[kopete-bugs] [Bug 189069] New: QGArray::at: Absolute index xxx out of range filling up disk and kopete unresponsitive
Elan Ruusamäe
glen at delfi.ee
Tue Apr 7 21:06:42 CEST 2009
https://bugs.kde.org/show_bug.cgi?id=189069
Summary: QGArray::at: Absolute index xxx out of range filling
up disk and kopete unresponsitive
Product: kopete
Version: 0.12.7
Platform: unspecified
OS/Version: Linux
Status: UNCONFIRMED
Severity: normal
Priority: NOR
Component: general
AssignedTo: kopete-bugs at kde.org
ReportedBy: glen at delfi.ee
Version: 0.12.7 (using 3.5.10, PLD Linux Distribution)
Compiler: Target: x86_64-pld-linux
OS: Linux (x86_64) release 2.6.27.15-1
I had kopete looping and filling up disk.
I tried to make as much possible from backtrace as i believe it's not easily
reproducible as I don't know how it happened (but it has happened few times
earlier too). So if you don't find this trace useful, please provide hints what
to debug next time this bug happens (maybe some element needs to be inspected
more deeeply).
....
QGArray::at: Absolute index 280952899 out of range
QGArray::at: Absolute index 280952900 out of range
QGArray::at: Absolute index 280952901 out of range
QGArray::at: Absolute index 280952902 out of range
QGArray::at: Absolute index 280952903 out of range
QGArray::at: Absolute index 280952904 out of range
QGArray::at: Absolute index 280952905 out of range
QGArray::at: Absolute index 280952906 out of range
QGArray::at: Absolute index 280952907 out of range
QGArray::at: Absolute index 280952908 out of range
QGArray::at: Absolute index 280952909 out of range
QGArray::at: Absolute index 280952910 out of range
QGArray::at: Absolute index 280952911 out of range
QGArray::at: Absolute index 280952912 out of range
QGArray::at: Absolute index 280952913 out of range
QGArray::at: Absolute index 280952914 out of range
QGArray::at: Absolute index 280952915 out of range
...
"/usr/include/qt/qgarray.h" :
122 inline char *QGArray::at( uint index ) const
123 {
124 #if defined(QT_CHECK_RANGE)
125 if ( index >= size() ) {
126 msg_index( index );
127 index = 0;
128 }
129 #endif
130 return &shd->data[index];
131 }
132
133
134 #endif // QGARRAY_H
and here follows some play from gdb
(gdb) bt
#0 0x00007f85e9fe180b in write () from /lib64/libc.so.6
#1 0x00007f85e9f8cbea in _IO_file_write () from /lib64/libc.so.6
#2 0x00007f85e9f8c83a in ?? () from /lib64/libc.so.6
#3 0x00007f85e9f8cb2e in _IO_file_xsputn () from /lib64/libc.so.6
#4 0x00007f85e9f655be in ?? () from /lib64/libc.so.6
#5 0x00007f85e9f60956 in vfprintf () from /lib64/libc.so.6
#6 0x00007f85e9f6a5f8 in fprintf () from /lib64/libc.so.6
#7 0x00007f85ead3435b in qWarning(char const*, ...) () from
/usr/lib64/libqt-mt.so.3
#8 0x00007f85da3ebf65 in P2P::Dispatcher::slotReadMessage (this=0xca53a0,
from=<value optimized out>, stream=<value optimized out>)
at /usr/include/qt/qgarray.h:126
#9 0x00007f85da3d8bc6 in MSNSwitchBoardSocket::slotReadMessage
(this=0x28fe850, bytes=@0x7ffff5144610) at msnswitchboardsocket.cpp:452
#10 0x00007f85da3ddab4 in MSNSwitchBoardSocket::qt_invoke (this=0x28fe850,
_id=23, _o=0x7ffff51445b0) at msnswitchboardsocket.moc:273
#11 0x00007f85eaac63ec in QObject::activate_signal(QConnectionList*, QUObject*)
() from /usr/lib64/libqt-mt.so.3
