Application: konsole (15.12.3) Qt Version: 5.7.0 Frameworks Version: 5.27.0 Operating System: Linux 4.1.34-33-default x86_64 Distribution: "openSUSE Leap 42.1 (x86_64)" -- Information about the crash: - What I was doing when the application crashed: I was trying to find a way to reproduce bug 369050. I noticed that when I keep starting lots of Konsole instances (between 10 and 100), eventually they all crash during the startup of another instance. However, the backtrace from this crash is different from bug 369050; there seems to be a heap corruption (that's the only way I can explain a crash on malloc, since the system wasn't out of memory). So I don't know whether heap corruption is the root cause for both crashes and just manifests in different ways, or whether it is two separate bugs. The crash can be reproduced sometimes. -- Backtrace: Application: Konsole (konsole), signal: Aborted Using host libthread_db library "/lib64/libthread_db.so.1". [Current thread is 1 (Thread 0x7ff5ca52f800 (LWP 18579))] Thread 2 (Thread 0x7ff5b6a3c700 (LWP 18580)): #0 QMutex::lock (this=this@entry=0x21688d0) at thread/qmutex.cpp:225 #1 0x00007ff5c64afe75 in QMutexLocker::QMutexLocker (m=0x21688d0, this=<synthetic pointer>) at ../../src/corelib/thread/qmutex.h:137 #2 QThreadData::canWaitLocked (this=0x21688a0) at ../../src/corelib/thread/qthread_p.h:253 #3 postEventSourcePrepare (s=0x7ff5b0003600, timeout=timeout@entry=0x7ff5b6a3bbe4) at kernel/qeventdispatcher_glib.cpp:259 #4 0x00007ff5bf2f34ad in g_main_context_prepare (context=context@entry=0x7ff5b0001b00, priority=priority@entry=0x7ff5b6a3bc68) at gmain.c:3410 #5 0x00007ff5bf2f3d80 in g_main_context_iterate (context=context@entry=0x7ff5b0001b00, block=block@entry=1, dispatch=dispatch@entry=1, self=<optimized out>) at gmain.c:3788 #6 0x00007ff5bf2f3f7c in g_main_context_iteration (context=0x7ff5b0001b00, may_block=1) at gmain.c:3869 #7 0x00007ff5c64aff4b in QEventDispatcherGlib::processEvents (this=0x7ff5b00008e0, flags=...) at kernel/qeventdispatcher_glib.cpp:425 #8 0x00007ff5c645f89b in QEventLoop::exec (this=this@entry=0x7ff5b6a3bda0, flags=..., flags@entry=...) at kernel/qeventloop.cpp:210 #9 0x00007ff5c62a602a in QThread::exec (this=this@entry=0x7ff5c48e4d00 <(anonymous namespace)::Q_QGS__q_manager::innerFunction()::holder>) at thread/qthread.cpp:507 #10 0x00007ff5c467daa5 in QDBusConnectionManager::run (this=0x7ff5c48e4d00 <(anonymous namespace)::Q_QGS__q_manager::innerFunction()::holder>) at qdbusconnection.cpp:196 #11 0x00007ff5c62aa859 in QThreadPrivate::start (arg=0x7ff5c48e4d00 <(anonymous namespace)::Q_QGS__q_manager::innerFunction()::holder>) at thread/qthread_unix.cpp:344 #12 0x00007ff5c0fcd0a4 in start_thread () from /lib64/libpthread.so.0 #13 0x00007ff5c9e7502d in clone () from /lib64/libc.so.6 Thread 1 (Thread 0x7ff5ca52f800 (LWP 18579)): [KCrash Handler] #6 0x00007ff5c9dc50c7 in raise () from /lib64/libc.so.6 #7 0x00007ff5c9dc6478 in abort () from /lib64/libc.so.6 #8 0x00007ff5c9e02784 in __libc_message () from /lib64/libc.so.6 #9 0x00007ff5c9e08026 in malloc_printerr () from /lib64/libc.so.6 #10 0x00007ff5c9e082e2 in malloc_consolidate () from /lib64/libc.so.6 #11 0x00007ff5c9e08cfb in _int_free () from /lib64/libc.so.6 #12 0x00007ff5c646362c in QScopedPointerDeleter<QEvent>::cleanup (pointer=0x7ff5b000d000) at ../../src/corelib/tools/qscopedpointer.h:60 #13 QScopedPointer<QEvent, QScopedPointerDeleter<QEvent> >::~QScopedPointer (this=<synthetic pointer>, __in_chrg=<optimized out>) at ../../src/corelib/tools/qscopedpointer.h:107 #14 QCoreApplicationPrivate::sendPostedEvents (receiver=receiver@entry=0x0, event_type=event_type@entry=0, data=0x2153770) at kernel/qcoreapplication.cpp:1646 #15 0x00007ff5c6463b68 in QCoreApplication::sendPostedEvents (receiver=receiver@entry=0x0, event_type=event_type@entry=0) at kernel/qcoreapplication.cpp:1503 #16 0x00007ff5c64b06e3 in postEventSourceDispatch (s=0x21caff0) at kernel/qeventdispatcher_glib.cpp:276 #17 0x00007ff5bf2f3c84 in g_main_dispatch (context=0x7ff5b0002450) at gmain.c:3122 #18 g_main_context_dispatch (context=context@entry=0x7ff5b0002450) at gmain.c:3737 #19 0x00007ff5bf2f3ed8 in g_main_context_iterate (context=context@entry=0x7ff5b0002450, block=block@entry=1, dispatch=dispatch@entry=1, self=<optimized out>) at gmain.c:3808 #20 0x00007ff5bf2f3f7c in g_main_context_iteration (context=0x7ff5b0002450, may_block=1) at gmain.c:3869 #21 0x00007ff5c64aff2c in QEventDispatcherGlib::processEvents (this=0x216c0c0, flags=...) at kernel/qeventdispatcher_glib.cpp:423 #22 0x00007ff5c645f89b in QEventLoop::exec (this=this@entry=0x7fff44b83b30, flags=..., flags@entry=...) at kernel/qeventloop.cpp:210 #23 0x00007ff5c6467696 in QCoreApplication::exec () at kernel/qcoreapplication.cpp:1261 #24 0x00007ff5ca160e87 in kdemain () from /usr/lib64/libkdeinit5_konsole.so #25 0x00007ff5c9db1b25 in __libc_start_main () from /lib64/libc.so.6 #26 0x00000000004007ee in _start () Reported using DrKonqi
Note that for this particular crash, only one Konsole instance crashed, not dozens of them at the same time. So it may not be the same bug after all.
I can't reproduce it here, tested with this a couple of times «for i in $(seq 0 20); do ./konsole& done», running with both asan and ubsan just to make sure. Can you build Konsole with asan to check for heap corruption? Something like «cmake -DECM_ENABLE_SANITIZERS='address' -DCMAKE_BUILD_TYPE=Debug ..»
Can you please confirm if this is still an issue with Konsole 20.08+.
I ran `for i in $(seq 0 20); do konsole -e 'sleep 3' & done` a dozen times and couldn't trigger any crashes. I have a different PC and a fresh install of openSUSE compared to 2016 though, so I don't know if this means the issue was fixed or my new PC is just not able to reproduce it. In any case, Konsole hasn't crashed for me in ages while I use it every day. So I'll close the bug.