Bug 236329

Summary: segmentation fault during cut-and-paste
Product: [Applications] kolourpaint Reporter: Stirling Westrup <swestrup>
Component: generalAssignee: kolourpaint-support
Status: RESOLVED WORKSFORME    
Severity: crash CC: andreas_tzik68, cfeck, francis.beguet, martin
Priority: NOR    
Version First Reported In: unspecified   
Target Milestone: ---   
Platform: Unlisted Binaries   
OS: Linux   
Latest Commit: Version Fixed/Implemented In:
Sentry Crash Report:

Description Stirling Westrup 2010-05-04 16:15:52 UTC 
Application that crashed: kolourpaint
Version of the application: 4.3.4 (KDE 4.3.4)
KDE Version: 4.3.4 (KDE 4.3.4)
Qt Version: 4.5.3
Operating System: Linux 2.6.30-2-amd64 x86_64
Distribution: Debian GNU/Linux unstable (sid)

What I was doing when the application crashed:
I cannot reliably reproduce this. I do a LOT of cutting and pasting with KolourPaint and usually there is no issue. But sometimes I get a seg fault when I actually perform a paste operation.

 -- Backtrace:
Application: KolourPaint (kolourpaint), signal: Segmentation fault
[KCrash Handler]
#5  0x000000000042589c in qDeleteAll<QLinkedList<kpCommand*>::iterator> (listPtr=0x1abb078) at /usr/include/qt4/QtCore/qalgorithms.h:350
#6  ClearPointerList (listPtr=0x1abb078) at ../../kolourpaint/commands/kpCommandHistoryBase.cpp:65
#7  0x0000000000426d75 in kpCommandHistoryBase::addCommand (this=0x1abb050, command=0x2389db0, execute=<value optimized out>) at ../../kolourpaint/commands/kpCommandHistoryBase.cpp:277
#8  0x000000000048e211 in kpAbstractSelectionTool::addNeedingContentCommand (this=0x1b2e110, cmd=0x26400f0) at ../../kolourpaint/tools/selection/kpAbstractSelectionTool.cpp:194
#9  0x000000000048f22f in kpAbstractSelectionTool::endDrawMove (this=0x1b2e110) at ../../kolourpaint/tools/selection/kpAbstractSelectionTool_Move.cpp:345
#10 0x000000000048f2d8 in kpAbstractSelectionTool::operationMove (this=0x1b2e110, op=4294967200, data1=..., data2=...) at ../../kolourpaint/tools/selection/kpAbstractSelectionTool_Move.cpp:379
#11 0x000000000048d552 in kpAbstractSelectionTool::operation (this=0x0, drawType=<value optimized out>, op=kpAbstractSelectionTool::HaventBegunDrawUserMessage, data1=..., data2=...)
    at ../../kolourpaint/tools/selection/kpAbstractSelectionTool.cpp:581
#12 0x000000000048ddac in kpAbstractSelectionTool::endDraw (this=0x1b2e110) at ../../kolourpaint/tools/selection/kpAbstractSelectionTool.cpp:545
#13 0x0000000000484db9 in kpTool::endDrawInternal (this=0x2315b60, thisPoint=..., normalizedRect=..., wantEndShape=208) at ../../kolourpaint/tools/kpTool_Drawing.cpp:355
#14 0x0000000000486570 in kpTool::mouseReleaseEvent (this=0x1b2e110, e=0x7fffaa851c70) at ../../kolourpaint/tools/kpTool_MouseEvents.cpp:283
#15 0x0000000000495ae0 in kpView::mouseReleaseEvent (this=0x1afed90, e=0x7fffaa851c70) at ../../kolourpaint/views/kpView_Events.cpp:92
#16 0x00007f3a8f51537f in QWidget::event (this=0x1afed90, event=0x7fffaa851c70) at kernel/qwidget.cpp:7554
#17 0x00007f3a8f4c501d in QApplicationPrivate::notify_helper (this=0x1a4fcf0, receiver=0x1afed90, e=0x7fffaa851c70) at kernel/qapplication.cpp:4065
