Bug#428651: SIGABRT when QGArray calls malloc()
Package: libqt3-mt
Version: 3:3.3.7-4+b1
Severity: important
Hi,
konqueror has been crashing on me recently when QGArray calls malloc. Attached are the backtraces, produced with all the
debugging symbols installed.
Andrew
-- System Information:
Debian Release: lenny/sid
APT prefers stable
APT policy: (600, 'stable'), (500, 'testing'), (400, 'unstable'), (1, 'experimental')
Architecture: i386 (i686)
Kernel: Linux 2.6.20-1-k7 (SMP w/1 CPU core)
Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages libqt3-mt depends on:
ii fontconfig 2.4.2-1.2 generic font configuration library
ii libaudio2 1.8-4 The Network Audio System (NAS). (s
ii libc6 2.6~20070518-2 GNU C Library: Shared libraries
ii libfontconfig1 2.4.2-1.2 generic font configuration library
ii libfreetype6 2.2.1-5+etch1 FreeType 2 font engine, shared lib
ii libgcc1 1:4.2-20070528-1 GCC support library
ii libice6 1:1.0.1-2 X11 Inter-Client Exchange library
ii libjpeg62 6b-13 The Independent JPEG Group's JPEG
ii libmng1 1.0.9-1 Multiple-image Network Graphics li
ii libpng12-0 1.2.15~beta5-1 PNG library - runtime
ii libsm6 1:1.0.1-3 X11 Session Management library
ii libstdc++6 4.2-20070528-1 The GNU Standard C++ Library v3
ii libx11-6 2:1.0.3-7 X11 client-side library
ii libxcursor1 1.1.7-4 X cursor management library
ii libxext6 1:1.0.1-2 X11 miscellaneous extension librar
ii libxft2 2.1.8.2-8 FreeType-based font drawing librar
ii libxi6 1:1.0.1-4 X11 Input extension library
ii libxinerama1 1:1.0.1-4.1 X11 Xinerama extension library
ii libxrandr2 2:1.2.1-1 X11 RandR extension library
ii libxrender1 1:0.9.1-3 X Rendering Extension client libra
ii libxt6 1:1.0.2-2 X11 toolkit intrinsics library
ii zlib1g 1:1.2.3-13 compression library - runtime
Versions of packages libqt3-mt recommends:
ii libgl1-mesa-glx [libgl1] 6.5.1-0.6 A free implementation of the OpenG
ii libglu1-mesa [libglu1] 6.5.1-0.6 The OpenGL utility library (GLU)
ii libxmu6 1:1.0.2-2 X11 miscellaneous utility library
-- no debconf information
Using host libthread_db library "/lib/libthread_db.so.1".
[Thread debugging using libthread_db enabled]
[New Thread -1232369984 (LWP 3970)]
[KCrash handler]
#5 0xb7d25176 in raise () from /lib/libc.so.6
#6 0xb7d26a51 in abort () from /lib/libc.so.6
#7 0xb7d1e640 in __assert_fail () from /lib/libc.so.6
#8 0xb7d62b90 in do_check_inuse_chunk () from /lib/libc.so.6
#9 0xb7d641e0 in malloc_consolidate () from /lib/libc.so.6
#10 0xb7d66551 in _int_malloc () from /lib/libc.so.6
#11 0xb7d689e2 in malloc () from /lib/libc.so.6
#12 0xb757d74a in QGArray (this=0xbfb7666c, size=514) at tools/qgarray.cpp:146
#13 0xb75717b0 in QMemArray (this=0xbfb7666c, size=514)
at tools/qmemarray.h:59
#14 0xb7570a48 in QCString (this=0xbfb7666c, size=514)
