474961 – [PATCH] Crash while selecting scrolling text

Bug 474961 - [PATCH] Crash while selecting scrolling text

Summary: [PATCH] Crash while selecting scrolling text

Status:	RESOLVED FIXED

Alias:	None

Product:	konsole
Classification:	Applications
Component:	general (show other bugs)
Version:	22.12.3
Platform:	Debian stable Linux

Importance:	NOR crash
Target Milestone:	---
Assignee:	Konsole Developer

URL:
Keywords:	drkonqi

Depends on:
Blocks:

Reported:	2023-09-28 01:10 UTC by Charles Samuels
Modified:	2024-03-23 02:04 UTC (History)
CC List:	1 user (show)

See Also:
Latest Commit:
Version Fixed In:
Sentry Crash Report:

Attachments
Add an attachment

Note You need to log in before you can comment on or make changes to this bug.

Description Charles Samuels 2023-09-28 01:10:15 UTC

Application: konsole (22.12.3)

Qt Version: 5.15.8
Frameworks Version: 5.103.0
Operating System: Linux 6.1.0-11-amd64 x86_64
Windowing System: X11
Distribution: Debian GNU/Linux 12 (bookworm)
DrKonqi: 5.27.5 [KCrashBackend]

-- Information about the crash:
Note: this is not https://bugs.kde.org/show_bug.cgi?id=458822, because I'm using a version newer than v22.08.3

I can reproduce this by:

1. Run a program that generates a lot of text in Konsole:

 while true; do echo $RANDOM; sleep 0.005; done

2. Have the machine be under a lot of CPU load

3. Consider nicing +20 the konsole process

4. Start selecting text as it scrolls by, move the mouse around like a psycho.

You may need to tweak the number "0.005"

The crash can be reproduced every time.

-- Backtrace:
Application: Konsole (konsole), signal: Aborted

[KCrash Handler]
#4  __pthread_kill_implementation (threadid=<optimized out>, signo=signo@entry=6, no_tid=no_tid@entry=0) at ./nptl/pthread_kill.c:44
#5  0x00007f7da74a9d9f in __pthread_kill_internal (signo=6, threadid=<optimized out>) at ./nptl/pthread_kill.c:78
#6  0x00007f7da745af32 in __GI_raise (sig=sig@entry=6) at ../sysdeps/posix/raise.c:26
#7  0x00007f7da7445472 in __GI_abort () at ./stdlib/abort.c:79
#8  0x00007f7da729d919 in ?? () from /lib/x86_64-linux-gnu/libstdc++.so.6
#9  0x00007f7da72a8e1a in ?? () from /lib/x86_64-linux-gnu/libstdc++.so.6
#10 0x00007f7da72a8e85 in std::terminate() () from /lib/x86_64-linux-gnu/libstdc++.so.6
#11 0x00007f7da72a90d8 in __cxa_throw () from /lib/x86_64-linux-gnu/libstdc++.so.6
#12 0x00007f7da72a026d in ?? () from /lib/x86_64-linux-gnu/libstdc++.so.6
#13 0x00007f7da8e9c040 in Konsole::Screen::setSelectionEnd(int, int, bool) () from /lib/x86_64-linux-gnu/libkonsoleprivate.so.1
#14 0x00007f7da8e9df4f in ?? () from /lib/x86_64-linux-gnu/libkonsoleprivate.so.1
#15 0x00007f7da8effe0c in Konsole::TerminalDisplay::extendSelection(QPoint const&) () from /lib/x86_64-linux-gnu/libkonsoleprivate.so.1
#16 0x00007f7da8f001ca in Konsole::TerminalDisplay::mouseMoveEvent(QMouseEvent*) () from /lib/x86_64-linux-gnu/libkonsoleprivate.so.1
#17 0x00007f7da85a4db8 in QWidget::event(QEvent*) () from /lib/x86_64-linux-gnu/libQt5Widgets.so.5
#18 0x00007f7da8562fae in QApplicationPrivate::notify_helper(QObject*, QEvent*) () from /lib/x86_64-linux-gnu/libQt5Widgets.so.5
#19 0x00007f7da856b552 in QApplication::notify(QObject*, QEvent*) () from /lib/x86_64-linux-gnu/libQt5Widgets.so.5
#20 0x00007f7da78b16f8 in QCoreApplication::notifyInternal2(QObject*, QEvent*) () from /lib/x86_64-linux-gnu/libQt5Core.so.5
#21 0x00007f7da856965e in QApplicationPrivate::sendMouseEvent(QWidget*, QMouseEvent*, QWidget*, QWidget*, QWidget**, QPointer<QWidget>&, bool, bool) () from /lib/x86_64-linux-gnu/libQt5Widgets.so.5
#22 0x00007f7da85bdbd8 in ?? () from /lib/x86_64-linux-gnu/libQt5Widgets.so.5
#23 0x00007f7da85c0f60 in ?? () from /lib/x86_64-linux-gnu/libQt5Widgets.so.5
#24 0x00007f7da8562fae in QApplicationPrivate::notify_helper(QObject*, QEvent*) () from /lib/x86_64-linux-gnu/libQt5Widgets.so.5
#25 0x00007f7da78b16f8 in QCoreApplication::notifyInternal2(QObject*, QEvent*) () from /lib/x86_64-linux-gnu/libQt5Core.so.5
#26 0x00007f7da7d3d3ed in QGuiApplicationPrivate::processMouseEvent(QWindowSystemInterfacePrivate::MouseEvent*) () from /lib/x86_64-linux-gnu/libQt5Gui.so.5
#27 0x00007f7da7d11cac in QWindowSystemInterface::sendWindowSystemEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /lib/x86_64-linux-gnu/libQt5Gui.so.5
#28 0x00007f7da14fbeca in ?? () from /lib/x86_64-linux-gnu/libQt5XcbQpa.so.5
#29 0x00007f7da5c607a9 in g_main_context_dispatch () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#30 0x00007f7da5c60a38 in ?? () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#31 0x00007f7da5c60acc in g_main_context_iteration () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#32 0x00007f7da7909836 in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /lib/x86_64-linux-gnu/libQt5Core.so.5
#33 0x00007f7da78b017b in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () from /lib/x86_64-linux-gnu/libQt5Core.so.5
#34 0x00007f7da78b82d6 in QCoreApplication::exec() () from /lib/x86_64-linux-gnu/libQt5Core.so.5
#35 0x000055e281354e4c in ?? ()
#36 0x00007f7da74461ca in __libc_start_call_main (main=main@entry=0x55e281354690, argc=argc@entry=1, argv=argv@entry=0x7ffed4a9f6d8) at ../sysdeps/nptl/libc_start_call_main.h:58
#37 0x00007f7da7446285 in __libc_start_main_impl (main=0x55e281354690, argc=1, argv=0x7ffed4a9f6d8, init=<optimized out>, fini=<optimized out>, rtld_fini=<optimized out>, stack_end=0x7ffed4a9f6c8) at ../csu/libc-start.c:360
#38 0x000055e281355301 in ?? ()
[Inferior 1 (process 712370) detached]

Reported using DrKonqi

Comment 1 Charles Samuels 2023-09-29 16:26:47 UTC

Backtrace with debug information:

```
#7  0x00000000061ea0d8 in __cxa_throw () from /lib/x86_64-linux-gnu/libstdc++.so.6
#8  0x00000000061e126d in ?? () from /lib/x86_64-linux-gnu/libstdc++.so.6
#9  0x00000000049784b3 in std::vector<QVector<Konsole::Character>, std::allocator<QVector<Konsole::Character> > >::_M_range_check (this=0xd830870, __n=37) at /usr/include/c++/12/bits/stl_vector.h:1153
#10 0x0000000004975109 in std::vector<QVector<Konsole::Character>, std::allocator<QVector<Konsole::Character> > >::at (
    this=0xd830870, __n=37) at /usr/include/c++/12/bits/stl_vector.h:1175
#11 0x000000000496f6d6 in Konsole::Screen::setSelectionEnd (this=0xd830860, x=50, y=10036, trimTrailingWhitespace=false)
    at /home/charles/tmp/konsole-22.12.3/src/Screen.cpp:1815
#12 0x00000000049816b6 in Konsole::ScreenWindow::setSelectionEnd (this=0x1d198b00, column=50, line=35, 
    trimTrailingWhitespace=false) at /home/charles/tmp/konsole-22.12.3/src/ScreenWindow.cpp:145
#13 0x0000000004a0f77b in Konsole::TerminalDisplay::extendSelection (this=0x1cf8f5c0, position=...)
    at /home/charles/tmp/konsole-22.12.3/src/terminalDisplay/TerminalDisplay.cpp:1469
#14 0x0000000004a0e91e in Konsole::TerminalDisplay::mouseMoveEvent (this=0x1cf8f5c0, ev=0x1ffefff180)
    at /home/charles/tmp/konsole-22.12.3/src/terminalDisplay/TerminalDisplay.cpp:1306
#15 0x0000000004f45db8 in QWidget::event(QEvent*) () from /lib/x86_64-linux-gnu/libQt5Widgets.so.5
#16 0x0000000004a16641 in Konsole::TerminalDisplay::event (this=0x1cf8f5c0, event=0x1ffefff180)
    at /home/charles/tmp/konsole-22.12.3/src/terminalDisplay/TerminalDisplay.cpp:2877
#17 0x0000000004f03fae in QApplicationPrivate::notify_helper(QObject*, QEvent*) ()
   from /lib/x86_64-linux-gnu/libQt5Widgets.so.5
#18 0x0000000004f0c552 in QApplication::notify(QObject*, QEvent*) () from /lib/x86_64-linux-gnu/libQt5Widgets.so.5
#19 0x0000000005e9f6f8 in QCoreApplication::notifyInternal2(QObject*, QEvent*) ()
   from /lib/x86_64-linux-gnu/libQt5Core.so.5
#20 0x0000000004f0a65e in QApplicationPrivate::sendMouseEvent(QWidget*, QMouseEvent*, QWidget*, QWidget*, QWidget**, QPointer<QWidget>&, bool, bool) () from /lib/x86_64-linux-gnu/libQt5Widgets.so.5
#21 0x0000000004f5ebd8 in ?? () from /lib/x86_64-linux-gnu/libQt5Widgets.so.5
#22 0x0000000004f61f60 in ?? () from /lib/x86_64-linux-gnu/libQt5Widgets.so.5
```

Fix:
```
--- Screen.cpp.old      2023-09-29 09:26:08.557129473 -0700
+++ Screen.cpp  2023-09-29 09:26:12.257118245 -0700
@@ -1809,7 +1809,7 @@
         }
 
         // HACK: do not crash.
-        if (_screenLines.size() < line) {
+        if (_screenLines.size() <= line) {
             line = _screenLines.size() - 1;
         }
         const int length = _screenLines.at(line).count();
```

Comment 2 ninjalj 2023-09-30 12:13:11 UTC

This is probably a duplicate of #470346, which is fixed in 23.08 by https://invent.kde.org/utilities/konsole/-/merge_requests/856 (commit https://invent.kde.org/utilities/konsole/-/merge_requests/856/diffs?commit_id=28931090bcbcd577932f293c6e32cc5935f2bda5)

Comment 3 Kurt Hindenburg 2024-03-23 02:04:48 UTC

reopen if the comment #2 didn't fix this