Bug 287007

Summary: Akregator crashes on close tab
Product: [Frameworks and Libraries] kdelibs Reporter: nucleo <nucleo>
Component: generalAssignee: webkit-devel
Status: RESOLVED DUPLICATE    
Severity: crash CC: adawit, alvanx, cfeck, chri, drall.kj, homers, jtrageser, kles4enko.andrey, teo78
Priority: NOR    
Version: 4.7   
Target Milestone: ---   
Platform: Fedora RPMs   
OS: Linux   
Latest Commit: Version Fixed In: 4.7.4
Attachments: crash on close tab with akregator standalone
New crash information added by DrKonqi

Description nucleo 2011-11-19 16:47:35 UTC
Version:           unspecified (using KDE 4.7.3) 
OS:                Linux

Akregator crashes on close tab

Reproducible: Didn't try

Steps to Reproduce:
How reproducible:
go to konqueror --> settings --> and choose default browser engine -> webkit

start akregator, choose a feed 
open in a new tab , close tab , and will crash . or just open may be enough 

Actual Results:  
Crash all over 

Expected Results:  
no crash

See bug https://bugzilla.redhat.com/show_bug.cgi?id=755145
Comment 1 nucleo 2011-11-19 16:48:48 UTC
Created attachment 65843 [details]
crash on close tab  with akregator standalone
Comment 2 Dawit Alemayehu 2011-11-19 19:52:00 UTC
This is not a kwebkitpart bug. It is a KParts bug. You can clearly see this in the redhat bugzilla report where another KPart, KJotsPart, also causes the same crash. The crash happens because KParts::StatusBarExtension::statusBar uses a pointer without first validating whether or not it is actually valid.

Reassigning bug report to kdelibs.
Comment 3 Dawit Alemayehu 2011-11-19 19:58:11 UTC
Also please do not attach backtraces to bug reports. Instead just paste them so that they can easily be found by the bug report tool in KDE when checking for duplicates.
Comment 4 Dawit Alemayehu 2011-11-19 19:58:27 UTC
Application: Akregator (akregator), signal: Segmentation fault
Using host libthread_db library "/lib64/libthread_db.so.1".
82	T_PSEUDO (SYSCALL_SYMBOL, SYSCALL_NAME, SYSCALL_NARGS)
[Current thread is 1 (Thread 0x7f0601c04840 (LWP 30852))]

Thread 7 (Thread 0x7f05f2f5e700 (LWP 30855)):
#0  pthread_cond_timedwait@@GLIBC_2.3.2 () at ../nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_timedwait.S:216
#1  0x0000003628a7bf8f in wait (time=30000, this=0x176b5c0) at thread/qwaitcondition_unix.cpp:84
#2  QWaitCondition::wait (this=<optimized out>, mutex=0x176b568, time=30000) at thread/qwaitcondition_unix.cpp:158
#3  0x0000003628a6f55f in QThreadPoolThread::run (this=0x17b5900) at concurrent/qthreadpool.cpp:141
#4  0x0000003628a7bb1b in QThreadPrivate::start (arg=0x17b5900) at thread/qthread_unix.cpp:298
#5  0x0000003185c07d90 in start_thread (arg=0x7f05f2f5e700) at pthread_create.c:309
#6  0x00000031854eeddd in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:115

Thread 6 (Thread 0x7f05f1efe700 (LWP 30856)):
#0  pthread_cond_wait@@GLIBC_2.3.2 () at ../nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_wait.S:165
#1  0x0000003d5d5973cc in WTF::TCMalloc_PageHeap::scavengerThread (this=0x3d5df90f80) at ../../../Source/JavaScriptCore/wtf/FastMalloc.cpp:2495
#2  0x0000003d5d5974f9 in WTF::TCMalloc_PageHeap::runScavengerThread (context=<optimized out>) at ../../../Source/JavaScriptCore/wtf/FastMalloc.cpp:1618
#3  0x0000003185c07d90 in start_thread (arg=0x7f05f1efe700) at pthread_create.c:309
#4  0x00000031854eeddd in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:115

Thread 5 (Thread 0x7f05f15fd700 (LWP 30857)):
#0  0x00000031854e6443 in __GI___poll (fds=<optimized out>, nfds=<optimized out>, timeout=<optimized out>) at ../sysdeps/unix/sysv/linux/poll.c:87
#1  0x0000003188044f88 in g_main_context_poll (n_fds=1, fds=0x7f05e40013e0, priority=<optimized out>, timeout=8485, context=0x7f05e40009a0) at gmain.c:3386
#2  g_main_context_iterate (context=0x7f05e40009a0, block=<optimized out>, dispatch=1, self=<optimized out>) at gmain.c:3068
#3  0x000000318804544c in g_main_context_iteration (context=0x7f05e40009a0, may_block=1) at gmain.c:3136
#4  0x0000003628ba6896 in QEventDispatcherGlib::processEvents (this=0x7f05e40008c0, flags=<optimized out>) at kernel/qeventdispatcher_glib.cpp:426
#5  0x0000003628b76c82 in QEventLoop::processEvents (this=<optimized out>, flags=...) at kernel/qeventloop.cpp:149
#6  0x0000003628b76ed7 in QEventLoop::exec (this=0x7f05f15fcd40, flags=...) at kernel/qeventloop.cpp:204
#7  0x0000003628a78ad7 in QThread::exec (this=<optimized out>) at thread/qthread.cpp:501
#8  0x0000003628a7bb1b in QThreadPrivate::start (arg=0x166f6f0) at thread/qthread_unix.cpp:298
#9  0x0000003185c07d90 in start_thread (arg=0x7f05f15fd700) at pthread_create.c:309
#10 0x00000031854eeddd in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:115

Thread 4 (Thread 0x7f05a1809700 (LWP 30883)):
#0  pthread_cond_wait@@GLIBC_2.3.2 () at ../nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_wait.S:165
#1  0x00007f059cef7411 in queue_processor(void*) () from /usr/lib64/IcedTeaPlugin.so
#2  0x0000003185c07d90 in start_thread (arg=0x7f05a1809700) at pthread_create.c:309
#3  0x00000031854eeddd in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:115

Thread 3 (Thread 0x7f059ced2700 (LWP 30884)):
#0  pthread_cond_wait@@GLIBC_2.3.2 () at ../nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_wait.S:165
#1  0x00007f059cef7411 in queue_processor(void*) () from /usr/lib64/IcedTeaPlugin.so
#2  0x0000003185c07d90 in start_thread (arg=0x7f059ced2700) at pthread_create.c:309
#3  0x00000031854eeddd in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:115

Thread 2 (Thread 0x7f059c6d1700 (LWP 30885)):
#0  pthread_cond_wait@@GLIBC_2.3.2 () at ../nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_wait.S:165
#1  0x00007f059cef7411 in queue_processor(void*) () from /usr/lib64/IcedTeaPlugin.so
#2  0x0000003185c07d90 in start_thread (arg=0x7f059c6d1700) at pthread_create.c:309
#3  0x00000031854eeddd in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:115

