Bug 458546 - Crash when selecting a third layer in the layerbox
Summary: Crash when selecting a third layer in the layerbox
Status: RESOLVED FIXED
Alias: None
Product: krita
Classification: Applications
Component: Layer Stack (show other bugs)
Version: nightly build (please specify the git hash!)
Platform: Compiled Sources macOS
: NOR crash
Target Milestone: ---
Assignee: amyspark
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2022-08-31 13:14 UTC by Halla Rempt
Modified: 2022-09-06 09:52 UTC (History)
1 user (show)

See Also:
Latest Commit: https://invent.kde.org/graphics/krita/commit/82d48e2bcbadb4c69cecd86e82950b7fbe5bff37
Version Fixed In:

Attachments
Add an attachment

Note You need to log in before you can comment on or make changes to this bug.
Description Halla Rempt 2022-08-31 13:14:49 UTC 
After a bit of painting, Krita crashed when I selected a second layer using my pen. 

Git hash: 148a5e9bb784d4d84ff5595afe1ab9e48f70883d

Exception Type:        EXC_BAD_ACCESS (SIGSEGV)
Exception Codes:       KERN_INVALID_ADDRESS at 0x0000000000000000
Exception Codes:       0x0000000000000001, 0x0000000000000000
Exception Note:        EXC_CORPSE_NOTIFY

Termination Reason:    Namespace SIGNAL, Code 11 Segmentation fault: 11
Terminating Process:   exc handler [21469]

VM Region Info: 0 is not in any region.  Bytes before following region: 4338204672
      REGION TYPE                    START - END         [ VSIZE] PRT/MAX SHRMOD  REGION DETAIL
      UNUSED SPACE AT START
--->  
      __TEXT                      10293c000-102fb8000    [ 6640K] r-x/r-x SM=COW  ...s/MacOS/krita

