bug 228704 -- need some help --Kopete crashes when using backspace in chat window

Mon, 29 Mar 2010 04:24:13 -0700 

https://bugs.kde.org/show_bug.cgi?id=228704

Kopete crashes when using backspace in chat window
Somebody told me about this bug on irc and i was able to reproduce it, so I
sat down to fix it.
At first i thought the bug was in kopete, but later it seemed to me that it
was somewhere in qt. It appeared to me as some kind of race condition.

kopete crash report and valgrind log is attached.
I reached the file
qt-kde/src/gui/text/qtextcursor.cpp

I did the following modification which filxed my crash.
 The contents of the diff file are

diff --git a/src/gui/text/qtextcursor.cpp b/src/gui/text/qtextcursor.cpp
index 51eca9c..52632ac 100644
--- a/src/gui/text/qtextcursor.cpp
+++ b/src/gui/text/qtextcursor.cpp
@@ -169,9 +169,14 @@ void QTextCursorPrivate::remove()
         adjusted_anchor = anchor = position;
         priv->endEditBlock();
     } else {
+    QTextDocumentPrivate *testing;
+    testing = priv;
+    qDebug() << "initial priv="<<priv << " testing=" << testing;
         priv->remove(pos1, pos2-pos1, op);
         adjusted_anchor = anchor = position;
-        priv->finishEdit();
+        qDebug() << "final priv=" << priv << " testing =" << testing;
+        if ( priv && (testing == priv))
+                     priv->finishEdit();
     }

 }

now when i re ran kopete, i got the qdebug output as

initial priv= 0xa3cecf0  testing= 0xa3cecf0
final priv= 0xa3cecf0  testing =
0xa3cecf0

initial priv= 0xa3cecf0  testing=
0xa3cecf0

final priv= 0xa3cecf0  testing =
0xa3cecf0

initial priv= 0xa3cecf0  testing=
0xa3cecf0

final priv= 0x0  testing = 0xa3cecf0

So, somewhere in the method call
priv->remove(pos1, pos2-pos1, op);
the pointer value gets modified, which leads to crash.
I was not able to figure out where exactly in the method priv->remove(pos1,
pos2-pos1, op); it is getting modified.
Probably somebody more experienced that me can take a look at it.





-- 
Greetings,
KDE Developer
irc nick - roide
roideuniverse dot blogspot dot com
twitter dot com/roideuniverse
--There is no shortcut to Success!

Attachment: kopete.crash
Description: Binary data

Attachment: kopete.valgrindlog
Description: Binary data

_______________________________________________
kopete-devel mailing list
kopete-devel@kde.org
https://mail.kde.org/mailman/listinfo/kopete-devel

Reply via email to