Thread 1 (Thread 0x7f0601c04840 (LWP 30852)):
[KCrash Handler]
#6  0x0000000000000000 in ?? ()
#7  0x0000003d59e3f6de in KParts::StatusBarExtension::statusBar (this=0x181ba60) at /usr/src/debug/kdelibs-4.7.3/kparts/statusbarextension.cpp:149
#8  0x0000003d59e3f774 in KParts::StatusBarExtension::~StatusBarExtension (this=0x181ba60, __in_chrg=<optimized out>) at /usr/src/debug/kdelibs-4.7.3/kparts/statusbarextension.cpp:99
#9  0x0000003d59e3fb19 in KParts::StatusBarExtension::~StatusBarExtension (this=0x181ba60, __in_chrg=<optimized out>) at /usr/src/debug/kdelibs-4.7.3/kparts/statusbarextension.cpp:110
#10 0x0000003628b89e95 in QObjectPrivate::deleteChildren (this=0x17ebae0) at kernel/qobject.cpp:1907
#11 0x0000003628b9013c in QObject::~QObject (this=0x17e8f90, __in_chrg=<optimized out>) at kernel/qobject.cpp:926
#12 0x0000003d59e24688 in KParts::Part::~Part (this=0x17e8f90, __vtt_parm=0x7f05f2151670, __in_chrg=<optimized out>) at /usr/src/debug/kdelibs-4.7.3/kparts/part.cpp:190
#13 0x00007f05f1f1a747 in KWebKitPart::~KWebKitPart (this=0x17e8f90, __in_chrg=<optimized out>, __vtt_parm=<optimized out>) at /usr/src/debug/kwebkitpart-1.2/src/kwebkitpart.cpp:186
#14 0x00007f05f1f1a789 in KWebKitPart::~KWebKitPart (this=0x17e8f90, __in_chrg=<optimized out>, __vtt_parm=<optimized out>) at /usr/src/debug/kwebkitpart-1.2/src/kwebkitpart.cpp:188
#15 0x0000003d5b24c6f0 in Akregator::BrowserFrame::Private::~Private (this=0x16716d0, __in_chrg=<optimized out>) at /usr/src/debug/kdepim-4.7.3/akregator/src/browserframe_p.cpp:50
#16 0x0000003d5b24c7e9 in Akregator::BrowserFrame::Private::~Private (this=0x16716d0, __in_chrg=<optimized out>) at /usr/src/debug/kdepim-4.7.3/akregator/src/browserframe_p.cpp:51
#17 0x0000003d5b2495aa in Akregator::BrowserFrame::~BrowserFrame (this=0x16684f0, __in_chrg=<optimized out>, __vtt_parm=<optimized out>) at /usr/src/debug/kdepim-4.7.3/akregator/src/browserframe.cpp:63
#18 0x0000003d5b249619 in Akregator::BrowserFrame::~BrowserFrame (this=0x16684f0, __in_chrg=<optimized out>, __vtt_parm=<optimized out>) at /usr/src/debug/kdepim-4.7.3/akregator/src/browserframe.cpp:64
#19 0x0000003d5b2477d0 in Akregator::FrameManager::slotRemoveFrame (this=0x14c0c10, id=1) at /usr/src/debug/kdepim-4.7.3/akregator/src/framemanager.cpp:108
#20 0x0000003628b8b7d1 in QMetaObject::activate (sender=0x14e6a10, m=<optimized out>, local_signal_index=<optimized out>, argv=0x7fff84c78930) at kernel/qobject.cpp:3546
#21 0x00007f05f6ceb5f1 in Akregator::TabWidget::signalRemoveFrameRequest (this=<optimized out>, _t1=1) at /usr/src/debug/kdepim-4.7.3/x86_64-redhat-linux-gnu/akregator/src/tabwidget.moc:167
#22 0x0000003628b8b7d1 in QMetaObject::activate (sender=0x14e9890, m=<optimized out>, local_signal_index=<optimized out>, argv=0x7fff84c78a80) at kernel/qobject.cpp:3546
#23 0x0000003d5664c702 in QAbstractButton::clicked (this=<optimized out>, _t1=false) at .moc/release-shared/moc_qabstractbutton.cpp:220
#24 0x0000003d5638f36e in QAbstractButtonPrivate::emitClicked (this=0x14ea070) at widgets/qabstractbutton.cpp:546
#25 0x0000003d563906ab in QAbstractButtonPrivate::click (this=0x14ea070) at widgets/qabstractbutton.cpp:539
#26 0x0000003d5639091c in QAbstractButton::mouseReleaseEvent (this=0x14e9890, e=0x7fff84c79360) at widgets/qabstractbutton.cpp:1121
#27 0x0000003d5644d9ba in QToolButton::mouseReleaseEvent (this=<optimized out>, e=<optimized out>) at widgets/qtoolbutton.cpp:718
#28 0x0000003d56019d8a in QWidget::event (this=0x14e9890, event=0x7fff84c79360) at kernel/qwidget.cpp:8350
#29 0x0000003d55fc96f4 in notify_helper (e=0x7fff84c79360, receiver=0x14e9890, this=0x11caff0) at kernel/qapplication.cpp:4518
#30 QApplicationPrivate::notify_helper (this=0x11caff0, receiver=0x14e9890, e=0x7fff84c79360) at kernel/qapplication.cpp:4490
#31 0x0000003d55fcee43 in QApplication::notify (this=<optimized out>, receiver=0x14e9890, e=0x7fff84c79360) at kernel/qapplication.cpp:4061
#32 0x0000003d57650396 in KApplication::notify (this=0x7fff84c7a040, receiver=0x14e9890, event=0x7fff84c79360) at /usr/src/debug/kdelibs-4.7.3/kdeui/kernel/kapplication.cpp:311
#33 0x0000003628b77b4c in QCoreApplication::notifyInternal (this=0x7fff84c7a040, receiver=0x14e9890, event=0x7fff84c79360) at kernel/qcoreapplication.cpp:876
#34 0x0000003d55fca6c2 in sendEvent (event=<optimized out>, receiver=<optimized out>) at ../../src/corelib/kernel/qcoreapplication.h:231
#35 QApplicationPrivate::sendMouseEvent (receiver=0x14e9890, event=0x7fff84c79360, alienWidget=0x14e9890, nativeWidget=0x14c2720, buttonDown=0x14e9890, lastMouseReceiver=..., spontaneous=true) at kernel/qapplication.cpp:3157
#36 0x0000003d56046045 in QETWidget::translateMouseEvent (this=0x14c2720, event=<optimized out>) at kernel/qapplication_x11.cpp:4515
#37 0x0000003d56044f0a in QApplication::x11ProcessEvent (this=0x7fff84c7a040, event=0x7fff84c79c20) at kernel/qapplication_x11.cpp:3641
#38 0x0000003d5606c74c in x11EventSourceDispatch (s=0x11d1e10, callback=0, user_data=0x0) at kernel/qguieventdispatcher_glib.cpp:148
#39 0x0000003188044a7d in g_main_dispatch (context=0x11d1230) at gmain.c:2425
#40 g_main_context_dispatch (context=0x11d1230) at gmain.c:2995
#41 0x0000003188045278 in g_main_context_iterate (context=0x11d1230, block=<optimized out>, dispatch=1, self=<optimized out>) at gmain.c:3073
#42 0x000000318804544c in g_main_context_iteration (context=0x11d1230, may_block=1) at gmain.c:3136
#43 0x0000003628ba682f in QEventDispatcherGlib::processEvents (this=0x119c510, flags=<optimized out>) at kernel/qeventdispatcher_glib.cpp:424
#44 0x0000003d5606c43e in QGuiEventDispatcherGlib::processEvents (this=<optimized out>, flags=<optimized out>) at kernel/qguieventdispatcher_glib.cpp:207
#45 0x0000003628b76c82 in QEventLoop::processEvents (this=<optimized out>, flags=...) at kernel/qeventloop.cpp:149
#46 0x0000003628b76ed7 in QEventLoop::exec (this=0x7fff84c79ff0, flags=...) at kernel/qeventloop.cpp:204
#47 0x0000003628b7b8d5 in QCoreApplication::exec () at kernel/qcoreapplication.cpp:1148
#48 0x0000000000407eec in main (argc=<optimized out>, argv=<optimized out>) at /usr/src/debug/kdepim-4.7.3/akregator/src/main.cpp:103
Comment 5 Dawit Alemayehu 2011-11-19 20:09:45 UTC
Git commit 63cfec6ddc79703a34c20a7b27f1aadd819da092 by Dawit Alemayehu.
Committed on 19/11/2011 at 21:05.
Pushed by adawit into branch 'KDE/4.7'.

