225385 – Seg fault/crash when closing documents (ASSERT failure in QList<T>::operator[]: "index out of range")

Bug 225385 - Seg fault/crash when closing documents (ASSERT failure in QList<T>::operator[]: "index out of range")

Summary: Seg fault/crash when closing documents (ASSERT failure in QList<T>::operator[...

Status:	RESOLVED DUPLICATE of bug 213014

Alias:	None

Product:	kate
Classification:	Applications
Component:	general (other bugs)
Version First Reported In:	unspecified
Platform:	Compiled Sources Linux

Importance:	NOR crash
Target Milestone:	---
Assignee:	KWrite Developers

URL:
Keywords:

Depends on:
Blocks:

Reported:	2010-02-03 15:06 UTC by Colin Guthrie
Modified:	2010-02-04 02:47 UTC (History)
CC List:	2 users (show)

See Also:
Latest Commit:
Version Fixed In:
Sentry Crash Report:

Attachments
Backtrace (short + full) of the crash (31.03 KB, text/plain) 2010-02-03 15:10 UTC, Colin Guthrie	Details
Console output leading up to crash (181.35 KB, text/plain) 2010-02-03 15:12 UTC, Colin Guthrie	Details
View All Add an attachment

Note You need to log in before you can comment on or make changes to this bug.

Description Colin Guthrie 2010-02-03 15:06:36 UTC

Version:            (using Devel)
Compiler:          gcc (GCC) 4.4.3 
OS:                Linux
Installed from:    Compiled sources

When I open several files (of various types - PHP or C/C++ files are affected) and close them (via ctrl+w), Kate will crash. This is intermittent but very easy to reproduce (closing half a dozen files fairly quickly seems to do it, but it can also be triggered when just closing one file).

The attached backtrace shows the problem. It seems to be a race of some kind and ultimately accessing a QList with an out of range index.

Comment 1 Colin Guthrie 2010-02-03 15:10:09 UTC

Created attachment 40497 [details]
Backtrace (short + full) of the crash

Comment 2 Colin Guthrie 2010-02-03 15:12:15 UTC

Created attachment 40498 [details]
Console output leading up to crash

Comment 3 Anne-Marie Mahfouf 2010-02-03 17:27:54 UTC

Pasting backtrace inline

(gdb) bt
#0  0x00007f2d288b4955 in raise () from /lib64/libc.so.6
#1  0x00007f2d288b5f70 in abort () from /lib64/libc.so.6
#2  0x00007f2d2681f3e4 in qt_message_output (msgType=QtFatalMsg, buf=<value optimized out>) at global/qglobal.cpp:2250
#3  0x00007f2d2681f5c2 in qt_message(QtMsgType, const char *, typedef __va_list_tag __va_list_tag *) (msgType=QtFatalMsg, msg=0x7f2d2697ba58 "ASSERT failure in %s: \"%s\", file %s, line %d", ap=
    0x7fff4e2be5e0) at global/qglobal.cpp:2296
#4  0x00007f2d2681f775 in qFatal (msg=0x5f3e <Address 0x5f3e out of bounds>) at global/qglobal.cpp:2479
#5  0x00007f2d27558a0f in QList<int>::operator[](int) const () from /usr/lib64/libkateinterfaces.so.4
#6  0x00007f2d2755397e in KateViewDocumentProxyModel::mapFromSource (this=0x35c5df0, sourceIndex=...) at /usr/src/debug/kdesdk-4.3.98/kate/app/kateviewdocumentproxymodel.cpp:331
#7  0x00007f2d27555200 in KateViewDocumentProxyModel::removeItemFromColoring (this=0x35c5df0, row=5) at /usr/src/debug/kdesdk-4.3.98/kate/app/kateviewdocumentproxymodel.cpp:518
#8  0x00007f2d275553af in KateViewDocumentProxyModel::slotRowsAboutToBeRemoved (this=<value optimized out>, parent=<value optimized out>, start=<value optimized out>, end=6)
    at /usr/src/debug/kdesdk-4.3.98/kate/app/kateviewdocumentproxymodel.cpp:536
#9  0x00007f2d27556c5c in KateViewDocumentProxyModel::qt_metacall (this=0x35c5df0, _c=InvokeMetaMethod, _id=<value optimized out>, _a=0x7fff4e2beb30)
    at /usr/src/debug/kdesdk-4.3.98/build/kate/app/kateviewdocumentproxymodel.moc:117
#10 0x00007f2d2692d54f in QMetaObject::activate (sender=0xaeef20, m=<value optimized out>, local_signal_index=<value optimized out>, argv=0xffffffffffffffff) at kernel/qobject.cpp:3267
#11 0x00007f2d26978bb4 in QAbstractItemModel::rowsAboutToBeRemoved (this=0x5f3e, _t1=<value optimized out>, _t2=6, _t3=6) at .moc/release-shared/moc_qabstractitemmodel.cpp:188
#12 0x00007f2d26911d23 in QAbstractItemModel::beginRemoveRows (this=0xaeef20, parent=..., first=6, last=6) at kernel/qabstractitemmodel.cpp:2447
#13 0x00007f2d28368a71 in QStandardItemModelPrivate::rowsAboutToBeRemoved (this=<value optimized out>, parent=<value optimized out>, start=6, end=6) at itemviews/qstandarditemmodel.cpp:535
#14 0x00007f2d2836d22d in QStandardItem::removeRows (this=0xaf2fb0, row=6, count=1) at itemviews/qstandarditemmodel.cpp:1618
#15 0x00007f2d2836d429 in QStandardItemModel::removeRows (this=<value optimized out>, row=6, count=1, parent=<value optimized out>) at itemviews/qstandarditemmodel.cpp:2800
#16 0x00007f2d2752860c in KateDocManager::deleteDoc (this=0xaeef20, doc=0x1e7fc90) at /usr/src/debug/kdesdk-4.3.98/kate/app/katedocmanager.cpp:225
#17 0x00007f2d275290ed in KateDocManager::closeDocument (this=0xaeef20, doc=0x1e7fc90, closeUrl=true) at /usr/src/debug/kdesdk-4.3.98/kate/app/katedocmanager.cpp:365
#18 0x00007f2d2753a4a5 in KateViewManager::slotDocumentClose (this=<value optimized out>, document=0x1e7fc90) at /usr/src/debug/kdesdk-4.3.98/kate/app/kateviewmanager.cpp:202
#19 0x00007f2d2753c87d in KateViewManager::qt_metacall (this=0xca8ce0, _c=InvokeMetaMethod, _id=<value optimized out>, _a=0x7fff4e2bf1f0)
    at /usr/src/debug/kdesdk-4.3.98/build/kate/app/kateviewmanager.moc:130
#20 0x00007f2d2692d54f in QMetaObject::activate (sender=0x385f880, m=<value optimized out>, local_signal_index=<value optimized out>, argv=0xffffffffffffffff) at kernel/qobject.cpp:3267
#21 0x00007f2d27da93e2 in QAction::triggered (this=0x5f3e, _t1=false) at .moc/release-shared/moc_qaction.cpp:263
#22 0x00007f2d27dab45b in QAction::activate (this=0x385f880, event=<value optimized out>) at kernel/qaction.cpp:1251
