[kcalc] [Bug 504679] New: Sequence of % Operation followed by inserting ( crashes Kcalc

Dillon Thu, 22 May 2025 13:21:41 -0700

https://bugs.kde.org/show_bug.cgi?id=504679


            Bug ID: 504679
           Summary: Sequence of % Operation followed by inserting (
                    crashes Kcalc
    Classification: Applications
           Product: kcalc
      Version First unspecified
       Reported In:
          Platform: Other
                OS: Other
            Status: REPORTED
          Severity: crash
          Priority: NOR
         Component: general
          Assignee: [email protected]
          Reporter: [email protected]
                CC: [email protected]
  Target Milestone: ---

SUMMARY

Deterministic sequence of operations crashes the calculator 

STEPS TO REPRODUCE
1. Enter a number (e.g. 7)
2. Select the % operator
3. Set the cursor to the beginning of the sequence
4. Select the ( operator

OBSERVED RESULT

Kcalc crashes with ASSERT failure in QList::at: "index out of range"

VIDEO

https://www.youtube.com/watch?v=3oZtIg4OK_U

BACKTRACE
kf.notifications: No event config could be found for event id "beep" under
notifyrc file for app "plasma_workspace"
ASSERT failure in QList::at: "index out of range", file
/usr/include/x86_64-linux-gnu/qt6/QtCore/qlist.h, line 431

Thread 1 "kcalc" received signal SIGABRT, Aborted.
Download failed: Invalid argument.  Continuing without source file
./nptl/./nptl/pthread_kill.c.
__pthread_kill_implementation (threadid=<optimized out>, signo=6, 
    no_tid=0) at ./nptl/pthread_kill.c:44
warning: 44        ./nptl/pthread_kill.c: No such file or directory
(gdb) bt
#0  __pthread_kill_implementation
    (threadid=<optimized out>, signo=6, no_tid=0)
    at ./nptl/pthread_kill.c:44
#1  __pthread_kill_internal (threadid=<optimized out>, signo=6)
    at ./nptl/pthread_kill.c:78
#2  __GI___pthread_kill (threadid=<optimized out>, signo=signo@entry=6)
    at ./nptl/pthread_kill.c:89
#3  0x00007ffff5a4519e in __GI_raise (sig=sig@entry=6)
    at ../sysdeps/posix/raise.c:26
#4  0x00007ffff5a28902 in __GI_abort () at ./stdlib/abort.c:79
#5  0x00007ffff62b994a in qAbort ()
    at /usr/src/qt6-base-6.6.2+dfsg-12/src/corelib/global/qglobal.cpp:161
#6  0x00007ffff6306187 in qt_message_fatal<QString&>
    (context=<optimized out>, message=...)
    at /usr/src/qt6-base-6.6.2+dfsg-12/src/corelib/global/qlogging.cpp:2003
#7  qt_message(QtMsgType, const QMessageLogContext &, const char *, typedef
__va_list_tag __va_list_tag *)
    (msgType=msgType@entry=QtFatalMsg, context=...,
msg=msg@entry=0x7ffff65e14c0 "ASSERT failure in %s: \"%s\", file %s, line %d",
ap=ap@entry=0x7ff--Type <RET> for more, q to quit, c to continue without
paging--c
fffffc150)
    at /usr/src/qt6-base-6.6.2+dfsg-12/src/corelib/global/qlogging.cpp:378
#8  0x00007ffff62ba47b in QMessageLogger::fatal
    (this=this@entry=0x7fffffffc238, msg=msg@entry=0x7ffff65e14c0 "ASSERT
failure in %s: \"%s\", file %s, line %d")
    at /usr/src/qt6-base-6.6.2+dfsg-12/src/corelib/global/qlogging.cpp:901
#9  0x00007ffff62ba52c in qt_assert_x
    (where=where@entry=0x5555556df55e "QList::at",
what=what@entry=0x5555556df54b "index out of range",
file=file@entry=0x5555556de140
"/usr/include/x86_64-linux-gnu/qt6/QtCore/qlist.h", line=line@entry=431)
    at /usr/src/qt6-base-6.6.2+dfsg-12/src/corelib/global/qassert.cpp:77
#10 0x000055555557becf in QList<KCalcToken>::at
    (this=<optimized out>, i=<optimized out>)
    at /usr/include/x86_64-linux-gnu/qt6/QtCore/qlist.h:431
#11 CalcEngine::insert_percentage_Token_In_Stack_ (this=0x555555850370)
    at /home/guifuzz/GUIFuzzBenchmarks/fuzzing/kcalc/kcalc_core.cpp:379
#12 CalcEngine::insert_percentage_Token_In_Stack_ (this=0x555555850370)
    at /home/guifuzz/GUIFuzzBenchmarks/fuzzing/kcalc/kcalc_core.cpp:372
#13 0x0000555555625c58 in CalcEngine::calculate
    (this=0x555555850370, tokenBuffer=..., errorIndex=@0x555555850238: 3)
    at /home/guifuzz/GUIFuzzBenchmarks/fuzzing/kcalc/kcalc_core.cpp:177
#14 0x00005555555a1c38 in KCalculator::commit_Input_
    (this=this@entry=0x55555584fe80)
    at /usr/include/x86_64-linux-gnu/qt6/QtCore/qarraydata.h:53
#15 0x00005555555af8fe in KCalculator::slotInputChanged
    (this=0x55555584fe80)
    at /home/guifuzz/GUIFuzzBenchmarks/fuzzing/kcalc/kcalc.cpp:1427
#16 0x00007ffff63ba5c4 in QtPrivate::QSlotObjectBase::call
    (this=<optimized out>, r=0x55555584fe80, a=0x7fffffffc760, this=<optimized
out>, r=<optimized out>, a=<optimized out>)
    at
/usr/src/qt6-base-6.6.2+dfsg-12/src/corelib/kernel/qobjectdefs_impl.h:433
#17 doActivate<false>
    (sender=0x555557014b50, signal_index=7, argv=0x7fffffffc760)
    at /usr/src/qt6-base-6.6.2+dfsg-12/src/corelib/kernel/qobject.cpp:4039
#18 0x00007ffff7308799 in QLineEdit::textChanged
    (this=<optimized out>, _t1=<optimized out>)
    at
/usr/src/qt6-base-6.6.2+dfsg-12/obj-x86_64-linux-gnu/src/widgets/Widgets_autogen/include/moc_qlineedit.cpp:697
#19 0x00007ffff63ba914 in doActivate<false>
    (sender=0x5555574077b0, signal_index=6, argv=0x7fffffffc870)
    at /usr/src/qt6-base-6.6.2+dfsg-12/src/corelib/kernel/qobject.cpp:4051
#20 0x00007ffff731459c in QWidgetLineControl::textChanged
    (this=this@entry=0x5555574077b0, _t1=...)
    at
/usr/src/qt6-base-6.6.2+dfsg-12/obj-x86_64-linux-gnu/src/widgets/Widgets_autogen/include/moc_qwidgetlinecontrol_p.cpp:361
#21 0x00007ffff73180ef in QWidgetLineControl::finishChange
    (this=0x5555574077b0, validateFromState=4, update=<optimized out>,
edited=<optimized out>)
    at
/usr/src/qt6-base-6.6.2+dfsg-12/src/widgets/widgets/qwidgetlinecontrol.cpp:713
#22 0x000055555563e0eb in KCalcInputDisplay::insertToken
    (this=this@entry=0x555557014b50, token=...)
    at /home/guifuzz/GUIFuzzBenchmarks/fuzzing/kcalc/kcalc_input_display.cpp:57
#23 0x0000555555590656 in KCalculator::insertToInputDisplay
    (this=<optimized out>, token=<optimized out>)
    at /home/guifuzz/GUIFuzzBenchmarks/fuzzing/kcalc/kcalc.cpp:2382
#24 KCalculator::slotParenOpenclicked (this=<optimized out>)
    at /home/guifuzz/GUIFuzzBenchmarks/fuzzing/kcalc/kcalc.cpp:1289
#25 0x00007ffff63ba5c4 in QtPrivate::QSlotObjectBase::call
    (this=<optimized out>, r=0x55555584fe80, a=0x7fffffffca70, this=<optimized
out>, r=<optimized out>, a=<optimized out>)
    at
/usr/src/qt6-base-6.6.2+dfsg-12/src/corelib/kernel/qobjectdefs_impl.h:433
#26 doActivate<false>
    (sender=0x555555a7e900, signal_index=9, argv=0x7fffffffca70)
    at /usr/src/qt6-base-6.6.2+dfsg-12/src/corelib/kernel/qobject.cpp:4039
#27 0x00007ffff72ac044 in QAbstractButton::clicked
    (this=<optimized out>, _t1=<optimized out>)
    at
/usr/src/qt6-base-6.6.2+dfsg-12/obj-x86_64-linux-gnu/src/widgets/Widgets_autogen/include/moc_qabstractbutton.cpp:408
#28 0x00007ffff72a3aff in QAbstractButtonPrivate::emitClicked
    (this=0x555555a7ea40)
    at
/usr/src/qt6-base-6.6.2+dfsg-12/src/widgets/widgets/qabstractbutton.cpp:379
#29 0x00007ffff72a3dd2 in QAbstractButtonPrivate::click
    (this=0x555555a7ea40)
    at
/usr/src/qt6-base-6.6.2+dfsg-12/src/widgets/widgets/qabstractbutton.cpp:372
#30 0x00007ffff72b1efc in QAbstractButton::mouseReleaseEvent
    (this=0x555555a7e900, e=0x7fffffffd0a0)
    at
/usr/src/qt6-base-6.6.2+dfsg-12/src/widgets/widgets/qabstractbutton.cpp:974
#31 0x00007ffff71e3400 in QWidget::event
    (this=0x555555a7e900, event=0x7fffffffd0a0)
    at /usr/src/qt6-base-6.6.2+dfsg-12/src/widgets/kernel/qwidget.cpp:8959
#32 0x00007ffff7193260 in QApplicationPrivate::notify_helper
    (this=this@entry=0x555555701390, receiver=receiver@entry=0x555555a7e900,
e=e@entry=0x7fffffffd0a0)
    at /usr/src/qt6-base-6.6.2+dfsg-12/src/widgets/kernel/qapplication.cpp:3296
#33 0x00007ffff71975fe in QApplication::notify
    (this=<optimized out>, receiver=0x555555a7e900, e=0x7fffffffd0a0)
    at /usr/src/qt6-base-6.6.2+dfsg-12/src/widgets/kernel/qapplication.cpp:2782
#34 0x00007ffff6366718 in QCoreApplication::notifyInternal2
    (receiver=0x555555a7e900, event=0x7fffffffd0a0)
    at
/usr/src/qt6-base-6.6.2+dfsg-12/src/corelib/kernel/qcoreapplication.cpp:1121
#35 0x00007ffff6366c1d in QCoreApplication::sendSpontaneousEvent
    (receiver=<optimized out>, event=<optimized out>)
    at
/usr/src/qt6-base-6.6.2+dfsg-12/src/corelib/kernel/qcoreapplication.cpp:1553
#36 0x00007ffff718c97c in QApplicationPrivate::sendMouseEvent
    (receiver=0x555555a7e900, event=0x7fffffffd0a0, alienWidget=<optimized
out>, nativeWidget=0x55555584fe80, buttonDown=<optimized out>,
lastMouseReceiver=..., spontaneous=true, onlyDispatchEnterLeave=false)
    at /usr/src/qt6-base-6.6.2+dfsg-12/src/widgets/kernel/qapplication.cpp:2366
#37 0x00007ffff71f6936 in QWidgetWindow::handleMouseEvent
    (this=0x555555a7fe60, event=0x7fffffffd4f0)
    at /usr/src/qt6-base-6.6.2+dfsg-12/src/widgets/kernel/qwidgetwindow.cpp:653
#38 0x00007ffff71f2188 in QWidgetWindow::event
    (this=0x555555a7fe60, event=0x7fffffffd4f0)
    at /usr/src/qt6-base-6.6.2+dfsg-12/src/widgets/kernel/qwidgetwindow.cpp:267
#39 0x00007ffff7193260 in QApplicationPrivate::notify_helper
    (this=<optimized out>, receiver=0x555555a7fe60, e=0x7fffffffd4f0)
    at /usr/src/qt6-base-6.6.2+dfsg-12/src/widgets/kernel/qapplication.cpp:3296
#40 0x00007ffff6366718 in QCoreApplication::notifyInternal2
    (receiver=0x555555a7fe60, event=0x7fffffffd4f0)
    at
/usr/src/qt6-base-6.6.2+dfsg-12/src/corelib/kernel/qcoreapplication.cpp:1121
#41 0x00007ffff6366c1d in QCoreApplication::sendSpontaneousEvent
    (receiver=<optimized out>, event=<optimized out>)
    at
/usr/src/qt6-base-6.6.2+dfsg-12/src/corelib/kernel/qcoreapplication.cpp:1553
#42 0x00007ffff69a8cdb in QGuiApplicationPrivate::processMouseEvent
    (e=0x7fffe8019450)
    at /usr/src/qt6-base-6.6.2+dfsg-12/src/gui/kernel/qguiapplication.cpp:2325
#43 0x00007ffff6a037fc in QWindowSystemInterface::sendWindowSystemEvents
    (flags=flags@entry=...)
    at
/usr/src/qt6-base-6.6.2+dfsg-12/src/gui/kernel/qwindowsysteminterface.cpp:1109
#44 0x00007fffefb8a8f6 in xcbSourceDispatch (source=<optimized out>)
    at
/usr/src/qt6-base-6.6.2+dfsg-12/src/plugins/platforms/xcb/qxcbeventdispatcher.cpp:57
#45 0x00007ffff5541397 in g_main_dispatch (context=0x7fffe8000f00)
    at ../../../glib/gmain.c:3357
#46 0x00007ffff55a1dc7 in g_main_context_dispatch_unlocked
    (context=0x7fffe8000f00) at ../../../glib/gmain.c:4208
#47 g_main_context_iterate_unlocked.isra.0
    (context=context@entry=0x7fffe8000f00, block=block@entry=1,
dispatch=dispatch@entry=1, self=<optimized out>) at ../../../glib/gmain.c:4273
#48 0x00007ffff55408b3 in g_main_context_iteration
    (context=0x7fffe8000f00, may_block=1) at ../../../glib/gmain.c:4338
#49 0x00007ffff6573253 in QEventDispatcherGlib::processEvents
    (this=0x55555579bf80, flags=...)
    at
/usr/src/qt6-base-6.6.2+dfsg-12/src/corelib/kernel/qeventdispatcher_glib.cpp:393
#50 0x00007ffff6370b5b in QEventLoop::exec
    (this=0x7fffffffd930, flags=...)
    at /usr/src/qt6-base-6.6.2+dfsg-12/src/corelib/global/qflags.h:34
#51 0x00007ffff6369b5c in QCoreApplication::exec ()
    at /usr/src/qt6-base-6.6.2+dfsg-12/src/corelib/global/qflags.h:74
#52 0x00007ffff69a3d1d in QGuiApplication::exec ()
    at /usr/src/qt6-base-6.6.2+dfsg-12/src/gui/kernel/qguiapplication.cpp:1925
#53 0x00007ffff718f959 in QApplication::exec ()
    at /usr/src/qt6-base-6.6.2+dfsg-12/src/widgets/kernel/qapplication.cpp:2574
#54 0x0000555555588186 in main
    (argc=<optimized out>, argv=<optimized out>)
    at /home/guifuzz/GUIFuzzBenchmarks/fuzzing/kcalc/kcalc.cpp:2982
(gdb) 

VERSIONS
Ubuntu 24.10
Kcalc 25.07.70

-- 
You are receiving this mail because:
You are watching all bug changes.

[kcalc] [Bug 504679] New: Sequence of % Operation followed by inserting ( crashes Kcalc

Reply via email to