[prev in list] [next in list] [prev in thread] [next in thread]
List: kopete-devel
Subject: bug 228704 -- need some help --Kopete crashes when using backspace in
From: kaushik <roideuniverse () gmail ! com>
Date: 2010-03-29 11:33:23
Message-ID: d6f7d0031003290421jb2a1118r1675bc6f236e5d00 () mail ! gmail ! com
[Download RAW message or body]
[Attachment #2 (multipart/alternative)]
https://bugs.kde.org/show_bug.cgi?id=228704
Kopete crashes when using backspace in chat window
Somebody told me about this bug on irc and i was able to reproduce it, so I
sat down to fix it.
At first i thought the bug was in kopete, but later it seemed to me that it
was somewhere in qt. It appeared to me as some kind of race condition.
kopete crash report and valgrind log is attached.
I reached the file
qt-kde/src/gui/text/qtextcursor.cpp
I did the following modification which filxed my crash.
The contents of the diff file are
diff --git a/src/gui/text/qtextcursor.cpp b/src/gui/text/qtextcursor.cpp
index 51eca9c..52632ac 100644
--- a/src/gui/text/qtextcursor.cpp
+++ b/src/gui/text/qtextcursor.cpp
@@ -169,9 +169,14 @@ void QTextCursorPrivate::remove()
adjusted_anchor = anchor = position;
priv->endEditBlock();
} else {
+ QTextDocumentPrivate *testing;
+ testing = priv;
+ qDebug() << "initial priv="<<priv << " testing=" << testing;
priv->remove(pos1, pos2-pos1, op);
adjusted_anchor = anchor = position;
- priv->finishEdit();
+ qDebug() << "final priv=" << priv << " testing =" << testing;
+ if ( priv && (testing == priv))
+ priv->finishEdit();
}
}
now when i re ran kopete, i got the qdebug output as
initial priv= 0xa3cecf0 testing= 0xa3cecf0
final priv= 0xa3cecf0 testing =
0xa3cecf0
initial priv= 0xa3cecf0 testing=
0xa3cecf0
final priv= 0xa3cecf0 testing =
0xa3cecf0
initial priv= 0xa3cecf0 testing=
0xa3cecf0
final priv= 0x0 testing = 0xa3cecf0
So, somewhere in the method call
priv->remove(pos1, pos2-pos1, op);
the pointer value gets modified, which leads to crash.
I was not able to figure out where exactly in the method priv->remove(pos1,
pos2-pos1, op); it is getting modified.
Probably somebody more experienced that me can take a look at it.
--
Greetings,
KDE Developer
irc nick - roide
roideuniverse dot blogspot dot com
twitter dot com/roideuniverse
--There is no shortcut to Success!
[Attachment #5 (text/html)]
<a href="https://bugs.kde.org/show_bug.cgi?id=228704" \
target="_blank">https://bugs.kde.org/show_bug.cgi?id=228704</a><br><br><span \
style="display: inline;" id="summary_alias_container" class="bz_default_hidden"><span \
id="short_desc_nonedit_display">Kopete crashes when using backspace in chat \
window<br> </span></span>Somebody told me about this bug on irc and i was able to \
reproduce it, so I sat down to fix it.<br>At first i thought the bug was in kopete, \
but later it seemed to me that it was somewhere in qt. It appeared to me as some kind \
of race condition.<br> <br>kopete crash report and valgrind log is attached.<br>I \
reached the file <br>qt-kde/src/gui/text/qtextcursor.cpp<br><br>I did the following \
modification which filxed my crash.<br> The contents of the diff file are <br> \
<br>diff --git a/src/gui/text/qtextcursor.cpp b/src/gui/text/qtextcursor.cpp<br>index \
51eca9c..52632ac 100644<br>--- a/src/gui/text/qtextcursor.cpp<br>+++ \
b/src/gui/text/qtextcursor.cpp<br>@@ -169,9 +169,14 @@ void \
QTextCursorPrivate::remove()<br> adjusted_anchor = anchor = position;<br> \
priv->endEditBlock();<br> } else {<br>+ QTextDocumentPrivate *testing;<br>+ \
testing = priv;<br>+ qDebug() << "initial priv="<<priv \
<< " testing=" << testing;<br> priv->remove(pos1, \
pos2-pos1, op);<br> adjusted_anchor = anchor = position;<br>- \
priv->finishEdit();<br>+ qDebug() << "final priv=" << \
priv << " testing =" << testing;<br> + if ( priv \
&& (testing == priv))<br>+ priv->finishEdit();<br> \
}<br> <br> }<br><br>now when i re ran kopete, i got the qdebug output as \
<br><br>initial priv= 0xa3cecf0 testing= 0xa3cecf0 <br> final priv= 0xa3cecf0 \
testing = 0xa3cecf0 \
<br>initial priv= 0xa3cecf0 testing= 0xa3cecf0 \
<br> final priv= 0xa3cecf0 testing = 0xa3cecf0 \
<br>initial priv= 0xa3cecf0 testing= 0xa3cecf0 \
<br> final priv= 0x0 testing = 0xa3cecf0 <br><br>So, somewhere in the method \
call<br>priv->remove(pos1, pos2-pos1, op);<br>the pointer value gets modified, \
which leads to crash.<br>I was not able to figure out where exactly in the method \
priv->remove(pos1, pos2-pos1, op); it is getting modified.<br> Probably somebody \
more experienced that me can take a look at it.<br><br><br> <br><br \
clear="all"><br>-- <br>Greetings,<br>KDE Developer<br>irc nick - \
roide<br>roideuniverse dot blogspot dot com<br>twitter dot \
com/roideuniverse<br>--There is no shortcut to Success!<br>
--000e0cd707f28f8a8c0482eeb632--
["kopete.crash" (application/octet-stream)]
["kopete.valgrindlog" (application/octet-stream)]
_______________________________________________
kopete-devel mailing list
kopete-devel@kde.org
https://mail.kde.org/mailman/listinfo/kopete-devel
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic