210445 – [testcase URL] Konqueror crashed when logging in https page [qobject_cast<KUrlRequester*>, KHTMLView::eventFilter]

Bug 210445 - [testcase URL] Konqueror crashed when logging in https page [qobject_cast<KUrlRequester*>, KHTMLView::eventFilter]

Summary: [testcase URL] Konqueror crashed when logging in https page [qobject_cast<KUr...

Status:	RESOLVED WORKSFORME

Alias:	None

Product:	konqueror
Classification:	Applications
Component:	general (show other bugs)
Version:	unspecified
Platform:	Unlisted Binaries Linux

Importance:	NOR crash
Target Milestone:	---
Assignee:	Konqueror Developers

URL:
Keywords:

Duplicates (6):	216547 217616 225492 228678 229503 302229 (view as bug list)
Depends on:
Blocks:

Reported:	2009-10-13 17:22 UTC by Unknown
Modified:	2019-10-04 16:50 UTC (History)
CC List:	8 users (show)

See Also:
Latest Commit:
Version Fixed In:
Sentry Crash Report:

Attachments
New crash information added by DrKonqi (4.05 KB, text/plain) 2009-12-05 10:13 UTC, Unknown	Details
New crash information added by DrKonqi (3.67 KB, text/plain) 2010-02-03 23:38 UTC, Unknown	Details
View All Add an attachment

Note You need to log in before you can comment on or make changes to this bug.

Description Unknown 2009-10-13 17:22:27 UTC

Application that crashed: konqueror
Version of the application: 4.3.2 (KDE 4.3.2)
KDE Version: 4.3.2 (KDE 4.3.2)
Qt Version: 4.5.3
Operating System: Linux 2.6.31-gentoo-r2 i686

What I was doing when the application crashed:
Had two tabs open. One was some asus page (polish homepage). Second was a https:// login page. It crashed right after I clicked "Login".

