SUMMARY Occasionally, when paiting with a lightness brush-tip on a color smudge brush, I get a stack smash. SOFTWARE/OS VERSIONS Krita Version: 5.0.0-prealpha (git 4eb4338) Languages: en_US, en, en_GB, en, nl, C, en_US, en Hidpi: true Qt Version (compiled): 5.15.3 Version (loaded): 5.15.3 OS Information Build ABI: x86_64-little_endian-lp64 Build CPU: x86_64 CPU: x86_64 Kernel Type: linux Kernel Version: 5.4.0-74-generic Pretty Productname: KDE neon User Edition 5.22 Product Type: neon Product Version: 20.04 Desktop: KDE OpenGL Info Vendor: "Intel" Renderer: "Mesa Intel(R) UHD Graphics 620 (KBL GT2)" Version: "4.6 (Compatibility Profile) Mesa 20.2.6" Shading language: "4.60" Requested format: QSurfaceFormat(version 3.0, options QFlags<QSurfaceFormat::FormatOption>(DeprecatedFunctions), depthBufferSize 24, redBufferSize 8, greenBufferSize 8, blueBufferSize 8, alphaBufferSize 8, stencilBufferSize 8, samples -1, swapBehavior QSurfaceFormat::DoubleBuffer, swapInterval 0, colorSpace QSurfaceFormat::DefaultColorSpace, profile QSurfaceFormat::CompatibilityProfile) Current format: QSurfaceFormat(version 4.6, options QFlags<QSurfaceFormat::FormatOption>(DeprecatedFunctions), depthBufferSize 24, redBufferSize 8, greenBufferSize 8, blueBufferSize 8, alphaBufferSize 8, stencilBufferSize 8, samples -1, swapBehavior QSurfaceFormat::DoubleBuffer, swapInterval 0, colorSpace QSurfaceFormat::DefaultColorSpace, profile QSurfaceFormat::CompatibilityProfile) Version: 4.6 Supports deprecated functions true is OpenGL ES: false GDB Backtrace: --------------------------------------- *** stack smashing detected ***: terminated --Type <RET> for more, q to quit, c to continue without paging-- Thread 1674 "Thread (pooled)" received signal SIGABRT, Aborted. [Switching to Thread 0x7fff3b79e700 (LWP 2227818)] __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50 50 ../sysdeps/unix/sysv/linux/raise.c: No such file or directory. (gdb) thread apply all backtrace Thread 1677 (Thread 0x7fff3486f700 (LWP 2227829)): #0 futex_abstimed_wait_cancelable (private=<optimized out>, abstime=0x7fff3486ec90, clockid=<optimized out>, expected=0, futex_word=0x7fffb801bed4) at ../sysdeps/nptl/futex-internal.h:320 #1 __pthread_cond_wait_common (abstime=0x7fff3486ec90, clockid=<optimized out>, mutex=0x7fffb801be80, cond=0x7fffb801bea8) at pthread_cond_wait.c:520 #2 __pthread_cond_timedwait (cond=0x7fffb801bea8, mutex=0x7fffb801be80, abstime=0x7fff3486ec90) at pthread_cond_wait.c:656 #3 0x00007ffff4319e48 in QWaitCondition::wait(QMutex*, QDeadlineTimer) () at /usr/lib/x86_64-linux-gnu/libQt5Core.so.5 #4 0x00007ffff4317351 in () at /usr/lib/x86_64-linux-gnu/libQt5Core.so.5 #5 0x00007ffff4313d4c in () at /usr/lib/x86_64-linux-gnu/libQt5Core.so.5 #6 0x00007ffff1fbd609 in start_thread (arg=<optimized out>) at pthread_create.c:477 #7 0x00007ffff3f7a293 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95 Thread 1676 (Thread 0x7fff3af9d700 (LWP 2227828)): #0 futex_abstimed_wait_cancelable (private=<optimized out>, abstime=0x7fff3af9cc90, clockid=<optimized out>, expected=0, futex_word=0x7fffb800a430) at ../sysdeps/nptl/futex-internal.h:320 #1 __pthread_cond_wait_common (abstime=0x7fff3af9cc90, clockid=<optimized out>, mutex=0x7fffb800a3e0, cond=0x7fffb800a408) at pthread_cond_wait.c:520 #2 __pthread_cond_timedwait (cond=0x7fffb800a408, mutex=0x7fffb800a3e0, abstime=0x7fff3af9cc90) at pthread_cond_wait.c:656 #3 0x00007ffff4319e48 in QWaitCondition::wait(QMutex*, QDeadlineTimer) () at /usr/lib/x86_64-linux-gnu/libQt5Core.so.5 #4 0x00007ffff4317351 in () at /usr/lib/x86_64-linux-gnu/libQt5Core.so.5 #5 0x00007ffff4313d4c in () at /usr/lib/x86_64-linux-gnu/libQt5Core.so.5 #6 0x00007ffff1fbd609 in start_thread (arg=<optimized out>) at pthread_create.c:477 #7 0x00007ffff3f7a293 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95 Thread 1675 (Thread 0x7fffa3fff700 (LWP 2227824)): #0 futex_abstimed_wait_cancelable (private=<optimized out>, abstime=0x7fffa3ffec90, clockid=<optimized out>, expected=0, futex_word=0x7fff50192f90) at ../sysdeps/nptl/futex-internal.h:320 #1 __pthread_cond_wait_common (abstime=0x7fffa3ffec90, clockid=<optimized out>, mutex=0x7fff50192f40, cond=0x7fff50192f68) at pthread_cond_wait.c:520 #2 __pthread_cond_timedwait (cond=0x7fff50192f68, mutex=0x7fff50192f40, abstime=0x7fffa3ffec90) at pthread_cond_wait.c:656 #3 0x00007ffff4319e48 in QWaitCondition::wait(QMutex*, QDeadlineTimer) () at /usr/lib/x86_64-linux-gnu/libQt5Core.so.5 #4 0x00007ffff4317351 in () at /usr/lib/x86_64-linux-gnu/libQt5Core.so.5 #5 0x00007ffff4313d4c in () at /usr/lib/x86_64-linux-gnu/libQt5Core.so.5 #6 0x00007ffff1fbd609 in start_thread (arg=<optimized out>) at pthread_create.c:477 #7 0x00007ffff3f7a293 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95 Thread 1674 (Thread 0x7fff3b79e700 (LWP 2227818)): #0 __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50 #1 0x00007ffff3e7d859 in __GI_abort () at abort.c:79 #2 0x00007ffff3ee83ee in __libc_message (action=action@entry=do_abort, fmt=fmt@entry=0x7ffff401207c "*** %s ***: terminated\n") at ../sysdeps/posix/libc_fatal.c:155 #3 0x00007ffff3f8ab4a in __GI___fortify_fail (msg=msg@entry=0x7ffff4012064 "stack smashing detected") at fortify_fail.c:26 #4 0x00007ffff3f8ab16 in __stack_chk_fail () at stack_chk_fail.c:24 #5 0x00007ffff4929c4b in () at /usr/lib/x86_64-linux-gnu/libQt5Gui.so.5 #6 0x00007ffff4929c7f in QImage::QImage(QSize const&, QImage::Format) () at /usr/lib/x86_64-linux-gnu/libQt5Gui.so.5 #7 0x00007ffff4929cbd in QImage::QImage(int, int, QImage::Format) () at /usr/lib/x86_64-linux-gnu/libQt5Gui.so.5 --Type <RET> for more, q to quit, c to continue without paging-- #8 0x00007ffff492aa52 in QImage::copy(QRect const&) const () at /usr/lib/x86_64-linux-gnu/libQt5Gui.so.5 #9 0x00007ffff3e09c63 in QImage::copy(int, int, int, int) const (h=<optimized out>, w=<optimized out>, y=-1, x=-1, this=0x7fff3b79d000) at /usr/include/x86_64-linux-gnu/qt5/QtCore/qrect.h:184 #10 KisQImagePyramid::appendPyramidLevel(QImage const&) (this=0x7fff50199900, image=...) at /home/wolthera/krita/src/libs/brush/kis_qimage_pyramid.cpp:251 #11 0x00007ffff3e09e35 in KisQImagePyramid::KisQImagePyramid(QImage const&, bool) (this=0x7fff50199900, baseImage=..., useSmoothingForEnlarging=true) at /home/wolthera/krita/src/libs/brush/kis_qimage_pyramid.cpp:39 #12 0x00007ffff3e0a7bd in KisSharedQImagePyramid::pyramid(KisBrush const*) const (this=0x7fff48051e50, brush=brush@entry=0x7fff4813bca0) at /home/wolthera/krita/src/libs/brush/KisSharedQImagePyramid.cpp:33 #13 0x00007ffff3de747c in KisBrush::paintDevice(KoColorSpace const*, KisDabShape const&, KisPaintInformation const&, double, double) const (this=0x7fff4813bca0, colorSpace=0x55555a772e20, shape=..., info=..., subPixelX=0.93859407144475426, subPixelY=0.6788827769096315) at /usr/include/x86_64-linux-gnu/qt5/QtCore/qsharedpointer_impl.h:307 #14 0x00007fffd01acdeb in KisDabCacheUtils::generateDab(KisDabCacheUtils::DabGenerationInfo const&, KisDabCacheUtils::DabRenderingResources*, KisSharedPtr<KisFixedPaintDevice>*, bool) (di=..., resources=resources@entry=0x7fff3b79d3d0, dab=0x7fff4810f738, forceNormalizedRGBAImageStamp=forceNormalizedRGBAImageStamp@entry=true) at /usr/include/x86_64-linux-gnu/qt5/QtCore/qpoint.h:312 #15 0x00007fffd01af95a in KisDabCache::fetchDabCommon(KoColorSpace const*, KisColorSource*, KoColor const&, QPointF const&, KisDabShape, KisPaintInformation const&, double, QRect*, double, bool) (this=this@entry=0x7fff481595d0, cs=cs@entry=0x55555a772e20, colorSource=colorSource@entry=0x0, color=..., cursorPoint=..., shape=..., info=..., softnessFactor=softnessFactor@entry=1, dstDabRect=0x7fff4820d0e8, lightnessStrength=lightnessStrength@entry=1, forceNormalizedRGBAImageStamp=true) at /home/wolthera/krita/src/plugins/paintops/libpaintop/kis_dab_cache.cpp:220 #16 0x00007fffd01af191 in KisDabCache::fetchNormalizedImageDab(KoColorSpace const*, QPointF const&, KisDabShape const&, KisPaintInformation const&, double, QRect*) (this=this@entry=0x7fff481595d0, cs=0x55555a772e20, cursorPoint=..., shape=..., info=..., softnessFactor=softnessFactor@entry=1, dstDabRect=0x7fff4820d0e8) at /home/wolthera/krita/src/plugins/paintops/libpaintop/kis_dab_cache.cpp:110 #17 0x00007fffd027b3d5 in KisColorSmudgeStrategyLightness::updateMask(KisDabCache*, KisPaintInformation const&, KisDabShape const&, QPointF const&, QRect*, double) (this=0x7fff480084d0, dabCache=0x7fff481595d0, info=..., shape=..., cursorPoint=..., dstDabRect=<optimized out>, paintThickness=0.034364259972120358) at /home/wolthera/krita/src/libs/image/kis_fixed_paint_device.h:80 #18 0x00007fffd02655d5 in KisColorSmudgeOp::paintAt(KisPaintInformation const&) (this=0x7fff4820ca60, info=...) at /home/wolthera/krita/src/plugins/paintops/colorsmudge/kis_colorsmudgeop.cpp:211 #19 0x00007ffff5985bf7 in KisPaintInformation::paintAt<KisPaintOp>(KisPaintOp&, KisDistanceInformation*) (distanceInfo=0x55556614f230, op=..., this=0x7fff3b79d970) at /home/wolthera/krita/src/libs/image/kis_timing_information.h:28 #20 KisPaintOpUtils::paintLine<KisPaintOp>(KisPaintOp&, KisPaintInformation const&, KisPaintInformation const&, KisDistanceInformation*, bool, double) (op=..., pi1=..., pi2=..., currentDistance=currentDistance@entry=0x55556614f230, fanCornersEnabled=false, fanCornersStep=0.52359877559829882) at /home/wolthera/krita/src/libs/image/brushengine/kis_paintop_utils.h:84 #21 0x00007ffff5985486 in KisPaintOp::paintLine(KisPaintInformation const&, KisPaintInformation const&, KisDistanceInformation*) (currentDistance=0x55556614f230, pi2=..., pi1=..., this=0x7fff4820ca60) at /home/wolthera/krita/src/libs/image/brushengine/kis_paintop.cc:144 #22 paintBezierCurve(KisPaintOp*, KisPaintInformation const&, KisVector2D const&, KisVector2D const&, KisPaintInformation const&, KisDistanceInformation*) (paintOp=0x7fff4820ca60, pi1=..., control1=..., control2=..., pi2=..., currentDistance=0x55556614f230) at /home/wolthera/krita/src/libs/image/brushengine/kis_paintop.cc:113 #23 0x00007ffff5985626 in KisPaintOp::paintBezierCurve(KisPaintInformation const&, QPointF const&, QPointF const&, KisPaintInformation const&, KisDistanceInformation*) (this=<optimized out>, pi1=..., control1=..., control2=..., pi2=..., currentDistance=<optimized out>) at /usr/include/eigen3/Eigen/src/Core/PlainObjectBase.h:901 #24 0x00007ffff6e1477b in KisMaskedFreehandStrokePainter::<lambda(KisFreehandStrokeInfo*)>::operator() (data=<optimized out>, data=<optimized out>, __closure=<synthetic pointer>) at /home/wolthera/krita/src/libs/ui/tool/strokes/KisMaskedFreehandStrokePainter.cpp:55 #25 KisMaskedFreehandStrokePainter::applyToAllPainters<KisMaskedFreehandStrokePainter::paintBezierCurve(const KisPaintInformatio--Type <RET> for more, q to quit, c to continue without paging-- n&, const QPointF&, const QPointF&, const KisPaintInformation&)::<lambda(KisFreehandStrokeInfo*)> > (this=0x7fff48110df0, this=0x7fff48110df0, func=...) at /home/wolthera/krita/src/libs/ui/tool/strokes/KisMaskedFreehandStrokePainter.cpp:31 #26 KisMaskedFreehandStrokePainter::paintBezierCurve(KisPaintInformation const&, QPointF const&, QPointF const&, KisPaintInformation const&) (this=0x7fff48110df0, pi1=..., control1=..., control2=..., pi2=...) at /home/wolthera/krita/src/libs/ui/tool/strokes/KisMaskedFreehandStrokePainter.cpp:54 #27 0x00007ffff6e022a8 in FreehandStrokeStrategy::doStrokeCallback(KisStrokeJobData*) (this=0x5555660ca050, data=<optimized out>) at /home/wolthera/krita/src/libs/ui/tool/strokes/freehand_stroke.cpp:176 #28 0x00007ffff591f43b in KisStrokeJob::run() (this=<optimized out>) at /home/wolthera/krita/src/libs/image/kis_stroke_job.h:32 #29 KisUpdateJobItem::run() (this=0x55555fb323a0) at /home/wolthera/krita/src/libs/image/kis_update_job_item.h:90 #30 0x00007ffff4317152 in () at /usr/lib/x86_64-linux-gnu/libQt5Core.so.5 #31 0x00007ffff4313d4c in () at /usr/lib/x86_64-linux-gnu/libQt5Core.so.5 #32 0x00007ffff1fbd609 in start_thread (arg=<optimized out>) at pthread_create.c:477 #33 0x00007ffff3f7a293 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95 Thread 1673 (Thread 0x7fff2f7fe700 (LWP 2227809)): #0 futex_abstimed_wait_cancelable (private=<optimized out>, abstime=0x7fff2f7fdc90, clockid=<optimized out>, expected=0, futex_word=0x7fffb80170a0) at ../sysdeps/nptl/futex-internal.h:320 #1 __pthread_cond_wait_common (abstime=0x7fff2f7fdc90, clockid=<optimized out>, mutex=0x7fffb8017050, cond=0x7fffb8017078) at pthread_cond_wait.c:520 #2 __pthread_cond_timedwait (cond=0x7fffb8017078, mutex=0x7fffb8017050, abstime=0x7fff2f7fdc90) at pthread_cond_wait.c:656 #3 0x00007ffff4319e48 in QWaitCondition::wait(QMutex*, QDeadlineTimer) () at /usr/lib/x86_64-linux-gnu/libQt5Core.so.5 #4 0x00007ffff4317351 in () at /usr/lib/x86_64-linux-gnu/libQt5Core.so.5 #5 0x00007ffff4313d4c in () at /usr/lib/x86_64-linux-gnu/libQt5Core.so.5 #6 0x00007ffff1fbd609 in start_thread (arg=<optimized out>) at pthread_create.c:477 #7 0x00007ffff3f7a293 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95 Thread 1672 (Thread 0x7fff2ffff700 (LWP 2227808)): #0 futex_abstimed_wait_cancelable (private=<optimized out>, abstime=0x7fff2fffec90, clockid=<optimized out>, expected=0, futex_word=0x55555a9a6010) at ../sysdeps/nptl/futex-internal.h:320 #1 __pthread_cond_wait_common (abstime=0x7fff2fffec90, clockid=<optimized out>, mutex=0x55555a9a5fc0, cond=0x55555a9a5fe8) at pthread_cond_wait.c:520 #2 __pthread_cond_timedwait (cond=0x55555a9a5fe8, mutex=0x55555a9a5fc0, abstime=0x7fff2fffec90) at pthread_cond_wait.c:656 #3 0x00007ffff4319e48 in QWaitCondition::wait(QMutex*, QDeadlineTimer) () at /usr/lib/x86_64-linux-gnu/libQt5Core.so.5 #4 0x00007ffff4317351 in () at /usr/lib/x86_64-linux-gnu/libQt5Core.so.5 #5 0x00007ffff4313d4c in () at /usr/lib/x86_64-linux-gnu/libQt5Core.so.5 #6 0x00007ffff1fbd609 in start_thread (arg=<optimized out>) at pthread_create.c:477 #7 0x00007ffff3f7a293 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95 Thread 1126 (Thread 0x7fff3a79c700 (LWP 2220670)): #0 futex_abstimed_wait_cancelable (private=<optimized out>, abstime=0x7fff3a79bc90, clockid=<optimized out>, expected=0, futex_word=0x55555ac8c550) at ../sysdeps/nptl/futex-internal.h:320 #1 __pthread_cond_wait_common (abstime=0x7fff3a79bc90, clockid=<optimized out>, mutex=0x55555ac8c500, cond=0x55555ac8c528) at pthread_cond_wait.c:520 #2 __pthread_cond_timedwait (cond=0x55555ac8c528, mutex=0x55555ac8c500, abstime=0x7fff3a79bc90) at pthread_cond_wait.c:656 #3 0x00007ffff4319e48 in QWaitCondition::wait(QMutex*, QDeadlineTimer) () at /usr/lib/x86_64-linux-gnu/libQt5Core.so.5 #4 0x00007ffff4317351 in () at /usr/lib/x86_64-linux-gnu/libQt5Core.so.5 #5 0x00007ffff4313d4c in () at /usr/lib/x86_64-linux-gnu/libQt5Core.so.5 --Type <RET> for more, q to quit, c to continue without paging-- #6 0x00007ffff1fbd609 in start_thread (arg=<optimized out>) at pthread_create.c:477 #7 0x00007ffff3f7a293 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95 Thread 1071 (Thread 0x7fff3bf9f700 (LWP 2220054)): #0 futex_abstimed_wait_cancelable (private=<optimized out>, abstime=0x7fff3bf9ec90, clockid=<optimized out>, expected=0, futex_word=0x55555a941020) at ../sysdeps/nptl/futex-internal.h:320 #1 __pthread_cond_wait_common (abstime=0x7fff3bf9ec90, clockid=<optimized out>, mutex=0x55555a940fd0, cond=0x55555a940ff8) at pthread_cond_wait.c:520 #2 __pthread_cond_timedwait (cond=0x55555a940ff8, mutex=0x55555a940fd0, abstime=0x7fff3bf9ec90) at pthread_cond_wait.c:656 #3 0x00007ffff4319e48 in QWaitCondition::wait(QMutex*, QDeadlineTimer) () at /usr/lib/x86_64-linux-gnu/libQt5Core.so.5 #4 0x00007ffff4317351 in () at /usr/lib/x86_64-linux-gnu/libQt5Core.so.5 #5 0x00007ffff4313d4c in () at /usr/lib/x86_64-linux-gnu/libQt5Core.so.5 #6 0x00007ffff1fbd609 in start_thread (arg=<optimized out>) at pthread_create.c:477 #7 0x00007ffff3f7a293 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95 Thread 1070 (Thread 0x7fff6ec30700 (LWP 2220053)): #0 futex_abstimed_wait_cancelable (private=<optimized out>, abstime=0x7fff6ec2fc90, clockid=<optimized out>, expected=0, futex_word=0x55555a7f0424) at ../sysdeps/nptl/futex-internal.h:320 #1 __pthread_cond_wait_common (abstime=0x7fff6ec2fc90, clockid=<optimized out>, mutex=0x55555a7f03d0, cond=0x55555a7f03f8) at pthread_cond_wait.c:520 #2 __pthread_cond_timedwait (cond=0x55555a7f03f8, mutex=0x55555a7f03d0, abstime=0x7fff6ec2fc90) at pthread_cond_wait.c:656 #3 0x00007ffff4319e48 in QWaitCondition::wait(QMutex*, QDeadlineTimer) () at /usr/lib/x86_64-linux-gnu/libQt5Core.so.5 #4 0x00007ffff4317351 in () at /usr/lib/x86_64-linux-gnu/libQt5Core.so.5 #5 0x00007ffff4313d4c in () at /usr/lib/x86_64-linux-gnu/libQt5Core.so.5 #6 0x00007ffff1fbd609 in start_thread (arg=<optimized out>) at pthread_create.c:477 #7 0x00007ffff3f7a293 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95 Thread 1069 (Thread 0x7fff71495700 (LWP 2220052)): #0 futex_abstimed_wait_cancelable (private=<optimized out>, abstime=0x7fff71494c90, clockid=<optimized out>, expected=0, futex_word=0x55555a7da7b4) at ../sysdeps/nptl/futex-internal.h:320 #1 __pthread_cond_wait_common (abstime=0x7fff71494c90, clockid=<optimized out>, mutex=0x55555a7da760, cond=0x55555a7da788) at pthread_cond_wait.c:520 #2 __pthread_cond_timedwait (cond=0x55555a7da788, mutex=0x55555a7da760, abstime=0x7fff71494c90) at pthread_cond_wait.c:656 #3 0x00007ffff4319e48 in QWaitCondition::wait(QMutex*, QDeadlineTimer) () at /usr/lib/x86_64-linux-gnu/libQt5Core.so.5 #4 0x00007ffff4317351 in () at /usr/lib/x86_64-linux-gnu/libQt5Core.so.5 #5 0x00007ffff4313d4c in () at /usr/lib/x86_64-linux-gnu/libQt5Core.so.5 #6 0x00007ffff1fbd609 in start_thread (arg=<optimized out>) at pthread_create.c:477 #7 0x00007ffff3f7a293 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95 Thread 1068 (Thread 0x7fff79fbc700 (LWP 2220051)): #0 futex_abstimed_wait_cancelable (private=<optimized out>, abstime=0x7fff79fbbc90, clockid=<optimized out>, expected=0, futex_word=0x55555affb014) at ../sysdeps/nptl/futex-internal.h:320 #1 __pthread_cond_wait_common (abstime=0x7fff79fbbc90, clockid=<optimized out>, mutex=0x55555affafc0, cond=0x55555affafe8) at pthread_cond_wait.c:520 #2 __pthread_cond_timedwait (cond=0x55555affafe8, mutex=0x55555affafc0, abstime=0x7fff79fbbc90) at pthread_cond_wait.c:656 #3 0x00007ffff4319e48 in QWaitCondition::wait(QMutex*, QDeadlineTimer) () at /usr/lib/x86_64-linux-gnu/libQt5Core.so.5 #4 0x00007ffff4317351 in () at /usr/lib/x86_64-linux-gnu/libQt5Core.so.5 --Type <RET> for more, q to quit, c to continue without paging-- #5 0x00007ffff4313d4c in () at /usr/lib/x86_64-linux-gnu/libQt5Core.so.5 #6 0x00007ffff1fbd609 in start_thread (arg=<optimized out>) at pthread_create.c:477 #7 0x00007ffff3f7a293 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95 Thread 1067 (Thread 0x7fff6fc63700 (LWP 2220050)): #0 futex_abstimed_wait_cancelable (private=<optimized out>, abstime=0x7fff6fc62c90, clockid=<optimized out>, expected=0, futex_word=0x55555a8217d0) at ../sysdeps/nptl/futex-internal.h:320 #1 __pthread_cond_wait_common (abstime=0x7fff6fc62c90, clockid=<optimized out>, mutex=0x55555a821780, cond=0x55555a8217a8) at pthread_cond_wait.c:520 #2 __pthread_cond_timedwait (cond=0x55555a8217a8, mutex=0x55555a821780, abstime=0x7fff6fc62c90) at pthread_cond_wait.c:656 #3 0x00007ffff4319e48 in QWaitCondition::wait(QMutex*, QDeadlineTimer) () at /usr/lib/x86_64-linux-gnu/libQt5Core.so.5 #4 0x00007ffff4317351 in () at /usr/lib/x86_64-linux-gnu/libQt5Core.so.5 #5 0x00007ffff4313d4c in () at /usr/lib/x86_64-linux-gnu/libQt5Core.so.5 #6 0x00007ffff1fbd609 in start_thread (arg=<optimized out>) at pthread_create.c:477 #7 0x00007ffff3f7a293 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95 Thread 1065 (Thread 0x7fffab7fe700 (LWP 2219998)): #0 futex_abstimed_wait_cancelable (private=<optimized out>, abstime=0x7fffab7fdc90, clockid=<optimized out>, expected=0, futex_word=0x55555a833250) at ../sysdeps/nptl/futex-internal.h:320 #1 __pthread_cond_wait_common (abstime=0x7fffab7fdc90, clockid=<optimized out>, mutex=0x55555a833200, cond=0x55555a833228) at pthread_cond_wait.c:520 #2 __pthread_cond_timedwait (cond=0x55555a833228, mutex=0x55555a833200, abstime=0x7fffab7fdc90) at pthread_cond_wait.c:656 #3 0x00007ffff4319e48 in QWaitCondition::wait(QMutex*, QDeadlineTimer) () at /usr/lib/x86_64-linux-gnu/libQt5Core.so.5 #4 0x00007ffff4317351 in () at /usr/lib/x86_64-linux-gnu/libQt5Core.so.5 #5 0x00007ffff4313d4c in () at /usr/lib/x86_64-linux-gnu/libQt5Core.so.5 #6 0x00007ffff1fbd609 in start_thread (arg=<optimized out>) at pthread_create.c:477 #7 0x00007ffff3f7a293 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95 Thread 1064 (Thread 0x7fff72507700 (LWP 2219997)): #0 futex_abstimed_wait_cancelable (private=<optimized out>, abstime=0x7fff72506c90, clockid=<optimized out>, expected=0, futex_word=0x55555afecb90) at ../sysdeps/nptl/futex-internal.h:320 #1 __pthread_cond_wait_common (abstime=0x7fff72506c90, clockid=<optimized out>, mutex=0x55555afecb40, cond=0x55555afecb68) at pthread_cond_wait.c:520 #2 __pthread_cond_timedwait (cond=0x55555afecb68, mutex=0x55555afecb40, abstime=0x7fff72506c90) at pthread_cond_wait.c:656 #3 0x00007ffff4319e48 in QWaitCondition::wait(QMutex*, QDeadlineTimer) () at /usr/lib/x86_64-linux-gnu/libQt5Core.so.5 #4 0x00007ffff4317351 in () at /usr/lib/x86_64-linux-gnu/libQt5Core.so.5 #5 0x00007ffff4313d4c in () at /usr/lib/x86_64-linux-gnu/libQt5Core.so.5 #6 0x00007ffff1fbd609 in start_thread (arg=<optimized out>) at pthread_create.c:477 #7 0x00007ffff3f7a293 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95 Thread 37 (Thread 0x7fff7a7bd700 (LWP 2146283)): #0 0x00007ffff3f6daff in __GI___poll (fds=0x7fff64005060, nfds=1, timeout=-1) at ../sysdeps/unix/sysv/linux/poll.c:29 #1 0x00007ffff164036e in () at /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0 #2 0x00007ffff16404a3 in g_main_context_iteration () at /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0 #3 0x00007ffff4554b3b in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () at /usr/lib/x86_64-linux-gnu/libQt5Core.so.5 #4 0x00007ffff44f8dcb in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () at /usr/lib/x86_64-linux-gnu/libQt5Core.so.--Type <RET> for more, q to quit, c to continue without paging-- 5 #5 0x00007ffff4312bb2 in QThread::exec() () at /usr/lib/x86_64-linux-gnu/libQt5Core.so.5 #6 0x00007ffff4313d4c in () at /usr/lib/x86_64-linux-gnu/libQt5Core.so.5 #7 0x00007ffff1fbd609 in start_thread (arg=<optimized out>) at pthread_create.c:477 #8 0x00007ffff3f7a293 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95 Thread 36 (Thread 0x7fff7afbe700 (LWP 2146282)): #0 0x00007ffff3f6daff in __GI___poll (fds=0x7fff68004280, nfds=1, timeout=-1) at ../sysdeps/unix/sysv/linux/poll.c:29 #1 0x00007ffff164036e in () at /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0 #2 0x00007ffff16404a3 in g_main_context_iteration () at /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0 #3 0x00007ffff4554b3b in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () at /usr/lib/x86_64-linux-gnu/libQt5Core.so.5 #4 0x00007ffff44f8dcb in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () at /usr/lib/x86_64-linux-gnu/libQt5Core.so.5 #5 0x00007ffff4312bb2 in QThread::exec() () at /usr/lib/x86_64-linux-gnu/libQt5Core.so.5 #6 0x00007ffff4313d4c in () at /usr/lib/x86_64-linux-gnu/libQt5Core.so.5 #7 0x00007ffff1fbd609 in start_thread (arg=<optimized out>) at pthread_create.c:477 #8 0x00007ffff3f7a293 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95 Thread 35 (Thread 0x7fff7b7bf700 (LWP 2146269)): #0 0x00007ffff3f6daff in __GI___poll (fds=0x7fff74005210, nfds=1, timeout=-1) at ../sysdeps/unix/sysv/linux/poll.c:29 #1 0x00007ffff164036e in () at /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0 #2 0x00007ffff16404a3 in g_main_context_iteration () at /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0 #3 0x00007ffff4554b22 in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () at /usr/lib/x86_64-linux-gnu/libQt5Core.so.5 #4 0x00007ffff44f8dcb in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () at /usr/lib/x86_64-linux-gnu/libQt5Core.so.5 #5 0x00007ffff4312bb2 in QThread::exec() () at /usr/lib/x86_64-linux-gnu/libQt5Core.so.5 #6 0x00007fffe08003ba in () at /usr/lib/x86_64-linux-gnu/libQt5Quick.so.5 #7 0x00007ffff4313d4c in () at /usr/lib/x86_64-linux-gnu/libQt5Core.so.5 #8 0x00007ffff1fbd609 in start_thread (arg=<optimized out>) at pthread_create.c:477 #9 0x00007ffff3f7a293 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95 Thread 34 (Thread 0x7fffa084e700 (LWP 2146264)): #0 0x00007ffff3f6daff in __GI___poll (fds=0x7fff80004e60, nfds=1, timeout=-1) at ../sysdeps/unix/sysv/linux/poll.c:29 #1 0x00007ffff164036e in () at /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0 #2 0x00007ffff16404a3 in g_main_context_iteration () at /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0 #3 0x00007ffff4554b22 in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () at /usr/lib/x86_64-linux-gnu/libQt5Core.so.5 #4 0x00007ffff44f8dcb in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () at /usr/lib/x86_64-linux-gnu/libQt5Core.so.5 #5 0x00007ffff4312bb2 in QThread::exec() () at /usr/lib/x86_64-linux-gnu/libQt5Core.so.5 #6 0x00007fffe054b559 in () at /usr/lib/x86_64-linux-gnu/libQt5Qml.so.5 #7 0x00007ffff4313d4c in () at /usr/lib/x86_64-linux-gnu/libQt5Core.so.5 #8 0x00007ffff1fbd609 in start_thread (arg=<optimized out>) at pthread_create.c:477 #9 0x00007ffff3f7a293 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95 --Type <RET> for more, q to quit, c to continue without paging-- Thread 33 (Thread 0x7fff9904f700 (LWP 2146235)): #0 0x00007ffff3f383bf in __GI___clock_nanosleep (clock_id=clock_id@entry=0, flags=flags@entry=0, req=0x7fff9904ed40, rem=0x7fff9904ed40) at ../sysdeps/unix/sysv/linux/clock_nanosleep.c:78 #1 0x00007ffff3f3e047 in __GI___nanosleep (requested_time=<optimized out>, remaining=<optimized out>) at nanosleep.c:27 #2 0x00007ffff4554465 in () at /usr/lib/x86_64-linux-gnu/libQt5Core.so.5 #3 0x00007ffff594f2fa in KisTileDataSwapper::run() (this=0x7ffff5e8dbe0 <(anonymous namespace)::Q_QGS_s_instance::innerFunction()::holder+64>) at /home/wolthera/krita/src/libs/image/tiles3/swap/kis_tile_data_swapper.cpp:85 #4 0x00007ffff4313d4c in () at /usr/lib/x86_64-linux-gnu/libQt5Core.so.5 #5 0x00007ffff1fbd609 in start_thread (arg=<optimized out>) at pthread_create.c:477 #6 0x00007ffff3f7a293 