220590 – krunner crashes trying to free an invalid pointer often when entering text into the QuickSand window [__libc_message, malloc_printerr, qFree]

Bug 220590 - krunner crashes trying to free an invalid pointer often when entering text into the QuickSand window [__libc_message, malloc_printerr, qFree]

Summary: krunner crashes trying to free an invalid pointer often when entering text in...

Status:	RESOLVED DUPLICATE of bug 196207

Alias:	None

Product:	krunner
Classification:	Plasma
Component:	general (show other bugs)
Version:	unspecified
Platform:	Ubuntu Linux

Importance:	NOR crash
Target Milestone:	---
Assignee:	Plasma Bugs List

URL:
Keywords:

Depends on:
Blocks:

Reported:	2009-12-29 21:52 UTC by Evan Cofsky
Modified:	2009-12-29 21:59 UTC (History)
CC List:	1 user (show)

See Also:
Latest Commit:
Version Fixed In:

Attachments
Add an attachment

Note You need to log in before you can comment on or make changes to this bug.

Description Evan Cofsky 2009-12-29 21:52:34 UTC

Application: krunner (0.1)
KDE Platform Version: 4.3.85 (KDE 4.3.85 (KDE 4.4 Beta2))
Qt Version: 4.6.0
Operating System: Linux 2.6.31-17-generic i686
Distribution: Ubuntu 9.10

-- Information about the crash:
It seems like it might be related to how quickly the initial [Enter] keystroke to select an item and the subsequent [Enter] keystroke to execute the item, but it has also crashed before either, and after both.  Currently I'm running nepomuk with the virtuoso back-end, however this was happening before.  I am also running a very unstable release of Kubuntu that has been upgraded in-place several times.

The crash can be reproduced everytime.

 -- Backtrace:
Application: Run Command Interface (kdeinit4), signal: Aborted
[Current thread is 1 (Thread 0xb7855760 (LWP 2754))]

Thread 6 (Thread 0xab9bab70 (LWP 2786)):
#0  __i686.get_pc_thunk.bx () at ../nptl/sysdeps/unix/sysv/linux/i386/i686/../i486/sem_post.S:170
#1  0x0052ad17 in __pthread_mutex_lock (mutex=0x926a064) at pthread_mutex_lock.c:47
#2  0x0876ed0c in g_main_context_check () from /lib/libglib-2.0.so.0
#3  0x0876f47c in ?? () from /lib/libglib-2.0.so.0
#4  0x0876f863 in g_main_context_iteration () from /lib/libglib-2.0.so.0
#5  0x01176c0f in QEventDispatcherGlib::processEvents (this=0x9255e58, flags=...) at kernel/qeventdispatcher_glib.cpp:409
#6  0x011494c9 in QEventLoop::processEvents (this=0xab9ba240, flags=) at kernel/qeventloop.cpp:149
#7  0x0114991a in QEventLoop::exec (this=0xab9ba240, flags=...) at kernel/qeventloop.cpp:201
#8  0x01046558 in QThread::exec (this=0x92286c0) at thread/qthread.cpp:487
#9  0x0112929b in QInotifyFileSystemWatcherEngine::run (this=0x92286c0) at io/qfilesystemwatcher_inotify.cpp:248
#10 0x010493ae in QThreadPrivate::start (arg=0x92286c0) at thread/qthread_unix.cpp:244
#11 0x0052880e in start_thread (arg=0xab9bab70) at pthread_create.c:300
#12 0x00c077ee in clone () at ../sysdeps/unix/sysv/linux/i386/clone.S:130

