007fa0bf34794b in QAbstractSocket::disconnectFromHost() (this=0x7fa0840013b0)
    at socket/qabstractsocket.cpp:2841
#9  0x000055edfce8dbff in RKRBackendTransmitter::doExit() (this=0x7ffc9ce45660)
    at /usr/src/debug/rkward-0.7.5-1.fc39.x86_64/rkward/rbackend/rkbackendtransmitter.cpp:81
#10 0x00007fa0beedf0cb in QObject::event(QEvent*) (this=0x7ffc9ce45660, e=0x55edfe63a100)
    at kernel/qobject.cpp:1347
--Type <RET> for more, q to quit, c to continue without paging--c
#11 0x00007fa0beeb452b in doNotify (event=0x55edfe63a100, receiver=0x7ffc9ce45660)
    at kernel/qcoreapplication.cpp:1154
#12 QCoreApplication::notify(QObject*, QEvent*)
    (event=<optimized out>, receiver=<optimized out>, this=<optimized out>)
    at kernel/qcoreapplication.cpp:1140
#13 QCoreApplication::notifyInternal2(QObject*, QEvent*)
    (receiver=0x7ffc9ce45660, event=0x55edfe63a100) at kernel/qcoreapplication.cpp:1064
#14 0x00007fa0beeb4762 in QCoreApplication::sendEvent(QObject*, QEvent*)
    (receiver=<optimized out>, event=<optimized out>) at kernel/qcoreapplication.cpp:1462
#15 0x00007fa0beeb79f5 in QCoreApplicationPrivate::sendPostedEvents(QObject*, int, QThreadData*)
    (receiver=0x0, event_type=0, data=0x55edfd540ac0) at kernel/qcoreapplication.cpp:1821
#16 0x00007fa0beeb7cad in QCoreApplication::sendPostedEvents(QObject*, int)
    (receiver=<optimized out>, event_type=<optimized out>) at kernel/qcoreapplication.cpp:1680
#17 0x00007fa0bef06f9f in postEventSourceDispatch(GSource*, GSourceFunc, gpointer) (s=0x7fa084000ee0)
    at kernel/qeventdispatcher_glib.cpp:277
#18 0x00007fa0bd30fe1c in g_main_dispatch (context=0x7fa084000c30) at ../glib/gmain.c:3476
#19 g_main_context_dispatch_unlocked (context=0x7fa084000c30) at ../glib/gmain.c:4284
#20 0x00007fa0bd36ad78 in g_main_context_iterate_unlocked.isra.0
    (context=context@entry=0x7fa084000c30, block=block@entry=1, dispatch=dispatch@entry=1, self=<optimized out>) at ../glib/gmain.c:4349
#21 0x00007fa0bd30da93 in g_main_context_iteration (context=0x7fa084000c30, may_block=1)
    at ../glib/gmain.c:4414
#22 0x00007fa0bef06a89 in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>)
    (this=0x7fa084000b70, flags=...) at kernel/qeventdispatcher_glib.cpp:423
#23 0x00007fa0beeb2f0b in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>)
    (this=this@entry=0x7fa089dfe230, flags=..., flags@entry=...)
    at ../../include/QtCore/../../src/corelib/global/qflags.h:69
#24 0x00007fa0becf47b0 in QThread::exec() (this=<optimized out>)
    at ../../include/QtCore/../../src/corelib/global/qflags.h:121
#25 0x00007fa0becf5bbd in operator() (__closure=<optimized out>) at thread/qthread_unix.cpp:350
#26 (anonymous namespace)::terminate_on_exception<QThreadPrivate::start(void*)::<lambda()> >
    (t=<optimized out>) at thread/qthread_unix.cpp:287
#27 QThreadPrivate::start(void*) (arg=0x7ffc9ce45660) at thread/qthread_unix.cpp:310
#28 0x00007fa0be6aa897 in start_thread (arg=<optimized out>) at pthread_create.c:444
#29 0x00007fa0be7316bc in clone3 () at ../sysdeps/unix/sysv/linux/x86_64/clone3.S:78

The pointer this=0x0 in frame #1 in QIODevice::errorString at io/qiodevice.cpp:2104 might indicate that a null pointer dereference happened when d->errorString.isEmpty() was run there.

(gdb) l io/qiodevice.cpp:2104
file: "../../corelib/io/qiodevice.cpp", line number: 2104, symbol: "???"
2099    ../../corelib/io/qiodevice.cpp: No such file or directory.
file: "io/qiodevice.cpp", line number: 2104, symbol: "???"
2099        \sa setErrorString()
2100    */
2101    QString QIODevice::errorString() const
2102    {
2103        Q_D(const QIODevice);
2104        if (d->errorString.isEmpty()) {
2105    #ifdef QT_NO_QOBJECT
2106            return QLatin1String(QT_TRANSLATE_NOOP(QIODevice, "Unknown error"));
2107    #else
2108            return tr("Unknown error");

I'm attaching the full trace with all threads. A popup was shown briefly 2/4 times which stated that RKWard was in the process of closing and pressing Cancel would stop it immediately with a possible loss of data. I didn't press Cancel on that box.

STEPS TO REPRODUCE
1. Boot a Fedora 39 KDE Plasma installation updated to 2023-10-18 with updates-testing repo enabled. I updated to KF 5.111.0 and Qt 5.15.11 manually from https://bodhi.fedoraproject.org/updates/FEDORA-2023-0d38f82e51 which hasn't been completely pushed to updates-testing yet.
2. Log in to Plasma 5.27.8 on Wayland from sddm
3. Start Konsole
4. Install or upgrade to rkward-0.7.5-1.fc39.x86_64 R-4.3.1-3.fc39.x86_64 with sudo dnf install rkward
5. start RKWard 
6. select Start with an empty workspace if that box is shown
7. select OK 
8. close RKWard by clicking the x button at the top right 
9. select Discard in the box with The following items have been modified. Do you want to save them before closing? 

OBSERVED RESULT
rkward.rbackend crashed in QString::isEmpty when closing 

EXPECTED RESULT
No crash should have happened.

SOFTWARE/OS VERSIONS
Linux/KDE Plasma: Fedora 39
(available in About System)
KDE Plasma Version: 5.27.8
KDE Frameworks Version: 5.111.0
Qt Version: 5.15.11

ADDITIONAL INFORMATION

I reported this problem at https://bugs.kde.org/show_bug.cgi?id=433398 I'm reporting it again because of Thomas Friedrichsmeier's comment at https://bugs.kde.org/show_bug.cgi?id=433398#c1