Bug 351181

Summary:	Valgrind: Invalid reads when destructing views
Product:	[Applications] konsole	Reporter:	Kevin Funk <kfunk>
Component:	general	Assignee:	Konsole Developer <konsole-devel>
Status:	RESOLVED DUPLICATE
Severity:	normal
Priority:	NOR
Version:	master
Target Milestone:	---
Platform:	Other
OS:	Linux
Latest Commit:		Version Fixed In:
Sentry Crash Report:

Description Kevin Funk 2015-08-11 07:32:02 UTC

==28327== Invalid read of size 4
==28327==    at 0x3086E60F: QListData::size() const (qlist.h:92)
==28327==    by 0x3092C4A9: QList<Konsole::ViewContainer*>::count() const (qlist.h:290)
==28327==    by 0x309344A6: Konsole::ViewSplitter::activeContainer() const (ViewSplitter.cpp:258)
==28327==    by 0x30926B54: Konsole::ViewManager::updateDetachViewState() (ViewManager.cpp:271)
==28327==    by 0x30928F59: Konsole::ViewManager::viewDestroyed(QWidget*) (ViewManager.cpp:741)
==28327==    by 0x30932AC8: QtPrivate::FunctorCall<QtPrivate::IndexesList<0>, QtPrivate::List<QWidget*>, void, void (Konsole::ViewManager::*)(QWidget*)>::call(void (Konsole::ViewManager::*)(QWidget*), Konsole::ViewManager*, void**) (qobjectdefs_impl.h:500)
==28327==    by 0x30931D4C: void QtPrivate::FunctionPointer<void (Konsole::ViewManager::*)(QWidget*)>::call<QtPrivate::List<QWidget*>, void>(void (Konsole::ViewManager::*)(QWidget*), Konsole::ViewManager*, void**) (qobjectdefs_impl.h:519)
==28327==    by 0x30930DFA: QtPrivate::QSlotObject<void (Konsole::ViewManager::*)(QWidget*), QtPrivate::List<QWidget*>, void>::impl(int, QtPrivate::QSlotObjectBase*, QObject*, void**, bool*) (qobject_impl.h:143)
==28327==    by 0x6947359: QMetaObject::activate(QObject*, int, int, void**) (in /usr/lib/x86_64-linux-gnu/libQt5Core.so.5.4.1)
==28327==    by 0x3094662F: Konsole::ViewContainer::viewRemoved(QWidget*) (moc_ViewContainer.cpp:297)
==28327==    by 0x3091C8C8: Konsole::ViewContainer::forgetView(QWidget*) (ViewContainer.cpp:163)
==28327==    by 0x3091C874: Konsole::ViewContainer::viewDestroyed(QObject*) (ViewContainer.cpp:155)
==28327==  Address 0x20cf9c58 is 8 bytes inside a block of size 32 free'd
==28327==    at 0x4C2CE10: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==28327==    by 0x3092E874: QList<Konsole::ViewContainer*>::dealloc(QListData::Data*) (qlist.h:792)
==28327==    by 0x3092BCFF: QList<Konsole::ViewContainer*>::~QList() (qlist.h:766)
==28327==    by 0x3094A046: Konsole::ViewSplitter::~ViewSplitter() (in /home/kfunk/devel/install/kf5/lib/x86_64-linux-gnu/libkonsoleprivate.so.15.08.0)
==28327==    by 0x3094A08B: Konsole::ViewSplitter::~ViewSplitter() (ViewSplitter.h:47)
==28327==    by 0x727AB36: KParts::Part::~Part() (part.cpp:65)
==28327==    by 0x727CE35: KParts::ReadOnlyPart::~ReadOnlyPart() (readonlypart.cpp:51)
==28327==    by 0x30602E41: ??? (in /usr/lib/x86_64-linux-gnu/qt5/plugins/konsolepart.so)
==28327==    by 0x30602E88: ??? (in /usr/lib/x86_64-linux-gnu/qt5/plugins/konsolepart.so)
==28327==    by 0x694618B: QObjectPrivate::deleteChildren() (in /usr/lib/x86_64-linux-gnu/libQt5Core.so.5.4.1)
==28327==    by 0x5BDC579: QWidget::~QWidget() (in /usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5.4.1)
==28327==    by 0x25A4F2C7: KDevKonsoleView::~KDevKonsoleView() (kdevkonsoleview.cpp:117)
==28327== 
==28327== Invalid read of size 8
==28327==    at 0x309344C0: Konsole::ViewSplitter::activeContainer() const (ViewSplitter.cpp:259)
