Bug 286086 - Kompare crashes sometimes when clicking on files
Summary: Kompare crashes sometimes when clicking on files
Status: RESOLVED FIXED
Alias: None
Product: kompare
Classification: Applications
Component: general (show other bugs)
Version: unspecified
Platform: Compiled Sources Linux
: NOR crash
Target Milestone: ---
Assignee: Kompare developers
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2011-11-08 09:51 UTC by Konstantin Tokarev
Modified: 2011-11-08 17:49 UTC (History)
0 users

See Also:
Latest Commit:
Version Fixed In: 4.1.0


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Konstantin Tokarev 2011-11-08 09:51:44 UTC
Application: kompare (4.1.0)
KDE Platform Version: 4.4.5 (KDE 4.4.5) (Compiled from sources)
Qt Version: 4.6.3
Operating System: Linux 2.6.38.8-desktop-69mib x86_64
Distribution: "Mandriva Linux 2010.2"

-- Information about the crash:
After recent cahnges in SVN Kompare started to crash after some random cliks in file list of patch.

The crash can be reproduced some of the time.

 -- Backtrace:
Application: Kompare (kompare), signal: Segmentation fault
[KCrash Handler]
#5  0x0000000b0000000a in ?? ()
#6  0x0000003a75b46df5 in ?? () from /usr/lib64/libQtGui.so.4
#7  0x0000003a75b7f2ef in QStyledItemDelegate::sizeHint(QStyleOptionViewItem const&, QModelIndex const&) const () from /usr/lib64/libQtGui.so.4
#8  0x00007fb3d029a862 in KompareListViewItemDelegate::sizeHint (this=0x19eb810, option=..., index=...) at /home/kostya/projects/git/kompare/komparepart/komparelistview.cpp:534
#9  0x0000003a75ad5aee in QAbstractItemView::sizeHintForRow(int) const () from /usr/lib64/libQtGui.so.4
#10 0x0000003a75b1309f in QTreeView::scrollContentsBy(int, int) () from /usr/lib64/libQtGui.so.4
#11 0x0000003a75a33320 in QAbstractScrollArea::qt_metacall(QMetaObject::Call, int, void**) () from /usr/lib64/libQtGui.so.4
#12 0x0000003a75ad20e5 in QAbstractItemView::qt_metacall(QMetaObject::Call, int, void**) () from /usr/lib64/libQtGui.so.4
#13 0x0000003a75b1b725 in QTreeView::qt_metacall(QMetaObject::Call, int, void**) () from /usr/lib64/libQtGui.so.4
#14 0x0000003a75b4fc85 in QTreeWidget::qt_metacall(QMetaObject::Call, int, void**) () from /usr/lib64/libQtGui.so.4
#15 0x00007fb3d029dff5 in KompareListView::qt_metacall (this=0x7fff2f135df0, _c=29535920, _id=0, _a=0xd) at /home/kostya/projects/git/kompare/build/komparepart/komparelistview.moc:88
#16 0x0000003843f767b6 in QMetaObject::activate(QObject*, QMetaObject const*, int, void**) () from /usr/lib64/libQtCore.so.4
#17 0x0000003a75c46d3e in QAbstractSlider::valueChanged(int) () from /usr/lib64/libQtGui.so.4
#18 0x0000003a75b0d37f in ?? () from /usr/lib64/libQtGui.so.4
#19 0x0000003a75b0e4f5 in ?? () from /usr/lib64/libQtGui.so.4
#20 0x0000003a75b0e770 in QTreeView::rowsAboutToBeRemoved(QModelIndex const&, int, int) () from /usr/lib64/libQtGui.so.4
#21 0x0000003a75ad24af in QAbstractItemView::qt_metacall(QMetaObject::Call, int, void**) () from /usr/lib64/libQtGui.so.4
#22 0x0000003a75b1b725 in QTreeView::qt_metacall(QMetaObject::Call, int, void**) () from /usr/lib64/libQtGui.so.4
#23 0x0000003a75b4fc85 in QTreeWidget::qt_metacall(QMetaObject::Call, int, void**) () from /usr/lib64/libQtGui.so.4
#24 0x00007fb3d029dff5 in KompareListView::qt_metacall (this=0x7fff2f135df0, _c=29535920, _id=0, _a=0xd) at /home/kostya/projects/git/kompare/build/komparepart/komparelistview.moc:88
#25 0x0000003843f767b6 in QMetaObject::activate(QObject*, QMetaObject const*, int, void**) () from /usr/lib64/libQtCore.so.4
#26 0x0000003843fc2814 in QAbstractItemModel::rowsAboutToBeRemoved(QModelIndex const&, int, int) () from /usr/lib64/libQtCore.so.4
#27 0x0000003843f5aad3 in QAbstractItemModel::beginRemoveRows(QModelIndex const&, int, int) () from /usr/lib64/libQtCore.so.4
#28 0x0000003a75b50daa in ?? () from /usr/lib64/libQtGui.so.4
#29 0x0000003a75b51529 in QTreeWidgetItem::~QTreeWidgetItem() () from /usr/lib64/libQtGui.so.4
#30 0x00007fb3d0299a8b in ~KompareListViewItem (this=0x7fff2f135df0, __in_chrg=<value optimized out>) at /home/kostya/projects/git/kompare/komparepart/komparelistview.h:146
#31 KompareListViewLineItem::~KompareListViewLineItem (this=0x7fff2f135df0, __in_chrg=<value optimized out>) at /home/kostya/projects/git/kompare/komparepart/komparelistview.cpp:747
#32 0x00007fb3d029b01e in qDeleteAll<QList<KompareListViewLineItem*>::const_iterator> (this=0x18aeb40, __in_chrg=<value optimized out>) at /usr/lib/qt4/include/QtCore/qalgorithms.h:322
#33 qDeleteAll<QList<KompareListViewLineItem*> > (this=0x18aeb40, __in_chrg=<value optimized out>) at /usr/lib/qt4/include/QtCore/qalgorithms.h:330
#34 KompareListViewLineContainerItem::~KompareListViewLineContainerItem (this=0x18aeb40, __in_chrg=<value optimized out>) at /home/kostya/projects/git/kompare/komparepart/komparelistview.cpp:706
#35 0x00007fb3d0299ad4 in KompareListViewDiffItem::~KompareListViewDiffItem (this=0x18aeac0, __in_chrg=<value optimized out>) at /home/kostya/projects/git/kompare/komparepart/komparelistview.cpp:646
#36 0x0000003a75b48a66 in ?? () from /usr/lib64/libQtGui.so.4
#37 0x00007fb3d029cb15 in KompareListView::slotSetSelection (this=0x1a05218, model=<value optimized out>, diff=<value optimized out>)
    at /home/kostya/projects/git/kompare/komparepart/komparelistview.cpp:370
#38 0x00007fb3d0298932 in KompareSplitter::slotSetSelection (this=0x19fb160, model=0x1bfe130, diff=0x1bfea40) at /home/kostya/projects/git/kompare/komparepart/komparesplitter.cpp:430
#39 0x00007fb3d0298fbc in KompareSplitter::qt_metacall (this=0x19fb160, _c=QMetaObject::InvokeMetaMethod, _id=<value optimized out>, _a=0x7fff2f136a90)
    at /home/kostya/projects/git/kompare/build/komparepart/komparesplitter.moc:122
#40 0x0000003843f767b6 in QMetaObject::activate(QObject*, QMetaObject const*, int, void**) () from /usr/lib64/libQtCore.so.4
#41 0x00007fb3d2514a0b in Diff2::KompareModelList::setSelection (this=0x7fff2f135df0, _t1=0x1bfe130, _t2=0x1bfea40) at /home/kostya/projects/git/kompare/build/libdiff2/komparemodellist.moc:198
#42 0x00007fb3d2516d0e in Diff2::KompareModelList::slotSelectionChanged (this=0x1ad1cb0, model=0x1bfe130, diff=0x1bfea40) at /home/kostya/projects/git/kompare/libdiff2/komparemodellist.cpp:711
#43 0x00007fb3d251d7b0 in Diff2::KompareModelList::qt_metacall (this=0x1ad1cb0, _c=QMetaObject::InvokeMetaMethod, _id=<value optimized out>, _a=0x7fff2f136d10)
    at /home/kostya/projects/git/kompare/build/libdiff2/komparemodellist.moc:141
#44 0x0000003843f767b6 in QMetaObject::activate(QObject*, QMetaObject const*, int, void**) () from /usr/lib64/libQtCore.so.4
#45 0x00007fb3d02902bb in KomparePart::selectionChanged (this=0x7fff2f135df0, _t1=0x1bfe130, _t2=0x1bfea40) at /home/kostya/projects/git/kompare/build/komparepart/kompare_part.moc:196
#46 0x00007fb3d02965c9 in KomparePart::qt_metacall (this=0x19fa330, _c=QMetaObject::InvokeMetaMethod, _id=<value optimized out>, _a=0x7fff2f136e70)
    at /home/kostya/projects/git/kompare/build/komparepart/kompare_part.moc:136
#47 0x0000003843f767b6 in QMetaObject::activate(QObject*, QMetaObject const*, int, void**) () from /usr/lib64/libQtCore.so.4
#48 0x00007fb3d01b7f58 in KompareNavTreePart::selectionChanged (this=0x7fff2f135df0, _t1=0x1bfe130, _t2=0x1bfea40)
