Bug 283538 - Crash after transaction assignment
Summary: Crash after transaction assignment
Status: RESOLVED FIXED
Alias: None
Product: kmymoney
Classification: Applications
Component: general (show other bugs)
Version: SVN
Platform: Unlisted Binaries Microsoft Windows
: NOR crash
Target Milestone: ---
Assignee: KMyMoney Devel Mailing List
URL:
Keywords:
: 283512 (view as bug list)
Depends on:
Blocks:
 
Reported: 2011-10-07 13:28 UTC by Ralf Habacker
Modified: 2011-12-10 12:59 UTC (History)
3 users (show)

See Also:
Latest Commit:
Version Fixed In:


Attachments
ofx example file (3.47 KB, application/octet-stream)
2011-10-07 13:28 UTC, Ralf Habacker
Details
crash fix (1.09 KB, patch)
2011-10-09 08:31 UTC, Ralf Habacker
Details
updated crash fix (917 bytes, patch)
2011-10-09 11:29 UTC, Ralf Habacker
Details

Note You need to log in before you can comment on or make changes to this bug.
Description Ralf Habacker 2011-10-07 13:28:19 UTC
Created attachment 64313 [details]
ofx example file

Version:           SVN trunk (using Devel) 
OS:                MS Windows

1. Opened 
1. I imported the sgml examples of the libofx library int
2. I openend one of the trans

Reproducible: Always

Steps to Reproduce:
1. Start KMymoney 
2. Create new file (I used euro, no checking account creating, german skr03 account type) 
3. import the (appended) sgml examples of the libofx library (renamed to .ofx) into account "Finanzkonten 1:1200 Bankkonto"
4. Open the first transaction, assign a category, change the day to current date 
5. press enter button




