PDB set_trace() causes crash "munmap_chunk(): invalid pointer"

[hassec]

The following small script works on 3.9.13 but when tested on 3.10.7 or 3.11.0rc1 will cause a crash. PyQt version is 6.3.1. I hope this is the right place, and that this isn't a PyQt bug. But given that the script works with a different python version, and that it's a hard crash inside python, this seemed to be the right place to raise this bug report.

from PyQt6.QtWidgets import QApplication, QMainWindow
import pdb

app = QApplication([])
b = QMainWindow()
b.show()
pdb.set_trace()
print("I won't ever get here")

Error messages

munmap_chunk(): invalid pointer
[1]    25478 abort      python tmp.py

GDB backtrace:

#0  __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
#1  0x00007ffff7c68859 in __GI_abort () at abort.c:79
#2  0x00007ffff7cd326e in __libc_message (action=action@entry=do_abort, fmt=fmt@entry=0x7ffff7dfd298 "%s\n")
    at ../sysdeps/posix/libc_fatal.c:155
#3  0x00007ffff7cdb2fc in malloc_printerr (str=str@entry=0x7ffff7dff1e0 "munmap_chunk(): invalid pointer") at malloc.c:5347
#4  0x00007ffff7cdb54c in munmap_chunk (p=<optimized out>) at malloc.c:2830
#5  0x00007fffe01e69fd in _py_free_history_entry (entry=<optimized out>)
    at /tmp/python-build.20221001153008.8507/Python-3.11.0rc1/Modules/readline.c:595
#6  setup_readline (mod_state=0x7ffff22c9aa0, mod_state=0x7ffff22c9aa0)
    at /tmp/python-build.20221001153008.8507/Python-3.11.0rc1/Modules/readline.c:1231
#7  PyInit_readline () at /tmp/python-build.20221001153008.8507/Python-3.11.0rc1/Modules/readline.c:1504
#8  0x00005555557f7c51 in _PyImport_LoadDynamicModuleWithSpec (spec=spec@entry=0x7ffff22cd550, fp=fp@entry=0x0)
    at ./Python/importdl.c:169
#9  0x00005555557f3665 in _imp_create_dynamic_impl (module=<optimized out>, file=<optimized out>, spec=0x7ffff22cd550)
    at Python/import.c:2384
#10 _imp_create_dynamic (module=<optimized out>, args=<optimized out>, nargs=<optimized out>) at Python/clinic/import.c.h:446
#11 0x0000555555705e06 in cfunction_vectorcall_FASTCALL (func=0x7ffff78ba4d0, args=0x7ffff7682098, nargsf=<optimized out>,
    kwnames=<optimized out>) at ./Include/cpython/methodobject.h:52
#12 0x00005555556ab8fe in PyObject_Call () at Objects/call.c:336
#13 0x000055555564918e in do_call_core (use_tracing=<optimized out>, kwdict=0x7ffff22ba1c0, callargs=0x7ffff7682080,
    func=0x7ffff78ba4d0, tstate=<optimized out>) at Python/ceval.c:7343
#14 _PyEval_EvalFrameDefault (tstate=<optimized out>, frame=<optimized out>, throwflag=<optimized out>) at Python/ceval.c:5381
#15 0x00005555557c4669 in _PyEval_EvalFrame (throwflag=0, frame=0x7ffff7fbf1b8, tstate=0x555555afa1f0 <_PyRuntime+166320>)
    at ./Include/internal/pycore_ceval.h:73
#16 _PyEval_Vector (tstate=0x555555afa1f0 <_PyRuntime+166320>, func=<optimized out>, locals=<optimized out>, args=<optimized out>,
    argcount=<optimized out>, kwnames=<optimized out>) at Python/ceval.c:6424
#17 0x00005555556aacfc in _PyObject_VectorcallTstate (kwnames=0x0, nargsf=2, args=0x7fffffffa670, callable=0x7ffff787bce0,
    tstate=0x555555afa1f0 <_PyRuntime+166320>) at ./Include/internal/pycore_call.h:92
#18 object_vacall (tstate=tstate@entry=0x555555afa1f0 <_PyRuntime+166320>, base=base@entry=0x0, callable=0x7ffff787bce0,
