Bug 144361

Summary: Konqueror crashes after submitting form at https://www.myopenid.com/settings_certificates (debug backtrace)
Product: [Applications] konqueror Reporter: Daniel Hahler <kde-bugzilla>
Component: khtmlAssignee: Konqueror Developers <konq-bugs>
Status: RESOLVED FIXED    
Severity: crash CC: bradh, daniel-hofstetter, david, finex, maksim, mutlu_inek
Priority: NOR    
Version: unspecified   
Target Milestone: ---   
Platform: Ubuntu   
OS: Linux   
Latest Commit: Version Fixed In:
Sentry Crash Report:

Description Daniel Hahler 2007-04-17 23:31:02 UTC 
Version:            (using KDE KDE 3.5.6)
Installed from:    Ubuntu Packages

You need a myopenid.com account to reproduce this.

1. Go to https://www.myopenid.com/settings_certificates
1a. Maybe you have to login before
2. Enter a name for the certificate being created
3. Submit the form / press Enter
4. Crash:
Using host libthread_db library "/lib/tls/i686/cmov/libthread_db.so.1".
[Thread debugging using libthread_db enabled]
[New Thread -1232639776 (LWP 11205)]
[KCrash handler]
#6  DOM::HTMLKeygenElementImpl::encoding (this=0x92c7eb0, codec=0x805be70, 
    encoded_values=@0xbfac6230)
    at /build/buildd/kdelibs-3.5.6/./khtml/rendering/render_replaced.h:102
#7  0xb5ce26e1 in DOM::HTMLFormElementImpl::formData (this=0x9186250, 
    ok=@0xbfac645b)
    at /build/buildd/kdelibs-3.5.6/./khtml/html/html_formimpl.cpp:264
#8  0xb5ce395b in DOM::HTMLFormElementImpl::submit (this=0x9186250)
    at /build/buildd/kdelibs-3.5.6/./khtml/html/html_formimpl.cpp:573
#9  0xb5ce4509 in DOM::HTMLFormElementImpl::prepareSubmit (this=0x9186250)
    at /build/buildd/kdelibs-3.5.6/./khtml/html/html_formimpl.cpp:553
#10 0xb5ce455f in DOM::HTMLInputElementImpl::activate (this=0x93226a0)
    at /build/buildd/kdelibs-3.5.6/./khtml/html/html_formimpl.cpp:1809
#11 0xb5ce4657 in DOM::HTMLInputElementImpl::defaultEventHandler (
    this=0x93226a0, evt=0x8dcef60)
    at /build/buildd/kdelibs-3.5.6/./khtml/html/html_formimpl.cpp:1792
#12 0xb5c9221f in DOM::NodeImpl::dispatchGenericEvent (this=0x93226a0, 
    evt=0x8dcef60)
    at /build/buildd/kdelibs-3.5.6/./khtml/xml/dom_nodeimpl.cpp:398
#13 0xb5c9235f in DOM::NodeImpl::dispatchEvent (this=0x93226a0, 
    evt=0x8dcef60, exceptioncode=@0xbfac65b8, tempEvent=true)
    at /build/buildd/kdelibs-3.5.6/./khtml/xml/dom_nodeimpl.cpp:342
#14 0xb5c92bee in DOM::NodeImpl::dispatchUIEvent (this=0x93226a0, _id=3, 
    detail=1) at /build/buildd/kdelibs-3.5.6/./khtml/xml/dom_nodeimpl.cpp:550
#15 0xb5c922f0 in DOM::NodeImpl::dispatchGenericEvent (this=0x93226a0, 
    evt=0x8ec3440)
    at /build/buildd/kdelibs-3.5.6/./khtml/xml/dom_nodeimpl.cpp:402
#16 0xb5c9235f in DOM::NodeImpl::dispatchEvent (this=0x93226a0, 
    evt=0x8ec3440, exceptioncode=@0xbfac66f8, tempEvent=true)
    at /build/buildd/kdelibs-3.5.6/./khtml/xml/dom_nodeimpl.cpp:342
#17 0xb5c92dbb in DOM::NodeImpl::dispatchMouseEvent (this=0x93226a0, 
    _mouse=0xbfac6730, overrideId=4, overrideDetail=1)
    at /build/buildd/kdelibs-3.5.6/./khtml/xml/dom_nodeimpl.cpp:532
#18 0xb5cbacbd in DOM::HTMLInputElementImpl::click (this=0x93226a0)
    at /build/buildd/kdelibs-3.5.6/./khtml/html/html_formimpl.cpp:1362
#19 0xb5ce4a85 in DOM::HTMLFormElementImpl::submitFromKeyboard (
    this=0x9186250)
    at /build/buildd/kdelibs-3.5.6/./khtml/html/html_formimpl.cpp:488
#20 0xb5cfcfb1 in khtml::RenderLineEdit::slotReturnPressed (this=0x8d71150)
    at /build/buildd/kdelibs-3.5.6/./khtml/rendering/render_form.cpp:506
#21 0xb5cfd038 in khtml::RenderLineEdit::qt_invoke (this=0x8d71150, _id=4, 
    _o=0xbfac686c) at ./render_form.moc:330
#22 0xb727e88b in QObject::activate_signal () from /usr/lib/libqt-mt.so.3
#23 0xb727f330 in QObject::activate_signal () from /usr/lib/libqt-mt.so.3
#24 0xb761e55f in QLineEdit::returnPressed () from /usr/lib/libqt-mt.so.3
#25 0xb736050d in QLineEdit::keyPressEvent () from /usr/lib/libqt-mt.so.3
#26 0xb6cf5133 in KLineEdit::keyPressEvent (this=0x928be48, e=0x8eb33a8)
    at /build/buildd/kdelibs-3.5.6/./kdeui/klineedit.cpp:667
#27 0xb5cf4d26 in khtml::RenderWidget::EventPropagator::sendEvent (
    this=0xb7e30120, e=0x0)
    at /build/buildd/kdelibs-3.5.6/./khtml/rendering/render_replaced.cpp:711