Actual Results:  
it crashes

The stack trace is 
 QtGuid4.dll!QWidget::testAttribute_helper(Qt::WidgetAttribute attribute)  Zeile 10912 + 0x1b BytesC++
 QtGuid4.dll!QWidget::testAttribute(Qt::WidgetAttribute attribute)  Zeile 1032C++
 QtGuid4.dll!QWinInputContext::update()  Zeile 377 + 0xa BytesC++
 QtGuid4.dll!QWidget::setInputMethodHints(QFlags<enum Qt::InputMethodHint> hints)  Zeile 9350C++
 QtGuid4.dll!QDateTimeEditPrivate::init(const QVariant & var)  Zeile 2373C++
 QtGuid4.dll!QDateTimeEdit::QDateTimeEdit(const QVariant & var, QVariant::Type parserType, QWidget * parent)  Zeile 217C++
 QtGuid4.dll!QDateEdit::QDateEdit(const QDate & date, QWidget * parent)  Zeile 1609 + 0x4e BytesC++
 kmm_widgets.dll!KMyMoneyDateEdit::KMyMoneyDateEdit(const QDate & date, QWidget * parent)  Zeile 60 + 0x22 BytesC++
 kmm_widgets.dll!kMyMoneyDateInput::kMyMoneyDateInput(QWidget * parent, Qt::AlignmentFlag flags)  Zeile 125 + 0x2d BytesC++
 kmymoney.exe!KMyMoneyTransactionForm::TransactionForm::slotSetTransaction(KMyMoneyRegister::Transaction * transaction)  Zeile 245 + 0xf BytesC++
 kmymoney.exe!KMyMoneyTransactionForm::TransactionForm::clear()  Zeile 222C++
 kmymoney.exe!KGlobalLedgerView::clear()  Zeile 333C++
 kmymoney.exe!KGlobalLedgerView::loadView()  Zeile 392C++
 kmymoney.exe!KGlobalLedgerView::slotLoadView()  Zeile 304C++
 kmymoney.exe!KGlobalLedgerView::slotLeaveEditMode(const KMyMoneyRegister::SelectedTransactions & list)  Zeile 1302C++
 kmymoney.exe!KGlobalLedgerView::qt_metacall(QMetaObject::Call _c, int _id, void * * _a)  Zeile 227 + 0xf BytesC++
 QtCored4.dll!QMetaObject::metacall(QObject * object, QMetaObject::Call cl, int idx, void * * argv)  Zeile 238C++
 QtCored4.dll!QMetaObject::activate(QObject * sender, const QMetaObject * m, int local_signal_index, void * * argv)  Zeile 3278 + 0x27 BytesC++
 kmymoney.exe!TransactionEditor::finishEdit(const KMyMoneyRegister::SelectedTransactions & _t1)  Zeile 145 + 0x17 BytesC++
 kmymoney.exe!TransactionEditor::~TransactionEditor()  Zeile 92C++
 kmymoney.exe!StdTransactionEditor::~StdTransactionEditor()  Zeile 726 + 0x27 BytesC++
 kmymoney.exe!StdTransactionEditor::`scalar deleting destructor'()  + 0x16 BytesC++
 kmymoney.exe!KMyMoneyApp::deleteTransactionEditor()  Zeile 5160 + 0x23 BytesC++
 kmymoney.exe!KMyMoneyApp::slotTransactionsEnter()  Zeile 5226C++
 kmymoney.exe!KMyMoneyApp::qt_metacall(QMetaObject::Call _c, int _id, void * * _a)  Zeile 481 + 0x8 BytesC++
 QtCored4.dll!QMetaObject::metacall(QObject * object, QMetaObject::Call cl, int idx, void * * argv)  Zeile 238C++
 QtCored4.dll!QMetaObject::activate(QObject * sender, const QMetaObject * m, int local_signal_index, void * * argv)  Zeile 3278 + 0x27 BytesC++
 QtGuid4.dll!QAction::triggered(bool _t1)  Zeile 263 + 0x15 BytesC++
 QtGuid4.dll!QAction::activate(QAction::ActionEvent event)  Zeile 1259C++
 QtGuid4.dll!QAction::trigger()  Zeile 218 + 0x11 BytesC++
 QtGuid4.dll!QToolButton::nextCheckState()  Zeile 1148C++
 QtGuid4.dll!QAbstractButtonPrivate::click()  Zeile 529C++
 QtGuid4.dll!QAbstractButton::mouseReleaseEvent(QMouseEvent * e)  Zeile 1122C++
 QtGuid4.dll!QToolButton::mouseReleaseEvent(QMouseEvent * e)  Zeile 722C++
 QtGuid4.dll!QWidget::event(QEvent * event)  Zeile 8296C++
 QtGuid4.dll!QAbstractButton::event(QEvent * e)  Zeile 1081C++
 QtGuid4.dll!QToolButton::event(QEvent * event)  Zeile 1164C++
 QtGuid4.dll!QApplicationPrivate::notify_helper(QObject * receiver, QEvent * e)  Zeile 4481 + 0x11 BytesC++
 QtGuid4.dll!QApplication::notify(QObject * receiver, QEvent * e)  Zeile 4042 + 0x2f BytesC++
 kdeui.dll!KApplication::notify(QObject * receiver, QEvent * event)  Zeile 311 + 0x13 BytesC++
 QtCored4.dll!QCoreApplication::notifyInternal(QObject * receiver, QEvent * event)  Zeile 787 + 0x15 BytesC++
 QtCored4.dll!QCoreApplication::sendSpontaneousEvent(QObject * receiver, QEvent * event)  Zeile 218 + 0x38 BytesC++
 QtGuid4.dll!QApplicationPrivate::sendMouseEvent(QWidget * receiver, QMouseEvent * event, QWidget * alienWidget, QWidget * nativeWidget, QWidget * * buttonDown, QPointer<QWidget> & lastMouseReceiver, bool spontaneous)  Zeile 3139 + 0xe BytesC++
 QtGuid4.dll!QETWidget::translateMouseEvent(const tagMSG & msg)  Zeile 3321 + 0x2a BytesC++
 QtGuid4.dll!QtWndProc(HWND__ * hwnd, unsigned int message, unsigned int wParam, long lParam)  Zeile 1659 + 0xc BytesC++
 user32.dll!75edc4e7() 
 [Unten angegebene Rahmen sind möglicherweise nicht korrekt und/oder fehlen, keine Symbole geladen für user32.dll]
 user32.dll!75edc5e7() 
 user32.dll!75edc590() 
 user32.dll!75edcc19() 
 user32.dll!75edcc70() 
 QtCored4.dll!QEventDispatcherWin32::processEvents(QFlags<enum QEventLoop::ProcessEventsFlag> flags)  Zeile 810C++
 QtGuid4.dll!QGuiEventDispatcherWin32::processEvents(QFlags<enum QEventLoop::ProcessEventsFlag> flags)  Zeile 1170 + 0x15 BytesC++
 QtCored4.dll!QEventLoop::processEvents(QFlags<enum QEventLoop::ProcessEventsFlag> flags)  Zeile 150C++
 QtCored4.dll!QEventLoop::exec(QFlags<enum QEventLoop::ProcessEventsFlag> flags)  Zeile 201 + 0x2d BytesC++
 QtCored4.dll!QCoreApplication::exec()  Zeile 1064 + 0x15 BytesC++
 QtGuid4.dll!QApplication::exec()  Zeile 3756C++
 kmymoney.exe!runKMyMoney(KApplication * a, KStartupLogo * splash)  Zeile 282 + 0x8 BytesC++
 kmymoney.exe!main(int argc, char * * argv)  Zeile 181 + 0xd BytesC++
 kmymoney.exe!WinMain(HINSTANCE__ * instance, HINSTANCE__ * prevInstance, char * __formal, int cmdShow)  Zeile 131 + 0x12 BytesC++
 kmymoney.exe!__tmainCRTStartup()  Zeile 547 + 0x2c BytesC
 kmymoney.exe!WinMainCRTStartup()  Zeile 371C
 kernel32.dll!772eed6c() 
 ntdll.dll!775437f5() 
 ntdll.dll!775437c8() 
 kmymoney.exe!Ui_LendBorrowWizardPageDecl::setupUi(QWizardPage * LendBorrowWizardPageDecl)  Zeile 114 + 0x1a BytesC++