 -- Backtrace:
Application: Konqueror (kdeinit4), signal: Segmentation fault
[KCrash Handler]
#6  0xb75e6bc3 in QMetaObject::cast (this=0xb7062edc, obj=0x817cb08) at kernel/qmetaobject.cpp:305
#7  0xb0c218dd in qobject_cast<KUrlRequester*> (object=0x817cb08) at /usr/include/qt4/QtCore/qobject.h:443
#8  0xb0c1653f in KHTMLView::eventFilter (this=0x8b065d0, o=0x8e7b5e0, e=0xbfa241ec) at /var/tmp/portage/kde-base/kdelibs-4.3.2-r1/work/kdelibs-4.3.2/khtml/khtmlview.cpp:2293
#9  0xb75e0a53 in QCoreApplicationPrivate::sendThroughObjectEventFilters (this=0x80f4ca8, receiver=0x8e7b5e0, event=0xbfa241ec) at kernel/qcoreapplication.cpp:726
#10 0xb5ec2f61 in QApplicationPrivate::notify_helper (this=0x80f4ca8, receiver=0x8e7b5e0, e=0xbfa241ec) at kernel/qapplication.cpp:4061
#11 0xb5ec185a in QApplication::notify (this=0xbfa25d4c, receiver=0x8e7b5e0, e=0xbfa241ec) at kernel/qapplication.cpp:3664
#12 0xb6a1ec71 in KApplication::notify (this=0xbfa25d4c, receiver=0x8e7b5e0, event=0xbfa241ec) at /var/tmp/portage/kde-base/kdelibs-4.3.2-r1/work/kdelibs-4.3.2/kdeui/kernel/kapplication.cpp:302
#13 0xb75e07aa in QCoreApplication::notifyInternal (this=0xbfa25d4c, receiver=0x8e7b5e0, event=0xbfa241ec) at kernel/qcoreapplication.cpp:606
#14 0xb5ec413b in QCoreApplication::sendSpontaneousEvent (receiver=0x8e7b5e0, event=0xbfa241ec) at ../../include/QtCore/../../src/corelib/kernel/qcoreapplication.h:216
#15 0xb5ec3293 in qt_sendSpontaneousEvent (receiver=0x8e7b5e0, event=0xbfa241ec) at kernel/qapplication.cpp:4975
#16 0xb5f641d2 in QKeyMapper::sendKeyEvent (keyWidget=0x8e7b5e0, grab=false, type=QEvent::KeyPress, code=16777220, modifiers={i = 0}, text=@0xbfa244a8, autorepeat=false, count=1, nativeScanCode=36, 
    nativeVirtualKey=65293, nativeModifiers=16) at kernel/qkeymapper_x11.cpp:1675
#17 0xb5f63f33 in QKeyMapperPrivate::translateKeyEvent (this=0x811f660, keyWidget=0x8e7b5e0, event=0xbfa25950, grab=false) at kernel/qkeymapper_x11.cpp:1645
#18 0xb5f346d3 in QApplication::x11ProcessEvent (this=0xbfa25d4c, event=0xbfa25950) at kernel/qapplication_x11.cpp:3445
#19 0xb5f64609 in x11EventSourceDispatch (s=0x80f7d00, callback=0, user_data=0x0) at kernel/qguieventdispatcher_glib.cpp:146
#20 0xb5a00fa4 in g_main_dispatch (context=0x80f6e90) at gmain.c:1824
#21 0xb5a02200 in IA__g_main_context_dispatch (context=0x80f6e90) at gmain.c:2377
#22 0xb5a02620 in g_main_context_iterate (context=0x80f6e90, block=1, dispatch=1, self=0x805c318) at gmain.c:2455
#23 0xb5a027ef in IA__g_main_context_iteration (context=0x80f6e90, may_block=1) at gmain.c:2518
#24 0xb760fdce in QEventDispatcherGlib::processEvents (this=0x805c228, flags={i = 36}) at kernel/qeventdispatcher_glib.cpp:328
#25 0xb5f64b1e in QGuiEventDispatcherGlib::processEvents (this=0x805c228, flags={i = 36}) at kernel/qguieventdispatcher_glib.cpp:202
#26 0xb75de443 in QEventLoop::processEvents (this=0xbfa25bcc, flags={i = 36}) at kernel/qeventloop.cpp:149
#27 0xb75de587 in QEventLoop::exec (this=0xbfa25bcc, flags={i = 0}) at kernel/qeventloop.cpp:197
#28 0xb75e0e50 in QCoreApplication::exec () at kernel/qcoreapplication.cpp:888
#29 0xb5ec1198 in QApplication::exec () at kernel/qapplication.cpp:3525
#30 0xb2a68723 in kdemain (argc=2, argv=0x80ac188) at /var/tmp/portage/kde-base/konqueror-4.3.2/work/konqueror-4.3.2/konqueror/src/konqmain.cpp:257
#31 0x0804dc66 in launch (argc=<value optimized out>, _name=<value optimized out>, args=<value optimized out>, cwd=0x0, envc=0, envs=0x80ac14c "", reset_env=false, tty=0x0, avoid_loops=false, 
    startup_id_str=0x80ac150 "activepc-biuro;1255446949;656330;2514_TIME1373206") at /var/tmp/portage/kde-base/kdelibs-4.3.2-r1/work/kdelibs-4.3.2/kinit/kinit.cpp:677
#32 0x0804e720 in handle_launcher_request (sock=8, who=<value optimized out>) at /var/tmp/portage/kde-base/kdelibs-4.3.2-r1/work/kdelibs-4.3.2/kinit/kinit.cpp:1169
#33 0x0804f474 in handle_requests (waitForPid=<value optimized out>) at /var/tmp/portage/kde-base/kdelibs-4.3.2-r1/work/kdelibs-4.3.2/kinit/kinit.cpp:1362
#34 0x0804fa03 in main (argc=2, argv=0xbfa26624, envp=0xbfa26630) at /var/tmp/portage/kde-base/kdelibs-4.3.2-r1/work/kdelibs-4.3.2/kinit/kinit.cpp:1793

Reported using DrKonqi

Comment 1 Dario Andres 2009-10-14 03:43:01 UTC

- Which page was the https one? - Does Konqueror crash again if you repeat the steps and situation you described ?
Thanks

Comment 2 Unknown 2009-10-14 13:41:59 UTC

(In reply to comment #1)
> - Which page was the https one?

It's a login page for on-line access to bank accounts. I suppose that the address won't be very usefull in here...

> - Does Konqueror crash again if you repeat the
> steps and situation you described ?

Yes.

Comment 3 Dario Andres 2009-10-14 13:50:07 UTC

The URL would be useful only if the page also crashed when login in with a fake user and password. Can you check if that causes the crash too ? Regards

Comment 4 Unknown 2009-10-14 14:24:49 UTC

(In reply to comment #3)
> The URL would be useful only if the page also crashed when login in with a fake
> user and password. Can you check if that causes the crash too ? Regards

Seems to crash also with fake data.
https://www.mbank.com.pl/
Tested on user (Identyfikator) "12345678" and pass (Hasło) "test".

Comment 5 Dario Andres 2009-10-31 22:41:37 UTC

Mh, I can't reproduce the crash here using:

Qt: 4.6.0 (Qt git branch 4.6 commit 52aef13521af2137db15ee878893f5c5150471e5
        Date:   Mon Oct 12 14:18:51 2009 +1000)
KDE: 4.3.73 (KDE 4.3.73 (KDE 4.4 >= 20091026))
kdelibs svn rev. 1043024 / kdebase svn rev. 1043024
on ArchLinux i686 - Kernel 2.6.30.6

Comment 6 Tommi Tervo 2009-10-31 22:58:49 UTC

For me it crashes (trunk r1043130)

==31858== Invalid read of size 4
==31858==    at 0x9E0B1E2: KHTMLView::eventFilter(QObject*, QEvent*) (khtmlview.cpp:2287)
==31858==    by 0x4F62D56: QCoreApplicationPrivate::sendThroughObjectEventFilters(QObject*, QEven
t*) (qcoreapplication.cpp:819)
==31858==    by 0x5299475: QApplicationPrivate::notify_helper(QObject*, QEvent*) (qapplication.cp
p:4247)
==31858==    by 0x5297479: QApplication::notify(QObject*, QEvent*) (qapplication.cpp:3735)
==31858==    by 0x48201B9: KApplication::notify(QObject*, QEvent*) (kapplication.cpp:302)
==31858==    by 0x4F62A78: QCoreApplication::notifyInternal(QObject*, QEvent*) (qcoreapplication.
cpp:704)
==31858==    by 0x529B696: QCoreApplication::sendSpontaneousEvent(QObject*, QEvent*) (qcoreapplic
ation.h:218)
==31858==    by 0x52997D8: qt_sendSpontaneousEvent(QObject*, QEvent*) (qapplication.cpp:5228)
==31858==    by 0x5360835: QKeyMapper::sendKeyEvent(QWidget*, bool, QEvent::Type, int, QFlags<Qt:
:KeyboardModifier>, QString const&, bool, int, unsigned int, unsigned int, unsigned int, bool*) (
qkeymapper_x11.cpp:1861)
==31858==    by 0x5360547: QKeyMapperPrivate::translateKeyEvent(QWidget*, _XEvent const*, bool) (
qkeymapper_x11.cpp:1831)
==31858==    by 0x532C5AE: QApplication::x11ProcessEvent(_XEvent*) (qapplication_x11.cpp:3392)
==31858==    by 0x53627C8: x11EventSourceDispatch(_GSource*, int (*)(void*), void*) (qguieventdis
patcher_glib.cpp:146)
==31858==    by 0x63B84C1: g_main_context_dispatch (in /usr/lib/libglib-2.0.so.0.2200.1)
==31858==    by 0x63BBD97: ??? (in /usr/lib/libglib-2.0.so.0.2200.1)
==31858==    by 0x63BBEBD: g_main_context_iteration (in /usr/lib/libglib-2.0.so.0.2200.1)
==31858==    by 0x4F9A1A3: QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFl
ag>) (qeventdispatcher_glib.cpp:407)
==31858==    by 0x5362DEF: QGuiEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEvent
sFlag>) (qguieventdispatcher_glib.cpp:202)
==31858==    by 0x4F5FEDA: QEventLoop::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) (qeve
ntloop.cpp:149)
==31858==    by 0x4F6001F: QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) (qeventloop.cp
p:201)
==31858==    by 0x4F63154: QCoreApplication::exec() (qcoreapplication.cpp:981)
==31858==    by 0x5296D71: QApplication::exec() (qapplication.cpp:3590)
==31858==    by 0x40EAF0E: kdemain (konqmain.cpp:257)
==31858==    by 0x804879A: main (konqueror_dummy.cpp:3)
==31858==  Address 0xc168844 is 4 bytes inside a block of size 48 free'd
==31858==    at 0x40265BD: operator delete(void*) (in /usr/lib/valgrind/vgpreload_memcheck-x86-linux.so)
==31858==    by 0x9F9362D: khtml::LineEditWidget::~LineEditWidget() (render_form.cpp:655)
==31858==    by 0x4F7F675: qDeleteInEventHandler(QObject*) (qobject.cpp:4125)
==31858==    by 0x4F7A0E9: QObject::event(QEvent*) (qobject.cpp:1229)
==31858==    by 0x530317B: QWidget::event(QEvent*) (qwidget.cpp:8357)
==31858==    by 0x5782D4C: QLineEdit::event(QEvent*) (qlineedit.cpp:1407)
==31858==    by 0x490A939: KLineEdit::event(QEvent*) (klineedit.cpp:1322)
==31858==    by 0x9F93423: khtml::LineEditWidget::event(QEvent*) (render_form.cpp:919)
==31858==    by 0x5299499: QApplicationPrivate::notify_helper(QObject*, QEvent*) (qapplication.cpp:4251)
==31858==    by 0x52992FF: QApplication::notify(QObject*, QEvent*) (qapplication.cpp:4216)
==31858==    by 0x48201B9: KApplication::notify(QObject*, QEvent*) (kapplication.cpp:302)
==31858==    by 0x4F62A78: QCoreApplication::notifyInternal(QObject*, QEvent*) (qcoreapplication.
cpp:704)
==31858==    by 0x4F66550: QCoreApplication::sendEvent(QObject*, QEvent*) (qcoreapplication.h:215
)
==31858==    by 0x4F63B2C: QCoreApplicationPrivate::sendPostedEvents(QObject*, int, QThreadData*)
 (qcoreapplication.cpp:1345)
==31858==    by 0x4F637E4: QCoreApplication::sendPostedEvents(QObject*, int) (qcoreapplication.cp
p:1238)
