Bug #465433 “dolphin crashed in [PolygonRegion, QRegion, QX11Pai... : Bugs : qt4-x11 package : Ubuntu

Revision history for this message

In KDE Bug Tracking System #208881, Ephemient (ephemient) wrote on 2009-09-29:

#5

Download full text (8.9 KiB)

Application that crashed: kopete
Version of the application: 0.70.90
KDE Version: 4.3.1 (KDE 4.3.1)
Qt Version: 4.5.2
Operating System: Linux 2.6.31-gentoo x86_64

What I was doing when the application crashed:
As the title describes, Kopete crashed when closing tab containing chat with MSN contact. There was no activity at the time, the other endpoint had closed their chat.

-- Backtrace:
Application: Kopete (kopete), signal: Aborted
[Current thread is 0 (LWP 375)]

Thread 5 (Thread 0x7f603933f910 (LWP 377)):
#0 __lll_lock_wait_private () at ../nptl/sysdeps/unix/sysv/linux/x86_64/lowlevellock.S:97
#1 0x00007f604e72e825 in _L_lock_9550 () from /lib/libc.so.6
#2 0x00007f604e72cda1 in __libc_free (mem=0x7f604ea0be60) at malloc.c:3714
#3 0x00007f604f965dcf in socketNotifierSourceCheck (source=<value optimized out>) at kernel/qeventdispatcher_glib.cpp:92
#4 0x00007f604a008e9b in IA__g_main_context_check (context=0x1c31d10, max_priority=2147483647, fds=<value optimized out>, n_fds=-1) at gmain.c:2333
#5 0x00007f604a009771 in g_main_context_iterate (context=0x1c31d10, block=1, dispatch=1, self=<value optimized out>) at gmain.c:2452
#6 0x00007f604a0099fe in IA__g_main_context_iteration (context=0x1c31d10, may_block=1) at gmain.c:2518
#7 0x00007f604f965aae in QEventDispatcherGlib::processEvents (this=0x1c31560, flags=<value optimized out>) at kernel/qeventdispatcher_glib.cpp:329
#8 0x00007f604f93efd2 in QEventLoop::processEvents (this=<value optimized out>, flags={i = 959704912}) at kernel/qeventloop.cpp:149
#9 0x00007f604f93f17c in QEventLoop::exec (this=0x7f603933ef90, flags={i = 959704992}) at kernel/qeventloop.cpp:197
#10 0x00007f604f86942c in QThread::exec (this=<value optimized out>) at thread/qthread.cpp:487
#11 0x00007f604f926a01 in QInotifyFileSystemWatcherEngine::run (this=0x1c33d50) at io/qfilesystemwatcher_inotify.cpp:214
#12 0x00007f604f86c024 in QThreadPrivate::start (arg=0x1c33d50) at thread/qthread_unix.cpp:188
#13 0x00007f604e24a427 in start_thread (arg=<value optimized out>) at pthread_create.c:297
#14 0x00007f604e7860fd in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:112
#15 0x0000000000000000 in ?? ()

Thread 4 (Thread 0x7f602cfde910 (LWP 379)):
#0 pthread_cond_wait@@GLIBC_2.3.2 () at ../nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_wait.S:261
#1 0x00007f604f86cd59 in QWaitCondition::wait (this=0x1cb9c00, mutex=0x1cb9bf8, time=18446744073709551615) at thread/qwaitcondition_unix.cpp:87
#2 0x00007f604cb75a84 in QHostInfoAgent::run (this=0x1cb9be0) at kernel/qhostinfo.cpp:260
#3 0x00007f604f86c024 in QThreadPrivate::start (arg=0x1cb9be0) at thread/qthread_unix.cpp:188
#4 0x00007f604e24a427 in start_thread (arg=<value optimized out>) at pthread_create.c:297
#5 0x00007f604e7860fd in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:112
#6 0x0000000000000000 in ?? ()

Thread 3 (Thread 0x7f602b3fb910 (LWP 381)):
#0 0x00007f604e77d369 in __poll (fds=0x1dde130, nfds=1, timeout=-1) at ../sysdeps/unix/sysv/linux/poll.c:87
#1 0x00007f604a009721 in g_main_context_iterate (context=0x1ddde40, block=1, dispatch=1, self=<value optimized out>) at gmain.c:2768
#2 0x00007f604a0099fe in IA__g_main_context_iteratio...

Application that crashed: kopete
Version of the application: 0.70.90
KDE Version: 4.3.1 (KDE 4.3.1)
Qt Version: 4.5.2
Operating System: Linux 2.6.31-gentoo x86_64

What I was doing when the application crashed:
As the title describes, Kopete crashed when closing tab containing chat with MSN contact.  There was no activity at the time, the other endpoint had closed their chat.

-- Backtrace:
Application: Kopete (kopete), signal: Aborted
[Current thread is 0 (LWP 375)]

Thread 5 (Thread 0x7f603933f910 (LWP 377)):
#0  __lll_lock_wait_private () at ../nptl/sysdeps/unix/sysv/linux/x86_64/lowlevellock.S:97
#1  0x00007f604e72e825 in _L_lock_9550 () from /lib/libc.so.6
#2  0x00007f604e72cda1 in __libc_free (mem=0x7f604ea0be60) at malloc.c:3714
#3  0x00007f604f965dcf in socketNotifierSourceCheck (source=<value optimized out>) at kernel/qeventdispatcher_glib.cpp:92
#4  0x00007f604a008e9b in IA__g_main_context_check (context=0x1c31d10, max_priority=2147483647, fds=<value optimized out>, n_fds=-1) at gmain.c:2333
#5  0x00007f604a009771 in g_main_context_iterate (context=0x1c31d10, block=1, dispatch=1, self=<value optimized out>) at gmain.c:2452
#6  0x00007f604a0099fe in IA__g_main_context_iteration (context=0x1c31d10, may_block=1) at gmain.c:2518
#7  0x00007f604f965aae in QEventDispatcherGlib::processEvents (this=0x1c31560, flags=<value optimized out>) at kernel/qeventdispatcher_glib.cpp:329
#8  0x00007f604f93efd2 in QEventLoop::processEvents (this=<value optimized out>, flags={i = 959704912}) at kernel/qeventloop.cpp:149
#9  0x00007f604f93f17c in QEventLoop::exec (this=0x7f603933ef90, flags={i = 959704992}) at kernel/qeventloop.cpp:197
#10 0x00007f604f86942c in QThread::exec (this=<value optimized out>) at thread/qthread.cpp:487
#11 0x00007f604f926a01 in QInotifyFileSystemWatcherEngine::run (this=0x1c33d50) at io/qfilesystemwatcher_inotify.cpp:214
#12 0x00007f604f86c024 in QThreadPrivate::start (arg=0x1c33d50) at thread/qthread_unix.cpp:188
#13 0x00007f604e24a427 in start_thread (arg=<value optimized out>) at pthread_create.c:297
#14 0x00007f604e7860fd in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:112
#15 0x0000000000000000 in ?? ()

