Bug 342777

Summary: Marble crashes when use placemarks from the "Edit Maps" panel.
Product: [Applications] marble Reporter: Sergey Popov <sergobot256>
Component: generalAssignee: marble-bugs
Status: RESOLVED WORKSFORME    
Severity: crash CC: e.m.a.t.i.r.o.v
Priority: NOR    
Version: 1.9 (KDE 4.14)   
Target Milestone: ---   
Platform: Compiled Sources   
OS: Linux   
Latest Commit: Version Fixed In:
Sentry Crash Report:

Description Sergey Popov 2015-01-12 21:29:29 UTC 
I clicked "Add Placemark" at "Edit Maps" panel, then rotated globe (I tried to move map, result is the same), after it I clicked the "Ok" button at the "Add Placemark" dialog and clicked "Remove Item" button at the "Edit Maps" panel. Marble crashed.

Reproducible: Always

Steps to Reproduce:
1. Go to the "Edit Maps" panel. (Settings->Panels->Edit Maps)
2. Click the "Add Placemark" button.
3. Rotate the globe
4. Click the "Ok" button at the bottom of the "Add Placemark" dialog.
5. Click the "Remove Item" button at the "Edit Maps" dialog.

Actual Results:  
Marble crashes


Backtrace:
#0  0x00007fffdd458809 in Marble::AnnotatePlugin::removeFocusItem (this=0x93fd00) at /home/sergobot/marble/sources/src/plugins/render/annotate/AnnotatePlugin.cpp:298
#1  0x00007fffdd45879a in Marble::AnnotatePlugin::askToRemoveFocusItem (this=0x93fd00) at /home/sergobot/marble/sources/src/plugins/render/annotate/AnnotatePlugin.cpp:291
#2  0x00007fffdd4623db in Marble::AnnotatePlugin::qt_static_metacall (_o=0x93fd00, _c=QMetaObject::InvokeMetaMethod, _id=2, _a=0x7fffffffcab0)
    at /home/sergobot/marble/build/src/plugins/render/annotate/AnnotatePlugin.moc:99
#3  0x00007ffff7a86a7a in QMetaObject::activate (sender=sender@entry=0x11fb930, m=m@entry=0x7ffff78ba540 <QAction::staticMetaObject>, 
    local_signal_index=local_signal_index@entry=1, argv=argv@entry=0x7fffffffcab0) at kernel/qobject.cpp:3567
#4  0x00007ffff6df8bf2 in QAction::triggered (this=this@entry=0x11fb930, _t1=false) at .moc/release-shared/moc_qaction.cpp:276
#5  0x00007ffff6dfa5c3 in QAction::activate (this=0x11fb930, event=<optimized out>) at kernel/qaction.cpp:1257
#6  0x00007ffff71b9d9f in QAbstractButtonPrivate::click (this=this@entry=0x1313540) at widgets/qabstractbutton.cpp:530
#7  0x00007ffff71b9ed4 in QAbstractButton::mouseReleaseEvent (this=0x1313510, e=0x7fffffffcf50) at widgets/qabstractbutton.cpp:1123
#8  0x00007ffff727132a in QToolButton::mouseReleaseEvent (this=<optimized out>, e=<optimized out>) at widgets/qtoolbutton.cpp:723
#9  0x00007ffff6e4ece8 in QWidget::event (this=0x93fd00, event=0x0) at kernel/qwidget.cpp:8775
#10 0x00007ffff6dff11c in QApplicationPrivate::notify_helper (this=this@entry=0x6c0170, receiver=receiver@entry=0x1313510, e=e@entry=0x7fffffffcf50) at kernel/qapplication.cpp:4570
#11 0x00007ffff6e059be in QApplication::notify (this=<optimized out>, receiver=0x1313510, e=0x7fffffffcf50) at kernel/qapplication.cpp:4113
#12 0x00007ffff7a7286d in QCoreApplication::notifyInternal (this=0x7fffffffdb80, receiver=receiver@entry=0x1313510, event=event@entry=0x7fffffffcf50)
    at kernel/qcoreapplication.cpp:953
#13 0x00007ffff6e0507f in sendEvent (event=<optimized out>, receiver=<optimized out>) at ../../include/QtCore/../../src/corelib/kernel/qcoreapplication.h:231
#14 QApplicationPrivate::sendMouseEvent (receiver=receiver@entry=0x1313510, event=event@entry=0x7fffffffcf50, alienWidget=alienWidget@entry=0x1313510, 
    nativeWidget=nativeWidget@entry=0x733440, buttonDown=buttonDown@entry=0x7ffff78f3578 <qt_button_down>, lastMouseReceiver=..., spontaneous=true) at kernel/qapplication.cpp:3178
#15 0x00007ffff6e7abde in QETWidget::translateMouseEvent (this=this@entry=0x733440, event=event@entry=0x7fffffffd2b0) at kernel/qapplication_x11.cpp:4634
#16 0x00007ffff6e7a477 in QApplication::x11ProcessEvent (this=0x7fffffffdb80, event=event@entry=0x7fffffffd2b0) at kernel/qapplication_x11.cpp:3627
#17 0x00007ffff6ea2432 in x11EventSourceDispatch (s=0x6bca90, callback=0x0, user_data=0x0) at kernel/qguieventdispatcher_glib.cpp:146
#18 0x00007ffff4e6fc5d in g_main_context_dispatch () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#19 0x00007ffff4e6ff48 in ?? () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#20 0x00007ffff4e6fffc in g_main_context_iteration () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#21 0x00007ffff7aa0031 in QEventDispatcherGlib::processEvents (this=0x6bc3c0, flags=...) at kernel/qeventdispatcher_glib.cpp:434
#22 0x00007ffff6ea24e6 in QGuiEventDispatcherGlib::processEvents (this=<optimized out>, flags=...) at kernel/qguieventdispatcher_glib.cpp:204
#23 0x00007ffff7a714f1 in QEventLoop::processEvents (this=this@entry=0x7fffffffd690, flags=...) at kernel/qeventloop.cpp:149
#24 0x00007ffff7a71805 in QEventLoop::exec (this=this@entry=0x7fffffffd690, flags=...) at kernel/qeventloop.cpp:204
#25 0x00007ffff7a76f67 in QCoreApplication::exec () at kernel/qcoreapplication.cpp:1225
#26 0x0000000000425949 in main (argc=2, argv=0x7fffffffdd38) at /home/sergobot/marble/sources/src/apps/marble-qt/qtmain.cpp:258
Comment 1 Mikhail Ivchenko 2015-01-12 21:37:30 UTC 
I can confirm on current master.

This happens because while rotating globe AnnotatePlugin::handleUncaughtEvents is called,  m_focusItem is set to 0 and focus actions are disabled. But later, after closing dialog AnnotatePlugin::stopEditingTextAnnotation is called and actions for type placemark are added while m_focusItem is still 0. So, "Remove" button is enabled and after clicking on it removeFocusItem() is called which tries to access m_focusItem->graphicsType(). And then crash happens.
Comment 2 Mikhail Ivchenko 2015-01-12 21:47:07 UTC 
Also, reproducible with Polugon and Polyline. (Use right-click instead of rotating globe).
Comment 3 Mikhail Ivchenko 2015-07-08 13:54:23 UTC 
Should be fixed with this commit: http://quickgit.kde.org/?p=marble.git&a=commit&h=655a34fb3d39b4f79c17659ef4e7ba448b139959
Comment 4 Andrew Crouthamel 2018-10-31 04:10:53 UTC 
Dear Bug Submitter,

This bug has been stagnant for a long time. Could you help us out and re-test if the bug is valid in the latest version? I am setting the status to NEEDSINFO pending your response, please change the Status back to REPORTED when you respond.

Thank you for helping us make KDE software even better for everyone!
Comment 5 Bug Janitor Service 2018-11-15 10:50:41 UTC 
Dear Bug Submitter,

This bug has been in NEEDSINFO status with no change for at least
15 days. Please provide the requested information as soon as
possible and set the bug status as REPORTED. Due to regular bug
tracker maintenance, if the bug is still in NEEDSINFO status with
no change in 30 days the bug will be closed as RESOLVED > WORKSFORME
due to lack of needed information.

For more information about our bug triaging procedures please read the
wiki located here:
https://community.kde.org/Guidelines_and_HOWTOs/Bug_triaging

If you have already provided the requested information, please
mark the bug as REPORTED so that the KDE team knows that the bug is
ready to be confirmed.

Thank you for helping us make KDE software even better for everyone!
Comment 6 Bug Janitor Service 2018-11-30 04:03:21 UTC 
This bug has been in NEEDSINFO status with no change for at least
30 days. The bug is now closed as RESOLVED > WORKSFORME
due to lack of needed information.

For more information about our bug triaging procedures please read the
wiki located here:
https://community.kde.org/Guidelines_and_HOWTOs/Bug_triaging

Thank you for helping us make KDE software even better for everyone!