https://bugs.kde.org/show_bug.cgi?id=366741
Bug ID: 366741
Summary: Krita crashes if all gradients are removed with
segmentation fault
Product: krita
Version: git master
Platform: Compiled Sources
OS: Linux
Status: UNCONFIRMED
Severity: crash
Priority: NOR
Component: Resource Management
Assignee: krita-bugs-n...@kde.org
Reporter: brunodepau...@yahoo.com.br
When you delete all gradients (or patterns, any KisIconWidget that holds many
KoResources) Krita crashes with segmentation fault.
Debugging on Eclipse, I've found that after you delete the last gradient, the
KisIconWidget tries to display a image (QImage) of the current KoResource. But
since that memory area has been deleted, what KisIconWidget has is actually a
dangling pointer.
The KisIconWidget calls m_resource->image(), which calls d->image. The d
variable has been deleted, and hence the segmentation fault.
I tried fixing this, by connecting a signal from the KoResourceAdapterServer to
the KisIconWidget, so that when the resource server is asked to delete the
resource, it would tell the KisIconWidget. That signal was never triggered, and
I had to spend some time looking at GammaRay, and debugging to understand why.
The KisIconWidget receives an adapter (A) via the ::setResourceAdapter method.
The adapter (A) will tell the icon widget if a resource is deleted. The
deletion happens in KoResourceItemChooser::slotButtonClicked. But the problem
is that KoResourceItemChooser creates a new resource adapter (B).
The reason why the KisIconWidget was never notified about the deletion, is
because of the different adapter (emitters).
I have a patch, where the KisControlFrame passes the same resource adapter to
both KisIconWidget and KoResourceItemChooser. Applying the patch, the
segmentation fault is gone, and when you delete the last gradient, the image
displayed a simple white rectangle.
Hope that helps
Bruno
Reproducible: Always
Steps to Reproduce:
1. Open Krita
2. Create a new blank document
3. Click on the Gradients icon widget button
4. Delete all gradients. When you delete the last one, when you click somewhere
like on the canvas area and the gradient popup loses focus, the application
will crash
Actual Results:
Krita crashed with segmentation fault
Expected Results:
Krita should have happily closed the gradient pop up and displayed a
blank/default image in the gradient icon chooser.
Linux: Linux ranma 4.4.0-34-generic #53-Ubuntu SMP Wed Jul 27 16:06:39 UTC 2016
x86_64 x86_64 x86_64 GNU/Linux
Distro: Ubuntu 16.04.1 LTS
IDE & Build: Eclipse Neon + CMake + Valgrind + GammaRay
Git revision: 82247dd5d276097809bf49e708430dcf19a26b45
Thread 1 "krita" received signal SIGSEGV, Segmentation fault.
0x00007ffff63baa25 in QImage::copy(QRect const&) const () from
/usr/lib/x86_64-linux-gnu/libQt5Gui.so.5
And here's a backtrace from the moment the app crashed:
--snip--
(gdb) bt
#0 0x00007ffff63baa25 in QImage::copy(QRect const&) const () from
/usr/lib/x86_64-linux-gnu/libQt5Gui.so.5
#1 0x00007ffff63bdf1f in QImage::QImage(QImage const&) () from
/usr/lib/x86_64-linux-gnu/libQt5Gui.so.5
#2 0x00007ffff279d651 in KoResource::image (this=<optimized out>) at
/home/kinow/Development/cpp/workspace/krita/libs/pigment/resources/KoResource.cpp:68
#3 0x00007ffff784334d in KisIconWidget::paintEvent (this=0x6915600,
event=<optimized out>) at
/home/kinow/Development/cpp/workspace/krita/libs/ui/widgets/kis_iconwidget.cc:68
#4 0x00007ffff6bc0f88 in QWidget::event(QEvent*) () from
/usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5
#5 0x00007ffff6b7e05c in QApplicationPrivate::notify_helper(QObject*, QEvent*)
() from /usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5
#6 0x00007ffff6b83516 in QApplication::notify(QObject*, QEvent*) () from
/usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5
#7 0x00007ffff78d4617 in KisApplication::notify (this=<optimized out>,
receiver=0x6915600, event=0x7fffffffc730) at
/home/kinow/Development/cpp/workspace/krita/libs/ui/KisApplication.cpp:510
