Bug 506330 - Crash after safe assert failure in KisDeselectActiveSelectionCommand.cpp, when selecting and transforming large area
Summary: Crash after safe assert failure in KisDeselectActiveSelectionCommand.cpp, whe...
Status: REPORTED
Alias: None
Product: krita
Classification: Applications
Component: * Unknown (other bugs)
Version First Reported In: git master (please specify the git hash!)
Platform: NixOS Linux
: NOR normal
Target Milestone: ---
Assignee: Krita Bugs
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2025-06-28 23:07 UTC by Ming Chuan
Modified: 2025-08-24 05:40 UTC (History)
0 users

See Also:
Latest Commit:
Version Fixed/Implemented In:
Sentry Crash Report:

Attachments
Add an attachment

Note You need to log in before you can comment on or make changes to this bug.
Description Ming Chuan 2025-06-28 23:07:45 UTC 
SUMMARY

SAFE ASSERT (krita): "m_deselectedMask->active()" in file /home/user/sources/krita/libs/image/commands/KisDeselectActiveSelectionCommand.cpp, line 35

The safe assert shows up in the log and a null pointer dereference happens right after that, crashing krita. `m_nodes.first()->image()` was `null` at https://invent.kde.org/graphics/krita/-/blob/c7d81899767b737d603ad1987fae8f38cbcda80a/libs/ui/tool/strokes/move_stroke_strategy.cpp#L375 .

I'm unsure if the safe assert failure is directly related to the crash.

Please refer to the end of this report for log and symbolized stacktrace.

Note that this is a qt6+wayland build of krita (which should not be relevant).

STEPS TO REPRODUCE
1. On a paint layer, use lasso selection tool. There is nothing fancy about the layer (no filter masks, etc), except the area being selected is relatively large (around 5000px * 10000px).
2. Perhaps I was also trying to using free transform tool for the selection
3. Krita crashes if user is very unlucky

OBSERVED RESULT

EXPECTED RESULT

SOFTWARE/OS VERSIONS
Linux, Wayland
Qt 6.9.0
Krita version: 88295ba7c35eca7e668d48e02e7b752828832454 (master branch at 2025-06-22)

ADDITIONAL INFORMATION

Symbolized Stacktrace:
```
#0  KisImage::currentLevelOfDetail (this=0x0) at /home/user/sources/krita/libs/image/kis_image.cc:2551
#1  0x00007ffff7905273 in operator() (__closure=<optimized out>)
    at /home/user/sources/krita/libs/ui/tool/strokes/move_stroke_strategy.cpp:375
#2  0x00007ffff67e730b in KisStrokeJob::run (this=<optimized out>)
    at /home/user/sources/krita/build/libs/image/kritaimage_autogen/EWIEGA46WW/../../../../../libs/image/kis_stroke_job.h:32
#3  KisUpdateJobItem::runImpl (this=0xcbefd10)
    at /home/user/sources/krita/build/libs/image/kritaimage_autogen/EWIEGA46WW/../../../../../libs/image/kis_update_job_item.h:100
#4  KisUpdateJobItem::run (this=0xcbefd10)
    at /home/user/sources/krita/build/libs/image/kritaimage_autogen/EWIEGA46WW/../../../../../libs/image/kis_update_job_item.h:49
#5  0x00007ffff2d99433 in QThreadPoolThread::run() ()
   from /nix/store/l9kvcx3wna1bla7xpy1629hawjqmna4y-qtbase-6.9.0/lib/libQt6Core.so.6
#6  0x00007ffff2d8e939 in QThreadPrivate::start(void*) ()
   from /nix/store/l9kvcx3wna1bla7xpy1629hawjqmna4y-qtbase-6.9.0/lib/libQt6Core.so.6
#7  0x00007ffff229af08 in start_thread () from /nix/store/q4wq65gl3r8fy746v9bbwgx4gzn0r2kl-glibc-2.40-66/lib/libc.so.6
#8  0x00007ffff23230ac in __clone3 () from /nix/store/q4wq65gl3r8fy746v9bbwgx4gzn0r2kl-glibc-2.40-66/lib/libc.so.6
```

Log:
```
SAFE ASSERT (krita): "m_deselectedMask->active()" in file /home/user/sources/krita/libs/image/commands/KisDeselectActiveSelectionCommand.cpp, line 35
krita.general: [
        0: /home/user/sources/krita/outputs/out/lib/libkritaglobal.so.21(kisBacktrace()+0x4a) [0x7ffff507fb5a]
        1: /home/user/sources/krita/outputs/out/lib/libkritaui.so.21(+0x2b66df) [0x7ffff74b66df]
        2: /home/user/sources/krita/outputs/out/lib/libkritaimage.so.21(+0x1e730b) [0x7ffff67e730b]
        3: /nix/store/l9kvcx3wna1bla7xpy1629hawjqmna4y-qtbase-6.9.0/lib/libQt6Core.so.6(+0x399433) [0x7ffff2d99433]
        4: /nix/store/l9kvcx3wna1bla7xpy1629hawjqmna4y-qtbase-6.9.0/lib/libQt6Core.so.6(+0x38e939) [0x7ffff2d8e939]
        5: /nix/store/q4wq65gl3r8fy746v9bbwgx4gzn0r2kl-glibc-2.40-66/lib/libc.so.6(+0x9af08) [0x7ffff229af08]
        6: /nix/store/q4wq65gl3r8fy746v9bbwgx4gzn0r2kl-glibc-2.40-66/lib/libc.so.6(+0x1230ac) [0x7ffff23230ac]
]

Segmentation fault (core dumped)
```
Comment 1 Ming Chuan 2025-08-24 05:40:16 UTC 
Got another crash at the same function (`KisImage::currentLevelOfDetail`) with different call path, it seems there is a real issue around `move_stroke_strategy`?

This time there is no safe assert showing up in log

```
#0  KisImage::currentLevelOfDetail (this=0x0) at /home/user/sources/krita/libs/image/kis_image.cc:2551
#1  0x00007ffff791b393 in operator() (__closure=<optimized out>) at /home/user/sources/krita/libs/ui/tool/strokes/move_stroke_strategy.cpp:375
#2  0x00007ffff67e874b in KisStrokeJob::run (this=<optimized out>) at /home/user/sources/krita/build/libs/image/kritaimage_autogen/EWIEGA46WW/../../../../../libs/image/kis_stroke_job.h:32
#3  KisUpdateJobItem::runImpl (this=0xaec2da0) at /home/user/sources/krita/build/libs/image/kritaimage_autogen/EWIEGA46WW/../../../../../libs/image/kis_update_job_item.h:100
#4  KisUpdateJobItem::run (this=0xaec2da0) at /home/user/sources/krita/build/libs/image/kritaimage_autogen/EWIEGA46WW/../../../../../libs/image/kis_update_job_item.h:49
#5  0x00007ffff31a1ff3 in QThreadPoolThread::run() () from /nix/store/a7vlrrzdya0qsnsbwddmgpw873xj5mdb-qtbase-6.9.1/lib/libQt6Core.so.6
#6  0x00007ffff3197437 in QThreadPrivate::start(void*) () from /nix/store/a7vlrrzdya0qsnsbwddmgpw873xj5mdb-qtbase-6.9.1/lib/libQt6Core.so.6
#7  0x00007ffff269af08 in start_thread () from /nix/store/lmn7lwydprqibdkghw7wgcn21yhllz13-glibc-2.40-66/lib/libc.so.6
#8  0x00007ffff27230ac in __clone3 () from /nix/store/lmn7lwydprqibdkghw7wgcn21yhllz13-glibc-2.40-66/lib/libc.so.6
```