Thread 4 (Thread 0x7f602cfde910 (LWP 379)):
#0  pthread_cond_wait@@GLIBC_2.3.2 () at ../nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_wait.S:261
#1  0x00007f604f86cd59 in QWaitCondition::wait (this=0x1cb9c00, mutex=0x1cb9bf8, time=18446744073709551615) at thread/qwaitcondition_unix.cpp:87
#2  0x00007f604cb75a84 in QHostInfoAgent::run (this=0x1cb9be0) at kernel/qhostinfo.cpp:260
#3  0x00007f604f86c024 in QThreadPrivate::start (arg=0x1cb9be0) at thread/qthread_unix.cpp:188
#4  0x00007f604e24a427 in start_thread (arg=<value optimized out>) at pthread_create.c:297
#5  0x00007f604e7860fd in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:112
#6  0x0000000000000000 in ?? ()

Thread 3 (Thread 0x7f602b3fb910 (LWP 381)):
#0  0x00007f604e77d369 in __poll (fds=0x1dde130, nfds=1, timeout=-1) at ../sysdeps/unix/sysv/linux/poll.c:87
#1  0x00007f604a009721 in g_main_context_iterate (context=0x1ddde40, block=1, dispatch=1, self=<value optimized out>) at gmain.c:2768
#2  0x00007f604a0099fe in IA__g_main_context_iteration (context=0x1ddde40, may_block=1) at gmain.c:2518
#3  0x00007f604f965aae in QEventDispatcherGlib::processEvents (this=0x1e66d70, flags=<value optimized out>) at kernel/qeventdispatcher_glib.cpp:329
#4  0x00007f604f93efd2 in QEventLoop::processEvents (this=<value optimized out>, flags={i = 725593680}) at kernel/qeventloop.cpp:149
#5  0x00007f604f93f17c in QEventLoop::exec (this=0x1d1e640, flags={i = 725594080}) at kernel/qeventloop.cpp:197
#6  0x00007f603a2db12b in QCA::SyncThread::run (this=0x1e667a0) at support/syncthread.cpp:195
#7  0x00007f604f86c024 in QThreadPrivate::start (arg=0x1e667a0) at thread/qthread_unix.cpp:188
#8  0x00007f604e24a427 in start_thread (arg=<value optimized out>) at pthread_create.c:297
#9  0x00007f604e7860fd in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:112
#10 0x0000000000000000 in ?? ()

Thread 2 (Thread 0x7f602abfa910 (LWP 382)):
#0  0x00007f604e77d369 in __poll (fds=0x7f6030006b80, nfds=1, timeout=1634) at ../sysdeps/unix/sysv/linux/poll.c:87
#1  0x00007f604a009721 in g_main_context_iterate (context=0x1f18210, block=1, dispatch=1, self=<value optimized out>) at gmain.c:2768
#2  0x00007f604a0099fe in IA__g_main_context_iteration (context=0x1f18210, may_block=1) at gmain.c:2518
#3  0x00007f604f965aae in QEventDispatcherGlib::processEvents (this=0x1f18140, flags=<value optimized out>) at kernel/qeventdispatcher_glib.cpp:329
#4  0x00007f604f93efd2 in QEventLoop::processEvents (this=<value optimized out>, flags={i = 717201296}) at kernel/qeventloop.cpp:149
#5  0x00007f604f93f17c in QEventLoop::exec (this=0x1f11140, flags={i = 717201376}) at kernel/qeventloop.cpp:197
#6  0x00007f603a72e623 in XMPP::SyncThread::run (this=0x1f17ba0) at /var/tmp/paludis/kde-base-kopete-4.3.1/work/kopete-4.3.1/kopete/protocols/jabber/libiris/iris/irisnet/corelib/netinterface.cpp:151
#7  0x00007f604f86c024 in QThreadPrivate::start (arg=0x1f17ba0) at thread/qthread_unix.cpp:188
#8  0x00007f604e24a427 in start_thread (arg=<value optimized out>) at pthread_create.c:297
#9  0x00007f604e7860fd in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:112
#10 0x0000000000000000 in ?? ()

