Version: (using KDE KDE 3.5.1) Installed from: Ubuntu Packages OS: Linux I was trying to delete 6 messages in gmail (with "fake" Firefox 1.0 identification, if it could be useful) and konqueror crashed with this backtrace: (no debugging symbols found) Using host libthread_db library "/lib/tls/i686/cmov/libthread_db.so.1". (no debugging symbols found) `system-supplied DSO at 0xffffe000' has disappeared; keeping its symbols. (no debugging symbols found) [...] (no debugging symbols found) [Thread debugging using libthread_db enabled] [New Thread -1231681312 (LWP 24440)] (no debugging symbols found) [...] (no debugging symbols found) [KCrash handler] #6 0xb61b3178 in findDoctypeEntry () from /usr/lib/libkhtml.so.4 #7 0xb61b3229 in findDoctypeEntry () from /usr/lib/libkhtml.so.4 #8 0xb61a7a43 in DOM::XMLAttributeReader::~XMLAttributeReader () from /usr/lib/libkhtml.so.4 #9 0xb61af07a in findDoctypeEntry () from /usr/lib/libkhtml.so.4 #10 0xb631a8a1 in DOM::Node::insertBefore () from /usr/lib/libkhtml.so.4 #11 0xb62ecf44 in EmbedLiveConnect::call () from /usr/lib/libkhtml.so.4 #12 0xb62b5071 in EmbedLiveConnect::EmbedLiveConnect () from /usr/lib/libkhtml.so.4 #13 0xb603673e in KJS::Object::call () from /usr/lib/libkjs.so.1 #14 0xb6043677 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1 #15 0xb6045718 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1 #16 0xb6049a76 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1 #17 0xb60455a0 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1 #18 0xb6045942 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1 #19 0xb6049a76 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1 #20 0xb60455a0 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1 #21 0xb6046601 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1 #22 0xb6049a76 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1 #23 0xb60455a0 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1 #24 0xb60459dc in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1 #25 0xb6049a76 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1 #26 0xb60455a0 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1 #27 0xb604a9e2 in KJS::DeclaredFunctionImp::execute () from /usr/lib/libkjs.so.1 #28 0xb6033301 in KJS::FunctionImp::call () from /usr/lib/libkjs.so.1 #29 0xb603673e in KJS::Object::call () from /usr/lib/libkjs.so.1 #30 0xb6043677 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1 #31 0xb6045718 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1 #32 0xb6049a76 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1 #33 0xb60455a0 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1 #34 0xb604a9e2 in KJS::DeclaredFunctionImp::execute () from /usr/lib/libkjs.so.1 #35 0xb6033301 in KJS::FunctionImp::call () from /usr/lib/libkjs.so.1 #36 0xb603673e in KJS::Object::call () from /usr/lib/libkjs.so.1 #37 0xb6043677 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1 #38 0xb6045718 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1 #39 0xb6049a76 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1 #40 0xb60455a0 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1 #41 0xb60459dc in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1 #42 0xb60499ef in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1 #43 0xb60455a0 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1 #44 0xb604a9e2 in KJS::DeclaredFunctionImp::execute () from /usr/lib/libkjs.so.1 #45 0xb6033301 in KJS::FunctionImp::call () from /usr/lib/libkjs.so.1 #46 0xb603673e in KJS::Object::call () from /usr/lib/libkjs.so.1 #47 0xb6043677 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1 #48 0xb6045718 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1 #49 0xb60499ef in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1 #50 0xb60455a0 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1 #51 0xb60459dc in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1 #52 0xb6049a76 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1 #53 0xb60455a0 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1 #54 0xb60494f1 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1 #55 0xb60499ef in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1 #56 0xb60455a0 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1 #57 0xb604a9e2 in KJS::DeclaredFunctionImp::execute () from /usr/lib/libkjs.so.1 #58 0xb6033301 in KJS::FunctionImp::call () from /usr/lib/libkjs.so.1 #59 0xb603673e in KJS::Object::call () from /usr/lib/libkjs.so.1 #60 0xb6043677 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1 #61 0xb6047b40 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1 #62 0xb60499ef in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1 #63 0xb60455a0 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1 #64 0xb604a9e2 in KJS::DeclaredFunctionImp::execute () from /usr/lib/libkjs.so.1 #65 0xb6033301 in KJS::FunctionImp::call () from /usr/lib/libkjs.so.1 #66 0xb603673e in KJS::Object::call () from /usr/lib/libkjs.so.1 #67 0xb62b6021 in EmbedLiveConnect::EmbedLiveConnect () from /usr/lib/libkhtml.so.4 #68 0xb62d7784 in EmbedLiveConnect::toString () from /usr/lib/libkhtml.so.4 #69 0xb618d5c8 in DOM::RegisteredListenerList::~RegisteredListenerList () from /usr/lib/libkhtml.so.4 #70 0xb61a56df in DOM::XMLAttributeReader::~XMLAttributeReader () from /usr/lib/libkhtml.so.4 #71 0xb61a59d2 in DOM::XMLAttributeReader::~XMLAttributeReader () from /usr/lib/libkhtml.so.4 #72 0xb61a7ad3 in DOM::XMLAttributeReader::~XMLAttributeReader () from /usr/lib/libkhtml.so.4 #73 0xb61a7ecd in DOM::XMLAttributeReader::~XMLAttributeReader () from /usr/lib/libkhtml.so.4 #74 0xb6140396 in KHTMLView::focusNextPrevNode () from /usr/lib/libkhtml.so.4 #75 0xb6140903 in KHTMLView::focusNextPrevChild () from /usr/lib/libkhtml.so.4 #76 0xb7304a25 in QWidget::focusNextPrevChild () from /usr/lib/libqt-mt.so.3 #77 0xb7304a25 in QWidget::focusNextPrevChild () from /usr/lib/libqt-mt.so.3 #78 0xb7304a25 in QWidget::focusNextPrevChild () from /usr/lib/libqt-mt.so.3 #79 0xb7302005 in QWidget::hide () from /usr/lib/libqt-mt.so.3 #80 0xb73712bf in QComboBox::hide () from /usr/lib/libqt-mt.so.3 #81 0xb622b65d in non-virtual thunk to DOM::HTMLObjectBaseElementImpl::~HTMLObjectBaseElementImpl() () from /usr/lib/libkhtml.so.4 #82 0x091813f0 in ?? () #83 0xb7740460 in ?? () from /usr/lib/libqt-mt.so.3 #84 0xbfc7b708 in ?? () #85 0xb622b62a in non-virtual thunk to DOM::HTMLObjectBaseElementImpl::~HTMLObjectBaseElementImpl() () from /usr/lib/libkhtml.so.4 #86 0xb639d818 in ?? () from /usr/lib/libkhtml.so.4 #87 0x091d8b8c in ?? () #88 0xbfc7b728 in ?? () #89 0xb622b800 in non-virtual thunk to DOM::HTMLObjectBaseElementImpl::~HTMLObjectBaseElementImpl() () from /usr/lib/libkhtml.so.4 #90 0x091d8b8c in ?? () #91 0x08f569b8 in ?? () #92 0x00000000 in ?? () #93 0x00000001 in ?? () #94 0x00000001 in ?? () #95 0xb639d818 in ?? () from /usr/lib/libkhtml.so.4 #96 0xbfc7b748 in ?? () #97 0xb624a050 in non-virtual thunk to khtml::RenderSelect::~RenderSelect() () from /usr/lib/libkhtml.so.4 #98 0x091d8b8c in ?? () #99 0x00000000 in ?? () #100 0xb775d630 in vtable for QGArray () from /usr/lib/libqt-mt.so.3 #101 0xb624a02a in non-virtual thunk to khtml::RenderSelect::~RenderSelect() () from /usr/lib/libkhtml.so.4 #102 0xb639d818 in ?? () from /usr/lib/libkhtml.so.4 #103 0x091d8b8c in ?? () #104 0xbfc7b768 in ?? () #105 0xb61e4fb4 in non-virtual thunk to DOM::HTMLObjectBaseElementImpl::~HTMLObjectBaseElementImpl() () from /usr/lib/libkhtml.so.4 #106 0x091d8b8c in ?? () #107 0xb7740460 in ?? () from /usr/lib/libqt-mt.so.3 #108 0x091d8b8c in ?? () #109 0xb61e4f9a in non-virtual thunk to