==31858==    by 0x4F9A8B9: QCoreApplication::sendPostedEvents() (qcoreapplication.h:220)
==31858==    by 0x4F991A7: postEventSourceDispatch(_GSource*, int (*)(void*), void*) (qeventdispa
tcher_glib.cpp:276)
==31858==    by 0x63B84C1: g_main_context_dispatch (in /usr/lib/libglib-2.0.so.0.2200.1)
==31858==    by 0x63BBD97: ??? (in /usr/lib/libglib-2.0.so.0.2200.1)
==31858==    by 0x63BBEBD: g_main_context_iteration (in /usr/lib/libglib-2.0.so.0.2200.1)
==31858==    by 0x4F9A1A3: QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFl
ag>) (qeventdispatcher_glib.cpp:407)
==31858==    by 0x5362DEF: QGuiEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEvent
sFlag>) (qguieventdispatcher_glib.cpp:202)
==31858==    by 0x4F5FEDA: QEventLoop::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) (qeve
ntloop.cpp:149)
==31858==    by 0x4F6001F: QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) (qeventloop.cp
p:201)
==31858==    by 0x5868F89: QDialog::exec() (qdialog.cpp:530)
==31858==    by 0x4793CE3: KMessageBox::createKMessageBox(KDialog*, QIcon const&, QString const&, QStringList const&, QString const&, bool*, QFlags<KMessageBox::Option>, QString const&, QMessageBox::Icon) (kmessagebox.cpp:333)
==31858==    by 0x479511C: KMessageBox::createKMessageBox(KDialog*, QMessageBox::Icon, QString const&, QStringList const&, QString const&, bool*, QFlags<KMessageBox::Option>, QString const&) (kmessagebox.cpp:151)
==31858==    by 0x4795EE0: KMessageBox::errorListWId(unsigned long, QString const&, QStringList const&, QString const&, QFlags<KMessageBox::Option>) (kmessagebox.cpp:845)
==31858==    by 0x47960FE: KMessageBox::error(QWidget*, QString const&, QString const&, QFlags<KMessageBox::Option>) (kmessagebox.cpp:810)
==31858==    by 0xA08FD1D: KJS::WindowFunc::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List const&) (kjs_window.cpp:1821)
==31858==    by 0xA3B7AEC: KJS::JSObject::call(KJS::ExecState*, KJS::JSObject*, KJS::List const&) (object.cpp:69)
==31858==    by 0xA3D59D9: KJS::Machine::runBlock(KJS::ExecState*, WTF::Vector<unsigned char, 0u> const&, KJS::ExecState*) (codes.def:1192)
==31858==    by 0xA3B3ECA: KJS::FunctionImp::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List const&) (function.cpp:144)
==31858==    by 0xA3B7AEC: KJS::JSObject::call(KJS::ExecState*, KJS::JSObject*, KJS::List const&) (object.cpp:69)
==31858==    by 0xA3D59D9: KJS::Machine::runBlock(KJS::ExecState*, WTF::Vector<unsigned char, 0u> const&, KJS::ExecState*) (codes.def:1192)
==31858==    by 0xA3B3ECA: KJS::FunctionImp::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List const&) (function.cpp:144)
==31858==    by 0xA3B7AEC: KJS::JSObject::call(KJS::ExecState*, KJS::JSObject*, KJS::List const&) (object.cpp:69)
==31858==    by 0xA0B5D56: KJS::JSEventListener::handleEvent(DOM::Event&) (kjs_events.cpp:106)
==31858==    by 0x9E9DC4A: DOM::NodeImpl::handleLocalEvents(DOM::EventImpl*, bool) (dom_nodeimpl.cpp:731)
==31858==    by 0x9E9E10C: DOM::NodeImpl::dispatchGenericEvent(DOM::EventImpl*, int&) (dom_nodeimpl.cpp:501)
==31858==    by 0x9E9E1B3: DOM::NodeImpl::dispatchEvent(DOM::EventImpl*, int&, bool) (dom_nodeimpl.cpp:453)
==31858==    by 0x9E9F870: DOM::NodeImpl::dispatchMouseEvent(QMouseEvent*, int, int) (dom_nodeimpl.cpp:646)
==31858==    by 0x9F092AD: DOM::HTMLButtonElementImpl::click() (html_formimpl.cpp:1212)
==31858==    by 0xA05BD24: KJS::HTMLElementFunction::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List const&) (kjs_html.cpp:2187)
==31858==    by 0xA3B7AEC: KJS::JSObject::call(KJS::ExecState*, KJS::JSObject*, KJS::List const&) (object.cpp:69)
==31858==    by 0xA3D59D9: KJS::Machine::runBlock(KJS::ExecState*, WTF::Vector<unsigned char, 0u> const&, KJS::ExecState*) (codes.def:1192)
==31858==    by 0xA3B3ECA: KJS::FunctionImp::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List const&) (function.cpp:144)
==31858==    by 0xA3B7AEC: KJS::JSObject::call(KJS::ExecState*, KJS::JSObject*, KJS::List const&) (object.cpp:69)
==31858==    by 0xA3D59D9: KJS::Machine::runBlock(KJS::ExecState*, WTF::Vector<unsigned char, 0u> const&, KJS::ExecState*) (codes.def:1192)
==31858==    by 0xA3B3ECA: KJS::FunctionImp::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List const&) (function.cpp:144)
==31858==