#8 0x00007ffff603862b in QCoreApplication::notifyInternal(QObject*, QEvent*)
() from /usr/lib/x86_64-linux-gnu/libQt5Core.so.5
#9 0x00007ffff6bb9a79 in QWidgetPrivate::sendPaintEvent(QRegion const&) ()
from /usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5
#10 0x00007ffff6bba0c1 in QWidgetPrivate::drawWidget(QPaintDevice*, QRegion
const&, QPoint const&, int, QPainter*, QWidgetBackingStore*) () from
/usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5
#11 0x00007ffff6bbad6c in QWidgetPrivate::paintSiblingsRecursive(QPaintDevice*,
QList<QObject*> const&, int, QRegion const&, QPoint const&, int, QPainter*,
QWidgetBackingStore*) ()
from /usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5
#12 0x00007ffff6bb9c31 in QWidgetPrivate::drawWidget(QPaintDevice*, QRegion
const&, QPoint const&, int, QPainter*, QWidgetBackingStore*) () from
/usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5
#13 0x00007ffff6bbad6c in QWidgetPrivate::paintSiblingsRecursive(QPaintDevice*,
QList<QObject*> const&, int, QRegion const&, QPoint const&, int, QPainter*,
QWidgetBackingStore*) ()
from /usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5
#14 0x00007ffff6bb9c31 in QWidgetPrivate::drawWidget(QPaintDevice*, QRegion
const&, QPoint const&, int, QPainter*, QWidgetBackingStore*) () from
/usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5
#15 0x00007ffff6b8b8aa in ?? () from
/usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5
#16 0x00007ffff6b8ba8c in ?? () from
/usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5
#17 0x00007ffff6ba9c1f in QWidgetPrivate::syncBackingStore() () from
/usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5
#18 0x00007ffff6bc0d88 in QWidget::event(QEvent*) () from
/usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5
#19 0x00007ffff6cd6d8b in QMainWindow::event(QEvent*) () from
/usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5
#20 0x00007ffff7161207 in KMainWindow::event (this=this@entry=0x68d7c20,
ev=ev@entry=0x7e37bc0) at
/home/kinow/Development/cpp/workspace/krita/libs/widgetutils/xmlgui/kmainwindow.cpp:780
#21 0x00007ffff7192c79 in KXmlGuiWindow::event (this=0x68d7c20, ev=0x7e37bc0)
at
/home/kinow/Development/cpp/workspace/krita/libs/widgetutils/xmlgui/kxmlguiwindow.cpp:125
#22 0x00007ffff6b7e05c in QApplicationPrivate::notify_helper(QObject*, QEvent*)
() from /usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5
#23 0x00007ffff6b83516 in QApplication::notify(QObject*, QEvent*) () from
/usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5
#24 0x00007ffff78d4617 in KisApplication::notify (this=<optimized out>,
receiver=0x68d7c20, event=0x7e37bc0) at
/home/kinow/Development/cpp/workspace/krita/libs/ui/KisApplication.cpp:510
#25 0x00007ffff603862b in QCoreApplication::notifyInternal(QObject*, QEvent*)
() from /usr/lib/x86_64-linux-gnu/libQt5Core.so.5
#26 0x00007ffff603aa26 in QCoreApplicationPrivate::sendPostedEvents(QObject*,
int, QThreadData*) () from /usr/lib/x86_64-linux-gnu/libQt5Core.so.5
#27 0x00007ffff608e673 in ?? () from /usr/lib/x86_64-linux-gnu/libQt5Core.so.5
#28 0x00007ffff02221a7 in g_main_context_dispatch () from
/lib/x86_64-linux-gnu/libglib-2.0.so.0
#29 0x00007ffff0222400 in ?? () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#30 0x00007ffff02224ac in g_main_context_iteration () from
/lib/x86_64-linux-gnu/libglib-2.0.so.0
#31 0x00007ffff608ea7f in
QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) ()
from /usr/lib/x86_64-linux-gnu/libQt5Core.so.5
#32 0x00007ffff6035dea in
QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () from
/usr/lib/x86_64-linux-gnu/libQt5Core.so.5
#33 0x00007ffff603de8c in QCoreApplication::exec() () from
/usr/lib/x86_64-linux-gnu/libQt5Core.so.5
#34 0x0000000000404b31 in main (argc=1, argv=<optimized out>) at
/home/kinow/Development/cpp/workspace/krita/krita/main.cc:231
(gdb)
--snip--
--
You are receiving this mail because:
You are watching all bug changes.
