Created attachment 159589 [details] Screen video recording showing steps to reproduce crash SUMMARY KPhotoAlbum crashes when closing the Annotations window if the previous window was the Viewer window that is already closed. Viewer --> Annotations --> Close Viewer --> Close Annotations --> Crash STEPS TO REPRODUCE 1. Open KPhotoAlbum 2. Click on Show Thumbnails 3. Double Click on any photo to View 4. Viewer window opens 5. Right Click on the photo in Viewer window and select Annotate.. 6. Annotations window opens 7. Click the Close (X) button on the Titlebar of the Viewer window (note this is the previous Viewer window and not the new Annotations window that opens) 8. Click the Close (X) button on the Titlebar of the Annotations window 9. KPhotoAlbum crashes Screen video recording is attached OBSERVED RESULT Crash EXPECTED RESULT No crash; return back to main window. SOFTWARE/OS VERSIONS Linux: openSUSE Tumbleweed 20230608; Kernel Version: 6.3.6-1-default (64-bit) KDE Plasma Version: 5.27.5 KDE Frameworks Version: 5.106.0 Qt Version: 5.15.9 ADDITIONAL INFORMATION 1. Crash is reproducible in most cases. Occasionally it does not crash initially at step 9 but repeating 3-8 will result in a crash at step 9. 2. Crash occurs even in the demo database and is regardless of picture or video selected. 3. drkonqi fails to start as seen from command line output. Including gdb backtrace. Command line output: victor@localhost:~> kphotoalbum Map theme file does not exist: "" No plugins loaded. Please check if the plugins were installed in the correct path, or if any errors occurred while loading plugins. Map theme file does not exist: "" Falling back to default theme: "earth/srtm/srtm.dgml" Map theme file does not exist: "" Couldn't find a valid DGML map. QImage::scaled: Image is a null image QImage::scaled: Image is a null image malloc(): unaligned fastbin chunk detected 40 -- exe=/home/victor/.local/bin/kphotoalbum 13 -- platform=xcb 11 -- display=:0 20 -- appname=kphotoalbum 32 -- apppath=/home/victor/.local/bin 9 -- signal=6 9 -- pid=7418 32 -- appversion=v5.10.0-77-g471c4c2f 24 -- programname=KPhotoAlbum 31 -- bugaddress=submit@bugs.kde.org KCrash: Application 'kphotoalbum' crashing... KCrash: Attempting to start /usr/libexec/drkonqi Alarm clock victor@localhost:~> GDB Backtrace for current thread: #0 __pthread_kill_implementation (threadid=<optimized out>, signo=signo@entry=6, no_tid=no_tid@entry=0) at pthread_kill.c:44 #1 0x00007fffec092b03 in __pthread_kill_internal (signo=6, threadid=<optimized out>) at pthread_kill.c:78 #2 0x00007fffec041226 in __GI_raise (sig=sig@entry=6) at ../sysdeps/posix/raise.c:26 #3 0x00007fffec029897 in __GI_abort () at abort.c:79 #4 0x00007fffec02a611 in __libc_message (fmt=fmt@entry=0x7fffec1b0532 "%s\n") at ../sysdeps/posix/libc_fatal.c:150 #5 0x00007fffec09d417 in malloc_printerr (str=str@entry=0x7fffec1b3780 "malloc(): unaligned fastbin chunk detected") at malloc.c:5651 #6 0x00007fffec0a0a2c in _int_malloc (av=av@entry=0x7fffd4000030, bytes=bytes@entry=16) at malloc.c:3839 #7 0x00007fffec0a19bd in __GI___libc_malloc (bytes=bytes@entry=16) at malloc.c:3305 #8 0x00007fffea0132ff in read_packet (c=0x837800) at /usr/src/debug/libxcb-1.15/src/xcb_in.c:314 #9 _xcb_in_read (c=c@entry=0x837800) at /usr/src/debug/libxcb-1.15/src/xcb_in.c:1042 #10 0x00007fffea013a1e in _xcb_conn_wait (c=0x837800, vector=0x0, count=0x0, cond=<optimized out>) at /usr/src/debug/libxcb-1.15/src/xcb_conn.c:544 #11 0x00007fffea01513c in _xcb_conn_wait (count=0x0, vector=0x0, cond=0x837840, c=0x837800) at /usr/src/debug/libxcb-1.15/src/xcb_conn.c:474 #12 xcb_wait_for_event (c=0x837800) at /usr/src/debug/libxcb-1.15/src/xcb_in.c:703 #13 0x00007fffe0d191a0 in QXcbEventQueue::run (this=0x8228e0) at qxcbeventqueue.cpp:228 #14 0x00007fffec703b7d in operator() (__closure=<optimized out>) at thread/qthread_unix.cpp:350 #15 (anonymous namespace)::terminate_on_exception<QThreadPrivate::start(void*)::<lambda()> > (t=...) at thread/qthread_unix.cpp:287 #16 QThreadPrivate::start (arg=0x8228e0) at thread/qthread_unix.cpp:310 #17 0x00007fffec090c24 in start_thread (arg=<optimized out>) at pthread_create.c:444 #18 0x00007fffec118510 in clone3 () at ../sysdeps/unix/sysv/linux/x86_64/clone3.S:81
Created attachment 159590 [details] GDB Backtrace for all threads
Thanks for your comprehensive bug report! I can reproduce this. This should indeed not happen ;-)
Git commit eae40928b1949c36838bda0b265fb5fec1bb95fc by Johannes Zarl-Zierl. Committed on 11/06/2023 at 21:26. Pushed by johanneszarl into branch 'master'. Fix crash when AnnotationDialog is called from ViewerWidget If the AnnotationDialog is called from the ViewerWidget (via the "Annotate..." action in the context menu, ViewerWidget::editImage() is called which calls MainWindow::configureImages(). Since MainWindow::configureImages() is a potentially long-running function call, it is possible that the ViewerWidget was closed (and deleted) before the function returns. In this case, the execution returns to ViewerWidget::editImage of the already deleted ViewerWidget object, leading to a crash. By calling MainWindow::configureImages asynchronoulsy, the whole issue is avoided. M +6 -3 Viewer/ViewerWidget.cpp https://invent.kde.org/graphics/kphotoalbum/-/commit/eae40928b1949c36838bda0b265fb5fec1bb95fc
Wow, such a quick response. I tested, and the fix works correctly. Thank you.