crash with a segmentation fault #79

heldercorreia · 2015-08-04T17:40:36Z

Originally reported on Google Code with ID 17


This bug is originally reported to ubuntu bug tracking system:
https://launchpad.net/distros/ubuntu/+source/speedcrunch/+bug/72026

If you play with speedcrunch + or * button via mouse the program crash.

these steps to reproduce (but there are many others)

TYPE ALL WITH THE MOUSE:
3*3 EVALUATE
*3 EVALUATE
*3 EVALUATE
etc...

continue until it crash with a segmentation fault.
What is the expected output? What do you see instead?

This happens with beta2 release. Backtrace:

#0 0xb7e43775 in Q3TextParagraph::format () from /usr/lib/libQt3Support.so.4
#1 0xb7e43f65 in Q3TextParagraph::lineHeightOfChar ()
   from /usr/lib/libQt3Support.so.4
#2 0xb7e22978 in Q3TextEdit::drawCursor () from /usr/lib/libQt3Support.so.4
#3 0xb7e250bb in Q3TextEdit::setCursorPosition ()
   from /usr/lib/libQt3Support.so.4
#4 0x08056ad6 in Crunch::addKeyPadText ()
#5 0x08099544 in Crunch::qt_metacall ()
#6 0xb6fbc748 in QMetaObject::activate () from /usr/lib/libQtCore.so.4
#7 0xb6fbd0ca in QMetaObject::activate () from /usr/lib/libQtCore.so.4
#8 0x0809a505 in KeyPad::addText ()
#9 0x0808d7a0 in KeyPad::clickedMul ()
#10 0x0809a65d in KeyPad::qt_metacall ()
#11 0xb6fbc748 in QMetaObject::activate () from /usr/lib/libQtCore.so.4
#12 0xb6fbc9cf in QMetaObject::activate () from /usr/lib/libQtCore.so.4
#13 0xb77aa6c1 in QAbstractButton::clicked () from /usr/lib/libQtGui.so.4
#14 0xb75cdc49 in QButtonGroup::id () from /usr/lib/libQtGui.so.4
#15 0xb75cf2f9 in QAbstractButton::keyPressEvent () from /usr/lib/libQtGui.so.4
#16 0xb75cf512 in QAbstractButton::mouseReleaseEvent ()
   from /usr/lib/libQtGui.so.4
#17 0xb738886e in QWidget::event () from /usr/lib/libQtGui.so.4
#18 0xb75ce795 in QAbstractButton::event () from /usr/lib/libQtGui.so.4
#19 0xb76478b4 in QPushButton::event () from /usr/lib/libQtGui.so.4

Reported by vi64pa on 2006-11-19 10:29:16

The text was updated successfully, but these errors were encountered:

heldercorreia · 2015-08-04T18:41:17Z



According to Valgrid output this could be qt problem:

==7108== Invalid read of size 1
==7108== at 0x4022CEF: memcpy (mc_replace_strmem.c:405)
==7108== by 0x4FD5911: QVectorData::malloc(int, int, int, QVectorData*) (in
/usr/lib/libQtCore.so.4.2.0)
==7108== by 0x41632A2: (within /usr/lib/libQt3Support.so.4.2.0)
==7108== by 0x416337C: (within /usr/lib/libQt3Support.so.4.2.0)
==7108== by 0x41EF479: Q3TextParagraph::lineStartOfChar(int, int*, int*) const (in
/usr/lib/libQt3Support.so.4.2.0)
==7108== by 0x4229FC9: Q3TextCursor::y() const (in /usr/lib/libQt3Support.so.4.2.0)
==7108== by 0x41CB991: Q3TextEdit::drawCursor(bool) (in /usr/lib/libQt3Support.so.4.2.0)
==7108== by 0x41CE0BA: Q3TextEdit::setCursorPosition(int, int) (in
/usr/lib/libQt3Support.so.4.2.0)
==7108== by 0x8056AD5: Crunch::addKeyPadText(QString const&) (in
/home/ville/Ubuntu/speed_source/speedcrunch-0.7-beta2/speedcrunch)
==7108== by 0x8099543: Crunch::qt_metacall(QMetaObject::Call, int, void**) (in
/home/ville/Ubuntu/speed_source/speedcrunch-0.7-beta2/speedcrunch)
==7108== by 0x5050747: QMetaObject::activate(QObject*, int, int, void**) (in
/usr/lib/libQtCore.so.4.2.0)
==7108== by 0x50510C9: QMetaObject::activate(QObject*, QMetaObject const*, int,
void**) (in /usr/lib/libQtCore.so.4.2.0)
==7108== Address 0x5B9D653 is 3 bytes inside a block of size 16 free'd
==7108== at 0x4020FB0: free (vg_replace_malloc.c:233)
==7108== by 0x4F920EC: qFree(void*) (in /usr/lib/libQtCore.so.4.2.0)
==7108== by 0x416303C: (within /usr/lib/libQt3Support.so.4.2.0)
==7108== by 0x420A3B4: Q3TextString::~Q3TextString() (in /usr/lib/libQt3Support.so.4.2.0)
==7108== by 0x41ECF95: Q3TextParagraph::~Q3TextParagraph() (in
/usr/lib/libQt3Support.so.4.2.0)
==7108== by 0x420F2C3: Q3TextDocument::clear(bool) (in /usr/lib/libQt3Support.so.4.2.0)
==7108== by 0x420F4BA: Q3TextDocument::setPlainText(QString const&) (in
/usr/lib/libQt3Support.so.4.2.0)
==7108== by 0x421E541: Q3TextDocument::setText(QString const&, QString const&) (in
/usr/lib/libQt3Support.so.4.2.0)
==7108== by 0x41E49D2: Q3TextEdit::setText(QString const&, QString const&) (in
/usr/lib/libQt3Support.so.4.2.0)
==7108== by 0x805744B: Crunch::textChanged() (in
/home/ville/Ubuntu/speed_source/speedcrunch-0.7-beta2/speedcrunch)
==7108== by 0x8099519: Crunch::qt_metacall(QMetaObject::Call, int, void**) (in
/home/ville/Ubuntu/speed_source/speedcrunch-0.7-beta2/speedcrunch)
==7108== by 0x5050747: QMetaObject::activate(QObject*, int, int, void**) (in
/usr/lib/libQtCore.so.4.2.0)

Reported by vi64pa on 2006-11-19 10:38:29

heldercorreia · 2015-08-04T18:41:18Z

Reported by ariya.hidayat on 2007-04-14 20:02:05

Status changed: Accepted
Labels added: Milestone-0.7

heldercorreia · 2015-08-04T18:41:19Z

Fixed in svn. The 0.7 release will include the fix.

Reported by ariya.hidayat on 2007-04-16 08:40:33

Status changed: Fixed

heldercorreia · 2015-08-04T18:41:20Z

Reported by helder.pereira.correia on 2007-05-15 12:41:58

Status changed: Verified

…ll request #79) Feature/biffield show all bit numbers

heldercorreia self-assigned this Aug 4, 2015

heldercorreia added Type-Defect Priority-Medium Milestone-0.7 Status-Verified labels Aug 4, 2015

newinnovations referenced this issue in newinnovations/SpeedCrunchSI Mar 5, 2017

Merged in l-inc/speedcrunch/feature/BifField-show-all-bit-numbers (pu…

0b4adf1

…ll request #79) Feature/biffield show all bit numbers

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

crash with a segmentation fault #79

crash with a segmentation fault #79

heldercorreia commented Aug 4, 2015

heldercorreia commented Aug 4, 2015

heldercorreia commented Aug 4, 2015

heldercorreia commented Aug 4, 2015

heldercorreia commented Aug 4, 2015

crash with a segmentation fault #79

crash with a segmentation fault #79

Comments

heldercorreia commented Aug 4, 2015

heldercorreia commented Aug 4, 2015

heldercorreia commented Aug 4, 2015

heldercorreia commented Aug 4, 2015

heldercorreia commented Aug 4, 2015