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95 Thread 31 (Thread 0x7fffc5c4f700 (LWP 2146229)): #0 0x00007ffff3f6daff in __GI___poll (fds=0x7fff84004e60, nfds=1, timeout=-1) at ../sysdeps/unix/sysv/linux/poll.c:29 #1 0x00007ffff164036e in () at /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0 #2 0x00007ffff16404a3 in g_main_context_iteration () at /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0 #3 0x00007ffff4554b22 in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () at /usr/lib/x86_64-linux-gnu/libQt5Core.so.5 #4 0x00007ffff44f8dcb in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () at /usr/lib/x86_64-linux-gnu/libQt5Core.so.5 #5 0x00007ffff4312bb2 in QThread::exec() () at /usr/lib/x86_64-linux-gnu/libQt5Core.so.5 #6 0x00007ffff4313d4c in () at /usr/lib/x86_64-linux-gnu/libQt5Core.so.5 #7 0x00007ffff1fbd609 in start_thread (arg=<optimized out>) at pthread_create.c:477 #8 0x00007ffff3f7a293 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95 Thread 22 (Thread 0x7fffd345e700 (LWP 2145905)): #0 0x00007ffff3f6daff in __GI___poll (fds=0x7fffc8015240, nfds=4, timeout=-1) at ../sysdeps/unix/sysv/linux/poll.c:29 #1 0x00007ffff164036e in () at /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0 #2 0x00007ffff16404a3 in g_main_context_iteration () at /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0 #3 0x00007ffff4554b22 in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () at /usr/lib/x86_64-linux-gnu/libQt5Core.so.5 #4 0x00007ffff44f8dcb in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () at /usr/lib/x86_64-linux-gnu/libQt5Core.so.5 #5 0x00007ffff4312bb2 in QThread::exec() () at /usr/lib/x86_64-linux-gnu/libQt5Core.so.5 #6 0x00007ffff13b2f4b in () at /usr/lib/x86_64-linux-gnu/libQt5DBus.so.5 #7 0x00007ffff4313d4c in () at /usr/lib/x86_64-linux-gnu/libQt5Core.so.5 #8 0x00007ffff1fbd609 in start_thread (arg=<optimized out>) at pthread_create.c:477 #9 0x00007ffff3f7a293 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95 Thread 21 (Thread 0x7fffd3dc5700 (LWP 2145904)): #0 futex_wait_cancelable (private=<optimized out>, expected=0, futex_word=0x7fffd8001cb8) at ../sysdeps/nptl/futex-internal.h:183 #1 __pthread_cond_wait_common (abstime=0x0, clockid=0, mutex=0x7fffd8001c68, cond=0x7fffd8001c90) at pthread_cond_wait.c:508 #2 __pthread_cond_wait (cond=0x7fffd8001c90, mutex=0x7fffd8001c68) at pthread_cond_wait.c:638 #3 0x00007fffec530b5b in () at /usr/lib/x86_64-linux-gnu/dri/iris_dri.so #4 0x00007fffec53075b in () at /usr/lib/x86_64-linux-gnu/dri/iris_dri.so #5 0x00007ffff1fbd609 in start_thread (arg=<optimized out>) at pthread_create.c:477 #6 0x00007ffff3f7a293 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95 --Type <RET> for more, q to quit, c to continue without paging-- Thread 20 (Thread 0x7fffe2e48700 (LWP 2145903)): #0 futex_wait_cancelable (private=<optimized out>, expected=0, futex_word=0x7fffd8001cb8) at ../sysdeps/nptl/futex-internal.h:183 #1 __pthread_cond_wait_common (abstime=0x0, clockid=0, mutex=0x7fffd8001c68, cond=0x7fffd8001c90) at pthread_cond_wait.c:508 #2 __pthread_cond_wait (cond=0x7fffd8001c90, mutex=0x7fffd8001c68) at pthread_cond_wait.c:638 #3 0x00007fffec530b5b in () at /usr/lib/x86_64-linux-gnu/dri/iris_dri.so #4 0x00007fffec53075b in () at /usr/lib/x86_64-linux-gnu/dri/iris_dri.so #5 0x00007ffff1fbd609 in start_thread (arg=<optimized out>) at pthread_create.c:477 #6 0x00007ffff3f7a293 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95 Thread 19 (Thread 0x7fffe2647700 (LWP 2145902)): #0 futex_wait_cancelable (private=<optimized out>, expected=0, futex_word=0x7fffd8001cb8) at ../sysdeps/nptl/futex-internal.h:183 #1 __pthread_cond_wait_common (abstime=0x0, clockid=0, mutex=0x7fffd8001c68, cond=0x7fffd8001c90) at pthread_cond_wait.c:508 #2 __pthread_cond_wait (cond=0x7fffd8001c90, mutex=0x7fffd8001c68) at pthread_cond_wait.c:638 #3 0x00007fffec530b5b in () at /usr/lib/x86_64-linux-gnu/dri/iris_dri.so #4 0x00007fffec53075b in () at /usr/lib/x86_64-linux-gnu/dri/iris_dri.so #5 0x00007ffff1fbd609 in start_thread (arg=<optimized out>) at pthread_create.c:477 #6 0x00007ffff3f7a293 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95 Thread 18 (Thread 0x7fffe1e46700 (LWP 2145901)): #0 futex_wait_cancelable (private=<optimized out>, expected=0, futex_word=0x7fffd8001cb8) at ../sysdeps/nptl/futex-internal.h:183 #1 __pthread_cond_wait_common (abstime=0x0, clockid=0, mutex=0x7fffd8001c68, cond=0x7fffd8001c90) at pthread_cond_wait.c:508 #2 __pthread_cond_wait (cond=0x7fffd8001c90, mutex=0x7fffd8001c68) at pthread_cond_wait.c:638 #3 0x00007fffec530b5b in () at /usr/lib/x86_64-linux-gnu/dri/iris_dri.so #4 0x00007fffec53075b in () at /usr/lib/x86_64-linux-gnu/dri/iris_dri.so #5 0x00007ffff1fbd609 in start_thread (arg=<optimized out>) at pthread_create.c:477 #6 0x00007ffff3f7a293 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95 Thread 17 (Thread 0x7fffe1645700 (LWP 2145896)): #0 0x00007ffff3f6daff in __GI___poll (fds=0x7fffe1644c28, nfds=1, timeout=-1) at ../sysdeps/unix/sysv/linux/poll.c:29 #1 0x00007ffff14bec1a in () at /usr/lib/x86_64-linux-gnu/libxcb.so.1 #2 0x00007ffff14c090a in xcb_wait_for_event () at /usr/lib/x86_64-linux-gnu/libxcb.so.1 #3 0x00007fffeea5ee88 in () at /usr/lib/x86_64-linux-gnu/libQt5XcbQpa.so.5 #4 0x00007ffff4313d4c in () at /usr/lib/x86_64-linux-gnu/libQt5Core.so.5 #5 0x00007ffff1fbd609 in start_thread (arg=<optimized out>) at pthread_create.c:477 #6 0x00007ffff3f7a293 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95 Thread 1 (Thread 0x7fffeebefd00 (LWP 2145680)): #0 0x00007ffff3f6daff in __GI___poll (fds=0x555557609dc0, nfds=3, timeout=10) at ../sysdeps/unix/sysv/linux/poll.c:29 #1 0x00007ffff164036e in () at /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0 #2 0x00007ffff16404a3 in g_main_context_iteration () at /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0 #3 0x00007ffff4554b22 in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () at /usr/lib/x86_64-linux-gnu/libQt5Core.so.5 #4 0x00007ffff44f8dcb in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () at /usr/lib/x86_64-linux-gnu/libQt5Core.so.--Type <RET> for more, q to quit, c to continue without paging-- 5 #5 0x00007ffff4500f84 in QCoreApplication::exec() () at /usr/lib/x86_64-linux-gnu/libQt5Core.so.5 #6 0x0000555555e2ce07 in main(int, char**) (argc=<optimized out>, argv=<optimized out>) at /home/wolthera/krita/src/krita/main.cc:693 (gdb)
Some likely related bugs: Bug 434562 (duplicate maybe?) Bug 436583 Always stack smashing detected by libc while constructing a QImage during execution of KisQImagePyramid::appendPyramidLevel()
Yes, that's all the same thing, and it's a bug in Qt, not in Krita.
Uhm, I'm not so sure about that, I just got the ASAN backtrace, and that points at a buffer overflow in KisColorfulBrush (but if you say it should stay closed...): --------------------------------------------------------------------------------- ================================================================= ==809821==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x6310010a0800 at pc 0x7f2e4fba6c5c bp 0x7ffd9cbb4a20 sp 0x7ffd9cbb4a10 READ of size 4 at 0x6310010a0800 thread T0 #0 0x7f2e4fba6c5b in estimateImageAverage /home/wolthera/krita/src/libs/brush/KisColorfulBrush.cpp:28 #1 0x7f2e4fba7253 in KisColorfulBrush::adjustedMidPoint() const /home/wolthera/krita/src/libs/brush/KisColorfulBrush.cpp:46 #2 0x7f2e2b94ba43 in KisPredefinedBrushChooser::slotUpdateResetBrushAdjustmentsButtonState() /home/wolthera/krita/src/plugins/paintops/libpaintop/kis_predefined_brush_chooser.cpp:483 #3 0x7f2e2b9501ed in KisPredefinedBrushChooser::slotUpdateBrushModeButtonsState() /home/wolthera/krita/src/plugins/paintops/libpaintop/kis_predefined_brush_chooser.cpp:455 #4 0x7f2e2b953c6c in KisPredefinedBrushChooser::updateBrushTip(QSharedPointer<KoResource>, bool) /home/wolthera/krita/src/plugins/paintops/libpaintop/kis_predefined_brush_chooser.cpp:402 #5 0x7f2e2b95fecb in KisPredefinedBrushChooser::qt_static_metacall(QObject*, QMetaObject::Call, int, void**) /home/wolthera/krita/build/plugins/paintops/libpaintop/kritalibpaintop_autogen/include/moc_kis_predefined_brush_chooser.cpp:152 #6 0x7f2e504ac31f (/usr/lib/x86_64-linux-gnu/libQt5Core.so.5+0x2eb31f) #7 0x7f2e4e782589 in KisResourceItemChooser::resourceSelected(QSharedPointer<KoResource>) /home/wolthera/krita/build/libs/resourcewidgets/kritaresourcewidgets_autogen/EWIEGA46WW/moc_KisResourceItemChooser.cpp:209 #8 0x7f2e4e7abd88 in KisResourceItemChooser::activate(QModelIndex const&) /home/wolthera/krita/src/libs/resourcewidgets/KisResourceItemChooser.cpp:353 #9 0x7f2e4e78990e in KisResourceItemChooser::qt_static_metacall(QObject*, QMetaObject::Call, int, void**) /home/wolthera/krita/build/libs/resourcewidgets/kritaresourcewidgets_autogen/EWIEGA46WW/moc_KisResourceItemChooser.cpp:131 #10 0x7f2e504ac31f (/usr/lib/x86_64-linux-gnu/libQt5Core.so.5+0x2eb31f) #11 0x7f2e4e7838cc in KisResourceItemListView::currentResourceChanged(QModelIndex const&) /home/wolthera/krita/build/libs/resourcewidgets/kritaresourcewidgets_autogen/EWIEGA46WW/moc_KisResourceItemListView.cpp:185 #12 0x7f2e4e7b2235 in KisResourceItemListView::selectionChanged(QItemSelection const&, QItemSelection const&) /home/wolthera/krita/src/libs/resourcewidgets/KisResourceItemListView.cpp:55 #13 0x7f2e511c7948 (/usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5+0x3e7948) #14 0x7f2e504ac31f (/usr/lib/x86_64-linux-gnu/libQt5Core.so.5+0x2eb31f) #15 0x7f2e50426453 in QItemSelectionModel::selectionChanged(QItemSelection const&, QItemSelection const&) (/usr/lib/x86_64-linux-gnu/libQt5Core.so.5+0x265453) #16 0x7f2e5042bbaa in QItemSelectionModel::emitSelectionChanged(QItemSelection const&, QItemSelection const&) (/usr/lib/x86_64-linux-gnu/libQt5Core.so.5+0x26abaa) #17 0x7f2e5042f261 in QItemSelectionModel::select(QItemSelection const&, QFlags<QItemSelectionModel::SelectionFlag>) (/usr/lib/x86_64-linux-gnu/libQt5Core.so.5+0x26e261) #18 0x7f2e51202f23 in QListView::setSelection(QRect const&, QFlags<QItemSelectionModel::SelectionFlag>) (/usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5+0x422f23) #19 0x7f2e511c5979 in QAbstractItemView::mousePressEvent(QMouseEvent*) (/usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5+0x3e5979) #20 0x7f2e50f90d10 in QWidget::event(QEvent*) (/usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5+0x1b0d10) #21 0x7f2e51041091 in QFrame::event(QEvent*) (/usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5+0x261091) #22 0x7f2e511cb971 in