#28 0xb5d3c8f4 in khtml::RenderWidget::handleEvent (this=0x8d71150, 
    ev=@0x9292580)
    at /build/buildd/kdelibs-3.5.6/./khtml/rendering/render_replaced.cpp:858
#29 0xb5cb979b in DOM::HTMLGenericFormElementImpl::defaultEventHandler (
    this=0x9390580, evt=0x9292580)
    at /build/buildd/kdelibs-3.5.6/./khtml/html/html_formimpl.cpp:984
#30 0xb5ce45d2 in DOM::HTMLInputElementImpl::defaultEventHandler (
    this=0x9390580, evt=0x9292580)
    at /build/buildd/kdelibs-3.5.6/./khtml/html/html_formimpl.cpp:1795
#31 0xb5c9221f in DOM::NodeImpl::dispatchGenericEvent (this=0x9390580, 
    evt=0x9292580)
    at /build/buildd/kdelibs-3.5.6/./khtml/xml/dom_nodeimpl.cpp:398
#32 0xb5c9235f in DOM::NodeImpl::dispatchEvent (this=0x9390580, 
    evt=0x9292580, exceptioncode=@0xbfac6c48, tempEvent=true)
    at /build/buildd/kdelibs-3.5.6/./khtml/xml/dom_nodeimpl.cpp:342
#33 0xb5c9644e in DOM::NodeImpl::dispatchKeyEvent (this=0x9390580, 
    key=0xbfac7274, keypress=true)
    at /build/buildd/kdelibs-3.5.6/./khtml/xml/dom_nodeimpl.cpp:578
#34 0xb5c258b1 in KHTMLView::dispatchKeyEventHelper (this=0x8b846a8, 
    _ke=0xbfac7274, keypress=true)
    at /build/buildd/kdelibs-3.5.6/./khtml/khtmlview.cpp:1391
#35 0xb5c33b1b in KHTMLView::dispatchKeyEvent (this=0x8b846a8, _ke=0xbfac7274)
    at /build/buildd/kdelibs-3.5.6/./khtml/khtmlview.cpp:1347
#36 0xb5c74960 in KHTMLView::keyPressEvent (this=0x8b846a8, _ke=0xbfac7274)
    at /build/buildd/kdelibs-3.5.6/./khtml/khtmlview.cpp:1476
#37 0xb5c3b50a in KHTMLView::eventFilter (this=0x8b846a8, o=0x928be48, 
    e=0xbfac7274) at /build/buildd/kdelibs-3.5.6/./khtml/khtmlview.cpp:1938
#38 0xb727de38 in QObject::activate_filters () from /usr/lib/libqt-mt.so.3
#39 0xb727deb6 in QObject::event () from /usr/lib/libqt-mt.so.3
#40 0xb72b558f in QWidget::event () from /usr/lib/libqt-mt.so.3
#41 0xb735fb4b in QLineEdit::event () from /usr/lib/libqt-mt.so.3
#42 0xb5cfd4cc in khtml::LineEditWidget::event (this=0x928be48, e=0xbfac7274)
    at /build/buildd/kdelibs-3.5.6/./khtml/rendering/render_form.cpp:419
#43 0xb7215a60 in QApplication::internalNotify () from /usr/lib/libqt-mt.so.3
#44 0xb7217a30 in QApplication::notify () from /usr/lib/libqt-mt.so.3
#45 0xb791dce2 in KApplication::notify (this=0xbfac7c48, receiver=0x928be48, 
    event=0xbfac7274)
    at /build/buildd/kdelibs-3.5.6/./kdecore/kapplication.cpp:550
#46 0xb71a825d in QApplication::sendSpontaneousEvent ()
   from /usr/lib/libqt-mt.so.3
#47 0xb7198c49 in QETWidget::translateKeyEvent () from /usr/lib/libqt-mt.so.3
#48 0xb71a502f in QApplication::x11ProcessEvent () from /usr/lib/libqt-mt.so.3
#49 0xb71bc180 in QEventLoop::processEvents () from /usr/lib/libqt-mt.so.3
#50 0xb7230136 in QEventLoop::enterLoop () from /usr/lib/libqt-mt.so.3
#51 0xb722ff46 in QEventLoop::exec () from /usr/lib/libqt-mt.so.3
#52 0xb7217609 in QApplication::exec () from /usr/lib/libqt-mt.so.3
#53 0xb66daca4 in kdemain (argc=1, argv=0x805b580)
    at /build/buildd/kdebase-3.5.6/./konqueror/konq_main.cc:206
#54 0xb7fa1464 in kdeinitmain (argc=1, argv=0x805b580) at konqueror_dummy.cc:3
#55 0x0804e6bf in launch (argc=1, _name=0x80a7b1c "konqueror", 
    args=0x80a7b26 "\001", cwd=0x0, envc=1, envs=0x80a7b36 "", 
    reset_env=false, tty=0x0, avoid_loops=false, 
    startup_id_str=0x80a7b3b "base;1176844971;219366;9137_TIME2805999")
    at /build/buildd/kdelibs-3.5.6/./kinit/kinit.cpp:673
#56 0x0804ef42 in handle_launcher_request (sock=9)
    at /build/buildd/kdelibs-3.5.6/./kinit/kinit.cpp:1240
#57 0x0804f318 in handle_requests (waitForPid=0)
    at /build/buildd/kdelibs-3.5.6/./kinit/kinit.cpp:1443
#58 0x080505ac in main (argc=5, argv=0xbfac83d4, envp=0xbfac83ec)
    at /build/buildd/kdelibs-3.5.6/./kinit/kinit.cpp:1909
#59 0xb7d07ebc in __libc_start_main () from /lib/tls/i686/cmov/libc.so.6
#60 0x0804bb51 in _start ()
Comment 1 Daniel Hahler 2007-04-18 00:06:09 UTC 
I have created a test account on myopenid.com:
user: test-konqueror-bug144361
password: password
Comment 2 Daniel Hahler 2007-04-18 00:45:32 UTC 
For completion: when submitting the form the site seems trying to install a SSL certificate (at least this happens with Firefox).

