Bug 494541

Summary: Kate crashes in KateTextHintProvider::textHintRequested() when quick-tiling window
Product: [Applications] kate Reporter: Nate Graham <nate>
Component: sessionsAssignee: KWrite Developers <kwrite-bugs-null>
Status: VERIFIED FIXED    
Severity: crash CC: waqar.17a
Priority: NOR    
Version First Reported In: Git   
Target Milestone: ---   
Platform: Other   
OS: Linux   
Latest Commit: https://invent.kde.org/utilities/kate/-/commit/65bbd83a9340005250c101baea593198d2c41283 Version Fixed/Implemented In:
Sentry Crash Report:

Description Nate Graham 2024-10-11 15:02:38 UTC 
Everything KDE from today's git master

STEPS TO REPRODUCE
1. Have two sessions
2. Launch Kate
3. Switch sessions (I do it from a button I put on the toolbar)
    [This often causes the window to resize because window sizes are saved on a per-session basis]
4. If the window got resized to be maximized, immediately quick-tile the window to the left or right side of the screen with Meta+Left Arrow or Meta+Right Arrow

OBSERVED RESULT
Kate crashes with the following backtrace 100% of the time:

Core was generated by `/home/nate/kde/usr/bin/kate -b'.
Program terminated with signal SIGSEGV, Segmentation fault.
#0  __pthread_kill_implementation (threadid=<optimized out>, signo=signo@entry=11, 
    no_tid=no_tid@entry=0) at pthread_kill.c:44
44            return INTERNAL_SYSCALL_ERROR_P (ret) ? INTERNAL_SYSCALL_ERRNO (ret) : 0;
[Current thread is 1 (Thread 0x7fa288813440 (LWP 810535))]
(gdb) bt
#0  __pthread_kill_implementation
    (threadid=<optimized out>, signo=signo@entry=11, no_tid=no_tid@entry=0) at pthread_kill.c:44
#1  0x00007fa28e4a86d3 in __pthread_kill_internal (threadid=<optimized out>, signo=11)
    at pthread_kill.c:78
#2  0x00007fa28e44fc4e in __GI_raise (sig=11) at ../sysdeps/posix/raise.c:26
#3  0x00007fa291a0a5ab in KCrash::defaultCrashHandler (sig=11)
    at /home/nate/kde/src/kcrash/src/kcrash.cpp:596
#4  0x00007fa28e44fd00 in <signal handler called> () at /lib64/libc.so.6
#5  std::__atomic_base<QObjectPrivate::SignalVector*>::load
    (this=0xbff0000000000008, __m=std::memory_order_relaxed)
    at /usr/include/c++/14/bits/atomic_base.h:831
#6  std::atomic<QObjectPrivate::SignalVector*>::load
    (this=0xbff0000000000008, __m=std::memory_order_relaxed) at /usr/include/c++/14/atomic:582
#7  QAtomicOps<QObjectPrivate::SignalVector*>::loadRelaxed<QObjectPrivate::SignalVector*>
    (_q_value=<error reading variable: Cannot access memory at address 0xbff0000000000008>)
    at /usr/src/debug/qt6-qtbase-6.7.2-6.fc40.x86_64/src/corelib/thread/qatomic_cxx11.h:202
#8  QBasicAtomicPointer<QObjectPrivate::SignalVector>::loadRelaxed (this=0xbff0000000000008)
    at /usr/src/debug/qt6-qtbase-6.7.2-6.fc40.x86_64/src/corelib/thread/qbasicatomic.h:170
#9  QObjectPrivate::maybeSignalConnected
    (this=this@entry=0x378c3d40, signalIndex=signalIndex@entry=3)
    at /usr/src/debug/qt6-qtbase-6.7.2-6.fc40.x86_64/src/corelib/kernel/qobject.cpp:485
#10 0x00007fa28ebfc456 in doActivate<false> (sender=0x378f5718, signal_index=3, argv=0x7ffc03ea7140)
    at /usr/src/debug/qt6-qtbase-6.7.2-6.fc40.x86_64/src/corelib/kernel/qobject.cpp:3986
#11 0x00007fa28ebf2bc7 in QMetaObject::activate
    (sender=<optimized out>, m=m@entry=0x7fa291d51e20 <KateTextHintProvider::staticMetaObject>, local_signal_index=local_signal_index@entry=0, argv=argv@entry=0x7ffc03ea7140)
    at /usr/src/debug/qt6-qtbase-6.7.2-6.fc40.x86_64/src/corelib/kernel/qobject.cpp:4146
#12 0x00007fa291c9ce41 in KateTextHintProvider::textHintRequested
    (this=<optimized out>, _t1=<optimized out>, _t1@entry=0x379e4170, _t2=_t2@entry=...)
    at /home/nate/kde/build/kate/apps/lib/kateprivate_autogen/include/moc_KateTextHintManager.cpp:181
#13 0x00007fa291c9d6f2 in KateTextHintManager::ontextHintRequested
    (this=0x376b58e0, v=0x379e4170, c=..., hintSource=hintSource@entry=KateTextHintManager::Requestor::HintProvider) at /home/nate/kde/src/kate/apps/lib/texthint/KateTextHintManager.cpp:138