at tools/qcstring.cpp:681
#15 0xb7862927 in writeEntries (pStream=0xef750f8, entryMap=@0xbfb76798,
defaultGroup=true, firstEntry=@0xbfb766cf, localeString=@0xb83efd8)
at /tmp/buildd/kdelibs-3.5.7.dfsg.1/./kdecore/kconfigbackend.cpp:116
#16 0xb7862d80 in KConfigINIBackEnd::writeEntries (this=0xb83efc0,
pStream=0xef750f8, aTempMap=@0xbfb76798)
at /tmp/buildd/kdelibs-3.5.7.dfsg.1/./kdecore/kconfigbackend.cpp:1088
#17 0xb78fd6c3 in KConfigINIBackEnd::writeConfigFile (this=0xb83efc0,
filename=@0xbfb76840, bGlobal=false, bMerge=false)
at /tmp/buildd/kdelibs-3.5.7.dfsg.1/./kdecore/kconfigbackend.cpp:1057
#18 0xb7903b0b in KConfigINIBackEnd::sync (this=0xb83efc0, bMerge=false)
at /tmp/buildd/kdelibs-3.5.7.dfsg.1/./kdecore/kconfigbackend.cpp:794
#19 0xb7841579 in KSimpleConfig::sync (this=0xe312b90)
at /tmp/buildd/kdelibs-3.5.7.dfsg.1/./kdecore/ksimpleconfig.cpp:72
#20 0xb785d0fd in ~KSimpleConfig (this=0xe312b90)
at /tmp/buildd/kdelibs-3.5.7.dfsg.1/./kdecore/ksimpleconfig.cpp:65
#21 0xb5e45078 in ~KHTMLView (this=0xd7a7f28)
at /tmp/buildd/kdelibs-3.5.7.dfsg.1/./khtml/khtmlview.cpp:177
#22 0xb7f8836d in ~Part (this=0xec164f0, __vtt_parm=0xb60c8708)
at /tmp/buildd/kdelibs-3.5.7.dfsg.1/./kparts/part.cpp:159
#23 0xb7f95a32 in ~ReadOnlyPart (this=0xec164f0, __vtt_parm=0xb60c8704)
at /tmp/buildd/kdelibs-3.5.7.dfsg.1/./kparts/part.cpp:314
#24 0xb5e44946 in ~KHTMLPart (this=0xec164f0)
at /tmp/buildd/kdelibs-3.5.7.dfsg.1/./khtml/khtml_part.cpp:524
#25 0xb5e167c3 in KHTMLPart::clear (this=0xb5c7688)
at /tmp/buildd/kdelibs-3.5.7.dfsg.1/./khtml/khtml_part.cpp:1446
#26 0xb5e21215 in KHTMLPart::begin (this=0xb5c7688, url=@0xb516be4,
xOffset=0, yOffset=0)
at /tmp/buildd/kdelibs-3.5.7.dfsg.1/./khtml/khtml_part.cpp:1890
#27 0xb5e1f0d9 in KHTMLPart::slotData (this=0xb5c7688, kio_job=0xbfe3e08,
data=@0xbfb77020)
at /tmp/buildd/kdelibs-3.5.7.dfsg.1/./khtml/khtml_part.cpp:1579
#28 0xb5e4a31e in KHTMLPart::qt_invoke (this=0xb5c7688, _id=16, _o=0xbfb76d20)
at ./khtml_part.moc:500
#29 0xb728be1b in QObject::activate_signal (this=0xbfe3e08, clist=0xef6e210,
o=0xbfb76d20) at kernel/qobject.cpp:2356
#30 0xb7ae03bd in KIO::TransferJob::data (this=0xbfe3e08, t0=0xbfe3e08,
t1=@0xbfb77020) at ./jobclasses.moc:993
#31 0xb7ae0438 in KIO::TransferJob::slotData (this=0xbfe3e08,
_data=@0xbfb77020)
at /tmp/buildd/kdelibs-3.5.7.dfsg.1/./kio/kio/job.cpp:933
#32 0xb7b1f6f9 in KIO::TransferJob::qt_invoke (this=0xbfe3e08, _id=18,
_o=0xbfb76e14) at ./jobclasses.moc:1072
#33 0xb728be1b in QObject::activate_signal (this=0xc812418, clist=0xef99140,
o=0xbfb76e14) at kernel/qobject.cpp:2356
#34 0xb7addade in KIO::SlaveInterface::data (this=0xc812418, t0=@0xbfb77020)
at ./slaveinterface.moc:194
#35 0xb7b499a3 in KIO::SlaveInterface::dispatch (this=0xc812418, _cmd=100,
rawdata=@0xbfb77020)
