Summary: | crash while using VPL editor in quanta 3.5 | ||
---|---|---|---|
Product: | [Applications] konqueror | Reporter: | Eduardo H.R. <joredu> |
Component: | khtml | Assignee: | Konqueror Developers <konq-bugs> |
Status: | RESOLVED FIXED | ||
Severity: | crash | CC: | amantia, ana, l.savernik |
Priority: | NOR | ||
Version: | 3.5 | ||
Target Milestone: | --- | ||
Platform: | unspecified | ||
OS: | Linux | ||
Latest Commit: | Version Fixed In: | ||
Sentry Crash Report: | |||
Attachments: | File which triggers crash in VPL |
Description
Eduardo H.R.
2006-01-15 23:08:09 UTC
Do you have an example document and an exact way to reproduce? I cannot reproduce it by just trying to copy/paste urls. Hi
On Monday January 23 2006 3:20 am, you wrote:
> ------- Additional Comments From amantia kde org 2006-01-23 10:20 -------
> Do you have an example document and an exact way to reproduce? I cannot
> reproduce it by just trying to copy/paste urls.
No, I've tried but I guess the errors were random? The program crashed several
times when I was selecting fragments of text not just URL's probably it was a
coincidence. Sorry if I am not helping much, If I find a way to reproduce the
crashes I'll let you know.
Regards
Created attachment 15275 [details]
File which triggers crash in VPL
I'll attach a testcase document which was sent to Debian when this bug was reported to us (3.5.1), and which causes the VPL editor to crash. Just open the document, switch to VPL, and press Page Down. Crash. Thanks, Christopher Martin This is a KHTML bug (hopefully fixed for kdelibs 3.5.3). The other VPL crashes should also be fixed for Quanta 3.5.3. This is a KHTML (caret mode) bug. caretNode can be NULL in static ElementImpl *determineBaseElement(NodeImpl *caretNode) unfortunately simply returning 0 is not enough (just propagates the crash to a later stage), thus the following lines are also wrong in khtml_caret.cpp: 628: if (!doc) return 0; // should not happen, but who knows. 633: return 0; Reproducible with Konqueror 3.5 svn as well if the attached file is loaded from the local disk. Reassigning to KHTML. Leo, can you look at this? > Leo, can you look at this?
Sure. I just need some more information. First, determineBaseElement returning
0 is supported. So whatever crashes later on resembles the real bug.
Second, I don't have a working installation of quanta atm, and time
constraints keep me from compiling one. Therefore, I ask you to supply
backtraces of those spots where khtml crashes.
It crashed without Quanta as well. Just save the attached html file to your HDD and load in Konqueror, activate caret mode and press PgDn. But now I cannot reproduce it. But anyway, here is the backtrace with the current code: 0x00002b33f7ea44f6 in DOM::NodeImpl::getDocument (this=0x0) at /data/development/sources/kde-3.5/kdelibs/khtml/xml/dom_nodeimpl.h:273 273 DocumentImpl* getDocument() const { return document->document(); } (gdb) bt #0 0x00002b33f7ea44f6 in DOM::NodeImpl::getDocument (this=0x0) at /data/development/sources/kde-3.5/kdelibs/khtml/xml/dom_nodeimpl.h:273 #1 0x00002b33f7e8aa61 in determineBaseElement (caretNode=0x0) at /data/development/sources/kde-3.5/kdelibs/khtml/khtml_caret.cpp:627 #2 0x00002b33f7e92c8a in KHTMLView::moveCaretByPage (this=0xc62d40, next=true) at /data/development/sources/kde-3.5/kdelibs/khtml/khtmlview.cpp:4396 #3 0x00002b33f7e92dac in KHTMLView::moveCaretNextPage (this=0xc62d40) at /data/development/sources/kde-3.5/kdelibs/khtml/khtmlview.cpp:4436 #4 0x00002b33f7e938d3 in KHTMLView::caretKeyPressEvent (this=0xc62d40, _ke=0x7fffb43316d0) at /data/development/sources/kde-3.5/kdelibs/khtml/khtmlview.cpp:4014 #5 0x00002b33f7ea0454 in KHTMLView::keyPressEvent (this=0xc62d40, _ke=0x7fffb43316d0) at /data/development/sources/kde-3.5/kdelibs/khtml/khtmlview.cpp:1435 #6 0x00002b33faa3160a in QWidget::event () from /usr/lib/qt3/lib64/libqt-mt.so.3 #7 