Bug 329163 - crash when adding new player in game setup screen
Summary: crash when adding new player in game setup screen
Status: RESOLVED FIXED
Alias: None
Product: konquest
Classification: Unclassified
Component: general (show other bugs)
Version: 2.1
Platform: Kubuntu Packages Linux
: NOR crash (vote)
Target Milestone: ---
Assignee: Alexander Schuch
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2013-12-23 16:52 UTC by Alexander Schuch
Modified: 2013-12-24 03:57 UTC (History)
1 user (show)

See Also:
Latest Commit:
Version Fixed In: 4.11.5


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Alexander Schuch 2013-12-23 16:52:19 UTC
After adjusting the game board (universe), trying to add a player crashes the game.

Reproducible: Always

Steps to Reproduce:
1. Start Konquest.
2. Preparation is quite close to bug 328236:
 2.1. Select a planet at the lower game board boundary.
 2.2. Decrease height of universe.
 2.3. The selection is all "greyed out" and the planet is outside the universe.
3. Push "Add" button to add a new player.
Actual Results:  
Application: Konquest (konquest), signal: Segmentation fault
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
[Current thread is 1 (Thread 0x7f26ec4fa7c0 (LWP 28061))]

Thread 2 (Thread 0x7f26d9fee700 (LWP 28062)):
#0  __pthread_mutex_unlock_usercnt (mutex=0x7f26d4000a60, decr=1) at pthread_mutex_unlock.c:47
#1  0x00007f26e6aea5f1 in g_mutex_unlock () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#2  0x00007f26e6aaa8f3 in g_main_context_prepare () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#3  0x00007f26e6aab0fe in ?? () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#4  0x00007f26e6aab304 in g_main_context_iteration () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#5  0x00007f26ea36a036 in QEventDispatcherGlib::processEvents (this=0x7f26d40008c0, flags=...) at kernel/qeventdispatcher_glib.cpp:426
#6  0x00007f26ea33a38f in QEventLoop::processEvents (this=this@entry=0x7f26d9fedd90, flags=...) at kernel/qeventloop.cpp:149
#7  0x00007f26ea33a618 in QEventLoop::exec (this=this@entry=0x7f26d9fedd90, flags=...) at kernel/qeventloop.cpp:204
#8  0x00007f26ea23c410 in QThread::exec (this=this@entry=0xee3090) at thread/qthread.cpp:542
#9  0x00007f26ea31bedf in QInotifyFileSystemWatcherEngine::run (this=0xee3090) at io/qfilesystemwatcher_inotify.cpp:256
#10 0x00007f26ea23ebec in QThreadPrivate::start (arg=0xee3090) at thread/qthread_unix.cpp:338
#11 0x00007f26e6f7df8e in start_thread (arg=0x7f26d9fee700) at pthread_create.c:311
#12 0x00007f26e98eca0d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:113

