Tdesktop: Segmentation fault when using diacritics

Found another related way to segfault: open a preview of media (either of a link to an image or a sent image), close it and insert something through a dead key.

One thing I noticed: the segfault always happens when a dead key is used but the cursor is NOT currently in any textbox. Actually, when you use reply, or open and close a media window, the cursor does NOT go back to the message textbox. It appears that pressing a letter makes the cursor jump back to it and then insert the letter pressed. However this is done in code, it appears to handle dead keys poorly, leading to the segfault.

This should be fixed with https://github.com/telegramdesktop/tdesktop/commit/00c9d16925762b3ce2d0967ca7725beafd500a4d

@tarcisioe please check 0.9.3 dev version to confirm that it was fixed.

I can confirm it is fixed in 0.9.3 dev. Could not reproduce as described anymore. Also, thanks, it was a quite maddening one!

I am sorry to take back what I have said, but the bug is now just happening sometimes. When I first tried it didn't, but right now I am able to reproduce it again, except that sometimes it doesn't happen.

The way to reproduce it is still look at a picture preview and then exit it by pressing ESC or clicking anywhere. When I do this, if the cursor is blinking on the message field it does NOT segfault, but sometimes it isn't and then the segfault happens as before. Curious thing is that when typing, if I just type in characters without diacritics, the cursor is solid, does not blink at all, and the software segfaults as soon as I type in a diacritic.

Forgot to mention that the segfault that happened related to trying to reply does not happen anymore (at all, tried to reproduce over 10 times, couldn't), only the one related to the image preview does (still almost everytime).

@tarcisioe Well, I did not fix the segfault itself, it is something in Qt, but it happens when window does not fully regain focus, so I tried to activate it manually. Looks like it still does not get activated after the photo viewer.

Just updated to 0.9.8 and it seems there is a regression, the bug when Reply is used is back. Steps are the same as usual:

1. Right click on a message and select reply.
2. Type in a letter with a diacritic (the cursor focus is, again, not on the text box)

Can confirm this also happens on 0.9.15, with Arch Linux 4.2.5-1-ARCH x86_64, using es keyboard layout and i3wm.

Here is the catchsegv log: telegram.txt

Confirmed on 0.9.15 (stable channel) on Debian 8 and Arch, keyboard layout de (deadkeys), window manager bspwm.

Can reconfirm with 4.4.5-1-ARCH, Telegram 0.9.33.

I've also observed the crashes happen when a picture has just been sent.

Can reconfirm into Telegram 0.9.33 downloaded using AUR.

scenarios:

• reply a message using a diacritics: crash
• reply a message witout diacritics.
  
  
  
  • type a message with diacritics after a reply: crash
  
  

Output in gdb:

Thread 1 "telegram-deskto" received signal SIGSEGV, Segmentation fault.
0x000000000148e540 in ?? ()

Sitll present on Telegram 0.9.46 (aur/telegram-desktop-bin-dev). Diacritics typed (even before sending) after a reply or an image crashes the program.

Linux Workaroo 4.5.2-1-ARCH #1 SMP PREEMPT Thu Apr 21 18:21:27 CEST 2016 x86_64 GNU/Linux

On Xubuntu 16.04, keyboard layout Brazil ABNT2, I'm unable to use accents at all on Telegram 0.9.49. I guess you guys have disabled accents in order to prevent the app from crashing?

@brwolfgang No, nothing was disabled specifically.

@john-preston that's odd, I can use them on every other program, but not on Telegram.

This is still happening with replies in version 0.9.52 and it is driving me crazy!

@cauebs when you press Reply and start typing the words, does the cursor blink in the message input field? Because crashes are somehow Qt-related, and as I see they happen when an unfocused input field starts to receive compose keys input. I can't reproduce that myself in Manjaro Xfce :( Which DE and version do you use? Which keyboard input layout? So I have some questions:

1. Does the cursor blink after the Reply is pressed? (as I understand in the not-focused input field it won't blink)
2. Do the letters appear there before it crashes? (for example, if you choose english keyboard layout and just type english letters -- without dead keys, compose keys, accents etc) does it work fine with english letters?
3. Does it crash only when you use some complex input method (like dead keys or compose keys)?

Can you please submit a crash report (which will be offered when it crashed and then launched again) and copy a "Crash Report Tag" here (it will be shown in the crash report window).

@john-preston Your question was not directly to me, but since I have posted the issue in the first place, I'll give you the answers from my system to try and help with what I can.