In the below listed code snippet from strack frame 3 

void QWinInputContext::update()
{
    QWidget *w = focusWidget();
    if(!w)
        return;

    Q_ASSERT(w->testAttribute(Qt::WA_WState_Created));
    HIMC imc = getContext(w->effectiveWinId());

    if (!imc)
        return;

    QFont f = qvariant_cast<QFont>(w->inputMethodQuery(Qt::ImFont));
    HFONT hf;
    hf = f.handle();


The first instruction returns the widget containing the current focus. 

    QWidget *w = focusWidget();

In the msvc ide i can see that the returned object has already been free'd. 

-		w	0x0c577270 {classname="QWidget" superclassname="QObject"}	QWidget *
+		data	0xfeeefeee {winid=??? widget_attributes=??? window_flags={...} ...}	QWidgetData *

0x0C577270  ee fe ee fe ee fe ee fe ee fe ee fe ee fe ee fe ee fe ee fe ee fe ee fe ee  îþîþîþîþîþîþîþîþîþîþîþîþî
0x0C577289  fe ee fe ee fe ee fe ee fe ee fe ee fe ee fe ee fe ee fe ee fe ee fe ee fe  þîþîþîþîþîþîþîþîþîþîþîþîþ
0x0C5772A2  ee fe ee fe ee fe ee fe ee fe ee fe ee fe ee fe ee fe ee fe ee fe ee fe ee  îþîþîþîþîþîþîþîþîþîþîþîþî
0x0C5772BB  fe ee fe ee fe ee fe ee fe ee fe ee fe ee fe ee fe ee fe ee fe ee fe ee fe  þîþîþîþîþîþîþîþîþîþîþîþîþ
0x0C5772D4  ee fe ee fe ee fe ee fe ee fe ee fe ee fe ee fe ee fe ee fe ee fe ee fe ee  îþîþîþîþîþîþîþîþîþîþîþîþî
0x0C5772ED  fe ee fe ee fe ee fe ee fe ee fe ee fe ee fe ee fe ee fe ee fe ee fe ee fe  þîþîþîþîþîþîþîþîþîþîþîþîþ
0x0C577306  ee fe ee fe ee fe ee fe ee fe ee fe ee fe ee fe ee fe ee fe ee fe ee fe ee  îþîþîþîþîþîþîþîþîþîþîþîþî
0x0C57731F  fe ee fe ee fe ee fe ee fe