at /tmp/buildd/kdelibs-3.5.7.dfsg.1/./kio/kio/slaveinterface.cpp:234
#36 0xb7b48cfa in KIO::SlaveInterface::dispatch (this=0xc812418)
at /tmp/buildd/kdelibs-3.5.7.dfsg.1/./kio/kio/slaveinterface.cpp:173
#37 0xb7aef24c in KIO::Slave::gotInput (this=0xc812418)
at /tmp/buildd/kdelibs-3.5.7.dfsg.1/./kio/kio/slave.cpp:300
#38 0xb7b38f00 in KIO::Slave::qt_invoke (this=0xc812418, _id=4, _o=0xbfb77148)
at ./slave.moc:113
#39 0xb728be1b in QObject::activate_signal (this=0x9645728, clist=0xc812698,
o=0xbfb77148) at kernel/qobject.cpp:2356
#40 0xb728c722 in QObject::activate_signal (this=0x9645728, signal=2,
param=36) at kernel/qobject.cpp:2449
#41 0xb7615d1f in QSocketNotifier::activated (this=0x9645728, t0=36)
at .moc/debug-shared-mt/moc_qsocketnotifier.cpp:85
#42 0xb72ae5c6 in QSocketNotifier::event (this=0x9645728, e=0xbfb774a0)
at kernel/qsocketnotifier.cpp:258
#43 0xb7223cf2 in QApplication::internalNotify (this=0xbfb777dc,
receiver=0x9645728, e=0xbfb774a0) at kernel/qapplication.cpp:2635
#44 0xb7225b0f in QApplication::notify (this=0xbfb777dc, receiver=0x9645728,
e=0xbfb774a0) at kernel/qapplication.cpp:2358
#45 0xb7909142 in KApplication::notify (this=0xbfb777dc, receiver=0x9645728,
event=0xbfb774a0)
at /tmp/buildd/kdelibs-3.5.7.dfsg.1/./kdecore/kapplication.cpp:550
#46 0xb71b74c1 in QApplication::sendEvent (receiver=0x9645728,
event=0xbfb774a0) at ../include/qapplication.h:520
#47 0xb7216079 in QEventLoop::activateSocketNotifiers (this=0x80b4560)
at kernel/qeventloop_unix.cpp:578
#48 0xb71cb7f4 in QEventLoop::processEvents (this=0x80b4560, flags=4)
at kernel/qeventloop_x11.cpp:383
#49 0xb723e245 in QEventLoop::enterLoop (this=0x80b4560)
at kernel/qeventloop.cpp:198
#50 0xb723e066 in QEventLoop::exec (this=0x80b4560)
at kernel/qeventloop.cpp:145
#51 0xb722588b in QApplication::exec (this=0xbfb777dc)
at kernel/qapplication.cpp:2758
#52 0xb666b675 in kdemain (argc=2, argv=0x8076e18)
at /tmp/buildd/kdebase-3.5.7/./konqueror/konq_main.cc:206
#53 0xb7fcd464 in kdeinitmain (argc=2, argv=0x8076e18) at konqueror_dummy.cc:3
#54 0x0804e5ef in launch (argc=2, _name=0x8079b9c "konqueror",
args=0x8079baf "", cwd=0x0, envc=0, envs=0x8079bb4 "", reset_env=false,
tty=0x0, avoid_loops=false, startup_id_str=0x8050f0e "0")
at /tmp/buildd/kdelibs-3.5.7.dfsg.1/./kinit/kinit.cpp:673
#55 0x0804ee89 in handle_launcher_request (sock=9)
at /tmp/buildd/kdelibs-3.5.7.dfsg.1/./kinit/kinit.cpp:1240
#56 0x0804f20f in handle_requests (waitForPid=0)
at /tmp/buildd/kdelibs-3.5.7.dfsg.1/./kinit/kinit.cpp:1443
#57 0x0805047c in main (argc=5, argv=0xbfb78274, envp=0xbfb7828c)
at /tmp/buildd/kdelibs-3.5.7.dfsg.1/./kinit/kinit.cpp:1909
#58 0xb7d11030 in __libc_start_main () from /lib/libc.so.6
#59 0x0804bb01 in _start ()
Using host libthread_db library "/lib/libthread_db.so.1".
[Thread debugging using libthread_db enabled]
[New Thread -1232369984 (LWP 22275)]
[KCrash handler]
#5 0xb7d25176 in raise () from /lib/libc.so.6
#6 0xb7d26a51 in abort () from /lib/libc.so.6
#7 0xb7d1e640 in __assert_fail () from /lib/libc.so.6
#8 0xb7d629b5 in do_check_free_chunk () from /lib/libc.so.6
#9 0xb7d63427 in do_check_remalloced_chunk () from /lib/libc.so.6
#10 0xb7d664c8 in _int_malloc () from /lib/libc.so.6
#11 0xb7d689e2 in malloc () from /lib/libc.so.6
#12 0xb757d8d8 in QGArray::duplicate (this=0xbfb758f4,
d=0xb76730b7 "1allowAnimation()", len=18) at tools/qgarray.cpp:460
#13 0xb71b9ce1 in QMemArray<char>::duplicate (this=0xbfb758f4,
a=0xb76730b7 "1allowAnimation()", n=18) at ../include/qmemarray.h:85
#14 0xb757069b in QCString (this=0xbfb758f4,
str=0xb76730b7 "1allowAnimation()") at tools/qcstring.cpp:699
#15 0xb72ab9d8 in intSignature (member=0xb76730b7 "1allowAnimation()")
at kernel/qsignal.cpp:131
#16 0xb72abb14 in QSignal::connect (this=0x82662e8, receiver=0x80fa8f0,
member=0xb76730b7 "1allowAnimation()") at kernel/qsignal.cpp:145
#17 0xb72b33dc in QSingleShotTimer::start (this=0x82662c0, msec=250,
r=0x80fa8f0, m=0xb76730b7 "1allowAnimation()") at kernel/qtimer.cpp:278
#18 0xb72b34d1 in QTimer::singleShot (msec=250, receiver=0x80fa8f0,
member=0xb76730b7 "1allowAnimation()") at kernel/qtimer.cpp:334
#19 0xb73eb0f2 in QTipManager::hideTip (this=0x80fa8f0)
at widgets/qtooltip.cpp:592
#20 0xb73eb363 in QTipManager::hideTipAndSleep (this=0x80fa8f0)
at widgets/qtooltip.cpp:619
#21 0xb73eb663 in QTipManager::eventFilter (this=0x80fa8f0, obj=0x8bd2f00,
e=0xbfb75f40) at widgets/qtooltip.cpp:415
#22 0xb7223ae4 in QApplication::internalNotify (this=0xbfb777dc,
receiver=0x8bd2f00, e=0xbfb75f40) at kernel/qapplication.cpp:2568
#23 0xb7225ca6 in QApplication::notify (this=0xbfb777dc, receiver=0x8bd2f00,
e=0xbfb75f40) at kernel/qapplication.cpp:2392
#24 0xb7909142 in KApplication::notify (this=0xbfb777dc, receiver=0x8bd2f00,
event=0xbfb75f40)
at /tmp/buildd/kdelibs-3.5.7.dfsg.1/./kdecore/kapplication.cpp:550
#25 0xb71b7535 in QApplication::sendSpontaneousEvent (receiver=0x8bd2f00,
event=0xbfb75f40) at kernel/qapplication.h:523
#26 0xb71a8799 in QETWidget::translateKeyEvent (this=0x8bd2f00,
event=0xbfb76278, grab=false) at kernel/qapplication_x11.cpp:5636
#27 0xb71b47c3 in QApplication::x11ProcessEvent (this=0xbfb777dc,
event=0xbfb76278) at kernel/qapplication_x11.cpp:3493
#28 0xb71cada2 in QEventLoop::processEvents (this=0x80bdad8, flags=4)
at kernel/qeventloop_x11.cpp:192
#29 0xb723e245 in QEventLoop::enterLoop (this=0x80bdad8)
at kernel/qeventloop.cpp:198
#30 0xb7225809 in QApplication::enter_loop (this=0xbfb777dc)
at kernel/qapplication.cpp:2793
#31 0xb71c7982 in QDragManager::drag (this=0x8504228, o=0x8e7d510,
mode=QDragObject::DragDefault) at kernel/qdnd_x11.cpp:1791
#32 0xb7237a86 in QDragObject::drag (this=0x8e7d510,
mode=QDragObject::DragDefault) at kernel/qdragobject.cpp:550
#33 0xb7234d8a in QDragObject::drag (this=0x8e7d510)
at kernel/qdragobject.cpp:472
#34 0xb5e45fa9 in KHTMLPart::khtmlMouseMoveEvent (this=0x8f43b90,
event=0xbfb76a64)
at /tmp/buildd/kdelibs-3.5.7.dfsg.1/./khtml/khtml_part.cpp:6437
#35 0xb5e03e20 in KHTMLPart::customEvent (this=0x8f43b90, event=0xbfb76a64)
