Bug 287179 - Segmentation fault when copy&paste of sequence diagram
Summary: Segmentation fault when copy&paste of sequence diagram
Status: RESOLVED FIXED
Alias: None
Product: umbrello
Classification: Applications
Component: general (show other bugs)
Version: unspecified
Platform: Ubuntu Linux
: NOR crash
Target Milestone: ---
Assignee: Umbrello Development Group
URL:
Keywords:
: 241915 262842 274265 275372 280770 286449 294480 294638 (view as bug list)
Depends on:
Blocks:
 
Reported: 2011-11-21 16:42 UTC by Danny Havenith
Modified: 2013-11-06 17:17 UTC (History)
10 users (show)

See Also:
Latest Commit:
Version Fixed In: 4.9.0


Attachments
document on which the application crashes consistently (55.34 KB, text/x-xmi)
2011-11-21 16:47 UTC, Danny Havenith
Details
original header file that was used to create banking_example.xmi (1.11 KB, text/x-c++hdr)
2011-11-21 16:51 UTC, Danny Havenith
Details

Note You need to log in before you can comment on or make changes to this bug.
Description Danny Havenith 2011-11-21 16:42:41 UTC
Application: umbrello (2.7.2)
KDE Platform Version: 4.7.2 (4.7.2)
Qt Version: 4.7.4
Operating System: Linux 3.0.0-13-generic x86_64
Distribution: Ubuntu 11.10

-- Information about the crash:
- start umbrello
- open file "banking_example.xmi"
  + on stderr, umbrello complains that ids are 'already in use'
- In the tree view select 'Use Case View'/'use case diagram' in the model
- press Ctrl-C, umbrello will select all use cases and actors in the diagram
- select 'Use Case View' (but reproduced with other folders as well)
- press Ctrl-V
= umbrello crashes, reporting a segmentation fault.

The file 'banking_example.xmi' has been created in umbrello and was edited in umbrello only. Classes in this file were created using 'Import Classes' from a C++ header file.

The crash can be reproduced every time.

-- Backtrace:
Application: Umbrello UML Modeller (umbrello), signal: Segmentation fault
[Current thread is 1 (Thread 0x7fc40f3f6780 (LWP 12367))]

Thread 3 (Thread 0x7fc3fa995700 (LWP 12370)):
#0  0x00007fc40b193773 in __GI___poll (fds=<optimized out>, nfds=<optimized out>, timeout=<optimized out>) at ../sysdeps/unix/sysv/linux/poll.c:87
#1  0x00007fc4078b5f68 in ?? () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#2  0x00007fc4078b6792 in g_main_loop_run () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#3  0x00007fc40291f516 in ?? () from /usr/lib/x86_64-linux-gnu/libgio-2.0.so.0
#4  0x00007fc4078db2b6 in ?? () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#5  0x00007fc40aea8efc in start_thread (arg=0x7fc3fa995700) at pthread_create.c:304
#6  0x00007fc40b19f89d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:112
#7  0x0000000000000000 in ?? ()

Thread 2 (Thread 0x7fc3ea172700 (LWP 12387)):
#0  0x00007fc40b193773 in __GI___poll (fds=<optimized out>, nfds=<optimized out>, timeout=<optimized out>) at ../sysdeps/unix/sysv/linux/poll.c:87
#1  0x00007fc4078b5f68 in ?? () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#2  0x00007fc4078b6429 in g_main_context_iteration () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#3  0x00007fc40c287f3e in QEventDispatcherGlib::processEvents (this=0x1e050c0, flags=<optimized out>) at kernel/qeventdispatcher_glib.cpp:424
#4  0x00007fc40c25bcf2 in QEventLoop::processEvents (this=<optimized out>, flags=...) at kernel/qeventloop.cpp:149
#5  0x00007fc40c25bef7 in QEventLoop::exec (this=0x7fc3ea171dd0, flags=...) at kernel/qeventloop.cpp:201
#6  0x00007fc40c17327f in QThread::exec (this=<optimized out>) at thread/qthread.cpp:498
#7  0x00007fc40c23ecbf in QInotifyFileSystemWatcherEngine::run (this=0x1df01b0) at io/qfilesystemwatcher_inotify.cpp:248
#8  0x00007fc40c175d05 in QThreadPrivate::start (arg=0x1df01b0) at thread/qthread_unix.cpp:331
#9  0x00007fc40aea8efc in start_thread (arg=0x7fc3ea172700) at pthread_create.c:304
#10 0x00007fc40b19f89d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:112
#11 0x0000000000000000 in ?? ()