Thread 5 (Thread 0xaa6b2b70 (LWP 2818)):
#0  0x00156422 in __kernel_vsyscall ()
#1  0x0052ce15 in pthread_cond_wait@@GLIBC_2.3.2 () at ../nptl/sysdeps/unix/sysv/linux/i386/i686/../i486/pthread_cond_wait.S:122
#2  0x0104a307 in QWaitConditionPrivate::wait (this=0x91d8aa0, mutex=0x91b3798, time=4294967295) at thread/qwaitcondition_unix.cpp:87
#3  QWaitCondition::wait (this=0x91d8aa0, mutex=0x91b3798, time=4294967295) at thread/qwaitcondition_unix.cpp:159
#4  0x060178a0 in ThreadWeaver::WeaverImpl::blockThreadUntilJobsAreBeingAssigned (this=0x91d8a88, th=0x91b41f0) at ../../../threadweaver/Weaver/WeaverImpl.cpp:365
#5  0x0601a41c in ThreadWeaver::WorkingHardState::waitForAvailableJob (this=0x917a690, th=0x91b41f0) at ../../../threadweaver/Weaver/WorkingHardState.cpp:80
#6  0x0601626b in ThreadWeaver::WeaverImpl::waitForAvailableJob (this=0x91d8a88, th=0x91b41f0) at ../../../threadweaver/Weaver/WeaverImpl.cpp:356
#7  0x0601a512 in ThreadWeaver::WorkingHardState::applyForWork (this=0x917a690, th=0x91b41f0) at ../../../threadweaver/Weaver/WorkingHardState.cpp:71
#8  0x06017b23 in ThreadWeaver::WeaverImpl::applyForWork (this=0x91d8a88, th=0x91b41f0, previous=0x98c18b0) at ../../../threadweaver/Weaver/WeaverImpl.cpp:351
#9  0x060184fe in ThreadWeaver::ThreadRunHelper::run (this=0xaa6b22a4, parent=0x91d8a88, th=0x91b41f0) at ../../../threadweaver/Weaver/Thread.cpp:87
#10 0x06018b1b in ThreadWeaver::Thread::run (this=0x91b41f0) at ../../../threadweaver/Weaver/Thread.cpp:142
#11 0x010493ae in QThreadPrivate::start (arg=0x91b41f0) at thread/qthread_unix.cpp:244
#12 0x0052880e in start_thread (arg=0xaa6b2b70) at pthread_create.c:300
#13 0x00c077ee in clone () at ../sysdeps/unix/sysv/linux/i386/clone.S:130
The current source language is "auto; currently asm".

Thread 4 (Thread 0xa9eb1b70 (LWP 2819)):
#0  0x00156422 in __kernel_vsyscall ()
#1  0x0052ce15 in pthread_cond_wait@@GLIBC_2.3.2 () at ../nptl/sysdeps/unix/sysv/linux/i386/i686/../i486/pthread_cond_wait.S:122
#2  0x0104a307 in QWaitConditionPrivate::wait (this=0x91d8aa0, mutex=0x91b3798, time=4294967295) at thread/qwaitcondition_unix.cpp:87
#3  QWaitCondition::wait (this=0x91d8aa0, mutex=0x91b3798, time=4294967295) at thread/qwaitcondition_unix.cpp:159
#4  0x060178a0 in ThreadWeaver::WeaverImpl::blockThreadUntilJobsAreBeingAssigned (this=0x91d8a88, th=0x91b31c0) at ../../../threadweaver/Weaver/WeaverImpl.cpp:365
#5  0x0601a41c in ThreadWeaver::WorkingHardState::waitForAvailableJob (this=0x917a690, th=0x91b31c0) at ../../../threadweaver/Weaver/WorkingHardState.cpp:80
#6  0x0601626b in ThreadWeaver::WeaverImpl::waitForAvailableJob (this=0x91d8a88, th=0x91b31c0) at ../../../threadweaver/Weaver/WeaverImpl.cpp:356
#7  0x0601a512 in ThreadWeaver::WorkingHardState::applyForWork (this=0x917a690, th=0x91b31c0) at ../../../threadweaver/Weaver/WorkingHardState.cpp:71
#8  0x06017b23 in ThreadWeaver::WeaverImpl::applyForWork (this=0x91d8a88, th=0x91b31c0, previous=0x9224f68) at ../../../threadweaver/Weaver/WeaverImpl.cpp:351
#9  0x060184fe in ThreadWeaver::ThreadRunHelper::run (this=0xa9eb12a4, parent=0x91d8a88, th=0x91b31c0) at ../../../threadweaver/Weaver/Thread.cpp:87
#10 0x06018b1b in ThreadWeaver::Thread::run (this=0x91b31c0) at ../../../threadweaver/Weaver/Thread.cpp:142
#11 0x010493ae in QThreadPrivate::start (arg=0x91b31c0) at thread/qthread_unix.cpp:244
#12 0x0052880e in start_thread (arg=0xa9eb1b70) at pthread_create.c:300
#13 0x00c077ee in clone () at ../sysdeps/unix/sysv/linux/i386/clone.S:130

