[kmymoney] [Bug 453857] malloc() aborts during save

Mon May 16 13:53:51 BST 2022

https://bugs.kde.org/show_bug.cgi?id=453857

--- Comment #2 from kde-bugs at oomlu.de ---
(In reply to kde-bugs from comment #1)
> I have the same problem, similar configuration using Arch Linux.
> 
> Errors with
> 
> free(): invalid next size (fast) -> when file is saved after edits
> malloc(): unaligned tcache chunk detected -> if bank statements are updated
> via HBCI.

GDB backtrace for the saving issue:

kmymoney: malloc.c:2617: sysmalloc: Assertion `(old_top == initial_top (av) &&
old_size == 0) || ((unsigned long) (old_size) >= MINSIZE && prev_inuse
(old_top) && ((unsigned long) old_end & (pagesize - 1)) == 0)' failed.

Thread 1 "kmymoney" received signal SIGABRT, Aborted.
0x00007ffff583c36c in ?? () from /usr/lib/libc.so.6

[ Legend: Modified register | Code | Heap | Stack | String ]
───────────────────────────────────────────────────────── registers ────
$rax   : 0x0               
$rbx   : 0x125ae           
$rcx   : 0x007ffff583c36c  →   mov ebp, eax
$rdx   : 0x6               
$rsp   : 0x007fffffffc290  →  0x007fffffffc330  →  0x0000000000000018
$rbp   : 0x007fffda4bb180  →  0x007fffda4bb180  →  [loop detected]
$rsi   : 0x125ae           
$rdi   : 0x125ae           
$rip   : 0x007ffff583c36c  →   mov ebp, eax
$r8    : 0x0               
$r9    : 0x73              
$r10   : 0x8               
$r11   : 0x246             
$r12   : 0x6               
$r13   : 0x1000            
$r14   : 0xffffffffffffff28
$r15   : 0x0               
$eflags: [ZERO carry PARITY adjust sign trap INTERRUPT direction overflow
resume virtualx86 identification]
$cs: 0x33 $ss: 0x2b $ds: 0x00 $es: 0x00 $fs: 0x00 $gs: 0x00 
───────────────────────────────────────────────────────────── stack ────
0x007fffffffc290│+0x0000: 0x007fffffffc330  →  0x0000000000000018        ← $rsp
0x007fffffffc298│+0x0008: 0x00555557fd4963  →  0x90cdba0000000555
0x007fffffffc2a0│+0x0010: 0x0000000000000a ("\n"?)
0x007fffffffc2a8│+0x0018: 0x00555557fd4963  →  0x90cdba0000000555
0x007fffffffc2b0│+0x0020: 0x0000000000000000
0x007fffffffc2b8│+0x0028: 0xe4e9690ba17ade00
0x007fffffffc2c0│+0x0030: 0x0000000000000005
0x007fffffffc2c8│+0x0038: 0xe4e9690ba17ade00
─────────────────────────────────────────────────────── code:x86:64 ────
   0x7ffff583c363                  mov    edi, eax
   0x7ffff583c365                  mov    eax, 0xea
   0x7ffff583c36a                  syscall 
 → 0x7ffff583c36c                  mov    ebp, eax
   0x7ffff583c36e                  neg    ebp
   0x7ffff583c370                  cmp    eax, 0xfffff000
   0x7ffff583c375                  mov    eax, 0x0
   0x7ffff583c37a                  cmova  eax, ebp
   0x7ffff583c37d                  jmp    0x7ffff583c2f2
─────────────────────────────────────────────────────────── threads ────
[#0] Id 1, Name: "kmymoney", stopped 0x7ffff583c36c in ?? (), reason: SIGABRT
[#1] Id 2, Name: "QXcbEventQueue", stopped 0x7ffff58b3faf in poll (), reason:
SIGABRT
[#2] Id 3, Name: "kmymone:disk$0", stopped 0x7ffff5837119 in ?? (), reason:
SIGABRT
[#3] Id 4, Name: "kmymoney:sh0", stopped 0x7ffff5837119 in ?? (), reason:
SIGABRT
[#4] Id 5, Name: "kmymoney:sh1", stopped 0x7ffff5837119 in ?? (), reason:
SIGABRT
[#5] Id 6, Name: "kmymoney:sh2", stopped 0x7ffff5837119 in ?? (), reason:
SIGABRT
[#6] Id 7, Name: "kmymoney:gdrv0", stopped 0x7ffff5837119 in ?? (), reason:
SIGABRT