Thread 1 (Thread 0x7fc40f3f6780 (LWP 12367)):
[KCrash Handler]
#6  0x00007fc40b99b4f8 in std::basic_string<char, std::char_traits<char>, std::allocator<char> >::basic_string(std::string const&) () from /usr/lib/x86_64-linux-gnu/libstdc++.so.6
#7  0x00000000004b9b23 in y (this=<optimized out>) at ../../../umbrello/umbrello/clipboard/idchangelog.h:67
#8  IDChangeLog::findIDChange (this=0x2095100, OldID=..., NewID=..., pos=@0x7fff97b115f8) at ../../../umbrello/umbrello/clipboard/idchangelog.cpp:116
#9  0x00000000004b9f44 in IDChangeLog::addIDChange (this=0x2095100, OldID=..., NewID=...) at ../../../umbrello/umbrello/clipboard/idchangelog.cpp:91
#10 0x00000000007268b1 in UMLDoc::assignNewID (this=0x1a89fc0, oldID=...) at ../../../umbrello/umbrello/umldoc.cpp:2582
#11 0x00000000007366a2 in UMLDoc::assignNewIDs (this=0x1a89fc0, obj=0x1e9c820) at ../../../umbrello/umbrello/umldoc.cpp:2476
#12 0x00000000004b7aa2 in UMLClipboard::pasteClip2 (this=0x7fff97b119a0, data=<optimized out>) at ../../../umbrello/umbrello/clipboard/umlclipboard.cpp:452
#13 0x00000000004b930b in UMLClipboard::paste (this=0x7fff97b119a0, data=0x21828f0) at ../../../umbrello/umbrello/clipboard/umlclipboard.cpp:173
#14 0x000000000070ef6e in UMLApp::slotEditPaste (this=0x1a7b760) at ../../../umbrello/umbrello/uml.cpp:1292
#15 0x000000000071e81d in UMLApp::qt_metacall (this=0x1a7b760, _c=QMetaObject::InvokeMetaMethod, _id=14, _a=0x7fff97b11b90) at ./uml.moc:228
#16 0x00007fc40c26feba in QMetaObject::activate (sender=0x1ae60a0, m=<optimized out>, local_signal_index=<optimized out>, argv=0x7fff97b11b90) at kernel/qobject.cpp:3278
#17 0x00007fc40c786b62 in QAction::triggered (this=<optimized out>, _t1=false) at .moc/release-shared/moc_qaction.cpp:263
#18 0x00007fc40c786d4f in QAction::activate (this=0x1ae60a0, event=<optimized out>) at kernel/qaction.cpp:1257
#19 0x00007fc40c786ebf in QAction::event (this=<optimized out>, e=<optimized out>) at kernel/qaction.cpp:1183
#20 0x00007fc40dae286a in KAction::event (this=<optimized out>, event=0x7fff97b12020) at ../../kdeui/actions/kaction.cpp:131
#21 0x00007fc40c78d424 in notify_helper (e=0x7fff97b12020, receiver=0x1ae60a0, this=0x181b8d0) at kernel/qapplication.cpp:4486
#22 QApplicationPrivate::notify_helper (this=0x181b8d0, receiver=0x1ae60a0, e=0x7fff97b12020) at kernel/qapplication.cpp:4458
#23 0x00007fc40c792291 in QApplication::notify (this=0x7fff97b132d0, receiver=0x1ae60a0, e=0x7fff97b12020) at kernel/qapplication.cpp:4365
#24 0x00007fc40dbc9126 in KApplication::notify (this=0x7fff97b132d0, receiver=0x1ae60a0, event=0x7fff97b12020) at ../../kdeui/kernel/kapplication.cpp:311
#25 0x00007fc40c25cafc in QCoreApplication::notifyInternal (this=0x7fff97b132d0, receiver=0x1ae60a0, event=0x7fff97b12020) at kernel/qcoreapplication.cpp:787
#26 0x00007fc40c7bf499 in sendEvent (event=0x7fff97b12020, receiver=<optimized out>) at ../../include/QtCore/../../src/corelib/kernel/qcoreapplication.h:215
#27 QShortcutMap::dispatchEvent (this=<optimized out>, e=0x7fff97b12430) at kernel/qshortcutmap.cpp:879
#28 0x00007fc40c7c096a in QShortcutMap::tryShortcutEvent (this=0x181b9f8, o=<optimized out>, e=0x7fff97b12430) at kernel/qshortcutmap.cpp:364
#29 0x00007fc40c793b12 in QApplication::notify (this=0x7fff97b132d0, receiver=0x1d26aa0, e=0x7fff97b12430) at kernel/qapplication.cpp:3928
#30 0x00007fc40dbc9126 in KApplication::notify (this=0x7fff97b132d0, receiver=0x1d26aa0, event=0x7fff97b12430) at ../../kdeui/kernel/kapplication.cpp:311
#31 0x00007fc40c25cafc in QCoreApplication::notifyInternal (this=0x7fff97b132d0, receiver=0x1d26aa0, event=0x7fff97b12430) at kernel/qcoreapplication.cpp:787
#32 0x00007fc40c830f99 in QKeyMapper::sendKeyEvent (keyWidget=0x1d26aa0, grab=<optimized out>, type=QEvent::KeyPress, code=86, modifiers=..., text=..., autorepeat=false, count=1, nativeScanCode=55, nativeVirtualKey=118, nativeModifiers=4) at kernel/qkeymapper_x11.cpp:1866
#33 0x00007fc40c83140b in QKeyMapperPrivate::translateKeyEvent (this=0x1858640, keyWidget=0x1d26aa0, event=0x7fff97b12e70, grab=false) at kernel/qkeymapper_x11.cpp:1836
#34 0x00007fc40c80c347 in QApplication::x11ProcessEvent (this=0x7fff97b132d0, event=0x7fff97b12e70) at kernel/qapplication_x11.cpp:3583
#35 0x00007fc40c835412 in x11EventSourceDispatch (s=0x181f850, callback=0, user_data=0x0) at kernel/qguieventdispatcher_glib.cpp:146
#36 0x00007fc4078b5a5d in g_main_context_dispatch () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#37 0x00007fc4078b6258 in ?? () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#38 0x00007fc4078b6429 in g_main_context_iteration () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#39 0x00007fc40c287ed6 in QEventDispatcherGlib::processEvents (this=0x17d6f40, flags=<optimized out>) at kernel/qeventdispatcher_glib.cpp:422
#40 0x00007fc40c83507e in QGuiEventDispatcherGlib::processEvents (this=<optimized out>, flags=<optimized out>) at kernel/qguieventdispatcher_glib.cpp:204
#41 0x00007fc40c25bcf2 in QEventLoop::processEvents (this=<optimized out>, flags=...) at kernel/qeventloop.cpp:149
#42 0x00007fc40c25bef7 in QEventLoop::exec (this=0x7fff97b13240, flags=...) at kernel/qeventloop.cpp:201
#43 0x00007fc40c260789 in QCoreApplication::exec () at kernel/qcoreapplication.cpp:1064
#44 0x000000000043a9f6 in main (argc=3, argv=0x7fff97b136d8) at ../../../umbrello/umbrello/main.cpp:111

