Bug 412896

Summary: Crash while double clicking and removing a magnetic lasso point/node
Product: [Applications] krita Reporter: Raghavendra kamath <raghu>
Component: GeneralAssignee: Kuntal Majumder <hellozee>
Status: RESOLVED FIXED    
Severity: crash CC: halla, manuel.snudl.zeidler
Priority: NOR Keywords: drkonqi
Version First Reported In: unspecified   
Target Milestone: ---   
Platform: Arch Linux   
OS: Linux   
Latest Commit: https://invent.kde.org/kde/krita/commit/cca4b0607730699188a56dba71226dda24be1ad1 Version Fixed/Implemented In:
Sentry Crash Report:
Attachments: GDB backtrace

Description Raghavendra kamath 2019-10-13 06:31:34 UTC 
Application: krita (4.3.0-prealpha (git d245290))

Qt Version: 5.13.1
Frameworks Version: 5.62.0
Operating System: Linux 5.3.1-arch1-1-ARCH x86_64
Distribution (Platform): Archlinux Packages

-- Information about the crash:
- What I was doing when the application crashed:
while working with the new magnetic lasso, I had added some node by double clicking on an already complete cage.
I tried to remove this node by again double clicking on it and after removing some nodes, when I clicked to remove another one krita crashed.

Here is the backtrace

-- Backtrace:
Application: Krita (krita), signal: Aborted
Using host libthread_db library "/usr/lib/libthread_db.so.1".
[Current thread is 1 (Thread 0x7f5e51c6ccc0 (LWP 47845))]

Thread 9 (Thread 0x7f5d544f8700 (LWP 48242)):
#0  0x00007f5e5535ef7a in pthread_cond_timedwait@@GLIBC_2.3.2 () from /usr/lib/libpthread.so.0
#1  0x00007f5e560e55cc in QWaitCondition::wait(QMutex*, QDeadlineTimer) () from /usr/lib/libQt5Core.so.5
#2  0x00007f5e560e5719 in QWaitCondition::wait(QMutex*, unsigned long) () from /usr/lib/libQt5Core.so.5
#3  0x00007f5e560e2b9b in ?? () from /usr/lib/libQt5Core.so.5
#4  0x00007f5e560df5b0 in ?? () from /usr/lib/libQt5Core.so.5
#5  0x00007f5e553584cf in start_thread () from /usr/lib/libpthread.so.0
#6  0x00007f5e55c092d3 in clone () from /usr/lib/libc.so.6

Thread 8 (Thread 0x7f5e27fff700 (LWP 47861)):
#0  0x00007f5e55bfe9ef in poll () from /usr/lib/libc.so.6
#1  0x00007f5e54574180 in ?? () from /usr/lib/libglib-2.0.so.0
#2  0x00007f5e54574251 in g_main_context_iteration () from /usr/lib/libglib-2.0.so.0
#3  0x00007f5e56305a1c in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib/libQt5Core.so.5
#4  0x00007f5e562ac4ec in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib/libQt5Core.so.5
#5  0x00007f5e560de385 in QThread::exec() () from /usr/lib/libQt5Core.so.5
#6  0x00007f5e560df5b0 in ?? () from /usr/lib/libQt5Core.so.5
#7  0x00007f5e553584cf in start_thread () from /usr/lib/libpthread.so.0
#8  0x00007f5e55c092d3 in clone () from /usr/lib/libc.so.6

Thread 7 (Thread 0x7f5e34cb5700 (LWP 47860)):
#0  0x00007f5e5456b68f in g_source_ref () from /usr/lib/libglib-2.0.so.0
#1  0x00007f5e545726c2 in ?? () from /usr/lib/libglib-2.0.so.0
#2  0x00007f5e5457283f in g_main_context_check () from /usr/lib/libglib-2.0.so.0
#3  0x00007f5e54574128 in ?? () from /usr/lib/libglib-2.0.so.0
#4  0x00007f5e54574251 in g_main_context_iteration () from /usr/lib/libglib-2.0.so.0
#5  0x00007f5e56305a1c in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib/libQt5Core.so.5
#6  0x00007f5e562ac4ec in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib/libQt5Core.so.5
#7  0x00007f5e560de385 in QThread::exec() () from /usr/lib/libQt5Core.so.5
#8  0x00007f5e49e5d6eb in ?? () from /usr/lib/libQt5Quick.so.5
#9  0x00007f5e560df5b0 in ?? () from /usr/lib/libQt5Core.so.5
#10 0x00007f5e553584cf in start_thread () from /usr/lib/libpthread.so.0
#11 0x00007f5e55c092d3 in clone () from /usr/lib/libc.so.6