at /tmp/buildd/kdelibs-3.5.7.dfsg.1/./khtml/khtml_part.cpp:5954
#36 0xb728b523 in QObject::event (this=0x8f43b90, e=0xbfb76a64)
at kernel/qobject.cpp:755
#37 0xb7223cf2 in QApplication::internalNotify (this=0xbfb777dc,
receiver=0x8f43b90, e=0xbfb76a64) at kernel/qapplication.cpp:2635
#38 0xb7225b0f in QApplication::notify (this=0xbfb777dc, receiver=0x8f43b90,
e=0xbfb76a64) at kernel/qapplication.cpp:2358
#39 0xb7909142 in KApplication::notify (this=0xbfb777dc, receiver=0x8f43b90,
event=0xbfb76a64)
at /tmp/buildd/kdelibs-3.5.7.dfsg.1/./kdecore/kapplication.cpp:550
#40 0xb5e3eda2 in KHTMLView::viewportMouseMoveEvent (this=0x8f034d0,
_mouse=0xbfb77154) at /usr/share/qt3/include/qapplication.h:520
#41 0xb73c151e in QScrollView::eventFilter (this=0x8f034d0, obj=0x8f04630,
e=0xbfb77154) at widgets/qscrollview.cpp:1511
#42 0xb5e1b4f9 in KHTMLView::eventFilter (this=0x8f034d0, o=0x8f04630,
e=0xbfb77154)
at /tmp/buildd/kdelibs-3.5.7.dfsg.1/./khtml/khtmlview.cpp:1976
#43 0xb728b3ce in QObject::activate_filters (this=0x8f04630, e=0xbfb77154)
at kernel/qobject.cpp:903
#44 0xb728b44c in QObject::event (this=0x8f04630, e=0xbfb77154)
at kernel/qobject.cpp:735
#45 0xb72c26de in QWidget::event (this=0x8f04630, e=0xbfb77154)
at kernel/qwidget.cpp:4678
#46 0xb7223cf2 in QApplication::internalNotify (this=0xbfb777dc,
receiver=0x8f04630, e=0xbfb77154) at kernel/qapplication.cpp:2635
#47 0xb7225e95 in QApplication::notify (this=0xbfb777dc, receiver=0x8f04630,
e=0xbfb77154) at kernel/qapplication.cpp:2421
#48 0xb7909142 in KApplication::notify (this=0xbfb777dc, receiver=0x8f04630,
event=0xbfb77154)
at /tmp/buildd/kdelibs-3.5.7.dfsg.1/./kdecore/kapplication.cpp:550
#49 0xb71b7535 in QApplication::sendSpontaneousEvent (receiver=0x8f04630,
event=0xbfb77154) at kernel/qapplication.h:523
#50 0xb71b61cf in QETWidget::translateMouseEvent (this=0x8f04630,
event=0xbfb77588) at kernel/qapplication_x11.cpp:4301
#51 0xb71b4750 in QApplication::x11ProcessEvent (this=0xbfb777dc,
event=0xbfb77588) at kernel/qapplication_x11.cpp:3478
#52 0xb71cada2 in QEventLoop::processEvents (this=0x80bdad8, flags=4)
at kernel/qeventloop_x11.cpp:192
#53 0xb723e245 in QEventLoop::enterLoop (this=0x80bdad8)
at kernel/qeventloop.cpp:198
#54 0xb723e066 in QEventLoop::exec (this=0x80bdad8)
at kernel/qeventloop.cpp:145
#55 0xb722588b in QApplication::exec (this=0xbfb777dc)
at kernel/qapplication.cpp:2758
#56 0xb666b675 in kdemain (argc=2, argv=0x80827d8)
at /tmp/buildd/kdebase-3.5.7/./konqueror/konq_main.cc:206
#57 0xb7fcd464 in kdeinitmain (argc=2, argv=0x80827d8) at konqueror_dummy.cc:3
#58 0x0804e5ef in launch (argc=2, _name=0x8081974 "konqueror",
args=0x8081986 "", cwd=0x0, envc=1, envs=0x8081997 "", reset_env=false,
tty=0x0, avoid_loops=false,
startup_id_str=0x808199c "debian;1181706758;415774;3952_TIME590751859")
at /tmp/buildd/kdelibs-3.5.7.dfsg.1/./kinit/kinit.cpp:673
#59 0x0804ee89 in handle_launcher_request (sock=9)
at /tmp/buildd/kdelibs-3.5.7.dfsg.1/./kinit/kinit.cpp:1240
#60 0x0804f20f in handle_requests (waitForPid=0)
at /tmp/buildd/kdelibs-3.5.7.dfsg.1/./kinit/kinit.cpp:1443
#61 0x0805047c in main (argc=5, argv=0xbfb78274, envp=0xbfb7828c)
at /tmp/buildd/kdelibs-3.5.7.dfsg.1/./kinit/kinit.cpp:1909
#62 0xb7d11030 in __libc_start_main () from /lib/libc.so.6
#63 0x0804bb01 in _start ()
Reply to: