Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.

Bug 155651

Summary: segmentation fault using qt's QPtrList at() method
Product: [Fedora] Fedora Reporter: Adrian Reber <adrian>
Component: qtAssignee: Ngo Than <than>
Status: CLOSED NOTABUG QA Contact: Ben Levenson <benl>
Severity: medium Docs Contact:
Priority: medium    
Version: rawhide   
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2005-04-28 10:39:27 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Description Adrian Reber 2005-04-22 08:50:51 UTC
Following code crashes with a segmentation fault:

#include <qstring.h>
#include <qptrlist.h>
class track_info {
  public:

    QString songname;
};

int main() {
        QPtrList < track_info > trk;
        QString test;
        trk.append(new track_info());
        QString *haha = new QString("haha");
        trk.at(1)->songname = haha->utf8();
        return 0;
}

I am using following command to compile it:
gcc qttest.cc  -I/usr/lib/qt-3.3/include -lqt-mt -L/usr/lib/qt-3.3/lib

And gdb says:
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread -1208174912 (LWP 13456)]
0x07560177 in QString::setUnicode () from /usr/lib/qt-3.3/lib/libqt-mt.so.3
(gdb)

I think that this is a bug because the documentation
(http://doc.trolltech.com/3.3/qptrlist.html#at) says:

"Returns a pointer to the item at position index in the list, or 0 if the index
is out of range."

I have tested it with qt-3.3.4-0.fc3.0, qt-devel-3.3.3-8 and qt-3.3.4-11

Comment 1 Ngo Than 2005-04-28 10:39:27 UTC
Hm, it seems your test case is broken, the index is out of range in this case
and get a NULL pointer here! it's why it crashes.

Comment 2 Adrian Reber 2005-04-28 11:19:49 UTC
Okay, then I have maybe misunderstood the documentation:

"Returns a pointer to the item at position index in the list, or 0 if the index
is out of range."

I thought it means I get the element at position 0 but maybe it means I get
NULL. If that's the case then it is my fault.