| Summary: | Terminating application (Sig 11) | ||
|---|---|---|---|
| Product: | [Applications] kolourpaint | Reporter: | Andrey <bachtub> |
| Component: | general | Assignee: | kolourpaint-support |
| Status: | RESOLVED FIXED | ||
| Severity: | crash | ||
| Priority: | NOR | ||
| Version: | 1.4_relight | ||
| Target Milestone: | --- | ||
| Platform: | Slackware | ||
| OS: | Linux | ||
| Latest Commit: | Version Fixed In: | ||
|
Description
Andrey
2005-12-07 16:03:46 UTC
Could you please tell me what kind of tools you were using? Did use Undo/Redo a lot or in a special way? http://babelfish.av.com/tr: Смогли вы пожалуйста сказать мне что вид инструментов вы использовали? Использовал Undo/Redo много или в специальной дороге? On Thursday 08 December 2005 02:03, Andrey wrote: [bugs.kde.org quoted mail] [Babel Fish Translation: "Checking system configuration with the starting is switched off."] > > (no debugging symbols found) > Using host libthread_db library "/lib/tls/libthread_db.so.1". > (no debugging symbols found) > (no debugging symbols found) > (no debugging symbols found) > (no debugging symbols found) > (no debugging symbols found) > (no debugging symbols found) > (no debugging symbols found) > (no debugging symbols found) > (no debugging symbols found) > (no debugging symbols found) > (no debugging symbols found) > (no debugging symbols found) > (no debugging symbols found) > (no debugging symbols found) > (no debugging symbols found) > (no debugging symbols found) > (no debugging symbols found) > (no debugging symbols found) > (no debugging symbols found) > (no debugging symbols found) > (no debugging symbols found) > (no debugging symbols found) > (no debugging symbols found) > (no debugging symbols found) > (no debugging symbols found) > (no debugging symbols found) > (no debugging symbols found) > (no debugging symbols found) > (no debugging symbols found) > (no debugging symbols found) > (no debugging symbols found) > (no debugging symbols found) > [Thread debugging using libthread_db enabled] > [New Thread -1232369440 (LWP 22054)] > (no debugging symbols found) > (no debugging symbols found) > (no debugging symbols found) > (no debugging symbols found) > (no debugging symbols found) > (no debugging symbols found) > (no debugging symbols found) > (no debugging symbols found) > (no debugging symbols found) > (no debugging symbols found) > (no debugging symbols found) > (no debugging symbols found) > (no debugging symbols found) > (no debugging symbols found) > (no debugging symbols found) > (no debugging symbols found) > (no debugging symbols found) > [KCrash handler] > #3 0x08096617 in QValueVectorPrivate<int>::QValueVectorPrivate () > #4 0x080e1815 in kpToolSelectionResizeScaleCommand::size () > #5 0x080e2818 in kpToolSelectionResizeScaleCommand::staticMetaObject () > #6 0xb70aa1ec in QObject::activate_signal () > from /usr/lib/qt/lib/libqt-mt.so.3 > #7 0xb70aa014 in QObject::activate_signal () > from /usr/lib/qt/lib/libqt-mt.so.3 > #8 0xb73cf2eb in QTimer::timeout () from /usr/lib/qt/lib/libqt-mt.so.3 > #9 0xb70cba32 in QTimer::event () from /usr/lib/qt/lib/libqt-mt.so.3 > #10 0xb704d95f in QApplication::internalNotify () > from /usr/lib/qt/lib/libqt-mt.so.3 > #11 0xb704cf5e in QApplication::notify () from > /usr/lib/qt/lib/libqt-mt.so.3 #12 0xb768e725 in KApplication::notify () > from /opt/kde/lib/libkdecore.so.4 #13 0xb703d195 in > QEventLoop::activateTimers () > from /usr/lib/qt/lib/libqt-mt.so.3 > #14 0xb6ff78fb in QEventLoop::processEvents () > from /usr/lib/qt/lib/libqt-mt.so.3 > #15 0xb705fd18 in QEventLoop::enterLoop () from > /usr/lib/qt/lib/libqt-mt.so.3 #16 0xb705fbc8 in QEventLoop::exec () from > /usr/lib/qt/lib/libqt-mt.so.3 #17 0xb704dbb1 in QApplication::exec () from > /usr/lib/qt/lib/libqt-mt.so.3 #18 0x080685de in ?? () > #19 0xbfbb1a60 in ?? () > #20 0xbfbb1a00 in ?? () > #21 0x00000000 in ?? () > #22 0x08212ea0 in ?? () > #23 0x00000000 in ?? () > #24 0xfffffffe in ?? () > #25 0x00000000 in ?? () > #26 0x0810a740 in _IO_stdin_used () > #27 0x0810a700 in _IO_stdin_used () > #28 0x0810a0a8 in _IO_stdin_used () > #29 0xb7fb4fd8 in ?? () from /lib/ld-linux.so.2 > #30 0x009107b8 in ?? () > #31 0xb6a30020 in ?? () from /lib/tls/libm.so.6 > #32 0x08133b10 in ?? () > #33 0xb7fa70b7 in do_lookup_x () from /lib/ld-linux.so.2 > #34 0xb6925fcb in __libc_start_main () from /lib/tls/libc.so.6 > #35 0x080676e1 in ?? () Clarence Dang wrote: [bugs.kde.org quoted mail] Использовали copy/paste выдергивая чисти другого рисунка из другого окна kolourpaint, undo/redo использовали редко, часто просто выделяли области и перемащали или копировали их в другое место. On Friday 09 December 2005 08:45, Andrey wrote: > Использовали copy/paste выдергивая чисти другого рисунка из другого окна > kolourpaint, undo/redo использовали редко, часто просто выделяли области > и перемащали или копировали их в другое место. > > (http://babelfish.av.com/tr: they used copy/paste pulling out to chisti > [copy] another figure from another window kolourpaint, undo/redo used > rarely, frequently simply allotted [selected] region and peremashchali > [pasted] or copied them into another place.) I am having trouble reproducing this bug. If you or anyone else finds a sequence of actions that consistently causes this or another crash, please email those actions here or to me. http://babelfish.av.com/tr: Я имею тревогу воспроизвести эту черепашку. Если вы или любое еще находите последовательность действий последовательно причиняет это или другой аварии, пожалуйста email те действия здесь или к мне. The report is about KDE 3.5.0. The backtrace going from #5 to #4 appears to be missing some methods as size() is not a slot: ~~~~ #4 0x080e1815 in kpToolSelectionResizeScaleCommand::size () #5 0x080e2818 in kpToolSelectionResizeScaleCommand::staticMetaObject () ~~~~ I have confirmed a reproduceable crash in KolourPaint in KDE 3.4 and 3.5 (and probably 3.3): Drag on a selection's resize handles and within 200ms of the drag ending, deselect the selection (press Esc or click away). "kpToolSelectionResizeScaleCommand::m_smoothScaleTimer" is not stopped before "kpToolSelectionResizeScaleCommand" is inserted in the command history. It needs to be stopped and the smooth scale completed, before insertion. The backtraces look similar to yours and like your yours, has impossible method calls at the top so I think it's the same bug. I will post them shortly. Backtrace for my build on 1.4.4_light (post KDE 3.4.3): (no debugging symbols found) Using host libthread_db library "/lib/libthread_db.so.1". (no debugging symbols found) [...] (no debugging symbols found) [Thread debugging using libthread_db enabled] [New Thread -1208849952 (LWP 23828)] (no debugging symbols found) [KCrash handler] #4 0x0808eeaa in kpSelection::isText () #5 0x080cac7f in kpToolSelectionResizeScaleCommand::resizeScaleAndMove () #6 0x080caf39 in kpToolSelectionResizeScaleCommand::resizeScaleAndMove () #7 0x080cb39a in kpToolSelectionResizeScaleCommand::qt_invoke () #8 0x05dc8db4 in QObject::activate_signal () from /usr/lib/qt-3.3/lib/libqt-mt.so.3 #9 0x05dc9274 in QObject::activate_signal () from /usr/lib/qt-3.3/lib/libqt-mt.so.3 #10 0x0613f6ab in QTimer::timeout () from /usr/lib/qt-3.3/lib/libqt-mt.so.3 #11 0x05deecd8 in QTimer::event () from /usr/lib/qt-3.3/lib/libqt-mt.so.3 #12 0x05d6408d in QApplication::internalNotify () from /usr/lib/qt-3.3/lib/libqt-mt.so.3 #13 0x05d64a0c in QApplication::notify () from /usr/lib/qt-3.3/lib/libqt-mt.so.3 #14 0x005c1a5d in KApplication::notify () from /home/kdevel/dist/lib/libkdecore.so.4 #15 0x05d58932 in QEventLoop::activateTimers () from /usr/lib/qt-3.3/lib/libqt-mt.so.3 #16 0x05d0e31a in QEventLoop::processEvents () from /usr/lib/qt-3.3/lib/libqt-mt.so.3 #17 0x05d7c74b in QEventLoop::enterLoop () from /usr/lib/qt-3.3/lib/libqt-mt.so.3 #18 0x05d7c656 in QEventLoop::exec () from /usr/lib/qt-3.3/lib/libqt-mt.so.3 #19 0x05d63a59 in QApplication::exec () from /usr/lib/qt-3.3/lib/libqt-mt.so.3 #20 0x08066c4a in main () Backtrace for my build of 1.4.5_relight (KDE 3.4.5): (gdb) bt #0 0x0808f3f2 in kpSelection::isText () #1 0x080ca5d3 in kpToolSelectionResizeScaleCommand::resizeScaleAndMove () #2 0x080ca88d in kpToolSelectionResizeScaleCommand::resizeScaleAndMove () #3 0x080cacee in kpToolSelectionResizeScaleCommand::qt_invoke () #4 0x05dc8db4 in QObject::activate_signal () from /usr/lib/qt-3.3/lib/libqt-mt.so.3 #5 0x05dc9274 in QObject::activate_signal () from /usr/lib/qt-3.3/lib/libqt-mt.so.3 #6 0x0613f6ab in QTimer::timeout () from /usr/lib/qt-3.3/lib/libqt-mt.so.3 #7 0x05deecd8 in QTimer::event () from /usr/lib/qt-3.3/lib/libqt-mt.so.3 #8 0x05d6408d in QApplication::internalNotify () from /usr/lib/qt-3.3/lib/libqt-mt.so.3 #9 0x05d64a0c in QApplication::notify () from /usr/lib/qt-3.3/lib/libqt-mt.so.3 #10 0x00809a5d in KApplication::notify () from /home/kdevel/dist/lib/libkdecore.so.4 #11 0x05d58932 in QEventLoop::activateTimers () from /usr/lib/qt-3.3/lib/libqt-mt.so.3 #12 0x05d0e31a in QEventLoop::processEvents () from /usr/lib/qt-3.3/lib/libqt-mt.so.3 #13 0x05d7c74b in QEventLoop::enterLoop () from /usr/lib/qt-3.3/lib/libqt-mt.so.3 #14 0x05d7c656 in QEventLoop::exec () from /usr/lib/qt-3.3/lib/libqt-mt.so.3 #15 0x05d63a59 in QApplication::exec () from /usr/lib/qt-3.3/lib/libqt-mt.so.3 #16 0x08066cca in main () Comment #5 should read "KDE 3.5.5": Backtrace for Fedora Core 4 build of 1.4_light (KDE 3.4.0): (gdb) bt #0 0x08091714 in QValueVectorPrivate<int>::reserve () #1 0x080d2a63 in kpToolRoundedRectangle::staticMetaObject () #2 0x080d2d6f in kpToolRoundedRectangle::staticMetaObject () #3 0x080d325e in kpToolSelection::staticMetaObject () #4 0x047f2db4 in QObject::activate_signal () from /usr/lib/qt-3.3/lib/libqt-mt.so.3 #5 0x047f3274 in QObject::activate_signal () from /usr/lib/qt-3.3/lib/libqt-mt.so.3 #6 0x04b696ab in QTimer::timeout () from /usr/lib/qt-3.3/lib/libqt-mt.so.3 #7 0x04818cd8 in QTimer::event () from /usr/lib/qt-3.3/lib/libqt-mt.so.3 #8 0x0478e08d in QApplication::internalNotify () from /usr/lib/qt-3.3/lib/libqt-mt.so.3 #9 0x0478ea0c in QApplication::notify () from /usr/lib/qt-3.3/lib/libqt-mt.so.3 #10 0x00801661 in KApplication::notify () from /usr/lib/libkdecore.so.4 #11 0x04782932 in QEventLoop::activateTimers () from /usr/lib/qt-3.3/lib/libqt-mt.so.3 #12 0x0473831a in QEventLoop::processEvents () from /usr/lib/qt-3.3/lib/libqt-mt.so.3 #13 0x047a6732 in QEventLoop::enterLoop () from /usr/lib/qt-3.3/lib/libqt-mt.so.3 #14 0x047a6656 in QEventLoop::exec () from /usr/lib/qt-3.3/lib/libqt-mt.so.3 #15 0x0478da59 in QApplication::exec () from /usr/lib/qt-3.3/lib/libqt-mt.so.3 #16 0x0806735b in ?? () #17 0x0019cde6 in __libc_start_main () from /lib/libc.so.6 #18 0x080663b1 in ?? () The relevant selection code is essentially the same from KDE 3.4.0 to KDE 3.5.5+. In KDE 4, there was a rearrangement of some of the code. Backtrace analysis ================== Group A - Distro Compiled ------------------------- Your backtrace (KDE 3.5.0 Slackware) and Comment #8 (KDE 3.4.0 FC4) essentially identical except for the top: SW: #3 0x08096617 in QValueVectorPrivate<int>::QValueVectorPrivate () SW: #4 0x080e1815 in kpToolSelectionResizeScaleCommand::size () SW: #5 0x080e2818 in kpToolSelectionResizeScaleCommand::staticMetaObject () FC4: #0 0x08091714 in QValueVectorPrivate<int>::reserve () FC4: #1 0x080d2a63 in kpToolRoundedRectangle::staticMetaObject () FC4: #2 0x080d2d6f in kpToolRoundedRectangle::staticMetaObject () FC4: #3 0x080d325e in kpToolSelection::staticMetaObject () Note that the FC4 backtrace seems bogus. kpToolSelection is not related to kpToolRoundedRectangle at all. Group B - Source Build ---------------------- Comment #6 (post KDE 3.4.3 build) and Comment #7 (KDE 3.5.5 build) have essentially identical backtraces. Group A vs Group B ------------------ Ignoring Group A's FC4 backtrace, the backtraces of Group A and Group B are essentially identical except for the top: A-SW: #3 0x08096617 in QValueVectorPrivate<int>::QValueVectorPrivate () A-SW: #4 0x080e1815 in kpToolSelectionResizeScaleCommand::size () A-SW: #5 0x080e2818 in kpToolSelectionResizeScaleCommand::staticMetaObject () B: #0 0x0808f3f2 in kpSelection::isText () B: #1 0x080ca5d3 in kpToolSelectionResizeScaleCommand::resizeScaleAndMove () B: #2 0x080ca88d in kpToolSelectionResizeScaleCommand::resizeScaleAndMove () B: #3 0x080cacee in kpToolSelectionResizeScaleCommand::qt_invoke () In your backtrace (A-SW), kpToolSelectionResizeScaleCommand::size () is likely due to a command history popup menu update (to check if commands need to be clipped, after adding a command). A call to kpSelection::size() is missing from the backtrace above that. QValueVectorPrivate<int>::QValueVectorPrivate () is likely due to kpSelection::size() interogating its text vector via kpPixmapFX::stringSize (text ()). However, it is unclear how kpToolSelectionResizeScaleCommand::size () could be called from staticMetaObject() as it is neither a signal, nor slot. I checked its (size()) code and it cannot fail unless "this" is null or the class data has been corrupted. Perhaps this is simply a bogus part of the backtrace? In any case, given that class (kpToolSelectionResizeScaleCommand) in Group A and B is the same, I have an 80% confidence that it's the same bug (steps described in Comment #5). I will now fix the Comment #5 bug and assume it fixes this one as well. Comment #8's comment about Comment #5 was actually about Comment #7 i.e. Comment #7 is regarding KDE 3.5.5, not about the non-existant KDE 3.4.5. What's worse about the distro-compiled backtraces is that selections do not use QValueVector<int>. SVN commit 613815 by dang:
* Fix crash triggered by rapidly deselecting a selection after
drag-scaling the selection (Bug 117866)
[before inserting "kpToolSelectionResizeScaleCommand" into the command
history, finalize the smooth scale so that the "m_smoothScaleTimer"
is disabled]
* Up ver to 1.4.6_relight-pre
Needs backporting to branches/KDE/3.[34]/, branches/kolourpaint/1.2_kde3/ and
forward porting to trunk/KDE/ (KDE 4). We lazily claim in the NEWS file that
we've already backported.
