Uploaded image for project: 'Qt Creator'
  1. Qt Creator
  2. QTCREATORBUG-16208

QtCreator crashes with bad_alloc in FakeVimHandler

    XMLWordPrintable

Details

    • Bug
    • Resolution: Done
    • P2: Important
    • Qt Creator 4.2.1
    • Qt Creator 3.6.1, Qt Creator 4.0.0
    • FakeVim
    • None
    • Windows 10
      Fedora 23
    • a8a1b3b57305f5c986077b24cfdc05a933a80ed5 4721888fa7f37e7fc19d6cb721ca6af7c05a97c8

    Description

      After some time working on a big project in vim mode (non-english keyboard), QtCreator crashes with a bad_alloc:

      Output of QtCreator before the crash:
      QTextCursor::setPosition: Position '253192576' out of range
      QTextCursor::setPosition: Position '795173737' out of range
      QTextCursor::setPosition: Position '1919052108' out of range
      terminate called after throwing an instance of 'std::bad_alloc'
      what(): std::bad_alloc
      /bin/sh: line 1: 6288 Aborted

      Seems that insertState.backspaces and insertState.deletes get way to high values.
      Here is the backtrace:

      (gdb) backtrace
      #0 0x00007f3a8d0187ad in nanosleep () from /lib64/libc.so.6
      #1 0x00007f3a8d018644 in sleep () from /lib64/libc.so.6
      #2 0x00007f3a50120dd2 in KCrash::startProcess(int, char const**, bool) () from /lib64/libKF5Crash.so.5
      #3 0x00007f3a50121280 in KCrash::defaultCrashHandler(int) () from /lib64/libKF5Crash.so.5
      #4 <signal handler called>
      #5 0x00007f3a8cf84a98 in raise () from /lib64/libc.so.6
      #6 0x00007f3a8cf8669a in abort () from /lib64/libc.so.6
      #7 0x00007f3a8d8b9add in _gnu_cxx::_verbose_terminate_handler() () from /lib64/libstdc++.so.6
      #8 0x00007f3a8d8b7936 in ?? () from /lib64/libstdc++.so.6
      #9 0x00007f3a8d8b7981 in std::terminate() () from /lib64/libstdc++.so.6
      #10 0x00007f3a8d8b7b99 in __cxa_throw () from /lib64/libstdc++.so.6
      #11 0x00007f3a8e1932e2 in qBadAlloc() () from /lib64/libQt5Core.so.5
      #12 0x00007f3a8e23c58d in QString::reallocData(unsigned int, bool) () from /lib64/libQt5Core.so.5
      #13 0x00007f3a8e23c5f8 in QString::resize(int) () from /lib64/libQt5Core.so.5
      #14 0x00007f3a8e23c66d in QString::expand(int) () from /lib64/libQt5Core.so.5
      #15 0x00007f3a8e23cc09 in QString::insert(int, QChar const*, int) () from /lib64/libQt5Core.so.5
      #16 0x00007f3a610712c3 in QString::insert (s=..., i=0, this=0xca45450) at /usr/include/qt5/QtCore/qstring.h:424
      #17 QString::prepend (s=..., this=0xca45450) at /usr/include/qt5/QtCore/qstring.h:434
      #18 FakeVim::Internal::FakeVimHandler::Private::commitInsertState (this=this@entry=0xca44dc0)
      at /home/twm/tmp/qt-creator-opensource-src-3.6.1-modified/src/plugins/fakevim/fakevimhandler.cpp:2587
      #19 0x00007f3a61080e6e in FakeVim::Internal::FakeVimHandler::Private::handleInsertOrReplaceMode (this=this@entry=0xca44dc0, input=...)
      at /home/twm/tmp/qt-creator-opensource-src-3.6.1-modified/src/plugins/fakevim/fakevimhandler.cpp:4726
      #20 0x00007f3a6107ea5b in FakeVim::Internal::FakeVimHandler::Private::handleDefaultKey (this=this@entry=0xca44dc0, input=...)
      at /home/twm/tmp/qt-creator-opensource-src-3.6.1-modified/src/plugins/fakevim/fakevimhandler.cpp:2773
      #21 0x00007f3a6107eb3f in FakeVim::Internal::FakeVimHandler::Private::handleCurrentMapAsDefault (this=this@entry=0xca44dc0)
      at /home/twm/tmp/qt-creator-opensource-src-3.6.1-modified/src/plugins/fakevim/fakevimhandler.cpp:2793
      #22 0x00007f3a6107ef68 in FakeVim::Internal::FakeVimHandler::Private::handleKey (this=this@entry=0xca44dc0, input=...)
      at /home/twm/tmp/qt-creator-opensource-src-3.6.1-modified/src/plugins/fakevim/fakevimhandler.cpp:2709
      #23 0x00007f3a6107f0da in FakeVim::Internal::FakeVimHandler::Private::handleEvent (this=0xca44dc0, ev=ev@entry=0x7ffcc624cf60)
      at /home/twm/tmp/qt-creator-opensource-src-3.6.1-modified/src/plugins/fakevim/fakevimhandler.cpp:2529
      #24 0x00007f3a6107f270 in FakeVim::Internal::FakeVimHandler::eventFilter (this=0xca446d0, ob=0xeee3c10, ev=0x7ffcc624cf60)
      at /home/twm/tmp/qt-creator-opensource-src-3.6.1-modified/src/plugins/fakevim/fakevimhandler.cpp:8577
      #25 0x00007f3a8e3836d2 in QCoreApplicationPrivate::sendThroughObjectEventFilters(QObject*, QEvent*) () from /lib64/libQt5Core.so.5
      #26 0x00007f3a8ecb7be5 in QApplicationPrivate::notify_helper(QObject*, QEvent*) () from /lib64/libQt5Widgets.so.5
      #27 0x00007f3a8ecbe816 in QApplication::notify(QObject*, QEvent*) () from /lib64/libQt5Widgets.so.5
      #28 0x00007f3a8e383968 in QCoreApplication::notifyInternal2(QObject*, QEvent*) () from /lib64/libQt5Core.so.5
      #29 0x00007f3a8ed183e3 in QWidgetWindow::event(QEvent*) () from /lib64/libQt5Widgets.so.5
      #30 0x00007f3a8ecb7c0c in QApplicationPrivate::notify_helper(QObject*, QEvent*) () from /lib64/libQt5Widgets.so.5
      #31 0x00007f3a8ecbce96 in QApplication::notify(QObject*, QEvent*) () from /lib64/libQt5Widgets.so.5
      #32 0x00007f3a8e383968 in QCoreApplication::notifyInternal2(QObject*, QEvent*) () from /lib64/libQt5Core.so.5
      #33 0x00007f3a8e6ce328 in QGuiApplicationPrivate::processKeyEvent(QWindowSystemInterfacePrivate::KeyEvent*) () from /lib64/libQt5Gui.so.5
      #34 0x00007f3a8e6d34c5 in QGuiApplicationPrivate::processWindowSystemEvent(QWindowSystemInterfacePrivate::WindowSystemEvent*) () from /lib64/libQt5Gui.so.5
      #35 0x00007f3a8e6b06eb in QWindowSystemInterface::sendWindowSystemEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /lib64/libQt5Gui.so.5
      #36 0x00007f3a7cdc1940 in userEventSourceDispatch(_GSource*, int (void*), void*) () from /lib64/libQt5XcbQpa.so.5
      #37 0x00007f3a8c40ee3a in g_main_context_dispatch () from /lib64/libglib-2.0.so.0
      --Type <return> to continue, or q <return> to quit--
      #38 0x00007f3a8c40f1d0 in g_main_context_iterate.isra () from /lib64/libglib-2.0.so.0
      #39 0x00007f3a8c40f27c in g_main_context_iteration () from /lib64/libglib-2.0.so.0
      #40 0x00007f3a8e3d8cef in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /lib64/libQt5Core.so.5
      #41 0x00007f3a8e3816ea in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () from /lib64/libQt5Core.so.5
      #42 0x00007f3a8e389ddc in QCoreApplication::exec() () from /lib64/libQt5Core.so.5
      #43 0x0000000000408f7c in main (argc=2, argv=<optimized out>) at /home/twm/tmp/qt-creator-opensource-src-3.6.1-modified/src/app/main.cpp:532

      gdb) frame 18
      #18 FakeVim::Internal::FakeVimHandler::Private::commitInsertState (this=this@entry=0xca44dc0)
      at /home/twm/tmp/qt-creator-opensource-src-3.6.1-modified/src/plugins/fakevim/fakevimhandler.cpp:2587
      2587 lastInsertion.prepend(QString(_("<BS>")).repeated(insertState.backspaces));
      (gdb) print lastInsert
      No symbol "lastInsert" in current context.
      (gdb) print lastInsertion
      $1 = (QString &) @0xca45450: {static null =

      {<No data fields>}, d = 0x7f3a8e450120 <QArrayData::shared_null>}
      (gdb) print insertState.backspaces
      $2 = 237518368
      (gdb) print insertState
      $3 = (FakeVim::Internal::FakeVimHandler::Private::BufferData::InsertState &) @0xca45420: {pos1 = 220221008, pos2 = 0, backspaces = 237518368, deletes = 0, spaces = {
      q_hash = d = 0x7f3a8e451260 <QHashData::shared_null>, e = 0x7f3a8e451260 <QHashData::shared_null>}, insertingSpaces = 240, textBeforeCursor = {
      static null = {<No data fields>}

      , d = 0x7f3a8e450120 <QArrayData::shared_null>}, newLineBefore = 161, newLineAfter = true}
      (gdb) print lastInsertion
      $4 = (QString &) @0xca45450: {static null =

      {<No data fields>}

      , d = 0x7f3a8e450120 <QArrayData::shared_null>}

      Thanks

      Attachments

        For Gerrit Dashboard: QTCREATORBUG-16208
        # Subject Branch Project Status CR V

        Activity

          People

            hjk hjk
            tme Thomas Meindl
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Gerrit Reviews

                There are no open Gerrit changes