This bug may be a duplicate of or related to bug 241915, bug 275372.

Possible duplicates by query: bug 286449, bug 280770, bug 275372, bug 274265, bug 257584.

Reported using DrKonqi
Comment 1 Danny Havenith 2011-11-21 16:47:58 UTC
Created attachment 65911 [details]
document on which the application crashes consistently

This is the input file on which the application crashes consistently for me. This file was edited and created in umbrello only. Classes were created by importing from a C++ header file (also attached).
Comment 2 Danny Havenith 2011-11-21 16:51:26 UTC
Created attachment 65912 [details]
original header file that was used to create banking_example.xmi

This file was used to create the classes in banking_example.xmi. It may have changed since it was imported into umbrello, but such changes should be minor (commenting, whitespace).
Comment 3 Ralf Habacker 2012-01-16 11:29:07 UTC
The problem is a faulty implementation of the PointArray class, which is used by  IDChangeLog. 

In 
void IDChangeLog::addIDChange(Uml::IDType OldID, Uml::IDType NewID)

it resizes the array 

        pos = m_LogArray.size();
        m_LogArray.resize(pos + 1);

and adds the point
        m_LogArray.setPoint(pos, NewID, OldID);

which is implemented as 

void  setPoint(uint i, const Uml::IDType &x, const Uml::IDType &y) {
            QVector<Point*>::insert(i, new Point(x, y));
        
The resize adds a 0 pointer at position 0, the ::insert insert the new point at position 0, which moves the 0 pointer to index 1. 

void QVector::insert ( int i, const T & value ) says: 

Inserts value at index position i in the vector. If i is 0, the value is prepended to the vector. If i is size(), the value is appended to the vector.

That identifies the resize() as the problem.
Comment 4 Ralf Habacker 2012-01-16 11:35:24 UTC
SVN commit 1273902 by habacker:

Fixed copy & paste crash bug.


 M  +0 -1      idchangelog.cpp  


WebSVN link: http://websvn.kde.org/?view=rev&revision=1273902
Comment 5 Ralf Habacker 2012-01-16 17:19:33 UTC
*** Bug 241915 has been marked as a duplicate of this bug. ***
Comment 6 Ralf Habacker 2012-01-16 17:28:12 UTC
*** Bug 262842 has been marked as a duplicate of this bug. ***
Comment 7 Ralf Habacker 2012-01-16 17:31:42 UTC
*** Bug 286449 has been marked as a duplicate of this bug. ***
Comment 8 Ralf Habacker 2012-01-16 17:32:25 UTC
*** Bug 274265 has been marked as a duplicate of this bug. ***
Comment 9 Ralf Habacker 2012-01-16 17:33:07 UTC
*** Bug 275372 has been marked as a duplicate of this bug. ***
Comment 10 Ralf Habacker 2012-01-16 17:33:59 UTC
*** Bug 280770 has been marked as a duplicate of this bug. ***
Comment 11 Jekyll Wu 2012-07-05 22:57:06 UTC
*** Bug 294638 has been marked as a duplicate of this bug. ***
Comment 12 Jekyll Wu 2012-07-05 22:57:33 UTC
*** Bug 294480 has been marked as a duplicate of this bug. ***
Comment 13 Ralf Habacker 2013-11-06 17:17:28 UTC
apply fixed bug from 4.9.0 changelog