[Okular-devel] [okular] [Bug 313146] New: Crash when I close Okular after reloading a document without table of contents
Fabio D'Urso
fabiodurso at hotmail.it
Sat Jan 12 19:54:51 UTC 2013
https://bugs.kde.org/show_bug.cgi?id=313146
Bug ID: 313146
Summary: Crash when I close Okular after reloading a document
without table of contents
Classification: Unclassified
Product: okular
Version: 0.16.60
Hardware: Other
OS: Linux
Status: CONFIRMED
Severity: normal
Priority: NOR
Component: general
Assignee: okular-devel at kde.org
Reporter: fabiodurso at hotmail.it
I'm getting a crash in git master when I close Okular after reloading a
document *without* TOC (Open document -> Press F5 -> Close okular -> CRASH).
Seems that we're trying to delete the old TOCModel that Qt has already freed
for us, here's what valgrind has to say:
==16723== Invalid read of size 4
==16723== at 0x71EE1FC: TOCModelPrivate::~TOCModelPrivate()
(tocmodel.cpp:108)
==16723== by 0x71EE280: TOCModel::~TOCModel() (tocmodel.cpp:169)
==16723== by 0x71EE2C1: TOCModel::~TOCModel() (tocmodel.cpp:170)
==16723== by 0x428FA1B9: QObjectPrivate::deleteChildren() (in
/usr/lib/libQtCore.so.4.8.4)
==16723== by 0x458D5B6F: QWidget::~QWidget() (in /usr/lib/libQtGui.so.4.8.4)
==16723== by 0x45CF16B1: QFrame::~QFrame() (in /usr/lib/libQtGui.so.4.8.4)
==16723== by 0x45D83F6A: QAbstractScrollArea::~QAbstractScrollArea() (in
/usr/lib/libQtGui.so.4.8.4)
==16723== by 0x45E23041: QAbstractItemView::~QAbstractItemView() (in
/usr/lib/libQtGui.so.4.8.4)
==16723== by 0x45E67C11: QTreeView::~QTreeView() (in
/usr/lib/libQtGui.so.4.8.4)
==16723== by 0x45E67C52: QTreeView::~QTreeView() (in
/usr/lib/libQtGui.so.4.8.4)
==16723== by 0x428FA1B9: QObjectPrivate::deleteChildren() (in
/usr/lib/libQtCore.so.4.8.4)
==16723== by 0x458D5B6F: QWidget::~QWidget() (in /usr/lib/libQtGui.so.4.8.4)
==16723== Address 0x8c26b28 is 0 bytes inside a block of size 12 free'd
==16723== at 0x4007AEE: operator delete(void*) (vg_replace_malloc.c:480)
==16723== by 0x71EE2C9: TOCModel::~TOCModel() (tocmodel.cpp:170)
==16723== by 0x428FA1B9: QObjectPrivate::deleteChildren() (in
/usr/lib/libQtCore.so.4.8.4)
==16723== by 0x458D5B6F: QWidget::~QWidget() (in /usr/lib/libQtGui.so.4.8.4)
==16723== by 0x45CF16B1: QFrame::~QFrame() (in /usr/lib/libQtGui.so.4.8.4)
==16723== by 0x45D83F6A: QAbstractScrollArea::~QAbstractScrollArea() (in
/usr/lib/libQtGui.so.4.8.4)
==16723== by 0x45E23041: QAbstractItemView::~QAbstractItemView() (in
/usr/lib/libQtGui.so.4.8.4)
==16723== by 0x45E67C11: QTreeView::~QTreeView() (in
/usr/lib/libQtGui.so.4.8.4)
==16723== by 0x45E67C52: QTreeView::~QTreeView() (in
/usr/lib/libQtGui.so.4.8.4)
==16723== by 0x428FA1B9: QObjectPrivate::deleteChildren() (in
/usr/lib/libQtCore.so.4.8.4)
==16723== by 0x458D5B6F: QWidget::~QWidget() (in /usr/lib/libQtGui.so.4.8.4)
==16723== by 0x71EBC98: TOC::~TOC() (toc.cpp:55)
I've had a look at the code, and I think this happens because in documents
without TOC TOCModel::fill is never called and therefore
delete d->m_oldModel;
d->m_oldModel = 0;
is never executed.
When I close Okular, Qt automatically deletes the current TOCModel, but since
d->m_oldModel stayed not equal to zero, we too try to delete it.
I've tried to fix it by executing those two lines for documents without TOC
too, it fixed the crash but broke Jaydeep's work on document with TOC (TOC
wasn't restored any more) so it's a no-go :D
Reproducible: Always
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the Okular-devel
mailing list