Thread 1 (Thread 0x7f6052039740 (LWP 375)):
[KCrash Handler]
#5  0x00007f604e6e6976 in raise (sig=<value optimized out>) at ../nptl/sysdeps/unix/sysv/linux/raise.c:64
#6  0x00007f604e6e7dba in abort () at abort.c:88
#7  0x00007f604e722ae8 in __libc_message (do_abort=2, fmt=0x7f604e7d7140 "*** glibc detected *** %s: %s: 0x%s ***\n") at ../sysdeps/unix/sysv/linux/libc_fatal.c:170
#8  0x00007f604e728347 in malloc_printerr (action=2, str=0x7f604e7d4344 "corrupted double-linked list", ptr=<value optimized out>) at malloc.c:6196
#9  0x00007f604e728680 in malloc_consolidate (av=0x7f604ea0be60) at malloc.c:5082
#10 0x00007f604e72af27 in _int_malloc (av=0x7f604ea0be60, bytes=1728) at malloc.c:4338
#11 0x00007f604e72ce7c in __libc_malloc (bytes=1728) at malloc.c:3638
#12 0x00007f604f00c356 in PolygonRegion (Pts=0x24ca480, Count=27, rule=0) at painting/qregion.cpp:3605
#13 0x00007f604f00d5d8 in QRegion (this=0x7fffbe15b390, a=@0x7fffbe15b3a0, fillRule=Qt::OddEvenFill) at painting/qregion.cpp:3858
#14 0x00007f604f067b6c in QX11PaintEngine::updateState (this=0x25e2980, state=@0x2fc3148) at painting/qpaintengine_x11.cpp:1087
#15 0x00007f604efc4831 in QPainterPrivate::updateStateImpl (this=0x3014d90, newState=0x2fc3140) at painting/qpainter.cpp:908
#16 0x00007f604efc4920 in QPainterPrivate::updateState (this=0x3014d90, newState=0x2fc3140) at painting/qpainter.cpp:936
#17 0x00007f604efc6e5b in QPainter::setClipRegion (this=<value optimized out>, r=<value optimized out>, op=Qt::ReplaceClip) at painting/qpainter.cpp:2692
#18 0x00007f604ef14971 in QWidgetPrivate::paintBackground (this=<value optimized out>, painter=0x7fffbe15bb60, rgn=@0x7fffbe15bba0, offset=@0x7fffbe15bb90, flags=-1105872656)
    at kernel/qwidget.cpp:2070
#19 0x00007f604ef155a9 in QWidgetPrivate::drawWidget (this=0x24bbb80, pdev=0x24b78e8, rgn=@0x7fffbe15bec0, offset=@0x24b7864, flags=<value optimized out>, sharedPainter=0x0, backingStore=0x24b7820)
    at kernel/qwidget.cpp:5057
#20 0x00007f604f0731b0 in QWidgetBackingStore::sync (this=0x24b7820) at painting/qbackingstore.cpp:1269
#21 0x00007f604f07344a in QWidgetBackingStore::sync (this=0x24b7820, exposedWidget=0x2320f00, exposedRegion=@0x7fffbe15c140) at painting/qbackingstore.cpp:1074
#22 0x00007f604ef1cae2 in QETWidget::translatePaintEvent (this=0x2320f00, event=<value optimized out>) at kernel/qapplication_x11.cpp:5104
#23 0x00007f604ef2715b in QApplication::x11ProcessEvent (this=0x7fffbe15ddd0, event=0x7fffbe15da10) at kernel/qapplication_x11.cpp:3445
#24 0x00007f604ef4b624 in x11EventSourceDispatch (s=0x14eded0, callback=0, user_data=0x0) at kernel/qguieventdispatcher_glib.cpp:146
#25 0x00007f604a0063a9 in IA__g_main_context_dispatch (context=0x14ecdf0) at gmain.c:1824
#26 0x00007f604a009848 in g_main_context_iterate (context=0x14ecdf0, block=1, dispatch=1, self=<value optimized out>) at gmain.c:2455
#27 0x00007f604a0099fe in IA__g_main_context_iteration (context=0x14ecdf0, may_block=1) at gmain.c:2518
#28 0x00007f604f965a8f in QEventDispatcherGlib::processEvents (this=0x14d34e0, flags=<value optimized out>) at kernel/qeventdispatcher_glib.cpp:327
#29 0x00007f604ef4aec8 in QGuiEventDispatcherGlib::processEvents (this=0x177, flags=<value optimized out>) at kernel/qguieventdispatcher_glib.cpp:202
#30 0x00007f604f93efd2 in QEventLoop::processEvents (this=<value optimized out>, flags={i = -1105863424}) at kernel/qeventloop.cpp:149
#31 0x00007f604f93f17c in QEventLoop::exec (this=0x7fffbe15dd40, flags={i = -1105863344}) at kernel/qeventloop.cpp:197
#32 0x00007f604f9411fc in QCoreApplication::exec () at kernel/qcoreapplication.cpp:888
#33 0x0000000000415818 in main (argc=1, argv=0x7fffbe15ec08) at /var/tmp/paludis/kde-base-kopete-4.3.1/work/kopete-4.3.1/kopete/kopete/main.cpp:104

Reported using DrKonqi

Revision history for this message

In KDE Bug Tracking System #208881, Dario Andres (andresbajotierra) wrote on 2009-09-30:

#6

The backtrace looks like a Qt/Painting crash. However libmsn beta8 is causing really weird crashes all over the place; this could be related to it.
- Does Kopete crash again if you repeat the situation you described ? if it does, can you check that downgrading to libmsn beta6 fixes the crash ?
Thanks

Revision history for this message

Gerald Senarclens de Grancy (trainer) wrote on 2009-10-30:

#1

Dependencies.txt Edit (6.2 KiB, text/plain; charset="utf-8")
Disassembly.txt Edit (385 bytes, text/plain; charset="utf-8")
ProcMaps.txt Edit (28.3 KiB, text/plain; charset="utf-8")
ProcStatus.txt Edit (755 bytes, text/plain; charset="utf-8")
Registers.txt Edit (449 bytes, text/plain; charset="utf-8")
Stacktrace.txt Edit (16.6 KiB, text/plain; charset="utf-8")
ThreadStacktrace.txt Edit (16.7 KiB, text/plain; charset="utf-8")

Revision history for this message

In KDE Bug Tracking System #208881, Dario Andres (andresbajotierra) wrote on 2009-11-01:

#7

Waiting for feedback. Marking as NEEDSINFO.

Revision history for this message

Apport retracing service (apport) wrote on 2009-11-13: Stacktrace.txt (retraced)

#2

Stacktrace.txt (retraced) Edit (16.4 KiB, text/plain)

StacktraceTop:__kernel_vsyscall ()
*__GI_raise (sig=6)
*__GI_abort () at abort.c:92
__libc_message (do_abort=2,
malloc_printerr (action=<value optimized out>,

Revision history for this message

Apport retracing service (apport) wrote on 2009-11-13: ThreadStacktrace.txt (retraced)

#3

ThreadStacktrace.txt (retraced) Edit (16.4 KiB, text/plain)

Changed in kdebase (Ubuntu):
importance:	Undecided → Medium
tags:	removed: need-i386-retrace

Jonathan Thomas (echidnaman) on 2009-11-14

visibility:

private → public

Revision history for this message

Jonathan Thomas (echidnaman) wrote on 2009-11-14: Re: dolphin assert failure: *** glibc detected *** dolphin: corrupted double-linked list: 0x09c774f0 ***

#4

Appears to be a bug in Qt.

affects:	kdebase (Ubuntu) → qt4-x11 (Ubuntu)
Changed in qt4-x11 (Ubuntu):
importance:	Medium → Low
status:	New → Triaged
summary:	- dolphin assert failure: * glibc detected * dolphin: corrupted - double-linked list: 0x09c774f0 *** + dolphin crashed in [PolygonRegion, QRegion, + QX11PaintEngine::updateState] (assert failure)

Revision history for this message

In KDE Bug Tracking System #208881, Jonathan Thomas (echidnaman-f) wrote on 2009-11-14:

#8

Download full text (16.5 KiB)

This indeed seems to be a Qt painting bug. We received a report about Dolphin crashing in the same painting code at Launchpad: https://launchpad.net/bugs/465433

#0 0x00707422 in __kernel_vsyscall ()
No symbol table info available.
#1 0x0914f4d1 in *__GI_raise (sig=6)
    at ../nptl/sysdeps/unix/sysv/linux/raise.c:64
resultvar = <value optimized out>
pid = 153505780
selftid = 2375
#2 0x09152932 in *__GI_abort () at abort.c:92
act = {__sigaction_handler = {sa_handler = 0x107,
    sa_sigaction = 0x107}, sa_mask = {__val = {3214100124, 153254968,
      5026404, 0, 134619144, 134546192, 0, 48666, 3214100272, 134525168,
      134522696, 263, 5027440, 153000561, 263, 134619144, 3214100200,
      153505780, 37, 3214101656, 3214100316, 153118100, 2, 3214100200, 4, 0,
      3, 3214100308, 2, 153379555, 153379551, 153375127}},
  sa_flags = 153375101, sa_restorer = 0x924762b}
sigs = {__val = {32, 0 <repeats 31 times>}}
#3 0x09185ee5 in __libc_message (do_abort=2,
    fmt=0x9249438 "*** glibc detected *** %s: %s: 0x%s ***\n")
    at ../sysdeps/unix/sysv/linux/libc_fatal.c:189
ap = <value optimized out>
fd = -1080866668
on_2 = <value optimized out>
list = <value optimized out>
nlist = <value optimized out>
cp = <value optimized out>
written = false
#4 0x0918fff1 in malloc_printerr (action=<value optimized out>,
    str=0x6 <Address 0x6 out of bounds>, ptr=0x9c774f0) at malloc.c:6217
buf = "09c774f0"
cp = <value optimized out>
#5 0x0919021e in malloc_consolidate (av=<value optimized out>)
    at malloc.c:5095
fb = (mfastbinptr *) 0x92663ac
maxfb = (mfastbinptr *) 0x92663cc
p = (mchunkptr) 0x9c774f0
nextp = (mchunkptr) 0x9fdd7b0
unsorted_bin = (mchunkptr) 0x92663d0
first_unsorted = <value optimized out>
nextchunk = (mchunkptr) 0x9c77518
size = <value optimized out>
nextsize = <value optimized out>
prevsize = <value optimized out>
bck = <value optimized out>
fwd = <value optimized out>
__PRETTY_FUNCTION__ = "malloc_consolidate"
#6 0x091924b2 in _int_malloc (av=<value optimized out>,
    bytes=<value optimized out>) at malloc.c:4338
nb = 664
idx = 3214111652
bin = <value optimized out>
victim = <value optimized out>
size = <value optimized out>
victim_index = <value optimized out>
remainder = <value optimized out>
remainder_size = <value optimized out>
block = <value optimized out>
bit = <value optimized out>
map = <value optimized out>
fwd = <value optimized out>
bck = <value optimized out>
__PRETTY_FUNCTION__ = "_int_malloc"
#7 0x09194868 in *__GI___libc_malloc (bytes=660) at malloc.c:3638
ar_ptr = (mstate) 0x92663a0
victim = <value optimized out>
__PRETTY_FUNCTION__ = "__libc_malloc"
#8 0x0248ad5b in PolygonRegion (Pts=<value optimized out>,
    Count=<value optimized out>, rule=0) at painting/qregion.cpp:3605
region = (QRegionPrivate *) 0x9fb1fa0
pAET = <value optimized out>
y = 167652544
pETEs = <value optimized out>
pPrevAET = <value optimized out>
fixWAET = 165053616
FirstPtBlock = {data = {0, 0, 167641848, 137280097, 167642260,
    167117772, -1080864786, 4311995, -1080864804, -1080864808, 4315800,
    -1080864792, -1080864832, -1080864800, 167117728, 222, 167641856, 0,
    16764...

This indeed seems to be a Qt painting bug. We received a report about Dolphin crashing in the same painting code at Launchpad: https://launchpad.net/bugs/465433

#0  0x00707422 in __kernel_vsyscall ()
No symbol table info available.
#1  0x0914f4d1 in *__GI_raise (sig=6)
    at ../nptl/sysdeps/unix/sysv/linux/raise.c:64
	resultvar = <value optimized out>
	pid = 153505780
	selftid = 2375
#2  0x09152932 in *__GI_abort () at abort.c:92
	act = {__sigaction_handler = {sa_handler = 0x107, 
    sa_sigaction = 0x107}, sa_mask = {__val = {3214100124, 153254968, 
      5026404, 0, 134619144, 134546192, 0, 48666, 3214100272, 134525168, 
      134522696, 263, 5027440, 153000561, 263, 134619144, 3214100200, 
      153505780, 37, 3214101656, 3214100316, 153118100, 2, 3214100200, 4, 0, 
      3, 3214100308, 2, 153379555, 153379551, 153375127}}, 
  sa_flags = 153375101, sa_restorer = 0x924762b}
	sigs = {__val = {32, 0 <repeats 31 times>}}
#3  0x09185ee5 in __libc_message (do_abort=2, 
    fmt=0x9249438 "*** glibc detected *** %s: %s: 0x%s ***\n")
    at ../sysdeps/unix/sysv/linux/libc_fatal.c:189
	ap = <value optimized out>
	fd = -1080866668
	on_2 = <value optimized out>
	list = <value optimized out>
	nlist = <value optimized out>
	cp = <value optimized out>
	written = false
#4  0x0918fff1 in malloc_printerr (action=<value optimized out>, 
    str=0x6 <Address 0x6 out of bounds>, ptr=0x9c774f0) at malloc.c:6217
	buf = "09c774f0"
	cp = <value optimized out>
#5  0x0919021e in malloc_consolidate (av=<value optimized out>)
    at malloc.c:5095
	fb = (mfastbinptr *) 0x92663ac
	maxfb = (mfastbinptr *) 0x92663cc
	p = (mchunkptr) 0x9c774f0
	nextp = (mchunkptr) 0x9fdd7b0
	unsorted_bin = (mchunkptr) 0x92663d0
	first_unsorted = <value optimized out>
	nextchunk = (mchunkptr) 0x9c77518
	size = <value optimized out>
	nextsize = <value optimized out>
	prevsize = <value optimized out>
	bck = <value optimized out>
	fwd = <value optimized out>
	__PRETTY_FUNCTION__ = "malloc_consolidate"
#6  0x091924b2 in _int_malloc (av=<value optimized out>, 
    bytes=<value optimized out>) at malloc.c:4338
	nb = 664
	idx = 3214111652
	bin = <value optimized out>
	victim = <value optimized out>
	size = <value optimized out>
	victim_index = <value optimized out>
	remainder = <value optimized out>
	remainder_size = <value optimized out>
	block = <value optimized out>
	bit = <value optimized out>
	map = <value optimized out>
	fwd = <value optimized out>
	bck = <value optimized out>
	__PRETTY_FUNCTION__ = "_int_malloc"
#7  0x09194868 in *__GI___libc_malloc (bytes=660) at malloc.c:3638
	ar_ptr = (mstate) 0x92663a0
	victim = <value optimized out>
	__PRETTY_FUNCTION__ = "__libc_malloc"
#8  0x0248ad5b in PolygonRegion (Pts=<value optimized out>, 
    Count=<value optimized out>, rule=0) at painting/qregion.cpp:3605
	region = (QRegionPrivate *) 0x9fb1fa0
	pAET = <value optimized out>
	y = 167652544
	pETEs = <value optimized out>
	pPrevAET = <value optimized out>
	fixWAET = 165053616
	FirstPtBlock = {data = {0, 0, 167641848, 137280097, 167642260, 
    167117772, -1080864786, 4311995, -1080864804, -1080864808, 4315800, 
    -1080864792, -1080864832, -1080864800, 167117728, 222, 167641856, 0, 
    167642264, 167642264, 167475664, 163174936, -1080864760, 96, 17407988, 2, 
    152642430, 45654004, 209, 24, 806, 722, 166856368, 16, 166852200, 0, 
    28671255, 167642256, 28676377, 165100680, 165026744, 12, 0, 153505780, 
    160115344, 153086304, -1080864760, 153086358, 160115348, 51634164, 
    -1080864696, 51129667, 160115348, 152651880, -1080864664, 139276276, 0, 
    159989360, -1080864664, 6905844, 12, 159989360, -1080864664, 139276276, 
    159989320, 159989360, -1080864664, 138460509, 160115344, -1080864600, 0, 
    139276276, 139276276, 139276276, -1080864552, 138286194, 159988272, 0, 
    -1080864580, -1080864600, 16, 159989320, 153510816, 0, 0, 153505780, 
    163641684, 159989360, 159989320, 353, 159989344, 163641688, 1, 3707808, 
    159989372, 6905844, 12, 167436912, -1080864520, 139276276, 167591152, 
    167436912, -1080864520, 138286652, 167475664, 167591152, 0, 139276276, 
    167475664, 139276276, -1080864472, 138349236, 167475664, 167591152, 3, 
    -1080864488, 167475664, 167220528, 0, -1080864460, 17407988, 167475664, 
    -1080864440, 15926397, 167475664, 167475664, -1080864312, 3735540, 
    3735540, 167475664, -1080864280, 1939040, 167475664, 3735540, 
    -1080864360, 1867551, 152642430, 167442424, -1080864360, 152637974, 
    167475664, 3707808, 0, 167629340, -1080864136, 0, -1080864348, 3735540, 
    167442424, 152637974, -1080864136, 33, -1080864184, 167629320, 40, 
    17407988, 25, 167475664, 153510816, 17407988, 0, 167475664, -1080864248, 
    15921562, 167475664, 0, 41, 1032, 153510816, 153505780, 153510816, 
    163608004, -1080864248, 152651677, 152642738, 3735540, 139276276, 
    163608004, -1080864216, 137279117, 163607984, 152637974, 43, 138202671, 
    137279097, 139276276, -1080864168, 137332094, 163607984, 139276276, 
    -1080864136, 138364478, 167449440, 153505780, -1080864104, 139276276, 
    167449416, 167449416, 161, 16...}, pts = 0xbf934f40, next = 0x9c73f38}
	curPtBlock = <value optimized out>
	iPts = <value optimized out>
	pWETE = <value optimized out>
	pts = <value optimized out>
	SLLBlock = {SLLs = {{scanline = 160154304, edgelist = 0x9b9db4c, 
      next = 0x98cbff0}, {scanline = 83820532, edgelist = 0xbf936868, 
      next = 0x2b89ff4}, {scanline = 8, edgelist = 0x9c80f08, 
      next = 0xbf9368a8}, {scanline = 37360376, edgelist = 0x9c73f38, 
      next = 0x8}, {scanline = 1, edgelist = 0x1, next = 0xc0043c0}, {
      scanline = 164105968, edgelist = 0xbf9368d8, next = 0x24a0b58}, {
      scanline = -1080858240, edgelist = 0x0, next = 0x3ff00000}, {
