[okular] [Bug 388228] Okular crashes when annotating a piece of text

Tobias Deiminger bugzilla_noreply at kde.org
Sat Jan 6 15:34:12 UTC 2018


https://bugs.kde.org/show_bug.cgi?id=388228

--- Comment #7 from Tobias Deiminger <haxtibal at posteo.de> ---
Thanks again. I'll try to fix the problem as it occurs in code from a patch I
did.

> Looks like a corrupted vtable.

Nope, dangling pointer... The __cxa_pure_virtual call is a consecutive fault of
that. Your trace shows the annotation object got deleted during undo of
AddAnnotationCommand.

==30208==  Address 0x27a2b9f0 is 0 bytes inside a block of size 16 free'd
==30208==    at 0x4C3123B: operator delete(void*) (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==30208==    by 0x1EC658E2:
Okular::AddAnnotationCommand::~AddAnnotationCommand() (documentcommands.cpp:72)
==30208==    by 0x1EC65928:
Okular::AddAnnotationCommand::~AddAnnotationCommand() (documentcommands.cpp:74)
==30208==    by 0x71FC861: QUndoStack::push(QUndoCommand*) (in
/usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5.9.1)
==30208==    by 0x1EC49A24: Okular::Document::addPageAnnotation(int,
Okular::Annotation*) (document.cpp:3230)
[...]

MouseAnnotation did not notice the deletion and continued to track the now
deleted annotation. On next access (in MouseAnnotation::cursor) we can crash
with various kinds of errors, depending on what has happened in the meantime to
the freed memory.

-- 
You are receiving this mail because:
You are the assignee for the bug.


More information about the Okular-devel mailing list