Thread 0::  Dispatch queue: com.apple.main-thread
0   libsystem_c.dylib             	       0x18dfaa994 _st_localsub + 364
1   libsystem_c.dylib             	       0x18dfba8c8 time2sub + 1048
2   libsystem_c.dylib             	       0x18dfba8c8 time2sub + 1048
3   libsystem_c.dylib             	       0x18dfba458 time2 + 56
4   libsystem_c.dylib             	       0x18dfba22c _st_time1 + 120
5   libsystem_c.dylib             	       0x18dfba18c mktime + 88
6   QtCore                        	       0x107b76bc8 0x107b10000 + 420808
7   QtCore                        	       0x107b70b04 0x107b10000 + 396036
8   QtCore                        	       0x107b71560 0x107b10000 + 398688
9   QtCore                        	       0x107b71c34 QDateTime::setMSecsSinceEpoch(long long) + 1084
10  QtCore                        	       0x107b6f780 QTime::currentTime() + 88
11  libkritacommand.19.0.0.dylib  	       0x103259f48 KUndo2Command::setTime() + 20 (kundo2stack.cpp:367)
12  libkritacommand.19.0.0.dylib  	       0x103259904 KUndo2Command::KUndo2Command(KUndo2MagicString const&, KUndo2Command*) + 264 (kundo2stack.cpp:131)
13  libkritaimage.19.0.0.dylib    	       0x104cdb914 KisNodeCommand::KisNodeCommand(KUndo2MagicString const&, KisSharedPtr<KisNode>) + 24 (kis_node_command.cpp:13)
14  libkritaimage.19.0.0.dylib    	       0x104cdcee8 KisNodePropertyListCommand::KisNodePropertyListCommand(KisSharedPtr<KisNode>, QList<KisBaseNode::Property>) + 92 (kis_node_property_list_command.cpp:59)
15  libkritaimage.19.0.0.dylib    	       0x104cdee44 KisNodePropertyListCommand::KisNodePropertyListCommand(KisSharedPtr<KisNode>, QList<KisBaseNode::Property>) + 16 (kis_node_property_list_command.cpp:67) [inlined]
16  libkritaimage.19.0.0.dylib    	       0x104cdee44 KisNodePropertyListCommand::setNodePropertiesAutoUndo(KisSharedPtr<KisNode>, KisSharedPtr<KisImage>, QList<KisBaseNode::Property>) + 624 (kis_node_property_list_command.cpp:207)
17  libkritaui.19.0.0.dylib       	       0x1040fb448 KisNodeManager::trySetNodeProperties(KisSharedPtr<KisNode>, KisSharedPtr<KisImage>, QList<KisBaseNode::Property>) const + 380 (kis_node_manager.cpp:947)
18  libkritaui.19.0.0.dylib       	       0x10411bd58 KisNodeModel::setData(QModelIndex const&, QVariant const&, int) + 1824 (kis_node_model.cpp:682)
19  QtCore                        	       0x107cc1280 QSortFilterProxyModel::setData(QModelIndex const&, QVariant const&, int) + 124
20  kritalayerdocker.so           	       0x11244ec9c NodeDelegate::Private::resetPropertyStateRecursive(QModelIndex const&, KisBaseNode::Property* const&) + 492 (NodeDelegate.cpp:635)
21  kritalayerdocker.so           	       0x11244d860 NodeDelegate::Private::toggleProperty(QList<KisBaseNode::Property>&, KisBaseNode::Property*, QFlags<Qt::KeyboardModifier>, QModelIndex const&) + 308 (NodeDelegate.cpp:548)
22  kritalayerdocker.so           	       0x11244fc54 NodeDelegate::editorEvent(QEvent*, QAbstractItemModel*, QStyleOptionViewItem const&, QModelIndex const&) + 1704 (NodeDelegate.cpp:978)
23  kritalayerdocker.so           	       0x1124541cc NodeView::viewportEvent(QEvent*) + 1044 (NodeView.cpp:245)
24  QtCore                        	       0x107ce172c QCoreApplicationPrivate::sendThroughObjectEventFilters(QObject*, QEvent*) + 252
25  QtWidgets                     	       0x106329c7c QApplicationPrivate::notify_helper(QObject*, QEvent*) + 260
26  QtWidgets                     	       0x10632c5d8 QApplication::notify(QObject*, QEvent*) + 6124
27  libkritaui.19.0.0.dylib       	       0x1043cf74c KisApplication::notify(QObject*, QEvent*) + 332 (KisApplication.cpp:757)
28  QtCore                        	       0x107ce1444 QCoreApplication::notifyInternal2(QObject*, QEvent*) + 288
29  QtWidgets                     	       0x10632a5f0 QApplicationPrivate::sendMouseEvent(QWidget*, QMouseEvent*, QWidget*, QWidget*, QWidget**, QPointer<QWidget>&, bool, bool) + 952
30  QtWidgets                     	       0x10637e760 0x106318000 + 419680
31  QtWidgets                     	       0x10637d6c0 0x106318000 + 415424
32  QtWidgets                     	       0x106329c9c QApplicationPrivate::notify_helper(QObject*, QEvent*) + 292
33  QtWidgets                     	       0x10632b010 QApplication::notify(QObject*, QEvent*) + 548
34  libkritaui.19.0.0.dylib       	       0x1043cf74c KisApplication::notify(QObject*, QEvent*) + 332 (KisApplication.cpp:757)
35  QtCore                        	       0x107ce1444 QCoreApplication::notifyInternal2(QObject*, QEvent*) + 288
36  QtGui                         	       0x1070b9b54 QGuiApplicationPrivate::processMouseEvent(QWindowSystemInterfacePrivate::MouseEvent*) + 2956
37  QtGui                         	       0x1070bd308 QGuiApplicationPrivate::processTabletEvent(QWindowSystemInterfacePrivate::TabletEvent*) + 1192
38  QtGui                         	       0x1070a1254 QWindowSystemInterface::sendWindowSystemEvents(QFlags<QEventLoop::ProcessEventsFlag>) + 248
39  libqcocoa.dylib               	       0x109ff421c 0x109fc0000 + 213532
40  CoreFoundation                	       0x18e1ad044 __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ + 28
41  CoreFoundation                	       0x18e1acf90 __CFRunLoopDoSource0 + 208
42  CoreFoundation                	       0x18e1acc90 __CFRunLoopDoSources0 + 268
43  CoreFoundation                	       0x18e1ab610 __CFRunLoopRun + 828
44  CoreFoundation                	       0x18e1aab34 CFRunLoopRunSpecific + 600
45  HIToolbox                     	       0x196dea338 RunCurrentEventLoopInMode + 292
46  HIToolbox                     	       0x196de9fc4 ReceiveNextEventCommon + 324
47  HIToolbox                     	       0x196de9e68 _BlockUntilNextEventMatchingListInModeWithFilter + 72
48  AppKit                        	       0x190d1251c _DPSNextEvent + 860
49  AppKit                        	       0x190d10e14 -[NSApplication(NSEvent) _nextEventMatchingEventMask:untilDate:inMode:dequeue:] + 1328
50  AppKit                        	       0x190d02fe0 -[NSApplication run] + 596
51  libqcocoa.dylib               	       0x109ff3094 0x109fc0000 + 209044
52  QtCore                        	       0x107cdcca8 QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) + 524
53  QtCore                        	       0x107ce1b04 QCoreApplication::exec() + 128
54  krita                         	       0x10294cecc main + 10608 (main.cc:721)
55  dyld                          	       0x1030a108c start + 520
Comment 1 Halla Rempt 2022-08-31 13:17:36 UTC 
I could reproduce this a second time. I selected two layers, enabled the move tool and moved those layers together. Then with the move tool still active, I clicked the eye icon of a third, invisible layer to make it visible.
Comment 2 amyspark 2022-08-31 13:33:40 UTC 
Main thread is not at fault, crash occurs in a worker thread because of null transaction data:

[Inline Frame] kritaui.dll!KisTransaction::endAndTake() Line 78 (e:\krita-win\src\libs\image\kis_transaction.h:78)
kritaui.dll!MovePaintableNodeStrategy::finishMove(KUndo2Command * parentCommand) Line 175 (e:\krita-win\src\libs\ui\tool\strokes\move_stroke_strategy.cpp:175)
[Inline Frame] kritaui.dll!MoveStrokeStrategy::finishStrokeCallback::__l5::<lambda>(KisSharedPtr<KisNode>) Line 370 (e:\krita-win\src\libs\ui\tool\strokes\move_stroke_strategy.cpp:370)
kritaui.dll!MoveStrokeStrategy::recursiveApplyNodes::__l5::<lambda>(KisSharedPtr<KisNode> node) Line 208 (e:\krita-win\src\libs\ui\tool\strokes\move_stroke_strategy.cpp:208)
kritaui.dll!KisLayerUtils::recursiveApplyNodes<KisSharedPtr<KisNode>,void <lambda>(KisSharedPtr<KisNode>)>(KisSharedPtr<KisNode> node, MoveStrokeStrategy::recursiveApplyNodes::__l5::void <lambda>(KisSharedPtr<KisNode>) func) Line 211 (e:\krita-win\src\libs\image\kis_layer_utils.h:211)
kritaui.dll!MoveStrokeStrategy::recursiveApplyNodes<void <lambda>(KisSharedPtr<KisNode>)>(QList<KisSharedPtr<KisNode>> nodes, MoveStrokeStrategy::finishStrokeCallback::__l5::void <lambda>(KisSharedPtr<KisNode>) && func) Line 204 (e:\krita-win\src\libs\ui\tool\strokes\move_stroke_strategy.cpp:204)
kritaui.dll!MoveStrokeStrategy::finishStrokeCallback() Line 373 (e:\krita-win\src\libs\ui\tool\strokes\move_stroke_strategy.cpp:373)
[Inline Frame] kritaimage.dll!KisUpdateJobItem::runImpl() Line 100 (e:\krita-win\src\libs\image\kis_update_job_item.h:100)
kritaimage.dll!KisUpdateJobItem::run() Line 49 (e:\krita-win\src\libs\image\kis_update_job_item.h:49)
Qt5Core.dll!QThreadPoolThread::run() Line 99 (e:\krita-win\msvc\b_deps\ext_qt\s\qtbase\src\corelib\thread\qthreadpool.cpp:99)
Qt5Core.dll!QThreadPrivate::start(void * arg) Line 407 (e:\krita-win\msvc\b_deps\ext_qt\s\qtbase\src\corelib\thread\qthread_win.cpp:407)
kernel32.dll!BaseThreadInitThunk() (Origen desconocido:0)
ntdll.dll!RtlUserThreadStart() (Origen desconocido:0)

Commit 785619b3ca
Comment 3 amyspark 2022-08-31 13:46:03 UTC 
Regression comes from:

commit d138a617ed0456181cc839890035d20fba0d718b
Author: Dmitry Kazakov <dimula73@gmail.com>
Date:   Tue Aug 16 11:38:31 2022 +0300

    Avoid double updates when moving paintable nodes
    
    Bascially, we need to disable internal updates generated by KisTransaction
    in the move tool, because updates are issued at the higher level by a
    separate command.