#12 0x00007f85da3b79bd in MSNSocket::blockRead (this=0x28fe850,
t0=@0x7ffff5144610) at msnsocket.moc:179
#13 0x00007f85da3bce41 in MSNSocket::pollReadBlock (this=0x28fe850) at
msnsocket.cpp:497
#14 0x00007f85da3be458 in MSNSocket::readBlock (this=0x2, len=4111724912) at
msnsocket.cpp:477
#15 0x00007f85da3db3eb in MSNSwitchBoardSocket::parseCommand (this=0x28fe850,
cmd=<value optimized out>, id=<value optimized out>, data=@0x7ffff5144900)
at msnswitchboardsocket.cpp:237
#16 0x00007f85da3b8d66 in MSNSocket::parseLine (this=0x28fe850,
str=@0x7ffff51448a0) at msnsocket.cpp:526
#17 0x00007f85da3bcfdf in MSNSocket::slotReadLine (this=0x28fe850) at
msnsocket.cpp:456
#18 0x00007f85da3bd6a9 in MSNSocket::slotDataReceived (this=0x28fe850) at
msnsocket.cpp:411
#19 0x00007f85da3be308 in MSNSocket::qt_invoke (this=0x28fe850, _id=9,
_o=0x7ffff5144dd0) at msnsocket.moc:231
#20 0x00007f85eaac63ec in QObject::activate_signal(QConnectionList*, QUObject*)
() from /usr/lib64/libqt-mt.so.3
#21 0x00007f85eaac7234 in QObject::activate_signal(int) () from
/usr/lib64/libqt-mt.so.3
#22 0x00007f85eb81c196 in KNetwork::KBufferedSocket::qt_invoke(int, QUObject*)
() from /usr/lib64/libkdecore.so.4
#23 0x00007f85eaac63ec in QObject::activate_signal(QConnectionList*, QUObject*)
() from /usr/lib64/libqt-mt.so.3
#24 0x00007f85eaac716e in QObject::activate_signal(int, int) () from
/usr/lib64/libqt-mt.so.3
#25 0x00007f85eaae08fb in QSocketNotifier::event(QEvent*) () from
/usr/lib64/libqt-mt.so.3
#26 0x00007f85eaa708cd in QApplication::internalNotify(QObject*, QEvent*) ()
from /usr/lib64/libqt-mt.so.3
#27 0x00007f85eaa71424 in QApplication::notify(QObject*, QEvent*) () from
/usr/lib64/libqt-mt.so.3
#28 0x00007f85eb6b1153 in KApplication::notify(QObject*, QEvent*) () from
/usr/lib64/libkdecore.so.4
#29 0x00007f85eaa66413 in QEventLoop::activateSocketNotifiers() () from
/usr/lib64/libqt-mt.so.3
#30 0x00007f85eaa25ee6 in QEventLoop::processEvents(unsigned int) () from
/usr/lib64/libqt-mt.so.3
#31 0x00007f85eaa84643 in QEventLoop::enterLoop() () from
/usr/lib64/libqt-mt.so.3
#32 0x00007f85eaa844f2 in QEventLoop::exec() () from /usr/lib64/libqt-mt.so.3
#33 0x000000000042c455 in main (argc=<value optimized out>, argv=<value
optimized out>) at main.cpp:107
(gdb) print this
$1 = (P2P::Dispatcher * const) 0xca53a0
(gdb) print *this
$2 = {
<> = {<No data fields>},
members of P2P::Dispatcher:
static metaObj = 0x2828b80,
m_pictureUrl = {
static null = {
static null = <same as static member of an already seen type>,
d = 0x6ff9e0,
static shared_null = 0x6ff9e0
},
d = 0x13a7df0,
static shared_null = 0x6ff9e0
},
objectList = {
sh = 0x21eac30
},
m_messageFormatter = {
<> = {<No data fields>},
members of P2P::MessageFormatter:
static metaObj = 0x0
},
m_sessions = {
sh = 0x27aad70
},
m_messageBuffer = {
sh = 0x269ac00
},
m_contact = {
static null = {
static null = <same as static member of an already seen type>,
d = 0x6ff9e0,
static shared_null = 0x6ff9e0
},
d = 0xc80250,
static shared_null = 0x6ff9e0
},
m_callbackChannel = 0x225ea80,
m_ip = {
<QValueList<QString>> = {
sh = 0x1e7d220
}, <No data fields>}
}
(gdb)
(gdb) up
#9 0x00007f85da3d8bc6 in MSNSwitchBoardSocket::slotReadMessage
(this=0x28fe850, bytes=@0x7ffff5144610) at msnswitchboardsocket.cpp:452