#18 0x00007f3a8f4cd7ca in QApplication::notify (this=<value optimized out>, receiver=0x1afed90, e=0x7fffaa851c70) at kernel/qapplication.cpp:3767
#19 0x00007f3a90c66de6 in KApplication::notify (this=0x7fffaa853a20, receiver=0x1afed90, event=0x7fffaa851c70) at ../../kdeui/kernel/kapplication.cpp:302
#20 0x00007f3a9004bc9c in QCoreApplication::notifyInternal (this=0x7fffaa853a20, receiver=0x1afed90, event=0x7fffaa851c70) at kernel/qcoreapplication.cpp:610
#21 0x00007f3a8f4cca78 in QCoreApplication::sendSpontaneousEvent (receiver=0x1afed90, event=0x7fffaa851c70, alienWidget=0x1afed90, nativeWidget=0x1aefe60, buttonDown=<value optimized out>, 
    lastMouseReceiver=...) at ../../include/QtCore/../../src/corelib/kernel/qcoreapplication.h:216
#22 QApplicationPrivate::sendMouseEvent (receiver=0x1afed90, event=0x7fffaa851c70, alienWidget=0x1afed90, nativeWidget=0x1aefe60, buttonDown=<value optimized out>, lastMouseReceiver=...)
    at kernel/qapplication.cpp:2924
#23 0x00007f3a8f535659 in QETWidget::translateMouseEvent (this=0x1aefe60, event=<value optimized out>) at kernel/qapplication_x11.cpp:4411
#24 0x00007f3a8f53440f in QApplication::x11ProcessEvent (this=0x7fffaa853a20, event=0x7fffaa853640) at kernel/qapplication_x11.cpp:3552
#25 0x00007f3a8f55c76c in x11EventSourceDispatch (s=0x1a529a0, callback=0, user_data=0x0) at kernel/qguieventdispatcher_glib.cpp:146
#26 0x00007f3a8b2096c2 in g_main_dispatch (context=0x1a51f00) at /tmp/buildd/glib2.0-2.24.0/glib/gmain.c:1960
#27 IA__g_main_context_dispatch (context=0x1a51f00) at /tmp/buildd/glib2.0-2.24.0/glib/gmain.c:2513
#28 0x00007f3a8b20d538 in g_main_context_iterate (context=0x1a51f00, block=<value optimized out>, dispatch=<value optimized out>, self=<value optimized out>)
    at /tmp/buildd/glib2.0-2.24.0/glib/gmain.c:2591
#29 0x00007f3a8b20d6ec in IA__g_main_context_iteration (context=0x1a51f00, may_block=1) at /tmp/buildd/glib2.0-2.24.0/glib/gmain.c:2654
#30 0x00007f3a9007439c in QEventDispatcherGlib::processEvents (this=0x1a34f70, flags=<value optimized out>) at kernel/qeventdispatcher_glib.cpp:407
#31 0x00007f3a8f55bf1f in QGuiEventDispatcherGlib::processEvents (this=0x2315b60, flags=<value optimized out>) at kernel/qguieventdispatcher_glib.cpp:202
#32 0x00007f3a9004a562 in QEventLoop::processEvents (this=<value optimized out>, flags=...) at kernel/qeventloop.cpp:149
#33 0x00007f3a9004a934 in QEventLoop::exec (this=0x7fffaa853970, flags=...) at kernel/qeventloop.cpp:201
#34 0x00007f3a9004cba4 in QCoreApplication::exec () at kernel/qcoreapplication.cpp:888
#35 0x000000000045306d in main (argc=<value optimized out>, argv=<value optimized out>) at ../../kolourpaint/kolourpaint.cpp:125

Reported using DrKonqi
Comment 1 Martin Koller 2011-01-12 22:46:21 UTC 
*** Bug 247095 has been marked as a duplicate of this bug. ***
Comment 2 Christoph Feck 2013-04-16 21:14:46 UTC 
*** Bug 242732 has been marked as a duplicate of this bug. ***
Comment 3 Christoph Feck 2013-04-16 21:17:22 UTC 
Bug 242732 comment #2 has steps to reproduce:
1) Start KolourPaint
2) Paste an image onto the existing canvas.*
3) Press 'G', or click the freehand polygon tool.
4) Click on the canvas 3 times.**
5) Click Undo...Undo: Selection: Create***
6) Press 'M', or click the freehand selection tool.

Backtrace with debugging enabled leads to this assert, without debugging we get crash in  ClearPointerList.

Application: KolourPaint (kolourpaint), signal: Aborted
Using host libthread_db library "/lib/libthread_db.so.1".
[KCrash Handler]
#6  0xb7778424 in __kernel_vsyscall ()
#7  0xb59de31f in raise () from /lib/libc.so.6
#8  0xb59dfc03 in abort () from /lib/libc.so.6
#9  0xb5d09e5e in qt_message_output (msgType=QtFatalMsg, buf=0x98a9690 "ASSERT: \"!\"kpToolSelectionDestroyCommand::unexecute() already has sel content\"\" in file /local/git/KDE/graphics/kolourpaint/commands/tools/selection/kpToolSelectionDestroyCommand.cpp, line 135") at global/qglobal.cpp:2323
#10 0xb5d0a059 in qt_message (msgType=QtFatalMsg, msg=0xb5e93d54 "ASSERT: \"%s\" in file %s, line %d", ap=0xbf893914 "\264\274\016\b,\274\016\b\207") at global/qglobal.cpp:2369
#11 0xb5d0a178 in qFatal (msg=msg@entry=0xb5e93d54 "ASSERT: \"%s\" in file %s, line %d") at global/qglobal.cpp:2552
#12 0xb5d0a1f5 in qt_assert (assertion=0x80ebcb4 "!\"kpToolSelectionDestroyCommand::unexecute() already has sel content\"", file=0x80ebc2c "/local/git/KDE/graphics/kolourpaint/commands/tools/selection/kpToolSelectionDestroyCommand.cpp", line=135) at global/qglobal.cpp:2018
#13 0x0806c1f1 in kpToolSelectionDestroyCommand::unexecute (this=0x987a178) at /local/git/KDE/graphics/kolourpaint/commands/tools/selection/kpToolSelectionDestroyCommand.cpp:135
#14 0x080677c7 in kpCommandHistoryBase::undoInternal (this=0x9751630) at /local/git/KDE/graphics/kolourpaint/commands/kpCommandHistoryBase.cpp:326
#15 0x0806794e in kpCommandHistoryBase::undoUpToNumber (this=0x9751630, which=0x9902ab0) at /local/git/KDE/graphics/kolourpaint/commands/kpCommandHistoryBase.cpp:424
#16 0x08068418 in kpCommandHistoryBase::qt_static_metacall (_o=_o@entry=0x9751630, _c=_c@entry=QMetaObject::InvokeMetaMethod, _id=_id@entry=5, _a=0xbf893c48) at /local/build/KDE/graphics/kolourpaint/kpCommandHistoryBase.moc:66
#17 0xb5e3fac2 in QMetaObject::activate (sender=0x97514f8, m=0x8140300 <QMenu::staticMetaObject>, local_signal_index=2, argv=0xbf893c48) at kernel/qobject.cpp:3548
#18 0xb69482e5 in QMenu::triggered (this=this@entry=0x97514f8, _t1=_t1@entry=0x9902ab0) at .moc/release-shared/moc_qmenu.cpp:178
#19 0xb69499dd in QMenuPrivate::_q_actionTriggered (this=0x977faa8) at widgets/qmenu.cpp:1156
#20 0xb5e3fac2 in QMetaObject::activate (sender=0x9902ab0, m=0xb6e11378 <QAction::staticMetaObject>, local_signal_index=1, argv=0xbf893db8) at kernel/qobject.cpp:3548
#21 0xb6495b3d in QAction::triggered (this=this@entry=0x9902ab0, _t1=false) at .moc/release-shared/moc_qaction.cpp:277
#22 0xb6495ddc in QAction::activate (this=0x9902ab0, event=QAction::Trigger) at kernel/qaction.cpp:1257
#23 0xb69485a5 in QMenuPrivate::activateCausedStack (this=0x977faa8, causedStack=..., action=0x9902ab0, action_e=QAction::Trigger, self=true) at widgets/qmenu.cpp:1038
#24 0xb694f766 in QMenuPrivate::activateAction (this=0x977faa8, action=0x9902ab0, action_e=QAction::Trigger, self=true) at widgets/qmenu.cpp:1130
#25 0xb69506c5 in QMenu::mouseReleaseEvent (this=0x97514f8, e=0xbf894644) at widgets/qmenu.cpp:2372
#26 0xb7110f0c in KMenu::mouseReleaseEvent(QMouseEvent*) () from /local/kde4/lib/libkdeui.so.5
#27 0xb64f68c4 in QWidget::event (this=0x97514f8, event=0xbf894644) at kernel/qwidget.cpp:8375
#28 0xb6950bbc in QMenu::event (this=0x97514f8, e=0xbf894644) at widgets/qmenu.cpp:2481
#29 0xb649cb9c in QApplicationPrivate::notify_helper (this=0x964b270, receiver=0x97514f8, e=0xbf894644) at kernel/qapplication.cpp:4562
#30 0xb64a2089 in QApplication::notify (this=0x964b270, receiver=0x97514f8, e=0xbf894644) at kernel/qapplication.cpp:4105
#31 0xb703ab41 in KApplication::notify(QObject*, QEvent*) () from /local/kde4/lib/libkdeui.so.5
#32 0xb5e2776e in QCoreApplication::notifyInternal (this=0xbf894de8, receiver=0x97514f8, event=0xbf894644) at kernel/qcoreapplication.cpp:946
#33 0xb649d9ff in sendEvent (event=<optimized out>, receiver=<optimized out>) at ../../src/corelib/kernel/qcoreapplication.h:231
#34 QApplicationPrivate::sendMouseEvent (receiver=0x97514f8, event=0xbf894644, alienWidget=0x0, nativeWidget=0x97514f8, buttonDown=0xb6e2ecb4 <qt_button_down>, lastMouseReceiver=..., spontaneous=true) at kernel/qapplication.cpp:3173
#35 0xb6525fef in QETWidget::translateMouseEvent (this=0x97514f8, event=0xbf894a6c) at kernel/qapplication_x11.cpp:4461
#36 0xb6524c09 in QApplication::x11ProcessEvent (this=0xbf894de8, event=0xbf894a6c) at kernel/qapplication_x11.cpp:3650
#37 0xb654e8a4 in x11EventSourceDispatch (s=0x964bfc8, callback=0x0, user_data=0x0) at kernel/qguieventdispatcher_glib.cpp:146
#38 0xb4e697d3 in g_main_context_dispatch () from /usr/lib/libglib-2.0.so.0
#39 0xb4e69b70 in ?? () from /usr/lib/libglib-2.0.so.0
#40 0xb4e69c51 in g_main_context_iteration () from /usr/lib/libglib-2.0.so.0
#41 0xb5e59741 in QEventDispatcherGlib::processEvents (this=0x962d2c8, flags=...) at kernel/qeventdispatcher_glib.cpp:424
#42 0xb654e48a in QGuiEventDispatcherGlib::processEvents (this=0x962d2c8, flags=...) at kernel/qguieventdispatcher_glib.cpp:204
#43 0xb5e2623c in QEventLoop::processEvents (this=this@entry=0xbf894d68, flags=...) at kernel/qeventloop.cpp:149
#44 0xb5e26531 in QEventLoop::exec (this=0xbf894d68, flags=...) at kernel/qeventloop.cpp:204
#45 0xb5e2b7ea in QCoreApplication::exec () at kernel/qcoreapplication.cpp:1218
#46 0xb649aa14 in QApplication::exec () at kernel/qapplication.cpp:3823
#47 0x0808da79 in main (argc=1, argv=0xbf894fd4) at /local/git/KDE/graphics/kolourpaint/kolourpaint.cpp:118
Comment 4 Martin Koller 2016-08-10 06:30:17 UTC 
sorry, can not reproduce