Thread 3 (Thread 0xa96b0b70 (LWP 2820)):
#0  0x00156422 in __kernel_vsyscall ()
#1  0x0052ce15 in pthread_cond_wait@@GLIBC_2.3.2 () at ../nptl/sysdeps/unix/sysv/linux/i386/i686/../i486/pthread_cond_wait.S:122
#2  0x0104a307 in QWaitConditionPrivate::wait (this=0x91d8aa0, mutex=0x91b3798, time=4294967295) at thread/qwaitcondition_unix.cpp:87
#3  QWaitCondition::wait (this=0x91d8aa0, mutex=0x91b3798, time=4294967295) at thread/qwaitcondition_unix.cpp:159
#4  0x060178a0 in ThreadWeaver::WeaverImpl::blockThreadUntilJobsAreBeingAssigned (this=0x91d8a88, th=0x9118b40) at ../../../threadweaver/Weaver/WeaverImpl.cpp:365
#5  0x0601a41c in ThreadWeaver::WorkingHardState::waitForAvailableJob (this=0x917a690, th=0x9118b40) at ../../../threadweaver/Weaver/WorkingHardState.cpp:80
#6  0x0601626b in ThreadWeaver::WeaverImpl::waitForAvailableJob (this=0x91d8a88, th=0x9118b40) at ../../../threadweaver/Weaver/WeaverImpl.cpp:356
#7  0x0601a512 in ThreadWeaver::WorkingHardState::applyForWork (this=0x917a690, th=0x9118b40) at ../../../threadweaver/Weaver/WorkingHardState.cpp:71
#8  0x06017b23 in ThreadWeaver::WeaverImpl::applyForWork (this=0x91d8a88, th=0x9118b40, previous=0x0) at ../../../threadweaver/Weaver/WeaverImpl.cpp:351
#9  0x0601a531 in ThreadWeaver::WorkingHardState::applyForWork (this=0x917a690, th=0x9118b40) at ../../../threadweaver/Weaver/WorkingHardState.cpp:74
#10 0x06017b23 in ThreadWeaver::WeaverImpl::applyForWork (this=0x91d8a88, th=0x9118b40, previous=0x0) at ../../../threadweaver/Weaver/WeaverImpl.cpp:351
#11 0x0601a531 in ThreadWeaver::WorkingHardState::applyForWork (this=0x917a690, th=0x9118b40) at ../../../threadweaver/Weaver/WorkingHardState.cpp:74
#12 0x06017b23 in ThreadWeaver::WeaverImpl::applyForWork (this=0x91d8a88, th=0x9118b40, previous=0x995dab0) at ../../../threadweaver/Weaver/WeaverImpl.cpp:351
#13 0x060184fe in ThreadWeaver::ThreadRunHelper::run (this=0xa96b02a4, parent=0x91d8a88, th=0x9118b40) at ../../../threadweaver/Weaver/Thread.cpp:87
#14 0x06018b1b in ThreadWeaver::Thread::run (this=0x9118b40) at ../../../threadweaver/Weaver/Thread.cpp:142
#15 0x010493ae in QThreadPrivate::start (arg=0x9118b40) at thread/qthread_unix.cpp:244
#16 0x0052880e in start_thread (arg=0xa96b0b70) at pthread_create.c:300
#17 0x00c077ee in clone () at ../sysdeps/unix/sysv/linux/i386/clone.S:130

Thread 2 (Thread 0xa8eafb70 (LWP 2821)):
#0  0x00156422 in __kernel_vsyscall ()
#1  0x0052ce15 in pthread_cond_wait@@GLIBC_2.3.2 () at ../nptl/sysdeps/unix/sysv/linux/i386/i686/../i486/pthread_cond_wait.S:122
#2  0x0104a307 in QWaitConditionPrivate::wait (this=0x91d8aa0, mutex=0x91b3798, time=4294967295) at thread/qwaitcondition_unix.cpp:87
#3  QWaitCondition::wait (this=0x91d8aa0, mutex=0x91b3798, time=4294967295) at thread/qwaitcondition_unix.cpp:159
#4  0x060178a0 in ThreadWeaver::WeaverImpl::blockThreadUntilJobsAreBeingAssigned (this=0x91d8a88, th=0x91f18b8) at ../../../threadweaver/Weaver/WeaverImpl.cpp:365
#5  0x0601a41c in ThreadWeaver::WorkingHardState::waitForAvailableJob (this=0x917a690, th=0x91f18b8) at ../../../threadweaver/Weaver/WorkingHardState.cpp:80
#6  0x0601626b in ThreadWeaver::WeaverImpl::waitForAvailableJob (this=0x91d8a88, th=0x91f18b8) at ../../../threadweaver/Weaver/WeaverImpl.cpp:356
#7  0x0601a512 in ThreadWeaver::WorkingHardState::applyForWork (this=0x917a690, th=0x91f18b8) at ../../../threadweaver/Weaver/WorkingHardState.cpp:71
#8  0x06017b23 in ThreadWeaver::WeaverImpl::applyForWork (this=0x91d8a88, th=0x91f18b8, previous=0x9960020) at ../../../threadweaver/Weaver/WeaverImpl.cpp:351
#9  0x060184fe in ThreadWeaver::ThreadRunHelper::run (this=0xa8eaf2a4, parent=0x91d8a88, th=0x91f18b8) at ../../../threadweaver/Weaver/Thread.cpp:87
#10 0x06018b1b in ThreadWeaver::Thread::run (this=0x91f18b8) at ../../../threadweaver/Weaver/Thread.cpp:142
#11 0x010493ae in QThreadPrivate::start (arg=0x91f18b8) at thread/qthread_unix.cpp:244
#12 0x0052880e in start_thread (arg=0xa8eafb70) at pthread_create.c:300
#13 0x00c077ee in clone () at ../sysdeps/unix/sysv/linux/i386/clone.S:130

