Is this really right?

Boudewijn Rempt boud at valdyas.org
Wed Feb 1 22:33:16 CET 2006


In the convolution painter, we've got lines like this:

memcpy( pixelPtrCache.data() + krow * kw, pixelPtrCache.data() + lastvalid, 
kw*sizeof(Q_UINT8*));

Do we really want to size of a pointer to a byte; or the size of a byte here?

Valgrind gives a warning:

==17328==
==17328== Invalid read of size 1
==17328==    at 0x1B90276C: memcpy (mac_replace_strmem.c:394)
==17328==    by 0x1E093538: 
KisConvolutionPainter::applyMatrixRepeat(KSharedPtr<KisKernel>, int, int, 
int, int, KisChannelInfo::enumChannelFlags) (kis_convolution_painter.cc:338)
==17328==    by 0x1E093F0B: 
KisConvolutionPainter::applyMatrix(KSharedPtr<KisKernel>, int, int, int, int, 
KisConvolutionBorderOp, KisChannelInfo::enumChannelFlags) 
(kis_convolution_painter.cc:131)
==17328==    by 0x1E792A56: 
KisConvolutionFilter::process(KSharedPtr<KisPaintDevice>, 
KSharedPtr<KisPaintDevice>, KisFilterConfiguration*, QRect const&) 
(kis_convolution_filter.cc:105)
==17328==    by 0x1DF74F9C: KisFilterManager::apply() 
(kis_filter_manager.cc:209)
==17328==    by 0x1DF7583C: KisFilterManager::slotApplyFilter(int) 
(kis_filter_manager.cc:304)
==17328==    by 0x1DF75D30: KisFilterManager::qt_invoke(int, QUObject*) 
(kis_filter_manager.moc:93)
==17328==    by 0x1C884928: QObject::activate_signal(QConnectionList*, 
QUObject*) (in /usr/lib/libqt-mt.so.3.3.4)
==17328==    by 0x1C885237: QObject::activate_signal(int, int) 
(in /usr/lib/libqt-mt.so.3.3.4)
==17328==    by 0x1CBE4378: QSignalMapper::mapped(int) 
(in /usr/lib/libqt-mt.so.3.3.4)
==17328==    by 0x1C8A251E: QSignalMapper::map() 
(in /usr/lib/libqt-mt.so.3.3.4)
==17328==    by 0x1CBE441F: QSignalMapper::qt_invoke(int, QUObject*) 
(in /usr/lib/libqt-mt.so.3.3.4)

and also complains:

3.4)
==17328==  Address 0x24B2B017 is 1 bytes before a block of size 36 alloc'd
==17328==    at 0x1B9008A2: malloc (vg_replace_malloc.c:149)
==17328==    by 0x1CB7762D: QGArray::QGArray(int) 
(in /usr/lib/libqt-mt.so.3.3.4)
==17328==    by 0x1E094513: QMemArray<unsigned char*>::QMemArray(int) 
(qmemarray.h:59)
==17328==    by 0x1E092D01: 
KisConvolutionPainter::applyMatrixRepeat(KSharedPtr<KisKernel>, int, int, 
int, int, KisChannelInfo::enumChannelFlags) (kis_convolution_painter.cc:237)
==17328==    by 0x1E093F0B: 
KisConvolutionPainter::applyMatrix(KSharedPtr<KisKernel>, int, int, int, int, 
KisConvolutionBorderOp, KisChannelInfo::enumChannelFlags) 
(kis_convolution_painter.cc:131)
==17328==    by 0x1E792A56: 
KisConvolutionFilter::process(KSharedPtr<KisPaintDevice>, 
KSharedPtr<KisPaintDevice>, KisFilterConfiguration*, QRect const&) 
(kis_convolution_filter.cc:105)
==17328==    by 0x1DF74F9C: KisFilterManager::apply() 
(kis_filter_manager.cc:209)
==17328==    by 0x1DF7583C: KisFilterManager::slotApplyFilter(int) 
(kis_filter_manager.cc:304)
==17328==    by 0x1DF75D30: KisFilterManager::qt_invoke(int, QUObject*) 
(kis_filter_manager.moc:93)
==17328==    by 0x1C884928: QObject::activate_signal(QConnectionList*, 
QUObject*) (in /usr/lib/libqt-mt.so.3.3.4)
==17328==    by 0x1C885237: QObject::activate_signal(int, int) 
(in /usr/lib/libqt-mt.so.3.3.4)
==17328==    by 0x1CBE4378: QSignalMapper::mapped(int) 
(in /usr/lib/libqt-mt.so.3.3.4)
==17328==

To finally crash at:

==17328== Invalid read of size 1
==17328==    at 0x20FD62FE: KisRgbColorSpace::convolveColors(unsigned char**, 
int*, KisChannelInfo::enumChannelFlags, unsigned char*, int, int, int) const 
(kis_rgb_colorspace.cc:134)
==17328==    by 0x1E092FAC: 
KisConvolutionPainter::applyMatrixRepeat(KSharedPtr<KisKernel>, int, int, 
int, int, KisChannelInfo::enumChannelFlags) (kis_convolution_painter.cc:370)
==17328==    by 0x1E093F0B: 
KisConvolutionPainter::applyMatrix(KSharedPtr<KisKernel>, int, int, int, int, 
KisConvolutionBorderOp, KisChannelInfo::enumChannelFlags) 
(kis_convolution_painter.cc:131)
==17328==    by 0x1E792A56: 
KisConvolutionFilter::process(KSharedPtr<KisPaintDevice>, 
KSharedPtr<KisPaintDevice>, KisFilterConfiguration*, QRect const&) 
(kis_convolution_filter.cc:105)
==17328==    by 0x1DF74F9C: KisFilterManager::apply() 
(kis_filter_manager.cc:209)
==17328==    by 0x1DF7583C: KisFilterManager::slotApplyFilter(int) 
(kis_filter_manager.cc:304)
==17328==    by 0x1DF75D30: KisFilterManager::qt_invoke(int, QUObject*) 
(kis_filter_manager.moc:93)
==17328==    by 0x1C884928: QObject::activate_signal(QConnectionList*, 
QUObject*) (in /usr/lib/libqt-mt.so.3.3.4)
==17328==    by 0x1C885237: QObject::activate_signal(int, int) 
(in /usr/lib/libqt-mt.so.3.3.4)
==17328==    by 0x1CBE4378: QSignalMapper::mapped(int) 
(in /usr/lib/libqt-mt.so.3.3.4)
==17328==    by 0x1C8A251E: QSignalMapper::map() 
(in /usr/lib/libqt-mt.so.3.3.4)
==17328==    by 0x1CBE441F: QSignalMapper::qt_invoke(int, QUObject*) 
(in /usr/lib/libqt-mt.so.3.3.4)
==17328==  Address 0x2 is not s

-- 
Boudewijn Rempt 
http://www.valdyas.org/fading/index.cgi
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://mail.kde.org/pipermail/kimageshop/attachments/20060201/942ca27a/attachment.pgp 


More information about the kimageshop mailing list