Check for NULL before using a pointer.

BUG: 287007
FIXED-IN: 4.7.4

M  +3    -2    kparts/statusbarextension.cpp

http://commits.kde.org/kdelibs/63cfec6ddc79703a34c20a7b27f1aadd819da092
Comment 6 Christoph Feck 2011-11-19 21:57:22 UTC
This is bug 283657, which was already fixed. Doesn't hurt to add extra protection, though.
Comment 7 Christophe Marin 2011-11-25 18:10:58 UTC
*** Bug 287555 has been marked as a duplicate of this bug. ***
Comment 8 Benjamin M 2011-12-01 08:09:54 UTC
Is there a workaround until the fix will arrive in my distribution packages? Or an alternative way to close tabs?
Comment 9 Christophe Marin 2011-12-17 16:00:19 UTC
*** Bug 289202 has been marked as a duplicate of this bug. ***
Comment 10 Christophe Marin 2011-12-18 20:51:25 UTC
*** Bug 289280 has been marked as a duplicate of this bug. ***
Comment 11 James 2012-01-03 20:31:42 UTC
Created attachment 67410 [details]
New crash information added by DrKonqi

akregator (4.7.2) on KDE Platform 4.7.2 (4.7.2) "release 5" using Qt 4.7.4

- What I was doing when the application crashed:

Just close a tab and it crashes for me as well.  I've attached the bug report for comparison.

- James

-- Backtrace (Reduced):
#7  0x00007fa74f12b84e in KParts::StatusBarExtension::statusBar (this=0xbc1480) at /usr/src/debug/kdelibs-4.7.2/kparts/statusbarextension.cpp:149
#8  0x00007fa74f12bd54 in KParts::StatusBarExtension::~StatusBarExtension (this=0xbc1480, __in_chrg=<optimized out>) at /usr/src/debug/kdelibs-4.7.2/kparts/statusbarextension.cpp:99
#9  0x00007fa74f12c109 in KParts::StatusBarExtension::~StatusBarExtension (this=0xbc1480, __in_chrg=<optimized out>) at /usr/src/debug/kdelibs-4.7.2/kparts/statusbarextension.cpp:110
#10 0x00007fa74d946455 in QObjectPrivate::deleteChildren (this=0xb7bc80) at kernel/qobject.cpp:1964
#11 0x00007fa74d94b9f9 in QObject::~QObject (this=0xb7d820, __in_chrg=<optimized out>) at kernel/qobject.cpp:946
Comment 12 Dawit Alemayehu 2012-01-04 07:17:10 UTC
Ahh... I think it is pointless to post backtrace onto a bug report that has already been fixed for KDE 4.8.0 release.

(In reply to comment #11)
> Created an attachment (id=67410) [details]
> New crash information added by DrKonqi
> 
> akregator (4.7.2) on KDE Platform 4.7.2 (4.7.2) "release 5" using Qt 4.7.4
> 
> - What I was doing when the application crashed:
> 
> Just close a tab and it crashes for me as well.  I've attached the bug report
> for comparison.
> 
> - James
> 
> -- Backtrace (Reduced):
> #7  0x00007fa74f12b84e in KParts::StatusBarExtension::statusBar (this=0xbc1480)
> at /usr/src/debug/kdelibs-4.7.2/kparts/statusbarextension.cpp:149
> #8  0x00007fa74f12bd54 in KParts::StatusBarExtension::~StatusBarExtension
> (this=0xbc1480, __in_chrg=<optimized out>) at
> /usr/src/debug/kdelibs-4.7.2/kparts/statusbarextension.cpp:99
> #9  0x00007fa74f12c109 in KParts::StatusBarExtension::~StatusBarExtension
> (this=0xbc1480, __in_chrg=<optimized out>) at
> /usr/src/debug/kdelibs-4.7.2/kparts/statusbarextension.cpp:110
> #10 0x00007fa74d946455 in QObjectPrivate::deleteChildren (this=0xb7bc80) at
> kernel/qobject.cpp:1964
> #11 0x00007fa74d94b9f9 in QObject::~QObject (this=0xb7d820,
> __in_chrg=<optimized out>) at kernel/qobject.cpp:946
Comment 13 Christoph Feck 2012-01-04 09:29:52 UTC

*** This bug has been marked as a duplicate of bug 283657 ***
Comment 14 Patrick Spendrin 2012-03-19 19:23:13 UTC
*** Bug 296059 has been marked as a duplicate of this bug. ***
Comment 15 Jekyll Wu 2012-06-16 13:18:42 UTC
*** Bug 302012 has been marked as a duplicate of this bug. ***