[kpat] [Bug 389540] New: KPatience: crash on exit after winning Spider Solitaire game

Sat, 27 Jan 2018 20:55:29 -0800 

https://bugs.kde.org/show_bug.cgi?id=389540

            Bug ID: 389540
           Summary: KPatience: crash on exit after winning Spider
                    Solitaire game
           Product: kpat
           Version: 3.6
          Platform: Compiled Sources
                OS: Linux
            Status: UNCONFIRMED
          Keywords: drkonqi
          Severity: crash
          Priority: NOR
         Component: general
          Assignee: co...@kde.org
          Reporter: awil...@adelielinux.org
                CC: kde-games-b...@kde.org
  Target Milestone: ---

Application: kpat (3.6)
 (Compiled from sources)
Qt Version: 5.9.1
Frameworks Version: 5.41.0
Operating System: Linux 4.14.8-mc2-easy x86_64

-- Information about the crash:
This computer is running Adelie Linux, which uses the musl libc.  The crash
occurs in musl's free() method - here is the relevant two lines from musl code:

        /* Crash on corrupted footer (likely from buffer overflow) */
        if (next->psize != self->csize) a_crash();

This suggests that the Spider solver had a small buffer overflow.

- What I was doing when the application crashed:
Quitting the application.

-- Backtrace:
Application: KPatience (kpat), signal: Segmentation fault
[KCrash Handler]
#8  a_crash () at ./arch/x86_64/atomic_arch.h:108
#9  free (p=0x5592d381b180) at src/malloc/malloc.c:476
#10 0x00007f71829a83c5 in operator delete(void*) () from
/usr/lib/libstdc++.so.6
#11 0x00007f71829a841e in operator delete[](void*) () from
/usr/lib/libstdc++.so.6
#12 0x00005592d307208e in Solver::~Solver (this=0x5592d381a280,
__in_chrg=<optimized out>) at
/usr/src/packages/user/kpat/src/kpat-17.08.2/patsolve/patsolve.cpp:915
#13 0x00005592d3087afb in SpiderSolver::~SpiderSolver (this=0x5592d381a280,
__in_chrg=<optimized out>) at
/usr/src/packages/user/kpat/src/kpat-17.08.2/patsolve/spidersolver.h:25
#14 SpiderSolver::~SpiderSolver (this=0x5592d381a280, __in_chrg=<optimized
out>) at
/usr/src/packages/user/kpat/src/kpat-17.08.2/patsolve/spidersolver.h:25
#15 0x00005592d304f9d0 in DealerScene::~DealerScene (this=0x5592d3805d60,
__in_chrg=<optimized out>) at
/usr/src/packages/user/kpat/src/kpat-17.08.2/dealer.cpp:605
#16 0x00005592d308cd9e in Spider::~Spider (this=0x5592d3805d60,
__in_chrg=<optimized out>) at
/usr/src/packages/user/kpat/src/kpat-17.08.2/kpat_autogen/EWIEGA46WW/../../spider.h:45
#17 Spider::~Spider (this=0x5592d3805d60, __in_chrg=<optimized out>) at
/usr/src/packages/user/kpat/src/kpat-17.08.2/kpat_autogen/EWIEGA46WW/../../spider.h:45
#18 0x00005592d3063772 in MainWindow::~MainWindow
(this=this@entry=0x5592d3465460, __in_chrg=<optimized out>,
__vtt_parm=<optimized out>) at
/usr/src/packages/user/kpat/src/kpat-17.08.2/mainwindow.cpp:142
#19 0x00005592d3063891 in MainWindow::~MainWindow (this=0x5592d3465460,
__in_chrg=<optimized out>, __vtt_parm=<optimized out>) at
/usr/src/packages/user/kpat/src/kpat-17.08.2/mainwindow.cpp:145
#20 0x00007f7182fa5ff0 in QObject::event(QEvent*) () from
/usr/lib/libQt5Core.so.5
#21 0x00007f71843bb4eb in QWidget::event (this=this@entry=0x5592d3465460,
event=event@entry=0x5592d5863320) at kernel/qwidget.cpp:9244
#22 0x00007f71844b3beb in QMainWindow::event (this=this@entry=0x5592d3465460,
event=event@entry=0x5592d5863320) at widgets/qmainwindow.cpp:1557
#23 0x00007f7185f8916b in KMainWindow::event (this=this@entry=0x5592d3465460,
ev=ev@entry=0x5592d5863320) at
/usr/src/packages/user/kxmlgui/src/kxmlgui-5.41.0/src/kmainwindow.cpp:865
#24 0x00007f7185fce939 in KXmlGuiWindow::event (this=0x5592d3465460,
ev=0x5592d5863320) at
/usr/src/packages/user/kxmlgui/src/kxmlgui-5.41.0/src/kxmlguiwindow.cpp:119
#25 0x00007f7184376fdc in QApplicationPrivate::notify_helper (this=<optimized
out>, receiver=0x5592d3465460, e=0x5592d5863320) at
kernel/qapplication.cpp:3717
#26 0x00007f718437e8d9 in QApplication::notify (this=0x7ffc10d64860,
receiver=0x5592d3465460, e=0x5592d5863320) at kernel/qapplication.cpp:3476
#27 0x00007f7182f78fc0 in QCoreApplication::notifyInternal2(QObject*, QEvent*)
() from /usr/lib/libQt5Core.so.5
#28 0x00007f7182f7bd9d in QCoreApplicationPrivate::sendPostedEvents(QObject*,
int, QThreadData*) () from /usr/lib/libQt5Core.so.5
#29 0x00007f7182fcf3e3 in postEventSourceDispatch(_GSource*, int (*)(void*),
void*) () from /usr/lib/libQt5Core.so.5
#30 0x00007f717cdb2a9a in g_main_dispatch (context=0x7f7180616540) at
gmain.c:3148
#31 g_main_context_dispatch (context=context@entry=0x7f7180616540) at
gmain.c:3813
#32 0x00007f717cdb2d28 in g_main_context_iterate
(context=context@entry=0x7f7180616540, block=block@entry=1,
dispatch=dispatch@entry=1, self=<optimized out>) at gmain.c:3886
#33 0x00007f717cdb2ddf in g_main_context_iteration (context=0x7f7180616540,
may_block=1) at gmain.c:3947
#34 0x00007f7182fce9af in
QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) ()
from /usr/lib/libQt5Core.so.5
#35 0x00007f7182f76f2a in
QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () from
/usr/lib/libQt5Core.so.5
#36 0x00007f7182f7ff74 in QCoreApplication::exec() () from
/usr/lib/libQt5Core.so.5
#37 0x00005592d3045238 in main (argc=<optimized out>, argv=<optimized out>) at
/usr/src/packages/user/kpat/src/kpat-17.08.2/main.cpp:339

Reported using DrKonqi

-- 
You are receiving this mail because:
You are watching all bug changes.

Reply via email to