Thread 1 (Thread 0x7f26ec4fa7c0 (LWP 28061)):
[KCrash Handler]
#6  t (this=<optimized out>) at /repository/git/anongit.kde.org/konquest/dialogs/newgamedlg.cc:668
#7  operator[] (i=<optimized out>, this=<optimized out>) at /usr/include/qt4/QtCore/qlist.h:478
#8  sector (coord=..., this=0x1361a90) at /repository/git/anongit.kde.org/konquest/map/map.h:68
#9  NewGameDlg::slotNewOwner (this=0x19ed6b0, index=-1) at /repository/git/anongit.kde.org/konquest/dialogs/newgamedlg.cc:512
#10 0x00007f26ea3500ef in QMetaObject::activate (sender=sender@entry=0x1b40930, m=m@entry=0x7f26eba28bc0 <QComboBox::staticMetaObject>, local_signal_index=local_signal_index@entry=5, argv=argv@entry=0x7fff34a08c60) at kernel/qobject.cpp:3539
#11 0x00007f26eb351261 in QComboBox::currentIndexChanged (this=this@entry=0x1b40930, _t1=-1) at .moc/release-shared/moc_qcombobox.cpp:316
#12 0x00007f26eb3512c7 in QComboBoxPrivate::_q_emitCurrentIndexChanged (this=this@entry=0x1b460d0, index=...) at widgets/qcombobox.cpp:1278
#13 0x00007f26eb3562a3 in QComboBoxPrivate::_q_rowsRemoved (this=0x1b460d0, parent=...) at widgets/qcombobox.cpp:1079
#14 0x00007f26ea3500ef in QMetaObject::activate (sender=sender@entry=0x1b46400, m=m@entry=0x7f26ea6965e0 <QAbstractItemModel::staticMetaObject>, local_signal_index=local_signal_index@entry=7, argv=argv@entry=0x7fff34a08e20) at kernel/qobject.cpp:3539
#15 0x00007f26ea39b174 in QAbstractItemModel::rowsRemoved (this=this@entry=0x1b46400, _t1=..., _t2=0, _t3=6) at .moc/release-shared/moc_qabstractitemmodel.cpp:211
#16 0x00007f26ea33606d in QAbstractItemModel::endRemoveRows (this=0x1b46400) at kernel/qabstractitemmodel.cpp:2487
#17 0x00007f26eb517362 in QStandardItemModelPrivate::rowsRemoved (this=<optimized out>, parent=parent@entry=0x1b46510, row=row@entry=0, count=count@entry=7) at itemviews/qstandarditemmodel.cpp:589
#18 0x00007f26eb5175c9 in QStandardItem::removeRows (this=this@entry=0x1b46510, row=row@entry=0, count=count@entry=7) at itemviews/qstandarditemmodel.cpp:1630
#19 0x00007f26eb517694 in QStandardItemModel::removeRows (this=<optimized out>, row=row@entry=0, count=7, parent=...) at itemviews/qstandarditemmodel.cpp:2800
#20 0x00007f26eb350ee0 in QComboBox::clear (this=0x1b40930) at widgets/qcombobox.cpp:2652
#21 0x000000000041eace in NewGameDlg::updateOwnerCB (this=this@entry=0x19ed6b0) at /repository/git/anongit.kde.org/konquest/dialogs/newgamedlg.cc:379
#22 0x000000000041fe98 in NewGameDlg::slotAddPlayer (this=0x19ed6b0) at /repository/git/anongit.kde.org/konquest/dialogs/newgamedlg.cc:449
#23 0x00007f26ea3500ef in QMetaObject::activate (sender=sender@entry=0x1b3c760, m=m@entry=0x7f26eba46ca0 <QAbstractButton::staticMetaObject>, local_signal_index=local_signal_index@entry=2, argv=argv@entry=0x7fff34a091c0) at kernel/qobject.cpp:3539
#24 0x00007f26eb5e6df2 in QAbstractButton::clicked (this=this@entry=0x1b3c760, _t1=false) at .moc/release-shared/moc_qabstractbutton.cpp:220
#25 0x00007f26eb33a3ae in QAbstractButtonPrivate::emitClicked (this=this@entry=0x1b3c790) at widgets/qabstractbutton.cpp:548
#26 0x00007f26eb33aba0 in QAbstractButtonPrivate::click (this=this@entry=0x1b3c790) at widgets/qabstractbutton.cpp:541
#27 0x00007f26eb33ae0c in QAbstractButton::mouseReleaseEvent (this=0x1b3c760, e=0x7fff34a09a60) at widgets/qabstractbutton.cpp:1123
#28 0x00007f26eafc8a89 in QWidget::event (this=0x1b3c760, event=0x7fff34a09a60) at kernel/qwidget.cpp:8375
#29 0x00007f26eaf7b8ec in QApplicationPrivate::notify_helper (this=this@entry=0xaa9d90, receiver=receiver@entry=0x1b3c760, e=e@entry=0x7fff34a09a60) at kernel/qapplication.cpp:4567
#30 0x00007f26eaf7ea33 in QApplication::notify (this=this@entry=0x7fff34a0bca0, receiver=receiver@entry=0x1b3c760, e=e@entry=0x7fff34a09a60) at kernel/qapplication.cpp:4110
#31 0x00007f26ebefe1a6 in KApplication::notify (this=0x7fff34a0bca0, receiver=0x1b3c760, event=0x7fff34a09a60) at ../../kdeui/kernel/kapplication.cpp:311
#32 0x00007f26ea33b63e in QCoreApplication::notifyInternal (this=0x7fff34a0bca0, receiver=receiver@entry=0x1b3c760, event=event@entry=0x7fff34a09a60) at kernel/qcoreapplication.cpp:946
#33 0x00007f26eaf81933 in sendEvent (event=<optimized out>, receiver=<optimized out>) at ../../include/QtCore/../../src/corelib/kernel/qcoreapplication.h:231
#34 QApplicationPrivate::sendMouseEvent (receiver=receiver@entry=0x1b3c760, event=event@entry=0x7fff34a09a60, alienWidget=alienWidget@entry=0x1b3c760, nativeWidget=nativeWidget@entry=0x19ed6b0, buttonDown=buttonDown@entry=0x7f26eba59308 <qt_button_down>, lastMouseReceiver=..., spontaneous=spontaneous@entry=true) at kernel/qapplication.cpp:3178
#35 0x00007f26eaff6e54 in QETWidget::translateMouseEvent (this=this@entry=0x19ed6b0, event=event@entry=0x7fff34a0a1e0) at kernel/qapplication_x11.cpp:4631
#36 0x00007f26eaff5e81 in QApplication::x11ProcessEvent (this=0x7fff34a0bca0, event=event@entry=0x7fff34a0a1e0) at kernel/qapplication_x11.cpp:3746
