448108 – free(): invalid pointer

Bug 448108 - free(): invalid pointer

Summary: free(): invalid pointer

Status:	RESOLVED FIXED

Alias:	None

Product:	marble
Classification:	Applications
Component:	general (other bugs)
Version First Reported In:	21.12.1
Platform:	Flatpak Linux

Importance:	NOR crash
Target Milestone:	---
Assignee:	marble-bugs

URL:
Keywords:

Depends on:
Blocks:

Reported:	2022-01-08 11:26 UTC by Laurent Bonnaud
Modified:	2023-04-02 10:58 UTC (History)
CC List:	0 users

See Also:
Latest Commit:
Version Fixed In:
Sentry Crash Report:

Attachments
Add an attachment

Note You need to log in before you can comment on or make changes to this bug.

Description Laurent Bonnaud 2022-01-08 11:26:18 UTC

SUMMARY

marble free()s an invalid pointer on exit

STEPS TO REPRODUCE
1. flatpak run org.kde.marble
2. quit marble

OBSERVED RESULT

$ flatpak run org.kde.marble
Start: MarblePart::readSettings()
Updating Settings ...
kf.xmlgui: Shortcut for action  "" "Hide &All Panels" set with QAction::setShortcut()! Use KActionCollection::setDefaultShortcut(s) instead.
free(): invalid pointer

Sometimes I also get a crash:

$ flatpak run org.kde.marble
Start: MarblePart::readSettings()
Updating Settings ...
kf.xmlgui: Shortcut for action  "" "Hide &All Panels" set with QAction::setShortcut()! Use KActionCollection::setDefaultShortcut(s) instead.
free(): invalid pointer
KCrash: crashing... crashRecursionCounter = 2
KCrash: Application Name = marble path = /app/bin pid = 2
KCrash: Arguments: /app/bin/marble

EXPECTED RESULT

no invalid free and no crash

SOFTWARE/OS VERSIONS

$ flatpak info org.kde.marble//stable
Marble - Virtual Globe

          ID: org.kde.marble
         Ref: app/org.kde.marble/x86_64/stable
        Arch: x86_64
      Branch: stable
     Version: 21.12.1
     License: LGPL-2.1-or-later
      Origin: flathub
  Collection: org.flathub.Stable
Installation: system
   Installed: 237.3 MB
     Runtime: org.kde.Platform/x86_64/5.15-21.08
         Sdk: org.kde.Sdk/x86_64/5.15-21.08

      Commit: e5df76dd61ee708f4b8b7a838331fa6dcba0fa99d0ca635057fa12710d3ed2d1
      Parent: 562104dc0f72eeeda48d4fc3216436bb77dbde998076e4cfbd1881a0b11e52c9
     Subject: Update to 21.12.1 (0a4b16e6)
        Date: 2022-01-06 20:08:40 +0000

Comment 1 Laurent Bonnaud 2022-01-08 11:27:31 UTC

I also observe a similar behavior with the Ubuntu package:

Package: marble
Status: install ok installed
Priority: optional
Section: misc
Installed-Size: 1112
Maintainer: Kubuntu Developers <kubuntu-devel@lists.ubuntu.com>
Architecture: amd64
Version: 4:21.12.1-0ubuntu1~ubuntu21.10~ppa1
Replaces: marble-data (<< 4:17.08.1)
Depends: marble-data (>= 4:21.12.1-0ubuntu1~ubuntu21.10~ppa1), marble-plugins (= 4:21.12.1-0ubuntu1~ubuntu21.10~ppa1), kio, libc6 (>= 2.34), libgcc-s1 (>= 3.0), libkf5configcore5 (>= 4.98.0), libkf5configgui5 (>= 4.97.0), libkf5configwidgets5 (>= 4.96.0), libkf5coreaddons5 (>= 5.7.0~), libkf5crash5 (>= 5.7.0~), libkf5i18n5 (>= 5.7.0~), libkf5kiowidgets5 (>= 5.7.0~), libkf5parts5 (>= 5.7.0~), libkf5widgetsaddons5 (>= 4.96.0), libkf5xmlgui5 (>= 4.98.0), libmarblewidget-qt5-28 (= 4:21.12.1-0ubuntu1~ubuntu21.10~ppa1), libqt5core5a (>= 5.15.1), libqt5dbus5 (>= 5.7.0~), libqt5gui5 (>= 5.7.0) | libqt5gui5-gles (>= 5.7.0), libqt5network5 (>= 5.7.0~), libqt5printsupport5 (>= 5.7.0~), libqt5widgets5 (>= 5.7.0~), libqt5xml5 (>= 5.7.0~), libstdc++6 (>= 4.1.1)
Suggests: gosmore, monav-routing-daemon, routino
Breaks: marble-data (<< 4:17.08.1)
Description: globe and map widget
 Marble is a generic geographical map widget and framework for KDE
 applications. The Marble widget shows the earth as a sphere but does not
 require hardware acceleration.  A minimal set of geographical data is
 included, so it can be used without an internet connection.
 .
 This package is part of the KDE education module.
Homepage: https://marble.kde.org/
Original-Maintainer: Debian Qt/KDE Maintainers <debian-qt-kde@lists.debian.org>

Comment 2 Laurent Bonnaud 2022-01-08 11:33:02 UTC

Running marble with valgrind gives the following (among many other) error:

==111194== Invalid free() / delete / delete[] / realloc()
==111194==    at 0x484684F: operator delete(void*) (vg_replace_malloc.c:802)
==111194==    by 0x66DC4E2: QObject::event(QEvent*) (qobject.cpp:1301)
==111194==    by 0x4FBC0CC: KXmlGuiWindow::event(QEvent*) (kxmlguiwindow.cpp:219)
==111194==    by 0x57C46B2: QApplicationPrivate::notify_helper(QObject*, QEvent*) (qapplication.cpp:3632)
==111194==    by 0x66AF169: QCoreApplication::notifyInternal2(QObject*, QEvent*) (qcoreapplication.cpp:1063)
==111194==    by 0x66B2256: QCoreApplicationPrivate::sendPostedEvents(QObject*, int, QThreadData*) (qcoreapplication.cpp:1817)
==111194==    by 0x6708EF6: postEventSourceDispatch(_GSource*, int (*)(void*), void*) (qeventdispatcher_glib.cpp:277)
==111194==    by 0x80108BA: UnknownInlinedFun (gmain.c:3337)
==111194==    by 0x80108BA: g_main_context_dispatch (gmain.c:4055)
==111194==    by 0x8063F07: g_main_context_iterate.constprop.0 (gmain.c:4131)
==111194==    by 0x800E002: g_main_context_iteration (gmain.c:4196)
==111194==    by 0x6708547: QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) (qeventdispatcher_glib.cpp:423)
==111194==    by 0x66ADA9A: QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) (qeventloop.cpp:232)
==111194==  Address 0x1ffefff8c0 is on thread 1's stack

Comment 3 Laurent Bonnaud 2023-04-02 10:58:25 UTC

This bug no longer exists.