"goldendict" received signal SIGSEGV, Segmentation fault from QToolBarAreaLayout::apply

[munzirtaha]

Running goldendict segfaults. Attached is the journal log entry
goldendict.log

Running it from gdb shows

Thread 1 "goldendict" received signal SIGSEGV, Segmentation fault.
QToolBarAreaLayout::apply (this=0x555555eb64c0, animate=false) at /usr/src/debug/qt6-base/qtbase-everywhere-src-6.5.1/src/widgets/widgets/qtoolbararealayout.cpp:859
859                     if (item.skip() || item.gap)
(gdb) bt
#0  QToolBarAreaLayout::apply(bool) (this=0x555555eb6930, animate=false) at /usr/src/debug/qt6-base/qtbase-everywhere-src-6.5.1/src/widgets/widgets/qtoolbararealayout.cpp:859
#1  0x00007ffff570b322 in QMainWindowLayoutState::apply(bool) (animated=<optimized out>, this=0x555555eb6918) at /usr/src/debug/qt6-base/qtbase-everywhere-src-6.5.1/src/widgets/widgets/qmainwindowlayout.cpp:676
#2  QMainWindowLayout::applyState(QMainWindowLayoutState&, bool) (this=<optimized out>, newState=<optimized out>, animate=<optimized out>) at /usr/src/debug/qt6-base/qtbase-everywhere-src-6.5.1/src/widgets/widgets/qmainwindowlayout.cpp:2954
#3  0x00007ffff55a0621 in QLayoutPrivate::doResize() (this=<error reading variable: Cannot access memory at address 0x7fffffffc518>) at /usr/src/debug/qt6-base/qtbase-everywhere-src-6.5.1/src/widgets/kernel/qlayout.cpp:507

Here is the full gdb log
gdb.log

OS and software versions:

Operating System: Arch Linux 
KDE Plasma Version: 5.27.6
KDE Frameworks Version: 5.107.0
Qt Version: 5.15.10
Kernel Version: 6.4.2-arch1-1 (64-bit)
Graphics Platform: Wayland
Processors: 16 × AMD Ryzen 9 6900HX with Radeon Graphics
Memory: 30.5 GiB of RAM
Graphics Processor: AMD Radeon Graphics

help -> about -> Copy version info:

Goldendict-ng 23.06.02-alpha.86f9fa6c on Mon Jul 10 02:30:30 2023
Qt 6.5.1 GCC 13.1.1 20230429arch linux 6.4.2-arch1-1 x86_64-little_endian-lp64
Flags:USE_XAPIAN MAKE_ZIM_SUPPORT MAKE_CHINESE_CONVERSION_SUPPORT

[xiaoyifang]

any connection with Graphics Platform: Wayland?

[shenlebantongying]

I suspect this is caused by not having a version number on saveState/restoreState calls, and we did change something about the toolbar. The old state string becomes invalid.

If so, the workaround is to run goldendict --reset-window-state once or delete <mainWindowState/mainWindowGeometry> from the ~/.config/goldendict/config file. @munzirtaha you can try this.

Maybe we should assign a version number that combines Qt & GD's versions.

https://doc.qt.io/qt-6/qmainwindow.html#restoreState

https://github.com/goldendict/goldendict/blob/a2be1797498a604634413c72739eb2f82aef00a2/scanpopup.cc#L366

[xiaoyifang]

As I think the version number has no effect, (It does not change at all). So I just delete the version parmater of saveState.
Maybe during different Qt versions ,the saveState format has changed, an old version qt's state will crashed in a new Qt version?

If this is the cause,
generate a version number based on Qt version should be ok.

[munzirtaha]

If so, the workaround is to run goldendict --reset-window-state once or delete <mainWindowState/mainWindowGeometry> from the ~/.config/goldendict/config file. @munzirtaha you can try this.

Indeed. This solved it for me. Thanks for your quick response.

[munzirtaha]

However, the entry go regenerated every time I launch goldendict-ng and I have to remove it manually. My entry looks like this

<mainWindowState>AAAA/wAAAAD9AAAAAgAAAAAAAAAAAAAAAPwCAAAAAfsAAAAUAHMAZQBhAHIAYwBoAFAAYQBuAGUAAAAAAP////8AAACKAP///wAAAAEAAADMAAAD5vwCAAAAA/sAAAASAGQAaQBjAHQAcwBQAGEAbgBlAQAAACcAAAFJAAAAYwD////7AAAAGgBmAGEAdgBvAHIAaQB0AGUAcwBQAGEAbgBlAQAAAXYAAAFIAAAAYwD////7AAAAFgBoAGkAcwB0AG8AcgB5AFAAYQBuAGUBAAACxAAAAUkAAABjAP///wAABdkAAAPmAAAABAAAAAQAAAAIAAAACPwAAAABAAAAAgAAAAIAAAAUAG4AYQB2AFQAbwBvAGwAYgBhAHIBAAAAAP////8AAAAAAAAAAAAAABoAZABpAGMAdABpAG8AbgBhAHIAeQBCAGEAcgEAAAJ9/////wAAAAAAAAAA</mainWindowState>

[xiaoyifang]

The senario is like this:
saveState() then restoreState() will cause a crash.

I tend to believe that this maybe a qt bug.

Need a way to bypass this crash.

[xiaoyifang]

goldendict-ng/src/ui/mainwindow.cc

Lines 715 to 718 in fc7a67d

	if ( cfg.mainWindowGeometry.size() )
	restoreGeometry( cfg.mainWindowGeometry );
	if ( cfg.mainWindowState.size() && !cfg.resetState )
	restoreState( cfg.mainWindowState );

It is difficult to reproduce the crash in other environment.
@munzirtaha Can you help to try some experiment changes ?

Step 1: comment the first two line codes

and check if it still crash.

If still crash. no further steps.
If does not crash, try
Step 2: move the two lines unders restoreState like this

  if ( cfg.mainWindowState.size() && !cfg.resetState )
    restoreState( cfg.mainWindowState );
  if ( cfg.mainWindowGeometry.size() )
    restoreGeometry( cfg.mainWindowGeometry );

[munzirtaha]

I commented the two lines and it doesn't crash. I moved them down and still it doesn't crash. Thanks. However, I still wonder how come it's only me who is facing this?!

[xiaoyifang]

I commented the two lines and it doesn't crash. I moved them down and still it doesn't crash.

I never thought it can really work.

With wild guess that the restoreGeometry has done something to the layout which lead to the crash of restoreState.

I still wonder how come it's only me who is facing this?!

I guess this bug was introduced with latest qt versions in Linux