Bug#532610: quiteinsane: segfaults upon quit
Julien BLACHE <jblache@debian.org> writes:
> Try disabling the net backend in /etc/sane.d/dll.conf or upgrade
> libsane to >= 1.0.19-25.
New versions are:
ii gocr 0.45-2 A command line OCR
ii libc6 2.9-12 GNU C Library: Shared libraries
ii libgcc1 1:4.3.2-1.1 GCC support library
ii libice6 2:1.0.4-1 X11 Inter-Client Exchange library
ii libjpeg62 6b-14 The Independent JPEG Group's JPEG
ii libpng12-0 1.2.27-2+lenny2 PNG library - runtime
ii libqt3-mt 3:3.3.8b-5 Qt GUI Library (Threaded runtime v
ii libsane 1.0.20-4 API library for scanners
ii libsm6 2:1.0.3-2 X11 Session Management library
ii libstdc++6 4.3.2-1.1 The GNU Standard C++ Library v3
ii libtiff4 3.8.2-11 Tag Image File Format (TIFF) libra
ii libx11-6 2:1.1.5-2 X11 client-side library
ii libxext6 2:1.0.4-1 X11 miscellaneous extension librar
ii zlib1g 1:1.2.3.3.dfsg-12 compression library - runtime
> If that doesn't fix it, then it's a quiteinsane bug :)
Alas, it still happens. New backtrace enclosed.
Thanks,
Mark
mark@evangeline:~$ gdb quiteinsane
GNU gdb 6.8-debian
Copyright (C) 2008 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu"...
(no debugging symbols found)
(gdb) run
Starting program: /usr/bin/quiteinsane
[Thread debugging using libthread_db enabled]
[New Thread 0x7f30ad10a700 (LWP 5107)]
[New Thread 0x7f309e44d950 (LWP 5110)]
[New Thread 0x7f309c2d1950 (LWP 5112)]
[Thread 0x7f309c2d1950 (LWP 5112) exited]
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0x7f30ad10a700 (LWP 5107)]
0x00007f30aa107748 in _int_free (av=0x7f30aa3e2a00, mem=0x1796e10)
at malloc.c:4726
4726 malloc.c: No such file or directory.
in malloc.c
(gdb) backtrace full
#0 0x00007f30aa107748 in _int_free (av=0x7f30aa3e2a00, mem=0x1796e10)
at malloc.c:4726
p = (mchunkptr) 0x1796e00
size = 128
nextchunk = (mchunkptr) 0x1796e80
nextsize = 96
prevsize = <value optimized out>
bck = (mchunkptr) 0x20000001795e30
fwd = (mchunkptr) 0x2000010000000a
errstr = 0x7f30aa1b0fd8 "double free or corruption (!prev)"
#1 0x00007f30aa107c56 in *__GI___libc_free (mem=0x1796e10) at malloc.c:3625
ar_ptr = (mstate) 0x7f30aa3e2a00
p = (mchunkptr) 0x1
hook = <value optimized out>
#2 0x00007f30ad02ab9c in _dl_close_worker (map=<value optimized out>)
at dl-close.c:650
lnp = (struct libname_list *) 0x0
imap = (struct link_map *) 0x17990d0
i = <value optimized out>
nsid = 0
ns = (struct link_namespaces *) 0x7f30ad235040
any_tls = false
nloaded = 45
idx = <value optimized out>
done_index = <value optimized out>
unload_any = true
scope_mem_left = false
unload_global = 0
first_loaded = 36
r = (struct r_debug *) 0x7f30ad235c80
tls_free_start = 0
tls_free_end = 0
dl_close_state = pending
__PRETTY_FUNCTION__ = "_dl_close_worker"
#3 0x00007f30ad02b0dc in _dl_close (_map=<value optimized out>)
at dl-close.c:730
map = (struct link_map *) 0x17990d0
__PRETTY_FUNCTION__ = "_dl_close"
#4 0x00007f30ad025406 in _dl_catch_error (objname=0x16f5990,
errstring=0x16f5998, mallocedp=0x16f5988,
operate=0x7f30ace14fd0 <dlclose_doit>, args=0x17990d0) at dl-error.c:178
errcode = <value optimized out>
old = (struct catch * volatile) 0x0
c = {objname = 0x7f30ab725568 "£\r", errstring = 0x0, malloced = 112,
env = {{__jmpbuf = {24074624, -5344831464690298047, 139847035604944,
24829488, 140736232374096, 140736232374496, 5344700375239611201,
5454423122457121601}, __mask_was_saved = -1255981424, __saved_mask = {
__val = {140736232373712, 140736232374496, 139846797135872,
139847037768282, 24091648, 33528064, 24525488, 0, 139846987956440,
24525488, 0, 139847037792626, 0, 139846991358464, 0,
140736232376448}}}}}
catchp = (struct catch ** const) 0x7f30ad10a6e8
#5 0x00007f30ace1530c in _dlerror_run (
operate=0x7f30ace14fd0 <dlclose_doit>, args=0x17990d0) at dlerror.c:164
result = (struct dl_action_result *) 0x16f5980
#6 0x00007f30ace1500f in __dlclose (handle=<value optimized out>)
at dlclose.c:48
No locals.