==28327==    by 0x30926B54: Konsole::ViewManager::updateDetachViewState() (ViewManager.cpp:271)
==28327==    by 0x30928F59: Konsole::ViewManager::viewDestroyed(QWidget*) (ViewManager.cpp:741)
==28327==    by 0x30932AC8: QtPrivate::FunctorCall<QtPrivate::IndexesList<0>, QtPrivate::List<QWidget*>, void, void (Konsole::ViewManager::*)(QWidget*)>::call(void (Konsole::ViewManager::*)(QWidget*), Konsole::ViewManager*, void**) (qobjectdefs_impl.h:500)
==28327==    by 0x30931D4C: void QtPrivate::FunctionPointer<void (Konsole::ViewManager::*)(QWidget*)>::call<QtPrivate::List<QWidget*>, void>(void (Konsole::ViewManager::*)(QWidget*), Konsole::ViewManager*, void**) (qobjectdefs_impl.h:519)
==28327==    by 0x30930DFA: QtPrivate::QSlotObject<void (Konsole::ViewManager::*)(QWidget*), QtPrivate::List<QWidget*>, void>::impl(int, QtPrivate::QSlotObjectBase*, QObject*, void**, bool*) (qobject_impl.h:143)
==28327==    by 0x6947359: QMetaObject::activate(QObject*, int, int, void**) (in /usr/lib/x86_64-linux-gnu/libQt5Core.so.5.4.1)
==28327==    by 0x3094662F: Konsole::ViewContainer::viewRemoved(QWidget*) (moc_ViewContainer.cpp:297)
==28327==    by 0x3091C8C8: Konsole::ViewContainer::forgetView(QWidget*) (ViewContainer.cpp:163)
==28327==    by 0x3091C874: Konsole::ViewContainer::viewDestroyed(QObject*) (ViewContainer.cpp:155)
==28327==    by 0x30923155: QtPrivate::FunctorCall<QtPrivate::IndexesList<0>, QtPrivate::List<QObject*>, void, void (Konsole::ViewContainer::*)(QObject*)>::call(void (Konsole::ViewContainer::*)(QObject*), Konsole::ViewContainer*, void**) (qobjectdefs_impl.h:500)
==28327==    by 0x30922D1D: void QtPrivate::FunctionPointer<void (Konsole::ViewContainer::*)(QObject*)>::call<QtPrivate::List<QObject*>, void>(void (Konsole::ViewContainer::*)(QObject*), Konsole::ViewContainer*, void**) (qobjectdefs_impl.h:519)
==28327==  Address 0x20cf9c60 is 16 bytes inside a block of size 32 free'd
==28327==    at 0x4C2CE10: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==28327==    by 0x3092E874: QList<Konsole::ViewContainer*>::dealloc(QListData::Data*) (qlist.h:792)
==28327==    by 0x3092BCFF: QList<Konsole::ViewContainer*>::~QList() (qlist.h:766)
==28327==    by 0x3094A046: Konsole::ViewSplitter::~ViewSplitter() (in /home/kfunk/devel/install/kf5/lib/x86_64-linux-gnu/libkonsoleprivate.so.15.08.0)
==28327==    by 0x3094A08B: Konsole::ViewSplitter::~ViewSplitter() (ViewSplitter.h:47)
==28327==    by 0x727AB36: KParts::Part::~Part() (part.cpp:65)
==28327==    by 0x727CE35: KParts::ReadOnlyPart::~ReadOnlyPart() (readonlypart.cpp:51)
==28327==    by 0x30602E41: ??? (in /usr/lib/x86_64-linux-gnu/qt5/plugins/konsolepart.so)
==28327==    by 0x30602E88: ??? (in /usr/lib/x86_64-linux-gnu/qt5/plugins/konsolepart.so)
==28327==    by 0x694618B: QObjectPrivate::deleteChildren() (in /usr/lib/x86_64-linux-gnu/libQt5Core.so.5.4.1)
==28327==    by 0x5BDC579: QWidget::~QWidget() (in /usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5.4.1)
==28327==    by 0x25A4F2C7: KDevKonsoleView::~KDevKonsoleView() (kdevkonsoleview.cpp:117)

Reproducible: Always

Steps to Reproduce:
1. Just start kdevelop with
2. Open project
3. Activate Konsole
4. Close KDevelop

Comment 1 Kurt Hindenburg 2015-10-13 01:13:38 UTC

This might have been fixed in 16b3919ff8da3a8e2256602f4751f5fd8085fc42 - I need to double-check

Comment 2 Kevin Funk 2015-11-27 19:36:20 UTC

Whoops. Reported that twice.

*** This bug has been marked as a duplicate of bug 343194 ***