Comment 7 Tommi Tervo 2009-11-28 18:38:21 UTC

*** Bug 216547 has been marked as a duplicate of this bug. ***

Comment 8 Unknown 2009-12-05 10:13:45 UTC

Created attachment 38843 [details]
New crash information added by DrKonqi

Comment 9 Unknown 2009-12-05 10:15:46 UTC

(In reply to comment #4)
> Seems to crash also with fake data.
> https://www.mbank.com.pl/
> Tested on user (Identyfikator) "12345678" and pass (Hasło) "test".

Can reproduce with mentioned above fake data.

Comment 10 Tommi Tervo 2009-12-06 19:45:33 UTC

*** Bug 217616 has been marked as a duplicate of this bug. ***

Comment 11 Dario Andres 2009-12-14 18:56:47 UTC

From comment 8:
---

#6  QMetaObject::cast (this=0xb70d5ebc, obj=0x300005f) at kernel/qmetaobject.cpp:266
#7  0xb1274e5d in qobject_cast<KUrlRequester*> (object=0x300005f) at /usr/include/qt4/QtCore/qobject.h:451
#8  0xb1269333 in KHTMLView::eventFilter (this=0x8da6da0, o=0x8aff2a0, e=0xbfdc9e5c) at /home/porttmp/portage/kde-base/kdelibs-4.3.80/work/kdelibs-4.3.80/khtml/khtmlview.cpp:2293
#9  0xb7630520 in QCoreApplicationPrivate::sendThroughObjectEventFilters (this=0x86cde98, receiver=0x8aff2a0, event=0xbfdc9e5c) at kernel/qcoreapplication.cpp:819
#10 0xb607d65f in QApplicationPrivate::notify_helper (this=0x86cde98, receiver=0x8aff2a0, e=0xbfdc9e5c) at kernel/qapplication.cpp:4238
...

Comment 12 Unknown 2010-02-03 23:38:48 UTC

Created attachment 40512 [details]
New crash information added by DrKonqi

Looks like it's still here in 4.3.98.

Comment 13 Tommi Tervo 2010-02-05 21:37:15 UTC

*** Bug 225492 has been marked as a duplicate of this bug. ***

Comment 14 Dario Andres 2010-02-27 15:43:33 UTC

*** Bug 228678 has been marked as a duplicate of this bug. ***

Comment 15 FiNeX 2010-08-15 17:42:27 UTC

Cannot reproduce using KDE 4.4.4, 4.4.5 and 4.5.0 (on three different PC)

Comment 16 Andrea Iacovitti 2013-11-15 22:33:25 UTC

*** Bug 229503 has been marked as a duplicate of this bug. ***

Comment 17 Dominik Haumann 2019-10-04 16:50:32 UTC

*** Bug 302229 has been marked as a duplicate of this bug. ***