[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kfm-devel
Subject:    Re: Konqi crash KJS::Image
From:       David Faure <david () mandrakesoft ! com>
Date:       2002-03-28 17:51:42
[Download RAW message or body]

On Thursday 28 March 2002 14:26, Alexander Kellett wrote:
> I've seen the following bt twice now but have
> absolutely no idea how to find more information
> about the crash as it is more or less completely
> random :(
>   
> #6  0x4180effa in KJS::Image::~Image (this=0x83fc470, __in_chrg=2)
>               at kjs_html.cpp:2987

It seems clear to me that the "img" pointer in this dtor has become a dangling pointer,
i.e. it's been deleted despite the ref/deref being done by KJS::Image
[someone could use valgrind to verify this assertion...]

Dirk, what's the memory management model for khtml::CachedImage in khtml?
Is is guaranteed that they won't be deleted as long as they are ref'ed,
or does e.g. deleting the whole document delete the image unconditionally ?

Maybe Window::clear should delete all the wrappers (KJS::Image)...
but 1) it doesn't know about them currently 2) this might not fix some other
case, e.g. JS code that deletes an image (just guessing, here).

-- 
David FAURE, david@mandrakesoft.com, faure@kde.org
http://people.mandrakesoft.com/~david/, http://www.konqueror.org/
KDE, Making The Future of Computing Available Today

[prev in list] [next in list] [prev in thread] [next in thread]