      scanline = 0, edgelist = 0x0, next = 0x0}, {scanline = 0, 
      edgelist = 0x0, next = 0x3ff00000}, {scanline = 0, 
      edgelist = 0x406a2000, next = 0x0}, {scanline = 1079296000, 
      edgelist = 0x9c37cb8, next = 0x98bc2c0}, {scanline = 45654004, 
      edgelist = 0x2b89ff4, next = 0x9d57d40}, {scanline = -1080857976, 
      edgelist = 0x243a74b, next = 0x9fed5f0}, {scanline = -1080858240, 
      edgelist = 0x3ff00000, next = 0x0}, {scanline = 0, edgelist = 0x0, 
      next = 0x0}, {scanline = 0, edgelist = 0x3ff00000, next = 0x0}, {
      scanline = 1080696832, edgelist = 0x0, next = 0x4054c000}, {
      scanline = 160154304, edgelist = 0xbf936928, next = 0x2b89ff4}, {
      scanline = 8, edgelist = 0x9c74c68, next = 0xbf936a20}, {
      scanline = 37360376, edgelist = 0x9c04818, next = 0x8}, {
      scanline = -1080858280, edgelist = 0x23dfc3b, next = 0x9ca8318}, {
      scanline = 164056040, edgelist = 0x98bc2c0, next = 0x9c74d5c}, {
      scanline = 45654004, edgelist = 0x23ef5a6, next = 0xbf936968}, {
      scanline = 45654004, edgelist = 0x8, next = 0x9c76298}, {
      scanline = -1080858200, edgelist = 0x23a12f8, next = 0x9c74be8}}, 
  next = 0x8}
	tmpPtBlock = <value optimized out>
	numFullPtBlocks = <value optimized out>
	pSLL = (ScanLineList *) 0xbf935008
	ET = {ymax = 1080696832, ymin = 0, scanlines = {
    scanline = -1080858192, edgelist = 0x0, next = 0x0}}
	AET = {ymax = 8, bres = {minor_axis = 11136054, d = 160293232, 
    m = -1080858192, m1 = 8, incr1 = 0, incr2 = 0}, next = 0x0, back = 0x0, 
  nextWETE = 0x98de164, ClockWise = 0}
#9  0x0248c2fb in QRegion (this=0xbf9373a0, a=@0xbf9373a4, 
    fillRule=Qt::OddEvenFill) at painting/qregion.cpp:3858
No locals.
#10 0x024edc88 in QX11PaintEngine::updateState (this=0x9dab588, 
    state=@0x9fed55c) at painting/qpaintengine_x11.cpp:1087
	clip_poly_dev = {<QVector<QPointF>> = {{p = 0x9fd4a58, 
      d = 0x9fd4a58}}, <No data fields>}
	clipped_poly_dev = {<QVector<QPointF>> = {{p = 0x9fd4898, 
      d = 0x9fd4898}}, <No data fields>}
	d = (QX11PaintEnginePrivate * const) 0x9cf6bb8
#11 0x02439ee4 in QPainterPrivate::updateStateImpl (this=0x9d57d40, 
    newState=0x9fed558) at painting/qpainter.cpp:908
No locals.
#12 0x02439fac in QPainterPrivate::updateState (this=0x9d57d40, 
    newState=0x9fed558) at painting/qpainter.cpp:936
No locals.
#13 0x02441029 in QPainter::setClipRegion (this=0xbf937920, r=@0xbf9377b4, 
    op=Qt::ReplaceClip) at painting/qpainter.cpp:2692
	d = (QPainterPrivate * const) 0x9d57d40
#14 0x0236e25e in QWidgetPrivate::paintBackground (this=0x9b9da58, 
    painter=0xbf937920, rgn=@0xbf93792c, offset=@0xbf937914, 
    flags=<value optimized out>) at kernel/qwidget.cpp:2070
	opt = {version = 160504232, type = 0, state = {i = 166860816}, 
  direction = 164266776, rect = {x1 = 6, y1 = 38724347, x2 = 45654004, 
    y2 = 162222820}, fontMetrics = {d = 0x9d57d40}, palette = {
    static staticMetaObject = {d = {superdata = 0x0, 
        stringdata = 0x29f9e20 "QPalette", data = 0x29f9f60, 
        extradata = 0x0}}, d = 0xbf9377a8, current_group = 7, 
    resolve_mask = 2375368}}
	q = (const QWidget * const) 0x9c73f38
	autoFillBrush = {d = 0x9922710}
#15 0x0236f036 in QWidgetPrivate::drawWidget (this=0x9b9da58, pdev=0x9ab52e4, 
    rgn=@0xbf937a90, offset=@0x9b9de0c, flags=<value optimized out>, 
    sharedPainter=0x0, backingStore=0x9b9dde8) at kernel/qwidget.cpp:5057
	p = {static staticMetaObject = {d = {superdata = 0x0, 
      stringdata = 0x29fac80 "QPainter", data = 0x29fad20, extradata = 0x0}}, 
  d_ptr = 0x9d57d40}
	scrollAreaOffset = {xp = 0, yp = 0}
	scrollArea = (class QAbstractScrollArea *) 0x0
	paintEngine = (class QPaintEngine *) 0x9dab588
	e = {<QEvent> = {_vptr.QEvent = 0x84d1748, d = 0x0, t = 12, 
    posted = 0, spont = 1, m_accept = 1, reserved = 87}, m_rect = {x1 = 0, 
    y1 = 0, x2 = 605, y2 = 392}, m_region = {d = 0x9fe4158, 
    static shared_empty = {ref = {_q_value = 1604}, rgn = 0x0, 
      xrectangles = 0x0, qt_rgn = 0x0}}, m_erased = 22}
	onScreen = false
	asRoot = true
	toBePainted = {d = 0x9e89e98, static shared_empty = {ref = {
      _q_value = 1604}, rgn = 0x0, xrectangles = 0x0, qt_rgn = 0x0}}
#16 0x024fd2f8 in QWidgetBackingStore::sync (this=0x9b9dde8)
    at painting/qbackingstore.cpp:1269
	tlwRect = {x1 = 4, y1 = 29, x2 = 821, y2 = 531}
	surfaceGeometry = {x1 = 4, y1 = 29, x2 = 821, y2 = 531}
	repaintAllWidgets = false
	dirtyCopy = {d = 0x9f860a8, static shared_empty = {ref = {
      _q_value = 1604}, rgn = 0x0, xrectangles = 0x0, qt_rgn = 0x0}}
	tlwExtra = <value optimized out>
	updatesDisabled = true
	toClean = {d = 0x9fa3ca8, static shared_empty = {ref = {
      _q_value = 1604}, rgn = 0x0, xrectangles = 0x0, qt_rgn = 0x0}}
	opaqueNonOverlappedWidgets = {a = 32, s = 1, ptr = 0xbf937ac4, {
    array = "ØaÇ\tèz\223¿)e>\b8?Ç\t\235G\031\tõ\001?\bô\237¸\002\000\000\000\000\021Ø\232\002\030{\223¿b\2345\0028?Ç\t\237\213A\005à×ý\t\003\000\000\000 c&\tôO&\t c&\tô\237¸\002¡\213A\005Âì\237\002H{\223¿\177'\232\0028?Ç\t\237\213A\005H{\223¿ñFf\000¸\024ò\tL\211Ö\t\031\000\000\000ô/©\000 \213A\005a<§\000x{\223¿", 
    q_for_alignment_1 = -4642231653873786408, 
    q_for_alignment_2 = -0.019023538205006435}}
	beginPaintInfo = {wasFlushed = 0, nothingToPaint = 0, 
  windowSurfaceRecreated = 0}
#17 0x02360116 in QWidgetPrivate::syncBackingStore (this=0x9b9da58)
    at kernel/qwidget.cpp:1603
	bs = (QWidgetBackingStore *) 0x0
#18 0x02367215 in QWidget::event (this=0x9c73f38, event=0x9fdd7e0)
    at kernel/qwidget.cpp:7827
No locals.
#19 0x02734297 in QMainWindow::event (this=0x9c73f38, event=0x9fdd7e0)