452 PeerDispatcher()->slotReadMessage(m_msgHandle, bytes);
(gdb) print *this
$3 = {
<MSNSocket> = {
<> = {<No data fields>},
members of MSNSocket:
static metaObj = 0xbc8f80,
m_id = 385,
m_sendQueue = {
sh = 0x2611270
},
m_socket = 0x1edb7c0,
m_onlineStatus = MSNSocket::Connected,
m_server = {
static null = {
static null = <same as static member of an already seen type>,
d = 0x6ff9e0,
static shared_null = 0x6ff9e0
},
d = 0x28792f0,
static shared_null = 0x6ff9e0
},
m_port = 1863,
m_waitBlockSize = 0,
m_buffer = {
<QMemArray<char>> = {
<> = {<No data fields>}, <No data fields>}, <No data fields>},
m_useHttp = false,
m_bCanPoll = 255,
m_bIsFirstInTransaction = 255,
m_gateway = {
static null = {
static null = <same as static member of an already seen type>,
d = 0x6ff9e0,
static shared_null = 0x6ff9e0
},
d = 0x6ff9e0,
static shared_null = 0x6ff9e0
},
m_gwip = {
static null = {
static null = <same as static member of an already seen type>,
d = 0x6ff9e0,
static shared_null = 0x6ff9e0
},
d = 0x6ff9e0,
static shared_null = 0x6ff9e0
},
m_sessionId = {
static null = {
static null = <same as static member of an already seen type>,
d = 0x6ff9e0,
static shared_null = 0x6ff9e0
},
d = 0x6ff9e0,
static shared_null = 0x6ff9e0
},
m_timer = 0x0,
m_type = {
static null = {
static null = <same as static member of an already seen type>,
d = 0x6ff9e0,
static shared_null = 0x6ff9e0
},
d = 0x6ff9e0,
---Type <return> to continue, or q <return> to quit---
static shared_null = 0x6ff9e0
},
m_pending = 255,
m_remaining = -1
},
members of MSNSwitchBoardSocket:
static metaObj = 0x2880720,
m_dispatcher = 0xca53a0,
m_account = 0xb97620,
m_myHandle = {
static null = {
static null = <same as static member of an already seen type>,
d = 0x6ff9e0,
static shared_null = 0x6ff9e0
},
d = 0xc80250,
static shared_null = 0x6ff9e0
},
m_msgHandle = {
static null = {
static null = <same as static member of an already seen type>,
d = 0x6ff9e0,
static shared_null = 0x6ff9e0
},
d = 0x7f85d00a3420,
static shared_null = 0x6ff9e0
},
m_ID = {
static null = {
static null = <same as static member of an already seen type>,
d = 0x6ff9e0,
static shared_null = 0x6ff9e0
},
d = 0x233ecd0,
static shared_null = 0x6ff9e0
},
m_auth = {
static null = {
static null = <same as static member of an already seen type>,
d = 0x6ff9e0,
static shared_null = 0x6ff9e0
},
d = 0x222c1a0,
static shared_null = 0x6ff9e0
},
m_chatMembers = {
<QValueList<QString>> = {
sh = 0x278aba0
}, <No data fields>},
m_msgQueue = {
sh = 0x22f6da0
},
m_recvIcons = 0,
m_emoticons = {
sh = 0x2a1d440
},
m_emoticonTimer = 0x0,
m_typewrited = {
<QGList> = {
<> = {<No data fields>},
members of QGList:
firstNode = 0x0,
lastNode = 0x0,
---Type <return> to continue, or q <return> to quit---
curNode = 0x0,
curIndex = -1,
numNodes = 0,
iterators = 0x0
}, <No data fields>},
m_inkMessageBuffer = {
sh = 0x2a1d4a0
},
m_chunks = 0,
m_clientcapsSent = false,
m_keepAlive = 0x0,
m_keepAliveNb = -360
}
(gdb) print bytes
$4 = (const QByteArray &) @0x7ffff5144610: {
<> = {<No data fields>}, <No data fields>}
(gdb) up
#10 0x00007f85da3ddab4 in MSNSwitchBoardSocket::qt_invoke (this=0x28fe850,
_id=23, _o=0x7ffff51445b0) at msnswitchboardsocket.moc:273
273 case 6: slotReadMessage((const QByteArray&)*((const
QByteArray*)static_QUType_ptr.get(_o+1))); break;