Thread 6 (Thread 0x7f5e37fff700 (LWP 47859)):
#0  0x00007f5e54573f4e in g_main_context_acquire () from /usr/lib/libglib-2.0.so.0
#1  0x00007f5e54574027 in ?? () from /usr/lib/libglib-2.0.so.0
#2  0x00007f5e54574251 in g_main_context_iteration () from /usr/lib/libglib-2.0.so.0
#3  0x00007f5e56305a1c in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib/libQt5Core.so.5
#4  0x00007f5e562ac4ec in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib/libQt5Core.so.5
#5  0x00007f5e560de385 in QThread::exec() () from /usr/lib/libQt5Core.so.5
#6  0x00007f5e49b7f849 in ?? () from /usr/lib/libQt5Qml.so.5
#7  0x00007f5e560df5b0 in ?? () from /usr/lib/libQt5Core.so.5
#8  0x00007f5e553584cf in start_thread () from /usr/lib/libpthread.so.0
#9  0x00007f5e55c092d3 in clone () from /usr/lib/libc.so.6

Thread 5 (Thread 0x7f5e377fe700 (LWP 47858)):
#0  0x00007f5e55c03e9d in syscall () from /usr/lib/libc.so.6
#1  0x00007f5e560e1c51 in ?? () from /usr/lib/libQt5Core.so.5
#2  0x00007f5e560e1ab6 in QSemaphore::tryAcquire(int, int) () from /usr/lib/libQt5Core.so.5
#3  0x00007f5e58fbdbb3 in KisTileDataSwapper::waitForWork (this=<optimized out>) at /mnt/attic/krita-build/src/krita/libs/image/tiles3/swap/kis_tile_data_swapper.cpp:86
#4  0x00007f5e58fbdd8a in KisTileDataSwapper::run (this=0x7f5e592df2c0 <(anonymous namespace)::Q_QGS_s_instance::innerFunction()::holder+64>) at /mnt/attic/krita-build/src/krita/libs/image/tiles3/swap/kis_tile_data_swapper.cpp:92
#5  0x00007f5e560df5b0 in ?? () from /usr/lib/libQt5Core.so.5
#6  0x00007f5e553584cf in start_thread () from /usr/lib/libpthread.so.0
#7  0x00007f5e55c092d3 in clone () from /usr/lib/libc.so.6

Thread 4 (Thread 0x7f5e40f3e700 (LWP 47856)):
#0  0x00007f5e55bfe9ef in poll () from /usr/lib/libc.so.6
#1  0x00007f5e54574180 in ?? () from /usr/lib/libglib-2.0.so.0
#2  0x00007f5e54574251 in g_main_context_iteration () from /usr/lib/libglib-2.0.so.0
#3  0x00007f5e56305a1c in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib/libQt5Core.so.5
#4  0x00007f5e562ac4ec in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib/libQt5Core.so.5
#5  0x00007f5e560de385 in QThread::exec() () from /usr/lib/libQt5Core.so.5
#6  0x00007f5e560df5b0 in ?? () from /usr/lib/libQt5Core.so.5
#7  0x00007f5e553584cf in start_thread () from /usr/lib/libpthread.so.0
#8  0x00007f5e55c092d3 in clone () from /usr/lib/libc.so.6

Thread 3 (Thread 0x7f5e48a29700 (LWP 47855)):
#0  0x00007f5e55bfe9ef in poll () from /usr/lib/libc.so.6
#1  0x00007f5e54574180 in ?? () from /usr/lib/libglib-2.0.so.0
#2  0x00007f5e54574251 in g_main_context_iteration () from /usr/lib/libglib-2.0.so.0
#3  0x00007f5e56305a1c in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib/libQt5Core.so.5
#4  0x00007f5e562ac4ec in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib/libQt5Core.so.5
#5  0x00007f5e560de385 in QThread::exec() () from /usr/lib/libQt5Core.so.5
#6  0x00007f5e57f86b37 in ?? () from /usr/lib/libQt5DBus.so.5
#7  0x00007f5e560df5b0 in ?? () from /usr/lib/libQt5Core.so.5
#8  0x00007f5e553584cf in start_thread () from /usr/lib/libpthread.so.0
#9  0x00007f5e55c092d3 in clone () from /usr/lib/libc.so.6

