2 crashes in khtml trunk

David Faure faure at kde.org
Thu Mar 29 13:07:57 BST 2007 

1) crash when clicking around in empty startup page.

khtmlview.cpp:
3279            d->oldUnderMouse = targetNode;
3280            d->oldUnderMouse->ref();
crashes when targetNode is 0  (mev.innerNode == 0). Not sure why it doesn't happen in 3.x though?

2) crash on closing konqueror:
#0  0x00002b7d520a047b in raise () from /lib64/libc.so.6
#1  0x00002b7d520a1da0 in abort () from /lib64/libc.so.6
#2  0x00002b7d5054581c in qt_message_output (msgType=QtFatalMsg,
    buf=0x7fff5d57dcc0 "QPixmap: Must construct a QApplication before a QPaintDevice") at global/qglobal.cpp:2135
#3  0x00002b7d5054593d in qFatal (msg=0x2b7d51130d28 "QPixmap: Must construct a QApplication before a QPaintDevice")
    at global/qglobal.cpp:2366
#4  0x00002b7d50ca2de4 in QPixmap::init (this=0x7fff5d57fe50, w=0, h=0, type=QPixmap::PixmapType) at image/qpixmap_x11.cpp:276
#5  0x00002b7d50c9fe89 in QPixmap (this=0x7fff5d57fe50) at image/qpixmap.cpp:95
#6  0x00002b7d573dc00e in khtmlImLoad::PixmapTile::discard (this=0xc7e618) at /d/kde/src/4/kdelibs/khtml/imload/pixmaptile.h:45
#7  0x00002b7d573d75a2 in khtmlImLoad::TileCache::doDiscard (this=0xcb7b60, node=0xda8dc0)
    at /d/kde/src/4/kdelibs/khtml/imload/tilecache.h:113
#8  0x00002b7d573daf29 in khtmlImLoad::TileCache::removeEntry (this=0xcb7b60, tile=0xc7e618)
    at /d/kde/src/4/kdelibs/khtml/imload/tilecache.h:176
#9  0x00002b7d573dc167 in ~PixmapTile (this=0xc7e618) at /d/kde/src/4/kdelibs/khtml/imload/pixmaptile.h:54
#10 0x00002b7d573db7c8 in ~Array2D (this=0xc7e5e0) at /d/kde/src/4/kdelibs/khtml/imload/array2d.h:55
#11 0x00002b7d573db879 in ~PixmapPlane (this=0xc7e5c0) at /d/kde/src/4/kdelibs/khtml/imload/pixmapplane.h:64
#12 0x00002b7d573dabb3 in ~Image (this=0xcb4ae0) at /d/kde/src/4/kdelibs/khtml/imload/image.cpp:57
#13 0x00002b7d572fd538 in khtml::CachedImage::clear (this=0xcb4950) at /d/kde/src/4/kdelibs/khtml/misc/loader.cpp:825
#14 0x00002b7d572fd7f7 in ~CachedImage (this=0xcb4950) at /d/kde/src/4/kdelibs/khtml/misc/loader.cpp:420
#15 0x00002b7d57302255 in Q3Dict<khtml::CachedObject>::deleteItem (this=0x854e90, d=0xcb4960)
    at /d/kde/src/4/qt-copy/include/Qt/../../src/qt3support/tools/q3dict.h:85
#16 0x00002b7d4f49dc0a in Q3GDict::clear (this=0x854e90) at tools/q3gdict.cpp:768
#17 0x00002b7d5730370f in Q3Dict<khtml::CachedObject>::clear (this=0x854e90)
    at /d/kde/src/4/qt-copy/include/Qt/../../src/qt3support/tools/q3dict.h:63
#18 0x00002b7d5730373a in ~Q3Dict (this=0x854e90) at /d/kde/src/4/qt-copy/include/Qt/../../src/qt3support/tools/q3dict.h:45
#19 0x00002b7d572f9959 in khtml::Cache::clear () at /d/kde/src/4/kdelibs/khtml/misc/loader.cpp:1488
#20 0x00002b7d57167dbd in ~KHTMLFactory (this=0x859a30) at /d/kde/src/4/kdelibs/khtml/khtml_factory.cpp:87
#21 0x00002b7d571674e3 in KHTMLFactory::deref () at /d/kde/src/4/kdelibs/khtml/khtml_factory.cpp:128
#22 0x00002b7d57167dce in ~KHTMLFactory (this=0x802260) at /d/kde/src/4/kdelibs/khtml/khtml_factory.cpp:92
#23 0x00002b7d4dc66e5b in qDeleteAll<QHash<QByteArray, KLibFactory*>::const_iterator> (begin={i = 0xb693e0}, end={i = 0xb69410})
    at /d/kde/src/4/qt-copy/include/QtCore/../../src/corelib/tools/qalgorithms.h:328
#24 0x00002b7d4dc66ea5 in qDeleteAll<QHash<QByteArray, KLibFactory*> > (c=@0x6aa018)
    at /d/kde/src/4/qt-copy/include/QtCore/../../src/corelib/tools/qalgorithms.h:336
#25 0x00002b7d4dc64b69 in ~KLibrary (this=0xb69760) at /d/kde/src/4/kdelibs/kdecore/util/klibloader.cpp:167
#26 0x00002b7d4dc62bdb in KLibLoaderPrivate::close_pending (this=0x6bf010, wrap=0xb69440)
    at /d/kde/src/4/kdelibs/kdecore/util/klibloader.cpp:599
#27 0x00002b7d4dc67268 in ~KLibLoaderPrivate (this=0x6bf010) at /d/kde/src/4/kdelibs/kdecore/util/klibloader.cpp:80
#28 0x00002b7d4dc631fc in destroy () at /d/kde/src/4/kdelibs/kdecore/util/klibloader.cpp:96
#29 0x00002b7d4dba9225 in ~KCleanUpGlobalStatic (this=0x2b7d4dde7618) at /d/kde/src/4/kdelibs/kdecore/kernel/kglobal.h:51
#30 0x00002b7d4dc62754 in __tcf_0 () at /d/kde/src/4/kdelibs/kdecore/util/klibloader.cpp:96
#31 0x00002b7d520a3155 in exit () from /lib64/libc.so.6
#32 0x00002b7d5208d0cb in __libc_start_main () from /lib64/libc.so.6
#33 0x0000000000400899 in _start ()

Destructors are not a good place to call code that does foo = QPixmap(); it can be called too late, once there's no qapp anymore.
Or maybe the solution is a qAddPostRoutine, as Matthias Kretz suggested for other cases...
But where would we stick it? In KLibLoader itself? KHTML is special in that it actually has code in the factory destructor,
unlike most other dlopened modules.

-- 
David Faure, faure at kde.org, sponsored by Trolltech to work on KDE,
Konqueror (http://www.konqueror.org), and KOffice (http://www.koffice.org).

More information about the kfm-devel mailing list