Konqueror crash on http://www.shell.vesproshop.nl

Martijn Klingens klingens at kde.org
Sun Sep 22 12:47:23 BST 2002 

Valgrinding gave the following to start with and a scaringly large lot of 
others, hope it's of any help to those who know the code.

I got a bit scared away by all pointer indirections in render_table.h. They 
are no doubt fast, but not very easy to grasp quickly.

My first guess is that RenderTableSection::cellAt returns an invalid pointer, 
but at about that point I also gave up, sorry :/

KHTML CVS from 15 minutes ago, rest of kdelibs from yesterday.

==24489== Invalid read of size 2
==24489==    at 0x47B7FB22: ??? 
(/home/martijn/src/kde3/kdelibs/khtml/rendering/render_table.h:295)
==24489==    by 0x47AE59F4: khtml::AutoTableLayout::recalcColumn(int) 
(/home/martijn/src/kde3/kdelibs/khtml/rendering/table_layout.cpp:371)
==24489==    by 0x47AE612D: khtml::AutoTableLayout::fullRecalc(void) 
(/home/martijn/src/kde3/kdelibs/khtml/rendering/table_layout.cpp:505)
==24489==    by 0x47AE6170: khtml::AutoTableLayout::calcMinMaxWidth(void) 
(/home/martijn/src/kde3/kdelibs/khtml/rendering/table_layout.cpp:514)
==24489==    by 0x47AE033E: khtml::RenderTable::calcMinMaxWidth(void) 
(/home/martijn/src/kde3/kdelibs/khtml/rendering/render_table.cpp:397)
==24489==    by 0x47ACD84F: khtml::RenderObject::recalcMinMaxWidths(void) 
(/home/martijn/src/kde3/kdelibs/khtml/rendering/render_object.cpp:1072)
==24489==    by 0x47ACD761: khtml::RenderObject::recalcMinMaxWidths(void) 
(/home/martijn/src/kde3/kdelibs/khtml/rendering/render_object.cpp:1058)
==24489==    by 0x47ACD761: khtml::RenderObject::recalcMinMaxWidths(void) 
(/home/martijn/src/kde3/kdelibs/khtml/rendering/render_object.cpp:1058)
==24489==    Address 0x43AF7596 is 74 bytes inside a block of size 84 free'd
==24489==    at 0x40048E92: __builtin_delete (vg_clientfuncs.c:194)
==24489==    by 0x47AC81F8: khtml::RenderObject::~RenderObject(void) 
(/home/martijn/src/kde3/kdelibs/khtml/rendering/render_object.cpp:122)
==24489==    by 0x47ACD9CB: khtml::RenderContainer::~RenderContainer(void) 
(/home/martijn/src/kde3/kdelibs/khtml/rendering/render_container.cpp:57)
==24489==    by 0x47ACECDD: khtml::RenderBox::~RenderBox(void) 
(/home/martijn/src/kde3/kdelibs/khtml/rendering/render_box.cpp:87)
==24489==    by 0x47AD2B9F: khtml::RenderFlow::~RenderFlow(void) 
(/home/martijn/src/kde3/kdelibs/khtml/rendering/render_flow.cpp:105)
==24489==    by 0x47AE3CEF: khtml::RenderTableCell::~RenderTableCell(void) 
(/home/martijn/src/kde3/kdelibs/khtml/rendering/render_table.cpp:1291)
==24489==    by 0x47ACC4F6: khtml::RenderObject::detach(void) 
(/home/martijn/src/kde3/kdelibs/khtml/rendering/render_object.cpp:836)
==24489==    by 0x47A855C6: DOM::NodeImpl::detach(void) 
(/home/martijn/src/kde3/kdelibs/khtml/xml/dom_nodeimpl.cpp:916)
==24489==
==24489== Invalid read of size 1
==24489==    at 0x47B7C33A: ??? 
(/home/martijn/src/kde3/kdelibs/khtml/rendering/render_object.h:153)
==24489==    by 0x47AE5A0F: khtml::AutoTableLayout::recalcColumn(int) 
(/home/martijn/src/kde3/kdelibs/khtml/rendering/table_layout.cpp:372)
==24489==    by 0x47AE612D: khtml::AutoTableLayout::fullRecalc(void) 
(/home/martijn/src/kde3/kdelibs/khtml/rendering/table_layout.cpp:505)
==24489==    by 0x47AE6170: khtml::AutoTableLayout::calcMinMaxWidth(void) 
(/home/martijn/src/kde3/kdelibs/khtml/rendering/table_layout.cpp:514)
==24489==    by 0x47AE033E: khtml::RenderTable::calcMinMaxWidth(void) 
(/home/martijn/src/kde3/kdelibs/khtml/rendering/render_table.cpp:397)
==24489==    by 0x47ACD84F: khtml::RenderObject::recalcMinMaxWidths(void) 
(/home/martijn/src/kde3/kdelibs/khtml/rendering/render_object.cpp:1072)
==24489==    by 0x47ACD761: khtml::RenderObject::recalcMinMaxWidths(void) 
(/home/martijn/src/kde3/kdelibs/khtml/rendering/render_object.cpp:1058)
==24489==    by 0x47ACD761: khtml::RenderObject::recalcMinMaxWidths(void) 
(/home/martijn/src/kde3/kdelibs/khtml/rendering/render_object.cpp:1058)
==24489==    Address 0x43AF7566 is 26 bytes inside a block of size 84 free'd
==24489==    at 0x40048E92: __builtin_delete (vg_clientfuncs.c:194)
==24489==    by 0x47AC81F8: khtml::RenderObject::~RenderObject(void) 
(/home/martijn/src/kde3/kdelibs/khtml/rendering/render_object.cpp:122)
==24489==    by 0x47ACD9CB: khtml::RenderContainer::~RenderContainer(void) 
(/home/martijn/src/kde3/kdelibs/khtml/rendering/render_container.cpp:57)
==24489==    by 0x47ACECDD: khtml::RenderBox::~RenderBox(void) 
(/home/martijn/src/kde3/kdelibs/khtml/rendering/render_box.cpp:87)
==24489==    by 0x47AD2B9F: khtml::RenderFlow::~RenderFlow(void) 
(/home/martijn/src/kde3/kdelibs/khtml/rendering/render_flow.cpp:105)
==24489==    by 0x47AE3CEF: khtml::RenderTableCell::~RenderTableCell(void) 
(/home/martijn/src/kde3/kdelibs/khtml/rendering/render_table.cpp:1291)
==24489==    by 0x47ACC4F6: khtml::RenderObject::detach(void) 
(/home/martijn/src/kde3/kdelibs/khtml/rendering/render_object.cpp:836)
==24489==    by 0x47A855C6: DOM::NodeImpl::detach(void) 
(/home/martijn/src/kde3/kdelibs/khtml/xml/dom_nodeimpl.cpp:916)

-- 
Martijn

More information about the kfm-devel mailing list