Thread 2 (Thread 0x7f5e50e69700 (LWP 47854)):
#0  0x00007f5e5535ec45 in pthread_cond_wait@@GLIBC_2.3.2 () from /usr/lib/libpthread.so.0
#1  0x00007f5e4b64a4fc in ?? () from /usr/lib/dri/i965_dri.so
#2  0x00007f5e4b64a0f8 in ?? () from /usr/lib/dri/i965_dri.so
#3  0x00007f5e553584cf in start_thread () from /usr/lib/libpthread.so.0
#4  0x00007f5e55c092d3 in clone () from /usr/lib/libc.so.6

Thread 1 (Thread 0x7f5e51c6ccc0 (LWP 47845)):
[KCrash Handler]
#6  0x00007f5e55b45f25 in raise () from /usr/lib/libc.so.6
#7  0x00007f5e55b2f897 in abort () from /usr/lib/libc.so.6
#8  0x00007f5e55b89258 in __libc_message () from /usr/lib/libc.so.6
#9  0x00007f5e55b9077a in malloc_printerr () from /usr/lib/libc.so.6
#10 0x00007f5e55b9259d in _int_free () from /usr/lib/libc.so.6
#11 0x00007f5e4193cfaa in QVector<QPointF>::operator= (other=..., this=<optimized out>) at /usr/include/c++/9.2.0/bits/move.h:182
#12 KisToolSelectMagnetic::deleteSelectedAnchor (this=0x55b11a884a90) at /mnt/attic/krita-build/src/krita/plugins/tools/selectiontools/KisToolSelectMagnetic.cc:371
#13 0x00007f5e4193e608 in KisToolSelectMagnetic::beginPrimaryDoubleClickAction (this=0x55b11a884a90, event=<optimized out>) at /mnt/attic/krita-build/src/krita/plugins/tools/selectiontools/KisToolSelectMagnetic.cc:259
#14 0x00007f5e59f9f44e in KisToolProxy::forwardToTool (this=<optimized out>, state=KisToolProxy::BEGIN, action=KisTool::Primary, event=0x7ffe80a5e720, docPoint=...) at /mnt/attic/krita-build/src/krita/libs/ui/canvas/kis_tool_proxy.cpp:181
#15 0x00007f5e59f9f51c in KisToolProxy::forwardEvent (this=0x55b11a2916a0, state=state@entry=KisToolProxy::BEGIN, action=action@entry=KisTool::Primary, event=event@entry=0x7ffe80a5e720, originalEvent=originalEvent@entry=0x7ffe80a5e720) at /mnt/attic/krita-build/src/krita/libs/ui/canvas/kis_tool_proxy.cpp:132
#16 0x00007f5e5a29e420 in KisToolInvocationAction::begin (this=this@entry=0x55b118ebf630, shortcut=<optimized out>, event=event@entry=0x7ffe80a5e720) at /usr/include/c++/9.2.0/bits/atomic_base.h:413
#17 0x00007f5e5a2a9bae in KisShortcutMatcher::tryRunReadyShortcut (this=0x55b1176f2f40, button=Qt::LeftButton, event=0x7ffe80a5e720) at /mnt/attic/krita-build/src/krita/libs/ui/input/kis_shortcut_matcher.cpp:616
#18 0x00007f5e5a2aa126 in KisShortcutMatcher::buttonPressed (this=0x55b1176f2f40, button=<optimized out>, event=event@entry=0x7ffe80a5e720) at /mnt/attic/krita-build/src/krita/libs/ui/input/kis_shortcut_matcher.cpp:267
#19 0x00007f5e5a2918fa in KisInputManager::eventFilterImpl (this=0x55b118f72c68, event=0x7ffe80a5e720) at /usr/include/qt/QtGui/qevent.h:132
#20 0x00007f5e562ad6d3 in QCoreApplicationPrivate::sendThroughObjectEventFilters(QObject*, QEvent*) () from /usr/lib/libQt5Core.so.5
#21 0x00007f5e56c6e4e4 in QApplicationPrivate::notify_helper(QObject*, QEvent*) () from /usr/lib/libQt5Widgets.so.5
#22 0x00007f5e56c77f8a in QApplication::notify(QObject*, QEvent*) () from /usr/lib/libQt5Widgets.so.5
#23 0x00007f5e5a305a29 in KisApplication::notify (this=<optimized out>, receiver=0x55b120d1f300, event=0x7ffe80a5e720) at /mnt/attic/krita-build/src/krita/libs/ui/KisApplication.cpp:654
#24 0x00007f5e562ad9c2 in QCoreApplication::notifyInternal2(QObject*, QEvent*) () from /usr/lib/libQt5Core.so.5
#25 0x00007f5e56c7713b in QApplicationPrivate::sendMouseEvent(QWidget*, QMouseEvent*, QWidget*, QWidget*, QWidget**, QPointer<QWidget>&, bool, bool) () from /usr/lib/libQt5Widgets.so.5
#26 0x00007f5e56cce391 in ?? () from /usr/lib/libQt5Widgets.so.5
#27 0x00007f5e56cd12d4 in ?? () from /usr/lib/libQt5Widgets.so.5
#28 0x00007f5e56c6e4f5 in QApplicationPrivate::notify_helper(QObject*, QEvent*) () from /usr/lib/libQt5Widgets.so.5
#29 0x00007f5e56c77e11 in QApplication::notify(QObject*, QEvent*) () from /usr/lib/libQt5Widgets.so.5
#30 0x00007f5e5a305a29 in KisApplication::notify (this=<optimized out>, receiver=0x55b118bfcf10, event=0x7ffe80a5ec90) at /mnt/attic/krita-build/src/krita/libs/ui/KisApplication.cpp:654
#31 0x00007f5e562ad9c2 in QCoreApplication::notifyInternal2(QObject*, QEvent*) () from /usr/lib/libQt5Core.so.5
#32 0x00007f5e56649b45 in QGuiApplicationPrivate::processMouseEvent(QWindowSystemInterfacePrivate::MouseEvent*) () from /usr/lib/libQt5Gui.so.5
#33 0x00007f5e5664b49b in QGuiApplicationPrivate::processWindowSystemEvent(QWindowSystemInterfacePrivate::WindowSystemEvent*) () from /usr/lib/libQt5Gui.so.5
#34 0x00007f5e56625afc in QWindowSystemInterface::sendWindowSystemEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib/libQt5Gui.so.5
#35 0x00007f5e5181912c in ?? () from /usr/lib/libQt5XcbQpa.so.5
#36 0x00007f5e545723fe in g_main_context_dispatch () from /usr/lib/libglib-2.0.so.0
#37 0x00007f5e54574211 in ?? () from /usr/lib/libglib-2.0.so.0
#38 0x00007f5e54574251 in g_main_context_iteration () from /usr/lib/libglib-2.0.so.0
#39 0x00007f5e56305a03 in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib/libQt5Core.so.5
#40 0x00007f5e562ac4ec in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib/libQt5Core.so.5
#41 0x00007f5e562b4326 in QCoreApplication::exec() () from /usr/lib/libQt5Core.so.5
#42 0x000055b107f8224f in main (argc=<optimized out>, argv=0x7ffe80a5f2e8) at /mnt/attic/krita-build/src/krita/krita/main.cc:574
[Inferior 1 (process 47845) detached]