    vargs=vargs@entry=0x7fffffffa700) at Objects/call.c:819
#19 0x00005555556ad2e8 in PyObject_CallMethodObjArgs (obj=0x0, name=<optimized out>) at Objects/call.c:879
#20 0x00005555557f68b2 in import_find_and_load (abs_name=0x555555adb2c8 <_PyRuntime+39560>, tstate=0x555555afa1f0 <_PyRuntime+166320>)
    at Python/import.c:1735
#21 PyImport_ImportModuleLevelObject (name=name@entry=0x555555adb2c8 <_PyRuntime+39560>, globals=<optimized out>,
    locals=<optimized out>, fromlist=fromlist@entry=0x5555559df7a0 <_Py_NoneStruct>, level=0) at Python/import.c:1834
#22 0x000055555564decd in import_name (level=0x555555ad1b88 <_PyRuntime+840>, fromlist=0x5555559df7a0 <_Py_NoneStruct>,
    name=0x555555adb2c8 <_PyRuntime+39560>, frame=<optimized out>, tstate=<optimized out>) at Python/ceval.c:7415
#23 _PyEval_EvalFrameDefault (tstate=<optimized out>, frame=<optimized out>, throwflag=<optimized out>) at Python/ceval.c:3954
#24 0x00005555557c4669 in _PyEval_EvalFrame (throwflag=0, frame=0x7ffff7fbf0f8, tstate=0x555555afa1f0 <_PyRuntime+166320>)
    at ./Include/internal/pycore_ceval.h:73
#25 _PyEval_Vector (tstate=0x555555afa1f0 <_PyRuntime+166320>, func=<optimized out>, locals=<optimized out>, args=<optimized out>,
    argcount=<optimized out>, kwnames=<optimized out>) at Python/ceval.c:6424
#26 0x00005555556ac0d9 in _PyObject_FastCallDictTstate (kwargs=0x0, nargsf=1, args=0x7fffffffaa30, callable=0x7ffff22b4cc0,
    tstate=0x555555afa1f0 <_PyRuntime+166320>) at Objects/call.c:141
#27 _PyObject_Call_Prepend (tstate=tstate@entry=0x555555afa1f0 <_PyRuntime+166320>, callable=callable@entry=0x7ffff22b4cc0,
    obj=obj@entry=0x7ffff79020d0, args=args@entry=0x555555adfe58 <_PyRuntime+58904>, kwargs=kwargs@entry=0x0) at Objects/call.c:482
#28 0x000055555572a99f in slot_tp_init (self=0x7ffff79020d0, args=0x555555adfe58 <_PyRuntime+58904>, kwds=0x0)
    at Objects/typeobject.c:7844
#29 0x0000555555721927 in type_call (type=<optimized out>, args=0x555555adfe58 <_PyRuntime+58904>, kwds=0x0)
    at Objects/typeobject.c:1112
#30 0x00005555556aa798 in _PyObject_MakeTpCall (tstate=0x555555afa1f0 <_PyRuntime+166320>, callable=0x555555da38b0,
    args=0x7ffff7fbf0e8, nargs=<optimized out>, keywords=0x0) at Objects/call.c:214
#31 0x00005555556ab526 in _PyObject_VectorcallTstate (kwnames=<optimized out>, nargsf=<optimized out>, args=<optimized out>,
    callable=<optimized out>, tstate=<optimized out>) at ./Include/internal/pycore_call.h:90
#32 _PyObject_VectorcallTstate (kwnames=<optimized out>, nargsf=<optimized out>, args=<optimized out>, callable=<optimized out>,
    tstate=<optimized out>) at ./Include/internal/pycore_call.h:77
#33 PyObject_Vectorcall (callable=<optimized out>, args=<optimized out>, nargsf=<optimized out>, kwnames=<optimized out>)
    at Objects/call.c:299

[ted-tanner]

Hm, this very well could be a PyQt issue, and I think it is. If PyQt tries to unmap an invalid pointer, it would cause Python to crash and there isn't much that Python can do about it. You can create a reproducible example of this by calling a function in a DLL that simply calls munmap and passes it an invalid pointer. Python will crash and system logs will read as if it were Python that tried to unmap an invalid pointer

[kumaraditya303]

You should report this to PyQt bug tracker.