    at widgets/qmainwindow.cpp:1399
	d = (QMainWindowPrivate * const) 0x9b9da58
#20 0x009c0dc4 in KMainWindow::event (this=0x9c73f38, ev=0x9fdd7e0)
    at ../../kdeui/widgets/kmainwindow.cpp:1094
	d = (KMainWindowPrivate * const) 0x6
#21 0x00a0730f in KXmlGuiWindow::event (this=0x9c73f38, ev=0x9fdd7e0)
    at ../../kdeui/xmlgui/kxmlguiwindow.cpp:131
	ret = <value optimized out>
#22 0x02311f54 in QApplicationPrivate::notify_helper (this=0x98b7c38, 
    receiver=0x9c73f38, e=0x9fdd7e0) at kernel/qapplication.cpp:4056
	consumed = <value optimized out>
#23 0x023195ca in QApplication::notify (this=0xbf93847c, receiver=0x9c73f38, 
    e=0x9fdd7e0) at kernel/qapplication.cpp:4021
	res = <value optimized out>
#24 0x008dabfa in KApplication::notify (this=0xbf93847c, receiver=0x9c73f38, 
    event=0x9fdd7e0) at ../../kdeui/kernel/kapplication.cpp:302
No locals.
#25 0x083e16cb in QCoreApplication::notifyInternal (this=0xbf93847c, 
    receiver=0x9c73f38, event=0x9fdd7e0) at kernel/qcoreapplication.cpp:610
	result = false
	cbdata = {0x9c73f38, 0x9fdd7e0, 0xbf93808f}
	threadData = (QThreadData *) 0x9893e48
	returnValue = <value optimized out>
#26 0x083e22b2 in QCoreApplicationPrivate::sendPostedEvents (receiver=0x0, 
    event_type=0, data=0x9893e48)
    at ../../include/QtCore/../../src/corelib/kernel/qcoreapplication.h:213
	pe = (const QPostEvent &) @0x9f3f528: {receiver = 0x9c73f38, 
  event = 0x0, priority = -1}
	e = (class QEvent *) 0x9fdd7e0
	r = (class QObject *) 0x9c73f38
	locker = {{mtx = 0x9893e70, val = 159989360}}
	startOffset = 0
	i = (int &) @0x9893e68: 2
#27 0x083e247d in QCoreApplication::sendPostedEvents (receiver=0x0, 
    event_type=0) at kernel/qcoreapplication.cpp:1140
	data = <value optimized out>
#28 0x0840c3ff in postEventSourceDispatch (s=0x98b2b10)
    at ../../include/QtCore/../../src/corelib/kernel/qcoreapplication.h:218
No locals.
#29 0x030c1e78 in g_main_context_dispatch () from /lib/libglib-2.0.so.0
No symbol table info available.
#30 0x030c5720 in ?? () from /lib/libglib-2.0.so.0
No symbol table info available.
#31 0x030c5853 in g_main_context_iteration () from /lib/libglib-2.0.so.0
No symbol table info available.
#32 0x0840c02c in QEventDispatcherGlib::processEvents (this=0x9893a30, flags=
      {i = 36}) at kernel/qeventdispatcher_glib.cpp:327
	d = (QEventDispatcherGlibPrivate * const) 0x98b2a90
	canWait = true
	result = <value optimized out>
#33 0x023b2be5 in QGuiEventDispatcherGlib::processEvents (this=0x9893a30, 
    flags={i = 36}) at kernel/qguieventdispatcher_glib.cpp:202
	d = (QGuiEventDispatcherGlibPrivate * const) 0x98b17d8
	returnValue = false
#34 0x083dfc79 in QEventLoop::processEvents (this=0xbf9383d4, flags=DWARF-2 expression error: DW_OP_reg operations must be used either alone or in conjuction with DW_OP_piece.
)
    at kernel/qeventloop.cpp:149
	d = (QEventLoopPrivate * const) 0x9b7ed78
#35 0x083e00ca in QEventLoop::exec (this=0xbf9383d4, flags={i = 0})
    at kernel/qeventloop.cpp:201
	d = (QEventLoopPrivate * const) 0x9b7ed78
	app = <value optimized out>
#36 0x083e253f in QCoreApplication::exec () at kernel/qcoreapplication.cpp:888
	threadData = (QThreadData *) 0x9893e48
	eventLoop = {<QObject> = {_vptr.QObject = 0x84d27a8, 
    static staticMetaObject = {d = {superdata = 0x0, 
        stringdata = 0x847aba0 "QObject", data = 0x847ac40, 
        extradata = 0x84ce1b8}}, d_ptr = 0x9b7ed78, 
    static staticQtMetaObject = {d = {superdata = 0x0, 
        stringdata = 0x8484380 "Qt", data = 0x8487700, extradata = 0x0}}}, 
  static staticMetaObject = {d = {superdata = 0x80b7540, 
      stringdata = 0x848c7a0 "QEventLoop", data = 0x848c7c0, 
      extradata = 0x0}}}
	returnCode = -1
#37 0x02311dd7 in QApplication::exec () at kernel/qapplication.cpp:3525
No locals.
#38 0x0807a745 in main (argc=3, argv=0xbf938654)
    at ../../../../apps/dolphin/src/main.cpp:94
	about = {d = 0x9895d70}
	options = {d = 0x98a93c8}
	app = {<KUniqueApplication> = {<KApplication> = {<QApplication> = {<QCoreApplication> = {<QObject> = {_vptr.QObject = 0x80a90a8, 
            static staticMetaObject = {d = {superdata = 0x0, 
                stringdata = 0x847aba0 "QObject", data = 0x847ac40, 
                extradata = 0x84ce1b8}}, d_ptr = 0x98b7c38, 
            static staticQtMetaObject = {d = {superdata = 0x0, 
                stringdata = 0x8484380 "Qt", data = 0x8487700, 
                extradata = 0x0}}}, static staticMetaObject = {d = {
              superdata = 0x80b7540, 
              stringdata = 0x848c820 "QCoreApplication", data = 0x848c8c0, 
              extradata = 0x0}}, static self = 0xbf93847c}, 
        static staticMetaObject = {d = {superdata = 0x84d27e4, 
            stringdata = 0x29aa860 "QApplication", data = 0x29aaa60, 
            extradata = 0x0}}}, static staticMetaObject = {d = {
          superdata = 0x2b73f48, stringdata = 0xa61500 "KApplication", 
          data = 0xa616a0, extradata = 0x0}}, static loadedByKdeinit = false, 
      static KApp = 0xbf93847c, d = 0x98ecb18}, static staticMetaObject = {
      d = {superdata = 0xa89ba0, stringdata = 0xa61dc0 "KUniqueApplication", 
        data = 0xa61ec0, extradata = 0x0}}, d = 0x993d0d8}, 
  static staticMetaObject = {d = {superdata = 0x80b7820, 
      stringdata = 0x80a8f80 "DolphinApplication", data = 0x80a9020, 
      extradata = 0x0}}, m_mainWindows = {{p = {static shared_null = {ref = {
            _q_value = 23211}, alloc = 0, begin = 0, end = 0, sharable = 1, 
          array = {0x0}}, d = 0x9a95a08}, d = 0x9a95a08}}, m_lastId = 3}
	__PRETTY_FUNCTION__ = "int main(int, char**)"