DOM::HTMLObjectBaseElementImpl::~HTMLObjectBaseElementImpl() () from /usr/lib/libkhtml.so.4 #110 0xb639d818 in ?? () from /usr/lib/libkhtml.so.4 #111 0x091d8bb4 in ?? () #112 0xbfc7b788 in ?? () #113 0xb61e4ffc in non-virtual thunk to DOM::HTMLObjectBaseElementImpl::~HTMLObjectBaseElementImpl() () from /usr/lib/libkhtml.so.4 #114 0x091d8bb4 in ?? () #115 0x087005a8 in ?? () #116 0x091d8b8c in ?? () #117 0xffffffd8 in ?? () #118 0x087005a8 in ?? () #119 0xb639d818 in ?? () from /usr/lib/libkhtml.so.4 #120 0xbfc7b7a8 in ?? () #121 0xb61f96de in non-virtual thunk to DOM::HTMLObjectBaseElementImpl::~HTMLObjectBaseElementImpl() () from /usr/lib/libkhtml.so.4 #122 0x091d8bb4 in ?? () #123 0x087005a8 in ?? () #124 0x091813f0 in ?? () #125 0xb61f96aa in non-virtual thunk to DOM::HTMLObjectBaseElementImpl::~HTMLObjectBaseElementImpl() () from /usr/lib/libkhtml.so.4 #126 0xb639d818 in ?? () from /usr/lib/libkhtml.so.4 #127 0x091813f0 in ?? () #128 0xbfc7b7d8 in ?? () #129 0xb620e747 in non-virtual thunk to DOM::HTMLObjectBaseElementImpl::~HTMLObjectBaseElementImpl() () from /usr/lib/libkhtml.so.4 #130 0x091d8b8c in ?? () #131 0x00000000 in ?? () #132 0x00000000 in ?? () #133 0x087005a8 in ?? () #134 0x087005a8 in ?? () #135 0x00000000 in ?? () #136 0xbfc7b7f8 in ?? () #137 0xb639d818 in ?? () from /usr/lib/libkhtml.so.4 #138 0x09023030 in ?? () #139 0x09023030 in ?? () #140 0xbfc7b7f8 in ?? () #141 0xb618759b in DOM::RegisteredListenerList::isHTMLEventListener () from /usr/lib/libkhtml.so.4 ps: reopening gmail site, the 6 messages have been deleted, anyway
SVN commit 599857 by orlovich: Prevent crash-inducing recursion of detach due to blur events happening when widgets with focus get destroyed, by quietly shifting the focus to the view...(#135384, probably #124342 --- best I can tell given imperfect information); also affects some bugs which I separately closed as non-reproducible, but which involved such a sequence Also fixes freezing in #92497, as we no longer try to find something to focus when nothing is focusable.. BUG:92497 BUG:124342 BUG:135384 M +9 -0 khtmlview.cpp M +14 -3 xml/dom_docimpl.cpp --- branches/KDE/3.5/kdelibs/khtml/khtmlview.cpp #599856:599857 @@ -2031,6 +2031,15 @@ DocumentImpl *doc = m_part->xmlDocImpl(); NodeImpl *oldFocusNode = doc->focusNode(); + + // See whether we're in the middle of detach. If so, we want to + // clear focus... The document code will be careful to not + // emit events in that case.. + if (oldFocusNode && oldFocusNode->renderer() && + !oldFocusNode->renderer()->parent()) { + doc->setFocusNode(0); + return true; + } #if 1 // If the user has scrolled the document, then instead of picking --- branches/KDE/3.5/kdelibs/khtml/xml/dom_docimpl.cpp #599856:599857 @@ -2227,6 +2227,13 @@ { // don't process focus changes while detaching if( !m_render ) return; + + // We do want to blur if a widget is being detached, + // but we don't want to emit events since that + // triggers updateLayout() and may recurse detach() + bool widgetDetach = m_focusNode && m_focusNode != this && + m_focusNode->renderer() && !m_focusNode->renderer()->parent(); + // Make sure newFocusNode is actually in this document if (newFocusNode && (newFocusNode->getDocument() != this)) return; @@ -2241,8 +2248,11 @@ oldFocusNode->setActive(false); oldFocusNode->setFocus(false); - oldFocusNode->dispatchHTMLEvent(EventImpl::BLUR_EVENT,false,false); - oldFocusNode->dispatchUIEvent(EventImpl::DOMFOCUSOUT_EVENT); + + if (!widgetDetach) { + oldFocusNode->dispatchHTMLEvent(EventImpl::BLUR_EVENT,false,false); + oldFocusNode->dispatchUIEvent(EventImpl::DOMFOCUSOUT_EVENT); + } if ((oldFocusNode == this) && oldFocusNode->hasOneRef()) { oldFocusNode->deref(); // deletes this return; @@ -2278,7 +2288,8 @@ view()->setFocus(); } - updateRendering(); + if (!widgetDetach) + updateRendering(); } }