72739 – khtml::CachedImage::ref crashes recently introduced

Bug 72739 - khtml::CachedImage::ref crashes recently introduced

Summary: khtml::CachedImage::ref crashes recently introduced

Status:	RESOLVED FIXED

Alias:	None

Product:	konqueror
Classification:	Applications
Component:	khtml (show other bugs)
Version:	unspecified
Platform:	Compiled Sources Linux

Importance:	NOR critical
Target Milestone:	---
Assignee:	Dirk Mueller

URL:
Keywords:

Duplicates (3):	72952 73156 74209 (view as bug list)
Depends on:
Blocks:

Reported:	2004-01-16 11:15 UTC by Stephan Binner
Modified:	2004-02-05 11:41 UTC (History)
CC List:	3 users (show)

See Also:
Latest Commit:
Version Fixed In:

Attachments
Add an attachment

Note You need to log in before you can comment on or make changes to this bug.

Description Stephan Binner 2004-01-16 11:15:31 UTC

Version:            (using KDE Devel)
Installed from:    Compiled sources

Just visit http://kde.openoffice.org or http://gnomedesktop.org and click a link to a story to see khtml crash:

konqueror: kdelibs/khtml/rendering/render_image.cpp:379: virtual void khtml::RenderImage::notifyFinished(khtml::CachedObject*): Assertion `image' failed.

[New Thread 16384 (LWP 23653)]
0x4426ca86 in waitpid () from /lib/i686/libpthread.so.0
#0  0x4426ca86 in waitpid () from /lib/i686/libpthread.so.0
#1  0x40914c14 in KCrash::defaultCrashHandler(int) ()
   from /opt/kde3.2/lib/libkdecore.so.4
#2  0x4426b96c in __pthread_sighandler () from /lib/i686/libpthread.so.0
#3  <signal handler called>
#4  0x43feeb71 in kill () from /lib/i686/libc.so.6
#5  0x44268cf1 in pthread_kill () from /lib/i686/libpthread.so.0
#6  0x4426900b in raise () from /lib/i686/libpthread.so.0
#7  0x43fee904 in raise () from /lib/i686/libc.so.6
#8  0x43fefe8c in abort () from /lib/i686/libc.so.6
#9  0x43fe7e84 in __assert_fail () from /lib/i686/libc.so.6
#10 0x414cae22 in khtml::RenderImage::notifyFinished(khtml::CachedObject*) ()
   from /opt/kde3.2/lib/libkhtml.so.4
#11 0x415127af in khtml::CachedImage::ref(khtml::CachedObjectClient*) ()
   from /opt/kde3.2/lib/libkhtml.so.4
#12 0x414b531c in khtml::RenderObject::setStyle(khtml::RenderStyle*) ()
   from /opt/kde3.2/lib/libkhtml.so.4
#13 0x414b8c22 in khtml::RenderBox::setStyle(khtml::RenderStyle*) ()
   from /opt/kde3.2/lib/libkhtml.so.4
#14 0x414c94a0 in khtml::RenderImage::setStyle(khtml::RenderStyle*) ()
   from /opt/kde3.2/lib/libkhtml.so.4
#15 0x414870a7 in DOM::HTMLImageElementImpl::attach() ()
   from /opt/kde3.2/lib/libkhtml.so.4
#16 0x414713e0 in khtml::KHTMLParser::insertNode(DOM::NodeImpl*, bool) ()
   from /opt/kde3.2/lib/libkhtml.so.4
#17 0x41470f7e in khtml::KHTMLParser::parseToken(khtml::Token*) ()
   from /opt/kde3.2/lib/libkhtml.so.4
#18 0x4147907b in khtml::HTMLTokenizer::processToken() ()
   from /opt/kde3.2/lib/libkhtml.so.4
#19 0x41477043 in khtml::HTMLTokenizer::parseTag(khtml::DOMStringIt&) ()
   from /opt/kde3.2/lib/libkhtml.so.4
#20 0x41478687 in khtml::HTMLTokenizer::write(QString const&, bool) ()
   from /opt/kde3.2/lib/libkhtml.so.4
#21 0x414160db in KHTMLPart::write(char const*, int) ()
   from /opt/kde3.2/lib/libkhtml.so.4

Comment 1 Stephan Binner 2004-01-16 11:31:52 UTC

Don't let understate this. Another site: Choosing category on art.gnome.org

Comment 2 Stephan Kulow 2004-01-16 14:13:41 UTC

I can't make it crash on kde.openoffice.org (Dirk fixed one case afaik), 
but I load gnomedesktop.org, click on the guadec2004 link and then press back 
-> assertion

Comment 3 Dirk Mueller 2004-01-16 14:34:50 UTC

Subject: kdelibs/khtml [POSSIBLY UNSAFE]

CVS commit by mueller: 

CCMAIL: 72739-done@bugs.kde.org


  M +5 -0      ChangeLog   1.162
  M +3 -15     rendering/render_image.cpp   1.127 [POSSIBLY UNSAFE: qDebug]


--- kdelibs/khtml/ChangeLog  #1.161:1.162
@@ -1,2 +1,7 @@
+2004-01-16  Dirk Mueller  <mueller@kde.org>
+
+        * rendering/render_image.cpp: remove some asserts that
+        noone needs anyway (#72739).
+
 2004-01-16  Stephan Kulow  <coolo@kde.org>
 

--- kdelibs/khtml/rendering/render_image.cpp  #1.126:1.127
@@ -68,7 +68,4 @@ RenderImage::RenderImage(NodeImpl *_elem
 RenderImage::~RenderImage()
 {
-    assert( !image || image != oimage );
-    assert( !image || !image->canDelete() );
-    assert( !oimage || !oimage->canDelete() );
     if(image) image->deref(this);
     if (oimage) oimage->deref( this );
@@ -105,4 +102,6 @@ void RenderImage::setPixmap( const QPixm
     }
 
+    qDebug( "RenderImage::setPixmap!!" );
+
     bool iwchanged = false;
 
@@ -377,12 +376,5 @@ void RenderImage::notifyFinished(CachedO
     }
 
-    assert( image );
-    assert( !image->canDelete() );
-
     if ( image == finishedObj && oimage ) {
-        assert( image != oimage );
-        assert( oimage != finishedObj );
-        assert( !oimage->canDelete() );
-
         oimage->deref( this );
         oimage = 0;
@@ -416,5 +408,4 @@ void RenderImage::updateImage(CachedImag
 {
     CachedImage* tempimage = oimage;
-    assert( !tempimage || !tempimage->canDelete() );
     oimage = image;
     image = new_image;
@@ -425,7 +416,4 @@ void RenderImage::updateImage(CachedImag
         tempimage->deref(this);
 
-    assert( image );
-    assert( !image->canDelete() );
-    assert( !oimage || !oimage->canDelete() );
     berrorPic = image->isErrorImage();
 }

Comment 4 Stephan Kulow 2004-01-19 14:42:30 UTC

*** Bug 72952 has been marked as a duplicate of this bug. ***

Comment 5 Tommi Tervo 2004-01-21 18:33:08 UTC

*** Bug 73156 has been marked as a duplicate of this bug. ***

Comment 6 Stephan Kulow 2004-02-05 11:41:37 UTC

*** Bug 74209 has been marked as a duplicate of this bug. ***