#7 0x00007f30aab9159d in sane_dll_exit () from /usr/lib/libsane.so.1
No symbol table info available.
#8 0x000000000048bf47 in ?? ()
No symbol table info available.
#9 0x000000000048cf90 in ?? ()
No symbol table info available.
#10 0x0000000000482747 in ?? ()
No symbol table info available.
#11 0x00000000004c5464 in ?? ()
No symbol table info available.
#12 0x00007f30ac73136c in QObject::activate_signal ()
from /usr/lib/libqt-mt.so.3
No symbol table info available.
#13 0x00007f30ac731b04 in QObject::activate_signal ()
from /usr/lib/libqt-mt.so.3
No symbol table info available.
#14 0x000000000049b55f in ?? ()
No symbol table info available.
#15 0x00007f30ac7620c9 in QWidget::event () from /usr/lib/libqt-mt.so.3
No symbol table info available.
#16 0x00007f30ac6db953 in QApplication::internalNotify ()
from /usr/lib/libqt-mt.so.3
No symbol table info available.
#17 0x00007f30ac6dc62e in QApplication::notify () from /usr/lib/libqt-mt.so.3
No symbol table info available.
#18 0x00007f30ac762b56 in QWidget::close () from /usr/lib/libqt-mt.so.3
No symbol table info available.
#19 0x00007f30ac673cff in QETWidget::translateCloseEvent ()
from /usr/lib/libqt-mt.so.3
No symbol table info available.
#20 0x00007f30ac676afe in QApplication::x11ClientMessage ()
from /usr/lib/libqt-mt.so.3
No symbol table info available.
#21 0x00007f30ac682e30 in QApplication::x11ProcessEvent ()
from /usr/lib/libqt-mt.so.3
No symbol table info available.
#22 0x00007f30ac691a59 in QEventLoop::processEvents ()
from /usr/lib/libqt-mt.so.3
No symbol table info available.
#23 0x00007f30ac6f0001 in QEventLoop::enterLoop () from /usr/lib/libqt-mt.so.3
No symbol table info available.
#24 0x00007f30ac6efeb2 in QEventLoop::exec () from /usr/lib/libqt-mt.so.3
No symbol table info available.
#25 0x00000000004c02e3 in ?? ()
No symbol table info available.
#26 0x00007f30aa0b25a6 in __libc_start_main (main=0x4bfb00, argc=1,
ubp_av=0x7fffb5234dc8, init=0x4ddae0, fini=<value optimized out>,
rtld_fini=<value optimized out>, stack_end=0x7fffb5234db8)
at libc-start.c:222
result = <value optimized out>
unwind_buf = {cancel_jmp_buf = {{jmp_buf = {5102304,
-5344828367471520959, 4371760, 140736232377792, 0, 0,
5344700374709031745, 5454438577174729537}, mask_was_saved = 0}},
priv = {pad = {0x0, 0x0, 0x1, 0x4bfb00}, data = {prev = 0x0, cleanup = 0x0,
canceltype = 1}}}
not_first_call = <value optimized out>
#27 0x000000000042b559 in ?? ()
No symbol table info available.
#28 0x00007fffb5234db8 in ?? ()
No symbol table info available.
#29 0x000000000000001c in ?? ()
No symbol table info available.
#30 0x0000000000000001 in ?? ()
No symbol table info available.
#31 0x00007fffb5235dc0 in ?? ()
No symbol table info available.
#32 0x0000000000000000 in ?? ()
No symbol table info available.
(gdb) info registers
rax 0x20000001795e30 9007199279472176
rbx 0x1796e00 24735232
rcx 0x2000010000000a 9007203549708298
rdx 0x1 1
rsi 0x7f30aa1b0fd8 139846989058008
rdi 0x7f30aa3e2a00 139846991358464
rbp 0x80 0x80
rsp 0x7fffb52339e0 0x7fffb52339e0
r8 0x1796e10 24735248
r9 0x0 0
r10 0x7fffb5233a40 140736232372800
r11 0x206 518
r12 0x1796e10 24735248
r13 0x1796e80 24735360
r14 0x7f30aa3e2a00 139846991358464
r15 0x60 96
rip 0x7f30aa107748 0x7f30aa107748 <_int_free+888>
eflags 0x10246 [ PF ZF IF RF ]
cs 0x33 51
ss 0x2b 43
ds 0x0 0
es 0x0 0
fs 0x0 0
gs 0x0 0
fctrl 0x37f 895
fstat 0x0 0
ftag 0xffff 65535
fiseg 0x0 0
fioff 0x0 0
foseg 0x0 0
fooff 0x0 0
fop 0x0 0
mxcsr 0x1fa0 [ PE IM DM ZM OM UM PM ]
(gdb) thread apply all backtrace
Thread 2 (Thread 0x7f309e44d950 (LWP 5110)):
#0 0x00007f30aa1598f6 in *__GI___poll (fds=0x1796e90, nfds=1, timeout=-1)
at ../sysdeps/unix/sysv/linux/poll.c:87
#1 0x00007f309e8a5c6b in ?? ()
#2 0x00007f309e44d250 in ?? ()
#3 0x0000000001795e40 in ?? ()
#4 0x0000000001795df0 in ?? ()
#5 0x00007f309e44d250 in ?? ()
#6 0x0000000000000000 in ?? ()
Thread 1 (Thread 0x7f30ad10a700 (LWP 5107)):
#0 0x00007f30aa107748 in _int_free (av=0x7f30aa3e2a00, mem=0x1796e10)
at malloc.c:4726
#1 0x00007f30aa107c56 in *__GI___libc_free (mem=0x1796e10) at malloc.c:3625
#2 0x00007f30ad02ab9c in _dl_close_worker (map=<value optimized out>)
at dl-close.c:650
#3 0x00007f30ad02b0dc in _dl_close (_map=<value optimized out>)
at dl-close.c:730
#4 0x00007f30ad025406 in _dl_catch_error (objname=0x16f5990,
errstring=0x16f5998, mallocedp=0x16f5988,
operate=0x7f30ace14fd0 <dlclose_doit>, args=0x17990d0) at dl-error.c:178
#5 0x00007f30ace1530c in _dlerror_run (
operate=0x7f30ace14fd0 <dlclose_doit>, args=0x17990d0) at dlerror.c:164
#6 0x00007f30ace1500f in __dlclose (handle=<value optimized out>)
at dlclose.c:48
#7 0x00007f30aab9159d in sane_dll_exit () from /usr/lib/libsane.so.1
#8 0x000000000048bf47 in ?? ()
#9 0x000000000048cf90 in ?? ()
#10 0x0000000000482747 in ?? ()
#11 0x00000000004c5464 in ?? ()
#12 0x00007f30ac73136c in QObject::activate_signal ()
from /usr/lib/libqt-mt.so.3
#13 0x00007f30ac731b04 in QObject::activate_signal ()
from /usr/lib/libqt-mt.so.3
#14 0x000000000049b55f in ?? ()
#15 0x00007f30ac7620c9 in QWidget::event () from /usr/lib/libqt-mt.so.3
#16 0x00007f30ac6db953 in QApplication::internalNotify ()
from /usr/lib/libqt-mt.so.3
#17 0x00007f30ac6dc62e in QApplication::notify () from /usr/lib/libqt-mt.so.3
#18 0x00007f30ac762b56 in QWidget::close () from /usr/lib/libqt-mt.so.3
#19 0x00007f30ac673cff in QETWidget::translateCloseEvent ()
from /usr/lib/libqt-mt.so.3
#20 0x00007f30ac676afe in QApplication::x11ClientMessage ()
from /usr/lib/libqt-mt.so.3
#21 0x00007f30ac682e30 in QApplication::x11ProcessEvent ()
from /usr/lib/libqt-mt.so.3
#22 0x00007f30ac691a59 in QEventLoop::processEvents ()
from /usr/lib/libqt-mt.so.3
#23 0x00007f30ac6f0001 in QEventLoop::enterLoop () from /usr/lib/libqt-mt.so.3
#24 0x00007f30ac6efeb2 in QEventLoop::exec () from /usr/lib/libqt-mt.so.3
#25 0x00000000004c02e3 in ?? ()
#26 0x00007f30aa0b25a6 in __libc_start_main (main=0x4bfb00, argc=1,
ubp_av=0x7fffb5234dc8, init=0x4ddae0, fini=<value optimized out>,
rtld_fini=<value optimized out>, stack_end=0x7fffb5234db8)
at libc-start.c:222
#27 0x000000000042b559 in ?? ()
#28 0x00007fffb5234db8 in ?? ()
#29 0x000000000000001c in ?? ()
#30 0x0000000000000001 in ?? ()
#31 0x00007fffb5235dc0 in ?? ()
#32 0x0000000000000000 in ?? ()
(gdb)
Reply to: