[Konsole-devel] [Bug 233670] Invalid read of size 1 at Konsole::TerminalDisplay::updateImage()
Milian Wolff
mail at milianw.de
Thu Apr 8 12:29:44 UTC 2010
https://bugs.kde.org/show_bug.cgi?id=233670
--- Comment #1 from Milian Wolff <mail milianw de> 2010-04-08 14:29:33 ---
here are updated log outputs with more debug symbols:
==29846== Thread 1:
==29846== Invalid read of size 2
==29846== at 0x2B7FC97E: Konsole::operator!=(Konsole::Character const&,
Konsole::Character const&) (Character.h:137)
==29846== by 0x2B7F2438: Konsole::TerminalDisplay::updateImage()
(TerminalDisplay.cpp:993)
==29846== by 0x2B7FB5B6:
Konsole::TerminalDisplay::qt_metacall(QMetaObject::Call, int, void**)
(TerminalDisplay.moc:131)
==29846== by 0x832EDF5: QMetaObject::activate(QObject*, QMetaObject const*,
int, void**) (qobject.cpp:3287)
==29846== by 0x2B7CBC84: Konsole::ScreenWindow::outputChanged()
(ScreenWindow.moc:93)
==29846== by 0x2B7CBB07: Konsole::ScreenWindow::notifyOutputChanged()
(ScreenWindow.cpp:291)
==29846== by 0x2B7CBC4C:
Konsole::ScreenWindow::qt_metacall(QMetaObject::Call, int, void**)
(ScreenWindow.moc:82)
==29846== by 0x832EDF5: QMetaObject::activate(QObject*, QMetaObject const*,
int, void**) (qobject.cpp:3287)
==29846== by 0x2B795DA4: Konsole::Emulation::outputChanged()
(Emulation.moc:194)
==29846== by 0x2B7950FF: Konsole::Emulation::showBulk() (Emulation.cpp:313)
==29846== by 0x2B795B0D: Konsole::Emulation::qt_metacall(QMetaObject::Call,
int, void**) (Emulation.moc:134)
==29846== by 0x2B8147A4:
Konsole::Vt102Emulation::qt_metacall(QMetaObject::Call, int, void**)
(Vt102Emulation.moc:78)
==29846== Address 0x1ca9d970 is 0 bytes inside a block of size 960 free'd
==29846== at 0x4C246F6: operator delete[](void*) (vg_replace_malloc.c:368)
==29846== by 0x2B7CB066: Konsole::ScreenWindow::getImage()
(ScreenWindow.cpp:64)
==29846== by 0x2B7F1F13: Konsole::TerminalDisplay::processFilters()
(TerminalDisplay.cpp:924)
==29846== by 0x2B7CEAF2: Konsole::Session::updateTerminalSize()
(Session.cpp:622)
==29846== by 0x2B7CE9C9: Konsole::Session::onViewSizeChange(int, int)
(Session.cpp:596)
==29846== by 0x2B7D1E58: Konsole::Session::qt_metacall(QMetaObject::Call,
int, void**) (Session.moc:214)
==29846== by 0x832EDF5: QMetaObject::activate(QObject*, QMetaObject const*,
int, void**) (qobject.cpp:3287)
==29846== by 0x2B7FB944:
Konsole::TerminalDisplay::changedContentSizeSignal(int, int)
(TerminalDisplay.moc:184)
==29846== by 0x2B7F535B: Konsole::TerminalDisplay::updateImageSize()
(TerminalDisplay.cpp:1601)
==29846== by 0x2B7F2167: Konsole::TerminalDisplay::updateImage()
(TerminalDisplay.cpp:951)
==29846== by 0x2B7FB5B6:
Konsole::TerminalDisplay::qt_metacall(QMetaObject::Call, int, void**)
(TerminalDisplay.moc:131)
==29846== by 0x832EDF5: QMetaObject::activate(QObject*, QMetaObject const*,
int, void**) (qobject.cpp:3287)
==29846== Invalid read of size 1
==29846== at 0x2B7A0290: Konsole::operator==(Konsole::CharacterColor const&,
Konsole::CharacterColor const&) (CharacterColor.h:248)
==29846== by 0x2B7EE25E: Konsole::operator!=(Konsole::CharacterColor const&,
Konsole::CharacterColor const&) (CharacterColor.h:252)
==29846== by 0x2B7FC9BB: Konsole::operator!=(Konsole::Character const&,
Konsole::Character const&) (Character.h:137)
==29846== by 0x2B7F2438: Konsole::TerminalDisplay::updateImage()
(TerminalDisplay.cpp:993)
==29846== by 0x2B7FB5B6:
Konsole::TerminalDisplay::qt_metacall(QMetaObject::Call, int, void**)
(TerminalDisplay.moc:131)
==29846== by 0x832EDF5: QMetaObject::activate(QObject*, QMetaObject const*,
int, void**) (qobject.cpp:3287)
==29846== by 0x2B7CBC84: Konsole::ScreenWindow::outputChanged()
(ScreenWindow.moc:93)
==29846== by 0x2B7CBB07: Konsole::ScreenWindow::notifyOutputChanged()
(ScreenWindow.cpp:291)
==29846== by 0x2B7CBC4C:
Konsole::ScreenWindow::qt_metacall(QMetaObject::Call, int, void**)
(ScreenWindow.moc:82)
==29846== by 0x832EDF5: QMetaObject::activate(QObject*, QMetaObject const*,
int, void**) (qobject.cpp:3287)
==29846== by 0x2B795DA4: Konsole::Emulation::outputChanged()
(Emulation.moc:194)
==29846== by 0x2B7950FF: Konsole::Emulation::showBulk() (Emulation.cpp:313)
==29846== Address 0x1ca9d973 is 3 bytes inside a block of size 960 free'd
==29846== at 0x4C246F6: operator delete[](void*) (vg_replace_malloc.c:368)
==29846== by 0x2B7CB066: Konsole::ScreenWindow::getImage()
(ScreenWindow.cpp:64)
==29846== by 0x2B7F1F13: Konsole::TerminalDisplay::processFilters()
(TerminalDisplay.cpp:924)
==29846== by 0x2B7CEAF2: Konsole::Session::updateTerminalSize()
(Session.cpp:622)
==29846== by 0x2B7CE9C9: Konsole::Session::onViewSizeChange(int, int)
(Session.cpp:596)
==29846== by 0x2B7D1E58: Konsole::Session::qt_metacall(QMetaObject::Call,
int, void**) (Session.moc:214)
==29846== by 0x832EDF5: QMetaObject::activate(QObject*, QMetaObject const*,
int, void**) (qobject.cpp:3287)
==29846== by 0x2B7FB944:
Konsole::TerminalDisplay::changedContentSizeSignal(int, int)
(TerminalDisplay.moc:184)
==29846== by 0x2B7F535B: Konsole::TerminalDisplay::updateImageSize()
(TerminalDisplay.cpp:1601)
==29846== by 0x2B7F2167: Konsole::TerminalDisplay::updateImage()
(TerminalDisplay.cpp:951)
==29846== by 0x2B7FB5B6:
Konsole::TerminalDisplay::qt_metacall(QMetaObject::Call, int, void**)
(TerminalDisplay.moc:131)
==29846== by 0x832EDF5: QMetaObject::activate(QObject*, QMetaObject const*,
int, void**) (qobject.cpp:3287)
==29846== Invalid read of size 1
==29846== at 0x2B7F24AD: Konsole::TerminalDisplay::updateImage()
(TerminalDisplay.cpp:1002)
==29846== by 0x2B7FB5B6:
Konsole::TerminalDisplay::qt_metacall(QMetaObject::Call, int, void**)
(TerminalDisplay.moc:131)
==29846== by 0x832EDF5: QMetaObject::activate(QObject*, QMetaObject const*,
int, void**) (qobject.cpp:3287)
==29846== by 0x2B7CBC84: Konsole::ScreenWindow::outputChanged()
(ScreenWindow.moc:93)
==29846== by 0x2B7CBB07: Konsole::ScreenWindow::notifyOutputChanged()
(ScreenWindow.cpp:291)
==29846== by 0x2B7CBC4C:
Konsole::ScreenWindow::qt_metacall(QMetaObject::Call, int, void**)
(ScreenWindow.moc:82)
==29846== by 0x832EDF5: QMetaObject::activate(QObject*, QMetaObject const*,
int, void**) (qobject.cpp:3287)
==29846== by 0x2B795DA4: Konsole::Emulation::outputChanged()
(Emulation.moc:194)
==29846== by 0x2B7950FF: Konsole::Emulation::showBulk() (Emulation.cpp:313)
==29846== by 0x2B795B0D: Konsole::Emulation::qt_metacall(QMetaObject::Call,
int, void**) (Emulation.moc:134)
==29846== by 0x2B8147A4:
Konsole::Vt102Emulation::qt_metacall(QMetaObject::Call, int, void**)
(Vt102Emulation.moc:78)
==29846== by 0x832EDF5: QMetaObject::activate(QObject*, QMetaObject const*,
int, void**) (qobject.cpp:3287)
==29846== Address 0x1ca9d972 is 2 bytes inside a block of size 960 free'd
==29846== at 0x4C246F6: operator delete[](void*) (vg_replace_malloc.c:368)
==29846== by 0x2B7CB066: Konsole::ScreenWindow::getImage()
(ScreenWindow.cpp:64)
==29846== by 0x2B7F1F13: Konsole::TerminalDisplay::processFilters()
(TerminalDisplay.cpp:924)
==29846== by 0x2B7CEAF2: Konsole::Session::updateTerminalSize()
(Session.cpp:622)
==29846== by 0x2B7CE9C9: Konsole::Session::onViewSizeChange(int, int)
(Session.cpp:596)
==29846== by 0x2B7D1E58: Konsole::Session::qt_metacall(QMetaObject::Call,
int, void**) (Session.moc:214)
==29846== by 0x832EDF5: QMetaObject::activate(QObject*, QMetaObject const*,
int, void**) (qobject.cpp:3287)
==29846== by 0x2B7FB944:
Konsole::TerminalDisplay::changedContentSizeSignal(int, int)
(TerminalDisplay.moc:184)
==29846== by 0x2B7F535B: Konsole::TerminalDisplay::updateImageSize()
(TerminalDisplay.cpp:1601)
==29846== by 0x2B7F2167: Konsole::TerminalDisplay::updateImage()
(TerminalDisplay.cpp:951)
==29846== by 0x2B7FB5B6:
Konsole::TerminalDisplay::qt_metacall(QMetaObject::Call, int, void**)
(TerminalDisplay.moc:131)
==29846== by 0x832EDF5: QMetaObject::activate(QObject*, QMetaObject const*,
int, void**) (qobject.cpp:3287)
==29846== Invalid read of size 1
==29846== at 0x4C26678: memcpy (mc_replace_strmem.c:482)
==29846== by 0x2B7F297E: Konsole::TerminalDisplay::updateImage()
(TerminalDisplay.cpp:1081)
==29846== by 0x2B7FB5B6:
Konsole::TerminalDisplay::qt_metacall(QMetaObject::Call, int, void**)
(TerminalDisplay.moc:131)
==29846== by 0x832EDF5: QMetaObject::activate(QObject*, QMetaObject const*,
int, void**) (qobject.cpp:3287)
==29846== by 0x2B7CBC84: Konsole::ScreenWindow::outputChanged()
(ScreenWindow.moc:93)
==29846== by 0x2B7CBB07: Konsole::ScreenWindow::notifyOutputChanged()
(ScreenWindow.cpp:291)
==29846== by 0x2B7CBC4C:
Konsole::ScreenWindow::qt_metacall(QMetaObject::Call, int, void**)
(ScreenWindow.moc:82)
==29846== by 0x832EDF5: QMetaObject::activate(QObject*, QMetaObject const*,
int, void**) (qobject.cpp:3287)
==29846== by 0x2B795DA4: Konsole::Emulation::outputChanged()
(Emulation.moc:194)
==29846== by 0x2B7950FF: Konsole::Emulation::showBulk() (Emulation.cpp:313)
==29846== by 0x2B795B0D: Konsole::Emulation::qt_metacall(QMetaObject::Call,
int, void**) (Emulation.moc:134)
==29846== by 0x2B8147A4:
Konsole::Vt102Emulation::qt_metacall(QMetaObject::Call, int, void**)
(Vt102Emulation.moc:78)
==29846== Address 0x1ca9dd2f is 959 bytes inside a block of size 960 free'd
==29846== at 0x4C246F6: operator delete[](void*) (vg_replace_malloc.c:368)
==29846== by 0x2B7CB066: Konsole::ScreenWindow::getImage()
(ScreenWindow.cpp:64)
==29846== by 0x2B7F1F13: Konsole::TerminalDisplay::processFilters()
(TerminalDisplay.cpp:924)
==29846== by 0x2B7CEAF2: Konsole::Session::updateTerminalSize()
(Session.cpp:622)
==29846== by 0x2B7CE9C9: Konsole::Session::onViewSizeChange(int, int)
(Session.cpp:596)
==29846== by 0x2B7D1E58: Konsole::Session::qt_metacall(QMetaObject::Call,
int, void**) (Session.moc:214)
==29846== by 0x832EDF5: QMetaObject::activate(QObject*, QMetaObject const*,
int, void**) (qobject.cpp:3287)
==29846== by 0x2B7FB944:
Konsole::TerminalDisplay::changedContentSizeSignal(int, int)
(TerminalDisplay.moc:184)
==29846== by 0x2B7F535B: Konsole::TerminalDisplay::updateImageSize()
(TerminalDisplay.cpp:1601)
==29846== by 0x2B7F2167: Konsole::TerminalDisplay::updateImage()
(TerminalDisplay.cpp:951)
==29846== by 0x2B7FB5B6:
Konsole::TerminalDisplay::qt_metacall(QMetaObject::Call, int, void**)
(TerminalDisplay.moc:131)
==29846== by 0x832EDF5: QMetaObject::activate(QObject*, QMetaObject const*,
int, void**) (qobject.cpp:3287)
--
Configure bugmail: https://bugs.kde.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the konsole-devel
mailing list