QAbstractItemView::viewportEvent(QEvent*) (/usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5+0x3eb971) #23 0x7f2e4e7b2fce in KisResourceItemListView::viewportEvent(QEvent*) /home/wolthera/krita/src/libs/resourcewidgets/KisResourceItemListView.cpp:80 #24 0x7f2e50475032 in QCoreApplicationPrivate::sendThroughObjectEventFilters(QObject*, QEvent*) (/usr/lib/x86_64-linux-gnu/libQt5Core.so.5+0x2b4032) #25 0x7f2e50f4ddb1 in QApplicationPrivate::notify_helper(QObject*, QEvent*) (/usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5+0x16ddb1) #26 0x7f2e50f56e76 in QApplication::notify(QObject*, QEvent*) (/usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5+0x176e76) #27 0x7f2e576a16d4 in KisApplication::notify(QObject*, QEvent*) /home/wolthera/krita/src/libs/ui/KisApplication.cpp:711 #28 0x7f2e504752c9 in QCoreApplication::notifyInternal2(QObject*, QEvent*) (/usr/lib/x86_64-linux-gnu/libQt5Core.so.5+0x2b42c9) #29 0x7f2e50f560a6 in QApplicationPrivate::sendMouseEvent(QWidget*, QMouseEvent*, QWidget*, QWidget*, QWidget**, QPointer<QWidget>&, bool, bool) (/usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5+0x1760a6) #30 0x7f2e50fac9dd (/usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5+0x1cc9dd) #31 0x7f2e50faf263 (/usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5+0x1cf263) #32 0x7f2e50f4ddc2 in QApplicationPrivate::notify_helper(QObject*, QEvent*) (/usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5+0x16ddc2) #33 0x7f2e50f56bb7 in QApplication::notify(QObject*, QEvent*) (/usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5+0x176bb7) #34 0x7f2e576a16d4 in KisApplication::notify(QObject*, QEvent*) /home/wolthera/krita/src/libs/ui/KisApplication.cpp:711 #35 0x7f2e504752c9 in QCoreApplication::notifyInternal2(QObject*, QEvent*) (/usr/lib/x86_64-linux-gnu/libQt5Core.so.5+0x2b42c9) #36 0x7f2e508574e7 in QGuiApplicationPrivate::processMouseEvent(QWindowSystemInterfacePrivate::MouseEvent*) (/usr/lib/x86_64-linux-gnu/libQt5Gui.so.5+0x1404e7) #37 0x7f2e5085835d in QGuiApplicationPrivate::processTabletEvent(QWindowSystemInterfacePrivate::TabletEvent*) (/usr/lib/x86_64-linux-gnu/libQt5Gui.so.5+0x14135d) #38 0x7f2e50858b13 in QGuiApplicationPrivate::processWindowSystemEvent(QWindowSystemInterfacePrivate::WindowSystemEvent*) (/usr/lib/x86_64-linux-gnu/libQt5Gui.so.5+0x141b13) #39 0x7f2e508307ab in QWindowSystemInterface::sendWindowSystemEvents(QFlags<QEventLoop::ProcessEventsFlag>) (/usr/lib/x86_64-linux-gnu/libQt5Gui.so.5+0x1197ab) #40 0x7f2e44614ead (/usr/lib/x86_64-linux-gnu/libQt5XcbQpa.so.5+0x77ead) #41 0x7f2e4b76217c in g_main_context_dispatch (/usr/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x5217c) #42 0x7f2e4b7623ff (/usr/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x523ff) #43 0x7f2e4b7624a2 in g_main_context_iteration (/usr/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x524a2) #44 0x7f2e504cfb21 in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) (/usr/lib/x86_64-linux-gnu/libQt5Core.so.5+0x30eb21) #45 0x7f2e50473dca in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) (/usr/lib/x86_64-linux-gnu/libQt5Core.so.5+0x2b2dca) #46 0x7f2e5047bf83 in QCoreApplication::exec() (/usr/lib/x86_64-linux-gnu/libQt5Core.so.5+0x2baf83) #47 0x563213373687 in main /home/wolthera/krita/src/krita/main.cc:693 #48 0x7f2e4fdf80b2 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x270b2) #49 0x563213376d9d in _start (/home/wolthera/krita/inst/bin/krita+0x2357d9d) 0x6310010a0800 is located 0 bytes to the right of 65536-byte region [0x631001090800,0x6310010a0800) allocated by thread T0 here: #0 0x7f2e5be78bc8 in malloc (/usr/lib/x86_64-linux-gnu/libasan.so.5+0x10dbc8) #1 0x7f2e508a4b3b in QImageData::create(QSize const&, QImage::Format) (/usr/lib/x86_64-linux-gnu/libQt5Gui.so.5+0x18db3b) SUMMARY: AddressSanitizer: heap-buffer-overflow /home/wolthera/krita/src/libs/brush/KisColorfulBrush.cpp:28 in estimateImageAverage Shadow bytes around the buggy address: 0x0c628020c0b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x0c628020c0c0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x0c628020c0d0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x0c628020c0e0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x0c628020c0f0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 =>0x0c628020c100:[fa]fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0c628020c110: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0c628020c120: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0c628020c130: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0c628020c140: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0c628020c150: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa Shadow byte legend (one shadow byte represents 8 application bytes): Addressable: 00 Partially addressable: 01 02 03 04 05 06 07 Heap left redzone: fa Freed heap region: fd Stack left redzone: f1 Stack mid redzone: f2 Stack right redzone: f3 Stack after return: f5 Stack use after scope: f8 Global redzone: f9 Global init order: f6 Poisoned by user: f7 Container overflow: fc Array cookie: ac Intra object redzone: bb ASan internal: fe Left alloca redzone: ca Right alloca redzone: cb Shadow gap: cc ==809821==ABORTING
That's here, for the record: https://invent.kde.org/graphics/krita/-/blob/master/libs/brush/KisColorfulBrush.cpp#L28