(gdb) print *this
$5 = {
<MSNSocket> = {
<> = {<No data fields>},
members of MSNSocket:
static metaObj = 0xbc8f80,
m_id = 385,
m_sendQueue = {
sh = 0x2611270
},
m_socket = 0x1edb7c0,
m_onlineStatus = MSNSocket::Connected,
m_server = {
static null = {
static null = <same as static member of an already seen type>,
d = 0x6ff9e0,
static shared_null = 0x6ff9e0
},
d = 0x28792f0,
static shared_null = 0x6ff9e0
},
m_port = 1863,
m_waitBlockSize = 0,
m_buffer = {
<QMemArray<char>> = {
<> = {<No data fields>}, <No data fields>}, <No data fields>},
m_useHttp = false,
m_bCanPoll = 255,
m_bIsFirstInTransaction = 255,
m_gateway = {
static null = {
static null = <same as static member of an already seen type>,
d = 0x6ff9e0,
static shared_null = 0x6ff9e0
},
d = 0x6ff9e0,
static shared_null = 0x6ff9e0
},
m_gwip = {
static null = {
static null = <same as static member of an already seen type>,
d = 0x6ff9e0,
static shared_null = 0x6ff9e0
},
d = 0x6ff9e0,
static shared_null = 0x6ff9e0
},
m_sessionId = {
static null = {
static null = <same as static member of an already seen type>,
d = 0x6ff9e0,
static shared_null = 0x6ff9e0
},
d = 0x6ff9e0,
static shared_null = 0x6ff9e0
},
m_timer = 0x0,
m_type = {
static null = {
static null = <same as static member of an already seen type>,
d = 0x6ff9e0,
static shared_null = 0x6ff9e0
},
d = 0x6ff9e0,
---Type <return> to continue, or q <return> to quit---
static shared_null = 0x6ff9e0
},
m_pending = 255,
m_remaining = -1
},
members of MSNSwitchBoardSocket:
static metaObj = 0x2880720,
m_dispatcher = 0xca53a0,
m_account = 0xb97620,
m_myHandle = {
static null = {
static null = <same as static member of an already seen type>,
d = 0x6ff9e0,
static shared_null = 0x6ff9e0
},
d = 0xc80250,
static shared_null = 0x6ff9e0
},
m_msgHandle = {
static null = {
static null = <same as static member of an already seen type>,
d = 0x6ff9e0,
static shared_null = 0x6ff9e0
},
d = 0x7f85d00a3420,
static shared_null = 0x6ff9e0
},
m_ID = {
static null = {
static null = <same as static member of an already seen type>,
d = 0x6ff9e0,
static shared_null = 0x6ff9e0
},
d = 0x233ecd0,
static shared_null = 0x6ff9e0
},
m_auth = {
static null = {
static null = <same as static member of an already seen type>,
d = 0x6ff9e0,
static shared_null = 0x6ff9e0
},
d = 0x222c1a0,
static shared_null = 0x6ff9e0
},
m_chatMembers = {
<QValueList<QString>> = {
sh = 0x278aba0
}, <No data fields>},
m_msgQueue = {
sh = 0x22f6da0
},
m_recvIcons = 0,
m_emoticons = {
sh = 0x2a1d440
},
m_emoticonTimer = 0x0,
m_typewrited = {
<QGList> = {
<> = {<No data fields>},
members of QGList:
firstNode = 0x0,
lastNode = 0x0,
---Type <return> to continue, or q <return> to quit---
curNode = 0x0,
curIndex = -1,
numNodes = 0,
iterators = 0x0
}, <No data fields>},
m_inkMessageBuffer = {
sh = 0x2a1d4a0
},
m_chunks = 0,
m_clientcapsSent = false,
m_keepAlive = 0x0,
m_keepAliveNb = -360
}
(gdb)
(gdb) up
#12 0x00007f85da3b79bd in MSNSocket::blockRead (this=0x28fe850,
t0=@0x7ffff5144610) at msnsocket.moc:179
179 activate_signal( clist, o );
(gdb) print *this
$6 = {
<> = {<No data fields>},
members of MSNSocket:
static metaObj = 0xbc8f80,
m_id = 385,
m_sendQueue = {
sh = 0x2611270
},
m_socket = 0x1edb7c0,
m_onlineStatus = MSNSocket::Connected,
