323276 – Empty highlighting definition produces segfault

Bug 323276 - Empty highlighting definition produces segfault

Summary: Empty highlighting definition produces segfault

Status:	RESOLVED FIXED

Alias:	None

Product:	kate
Classification:	Applications
Component:	general (other bugs)
Version First Reported In:	3.10.5
Platform:	Fedora RPMs Linux

Importance:	VHI crash
Target Milestone:	---
Assignee:	KWrite Developers

URL:
Keywords:	drkonqi

Duplicates (1):	267977 (view as bug list)
Depends on:
Blocks:

Reported:	2013-08-08 02:54 UTC by hansoa2
Modified:	2013-08-08 13:00 UTC (History)
CC List:	1 user (show)

See Also:
Latest Commit:	http://commits.kde.org/kate/dd9463ab061a955ce777513393002c664fed6641
Version Fixed In:	4.12
Sentry Crash Report:

Attachments
Add an attachment

Note You need to log in before you can comment on or make changes to this bug.

Description hansoa2 2013-08-08 02:54:54 UTC

Application: kate (3.10.5)
KDE Platform Version: 4.10.5
Qt Version: 4.8.4
Operating System: Linux 3.9.10-100.fc17.x86_64 x86_64
Distribution: "Fedora release 17 (Beefy Miracle)"

-- Information about the crash:
I replaced the text in /usr/share/kde4/apps/katepart/syntax/commonlisp.xml with:
"""
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE language SYSTEM "language.dtd">

<language name="Smith" section="Sources" extensions="*.smith" mimetype="">
	<highlighting>
		
	</highlighting>
</language>
"""
Then, opening any file ending in .smith produces a segfault.

(
The reason I ran into this error is that I was testing whether the definition would even be recognized. I had a working definition that no longer highlights anything after I reset my computer.
If I do fill in the highlight section, .smith files are not recognized and no Tools->Highlighting->Sources->Smith appears.
)

To reproduce:
1. Replace commonlisp.xml with the new test
2. Create a file blah.smith
3. Open it

- What I was doing when the application crashed:
Just launching it

- Custom settings of the application:

The crash can be reproduced every time.

-- Backtrace:
Application: Kate (kate), signal: Segmentation fault
Using host libthread_db library "/lib64/libthread_db.so.1".
82	T_PSEUDO (SYSCALL_SYMBOL, SYSCALL_NAME, SYSCALL_NARGS)
[Current thread is 1 (Thread 0x7f6b8e4af880 (LWP 10835))]

Thread 2 (Thread 0x7f6b812c5700 (LWP 10836)):
#0  pthread_cond_wait@@GLIBC_2.3.2 () at ../nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_wait.S:166
#1  0x0000003461586797 in QTWTF::TCMalloc_PageHeap::scavengerThread (this=0x3461894640) at ../3rdparty/javascriptcore/JavaScriptCore/wtf/FastMalloc.cpp:2359
#2  0x00000034615867c9 in QTWTF::TCMalloc_PageHeap::runScavengerThread (context=<optimized out>) at ../3rdparty/javascriptcore/JavaScriptCore/wtf/FastMalloc.cpp:1464
#3  0x000000343c807d14 in start_thread (arg=0x7f6b812c5700) at pthread_create.c:309
#4  0x000000343bcf168d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:115

Thread 1 (Thread 0x7f6b8e4af880 (LWP 10835)):
[KCrash Handler]
#6  size (this=0x30) at ../../src/corelib/tools/qstring.h:102
#7  qHash (key=...) at tools/qhash.cpp:99
#8  0x00007f6b81ba1f11 in QHash<QString, KateHighlighting::HighlightPropertyBag*>::findNode (this=this@entry=0x1b68990, akey=..., ahp=ahp@entry=0x7fff80cf6c34) at /usr/include/QtCore/qhash.h:882
#9  0x00007f6b81ba3b1c in QHash<QString, KateHighlighting::HighlightPropertyBag*>::operator[] (this=0x1b68990, akey=...) at /usr/include/QtCore/qhash.h:743
#10 0x00007f6b81b99b43 in KateHighlighting::doHighlight (this=0x1b68890, prevLine=0x1b42dd0, textLine=0x2049650, foldingList=..., ctxChanged=@0x7fff80cf6d94: false) at /usr/src/debug/kate-4.10.5/part/syntax/katehighlight.cpp:326
#11 0x00007f6b81b53ee6 in KateBuffer::doHighlight (this=<optimized out>, startLine=0, endLine=0, invalidate=false) at /usr/src/debug/kate-4.10.5/part/document/katebuffer.cpp:544
#12 0x00007f6b81b35b0e in KateDocument::kateTextLine (this=0x1ba7690, i=0) at /usr/src/debug/kate-4.10.5/part/document/katedocument.cpp:4658
#13 0x00007f6b81b820d9 in KateLineLayout::textLine (this=0x1ab7790, reloadForce=<optimized out>) at /usr/src/debug/kate-4.10.5/part/render/katelinelayout.cpp:67
#14 0x00007f6b81b7a52d in KateRenderer::layoutLine (this=0x1dc6170, lineLayout=..., maxwidth=-1, cacheLayout=true) at /usr/src/debug/kate-4.10.5/part/render/katerenderer.cpp:871
#15 0x00007f6b81b7ee8b in KateLayoutCache::line (this=this@entry=0x1de1730, realLine=realLine@entry=0, virtualLine=virtualLine@entry=-1) at /usr/src/debug/kate-4.10.5/part/render/katelayoutcache.cpp:322
#16 0x00007f6b81b7fb23 in KateLayoutCache::updateViewCache (this=0x1de1730, startPos=..., newViewLineCount=<optimized out>, viewLinesScrolled=<optimized out>) at /usr/src/debug/kate-4.10.5/part/render/katelayoutcache.cpp:233
#17 0x00007f6b81bcd912 in doUpdateView (viewLinesScrolled=0, changed=<optimized out>, this=0x1de0dd0) at /usr/src/debug/kate-4.10.5/part/view/kateviewinternal.cpp:558
#18 KateViewInternal::doUpdateView (this=0x1de0dd0, changed=<optimized out>, viewLinesScrolled=0) at /usr/src/debug/kate-4.10.5/part/view/kateviewinternal.cpp:538
#19 0x00007f6b81bcdb7c in KateViewInternal::updateView (this=0x1de0dd0, changed=true, viewLinesScrolled=<optimized out>) at /usr/src/debug/kate-4.10.5/part/view/kateviewinternal.cpp:532
#20 0x00007f6b81bb9226 in KateView::updateView (this=0x1dc6520, changed=<optimized out>) at /usr/src/debug/kate-4.10.5/part/view/kateview.cpp:1827
#21 0x00007f6b81b44ca1 in KateDocument::makeAttribs (this=this@entry=0x1ba7690, needInvalidate=needInvalidate@entry=false) at /usr/src/debug/kate-4.10.5/part/document/katedocument.cpp:2493
#22 0x00007f6b81b44d8b in KateDocument::bufferHlChanged (this=0x1ba7690) at /usr/src/debug/kate-4.10.5/part/document/katedocument.cpp:1523
#23 0x00007f6b81b5330b in KateBuffer::setHighlight (this=0x1a309e0, hlMode=<optimized out>) at /usr/src/debug/kate-4.10.5/part/document/katebuffer.cpp:389
#24 0x00007f6b81b45df3 in KateDocument::updateFileType (this=this@entry=0x1ba7690, newType=..., user=user@entry=false) at /usr/src/debug/kate-4.10.5/part/document/katedocument.cpp:4470
#25 0x00007f6b81b4bfb1 in KateDocument::openFile (this=0x1ba7690) at /usr/src/debug/kate-4.10.5/part/document/katedocument.cpp:1945
#26 0x00000039fbc288a0 in KParts::ReadOnlyPartPrivate::openLocalFile (this=this@entry=0x1ba7910) at /usr/src/debug/kdelibs-4.10.5/kparts/part.cpp:591
#27 0x00000039fbc28e44 in KParts::ReadOnlyPart::openUrl (this=0x1ba7690, url=...) at /usr/src/debug/kdelibs-4.10.5/kparts/part.cpp:555
#28 0x00007f6b81b4e640 in KateDocument::readParameterizedSessionConfig (this=0x1ba7690, kconfig=..., configParameters=0) at /usr/src/debug/kate-4.10.5/part/document/katedocument.cpp:1565
#29 0x00000039fc8369b5 in loadMetaInfos (url=..., doc=0x1ba7690, this=0x19fa9f0) at /usr/src/debug/kate-4.10.5/kate/app/katedocmanager.cpp:635
#30 KateDocManager::loadMetaInfos (this=0x19fa9f0, doc=0x1ba7690, url=...) at /usr/src/debug/kate-4.10.5/kate/app/katedocmanager.cpp:609
#31 0x00000039fc83703f in KateDocManager::openUrl (this=0x19fa9f0, url=..., encoding=..., isTempFile=false, docInfo=...) at /usr/src/debug/kate-4.10.5/kate/app/katedocmanager.cpp:242
#32 0x00000039fc846f0d in KateViewManager::openUrl (this=0x1cab9c0, url=..., encoding=..., activate=false, isTempFile=false, docInfo=...) at /usr/src/debug/kate-4.10.5/kate/app/kateviewmanager.cpp:292
#33 0x00000039fc82ef27 in KateApp::startupKate (this=0x7fff80cf7f30) at /usr/src/debug/kate-4.10.5/kate/app/kateapp.cpp:222
#34 0x00000039fc82fbb5 in KateApp::initKate (this=this@entry=0x7fff80cf7f30) at /usr/src/debug/kate-4.10.5/kate/app/kateapp.cpp:135
#35 0x00000039fc82fdd0 in KateApp::KateApp (this=0x7fff80cf7f30, args=<optimized out>) at /usr/src/debug/kate-4.10.5/kate/app/kateapp.cpp:72
#36 0x00000039fc4058b8 in kdemain (argc=3, argv=<optimized out>) at /usr/src/debug/kate-4.10.5/kate/app/katemain.cpp:378
#37 0x000000343bc21735 in __libc_start_main (main=0x4007d0 <main(int, char**)>, argc=3, ubp_av=0x7fff80cf80b8, init=<optimized out>, fini=<optimized out>, rtld_fini=<optimized out>, stack_end=0x7fff80cf80a8) at libc-start.c:226
#38 0x0000000000400801 in _start ()