#14 0x00007fa291c9e278 in KTETextHintProvider::textHint
    (this=<optimized out>, view=<optimized out>, position=<optimized out>)
    at /home/nate/kde/src/kate/apps/lib/texthint/KateTextHintManager.cpp:65
#15 0x00007fa291814059 in KateViewInternal::textHintTimeout (this=0x379e49a0)
    at /home/nate/kde/src/ktexteditor/src/view/kateviewinternal.cpp:4142
#16 0x00007fa28ebfc8f2 in QtPrivate::QSlotObjectBase::call
    (this=0x379f1200, r=<optimized out>, a=0x7ffc03ea73e0)
    at /usr/src/debug/qt6-qtbase-6.7.2-6.fc40.x86_64/src/corelib/kernel/qobjectdefs_impl.h:469
#17 doActivate<false> (sender=0x379e4b98, signal_index=3, argv=0x7ffc03ea73e0)
    at /usr/src/debug/qt6-qtbase-6.7.2-6.fc40.x86_64/src/corelib/kernel/qobject.cpp:4086
#18 0x00007fa28ebf2bc7 in QMetaObject::activate
    (sender=<optimized out>, m=m@entry=0x7fa28f08b100 <QTimer::staticMetaObject>, local_signal_index=local_signal_index@entry=0, argv=argv@entry=0x7ffc03ea73e0)
--Type <RET> for more, q to quit, c to continue without paging--c
    at /usr/src/debug/qt6-qtbase-6.7.2-6.fc40.x86_64/src/corelib/kernel/qobject.cpp:4146
#19 0x00007fa28ec0bcbd in QTimer::timeout (this=<optimized out>, _t1=...)
    at /usr/src/debug/qt6-qtbase-6.7.2-6.fc40.x86_64/redhat-linux-build/src/corelib/Core_autogen/include/moc_qtimer.cpp:224
#20 0x00007fa28ebedd5f in QObject::event (this=0x379e4b98, e=0x7ffc03ea7590)
    at /usr/src/debug/qt6-qtbase-6.7.2-6.fc40.x86_64/src/corelib/kernel/qobject.cpp:1482
#21 0x00007fa28ff8b218 in QApplicationPrivate::notify_helper
    (this=<optimized out>, receiver=0x379e4b98, e=0x7ffc03ea7590)
    at /usr/src/debug/qt6-qtbase-6.7.2-6.fc40.x86_64/src/widgets/kernel/qapplication.cpp:3287
#22 0x00007fa28eb96e88 in QCoreApplication::notifyInternal2
    (receiver=0x379e4b98, event=0x7ffc03ea7590)
    at /usr/src/debug/qt6-qtbase-6.7.2-6.fc40.x86_64/src/corelib/kernel/qcoreapplication.cpp:1142
#23 0x00007fa28eb970ed in QCoreApplication::sendEvent
    (receiver=<optimized out>, event=<optimized out>)
    at /usr/src/debug/qt6-qtbase-6.7.2-6.fc40.x86_64/src/corelib/kernel/qcoreapplication.cpp:1583
#24 0x00007fa28ed52b47 in QTimerInfoList::activateTimers (this=0x3537d5a0)
    at /usr/src/debug/qt6-qtbase-6.7.2-6.fc40.x86_64/src/corelib/kernel/qtimerinfo_unix.cpp:434
#25 0x00007fa28ee84fd9 in timerSourceDispatch (source=<optimized out>)
    at /usr/src/debug/qt6-qtbase-6.7.2-6.fc40.x86_64/src/corelib/kernel/qeventdispatcher_glib.cpp:150
#26 0x00007fa28c30ee8c in g_main_dispatch (context=0x7fa274000f00) at ../glib/gmain.c:3344
#27 g_main_context_dispatch_unlocked (context=0x7fa274000f00) at ../glib/gmain.c:4152
#28 0x00007fa28c370c98 in g_main_context_iterate_unlocked.isra.0
    (context=context@entry=0x7fa274000f00, block=block@entry=1, dispatch=dispatch@entry=1, self=<optimized out>) at ../glib/gmain.c:4217
#29 0x00007fa28c310383 in g_main_context_iteration (context=0x7fa274000f00, may_block=1)
    at ../glib/gmain.c:4282
#30 0x00007fa28ee851a3 in QEventDispatcherGlib::processEvents (this=0x353145e0, flags=...)
    at /usr/src/debug/qt6-qtbase-6.7.2-6.fc40.x86_64/src/corelib/kernel/qeventdispatcher_glib.cpp:394
#31 0x00007fa28eba3bc3 in QEventLoop::exec (this=this@entry=0x7ffc03ea7860, flags=..., 
    flags@entry=...) at /usr/src/debug/qt6-qtbase-6.7.2-6.fc40.x86_64/src/corelib/global/qflags.h:34
#32 0x00007fa28eb9fa7c in QCoreApplication::exec ()
    at /usr/src/debug/qt6-qtbase-6.7.2-6.fc40.x86_64/src/corelib/global/qflags.h:74
#33 0x00007fa28f3d66ed in QGuiApplication::exec ()
    at /usr/src/debug/qt6-qtbase-6.7.2-6.fc40.x86_64/src/gui/kernel/qguiapplication.cpp:1926
#34 0x00007fa28ff8b189 in QApplication::exec ()
    at /usr/src/debug/qt6-qtbase-6.7.2-6.fc40.x86_64/src/widgets/kernel/qapplication.cpp:2555
#35 0x00000000004071e1 in main (argc=<optimized out>, argv=<optimized out>)
    at /home/nate/kde/src/kate/apps/kate/main.cpp:547