I've tried it with Javascript disabled, to avoid the form's onsubmit event, and it also crashed.

(The crash has been confirmed by PhilRod on #kde-bugs - no feedback about his backtrace though)
Comment 3 Tommi Tervo 2007-04-19 07:52:01 UTC 
*** Bug 144395 has been marked as a duplicate of this bug. ***
Comment 4 Mike Glover 2007-04-19 22:37:02 UTC 
MyOpenId developer here.  It looks like this was happening because we had
the display:none style applied to the keygen tag.  With the style removed, the browser doesn't crash.
Comment 5 Maksim Orlovich 2007-04-20 02:21:53 UTC 
Thanks for the analysis...
Comment 6 Daniel Hahler 2007-04-20 23:47:10 UTC 
It does not seem to be fixed still.
1. The "value" attrib in the keygen tag is not quoted/closed correctly ("""<keygen class="skip" name="spkac" id="spkac" value="2048></keygen>""") (myopenid.com bug)
2. With the class=skip applied to the element, Konqueror still crashes (probably there's a display:none in there?)
3. I've locally fixed the HTML and then submitted the form, which resulted in the following myopenid.com error:
"An error occurred while processing your request: Your browser sent an incomplete request. This is a known problem with Konqueror versions through (at least) 3.5.5."

I think this bug should handle the crash itself.

The other Konqueror problem ("sent an incomplete request") should get handled in a new bug probably.
Mike, it would be great, if you could create one with all the details.
Comment 7 Maksim Orlovich 2007-04-21 19:18:09 UTC 
The keygen tag implementation seems semi-stubbed :(, and I wish I could find good specs on it, since it's not part of HTML 4.01, it seems..
Comment 8 Maksim Orlovich 2007-05-10 17:18:21 UTC 
FYI, the crash itself is now fixed: http://lists.kde.org/?l=kde-commits&m=117717814700391&w=2
...but <keygen> itself is pretty broken still...
Comment 9 mutlu inek 2008-04-20 23:04:13 UTC 
The link https://www.myopenid.com/settings_certificates that was given in the bug report does not work any more on OpenID. The new page (which requires loggin in) is: https://www.myopenid.com/settings_authentication

This new page does not trigger a crash with Konqui from KDE 3.5.9, nor with Konqui from KDE4 trunk, r798847. But the creation of new certificates does not work with Konqui (it does work with Firefox, though). The OpenID website states: "An error occurred while processing your request: Your browser did not send us a valid certificate request" for KDE4 and "An error occurred while processing your request: Your browser sent an incomplete request. This is a known problem with Konqueror versions through (at least) 3.5.5" for KDE 3.5.9.

So, as Maksim stated in May 2007, no crash, but no certificate generation. (I hope this reply is not unnecessary noise.)
Comment 10 Brad Hards 2008-12-16 10:29:42 UTC 
The lack of keygen support is already logged as #28539. 

If all the crashing is fixed, this can be closed.
Comment 11 FiNeX 2009-08-29 17:01:37 UTC 
Someone could confirm this crash has been fixed? A test with KDE 4.3 / trunk could be useful.

Thanks.
Comment 12 Daniel Hahler 2012-06-02 20:39:07 UTC 
It appears to be fixed according to comment 9.

I do not have Konqueror at hand to test / verify it myself.