#23 0x00007f2d27dacd67 in QAction::event (this=0x5f3e, e=<value optimized out>) at kernel/qaction.cpp:1177
#24 0x00007f2d26ff2583 in KAction::event (this=0x385f880, event=0x7fff4e2bf840) at /usr/src/debug/kdelibs-4.3.98/kdeui/actions/kaction.cpp:129
#25 0x00007f2d27daf4ec in QApplicationPrivate::notify_helper (this=0x921850, receiver=0x385f880, e=0x7fff4e2bf840) at kernel/qapplication.cpp:4298
#26 0x00007f2d27db5aeb in QApplication::notify (this=0x7fff4e2c0ea0, receiver=0x385f880, e=0x7fff4e2bf840) at kernel/qapplication.cpp:4181
#27 0x00007f2d270aefee in KApplication::notify (this=0x7fff4e2c0ea0, receiver=0x385f880, event=0x7fff4e2bf840) at /usr/src/debug/kdelibs-4.3.98/kdeui/kernel/kapplication.cpp:302
#28 0x00007f2d2691a76c in QCoreApplication::notifyInternal (this=0x7fff4e2c0ea0, receiver=0x385f880, event=0x7fff4e2bf840) at kernel/qcoreapplication.cpp:704
#29 0x00007f2d27deb246 in sendEvent (event=<value optimized out>, receiver=<value optimized out>) at ../../src/corelib/kernel/qcoreapplication.h:215
#30 QShortcutMap::dispatchEvent (event=<value optimized out>, receiver=<value optimized out>) at kernel/qshortcutmap.cpp:879
#31 0x00007f2d27ded047 in QShortcutMap::tryShortcutEvent (this=0x921978, o=<value optimized out>, e=0x7fff4e2bfe60) at kernel/qshortcutmap.cpp:364
#32 0x00007f2d27db7633 in QApplication::notify (this=0x7fff4e2c0ea0, receiver=0x20755a0, e=0x7fff4e2bfe60) at kernel/qapplication.cpp:3744
#33 0x00007f2d270aefee in KApplication::notify (this=0x7fff4e2c0ea0, receiver=0x20755a0, event=0x7fff4e2bfe60) at /usr/src/debug/kdelibs-4.3.98/kdeui/kernel/kapplication.cpp:302
#34 0x00007f2d2691a76c in QCoreApplication::notifyInternal (this=0x7fff4e2c0ea0, receiver=0x20755a0, event=0x7fff4e2bfe60) at kernel/qcoreapplication.cpp:704
#35 0x00007f2d27e587ca in QKeyMapper::sendKeyEvent (keyWidget=0x20755a0, grab=<value optimized out>, type=KeyPress, code=87, modifiers=<value optimized out>, text=..., autorepeat=false, count=1, 
    nativeScanCode=25, nativeVirtualKey=119, nativeModifiers=4) at kernel/qkeymapper_x11.cpp:1861
#36 0x00007f2d27e5ad40 in QKeyMapperPrivate::translateKeyEvent (this=0x98fb70, keyWidget=0x20755a0, event=<value optimized out>, grab=62) at kernel/qkeymapper_x11.cpp:1831
#37 0x00007f2d27e33454 in QApplication::x11ProcessEvent (this=<value optimized out>, event=0x7fff4e2c0a30) at kernel/qapplication_x11.cpp:3394
#38 0x00007f2d27e5ded2 in x11EventSourceDispatch (s=0x925e30, callback=<value optimized out>, user_data=<value optimized out>) at kernel/qguieventdispatcher_glib.cpp:146
#39 0x00007f2d25ffd160 in g_main_context_dispatch () from /usr/lib64/libglib-2.0.so.0
#40 0x00007f2d26000f98 in ?? () from /usr/lib64/libglib-2.0.so.0
#41 0x00007f2d2600117c in g_main_context_iteration () from /usr/lib64/libglib-2.0.so.0
#42 0x00007f2d26943c33 in QEventDispatcherGlib::processEvents (this=0x90d000, flags=<value optimized out>) at kernel/qeventdispatcher_glib.cpp:412
#43 0x00007f2d27e5dabe in QGuiEventDispatcherGlib::processEvents (this=0x5f3e, flags=<value optimized out>) at kernel/qguieventdispatcher_glib.cpp:204
#44 0x00007f2d26919092 in QEventLoop::processEvents (this=<value optimized out>, flags=DWARF-2 expression error: DW_OP_reg operations must be used either alone or in conjuction with DW_OP_piece.
) at kernel/qeventloop.cpp:149
#45 0x00007f2d2691946c in QEventLoop::exec (this=0x7fff4e2c0d60, flags=DWARF-2 expression error: DW_OP_reg operations must be used either alone or in conjuction with DW_OP_piece.
) at kernel/qeventloop.cpp:201
#46 0x00007f2d2691d1ab in QCoreApplication::exec () at kernel/qcoreapplication.cpp:981
#47 0x00007f2d28bf52a1 in kdemain (argc=<value optimized out>, argv=<value optimized out>) at /usr/src/debug/kdesdk-4.3.98/kate/app/katemain.cpp:377
#48 0x00007f2d288a1afd in __libc_start_main () from /lib64/libc.so.6
#49 0x0000000000400649 in _start () at ../sysdeps/x86_64/elf/start.S:113

Comment 4 Dario Andres 2010-02-04 02:47:51 UTC

Merging with bug 213014. Thanks

*** This bug has been marked as a duplicate of bug 213014 ***