The commit disabled the update mechanism, but then used KisTransaction::endAndTake() which needs that bit of data.
Comment 4 amyspark 2022-08-31 14:13:45 UTC 
Further to that regression, the actual neutering of this particular way of instantiating KisTransaction took place here:

commit 30d5f8916b5aaa132fca97dcc03d2fd38b4b8530
Author: Eoin O'Neill <eoinoneill1991@gmail.com>
Date:   Tue Mar 30 15:34:34 2021 -0700

    Transaction changes. Removed autokey-duplicate usecase due to undo-related bugs.
Comment 5 Bug Janitor Service 2022-08-31 16:40:24 UTC 
A possibly relevant merge request was started @ https://invent.kde.org/graphics/krita/-/merge_requests/1564
Comment 6 Dmitry Kazakov 2022-09-05 13:10:24 UTC 
Git commit a1c960421e0cc26c815bc9d50ed1d2db7dabd4f9 by Dmitry Kazakov, on behalf of L. E. Segovia.
Committed on 05/09/2022 at 13:09.
Pushed by dkazakov into branch 'master'.

KisTransaction: fix dud assertions

Bug 458546 should've been caught by any of the assertions, but since
they depend on a debug version of Qt, the exception slips past...

M  +19   -15   libs/image/kis_transaction.h

https://invent.kde.org/graphics/krita/commit/a1c960421e0cc26c815bc9d50ed1d2db7dabd4f9
Comment 7 Dmitry Kazakov 2022-09-05 13:10:32 UTC 
Git commit cc87eb078dc30ef1e3b0b411d6da628339a54d0a by Dmitry Kazakov, on behalf of L. E. Segovia.
Committed on 05/09/2022 at 13:09.
Pushed by dkazakov into branch 'master'.

MoveStrokeStrategy: fix false recursion in stroke finalization

The nested recursion over m_nodes means that the strategies will be
executed at least twice for each node. This is inconsistent with the
rest of commit 4a427ee619a507c80e3f5599221591e802a38a54, so let's fix that.

CCMAIL: dimula73@gmail.com

M  +6    -7    libs/ui/tool/strokes/move_stroke_strategy.cpp

https://invent.kde.org/graphics/krita/commit/cc87eb078dc30ef1e3b0b411d6da628339a54d0a
Comment 8 Dmitry Kazakov 2022-09-06 09:51:52 UTC 
Git commit 82d48e2bcbadb4c69cecd86e82950b7fbe5bff37 by Dmitry Kazakov, on behalf of L. E. Segovia.
Committed on 06/09/2022 at 09:51.
Pushed by dkazakov into branch 'krita/5.1'.

MoveStrokeStrategy: fix false recursion in stroke finalization

The nested recursion over m_nodes means that the strategies will be
executed at least twice for each node. This is inconsistent with the
rest of commit 4a427ee619a507c80e3f5599221591e802a38a54, so let's fix that.

CCMAIL: dimula73@gmail.com
(cherry picked from commit cc87eb078dc30ef1e3b0b411d6da628339a54d0a)

M  +6    -7    libs/ui/tool/strokes/move_stroke_strategy.cpp

https://invent.kde.org/graphics/krita/commit/82d48e2bcbadb4c69cecd86e82950b7fbe5bff37
Comment 9 Dmitry Kazakov 2022-09-06 09:52:00 UTC 
Git commit f22b8c182dd623d423eed3996af7a2050ac22cc7 by Dmitry Kazakov, on behalf of L. E. Segovia.
Committed on 06/09/2022 at 09:51.
Pushed by dkazakov into branch 'krita/5.1'.

KisTransaction: fix dud assertions

Bug 458546 should've been caught by any of the assertions, but since
they depend on a debug version of Qt, the exception slips past...
(cherry picked from commit a1c960421e0cc26c815bc9d50ed1d2db7dabd4f9)

M  +19   -15   libs/image/kis_transaction.h

https://invent.kde.org/graphics/krita/commit/f22b8c182dd623d423eed3996af7a2050ac22cc7