m_server = {
static null = {
static null = <same as static member of an already seen type>,
d = 0x6ff9e0,
static shared_null = 0x6ff9e0
},
d = 0x28792f0,
static shared_null = 0x6ff9e0
},
m_port = 1863,
m_waitBlockSize = 0,
m_buffer = {
<QMemArray<char>> = {
<> = {<No data fields>}, <No data fields>}, <No data fields>},
m_useHttp = false,
m_bCanPoll = 255,
m_bIsFirstInTransaction = 255,
m_gateway = {
static null = {
static null = <same as static member of an already seen type>,
d = 0x6ff9e0,
static shared_null = 0x6ff9e0
},
d = 0x6ff9e0,
static shared_null = 0x6ff9e0
},
m_gwip = {
static null = {
static null = <same as static member of an already seen type>,
d = 0x6ff9e0,
static shared_null = 0x6ff9e0
},
d = 0x6ff9e0,
static shared_null = 0x6ff9e0
},
m_sessionId = {
static null = {
static null = <same as static member of an already seen type>,
d = 0x6ff9e0,
static shared_null = 0x6ff9e0
},
d = 0x6ff9e0,
static shared_null = 0x6ff9e0
},
m_timer = 0x0,
m_type = {
static null = {
static null = <same as static member of an already seen type>,
d = 0x6ff9e0,
static shared_null = 0x6ff9e0
},
d = 0x6ff9e0,
static shared_null = 0x6ff9e0
---Type <return> to continue, or q <return> to quit---
},
m_pending = 255,
m_remaining = -1
}
(gdb) print t0
$7 = (const QByteArray &) @0x7ffff5144610: {
<> = {<No data fields>}, <No data fields>}
(gdb)
(gdb) up
#13 0x00007f85da3bce41 in MSNSocket::pollReadBlock (this=0x28fe850) at
msnsocket.cpp:497
497 emit blockRead( block);
(gdb) print *this
$8 = {
<> = {<No data fields>},
members of MSNSocket:
static metaObj = 0xbc8f80,
m_id = 385,
m_sendQueue = {
sh = 0x2611270
},
m_socket = 0x1edb7c0,
m_onlineStatus = MSNSocket::Connected,
m_server = {
static null = {
static null = <same as static member of an already seen type>,
d = 0x6ff9e0,
static shared_null = 0x6ff9e0
},
d = 0x28792f0,
static shared_null = 0x6ff9e0
},
m_port = 1863,
m_waitBlockSize = 0,
m_buffer = {
<QMemArray<char>> = {
<> = {<No data fields>}, <No data fields>}, <No data fields>},
m_useHttp = false,
m_bCanPoll = 255,
m_bIsFirstInTransaction = 255,
m_gateway = {
static null = {
static null = <same as static member of an already seen type>,
d = 0x6ff9e0,
static shared_null = 0x6ff9e0
},
d = 0x6ff9e0,
static shared_null = 0x6ff9e0
},
m_gwip = {
static null = {
static null = <same as static member of an already seen type>,
d = 0x6ff9e0,
static shared_null = 0x6ff9e0
},
d = 0x6ff9e0,
static shared_null = 0x6ff9e0
},
m_sessionId = {
static null = {
static null = <same as static member of an already seen type>,
d = 0x6ff9e0,
static shared_null = 0x6ff9e0
},
d = 0x6ff9e0,
static shared_null = 0x6ff9e0
},
m_timer = 0x0,
m_type = {
static null = {
static null = <same as static member of an already seen type>,
d = 0x6ff9e0,
static shared_null = 0x6ff9e0
},
d = 0x6ff9e0,
static shared_null = 0x6ff9e0
---Type <return> to continue, or q <return> to quit---
},
m_pending = 255,
m_remaining = -1
}
(gdb)
(gdb) up
#14 0x00007f85da3be458 in MSNSocket::readBlock (this=0x2, len=4111724912) at
msnsocket.cpp:477
477 pollReadBlock();
(gdb) print *this
Cannot access memory at address 0x2
(gdb) print len
$9 = 4111724912
(gdb)
--
Configure bugmail: https://bugs.kde.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the kopete-bugs
mailing list