Version: (using KDE KDE 3.5.1) Installed from: Gentoo Packages If you quickly move the mouse down on a bookmark folder and right click on it (the click has to happen before the content of the folder is shown i think), then move the mouse over a bookmark in that folder, right click on it and then move the mouse back over the bookmark folder listing, konqueror crashes. So: 1. Quickly open a right click menu on a bookmark folder 2. Move the mouse to the content of the folder 3. Right click on a random bookmark in that folder 4. Move the mouse back to over the bookmark folder listings 5. Crash The traceback told me it was useless (have unchecked "disable checking on startup" in kcontrol->kde perf)
I observed the same problem, but without the restriction to be fast: 1. Move to a bookmark folder, wait until it unfolds, select an entry, right-click on it: a small "right-click box" appears. 2. Now move your mouse pointer to the original bookmark folder and right-click on it while the above small "right-click box" is still visible. -> Crash Backtrace: Using host libthread_db library "/lib/libthread_db.so.1". `system-supplied DSO at 0xffffe000' has disappeared; keeping its symbols. [Thread debugging using libthread_db enabled] [New Thread 16384 (LWP 16497)] [KCrash handler] #6 0xb79d6d03 in KPopupMenu::ctxMenuHiding (this=0x8b171e0) at qmenudata.h:71 #7 0xb79d7929 in KPopupMenu::qt_invoke (this=0x8b171e0, _id=61, _o=0xbfa48f40) at kpopupmenu.moc:231 #8 0xb70f4b8a in QObject::activate_signal (this=0x8b17b28, clist=0x8b174e0, o=0xbfa48f40) at qconnection.h:54 #9 0xb70f52b4 in QObject::activate_signal (this=0xbfa48f54, signal=-1079734800) at qobject.cpp:2325 #10 0xb744ddc6 in QPopupMenu::aboutToHide (this=0x0) at qmetaobject.h:261 #11 0xb71fe582 in QPopupMenu::hide (this=0x8b17b28) at qpopupmenu.cpp:1374 #12 0xb79d6d89 in KPopupMenu::hideEvent (this=0x8b171e0) at kpopupmenu.cpp:661 #13 0xb712c190 in QWidget::event (this=0x8b171e0, e=0xbfa493d0) at qwidget.cpp:4830 #14 0xb70929d0 in QApplication::internalNotify (this=0x0, receiver=0x8b171e0, e=0xbfa493d0) at qapplication.cpp:2635 #15 0xb7092b63 in QApplication::notify (this=0xbfa49ff0, receiver=0x8b171e0, e=0xbfa493d0) at qapplication.cpp:2523 #16 0xb77064be in KApplication::notify (this=0xbfa49ff0, receiver=0x8b171e0, event=0xbfa493d0) at kapplication.cpp:550 #17 0xb71298dd in QWidget::hide (this=0x8b171e0) at qapplication.h:496 #18 0xb71fe5ed in QPopupMenu::hide (this=0x8b171e0) at qpopupmenu.cpp:1385 #19 0xb743c72f in QWidget::qt_invoke (this=0x8b171e0, _id=145846752, _o=0xbfa495e0) at moc_qwidget.cpp:373 #20 0xb7443fa7 in QFrame::qt_invoke (this=0x0, _id=0, _o=0x0) at moc_qframe.cpp:118 #21 0xb744de1f in QPopupMenu::qt_invoke (this=0x8b171e0, _id=23, _o=0xbfa495e0) at moc_qpopupmenu.cpp:199 #22 0xb79d781b in KPopupMenu::qt_invoke (this=0x8b171e0, _id=23, _o=0xbfa495e0) at kpopupmenu.moc:234 #23 0xb70f4b8a in QObject::activate_signal (this=0x83f40a8, clist=0x8b174e0, o=0xbfa495e0) at qconnection.h:54 #24 0xb7438ee2 in QSignal::signal (this=0xbfa49608, t0=@0x0) at moc_qsignal.cpp:100 #25 0xb710e4a9 in QSignal::activate (this=0x83f40a8) at qsignal.cpp:212 #26 0xb711592b in QSingleShotTimer::event (this=0x83f4080) at qtimer.cpp:286 #27 0xb70929d0 in QApplication::internalNotify (this=0x0, receiver=0x83f4080, e=0xbfa499e0) at qapplication.cpp:2635 #28 0xb7092b63 in QApplication::notify (this=0xbfa49ff0, receiver=0x83f4080, e=0xbfa499e0) at qapplication.cpp:2523 #29 0xb77064be in KApplication::notify (this=0xbfa49ff0, receiver=0x83f4080, event=0xbfa499e0) at kapplication.cpp:550 #30 0xb70867e5 in QEventLoop::activateTimers (this=0x815c870) at qapplication.h:496 #31 0xb703fade in QEventLoop::processEvents (this=0x815c870, flags=4) at qeventloop_x11.cpp:389 #32 0xb70a897e in QEventLoop::enterLoop (this=0x815c870) at qeventloop.cpp:198 #33 0xb70a88d6 in QEventLoop::exec (this=0x815c870) at qeventloop.cpp:145 #34 0xb7091cb7 in QApplication::exec (this=0xbfa49ff0) at qapplication.cpp:2758 #35 0xb66a4921 in kdemain (argc=0, argv=0x0) at konq_main.cc:206 #36 0xb760880c in kdeinitmain (argc=0, argv=0x0) at konqueror_dummy.cc:3 #37 0x0804e405 in launch (argc=2, _name=0x813b81c "konqueror", args=0x813b82f "\001", cwd=0x0, envc=1, envs=0x813b840 "", reset_env=false, tty=0x0, avoid_loops=false, startup_id_str=0x0) at kinit.cpp:639 #38 0x0804eb34 in handle_launcher_request (sock=8) at kinit.cpp:1203 #39 0x0804f06b in handle_requests (waitForPid=0) at kinit.cpp:1406 #40 0x0804f88d in main (argc=2, argv=0xbfa4a954, envp=0x0) at kinit.cpp:1850 #41 0xb68e738e in __libc_start_main (main=0x804f186 <main>, argc=0, ubp_av=0xbfa4a954, init=0x805098c <__libc_csu_init>, fini=0, rtld_fini=0xbfa48df0, stack_end=0xbfa4a94c) at libc-start.c:240 #42 0x0804ba61 in _start () at start.S:119 Current language: auto; currently c
Can't reproduce with 3.5.4.
What is your Qt version?
I can reproduce the crash described in comment #1 using Kubuntu packages for Edgy. QT version is 3.3.6 and KDE version is 3.5.5. The crash is always reproducible.
Backtrace from gdb: #0 0x00002b62e2bcba12 in KPopupMenu::ctxMenuHiding () from /usr/lib/libkdeui.so.4 #1 0x00002b62e2c0f201 in KPopupMenu::qt_invoke () from /usr/lib/libkdeui.so.4 #2 0x00002b62e4489d76 in QObject::activate_signal () from /usr/lib/libqt-mt.so.3 #3 0x00002b62e448a910 in QObject::activate_signal () from /usr/lib/libqt-mt.so.3 #4 0x00002b62e4810b0d in QPopupMenu::aboutToHide () from /usr/lib/libqt-mt.so.3 #5 0x00002b62e45a7c28 in QPopupMenu::hide () from /usr/lib/libqt-mt.so.3 #6 0x00002b62e2bc3193 in KPopupMenu::hideEvent () from /usr/lib/libkdeui.so.4 #7 0x00002b62e44beb0e in QWidget::event () from /usr/lib/libqt-mt.so.3 #8 0x00002b62e44252d6 in QApplication::internalNotify () from /usr/lib/libqt-mt.so.3 #9 0x00002b62e4427b4a in QApplication::notify () from /usr/lib/libqt-mt.so.3 #10 0x00002b62e35d6ba8 in KApplication::notify () from /usr/lib/libkdecore.so.4 #11 0x00002b62e43b7e42 in QApplication::sendEvent () from /usr/lib/libqt-mt.so.3 #12 0x00002b62e44bdce2 in QWidget::hide () from /usr/lib/libqt-mt.so.3 #13 0x00002b62e45a7d15 in QPopupMenu::hide () from /usr/lib/libqt-mt.so.3 #14 0x00002b62e47fdeaf in QWidget::qt_invoke () from /usr/lib/libqt-mt.so.3 #15 0x00002b62e480472d in QFrame::qt_invoke () from /usr/lib/libqt-mt.so.3 #16 0x00002b62e4810ad4 in QPopupMenu::qt_invoke () from /usr/lib/libqt-mt.so.3 ---Type <return> to continue, or q <return> to quit--- #17 0x00002b62e2c0f17d in KPopupMenu::qt_invoke () from /usr/lib/libkdeui.so.4 #18 0x00002b62e4489d76 in QObject::activate_signal () from /usr/lib/libqt-mt.so.3 #19 0x00002b62e47f7d85 in QSignal::signal () from /usr/lib/libqt-mt.so.3 #20 0x00002b62e44a8ecb in QSignal::activate () from /usr/lib/libqt-mt.so.3 #21 0x00002b62e44afefe in QSingleShotTimer::event () from /usr/lib/libqt-mt.so.3 #22 0x00002b62e44252d6 in QApplication::internalNotify () from /usr/lib/libqt-mt.so.3 #23 0x00002b62e4427065 in QApplication::notify () from /usr/lib/libqt-mt.so.3 #24 0x00002b62e35d6ba8 in KApplication::notify () from /usr/lib/libkdecore.so.4 #25 0x00002b62e43b7e42 in QApplication::sendEvent () from /usr/lib/libqt-mt.so.3 #26 0x00002b62e4418590 in QEventLoop::activateTimers () from /usr/lib/libqt-mt.so.3 #27 0x00002b62e43cc56f in QEventLoop::processEvents () from /usr/lib/libqt-mt.so.3 #28 0x00002b62e443e80b in QEventLoop::enterLoop () from /usr/lib/libqt-mt.so.3 #29 0x00002b62e443e613 in QEventLoop::exec () from /usr/lib/libqt-mt.so.3 #30 0x00002b62e4426d9c in QApplication::exec () from /usr/lib/libqt-mt.so.3 #31 0x00002b62e18855bc in kdemain () from /usr/lib/libkdeinit_konqueror.so #32 0x00002b62e1e790c4 in __libc_start_main () from /lib/libc.so.6 #33 0x0000000000400519 in ?? () ---Type <return> to continue, or q <return> to quit--- #34 0x00007fffc9402aa8 in ?? () #35 0x0000000000000000 in ?? () The disassembly is: Dump of assembler code for function _ZN10KPopupMenu13ctxMenuHidingEv: 0x00002b62e2bcb9d0 <_ZN10KPopupMenu13ctxMenuHidingEv+0>: mov 2956561(%rip),%rax # 0x2b62e2e9d6e8 <_ZTI8QPtrDictI11QGuardedPtrI7QWidgetEE+5048> 0x00002b62e2bcb9d7 <_ZN10KPopupMenu13ctxMenuHidingEv+7>: push %rbx 0x00002b62e2bcb9d8 <_ZN10KPopupMenu13ctxMenuHidingEv+8>: mov %rdi,%rbx 0x00002b62e2bcb9db <_ZN10KPopupMenu13ctxMenuHidingEv+11>: mov (%rax),%esi 0x00002b62e2bcb9dd <_ZN10KPopupMenu13ctxMenuHidingEv+13>: test %esi,%esi 0x00002b62e2bcb9df <_ZN10KPopupMenu13ctxMenuHidingEv+15>: jne 0x2b62e2bcba06 <_ZN10KPopupMenu13ctxMenuHidingEv+54> 0x00002b62e2bcb9e1 <_ZN10KPopupMenu13ctxMenuHidingEv+17>: lea 1220519(%rip),%rcx # 0x2b62e2cf598f <_fini+4215> 0x00002b62e2bcb9e8 <_ZN10KPopupMenu13ctxMenuHidingEv+24>: lea 1220534(%rip),%rsi # 0x2b62e2cf59a5 <_fini+4237> 0x00002b62e2bcb9ef <_ZN10KPopupMenu13ctxMenuHidingEv+31>: mov %rbx,%rdx 0x00002b62e2bcb9f2 <_ZN10KPopupMenu13ctxMenuHidingEv+34>: mov %rbx,%rdi 0x00002b62e2bcb9f5 <_ZN10KPopupMenu13ctxMenuHidingEv+37>: callq 0x2b62e2b932a8 <_ZN7QObject10disconnectEPKS_PKcS1_S3_@plt> 0x00002b62e2bcb9fa <_ZN10KPopupMenu13ctxMenuHidingEv+42>: mov 2952223(rip),%rax # 0x2b62e2e9c620 <_ZTI8QPtrDictI11QGuardedPtrI7QWidgetEE+752> 0x00002b62e2bcba01 <_ZN10KPopupMenu13ctxMenuHidingEv+49>: movb $0x1,(%rax) 0x00002b62e2bcba04 <_ZN10KPopupMenu13ctxMenuHidingEv+52>: pop %rbx 0x00002b62e2bcba05 <_ZN10KPopupMenu13ctxMenuHidingEv+53>: retq 0x00002b62e2bcba06 <_ZN10KPopupMenu13ctxMenuHidingEv+54>: lea 0xf0(%rdi),%rdi 0x00002b62e2bcba0d <_ZN10KPopupMenu13ctxMenuHidingEv+61>: callq 0x2b62e2b9d3d8 <_ZNK9QMenuData8findItemEi@plt> 0x00002b62e2bcba12 <_ZN10KPopupMenu13ctxMenuHidingEv+66>: mov 0x28(%rax),%rdi 0x00002b62e2bcba16 <_ZN10KPopupMenu13ctxMenuHidingEv+70>: test %rdi,%rdi 0x00002b62e2bcba19 <_ZN10KPopupMenu13ctxMenuHidingEv+73>: je 0x2b62e2bcb9e1 <_ZN10KPopupMenu13ctxMenuHidingEv+17> 0x00002b62e2bcba1b <_ZN10KPopupMenu13ctxMenuHidingEv+75>: lea 1220435(%rip),%rcx # 0x2b62e2cf5975 <_fini+4189> 0x00002b62e2bcba22 <_ZN10KPopupMenu13ctxMenuHidingEv+82>: lea 1219561(%rip),%rsi # 0x2b62e2cf5612 <_fini+3322> 0x00002b62e2bcba29 <_ZN10KPopupMenu13ctxMenuHidingEv+89>: mov %rbx,%rdx 0x00002b62e2bcba2c <_ZN10KPopupMenu13ctxMenuHidingEv+92>: callq 0x2b62e2b932a8 <_ZN7QObject10disconnectEPKS_PKcS1_S3_@plt> 0x00002b62e2bcba31 <_ZN10KPopupMenu13ctxMenuHidingEv+97>: jmp 0x2b62e2bcb9e1 <_ZN10KPopupMenu13ctxMenuHidingEv+17> 0x00002b62e2bcba33 <_ZN10KPopupMenu13ctxMenuHidingEv+99>: nop 0x00002b62e2bcba34 <_ZN10KPopupMenu13ctxMenuHidingEv+100>: data16 0x00002b62e2bcba35 <_ZN10KPopupMenu13ctxMenuHidingEv+101>: data16 0x00002b62e2bcba36 <_ZN10KPopupMenu13ctxMenuHidingEv+102>: data16 0x00002b62e2bcba37 <_ZN10KPopupMenu13ctxMenuHidingEv+103>: nop 0x00002b62e2bcba38 <_ZN10KPopupMenu13ctxMenuHidingEv+104>: data16 0x00002b62e2bcba39 <_ZN10KPopupMenu13ctxMenuHidingEv+105>: data16 0x00002b62e2bcba3a <_ZN10KPopupMenu13ctxMenuHidingEv+106>: data16 0x00002b62e2bcba3b <_ZN10KPopupMenu13ctxMenuHidingEv+107>: nop 0x00002b62e2bcba3c <_ZN10KPopupMenu13ctxMenuHidingEv+108>: data16 0x00002b62e2bcba3d <_ZN10KPopupMenu13ctxMenuHidingEv+109>: data16 0x00002b62e2bcba3e <_ZN10KPopupMenu13ctxMenuHidingEv+110>: data16 0x00002b62e2bcba3f <_ZN10KPopupMenu13ctxMenuHidingEv+111>: nop And the registers are: rax 0x0 0 rbx 0x1007000 16805888 rcx 0x1007000 16805888 rdx 0x7fffc9400e00 140736569806336 rsi 0x7fffc9400e00 140736569806336 rdi 0xa4cbd0 10800080 rbp 0x7fffc9400f80 0x7fffc9400f80 rsp 0x7fffc9400e50 0x7fffc9400e50 r8 0x10093e0 16815072 r9 0x52ab 21163 r10 0x0 0 r11 0x2b62e2bcb9d0 47703710808528 r12 0x1007000 16805888 r13 0x7fffc9402888 140736569813128 r14 0x7fffc9401560 140736569808224 r15 0x0 0 rip 0x2b62e2bcba12 0x2b62e2bcba12 <KPopupMenu::ctxMenuHiding()+66> eflags 0x10246 [ PF ZF IF RF ] cs 0x33 51 ss 0x2b 43 ds 0x0 0 es 0x0 0 fs 0x0 0 gs 0x0 0 It looks like the MenuData::FindItem function is returning NULL and KPopupMenu's ctxMenuHiding function isn't checking the return value.
Easy to fix the crashing, but I suspect this just causes a bug somewhere else: Index: kpopupmenu.cpp =================================================================== --- kpopupmenu.cpp (revision 624070) +++ kpopupmenu.cpp (working copy) @@ -609,15 +609,18 @@ void KPopupMenu::ctxMenuHiding() { - if (KPopupMenuPrivate::s_highlightedItem) + if (KPopupMenuPrivate::s_highlightedItem) { - QPopupMenu* subMenu = findItem(KPopupMenuPrivate::s_highlightedItem)->popup(); - if (subMenu) + QMenuItem* item = findItem(KPopupMenuPrivate::s_highlightedItem); + if (item) { - disconnect(subMenu, SIGNAL(aboutToShow()), this, SLOT(ctxMenuHideShowingMenu())); + QPopupMenu* subMenu = item->popup(); + if (subMenu) + { + disconnect(subMenu, SIGNAL(aboutToShow()), this, SLOT(ctxMenuHideShowingMenu())); + } } } - disconnect(this, SIGNAL(highlighted(int)), this, SLOT(itemHighlighted(int))); KPopupMenuPrivate::s_continueCtxMenuShow = true; }
Should have mentioned that the patch is to be applied in kdelibs/kdeui
This bug does not work for me in KDE 3.5.9 on openSUSE
This bug is still there in OpenSuse 11.0 (kde 3.5.9). What it must happen for the crash to occur, is to follow the steps in the first comment, 2 contexts menus will appear and crash while drawing the 2nd. The bug doesn't happen in konq4 because the focus stays on the right-clicked item, unlike konq3.
I believe this bug does not exist in KDE 4.2.2 because Konqueror's right-click behaviour has been totally changed. I tried these steps right now but I couldn't reproduce the bug. Suggest closing as WORKSFORME.
I agree with Shriramana Sharma. Closing as worksforme.