#37 0x00007f26eb021042 in x11EventSourceDispatch (s=0xa972c0, callback=0x0, user_data=0x0) at kernel/qguieventdispatcher_glib.cpp:146
#38 0x00007f26e6aaaf05 in g_main_context_dispatch () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#39 0x00007f26e6aab248 in ?? () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#40 0x00007f26e6aab304 in g_main_context_iteration () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#41 0x00007f26ea36a016 in QEventDispatcherGlib::processEvents (this=0xa7f3f0, flags=...) at kernel/qeventdispatcher_glib.cpp:424
#42 0x00007f26eb02113e in QGuiEventDispatcherGlib::processEvents (this=<optimized out>, flags=...) at kernel/qguieventdispatcher_glib.cpp:204
#43 0x00007f26ea33a38f in QEventLoop::processEvents (this=this@entry=0x7fff34a0a5c0, flags=...) at kernel/qeventloop.cpp:149
#44 0x00007f26ea33a618 in QEventLoop::exec (this=this@entry=0x7fff34a0a5c0, flags=...) at kernel/qeventloop.cpp:204
#45 0x00007f26eb436338 in QDialog::exec (this=this@entry=0x19ed6b0) at dialogs/qdialog.cpp:554
#46 0x0000000000418b5d in GameView::startNewGame (this=0x1272ec0) at /repository/git/anongit.kde.org/konquest/gameview.cc:460
#47 0x00007f26ea3500ef in QMetaObject::activate (sender=sender@entry=0xc37ab0, m=m@entry=0x7f26eba1d7a0 <QAction::staticMetaObject>, local_signal_index=local_signal_index@entry=1, argv=argv@entry=0x7fff34a0a780) at kernel/qobject.cpp:3539
#48 0x00007f26eaf75152 in QAction::triggered (this=this@entry=0xc37ab0, _t1=false) at .moc/release-shared/moc_qaction.cpp:277
#49 0x00007f26eaf76580 in QAction::activate (this=0xc37ab0, event=<optimized out>) at kernel/qaction.cpp:1257
#50 0x00007f26eb33ab5f in QAbstractButtonPrivate::click (this=this@entry=0x11a0940) at widgets/qabstractbutton.cpp:530
#51 0x00007f26eb33ae0c in QAbstractButton::mouseReleaseEvent (this=0x11b7200, e=0x7fff34a0b030) at widgets/qabstractbutton.cpp:1123
#52 0x00007f26eb3f78ea in QToolButton::mouseReleaseEvent (this=<optimized out>, e=<optimized out>) at widgets/qtoolbutton.cpp:718
#53 0x00007f26eafc8a89 in QWidget::event (this=0x11b7200, event=0x7fff34a0b030) at kernel/qwidget.cpp:8375
#54 0x00007f26eaf7b8ec in QApplicationPrivate::notify_helper (this=this@entry=0xaa9d90, receiver=receiver@entry=0x11b7200, e=e@entry=0x7fff34a0b030) at kernel/qapplication.cpp:4567
#55 0x00007f26eaf7ea33 in QApplication::notify (this=this@entry=0x7fff34a0bca0, receiver=receiver@entry=0x11b7200, e=e@entry=0x7fff34a0b030) at kernel/qapplication.cpp:4110
#56 0x00007f26ebefe1a6 in KApplication::notify (this=0x7fff34a0bca0, receiver=0x11b7200, event=0x7fff34a0b030) at ../../kdeui/kernel/kapplication.cpp:311
#57 0x00007f26ea33b63e in QCoreApplication::notifyInternal (this=0x7fff34a0bca0, receiver=receiver@entry=0x11b7200, event=event@entry=0x7fff34a0b030) at kernel/qcoreapplication.cpp:946
#58 0x00007f26eaf81933 in sendEvent (event=<optimized out>, receiver=<optimized out>) at ../../include/QtCore/../../src/corelib/kernel/qcoreapplication.h:231
#59 QApplicationPrivate::sendMouseEvent (receiver=receiver@entry=0x11b7200, event=event@entry=0x7fff34a0b030, alienWidget=alienWidget@entry=0x11b7200, nativeWidget=nativeWidget@entry=0xc1eaa0, buttonDown=buttonDown@entry=0x7f26eba59308 <qt_button_down>, lastMouseReceiver=..., spontaneous=spontaneous@entry=true) at kernel/qapplication.cpp:3178
#60 0x00007f26eaff6e54 in QETWidget::translateMouseEvent (this=this@entry=0xc1eaa0, event=event@entry=0x7fff34a0b7b0) at kernel/qapplication_x11.cpp:4631
#61 0x00007f26eaff5e81 in QApplication::x11ProcessEvent (this=0x7fff34a0bca0, event=event@entry=0x7fff34a0b7b0) at kernel/qapplication_x11.cpp:3746
#62 0x00007f26eb021042 in x11EventSourceDispatch (s=0xa972c0, callback=0x0, user_data=0x0) at kernel/qguieventdispatcher_glib.cpp:146
#63 0x00007f26e6aaaf05 in g_main_context_dispatch () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#64 0x00007f26e6aab248 in ?? () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#65 0x00007f26e6aab304 in g_main_context_iteration () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#66 0x00007f26ea36a016 in QEventDispatcherGlib::processEvents (this=0xa7f3f0, flags=...) at kernel/qeventdispatcher_glib.cpp:424
#67 0x00007f26eb02113e in QGuiEventDispatcherGlib::processEvents (this=<optimized out>, flags=...) at kernel/qguieventdispatcher_glib.cpp:204
#68 0x00007f26ea33a38f in QEventLoop::processEvents (this=this@entry=0x7fff34a0bb80, flags=...) at kernel/qeventloop.cpp:149
#69 0x00007f26ea33a618 in QEventLoop::exec (this=this@entry=0x7fff34a0bb80, flags=...) at kernel/qeventloop.cpp:204
#70 0x00007f26ea33fcf6 in QCoreApplication::exec () at kernel/qcoreapplication.cpp:1218
#71 0x00007f26eaf79ffc in QApplication::exec () at kernel/qapplication.cpp:3828
#72 0x0000000000411db7 in main (argc=1, argv=0x7fff34a0bdd8) at /repository/git/anongit.kde.org/konquest/Konquest.cc:58

Expected Results:  
Add a new player without crashing.

This problem happens in Konquest 2.1 from KDE 4.10.5 (Kubuntu package), in git KDE/4.12 branch and in git master branch.
Comment 1 Alexander Schuch 2013-12-24 03:50:20 UTC
Git commit 238c8f3f12c84107be9095e63b135e8c94786f00 by Alexander Schuch.
Committed on 24/12/2013 at 03:28.
Pushed by aschuch into branch 'KDE/4.11'.

Properly check for a valid selection in minimap.

Changing the dimensions of the map in game setup dialogue recreates the
game board. The sector selection is kept. However, the selection might
become invalid if the game board shrinks and the selection is not on the
board anymore. Adding a new player to the game will then result in
checking a sector outside the game board (NULL is returned), so that
a method is invoked on a NULL pointer, leading to a crash - see
NewGameDlg::slotNewOwner().

This is implemented in Konquest 2.1.
FIXED-IN: 4.11.5

M  +1    -1    minimapview.h

http://commits.kde.org/konquest/238c8f3f12c84107be9095e63b135e8c94786f00
Comment 2 Alexander Schuch 2013-12-24 03:54:23 UTC
Git commit 1a05c5dec81aab9b8bba5fd715c8dd08b85a37c3 by Alexander Schuch.
Committed on 24/12/2013 at 03:28.
Pushed by aschuch into branch 'KDE/4.12'.

Properly check for a valid selection in minimap.

Changing the dimensions of the map in game setup dialogue recreates the
game board. The sector selection is kept. However, the selection might
become invalid if the game board shrinks and the selection is not on the
board anymore. Adding a new player to the game will then result in
checking a sector outside the game board (NULL is returned), so that
a method is invoked on a NULL pointer, leading to a crash - see
NewGameDlg::slotNewOwner().

This is implemented in Konquest 2.1.
FIXED-IN: 4.11.5
(cherry picked from commit 238c8f3f12c84107be9095e63b135e8c94786f00)

M  +1    -1    minimapview.h

http://commits.kde.org/konquest/1a05c5dec81aab9b8bba5fd715c8dd08b85a37c3
Comment 3 Alexander Schuch 2013-12-24 03:57:59 UTC
Git commit 81b303225fb9149aeadb63878d0ebd0501e5a25e by Alexander Schuch.
Committed on 24/12/2013 at 03:28.
Pushed by aschuch into branch 'master'.

Properly check for a valid selection in minimap.

Changing the dimensions of the map in game setup dialogue recreates the
game board. The sector selection is kept. However, the selection might
become invalid if the game board shrinks and the selection is not on the
board anymore. Adding a new player to the game will then result in
checking a sector outside the game board (NULL is returned), so that
a method is invoked on a NULL pointer, leading to a crash - see
NewGameDlg::slotNewOwner().

This is implemented in Konquest 2.1.
FIXED-IN: 4.11.5
(cherry picked from commit 238c8f3f12c84107be9095e63b135e8c94786f00)

M  +1    -1    minimapview.h

http://commits.kde.org/konquest/81b303225fb9149aeadb63878d0ebd0501e5a25e