Bug 479319

Summary: konsole crashes with segfault upon command execution
Product: [Applications] konsole Reporter: kth5 <alex.bldck>
Component: generalAssignee: Konsole Developer <konsole-devel>
Status: RESOLVED FIXED    
Severity: crash CC: dev
Priority: NOR Keywords: drkonqi
Version: 23.08.4   
Target Milestone: ---   
Platform: Compiled Sources   
OS: Linux   
Latest Commit: https://invent.kde.org/utilities/konsole/-/commit/c2485b48743ae97fb15c6a503f0cb598ad30e887 Version Fixed In:
Sentry Crash Report:

Description kth5 2024-01-02 22:12:57 UTC 
Application: konsole (23.08.4)
 (Compiled from sources)
Qt Version: 5.15.11
Frameworks Version: 5.113.0
Operating System: Linux 6.6.9-arch1-1 ppc
Windowing System: X11
Distribution: Arch POWER
DrKonqi: 5.27.10 [KCrashBackend]

-- Information about the crash:
Simply entering any command such as "ls" that will produce output seems to trigger an immediate segault. Sometimes just entering 10+ characters already does it.

Seems to only happen on bigendian ppc32. Same sources and dependencies on ppc64, ppc64le and riscv64 produce working binaries.

The reporter is unsure if this crash is reproducible.

-- Backtrace:
Application: Konsole (konsole), signal: Segmentation fault

[KCrash Handler]
#4  0x009b9e70 in Konsole::TerminalDisplay::getCharacterPosition(QPoint const&, bool) const (this=this@entry=0x17c7c00, widgetPoint=..., edge=<optimized out>) at /usr/src/debug/konsole/konsole-23.08.4/src/terminalDisplay/TerminalDisplay.cpp:1573
#5  0x009c0894 in Konsole::TerminalDisplay::mouseMoveEvent(QMouseEvent*) (this=0x17c7c00, ev=0xafb70418) at /usr/src/debug/konsole/konsole-23.08.4/src/terminalDisplay/TerminalDisplay.cpp:1261
#6  0xa75473d0 in QWidget::event(QEvent*) () at /usr/lib/libQt5Widgets.so.5
#7  0xa7504cd0 in QApplicationPrivate::notify_helper(QObject*, QEvent*) () at /usr/lib/libQt5Widgets.so.5
#8  0xa750ab10 in QApplication::notify(QObject*, QEvent*) () at /usr/lib/libQt5Widgets.so.5
#9  0xa6a213d8 in QCoreApplication::notifyInternal2(QObject*, QEvent*) () at /usr/lib/libQt5Core.so.5
#10 0xa7503ee8 in QApplicationPrivate::sendMouseEvent(QWidget*, QMouseEvent*, QWidget*, QWidget*, QWidget**, QPointer<QWidget>&, bool, bool) () at /usr/lib/libQt5Widgets.so.5
#11 0xa756e8f8 in  () at /usr/lib/libQt5Widgets.so.5
#12 0xa7571224 in  () at /usr/lib/libQt5Widgets.so.5
#13 0xa7504cd0 in QApplicationPrivate::notify_helper(QObject*, QEvent*) () at /usr/lib/libQt5Widgets.so.5
#14 0xa6a213d8 in QCoreApplication::notifyInternal2(QObject*, QEvent*) () at /usr/lib/libQt5Core.so.5
#15 0xa6e19ac4 in QGuiApplicationPrivate::processMouseEvent(QWindowSystemInterfacePrivate::MouseEvent*) () at /usr/lib/libQt5Gui.so.5
#16 0xa6df2db0 in QWindowSystemInterface::sendWindowSystemEvents(QFlags<QEventLoop::ProcessEventsFlag>) () at /usr/lib/libQt5Gui.so.5
#17 0x9ede70c8 in  () at /usr/lib/libQt5XcbQpa.so.5
#18 0xa4549904 in  () at /usr/lib/libglib-2.0.so.0
#19 0xa45ba298 in  () at /usr/lib/libglib-2.0.so.0
#20 0xa4546db8 in g_main_context_iteration () at /usr/lib/libglib-2.0.so.0
#21 0xa6a7c530 in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () at /usr/lib/libQt5Core.so.5
#22 0x9ede7184 in  () at /usr/lib/libQt5XcbQpa.so.5
#23 0xa6a14d3c in QEventLoop::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () at /usr/lib/libQt5Core.so.5
#24 0xa6a1747c in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () at /usr/lib/libQt5Core.so.5
#25 0xa6a25d0c in QCoreApplication::exec() () at /usr/lib/libQt5Core.so.5
#26 0x00b43b6c in main(int, char**) (argc=<optimized out>, argv=<optimized out>) at /usr/src/debug/konsole/konsole-23.08.4/src/main.cpp:271
[Inferior 1 (process 900) detached]

Reported using DrKonqi
Comment 1 Kurt Hindenburg 2024-06-07 21:40:39 UTC 
Are you able to try on a Qt6/KF6 version?  Qt5/KF5 isn't being maintained any longer.
Comment 2 Bug Janitor Service 2024-06-22 03:47:49 UTC 
Dear Bug Submitter,

This bug has been in NEEDSINFO status with no change for at least
15 days. Please provide the requested information as soon as
possible and set the bug status as REPORTED. Due to regular bug
tracker maintenance, if the bug is still in NEEDSINFO status with
no change in 30 days the bug will be closed as RESOLVED > WORKSFORME
due to lack of needed information.

For more information about our bug triaging procedures please read the
wiki located here:
https://community.kde.org/Guidelines_and_HOWTOs/Bug_triaging

If you have already provided the requested information, please
mark the bug as REPORTED so that the KDE team knows that the bug is
ready to be confirmed.

Thank you for helping us make KDE software even better for everyone!
Comment 3 Bug Janitor Service 2024-06-30 14:28:41 UTC 
A possibly relevant merge request was started @ https://invent.kde.org/utilities/konsole/-/merge_requests/1010
Comment 4 Kurt Hindenburg 2024-07-02 22:24:20 UTC 
Git commit c2485b48743ae97fb15c6a503f0cb598ad30e887 by Kurt Hindenburg, on behalf of Luis Javier Merino MorĂ¡n.
Committed on 02/07/2024 at 22:15.
Pushed by hindenburg into branch 'master'.

Avoid UB on 32 bit targets

Shifting an operand by a shift amount greater than or equal to the width
of that operand results in UB, which can happen when shifting an
unsigned long on a 32 bit target by an amount from 0 to 63.

This is probably the cause of the crash at the following bug:

M  +3    -3    src/terminalDisplay/TerminalDisplay.cpp

https://invent.kde.org/utilities/konsole/-/commit/c2485b48743ae97fb15c6a503f0cb598ad30e887
Comment 5 Christoph Cullmann 2024-09-21 15:27:58 UTC 
*** Bug 477592 has been marked as a duplicate of this bug. ***