crash into konqueror 3.2 into render_table.cpp (findLastSelectableNode(... ) )
Laurent Montel
montel at kde.org
Tue Feb 10 10:46:05 GMT 2004
Hi,
I found a 100% reproductable crash into konqueror.
Program received signal SIGSEGV, Segmentation fault.
I create a patch (not sure that it's perfect)
I added a testcase.
Click in white area please.
--- kdelibs-3.2/khtml/rendering/render_table.cpp-- 2004-02-10
10:32:22.000000000 +0100
+++ kdelibs-3.2/khtml/rendering/render_table.cpp 2004-02-10
10:34:48.000000000 +0100
@@ -1343,10 +1343,10 @@ static NodeImpl *findLastSelectableNode(
{
NodeImpl *next = last->lastChild();
if ( !next ) next = last->previousSibling();
- while ( last != base && !next )
+ while ( last && last != base && !next )
{
last = last->parentNode();
- if ( last != base )
+ if ( last && last != base )
next = last->previousSibling();
}
last = next;
Bt:
---
[Switching to Thread 1098228704 (LWP 21519)]
0x41a3c334 in DOM::NodeImpl::previousSibling() const (this=Variable "this" is
no t available.
)
at dom_nodeimpl.h:88
88 dom_nodeimpl.h: No such file or directory.
in dom_nodeimpl.h
Current language: auto; currently c++
(gdb) where
#0 0x41a3c334 in DOM::NodeImpl::previousSibling() const (this=Variable "this"
i s not available.
)
at dom_nodeimpl.h:88
#1 0x41ac1ae6 in findLastSelectableNode (base=Variable "base" is not
available.
) at render_table.cpp:1350
#2 0x41ac1cb9 in khtml::RenderTableSection::checkSelectionPoint(int, int,
int, int, DOM::NodeImpl*&, int&, khtml::RenderObject::SelPointState&)
(this=Variable "this" is not available.
)
at render_table.cpp:1433
#3 0x41abf892 in khtml::RenderTable::checkSelectionPoint(int, int, int, int,
DOM::NodeImpl*&, int&, khtml::RenderObject::SelPointState&) (this=Variable
"this" is not available.
)
at render_table.cpp:659
#4 0x41aa9aff in khtml::RenderObject::checkSelectionPoint(int, int, int, int,
DOM::NodeImpl*&, int&, khtml::RenderObject::SelPointState&) (this=Variable
"this" is not available.
)
at render_object.cpp:1278
#5 0x41a22cff in KHTMLPart::khtmlMousePressEvent(khtml::MousePressEvent*) (
this=Could not find the frame base for
"KHTMLPart::khtmlMousePressEvent(khtml::MousePressEvent*)".
) at khtml_part.cpp:5091
#6 0x41a2279d in KHTMLPart::customEvent(QCustomEvent*) (this=Variable "this"
is not available.
)
at khtml_part.cpp:5029
#7 0x40d3eb6c in QObject::event(QEvent*) ()
from /usr/lib/qt3/lib/libqt-mt.so.3
#8 0x081c8740 in ?? ()
#9 0xbfffe920 in ?? ()
#10 0xbfffe670 in ?? ()
#11 0x401c01ab in ~QPtrListIterator (this=Variable "this" is not available.
) at qptrlist.h:158
#12 0x40cde2c0 in QApplication::internalNotify(QObject*, QEvent*) ()
---Type <return> to continue, or q <return> to quit---
from /usr/lib/qt3/lib/libqt-mt.so.3
#13 0x081c8740 in ?? ()
#14 0xbfffe920 in ?? ()
#15 0xbfffe920 in ?? ()
#16 0x409af9b4 in fREe (mem=Variable "mem" is not available.
) at malloc.c:2996
#17 0x41189998 in ?? () from /usr/lib/qt3/lib/libqt-mt.so.3
#18 0x41197cb0 in QAccelManager::self_ptr ()
from /usr/lib/qt3/lib/libqt-mt.so.3
#19 0x00000412 in ?? ()
#20 0xbfffe920 in ?? ()
#21 0x40cdd81b in QApplication::notify(QObject*, QEvent*) ()
from /usr/lib/qt3/lib/libqt-mt.so.3
#22 0xbffff660 in ?? ()
#23 0x081c8740 in ?? ()
#24 0xbfffe920 in ?? ()
#25 0x409aef98 in free (m=Variable "m" is not available.
) at malloc.c:5536
#26 0x415b38d1 in operator delete(void*) () from /usr/lib/libstdc++.so.5
#27 0x00000412 in ?? ()
#28 0x409e8de0 in spinlock () from /usr/lib/libkdecore.so.4
#29 0x41bc7515 in typeinfo name for QKeyEvent () from /usr/lib/libkhtml.so.4
#30 0xbfffeee0 in ?? ()
#31 0x00000020 in ?? ()
#32 0x00000067 in ?? ()
---Type <return> to continue, or q <return> to quit---
#33 0x0000000a in ?? ()
#34 0x0000000a in ?? ()
#35 0x41c3b888 in vtable for DOM::DOMString () from /usr/lib/libkhtml.so.4
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.kde.org/pipermail/kde-core-devel/attachments/20040210/3582a056/attachment.html>
More information about the kde-core-devel
mailing list