[#7] Id 8, Name: "Thread (pooled)", stopped 0x7ffff5837119 in ?? (), reason:
SIGABRT
[#8] Id 9, Name: "Thread (pooled)", stopped 0x7ffff5837119 in ?? (), reason:
SIGABRT
[#9] Id 10, Name: "Thread (pooled)", stopped 0x7ffff5837119 in ?? (), reason:
SIGABRT
[#10] Id 11, Name: "Thread (pooled)", stopped 0x7ffff5837119 in ?? (), reason:
SIGABRT
[#11] Id 12, Name: "QDBusConnection", stopped 0x7ffff58b3faf in poll (),
reason: SIGABRT
[#12] Id 14, Name: "sandbox_ipc_thr", stopped 0x7ffff58b3faf in poll (),
reason: SIGABRT
[#13] Id 15, Name: "kmymoney", stopped 0x7ffff588af9f in wait4 (), reason:
SIGABRT
[#14] Id 16, Name: "ThreadPoolServi", stopped 0x7ffff58bff3e in epoll_wait (),
reason: SIGABRT
[#15] Id 17, Name: "ThreadPoolForeg", stopped 0x7ffff5837119 in ?? (), reason:
SIGABRT
[#16] Id 18, Name: "Chrome_IOThread", stopped 0x7ffff58bff3e in epoll_wait (),
reason: SIGABRT
[#17] Id 19, Name: "ThreadPoolForeg", stopped 0x7ffff5837119 in ?? (), reason:
SIGABRT
[#18] Id 20, Name: "ThreadPoolForeg", stopped 0x7ffff5837119 in ?? (), reason:
SIGABRT
[#19] Id 21, Name: "ThreadPoolForeg", stopped 0x7ffff5837119 in ?? (), reason:
SIGABRT
[#20] Id 22, Name: "ThreadPoolForeg", stopped 0x7ffff5837119 in ?? (), reason:
SIGABRT
[#21] Id 23, Name: "CompositorTileW", stopped 0x7ffff5837119 in ?? (), reason:
SIGABRT
[#22] Id 24, Name: "inotify_reader", stopped 0x7ffff58b67ec in select (),
reason: SIGABRT
[#23] Id 25, Name: "Chrome_InProcGp", stopped 0x7ffff5837119 in ?? (), reason:
SIGABRT
[#24] Id 26, Name: "VideoCaptureThr", stopped 0x7ffff5837119 in ?? (), reason:
SIGABRT
[#25] Id 27, Name: "Chrome_ChildIOT", stopped 0x7ffff58bff3e in epoll_wait (),
reason: SIGABRT
[#26] Id 30, Name: "VizCompositorTh", stopped 0x7ffff5837119 in ?? (), reason:
SIGABRT
[#27] Id 31, Name: "kmymoney:gdrv0", stopped 0x7ffff5837119 in ?? (), reason:
SIGABRT
[#28] Id 32, Name: "NetworkService", stopped 0x7ffff58bff3e in epoll_wait (),
reason: SIGABRT
[#29] Id 33, Name: "CacheThread_Blo", stopped 0x7ffff58bff3e in epoll_wait (),
reason: SIGABRT
[#30] Id 34, Name: "ThreadPoolSingl", stopped 0x7ffff5837119 in ?? (), reason:
SIGABRT
[#31] Id 35, Name: "kmymoney:gdrv0", stopped 0x7ffff5837119 in ?? (), reason:
SIGABRT
[#32] Id 36, Name: "kmymoney:gdrv0", stopped 0x7ffff5837119 in ?? (), reason:
SIGABRT
[#33] Id 37, Name: "kmymoney:gdrv0", stopped 0x7ffff5837119 in ?? (), reason:
SIGABRT
[#34] Id 38, Name: "kmymoney:gdrv0", stopped 0x7ffff5837119 in ?? (), reason:
SIGABRT
[#35] Id 39, Name: "kmymoney:gdrv0", stopped 0x7ffff5837119 in ?? (), reason:
SIGABRT
[#36] Id 40, Name: "MemoryInfra", stopped 0x7ffff5837119 in ?? (), reason:
SIGABRT
[#37] Id 41, Name: "ThreadPoolSingl", stopped 0x7ffff5837119 in ?? (), reason:
SIGABRT
[#38] Id 42, Name: "kmymoney:gdrv0", stopped 0x7ffff5837119 in ?? (), reason:
SIGABRT
───────────────────────────────────────────────────────────── trace ────
[#0] 0x7ffff583c36c → mov ebp, eax
[#1] 0x7ffff57ec838 → raise()
[#2] 0x7ffff57d6535 → abort()
[#3] 0x7ffff584628d → nop DWORD PTR [rax]
[#4] 0x7ffff5848c62 → addr32 call 0x7ffff58cf600 <__stack_chk_fail>
[#5] 0x7ffff5849a5a → mov rcx, rax
[#6] 0x7ffff584a358 → malloc()
[#7] 0x7ffff5ede6c4 → QArrayData::allocate(unsigned long, unsigned long,
unsigned long, QFlags<QArrayData::AllocationOption>)()
[#8] 0x7ffff5f5685f → QString::fromLatin1_helper(char const*, int)()
[#9] 0x7ffff7a9a510 → AlkValue::toString() const()

-- 
You are receiving this mail because:
You are the assignee for the bug.