I am using i3 on Gentoo and my keyboard layout is Dvorak with a few personal modifications. Several friends of mine have the same issue in Arch Linux with a default Brazilian ABNT2 layout. Apparently the issue does not have to do with layouts, but with the presence of dead keys for typing diacritics. I can type ç for example, because I have a key that inputs that directly.

1. The cursor not blinking in the input field is a constant between every case: when I try to use reply, when I try do edit a message and when I leave an image preview. In fact sometimes it helps me remember that the crash is going to happen if I don't click the input field again. Indeed if I do, there is no crash.
2. Every letter that does not cause a crash does appear in the input field. Even though it initially appears as if it is not focused, the letters are, in fact, entered, but the cursor is solid, never blinking until I click the field to focus it. If I do that, as I said, no crashes ever happen, I can input diacritics as normal.
3. The issue happens (for me at least), only when I use a dead key. I can enter many non-english characters, such as ç or ß, and I can input stuff that I need to use Alt Gr or Shift to input, such as \.

I've sent a crash report, tag 5e5fca06-9289-a85c-0fa7d773-055ca304. Really hoping to see this fixed. The crash reporter made the bug a bit more annoying in fact, since Telegram Desktop starts VERY fast, but the crash reporter added a delay before it opening. Before it was more like I accidentally minimized the window, so it was quite minor. Also, thanks for looking into it.

@tarcisioe Thank you for the info!

I think I even found the Qt code line that crashes (sending an event to "focusObject" which is "nullptr").

I can fix this (just not sending the event) and it will fix the crash, but just that — the dead key sequences won't appear in the field at all. Much better will be to fix the un-focus problem.

This has something to do with the popup menu: it takes the focus from the window, but when it gets destroyed, it doesn't return the focus to the main window. I even call the activation method when popup menu gets destroyed, but it still doesn't work :/ I guess I need to reproduce that somehow.

@tarcisioe I'll try to install Arch Linux in Parallels, hope it will reproduce there. What DE should I use to (hopefully) reproduce the problem? (what DE are your friends with this issue in Arch Linux use?)

@tarcisioe And also — do you press Reply by mouse, or select it by keyboard and press Enter? just to know.

@john-preston I do press Reply by mouse (and so does @cauebs, who uses Antergos Linux and i3 as the WM as he told me). I don't remember anyone who had the issue who didn't use i3, but I remember vaguely a friend of mine having the same issue in XFCE. Remember that the issue is also caused by using Edit, or viewing an image on the overlay viewer and exiting it by clicking anywhere, or by pressing Esc (at least the symptoms are exactly the same).

I can try to provide more useful information, such as a gdb backtrace, I just don't have Telegram Desktop built with debug symbols, as far as I know (I always use the dev (now alpha) version, donwnloaded from the official webpage).

@tarcisioe I receive the backtrace from crash reports, but the crash is not the problem — the unfocused window is. Ok, thanks, I'll try i3.

Hi there, finally this is getting some attention! Thank you @john-preston!
I can confirm I use Arch + i3 too, with the latest telegram-desktop version. Don't hesitate to ask for more details if you need to.

Thank you @john-preston. I still confirm the crash on Mint and Arch. Both using i3 and keyboard setup to ABNT2 (Brazil default). Crash do not happens with Cinnamon 2.4.8.

Reproduce crash:

• right click on a msg and select reply
• type a word with dead key that isn't inserted by only one key, like áéíóúãõ
• the crash occurs when the second key is pressed

Opening Telegram by terminal, when crash occurs, it raises the message:

QTextCursor::setPosition: Position '8388607' out of range
QTextCursor::setPosition: Position '8388607' out of range
Segmentation fault

If the word/character is pasted or you type the message first and then select to reply the segmentation fault do not happens.

@Ziul It doesn't happen for me in Mint + i3 :/

@Ziul I press reply:

and then the input field is focused well (the cursor is blinking). When it crashes for you, the cursor does not blink in the input field, right?

@auchri optimist :/

You can contact me at https://telegram.me/preston and I can send you a test build with some more attempts to force activate the window when closing popup menu or photo viewer, I hope this will work. I still can't reproduce the issue myself :(

Also the crash there should be fixed, but, if the force-activate of the window doesn't work, the input after the dead keys won't appear in the input field -- only after clicking there and by that activating the input field.

The crash should be fixed in 0.9.55 alpha version, but I'm afraid the symbols are not appearing in the field :(

On my machine and setup, 0.9.55 is fully fixed - using reply, edit or leaving the image preview just focuses the input field as expected. Cursor blinks, diacritics work.

@tarcisioe Really weird unreproducible Qt bug with blind-coded very dirty-hack-ish fix :) Well, I hope it'll just start working in the rest of the cases.