0x00002b33fa9a7985 in QApplication::internalNotify () from /usr/lib/qt3/lib64/libqt-mt.so.3 #8 0x00002b33fa9a8ab8 in QApplication::notify () from /usr/lib/qt3/lib64/libqt-mt.so.3 #9 0x00002b33f9cf3c4d in KApplication::notify (this=0x921570, receiver=0xc62d40, event=0x7fffb43316d0) at /data/development/sources/kde-3.5/kdelibs/kdecore/kapplication.cpp:550 #10 0x00002b33fa94e17e in QETWidget::translateKeyEvent () from /usr/lib/qt3/lib64/libqt-mt.so.3 #11 0x00002b33fa94f180 in QApplication::x11ProcessEvent () from /usr/lib/qt3/lib64/libqt-mt.so.3 #12 0x00002b33fa95e22f in QEventLoop::processEvents () from /usr/lib/qt3/lib64/libqt-mt.so.3 #13 0x00002b33fa9bc6a1 in QEventLoop::enterLoop () from /usr/lib/qt3/lib64/libqt-mt.so.3 #14 0x00002b33fa9bc54a in QEventLoop::exec () from /usr/lib/qt3/lib64/libqt-mt.so.3 #15 0x000000000047315f in main (argc=1, argv=0x7fffb4331ed8) at /home/andris/development/kdewebdev/quanta/src/main.cpp:212 And the backtrace if I add "if (!caretNode) return 0;" there: 0x00002b92125bf1e0 in QValueVector<khtml::CaretBox*>::begin (this=0x0) at /usr/lib64/qt3/include/qvaluevector.h:316 316 return sh->start; (gdb) (gdb) bt #0 0x00002b92125bf1e0 in QValueVector<khtml::CaretBox*>::begin (this=0x0) at /usr/lib64/qt3/include/qvaluevector.h:316 #1 0x00002b92125bf203 in QValueVector<khtml::CaretBox*>::operator[] (this=0x0, i=0) at /usr/lib64/qt3/include/qvaluevector.h:363 #2 0x00002b92125c0b78 in khtml::CaretBoxLine::containingBlock (this=0x0) at /data/development/sources/kde-3.5/kdelibs/khtml/khtml_caret_p.h:352 #3 0x00002b92125a9598 in moveIteratorByPage (ld=@0x7fff99c1a720, it=@0x7fff99c1a790, mindist=447, next=true) at /data/development/sources/kde-3.5/kdelibs/khtml/khtml_caret.cpp:2608 #4 0x00002b92125abd2d in KHTMLView::moveCaretByPage (this=0xc62d40, next=true) at /data/development/sources/kde-3.5/kdelibs/khtml/khtmlview.cpp:4401 #5 0x00002b92125abdbc in KHTMLView::moveCaretNextPage (this=0xc62d40) at /data/development/sources/kde-3.5/kdelibs/khtml/khtmlview.cpp:4436 #6 0x00002b92125ac8e3 in KHTMLView::caretKeyPressEvent (this=0xc62d40, _ke=0x7fff99c1afb0) at /data/development/sources/kde-3.5/kdelibs/khtml/khtmlview.cpp:4014 #7 0x00002b92125b9464 in KHTMLView::keyPressEvent (this=0xc62d40, _ke=0x7fff99c1afb0) at /data/development/sources/kde-3.5/kdelibs/khtml/khtmlview.cpp:1435 #8 0x00002b921514a60a in QWidget::event () from /usr/lib/qt3/lib64/libqt-mt.so.3 #9 0x00002b92150c0985 in QApplication::internalNotify () from /usr/lib/qt3/lib64/libqt-mt.so.3 #10 0x00002b92150c1ab8 in QApplication::notify () from /usr/lib/qt3/lib64/libqt-mt.so.3 #11 0x00002b921440cc4d in KApplication::notify (this=0x921570, receiver=0xc62d40, event=0x7fff99c1afb0) at /data/development/sources/kde-3.5/kdelibs/kdecore/kapplication.cpp:550 #12 0x00002b921506717e in QETWidget::translateKeyEvent () from /usr/lib/qt3/lib64/libqt-mt.so.3 #13 0x00002b9215068180 in QApplication::x11ProcessEvent () from /usr/lib/qt3/lib64/libqt-mt.so.3 #14 0x00002b921507722f in QEventLoop::processEvents () from /usr/lib/qt3/lib64/libqt-mt.so.3 #15 0x00002b92150d56a1 in QEventLoop::enterLoop () from /usr/lib/qt3/lib64/libqt-mt.so.3 #16 0x00002b92150d554a in QEventLoop::exec () from /usr/lib/qt3/lib64/libqt-mt.so.3 #17 0x000000000047315f in main (argc=1, argv=0x7fff99c1b7b8) at /home/andris/development/kdewebdev/quanta/src/main.cpp:212 SVN commit 542562 by savernik: Added missing sanity check which caused crashes in caret mode on pgup/pgdn when there was no valid caret. QuantaDevs, please test. CCMAIL: amantia@kde.org BUG: 120205 M +1 -0 khtmlview.cpp --- branches/KDE/3.5/kdelibs/khtml/khtmlview.cpp #542561:542562 @@ -4381,6 +4381,7 @@ void KHTMLView::moveCaretByPage(bool next) { Node &caretNodeRef = m_part->d->caretNode(); + if (caretNodeRef.isNull()) return; NodeImpl *caretNode = caretNodeRef.handle(); // kdDebug(6200) << ": caretNode=" << caretNode << endl; It's fine, thanks Leo! Andras |