Bug 485999

Summary:	kdiff3 segaborts when comparing two files
Product:	[Applications] kdiff3	Reporter:	Mike Lothian <mike>
Component:	application	Assignee:	michael <reeves.87>
Status:	RESOLVED FIXED
Severity:	normal	CC:	asturm
Priority:	NOR
Version First Reported In:	1.11.0
Target Milestone:	---
Platform:	Other
OS:	Linux
Latest Commit:		Version Fixed/Implemented In:
Sentry Crash Report:
Attachments:	First file Second file

Description Mike Lothian 2024-04-23 10:16:14 UTC

Created attachment 168830 [details]
First file

Qt 6.7.0
KF6 from Git
kdiff3 from Git

(lldb) run
Process 1098029 launched: '/usr/bin/kdiff3' (x86_64)
org.kde.kdiff3: Loading A:  "/home/fireburn/dmesg.axion"
org.kde.kdiff3: Loading B:  "/home/fireburn/dmesg.txt"
org.kde.kdiff3: Diff: A <-> B
org.kde.kdiff3: Linediff: A <-> B
org.kde.kdiff3: Enter: calcDiff3LineListUsingAB
org.kde.kdiff3: Leave: calcDiff3LineListUsingAB
terminate called after throwing an instance of 'std::system_error'
  what():  converted signed value too small: negative overflow error
Process 1098029 stopped
* thread #1, name = 'kdiff3', stop reason = signal SIGABRT
    frame #0: 0x00007ffff62bf86c libc.so.6`___lldb_unnamed_symbol3697 + 268
libc.so.6`___lldb_unnamed_symbol3697:
->  0x7ffff62bf86c <+268>: movl   %eax, %ebx
    0x7ffff62bf86e <+270>: negl   %ebx
    0x7ffff62bf870 <+272>: cmpl   $0xfffff000, %eax ; imm = 0xFFFFF000 
    0x7ffff62bf875 <+277>: movl   $0x0, %eax
(lldb) bt
* thread #1, name = 'kdiff3', stop reason = signal SIGABRT
  * frame #0: 0x00007ffff62bf86c libc.so.6`___lldb_unnamed_symbol3697 + 268
    frame #1: 0x00007ffff626be66 libc.so.6`raise + 22
    frame #2: 0x00007ffff62538b7 libc.so.6`abort + 215
    frame #3: 0x00007ffff58a4c7b libstdc++.so.6`___lldb_unnamed_symbol7333 + 98
    frame #4: 0x00007ffff58b8eec libstdc++.so.6`___lldb_unnamed_symbol7788 + 12
    frame #5: 0x00007ffff58b8f57 libstdc++.so.6`std::terminate() + 23
    frame #6: 0x000055555560fabf kdiff3`__clang_call_terminate + 15
    frame #7: 0x000055555567559f kdiff3`getBestFirstLine(LineRef, int, LineRef, int) [inlined] LineRef::operator=(this=<unavailable>, lineIn=<unavailable>) at LineRef.h:51:21
    frame #8: 0x0000555555675581 kdiff3`getBestFirstLine(line=LineRef @ scalar, nofLines=1559, firstLine=LineRef @ scalar, visibleLines=14) at difftextwindow.cpp:0
    frame #9: 0x00005555556756ab kdiff3`DiffTextWindow::setFastSelectorRange(this=0x000055555615a6c0, line1=<unavailable>, nofLines=<unavailable>) at difftextwindow.cpp:595:32
    frame #10: 0x00007ffff60dda8f libQt6Core.so.6`___lldb_unnamed_symbol13786 + 1279
    frame #11: 0x000055555560ccd1 kdiff3`MergeResultWindow::setFastSelectorRange(this=<unavailable>, _t1=LineRef @ 0x00007fffffffc46c, _t2=1559) at moc_mergeresultwindow.cpp:574:5
    frame #12: 0x00005555556ad3f3 kdiff3`MergeResultWindow::setFastSelector(this=0x0000555555c804c0, i=std::__cxx11::list<MergeBlock, std::allocator<MergeBlock> >::iterator @ scalar) at mergeresultwindow.cpp:788:12
    frame #13: 0x00005555556a63a2 kdiff3`MergeResultWindow::merge(bool, e_SrcSelector, bool, bool) [inlined] MergeResultWindow::go(this=0x0000555555c804c0, eDir=eUp, eEndPoint=eEnd) at mergeresultwindow.cpp:548:5
    frame #14: 0x00005555556a6364 kdiff3`MergeResultWindow::merge(bool, e_SrcSelector, bool, bool) [inlined] MergeResultWindow::slotGoTop(this=0x0000555555c804c0) at mergeresultwindow.cpp:658:5
    frame #15: 0x00005555556a6364 kdiff3`MergeResultWindow::merge(this=0x0000555555c804c0, bAutoSolve=<unavailable>, defaultSelector=<unavailable>, bConflictsOnly=false, bWhiteSpaceOnly=<unavailable>) at mergeresultwindow.cpp:397:5
    frame #16: 0x00005555556a5d8c kdiff3`MergeResultWindow::init(this=0x0000555555c804c0, pLineDataA=<unavailable>, sizeA=LineRef @ 0x00007fffffffc5c8, pLineDataB=<unavailable>, sizeB=LineRef @ 0x00007fffffffc5cc, pLineDataC=<unavailable>, sizeC=LineRef @ 0x00007fffffffc620, pDiff3LineList=0x000055555597a388, pTotalDiffStatus=0x0000555555a9ac50, bAutoSolve=true) at mergeresultwindow.cpp:132:5
    frame #17: 0x000055555565f1b0 kdiff3`KDiff3App::mainInit(this=0x0000555555979fe0, pTotalDiffStatus=<unavailable>, inFlags=<unavailable>) at pdiff.cpp:377:27
    frame #18: 0x000055555563193c kdiff3`KDiff3App::completeInit(QString const&, QString const&, QString const&) [inlined] KDiff3App::doFileCompare(this=0x0000555555979fe0) at kdiff3.cpp:595:5
    frame #19: 0x0000555555631908 kdiff3`KDiff3App::completeInit(this=0x0000555555979fe0, fn1=<unavailable>, fn2=<unavailable>, fn3=<unavailable>) at kdiff3.cpp:646:13
    frame #20: 0x000055555561d3e0 kdiff3`KDiff3Shell::KDiff3Shell(this=0x0000555555a07850, fn1=0x00007fffffffcb68, fn2=0x00007fffffffcb50, fn3=0x00007fffffffcb38) at kdiff3_shell.cpp:39:15
    frame #21: 0x000055555561c629 kdiff3`QtPrivate::QCallableObject<main::$_0, QtPrivate::List<>, void>::impl(int, QtPrivate::QSlotObjectBase*, QObject*, void**, bool*) [inlined] main::$_0::operator()(this=0x0000555555982d30) const at main.cpp:192:21
    frame #22: 0x000055555561c587 kdiff3`QtPrivate::QCallableObject<main::$_0, QtPrivate::List<>, void>::impl(int, QtPrivate::QSlotObjectBase*, QObject*, void**, bool*) [inlined] QtPrivate::FunctorCall<QtPrivate::IndexesList<>, QtPrivate::List<>, void, main::$_0>::call(f=0x0000555555982d30, arg=<unavailable>) at qobjectdefs_impl.h:137:13
    frame #23: 0x000055555561c587 kdiff3`QtPrivate::QCallableObject<main::$_0, QtPrivate::List<>, void>::impl(int, QtPrivate::QSlotObjectBase*, QObject*, void**, bool*) [inlined] void QtPrivate::FunctorCallable<main::$_0>::call<QtPrivate::List<>, void>(f=0x0000555555982d30, (null)=<unavailable>, arg=<unavailable>) at qobjectdefs_impl.h:345:13
    frame #24: 0x000055555561c587 kdiff3`QtPrivate::QCallableObject<main::$_0, QtPrivate::List<>, void>::impl(which=<unavailable>, this_=0x0000555555982d20, r=<unavailable>, a=<unavailable>, ret=<unavailable>) at qobjectdefs_impl.h:555:21
    frame #25: 0x00007ffff6084f6c libQt6Core.so.6`QObject::event(QEvent*) + 636
    frame #26: 0x00007ffff6714d47 libQt6Gui.so.6`QGuiApplication::event(QEvent*) + 711
    frame #27: 0x00007ffff768d9a8 libQt6Widgets.so.6`QApplication::event(QEvent*) + 520
    frame #28: 0x00007ffff769061e libQt6Widgets.so.6`QApplicationPrivate::notify_helper(QObject*, QEvent*) + 302
    frame #29: 0x00007ffff76920ae libQt6Widgets.so.6`QApplication::notify(QObject*, QEvent*) + 494
    frame #30: 0x00007ffff6133f57 libQt6Core.so.6`QCoreApplication::notifyInternal2(QObject*, QEvent*) + 183
    frame #31: 0x00007ffff613572e libQt6Core.so.6`QCoreApplicationPrivate::sendPostedEvents(QObject*, int, QThreadData*) + 526
    frame #32: 0x00007ffff5ecb2d7 libQt6Core.so.6`___lldb_unnamed_symbol10036 + 23
    frame #33: 0x00007ffff4fa7602 libglib-2.0.so.0`___lldb_unnamed_symbol2489 + 482
    frame #34: 0x00007ffff5014588 libglib-2.0.so.0`___lldb_unnamed_symbol2747 + 600
    frame #35: 0x00007ffff4fa68ac libglib-2.0.so.0`g_main_context_iteration + 44
    frame #36: 0x00007ffff5eb61c4 libQt6Core.so.6`QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) + 100
    frame #37: 0x00007ffff6134ba6 libQt6Core.so.6`QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) + 550
    frame #38: 0x00007ffff61347e8 libQt6Core.so.6`QCoreApplication::exec() + 136
    frame #39: 0x000055555561aa89 kdiff3`main(argc=3, argv=<unavailable>) at main.cpp:195:21
    frame #40: 0x00007ffff6255306 libc.so.6`___lldb_unnamed_symbol3281 + 134
    frame #41: 0x00007ffff62553b9 libc.so.6`__libc_start_main + 137
    frame #42: 0x00005555556083e5 kdiff3`_start + 37
(lldb)

Comment 1 Mike Lothian 2024-04-23 10:16:32 UTC

Created attachment 168831 [details]
Second file

Comment 2 Mike Lothian 2024-04-23 10:17:01 UTC

I've attached the two files which trigger the problem for me

Comment 3 michael 2024-04-28 13:44:58 UTC

I believe I may found the cause of this error getBestFirstLine is returning a negative line value. This situation does not happen with most files and would have been ignored by pre 1.9 kdiff3. That would break assumptions else where in kdiff3 causing unpredictable results. I a fix locally need to test it the make sure.

Comment 4 Mike Lothian 2024-04-29 13:16:56 UTC

I've just retested master, it's all looking good now thanks

That's everything now migrated to Qt6 and working on my system :D 

Thanks again

Comment 5 Mike Lothian 2024-04-29 13:21:34 UTC

I spoke too soon, if you scoll those two files then close kdiff3 you get the following segfault:

Process 560661 stopped
* thread #1, name = 'kdiff3', stop reason = signal SIGSEGV: address not mapped to object (fault address: 0x88)
    frame #0: 0x00007ffff4606190 libQt6WaylandClient.so.6`QtWaylandClient::QWaylandShmBackingStore::resize(QSize const&) + 848
libQt6WaylandClient.so.6`QtWaylandClient::QWaylandShmBackingStore::resize:
->  0x7ffff4606190 <+848>: cmpb   $0x0, 0x88(%rcx)
    0x7ffff4606197 <+855>: je     0x7ffff46061f0 ; <+944>
    0x7ffff4606199 <+857>: cmpq   $0x0, 0x80(%rcx)
    0x7ffff46061a1 <+865>: je     0x7ffff46061f0 ; <+944>
(lldb) bt
* thread #1, name = 'kdiff3', stop reason = signal SIGSEGV: address not mapped to object (fault address: 0x88)
  * frame #0: 0x00007ffff4606190 libQt6WaylandClient.so.6`QtWaylandClient::QWaylandShmBackingStore::resize(QSize const&) + 848
    frame #1: 0x00007ffff4605ce2 libQt6WaylandClient.so.6`QtWaylandClient::QWaylandShmBackingStore::beginPaint(QRegion const&) + 82
    frame #2: 0x00007ffff6790361 libQt6Gui.so.6`QBackingStore::beginPaint(QRegion const&) + 433
    frame #3: 0x00007ffff76e4ee2 libQt6Widgets.so.6`QWidgetRepaintManager::paintAndFlush() + 4514
    frame #4: 0x00007ffff76c90bc libQt6Widgets.so.6`QWidgetRepaintManager::sync() + 284
    frame #5: 0x00007ffff76be70f libQt6Widgets.so.6`QWidget::event(QEvent*) + 2671
    frame #6: 0x00007ffff7546412 libQt6Widgets.so.6`QMainWindow::event(QEvent*) + 962
    frame #7: 0x00007ffff7ecdde2 libKF6XmlGui.so.6`KMainWindow::event(QEvent*) + 4530
    frame #8: 0x00007ffff7f0f4fb libKF6XmlGui.so.6`KXmlGuiWindow::event(QEvent*) + 43
    frame #9: 0x00007ffff769061e libQt6Widgets.so.6`QApplicationPrivate::notify_helper(QObject*, QEvent*) + 302
    frame #10: 0x00007ffff76920ae libQt6Widgets.so.6`QApplication::notify(QObject*, QEvent*) + 494
    frame #11: 0x00007ffff6133f57 libQt6Core.so.6`QCoreApplication::notifyInternal2(QObject*, QEvent*) + 183
    frame #12: 0x00007ffff76e2b07 libQt6Widgets.so.6`QWidgetRepaintManager::sendUpdateRequest(QWidget*, QWidgetRepaintManager::UpdateTime) + 743
    frame #13: 0x00007ffff77373b7 libQt6Widgets.so.6`void QWidgetRepaintManager::markDirty<QRect>(QRect const&, QWidget*, QWidgetRepaintManager::UpdateTime, QWidgetRepaintManager::BufferState) + 1447
    frame #14: 0x00007ffff76de31b libQt6Widgets.so.6`QWidget::repaint() + 187
    frame #15: 0x0000555555672e4b kdiff3`DiffTextWindowFrame::setFirstLine(this=0x000055555615b3f0, firstLine=<unavailable>) at difftextwindow.cpp:2036:21
    frame #16: 0x00007ffff60dda8f libQt6Core.so.6`___lldb_unnamed_symbol13786 + 1279
    frame #17: 0x0000555555609593 kdiff3`DiffTextWindow::firstLineChanged(this=<unavailable>, _t1=LineRef @ 0x00007fffffffc24c) at moc_difftextwindow.cpp:431:5
    frame #18: 0x0000555555674606 kdiff3`DiffTextWindow::setFirstLine(this=0x000055555615dba0, firstLine=LineRef @ rbp) at difftextwindow.cpp:503:12
    frame #19: 0x00007ffff60dda8f libQt6Core.so.6`___lldb_unnamed_symbol13786 + 1279
    frame #20: 0x00007ffff75e838f libQt6Widgets.so.6`QAbstractSlider::setValue(int) + 319
    frame #21: 0x00007ffff762537c libQt6Widgets.so.6`___lldb_unnamed_symbol22374 + 380
    frame #22: 0x00007ffff758bc18 libQt6Widgets.so.6`QScrollBar::wheelEvent(QWheelEvent*) + 136
    frame #23: 0x00007ffff76be5d4 libQt6Widgets.so.6`QWidget::event(QEvent*) + 2356
    frame #24: 0x00007ffff758bb58 libQt6Widgets.so.6`QScrollBar::event(QEvent*) + 504
    frame #25: 0x00007ffff769061e libQt6Widgets.so.6`QApplicationPrivate::notify_helper(QObject*, QEvent*) + 302
    frame #26: 0x00007ffff76920ae libQt6Widgets.so.6`QApplication::notify(QObject*, QEvent*) + 494
    frame #27: 0x00007ffff6133f57 libQt6Core.so.6`QCoreApplication::notifyInternal2(QObject*, QEvent*) + 183
    frame #28: 0x00007ffff76be5d4 libQt6Widgets.so.6`QWidget::event(QEvent*) + 2356
    frame #29: 0x00007ffff769061e libQt6Widgets.so.6`QApplicationPrivate::notify_helper(QObject*, QEvent*) + 302
    frame #30: 0x00007ffff7693488 libQt6Widgets.so.6`QApplication::notify(QObject*, QEvent*) + 5576
    frame #31: 0x00007ffff6133f57 libQt6Core.so.6`QCoreApplication::notifyInternal2(QObject*, QEvent*) + 183
    frame #32: 0x00007ffff76e95b1 libQt6Widgets.so.6`___lldb_unnamed_symbol23787 + 929
    frame #33: 0x00007ffff76e6c82 libQt6Widgets.so.6`___lldb_unnamed_symbol23778 + 338
    frame #34: 0x00007ffff769061e libQt6Widgets.so.6`QApplicationPrivate::notify_helper(QObject*, QEvent*) + 302
    frame #35: 0x00007ffff76920ae libQt6Widgets.so.6`QApplication::notify(QObject*, QEvent*) + 494
    frame #36: 0x00007ffff6133f57 libQt6Core.so.6`QCoreApplication::notifyInternal2(QObject*, QEvent*) + 183
    frame #37: 0x00007ffff671675d libQt6Gui.so.6`QGuiApplicationPrivate::processWheelEvent(QWindowSystemInterfacePrivate::WheelEvent*) + 541
    frame #38: 0x00007ffff6778f1a libQt6Gui.so.6`QWindowSystemInterface::sendWindowSystemEvents(QFlags<QEventLoop::ProcessEventsFlag>) + 394
    frame #39: 0x00007ffff6c5cbe1 libQt6Gui.so.6`___lldb_unnamed_symbol22472 + 17
    frame #40: 0x00007ffff4fa7602 libglib-2.0.so.0`___lldb_unnamed_symbol2489 + 482
    frame #41: 0x00007ffff5014588 libglib-2.0.so.0`___lldb_unnamed_symbol2747 + 600
    frame #42: 0x00007ffff4fa68ac libglib-2.0.so.0`g_main_context_iteration + 44
    frame #43: 0x00007ffff5eb61c4 libQt6Core.so.6`QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) + 100
    frame #44: 0x00007ffff6134ba6 libQt6Core.so.6`QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) + 550
    frame #45: 0x00007ffff61347e8 libQt6Core.so.6`QCoreApplication::exec() + 136
    frame #46: 0x000055555561aae9 kdiff3`main(argc=3, argv=<unavailable>) at main.cpp:195:21
    frame #47: 0x00007ffff6255306 libc.so.6`___lldb_unnamed_symbol3281 + 134
    frame #48: 0x00007ffff62553b9 libc.so.6`__libc_start_main + 137
    frame #49: 0x0000555555608445 kdiff3`_start + 37

Comment 6 michael 2024-05-19 00:12:09 UTC

May be related to wayland somehow. I do most tests under X11 which does not readily reproduce the  scroll crash.

Comment 7 Mike Lothian 2024-05-25 12:38:57 UTC

Scrolling is very slow, taking 30 seconds or so to go down the page, and using quite a lot of CPU too, is there a way to see what's causing it?

This is probably all wayland related but it's the only app I've seen misbehave

Comment 8 michael 2024-06-15 19:37:40 UTC

Go head a file bug regarding the scroll delay on Wayland.  I can confirm that it happens but don't have a solution at this time.