Revision history for this message

In KDE Bug Tracking System #208881, Jonathan Thomas (echidnaman-f) wrote on 2009-12-30:

#9

*** Bug 220642 has been marked as a duplicate of this bug. ***

Bug Watch Updater (bug-watch-updater) on 2010-01-27

Changed in qt:
status:	Unknown → Confirmed

Bug Watch Updater (bug-watch-updater) on 2011-02-27

Changed in qt:
importance:	Unknown → High

Revision history for this message

In KDE Bug Tracking System #208881, Justin Zobel (justin-zobel) wrote on 2020-12-07:

#10

Thank you for the report, Daniel.

As it has been a while since this was reported, can you please test and confirm if this issue is still occurring or if this bug report can be marked as resolved.

I have set the bug status to "needsinfo" pending your response, please change back to "reported" or "resolved/worksforme" when you respond, thank you.

Bug Watch Updater (bug-watch-updater) on 2020-12-07

Changed in qt:
status:	Confirmed → Incomplete

Revision history for this message

In KDE Bug Tracking System #208881, Bug-janitor (bug-janitor) wrote on 2020-12-22:

#11

Dear Bug Submitter,

This bug has been in NEEDSINFO status with no change for at least
15 days. Please provide the requested information as soon as
possible and set the bug status as REPORTED. Due to regular bug
tracker maintenance, if the bug is still in NEEDSINFO status with
no change in 30 days the bug will be closed as RESOLVED > WORKSFORME
due to lack of needed information.

For more information about our bug triaging procedures please read the
wiki located here:
https://community.kde.org/Guidelines_and_HOWTOs/Bug_triaging

If you have already provided the requested information, please
mark the bug as REPORTED so that the KDE team knows that the bug is
ready to be confirmed.

Thank you for helping us make KDE software even better for everyone!

Revision history for this message

In KDE Bug Tracking System #208881, Bug-janitor (bug-janitor) wrote on 2021-01-06:

#12

This bug has been in NEEDSINFO status with no change for at least
30 days. The bug is now closed as RESOLVED > WORKSFORME
due to lack of needed information.

For more information about our bug triaging procedures please read the
wiki located here:
https://community.kde.org/Guidelines_and_HOWTOs/Bug_triaging

Thank you for helping us make KDE software even better for everyone!

Bug Watch Updater (bug-watch-updater) on 2021-01-07

Changed in qt:
status:	Incomplete → Invalid

Ubuntu
qt4-x11 package

dolphin crashed in [PolygonRegion, QRegion, QX11PaintEngine::updateState] (assert failure)

Bug Description

Other bug subscribers

Bug attachments

Remote bug watches

Affects		Status	Importance	Assigned to	Milestone
	Qt	Invalid	High	kde-bugs #208881
	qt4-x11 (Ubuntu)	Triaged	Low	Unassigned

Ubuntuqt4-x11 package

dolphin crashed in [PolygonRegion, QRegion, QX11PaintEngine::updateState] (assert failure)

Bug Description

Other bug subscribers

Bug attachments

Remote bug watches

Ubuntu
qt4-x11 package