This fix will be in KDE 3.5.6.
CCMAIL: 117866@bugs.kde.org
M +6 -0 NEWS
M +1 -1 README
M +1 -1 VERSION
M +22 -0 tools/kptoolselection.cpp
M +3 -0 tools/kptoolselection.h
--- branches/KDE/3.5/kdegraphics/kolourpaint/NEWS #613814:613815
@@ -2,6 +2,12 @@
KolourPaint 1.4_relight Series (branches/KDE/3.5/)
===============================
+KolourPaint 1.4.6_relight (Frozen ???)
+
+ * Fix crash triggered by rapidly deselecting a selection after
+ drag-scaling the selection (Bug 117866)
+ [also in branches/KDE/3.[34]/, branches/kolourpaint/1.2_kde3/]
+
KolourPaint 1.4.5_relight (Frozen 2006-09-19)
* Translation updates
--- branches/KDE/3.5/kdegraphics/kolourpaint/README #613814:613815
@@ -1,5 +1,5 @@
-KolourPaint Version 1.4.5_relight (KDE 3.5.5 Release Frozen 2006-09-19)
+KolourPaint Version 1.4.6_relight (KDE 3.5.6 Release Frozen ???)
http://kolourpaint.sourceforge.net/
Copyright (c) 2003,2004,2005,2006 Clarence Dang <dang@kde.org>
--- branches/KDE/3.5/kdegraphics/kolourpaint/VERSION #613814:613815
@@ -1 +1 @@
-1.4.5_relight
+1.4.6_relight-pre
--- branches/KDE/3.5/kdegraphics/kolourpaint/tools/kptoolselection.cpp #613814:613815
@@ -1069,6 +1069,7 @@
#if DEBUG_KP_TOOL_SELECTION
kdDebug () << "\t\tundo currentResizeScaleCommand" << endl;
#endif
+ m_currentResizeScaleCommand->finalize (); // (unneeded but let's be safe)
m_currentResizeScaleCommand->unexecute ();
delete m_currentResizeScaleCommand;
m_currentResizeScaleCommand = 0;
@@ -1202,6 +1203,7 @@
if (m_currentResizeScaleCommand)
{
+ m_currentResizeScaleCommand->finalize ();
cmd->addCommand (m_currentResizeScaleCommand);
m_currentResizeScaleCommand = 0;
@@ -2178,6 +2180,26 @@
}
+// public
+void kpToolSelectionResizeScaleCommand::finalize ()
+{
+#if DEBUG_KP_TOOL_SELECTION
+ kdDebug () << "kpToolSelectionResizeScaleCommand::finalize()"
+ << " smoothScaleTimer->isActive="
+ << m_smoothScaleTimer->isActive ()
+ << endl;
+#endif
+
+ // Make sure the selection contains the final image and the timer won't
+ // fire afterwards.