Thread 1 (Thread 0xb7855760 (LWP 2754)):
[KCrash Handler]
#6  0x00156422 in __kernel_vsyscall ()
#7  0x00b654d1 in *__GI_raise (sig=6) at ../nptl/sysdeps/unix/sysv/linux/raise.c:64
#8  0x00b68932 in *__GI_abort () at abort.c:92
#9  0x00b9bee5 in __libc_message (do_abort=2, fmt=0xc5f438 "*** glibc detected *** %s: %s: 0x%s ***\n") at ../sysdeps/unix/sysv/linux/libc_fatal.c:189
#10 0x00ba5ff1 in malloc_printerr (action=<value optimized out>, str=0x6 <Address 0x6 out of bounds>, ptr=0x9868298) at malloc.c:6217
#11 0x00baa806 in *__GI___libc_free (mem=0x6) at malloc.c:3677
#12 0x01043a1d in qFree (ptr=0x9868298) at global/qmalloc.cpp:60
#13 0x010a3273 in QVectorData::free (x=0x0, alignment=4) at tools/qvector.cpp:82
#14 0x01fdd903 in QVectorTypedData<QPainterState*>::free (this=0xbfd2eebc) at ../../include/QtCore/../../src/corelib/tools/qvector.h:96
#15 QVector<QPainterState*>::free (this=0xbfd2eebc) at ../../include/QtCore/../../src/corelib/tools/qvector.h:438
#16 QVector<QPainterState*>::operator= (this=0xbfd2eebc) at ../../include/QtCore/../../src/corelib/tools/qvector.h:381
#17 QVector<QPainterState*>::clear (this=0xbfd2eebc) at ../../include/QtCore/../../src/corelib/tools/qvector.h:335
#18 qt_cleanup_painter_state (this=0xbfd2eebc) at painting/qpainter.cpp:1619
#19 QPainter::end (this=0xbfd2eebc) at painting/qpainter.cpp:1882
#20 0x01fde6c0 in ~QPainter (this=0xbfd2eebc, __in_chrg=<value optimized out>) at painting/qpainter.cpp:1409
#21 0x07c7b025 in ?? () from /usr/lib/libkdeinit4_krunner.so
#22 0x01e7119c in QApplicationPrivate::notify_helper (this=0x9131b40, receiver=0xbfd2f294, e=0x91d6cc0) at kernel/qapplication.cpp:4242
#23 0x01e77eb7 in QApplication::notify (this=0x9131938, receiver=0x91d6cc0, e=0xbfd2f294) at kernel/qapplication.cpp:4207
#24 0x009640fa in KApplication::notify (this=0x9131938, receiver=0x91d6cc0, event=0xbfd2f294) at ../../kdeui/kernel/kapplication.cpp:302
#25 0x0114aeab in QCoreApplication::notifyInternal (this=0x9131938, receiver=0x91d6cc0, event=0xbfd2f294) at kernel/qcoreapplication.cpp:704
#26 0x01ed7446 in QCoreApplication::sendSpontaneousEvent (this=0x91d6d30, pdev=0x91bc04c, rgn=..., offset=..., flags=<value optimized out>, sharedPainter=0x0, backingStore=0x91d5a60)
    at ../../include/QtCore/../../src/corelib/kernel/qcoreapplication.h:218
#27 QWidgetPrivate::drawWidget (this=0x91d6d30, pdev=0x91bc04c, rgn=..., offset=..., flags=<value optimized out>, sharedPainter=0x0, backingStore=0x91d5a60) at kernel/qwidget.cpp:5322
#28 0x020aa930 in QWidgetBackingStore::sync (this=0x91d5a60) at painting/qbackingstore.cpp:1289
#29 0x01ec7cc3 in QWidgetPrivate::syncBackingStore (this=0x91d6d30) at kernel/qwidget.cpp:1662
#30 0x01ecebac in QWidget::event (this=0x91d6cc0, event=0x98e2e58) at kernel/qwidget.cpp:8266
#31 0x07c7af93 in ?? () from /usr/lib/libkdeinit4_krunner.so
#32 0x01e7119c in QApplicationPrivate::notify_helper (this=0x9131b40, receiver=0x98e2e58, e=0x91d6cc0) at kernel/qapplication.cpp:4242
#33 0x01e77eb7 in QApplication::notify (this=0x9131938, receiver=0x91d6cc0, e=0x98e2e58) at kernel/qapplication.cpp:4207
#34 0x009640fa in KApplication::notify (this=0x9131938, receiver=0x91d6cc0, event=0x98e2e58) at ../../kdeui/kernel/kapplication.cpp:302
#35 0x0114aeab in QCoreApplication::notifyInternal (this=0x9131938, receiver=0x91d6cc0, event=0x98e2e58) at kernel/qcoreapplication.cpp:704
#36 0x0114d8e3 in QCoreApplication::sendEvent (receiver=0x0, event_type=0, data=0x90baeb8) at ../../include/QtCore/../../src/corelib/kernel/qcoreapplication.h:215
#37 QCoreApplicationPrivate::sendPostedEvents (receiver=0x0, event_type=0, data=0x90baeb8) at kernel/qcoreapplication.cpp:1345
#38 0x0114da4d in QCoreApplication::sendPostedEvents (receiver=0x0, event_type=0) at kernel/qcoreapplication.cpp:1238
#39 0x011770df in QCoreApplication::sendPostedEvents (s=0x9133ce8) at ../../include/QtCore/../../src/corelib/kernel/qcoreapplication.h:220
#40 postEventSourceDispatch (s=0x9133ce8) at kernel/qeventdispatcher_glib.cpp:276
#41 0x0876be88 in g_main_context_dispatch () from /lib/libglib-2.0.so.0
#42 0x0876f730 in ?? () from /lib/libglib-2.0.so.0
#43 0x0876f863 in g_main_context_iteration () from /lib/libglib-2.0.so.0
#44 0x01176bd5 in QEventDispatcherGlib::processEvents (this=0x91186f0, flags=...) at kernel/qeventdispatcher_glib.cpp:407
#45 0x01f2eb75 in QGuiEventDispatcherGlib::processEvents (this=0x91186f0, flags=...) at kernel/qguieventdispatcher_glib.cpp:202
#46 0x011494c9 in QEventLoop::processEvents (this=0x9787d78, flags=) at kernel/qeventloop.cpp:149
#47 0x0114991a in QEventLoop::exec (this=0x9787d78, flags=...) at kernel/qeventloop.cpp:201
#48 0x03633482 in Akonadi::Control::Private::exec() () from /usr/lib/libakonadi-kde.so.4
#49 0x03634027 in Akonadi::Control::start() () from /usr/lib/libakonadi-kde.so.4
#50 0x078b4e27 in ?? () from /usr/lib/kde4/kabc_akonadi.so
#51 0x078ba1c5 in ?? () from /usr/lib/kde4/kabc_akonadi.so
#52 0x078986c0 in ?? () from /usr/lib/kde4/kabc_akonadi.so
#53 0x069cdb23 in KRES::Resource::open() () from /usr/lib/libkresources.so.4
#54 0x02d416dc in KABC::StdAddressBook::Private::init(bool) () from /usr/lib/libkabc.so.4
#55 0x02d42387 in KABC::StdAddressBook::self(bool) () from /usr/lib/libkabc.so.4
#56 0x01c5b3b2 in ?? () from /usr/lib/kde4/krunner_contacts.so
#57 0x01c5c1c8 in QObject* KPluginFactory::createInstance<ContactsRunner, QObject>(QWidget*, QObject*, QList<QVariant> const&) () from /usr/lib/kde4/krunner_contacts.so
#58 0x00f8a7ee in KPluginFactory::create (this=0x9779cf0, 
    iface=0xbfd30108 "H\334w\t\240\256w\t\020_w\t\214\001\323\277\333\213:\003\364\337\305\001\330\254w\tX\001\323\277\250\001\323\277\262\263\305\001\001", parentWidget=0x0, parent=0x91c5930, 
    args=..., keyword=...) at ../../kdecore/util/kpluginfactory.cpp:191
#59 0x03475437 in Plasma::AbstractRunner* KService::createInstance<Plasma::AbstractRunner>(QObject*, QList<QVariant> const&, QString*) const () from /usr/lib/libplasma.so.3
#60 0x034766fc in Plasma::RunnerManagerPrivate::loadRunners() () from /usr/lib/libplasma.so.3
#61 0x03474603 in Plasma::RunnerManager::reloadConfiguration (this=0x91c5930) at ../../plasma/runnermanager.cpp:401
#62 0x07c81bbf in ?? () from /usr/lib/libkdeinit4_krunner.so
#63 0x07c829ce in ?? () from /usr/lib/libkdeinit4_krunner.so
#64 0x07c82a4f in ?? () from /usr/lib/libkdeinit4_krunner.so
#65 0x07c83845 in kdemain () from /usr/lib/libkdeinit4_krunner.so
#66 0x0804dff7 in launch (argc=<value optimized out>, _name=<value optimized out>, args=<value optimized out>, cwd=0x0, envc=0, envs=0x9103d79 "", reset_env=false, tty=0x0, avoid_loops=false, 
    startup_id_str=0x8051429 "0") at ../../kinit/kinit.cpp:705
#67 0x0804ec15 in handle_launcher_request (sock=<value optimized out>, who=<value optimized out>) at ../../kinit/kinit.cpp:1197
#68 0x0804f08c in handle_requests (waitForPid=<value optimized out>) at ../../kinit/kinit.cpp:1390
#69 0x0804fe27 in main (argc=4, argv=0xbfd31214, envp=0xbfd31228) at ../../kinit/kinit.cpp:1825

Possible duplicates by query: bug 220452, bug 217894, bug 216905, bug 216560, bug 214332.

Reported using DrKonqi

Comment 1 Jonathan Thomas 2009-12-29 21:59:54 UTC


*** This bug has been marked as a duplicate of bug 196207 ***