Reported using DrKonqi
Comment 1 Halla Rempt 2019-10-16 12:12:44 UTC 
Hellozee, this one is for you :-)
Comment 2 M 2019-10-16 15:22:31 UTC 
Created attachment 123236 [details]
GDB backtrace

A fairly reliable way to reproduce my crash is to add and remove an anchor point repeatedly, close to an "open" edge in the image similar to the minimal test file I had for the earlier bug report.
Comment 3 Kuntal Majumder 2019-10-18 12:59:23 UTC 
You didn't close the cage right?
Comment 4 M 2019-10-18 13:23:18 UTC 
No, I didn't. This can happen on the first or second anchor, before the loop is closable.
Comment 5 Kuntal Majumder 2019-10-18 13:27:37 UTC 
Ahh I get the problem now, another edge case that I missed, :D
Comment 6 Kuntal Majumder 2019-10-18 14:27:33 UTC 
Git commit cca4b0607730699188a56dba71226dda24be1ad1 by Kuntal Majumder.
Committed on 18/10/2019 at 14:26.
Pushed by kuntalmajumder into branch 'master'.

Limits the amount of searches in magnetic lasso interactive mode

M  +7    -3    plugins/tools/selectiontools/KisToolSelectMagnetic.cc

https://invent.kde.org/kde/krita/commit/cca4b0607730699188a56dba71226dda24be1ad1