| Summary: | NeoChat crashes for unknown reasons when receiving an event in a certain room | ||
|---|---|---|---|
| Product: | [Applications] NeoChat | Reporter: | Erin of Yukis <erin-kde> |
| Component: | General | Assignee: | Tobias Fella <fella> |
| Status: | RESOLVED FIXED | ||
| Severity: | crash | CC: | carl, josh |
| Priority: | NOR | ||
| Version First Reported In: | 25.08.2 | ||
| Target Milestone: | --- | ||
| Platform: | Flatpak | ||
| OS: | Linux | ||
| Latest Commit: | https://invent.kde.org/network/neochat/-/commit/c539dfc352e1fe6065f2d97a9822322d168533a1 | Version Fixed/Implemented In: | |
| Sentry Crash Report: | |||
A possibly relevant merge request was started @ https://invent.kde.org/network/neochat/-/merge_requests/2530 Git commit c539dfc352e1fe6065f2d97a9822322d168533a1 by Tobias Fella, on behalf of Tobias Fella. Committed on 12/11/2025 at 12:29. Pushed by tfella into branch 'master'. Fix crash when poll answer has fewer selections than possible M +3 -1 src/messagecontent/pollhandler.cpp https://invent.kde.org/network/neochat/-/commit/c539dfc352e1fe6065f2d97a9822322d168533a1 How did you figure *that* out from *that* trace? :-D Anyways, tested latest Nightly and no longer crashes! Thank you! |
SUMMARY NeoChat crashes for unknown reasons when receiving an event in a certain room STEPS TO REPRODUCE 1. Open NeoChat 2. Open the offending room 3. Wait until events are received Unfortunately the offending room is not federated/local-only so I can’t post a link to there. OBSERVED RESULT Crash/SIGSEGV EXPECTED RESULT Room loads OK SOFTWARE/OS VERSIONS Operating System: Debian GNU/Linux 13 KDE Plasma Version: 6.3.6 KDE Frameworks Version: 6.13.0 Qt Version: 6.8.2 Kernel Version: 6.16.11-1-liquorix-amd64 (64-bit) Flatpak Version: 1.16.1 Graphics Platform: Wayland Processors: 4 × AMD FX-8800P Radeon R7, 12 Compute Cores 4C+8G Memory: 17 GB of RAM (15.7 GB usable) Graphics Processor 1: AMD Radeon R7 Graphics Graphics Processor 2: AMD Radeon R9 M385 ADDITIONAL INFORMATION Pointers for debugging this would be appreciated (maybe a way to extract the offending event that causes this?). Only thing I found out so far is the QString it is attempting to copy in the trace appears to be broken (ptr=0x50). #0 QArrayDataPointer<char16_t>::ref (this=0x7fff7c013410) at /usr/include/QtCore/qarraydatapointer.h:451 No locals. #1 QArrayDataPointer<char16_t>::QArrayDataPointer (this=0x7fff7c013410, other=...) at /usr/include/QtCore/qarraydatapointer.h:40 No locals. #2 QString::QString (this=0x7fff7c013410, other=...) at /usr/include/QtCore/qstring.h:1340 No locals. #3 QtPrivate::QGenericArrayOps<QString>::copyAppend (this=0x7fffffffbc60, b=0x55555725f410, e=0x55555725f440) at /usr/include/QtCore/qarraydataops.h:294 data = <optimized out> data = <optimized out> #4 QList<QString>::QList<QList<QString>::const_iterator, true> (this=0x7fffffffbc60, i1=..., i2=...) at /usr/include/QtCore/qlist.h:320 distance = <optimized out> #5 QList<QString>::first (this=0x7fffffffbc20, n=<optimized out>) at /usr/include/QtCore/qlist.h:687 No locals. #6 PollHandler::handleResponse (this=<optimized out>, event=<optimized out>) at /run/build/neochat/src/messagecontent/pollhandler.cpp:115 pollStartEvent = <optimized out> #7 0x000055555591f27c in PollHandler::handleResponse (this=0x555559a5b190, event=0x555559159430) at /run/build/neochat/src/messagecontent/pollhandler.cpp:97 pollStartEvent = <optimized out> #8 PollHandler::handleEvent (this=0x555559a5b190, event=<optimized out>) at /run/build/neochat/src/messagecontent/pollhandler.cpp:85 pollStartEvent = 0x555558fb2990 #9 0x000055555591f570 in operator() (__closure=0x5555569cf550) at /run/build/neochat/src/messagecontent/pollhandler.cpp:55 event = std::unique_ptr<Quotient::RoomEvent> = {get() = 0x555559159430} __for_range = @0x7fffffffbf00: std::vector of length 10, capacity 10 = {std::unique_ptr<Quotient::RoomEvent> = { get() = 0x555559159430}, std::unique_ptr<Quotient::RoomEvent> = {get() = 0x7fff7c007b30}, std::unique_ptr<Quotient::RoomEvent> = {get() = 0x555559880f00}, std::unique_ptr<Quotient::RoomEvent> = { get() = 0x7fff7c006840}, std::unique_ptr<Quotient::RoomEvent> = {get() = 0x55555998cc40}, std::unique_ptr<Quotient::RoomEvent> = {get() = 0x555558f75410}, std::unique_ptr<Quotient::RoomEvent> = { get() = 0x555556915e10}, std::unique_ptr<Quotient::RoomEvent> = {get() = 0x55555914dbf0}, std::unique_ptr<Quotient::RoomEvent> = {get() = 0x555559133b30}, std::unique_ptr<Quotient::RoomEvent> = { get() = 0x555557d79440}} __for_begin = <optimized out> __for_end = <optimized out> job = {<QPointer<Quotient::GetRelatingEventsJob>> = {wp = {d = 0x555557790180, value = 0x5555590bf710}}, <QFuture<Quotient::GetRelatingEventsJob*>> = { d = {<QFutureInterfaceBase> = {<No data fields>}, <No data fields>}}, <No data fields>} this = 0x555559a5b190 job = <optimized out> this = <optimized out> event = <optimized out> __for_range = <optimized out> __for_begin = <optimized out> __for_end = <optimized out> #10 operator() (__closure=<optimized out>) at /usr/include/QtCore/qobjectdefs_impl.h:116 arg = <optimized out> f = <optimized out> arg = <optimized out> f = <optimized out> #11 QtPrivate::FunctorCallBase::call_internal<void, QtPrivate::FunctorCall<std::integer_sequence<long unsigned int>, QtPrivate::List<>, void, PollHandler::checkLoadRelations()::<lambda()> >::call(PollHandler::checkLoadRelations()::<lambda()>&, void**)::<lambda()> > ( args=<optimized out>, fn=...) at /usr/include/QtCore/qobjectdefs_impl.h:65 No locals. #12 QtPrivate::FunctorCall<std::integer_sequence<long unsigned int>, QtPrivate::List<>, void, PollHandler::checkLoadRelations()::<lambda()> >::call (f=..., arg=<optimized out>) at /usr/include/QtCore/qobjectdefs_impl.h:115 No locals. #13 QtPrivate::FunctorCallable<PollHandler::checkLoadRelations()::<lambda()> >::call<QtPrivate::List<>, void> (f=..., arg=<optimized out>) at /usr/include/QtCore/qobjectdefs_impl.h:337 No locals. #14 QtPrivate::QCallableObject<PollHandler::checkLoadRelations()::<lambda()>, QtPrivate::List<>, void>::impl(int, QtPrivate::QSlotObjectBase *, QObject *, void **, bool *) (which=<optimized out>, this_=0x5555569cf540, r=<optimized out>, a=<optimized out>, ret=<optimized out>) at /usr/include/QtCore/qobjectdefs_impl.h:547 that = 0x5555569cf540 #15 0x00007ffff401222e in ?? () from /usr/lib/x86_64-linux-gnu/libQt6Core.so.6 No symbol table info available. #16 0x0000555555b26b54 in QMetaObject::activate<void, Quotient::BaseJob*> (sender=<optimized out>, mo=0x5555560eae40 <Quotient::BaseJob::staticMetaObject>, local_signal_index=7, ret=0x0) at /usr/include/QtCore/qobjectdefs.h:306 _a = {0x0, 0x7fffffffc078} _a = <optimized out> #17 Quotient::BaseJob::success (this=<optimized