Possible duplicates by query: bug 267977.

Reported using DrKonqi

Comment 1 Dominik Haumann 2013-08-08 07:04:20 UTC

*** Bug 267977 has been marked as a duplicate of this bug. ***

Comment 2 Dominik Haumann 2013-08-08 07:16:08 UTC

Confirmed, F7, set-highlight emptyxmlfile -> crash:

Thread 1 (Thread 0x7faff2762780 (LWP 11067)):
[KCrash Handler]
#5  0x00007faff9273d25 in raise () from /lib64/libc.so.6
#6  0x00007faff92751a8 in abort () from /lib64/libc.so.6
#7  0x00007faffa5d6c14 in qt_message_output (msgType=msgType@entry=QtFatalMsg, buf=<optimized out>) at global/qglobal.cpp:2323
#8  0x00007faffa5d6dc8 in qt_message(QtMsgType, const char *, typedef __va_list_tag __va_list_tag *) (msgType=msgType@entry=QtFatalMsg, msg=msg@entry=0x7faffa73fac8 "ASSERT: \"%s\" in file %s, line %d", ap=ap@entry=0x7fff1f200778) at global/qglobal.cpp:2369
#9  0x00007faffa5d6f54 in qFatal (msg=msg@entry=0x7faffa73fac8 "ASSERT: \"%s\" in file %s, line %d") at global/qglobal.cpp:2552
#10 0x00007faffa5d6f9a in qt_assert (assertion=<optimized out>, file=<optimized out>, line=<optimized out>) at global/qglobal.cpp:2018
#11 0x00007fafec7d1420 in KateHighlighting::contextNum (this=0xb2f030, n=0) at /home/dhaumann/local/projects/kate/part/syntax/katehighlight.h:267
#12 0x00007fafec834628 in KateHighlighting::doHighlight (this=0xb2f030, _prevLine=0x0, textLine=0xc1ffb0, nextLine=0xba2b40, ctxChanged=@0x7fff1f200a8b: false, tabWidth=8) at /home/dhaumann/local/projects/kate/part/syntax/katehighlight.cpp:286
#13 0x00007fafec7ddbf1 in KateBuffer::doHighlight (this=0xb4b830, startLine=0, endLine=0, invalidate=false) at /home/dhaumann/local/projects/kate/part/document/katebuffer.cpp:464
#14 0x00007fafec7dd4b1 in KateBuffer::ensureHighlighted (this=0xb4b830, line=0, lookAhead=64) at /home/dhaumann/local/projects/kate/part/document/katebuffer.cpp:298
#15 0x00007fafec7ccb44 in KateDocument::kateTextLine (this=0xb4afb0, i=0) at /home/dhaumann/local/projects/kate/part/document/katedocument.cpp:4702
#16 0x00007fafec819ba0 in KateLineLayout::textLine (this=0xa1c9a0, reloadForce=false) at /home/dhaumann/local/projects/kate/part/render/katelinelayout.cpp:68
#17 0x00007fafec80f942 in KateRenderer::layoutLine (this=0x140b070, lineLayout=..., maxwidth=-1, cacheLayout=true) at /home/dhaumann/local/projects/kate/part/render/katerenderer.cpp:916
#18 0x00007fafec8158c6 in KateLayoutCache::line (this=0x141a420, realLine=0, virtualLine=-1) at /home/dhaumann/local/projects/kate/part/render/katelayoutcache.cpp:322
#19 0x00007fafec815009 in KateLayoutCache::updateViewCache (this=0x141a420, startPos=..., newViewLineCount=39, viewLinesScrolled=0) at /home/dhaumann/local/projects/kate/part/render/katelayoutcache.cpp:233
#20 0x00007fafec868998 in KateViewInternal::doUpdateView (this=0x1419c00, changed=true, viewLinesScrolled=0) at /home/dhaumann/local/projects/kate/part/view/kateviewinternal.cpp:549
#21 0x00007fafec868809 in KateViewInternal::updateView (this=0x1419c00, changed=true, viewLinesScrolled=0) at /home/dhaumann/local/projects/kate/part/view/kateviewinternal.cpp:523
#22 0x00007fafec85eb47 in KateView::updateView (this=0x140a690, changed=true) at /home/dhaumann/local/projects/kate/part/view/kateview.cpp:1879
#23 0x00007fafec7bfaff in KateDocument::makeAttribs (this=0xb4afb0, needInvalidate=false) at /home/dhaumann/local/projects/kate/part/document/katedocument.cpp:2513
#24 0x00007fafec7ba8e9 in KateDocument::bufferHlChanged (this=0xb4afb0) at /home/dhaumann/local/projects/kate/part/document/katedocument.cpp:1522
#25 0x00007fafec7dd7d2 in KateBuffer::setHighlight (this=0xb4b830, hlMode=186) at /home/dhaumann/local/projects/kate/part/document/katebuffer.cpp:381
#26 0x00007fafec7ba782 in KateDocument::setHighlightingMode (this=0xb4afb0, name=...) at /home/dhaumann/local/projects/kate/part/document/katedocument.cpp:1490

Comment 3 Dominik Haumann 2013-08-08 08:19:06 UTC

Possible fix: https://git.reviewboard.kde.org/r/111941/

Comment 4 Dominik Haumann 2013-08-08 13:00:14 UTC

Git commit dd9463ab061a955ce777513393002c664fed6641 by Dominik Haumann.
Committed on 08/08/2013 at 13:00.
Pushed by dhaumann into branch 'master'.

fix crash when no "context" element exists

In fact, the xml highlighting file is broken in this case.
Avoiding a crash in this case is good, though.

FIXED-IN: 4.12
REVIEW: 111941

M  +6    -0    part/syntax/katehighlight.cpp

http://commits.kde.org/kate/dd9463ab061a955ce777513393002c664fed6641