Accessing members of this object in QWidget::testAttribute_helper from stack frame 1 is the reason for the crash. 



Expected Results:  
it should not crash
Comment 1 Ralf Habacker 2011-10-09 08:31:49 UTC
Created attachment 64353 [details]
crash fix
Comment 2 Ralf Habacker 2011-10-09 08:39:04 UTC
Adding some qdebug output to QWidget constructors like 

qDebug() << this << parent;

shows that the related object is a KMyMoneySelector instance. 

Adding a reset of the QApplication input context likes done on other places fixes this crashes (see appended patch)

I did not found the reason why the destroyed qwidget has not been removed from the input context handling, so it is unclear if this is caused on kmymoneys side of if this is a qt or qt win issue.
Comment 3 Ralf Habacker 2011-10-09 11:29:19 UTC
Created attachment 64357 [details]
updated crash fix

Further investigation shows that the free'd object is the m_treeWidget member of class KMymoneySelector, which is alread free'd in the KMymoneySelector destructor, but still set as focus widget in qapp input context. 
The patch fixes this by resetting the global focus widget.
Comment 4 Marko Käning 2011-10-23 11:25:23 UTC
This looks very much like my bug 267589 on MacOSX.

You marked it as fixed, but the question is: Did the KMyMoney developers include the patch already in their sources?
Comment 5 Ralf Habacker 2011-10-23 17:44:53 UTC
see http://websvn.kde.org/?view=revision&revision=1260276
Comment 6 Ralf Habacker 2011-10-23 18:14:01 UTC
I tried to apply also to the stable branch, but do not have commit rights.
Comment 7 Cristian Oneț 2011-10-23 19:58:48 UTC
SVN commit 1260397 by conet:

Reset the focused widget or else we'll have a crash later
caused by an already free'd focus widget in the input context

Backported to the stable branch.

BUG: 283538



 M  +9 -0      kmymoneyselector.cpp  


WebSVN link: http://websvn.kde.org/?view=rev&revision=1260397
Comment 8 Cristian Oneț 2011-10-23 19:59:53 UTC
2011/10/23 Ralf Habacker <ralf.habacker@freenet.de>:
> https://bugs.kde.org/show_bug.cgi?id=283538
>
>
>
>
>
> --- Comment #6 from Ralf Habacker <ralf habacker freenet de>  2011-10-23 18:14:01 ---
> I tried to apply also to the stable branch, but do not have commit rights.

I took care of this.

> --
> Configure bugmail: https://bugs.kde.org/userprefs.cgi?tab=email
> ------- You are receiving this mail because: -------
> You are the assignee for the bug.
> _______________________________________________
> KMyMoney-devel mailing list
> KMyMoney-devel@kde.org
> https://mail.kde.org/mailman/listinfo/kmymoney-devel
>
Comment 9 Ralf Habacker 2011-10-23 20:32:15 UTC
> I took care of this.

Thanks
Comment 10 Ralf Habacker 2011-10-24 06:45:24 UTC
(In reply to comment #4)
> This looks very much like my bug 267589 on MacOSX.
> 
> You marked it as fixed, but the question is: Did the KMyMoney developers
> include the patch already in their sources?

just a remark: You are aware, that this patch is activated on windows only ?
Comment 11 Marko Käning 2011-10-25 21:20:32 UTC
No, I wasn't aware of that this is only relevant for Windows code, sorry.
Comment 12 Cristian Oneț 2011-12-10 12:59:43 UTC
*** Bug 283512 has been marked as a duplicate of this bug. ***