recent khtml regression
David Faure
faure at kde.org
Mon Dec 18 13:42:49 GMT 2006
khtml now crashes when I try to log in on www.voyages-sncf.com (by pressing Enter).
Valgrind trace below.
Basically, the lineedit gets deleted by a DeferredDelete event executed while the dialog box asking whether to save the form contents in kwallet is up.
Seems obvious, but then I wonder why it didn't happen before.
Sounds like some event handling code is still being executed in the deleted node after the whole page was deleted.
Anyone changed event handling recently?
==19957==
==19957== Invalid read of size 4
==19957== at 0x5020A86: QLineEdit::selectedText() const (qlineedit.cpp:973)
==19957== by 0x478D08E: KLineEdit::keyPressEvent(QKeyEvent*) (klineedit.cpp:809)
==19957== by 0x7481E84: khtml::RenderWidget::EventPropagator::sendEvent(QEvent*) (render_replaced.cpp:711)
==19957== by 0x7482A93: khtml::RenderWidget::handleEvent(DOM::EventImpl const&) (render_replaced.cpp:858)
==19957== by 0x740E82A: DOM::HTMLGenericFormElementImpl::defaultEventHandler(DOM::EventImpl*) (html_formimpl.cpp:994)
==19957== by 0x74173B7: DOM::HTMLInputElementImpl::defaultEventHandler(DOM::EventImpl*) (html_formimpl.cpp:1805)
==19957== by 0x73C6336: DOM::NodeImpl::dispatchGenericEvent(DOM::EventImpl*, int&) (dom_nodeimpl.cpp:398)
==19957== by 0x73C4B1A: DOM::NodeImpl::dispatchEvent(DOM::EventImpl*, int&, bool) (dom_nodeimpl.cpp:342)
==19957== by 0x73C52B7: DOM::NodeImpl::dispatchKeyEvent(QKeyEvent*, bool) (dom_nodeimpl.cpp:578)
==19957== by 0x7347228: KHTMLView::dispatchKeyEventHelper(QKeyEvent*, bool) (khtmlview.cpp:1380)
==19957== by 0x7347332: KHTMLView::dispatchKeyEvent(QKeyEvent*) (khtmlview.cpp:1336)
==19957== by 0x734C2FF: KHTMLView::keyPressEvent(QKeyEvent*) (khtmlview.cpp:1465)
==19957== by 0x73465C2: KHTMLView::eventFilter(QObject*, QEvent*) (khtmlview.cpp:1924)
==19957== by 0x4F45CC5: QObject::activate_filters(QEvent*) (qobject.cpp:903)
==19957== by 0x4F45D43: QObject::event(QEvent*) (qobject.cpp:735)
==19957== by 0x4F8323B: QWidget::event(QEvent*) (qwidget.cpp:4659)
==19957== by 0x5028D62: QLineEdit::event(QEvent*) (qlineedit.cpp:1412)
==19957== by 0x748E03F: khtml::LineEditWidget::event(QEvent*) (render_form.cpp:419)
==19957== by 0x4EDF07F: QApplication::internalNotify(QObject*, QEvent*) (qapplication.cpp:2635)
==19957== by 0x4EDF411: QApplication::notify(QObject*, QEvent*) (qapplication.cpp:2392)
==19957== by 0x4A433A6: KApplication::notify(QObject*, QEvent*) (kapplication.cpp:550)
==19957== by 0x4E70F54: QApplication::sendSpontaneousEvent(QObject*, QEvent*) (qapplication.h:499)
==19957== by 0x4E652E4: QETWidget::translateKeyEvent(_XEvent const*, bool) (qapplication_x11.cpp:5501)
==19957== by 0x4E6B267: QApplication::x11ProcessEvent(_XEvent*) (qapplication_x11.cpp:3488)
==19957== by 0x4E841D2: QEventLoop::processEvents(unsigned) (qeventloop_x11.cpp:192)
==19957== by 0x4EF75FA: QEventLoop::enterLoop() (qeventloop.cpp:198)
==19957== by 0x4EF751D: QEventLoop::exec() (qeventloop.cpp:145)
==19957== by 0x4EDDD12: QApplication::exec() (qapplication.cpp:2758)
==19957== by 0x408986F: kdemain (konq_main.cc:206)
==19957== by 0x8048691: main (kdeinit_konqueror.cpp:2)
==19957== Address 0x623F59C is 148 bytes inside a block of size 204 free'd
==19957== at 0x4020CC7: operator delete(void*) (vg_replace_malloc.c:244)
==19957== by 0x748E811: khtml::LineEditWidget::~LineEditWidget() (render_form.cpp:322)
==19957== by 0x4F45DE1: QObject::event(QEvent*) (qobject.cpp:750)
==19957== by 0x4F8323B: QWidget::event(QEvent*) (qwidget.cpp:4659)
==19957== by 0x5028D62: QLineEdit::event(QEvent*) (qlineedit.cpp:1412)
==19957== by 0x748E03F: khtml::LineEditWidget::event(QEvent*) (render_form.cpp:419)
==19957== by 0x4EDF07F: QApplication::internalNotify(QObject*, QEvent*) (qapplication.cpp:2635)
==19957== by 0x4EDFB72: QApplication::notify(QObject*, QEvent*) (qapplication.cpp:2523)
==19957== by 0x4A433A6: KApplication::notify(QObject*, QEvent*) (kapplication.cpp:550)
==19957== by 0x40A4BD2: QApplication::sendEvent(QObject*, QEvent*) (qapplication.h:496)
==19957== by 0x4EE031E: QApplication::sendPostedEvents(QObject*, int) (qapplication.cpp:3270)
==19957== by 0x4EE0425: QApplication::sendPostedEvents() (qapplication.cpp:3181)
==19957== by 0x4E84122: QEventLoop::processEvents(unsigned) (qeventloop_x11.cpp:144)
==19957== by 0x4EF75FA: QEventLoop::enterLoop() (qeventloop.cpp:198)
==19957== by 0x4EDDD3E: QApplication::enter_loop() (qapplication.cpp:2793)
==19957== by 0x50FB8AF: QDialog::exec() (qdialog.cpp:432)
==19957== by 0x481F193: KMessageBox::createKMessageBox(KDialogBase*, QPixmap, QString const&, QStringList const&, QString const&, bool*, int, QString const&, QMessageBox::Icon) (kmessagebox.cpp:309)
==19957== by 0x481F55C: KMessageBox::createKMessageBox(KDialogBase*, QMessageBox::Icon, QString const&, QStringList const&, QString const&, bool*, int, QString const&) (kmessagebox.cpp:146)
==19957== by 0x74169F5: DOM::HTMLFormElementImpl::submit() (html_formimpl.cpp:628)
==19957== by 0x7416EF2: DOM::HTMLFormElementImpl::prepareSubmit() (html_formimpl.cpp:553)
==19957== by 0x7416F73: DOM::HTMLInputElementImpl::activate() (html_formimpl.cpp:1819)
==19957== by 0x74173A5: DOM::HTMLInputElementImpl::defaultEventHandler(DOM::EventImpl*) (html_formimpl.cpp:1802)
==19957== by 0x73C6336: DOM::NodeImpl::dispatchGenericEvent(DOM::EventImpl*, int&) (dom_nodeimpl.cpp:398)
==19957== by 0x73C4B1A: DOM::NodeImpl::dispatchEvent(DOM::EventImpl*, int&, bool) (dom_nodeimpl.cpp:342)
==19957== by 0x73C6029: DOM::NodeImpl::dispatchUIEvent(int, int) (dom_nodeimpl.cpp:550)
==19957== by 0x73C6409: DOM::NodeImpl::dispatchGenericEvent(DOM::EventImpl*, int&) (dom_nodeimpl.cpp:402)
==19957== by 0x73C4B1A: DOM::NodeImpl::dispatchEvent(DOM::EventImpl*, int&, bool) (dom_nodeimpl.cpp:342)
==19957== by 0x73C6A05: DOM::NodeImpl::dispatchMouseEvent(QMouseEvent*, int, int) (dom_nodeimpl.cpp:532)
==19957== by 0x740E61A: DOM::HTMLInputElementImpl::click() (html_formimpl.cpp:1372)
==19957== by 0x74176A3: DOM::HTMLFormElementImpl::submitFromKeyboard() (html_formimpl.cpp:488)
==19957== by 0x748DF12: khtml::RenderLineEdit::slotReturnPressed() (render_form.cpp:506)
==19957== by 0x748DF5D: khtml::RenderLineEdit::qt_invoke(int, QUObject*) (render_form.moc:330)
==19957== by 0x4F48B7C: QObject::activate_signal(QConnectionList*, QUObject*) (qobject.cpp:2356)
==19957== by 0x4F49617: QObject::activate_signal(int) (qobject.cpp:2325)
==19957== by 0x52F0560: QLineEdit::returnPressed() (moc_qlineedit.cpp:225)
==19957== by 0x5029224: QLineEdit::keyPressEvent(QKeyEvent*) (qlineedit.cpp:1543)
==19957== by 0x478D07C: KLineEdit::keyPressEvent(QKeyEvent*) (klineedit.cpp:807)
==19957== by 0x7481E84: khtml::RenderWidget::EventPropagator::sendEvent(QEvent*) (render_replaced.cpp:711)
==19957== by 0x7482A93: khtml::RenderWidget::handleEvent(DOM::EventImpl const&) (render_replaced.cpp:858)
==19957== by 0x740E82A: DOM::HTMLGenericFormElementImpl::defaultEventHandler(DOM::EventImpl*) (html_formimpl.cpp:994)
==19957== by 0x74173B7: DOM::HTMLInputElementImpl::defaultEventHandler(DOM::EventImpl*) (html_formimpl.cpp:1805)
==19957== by 0x73C6336: DOM::NodeImpl::dispatchGenericEvent(DOM::EventImpl*, int&) (dom_nodeimpl.cpp:398)
==19957== by 0x73C4B1A: DOM::NodeImpl::dispatchEvent(DOM::EventImpl*, int&, bool) (dom_nodeimpl.cpp:342)
==19957== by 0x73C52B7: DOM::NodeImpl::dispatchKeyEvent(QKeyEvent*, bool) (dom_nodeimpl.cpp:578)
==19957== by 0x7347228: KHTMLView::dispatchKeyEventHelper(QKeyEvent*, bool) (khtmlview.cpp:1380)
==19957== by 0x7347332: KHTMLView::dispatchKeyEvent(QKeyEvent*) (khtmlview.cpp:1336)
==19957== by 0x734C2FF: KHTMLView::keyPressEvent(QKeyEvent*) (khtmlview.cpp:1465)
==19957== by 0x73465C2: KHTMLView::eventFilter(QObject*, QEvent*) (khtmlview.cpp:1924)
==19957== by 0x4F45CC5: QObject::activate_filters(QEvent*) (qobject.cpp:903)
==19957== by 0x4F45D43: QObject::event(QEvent*) (qobject.cpp:735)
--
David Faure, faure at kde.org, sponsored by Trolltech to work on KDE,
Konqueror (http://www.konqueror.org), and KOffice (http://www.koffice.org).
More information about the kfm-devel
mailing list