    at /home/kostya/projects/git/kompare/build/komparenavtreepart/komparenavtreepart.moc:128
#49 0x00007fb3d01bdc22 in KompareNavTreePart::slotFileListSelectionChanged (this=0x1b18a30, item=0x1c09160) at /home/kostya/projects/git/kompare/komparenavtreepart/komparenavtreepart.cpp:404
#50 0x00007fb3d01be843 in KompareNavTreePart::qt_metacall (this=0x1b18a30, _c=QMetaObject::InvokeMetaMethod, _id=<value optimized out>, _a=0x7fff2f137010)
    at /home/kostya/projects/git/kompare/build/komparenavtreepart/komparenavtreepart.moc:111
#51 0x0000003843f767b6 in QMetaObject::activate(QObject*, QMetaObject const*, int, void**) () from /usr/lib64/libQtCore.so.4
#52 0x0000003a75b4720b in QTreeWidget::currentItemChanged(QTreeWidgetItem*, QTreeWidgetItem*) () from /usr/lib64/libQtGui.so.4
#53 0x0000003a75b4fefd in QTreeWidget::qt_metacall(QMetaObject::Call, int, void**) () from /usr/lib64/libQtGui.so.4
#54 0x0000003843f767b6 in QMetaObject::activate(QObject*, QMetaObject const*, int, void**) () from /usr/lib64/libQtCore.so.4
#55 0x0000003a75b237da in QItemSelectionModel::currentChanged(QModelIndex const&, QModelIndex const&) () from /usr/lib64/libQtGui.so.4
#56 0x0000003a75b23922 in QItemSelectionModel::setCurrentIndex(QModelIndex const&, QFlags<QItemSelectionModel::SelectionFlag>) () from /usr/lib64/libQtGui.so.4
#57 0x0000003a75ad2b04 in QAbstractItemView::mousePressEvent(QMouseEvent*) () from /usr/lib64/libQtGui.so.4
#58 0x0000003a75601419 in QWidget::event(QEvent*) () from /usr/lib64/libQtGui.so.4
#59 0x0000003a759a76b6 in QFrame::event(QEvent*) () from /usr/lib64/libQtGui.so.4
#60 0x0000003a75ad7c3b in QAbstractItemView::viewportEvent(QEvent*) () from /usr/lib64/libQtGui.so.4
#61 0x0000003a75b12a82 in QTreeView::viewportEvent(QEvent*) () from /usr/lib64/libQtGui.so.4
#62 0x0000003843f62937 in QCoreApplicationPrivate::sendThroughObjectEventFilters(QObject*, QEvent*) () from /usr/lib64/libQtCore.so.4
#63 0x0000003a755ab09c in QApplicationPrivate::notify_helper(QObject*, QEvent*) () from /usr/lib64/libQtGui.so.4
#64 0x0000003a755b1e9b in QApplication::notify(QObject*, QEvent*) () from /usr/lib64/libQtGui.so.4
#65 0x0000003a7701d366 in KApplication::notify(QObject*, QEvent*) () from /usr/lib64/libkdeui.so.5
#66 0x0000003843f6351c in QCoreApplication::notifyInternal(QObject*, QEvent*) () from /usr/lib64/libQtCore.so.4
#67 0x0000003a755b106e in QApplicationPrivate::sendMouseEvent(QWidget*, QMouseEvent*, QWidget*, QWidget*, QWidget**, QPointer<QWidget>&, bool) () from /usr/lib64/libQtGui.so.4
#68 0x0000003a75630d45 in ?? () from /usr/lib64/libQtGui.so.4
#69 0x0000003a7562fa5a in QApplication::x11ProcessEvent(_XEvent*) () from /usr/lib64/libQtGui.so.4
#70 0x0000003a7565a372 in ?? () from /usr/lib64/libQtGui.so.4
#71 0x000000384643bd20 in g_main_context_dispatch () from /usr/lib64/libglib-2.0.so.0
#72 0x000000384643fb88 in ?? () from /usr/lib64/libglib-2.0.so.0
#73 0x000000384643fd3c in g_main_context_iteration () from /usr/lib64/libglib-2.0.so.0
#74 0x0000003843f8cb43 in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib64/libQtCore.so.4
#75 0x0000003a75659f5e in ?? () from /usr/lib64/libQtGui.so.4
#76 0x0000003843f61e42 in QEventLoop::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib64/libQtCore.so.4
#77 0x0000003843f6221c in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib64/libQtCore.so.4
#78 0x0000003843f66ebb in QCoreApplication::exec() () from /usr/lib64/libQtCore.so.4
#79 0x00000000004088b5 in main (argc=<value optimized out>, argv=<value optimized out>) at /home/kostya/projects/git/kompare/main.cpp:228

Reported using DrKonqi
Comment 1 Kevin Kofler 2011-11-08 17:04:53 UTC
So it looks like deleting tree widget items from slotSetSelection is unsafe with the new Qt 4 tree widgets. This is also the cause of bug #257835, an earlier regression, due to the earlier port of the KompareNavTreePart to the Qt 4 tree widgets. (I cannot reproduce the crash itself, but Valgrind reports a use after free bug which is causing your crash.) Delaying the processing of slotSetSelection until the next event loop iteration should fix it, I'll have a fix shortly.
Comment 2 Kevin Kofler 2011-11-08 17:42:56 UTC
Actually, that wasn't the problem. Deleting things from slotSetSelection appears to be safe. The problem turned out to be that we're not supposed to delete child tree widget items anymore in ~KompareListView*Item destructors, Qt 4 does this for us, doing it ourselves can lead to double free or use after free bugs.
Comment 3 Kevin Kofler 2011-11-08 17:49:00 UTC
SVN commit 1263233 by kkofler:

Kompare: KompareListView: Don't delete child items in the tree widget item destructors anymore.

QTreeWidgetItem now does this for us, and if we try to do it ourselves, we cause use-after-free and/or double-free bugs. (This was a regression caused by the K3ListView→QTreeWidget port.)

BUG: 286086
FIXED-IN: 4.1.0 (kdesdk 4.8 Beta 1)

 M  +1 -5      komparelistview.cpp  
 M  +0 -1      komparelistview.h  


WebSVN link: http://websvn.kde.org/?view=rev&revision=1263233