+ if (m_smoothScaleTimer->isActive ())
+ {
+ resizeScaleAndMove ();
+ Q_ASSERT (!m_smoothScaleTimer->isActive ());
+ }
+}
+
+
// public virtual [base kpToolResizeScaleCommand]
void kpToolSelectionResizeScaleCommand::execute ()
{
--- branches/KDE/3.5/kdegraphics/kolourpaint/tools/kptoolselection.h #613814:613815
@@ -275,6 +275,9 @@
void resizeScaleAndMove (/*delayed = false*/);
public:
+ void finalize ();
+
+public:
virtual void execute ();
virtual void unexecute ();
Reassigning bugs to KolourPaint support email address. SVN commit 614470 by dang:
* Fix crash triggered by rapidly deselecting a selection after
drag-scaling the selection (Bug 117866)
[before inserting "kpToolSelectionResizeScaleCommand" into the command
history, finalize the smooth scale so that the "m_smoothScaleTimer"
is disabled]
[FORWARD PORT of fix to branches/KDE/3.[345]/, branches/kolourpaint/1.2_kde3/]
Now it is fixed in all active branches. Thanks for the bug report!
CCMAIL: 117866-close@bugs.kde.org
M +4 -0 NEWS
M +20 -0 commands/tools/selection/kpToolSelectionResizeScaleCommand.cpp
M +3 -0 commands/tools/selection/kpToolSelectionResizeScaleCommand.h
M +2 -0 tools/selection/kptoolselection.cpp
--- trunk/KDE/kdegraphics/kolourpaint/NEWS #614469:614470
@@ -18,7 +18,11 @@
* Add hidden configuration option "Open Images in the Same Window"
(Bug #125116)
+ * Fix crash triggered by rapidly deselecting a selection after
+ drag-scaling the selection (Bug 117866)
+ [also in branches/KDE/3.[345]/, branches/kolourpaint/1.2_kde3/]
+
KolourPaint 1.4_relight Series (branches/KDE/3.5/)
===============================
--- trunk/KDE/kdegraphics/kolourpaint/commands/tools/selection/kpToolSelectionResizeScaleCommand.cpp #614469:614470
@@ -215,6 +215,26 @@
}
+// public
+void kpToolSelectionResizeScaleCommand::finalize ()
+{
+#if DEBUG_KP_TOOL_SELECTION
+ kDebug () << "kpToolSelectionResizeScaleCommand::finalize()"
+ << " smoothScaleTimer->isActive="
+ << m_smoothScaleTimer->isActive ()
+ << endl;
+#endif
+
+ // Make sure the selection contains the final image and the timer won't
+ // fire afterwards.
+ if (m_smoothScaleTimer->isActive ())
+ {
+ resizeScaleAndMove ();
+ Q_ASSERT (!m_smoothScaleTimer->isActive ());
+ }
+}
+
+
// public virtual [base kpToolResizeScaleCommand]
void kpToolSelectionResizeScaleCommand::execute ()
{
--- trunk/KDE/kdegraphics/kolourpaint/commands/tools/selection/kpToolSelectionResizeScaleCommand.h #614469:614470
@@ -86,6 +86,9 @@
void resizeScaleAndMove (/*delayed = false*/);
public:
+ void finalize ();
+
+public:
virtual void execute ();
virtual void unexecute ();
--- trunk/KDE/kdegraphics/kolourpaint/tools/selection/kptoolselection.cpp #614469:614470
@@ -983,6 +983,7 @@
#if DEBUG_KP_TOOL_SELECTION
kDebug () << "\t\tundo currentResizeScaleCommand" << endl;
#endif
+ m_currentResizeScaleCommand->finalize (); // (unneeded but let's be safe)
m_currentResizeScaleCommand->unexecute ();
delete m_currentResizeScaleCommand;
m_currentResizeScaleCommand = 0;
@@ -1145,6 +1146,7 @@
if (m_currentResizeScaleCommand)
{
+ m_currentResizeScaleCommand->finalize ();
cmd->addCommand (m_currentResizeScaleCommand);
m_currentResizeScaleCommand = 0;
|