out>, _t1=<optimized out>) at /run/build/libquotient/_flatpak_build/QuotientQt6_autogen/T4CFEN5LXH/moc_basejob.cpp:410 No locals. #18 0x0000555555c4364d in Quotient::BaseJob::finishJob (this=0x5555590bf710) at /run/build/libquotient/Quotient/jobs/basejob.cpp:618 __PRETTY_FUNCTION__ = "void Quotient::BaseJob::finishJob()" #19 0x00007ffff401222e in ?? () from /usr/lib/x86_64-linux-gnu/libQt6Core.so.6 No symbol table info available. #20 0x00007ffff40038b2 in QObject::event(QEvent*) () from /usr/lib/x86_64-linux-gnu/libQt6Core.so.6 No symbol table info available. #21 0x00007ffff53a182d in QApplicationPrivate::notify_helper(QObject*, QEvent*) () from /usr/lib/x86_64-linux-gnu/libQt6Widgets.so.6 No symbol table info available. #22 0x00007ffff3fa8048 in QCoreApplication::notifyInternal2(QObject*, QEvent*) () from /usr/lib/x86_64-linux-gnu/libQt6Core.so.6 No symbol table info available. #23 0x00007ffff3fabc98 in QCoreApplicationPrivate::sendPostedEvents(QObject*, int, QThreadData*) () from /usr/lib/x86_64-linux-gnu/libQt6Core.so.6 No symbol table info available. #24 0x00007ffff42d127f in ?? () from /usr/lib/x86_64-linux-gnu/libQt6Core.so.6 No symbol table info available. #25 0x00007ffff3d133d6 in g_main_dispatch.lto_priv () from /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0 No symbol table info available. #26 0x00007ffff3d74047 in g_main_context_iterate_unlocked.isra () from /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0 No symbol table info available. #27 0x00007ffff3d12863 in g_main_context_iteration () from /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0 No symbol table info available. #28 0x00007ffff42d09b3 in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib/x86_64-linux-gnu/libQt6Core.so.6 No symbol table info available. #29 0x00007ffff3fb5d63 in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib/x86_64-linux-gnu/libQt6Core.so.6 No symbol table info available. #30 0x00007ffff3fb11a1 in QCoreApplication::exec() () from /usr/lib/x86_64-linux-gnu/libQt6Core.so.6 No symbol table info available. #31 0x000055555565a9a2 in main (argc=<optimized out>, argv=<optimized out>) at /run/build/neochat/src/app/main.cpp:316 app = <incomplete type> about = {d = std::unique_ptr<KAboutDataPrivate> = {get() = 0x5555562e4e30}} colorScheme = {<QObject> = {<No data fields>}, static staticMetaObject = {d = {superdata = { direct = 0x7ffff44b05c0 <QObject::staticMetaObject>}, stringdata = 0x555555e22540 <ColorSchemer::qt_staticMetaObjectStaticContent<(anonymous namespace)::qt_meta_tag_ZN12ColorSchemerE_t>+160>, data = 0x555555e224a0 <ColorSchemer::qt_staticMetaObjectStaticContent<(anonymous namespace)::qt_meta_tag_ZN12ColorSchemerE_t>>, static_metacall = 0x55555586daa0 <ColorSchemer::qt_static_metacall(QObject*, QMetaObject::Call, int, void**)>, relatedMetaObjects = 0x0, metaTypes = 0x5555560d8120 <ColorSchemer::qt_staticMetaObjectRelocatingContent<(anonymous namespace)::qt_meta_tag_ZN12ColorSchemerE_t>>, extradata = 0x0}}} parser = {d = 0x5555565366a0} replaceOption = {d = {d = {ptr = 0x5555565d74f0}}} testOption = {d = {d = {ptr = 0x5555565d7d30}}} dbusActivatedOption = {d = {d = {ptr = 0x5555565d7de0}}} shareOption = {d = {d = {ptr = 0x5555565d7e90}}} service = <incomplete type> accountManager = <optimized out> engine = <incomplete type> runner = 0x555556108fa0 <Runner::create(QQmlEngine*, QJSEngine*)::instance>