338997 – Konsole crashed while I was selecting text, causing the window to scroll up

Bug 338997 - Konsole crashed while I was selecting text, causing the window to scroll up

Summary: Konsole crashed while I was selecting text, causing the window to scroll up

Status:	RESOLVED FIXED

Alias:	None

Product:	konsole
Classification:	Applications
Component:	copy-paste (show other bugs)
Version:	17.04.2
Platform:	Ubuntu Linux

Importance:	NOR crash
Target Milestone:	---
Assignee:	Konsole Developer

URL:
Keywords:

Duplicates (8):	350151 359886 369397 381680 382027 383997 398861 411170 (view as bug list)
Depends on:
Blocks:

Reported:	2014-09-11 02:35 UTC by Lincoln Ramsay
Modified:	2019-08-23 06:03 UTC (History)
CC List:	11 users (show)

See Also:
Latest Commit:	https://commits.kde.org/konsole/f98c752bce9fa11f1e81cf6ef8c02b3c3861c341
Version Fixed In:	18.04

Attachments
New crash information added by DrKonqi (4.52 KB, text/plain) 2018-01-05 16:15 UTC, nathanmonfils	Details
View All Add an attachment

Note You need to log in before you can comment on or make changes to this bug.

Description Lincoln Ramsay 2014-09-11 02:35:29 UTC

Application: konsole (2.13.2)
KDE Platform Version: 4.13.3
Qt Version: 4.8.6
Operating System: Linux 3.13.0-35-generic x86_64
Distribution: Ubuntu 14.04.1 LTS

-- Information about the crash:
- What I was doing when the application crashed:

Selecting a bunch of text (which I was going to paste into a file). Causing the window to scroll up. Scrollback is capped at 10,000 lines. The tab I was in probably wouldn't have hit that though as it was newly-opened.

-- Backtrace:
Application: Konsole (konsole), signal: Segmentation fault
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
[Current thread is 1 (Thread 0x7f66feb747c0 (LWP 30089))]

Thread 4 (Thread 0x7f66e5ccf700 (LWP 30090)):
#0  __libc_disable_asynccancel () at ../nptl/sysdeps/unix/sysv/linux/x86_64/cancellation.S:98
#1  0x00007f66fe4a3379 in read () at ../sysdeps/unix/syscall-template.S:81
#2  0x00007f66f785ac20 in ?? () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#3  0x00007f66f7819b14 in g_main_context_check () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#4  0x00007f66f7819f7b in ?? () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#5  0x00007f66f781a30a in g_main_loop_run () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#6  0x00007f66ec40ae16 in ?? () from /usr/lib/x86_64-linux-gnu/libgio-2.0.so.0
#7  0x00007f66f783ef15 in ?? () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#8  0x00007f66f8100182 in start_thread (arg=0x7f66e5ccf700) at pthread_create.c:312
#9  0x00007f66fe4b1fbd in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:111

Thread 3 (Thread 0x7f66e54ce700 (LWP 30091)):
#0  0x00007f66fe4a4c6d in poll () at ../sysdeps/unix/syscall-template.S:81
#1  0x00007f66f7819fe4 in ?? () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#2  0x00007f66f781a0ec in g_main_context_iteration () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#3  0x00007f66f781a129 in ?? () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#4  0x00007f66f783ef15 in ?? () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#5  0x00007f66f8100182 in start_thread (arg=0x7f66e54ce700) at pthread_create.c:312
#6  0x00007f66fe4b1fbd in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:111

Thread 2 (Thread 0x7f66ced88700 (LWP 30095)):
#0  0x00007f66f785b62a in ?? () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#1  0x00007f66f785b9b9 in g_mutex_unlock () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#2  0x00007f66f78190f0 in g_main_context_acquire () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#3  0x00007f66f7819ea5 in ?? () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#4  0x00007f66f781a0ec in g_main_context_iteration () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#5  0x00007f66fcbb37be in QEventDispatcherGlib::processEvents (this=0x7f66c80008c0, flags=...) at kernel/qeventdispatcher_glib.cpp:436
#6  0x00007f66fcb850af in QEventLoop::processEvents (this=this@entry=0x7f66ced87de0, flags=...) at kernel/qeventloop.cpp:149
#7  0x00007f66fcb853a5 in QEventLoop::exec (this=this@entry=0x7f66ced87de0, flags=...) at kernel/qeventloop.cpp:204
#8  0x00007f66fca81c5f in QThread::exec (this=this@entry=0x28e9bb0) at thread/qthread.cpp:537
#9  0x00007f66fcb66823 in QInotifyFileSystemWatcherEngine::run (this=0x28e9bb0) at io/qfilesystemwatcher_inotify.cpp:265
#10 0x00007f66fca8432f in QThreadPrivate::start (arg=0x28e9bb0) at thread/qthread_unix.cpp:349
#11 0x00007f66f8100182 in start_thread (arg=0x7f66ced88700) at pthread_create.c:312
#12 0x00007f66fe4b1fbd in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:111

Thread 1 (Thread 0x7f66feb747c0 (LWP 30089)):
[KCrash Handler]
#6  0x00007f66fe15e969 in Konsole::TerminalDisplay::charClass(Konsole::Character const&) const () from /usr/lib/libkonsoleprivate.so
#7  0x00007f66fe16234d in Konsole::TerminalDisplay::findWordEnd(QPoint const&) () from /usr/lib/libkonsoleprivate.so
#8  0x00007f66fe162e0d in Konsole::TerminalDisplay::extendSelection(QPoint const&) () from /usr/lib/libkonsoleprivate.so
#9  0x00007f66fe16006b in Konsole::TerminalDisplay::mouseMoveEvent(QMouseEvent*) () from /usr/lib/libkonsoleprivate.so
#10 0x00007f66fbf6f635 in QWidget::event (this=0x3436ce0, event=0x7fff8e6a1ac0) at kernel/qwidget.cpp:8361
#11 0x00007f66fe165aba in Konsole::TerminalDisplay::event(QEvent*) () from /usr/lib/libkonsoleprivate.so
#12 0x00007f66fbf1fe2c in QApplicationPrivate::notify_helper (this=this@entry=0x2643ce0, receiver=receiver@entry=0x3436ce0, e=e@entry=0x7fff8e6a1ac0) at kernel/qapplication.cpp:4567
#13 0x00007f66fbf265dd in QApplication::notify (this=this@entry=0x7fff8e6a2340, receiver=receiver@entry=0x3436ce0, e=e@entry=0x7fff8e6a1ac0) at kernel/qapplication.cpp:4110
#14 0x00007f66fd5d0d1a in KApplication::notify (this=0x7fff8e6a2340, receiver=0x3436ce0, event=0x7fff8e6a1ac0) at ../../kdeui/kernel/kapplication.cpp:311
#15 0x00007f66fcb864dd in QCoreApplication::notifyInternal (this=0x7fff8e6a2340, receiver=receiver@entry=0x3436ce0, event=event@entry=0x7fff8e6a1ac0) at kernel/qcoreapplication.cpp:953
#16 0x00007f66fbf25d93 in sendEvent (event=<optimized out>, receiver=<optimized out>) at ../../include/QtCore/../../src/corelib/kernel/qcoreapplication.h:231
#17 QApplicationPrivate::sendMouseEvent (receiver=receiver@entry=0x3436ce0, event=event@entry=0x7fff8e6a1ac0, alienWidget=alienWidget@entry=0x0, nativeWidget=nativeWidget@entry=0x2b23a90, buttonDown=buttonDown@entry=0x7f66fca05318 <qt_button_down>, lastMouseReceiver=..., spontaneous=spontaneous@entry=true) at kernel/qapplication.cpp:3178
#18 0x00007f66fbf9a9cb in QETWidget::translateMouseEvent (this=this@entry=0x2b23a90, event=event@entry=0x7fff8e6a1e40) at kernel/qapplication_x11.cpp:4634
#19 0x00007f66fbf9a269 in QApplication::x11ProcessEvent (this=0x7fff8e6a2340, event=event@entry=0x7fff8e6a1e40) at kernel/qapplication_x11.cpp:3627
#20 0x00007f66fbfc1b02 in x11EventSourceDispatch (s=0x2644870, callback=0x0, user_data=0x0) at kernel/qguieventdispatcher_glib.cpp:146
#21 0x00007f66f7819e04 in g_main_context_dispatch () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#22 0x00007f66f781a048 in ?? () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#23 0x00007f66f781a0ec in g_main_context_iteration () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#24 0x00007f66fcbb37a1 in QEventDispatcherGlib::processEvents (this=0x25e8e00, flags=...) at kernel/qeventdispatcher_glib.cpp:434
#25 0x00007f66fbfc1bb6 in QGuiEventDispatcherGlib::processEvents (this=<optimized out>, flags=...) at kernel/qguieventdispatcher_glib.cpp:204
#26 0x00007f66fcb850af in QEventLoop::processEvents (this=this@entry=0x7fff8e6a2210, flags=...) at kernel/qeventloop.cpp:149
#27 0x00007f66fcb853a5 in QEventLoop::exec (this=this@entry=0x7fff8e6a2210, flags=...) at kernel/qeventloop.cpp:204
#28 0x00007f66fcb8ab79 in QCoreApplication::exec () at kernel/qcoreapplication.cpp:1225
#29 0x00007f66fe7956f7 in kdemain () from /usr/lib/kde4/libkdeinit/libkdeinit4_konsole.so
#30 0x00007f66fe3d8ec5 in __libc_start_main (main=0x4006d0, argc=1, argv=0x7fff8e6a2488, init=<optimized out>, fini=<optimized out>, rtld_fini=<optimized out>, stack_end=0x7fff8e6a2478) at libc-start.c:287
#31 0x00000000004006fe in _start ()

Report to https://bugs.kde.org/

Reproducible: Didn't try

Steps to Reproduce:
see above

Comment 1 Christoph Feck 2017-06-27 20:34:22 UTC

*** Bug 381680 has been marked as a duplicate of this bug. ***

Comment 2 Christoph Feck 2017-06-27 20:34:47 UTC

*** Bug 350151 has been marked as a duplicate of this bug. ***

Comment 3 Christoph Feck 2017-06-27 20:35:04 UTC

*** Bug 359886 has been marked as a duplicate of this bug. ***

Comment 4 Christoph Feck 2017-06-27 20:35:29 UTC

*** Bug 369397 has been marked as a duplicate of this bug. ***

Comment 5 Christoph Feck 2017-07-15 00:12:28 UTC

*** Bug 382027 has been marked as a duplicate of this bug. ***

Comment 6 Christoph Feck 2017-09-13 22:38:21 UTC

*** Bug 383997 has been marked as a duplicate of this bug. ***

Comment 7 nathanmonfils 2018-01-05 16:15:37 UTC

Created attachment 109695 [details]
New crash information added by DrKonqi

konsole (17.12.0) using Qt 5.10.0

- What I was doing when the application crashed:

Selecting a bunch of text from bottom to top, causing the window to scroll up. It takes quite a few lines before the crash occurs (I would say about 50).

-- Backtrace (Reduced):
#5  0x00007fb750789fbd in Konsole::TerminalDisplay::charClass(Konsole::Character const&) const () from /usr/lib/libkonsoleprivate.so.17
#6  0x00007fb75078f74e in Konsole::TerminalDisplay::findWordEnd(QPoint const&) () from /usr/lib/libkonsoleprivate.so.17
#7  0x00007fb750791226 in Konsole::TerminalDisplay::extendSelection(QPoint const&) () from /usr/lib/libkonsoleprivate.so.17
#8  0x00007fb75078bfdc in Konsole::TerminalDisplay::mouseMoveEvent(QMouseEvent*) () from /usr/lib/libkonsoleprivate.so.17
#9  0x00007fb74dfdee38 in QWidget::event(QEvent*) () from /usr/lib/libQt5Widgets.so.5

Comment 8 Ruslan Kabatsayev 2018-01-06 08:24:42 UTC

It seems this happens only when word-selecting, i.e. double-click the text, then move the mouse cursor up. I can reliably reproduce the problem when doing the following:

1. Open Konsole
2. Type in bash prompt:
for((i=0;i<1000;++i)); do echo Hello, world $i; done
3. Run the command typed
4. Double-click the last appeared word "world" and drag it above the terminal viewport so that the terminal starts to scroll. The double-click&drag pattern is like "Press-release-press-drag left mouse button"
5. It'll scroll not much before it crashes. I was able to get it scroll by one line and crash, but it seems this depends on the text column the mouse cursor is above, so if you still fail to reproduce, try moving the cursor left-right while holding it above the terminal viewport.

Comment 9 Kurt Hindenburg 2018-01-15 14:46:43 UTC

Thanks for the steps to reproduce - crashes on master as well

Comment 10 Kurt Hindenburg 2018-01-21 18:45:02 UTC

Git commit f98c752bce9fa11f1e81cf6ef8c02b3c3861c341 by Kurt Hindenburg.
Committed on 21/01/2018 at 18:44.
Pushed by hindenburg into branch 'master'.

Reverts: Fix double click can only select text within visible region

Partial revert of 914067d14a6a27b59bba1c53cc18cb67eb9811fc

Change to use old code while leaving (not used) new code in.

Fixes reproduciable crashes:
Konsole::TerminalDisplay::findWordEnd()
Konsole::TerminalDisplay::charClass(image[j]); -> invalid location

I was not able to get the triple click code to crash which was the
previous patch to this.
FIXED-IN: 18.04

M  +96   -11   src/TerminalDisplay.cpp

https://commits.kde.org/konsole/f98c752bce9fa11f1e81cf6ef8c02b3c3861c341

Comment 11 Christoph Feck 2018-10-11 16:58:30 UTC

*** Bug 398861 has been marked as a duplicate of this bug. ***

Comment 12 Alois Wohlschlager 2019-08-23 06:03:53 UTC

*** Bug 411170 has been marked as a duplicate of this bug. ***