EXPECTED RESULT
No crash

SOFTWARE/OS VERSIONS
Operating System: Fedora Linux 40
KDE Plasma Version: 6.2.80
KDE Frameworks Version: 6.7.0
Qt Version: 6.7.2
Kernel Version: 6.10.11-200.fc40.x86_64 (64-bit)
Graphics Platform: Wayland
Processors: 8 × Intel® Core™ i7-10510U CPU @ 1.80GHz
Memory: 15.2 GB of RAM
Graphics Processor: Mesa Intel® UHD Graphics
Comment 1 Waqar Ahmed 2024-10-11 15:21:46 UTC 
Git commit 65bbd83a9340005250c101baea593198d2c41283 by Waqar Ahmed.
Committed on 11/10/2024 at 15:21.
Pushed by waqar into branch 'master'.

Fix bad qobject_cast

qobject_cast after destroyed signal is just wrong. It will cast to null
and we will end up removing nothing

M  +1    -1    apps/lib/texthint/KateTextHintManager.cpp

https://invent.kde.org/utilities/kate/-/commit/65bbd83a9340005250c101baea593198d2c41283
Comment 2 Waqar Ahmed 2024-10-11 15:22:42 UTC 
can you try again after recompiling with the linked commit?
Comment 3 Nate Graham 2024-10-11 15:34:45 UTC 
Amazing! I can confirm that fixes it; thank you so much! MVP of the day! 👏👏👏