220690 – Rekonq crashes at a double click on a preview image shortly after a right click on that preview (and other situations) [null WebCore::RenderLayer::clearClipRects, WebCore::RenderLayer::updateLayerPosition, WebCore::MouseRelatedEvent::receivedTarget]

Bug 220690 - Rekonq crashes at a double click on a preview image shortly after a right click on that preview (and other situations) [null WebCore::RenderLayer::clearClipRects, WebCore::RenderLayer::updateLayerPosition, WebCore::MouseRelatedEvent::receivedTarget]

Summary: Rekonq crashes at a double click on a preview image shortly after a right cli...

Status:	RESOLVED FIXED

Alias:	None

Product:	rekonq
Classification:	Unmaintained
Component:	general (show other bugs)
Version:	unspecified
Platform:	Compiled Sources Linux

Importance:	NOR crash
Target Milestone:	---
Assignee:	Andrea Diamantini

URL:
Keywords:

Duplicates (5):	217845 220863 222093 222454 222771 (view as bug list)
Depends on:
Blocks:

Reported:	2009-12-30 15:05 UTC by Roland Wolters
Modified:	2010-02-14 10:36 UTC (History)
CC List:	5 users (show)

See Also:
Latest Commit:
Version Fixed In:
Sentry Crash Report:

Attachments
Add an attachment

Note You need to log in before you can comment on or make changes to this bug.

Description Roland Wolters 2009-12-30 15:05:59 UTC

Version:            (using Devel)
OS:                Linux
Installed from:    Compiled sources

Problem description:
====================
I open the main window with the preview icons. There I can right click on a preview to get a menu. If I know double-click on the preview, directly next to the window, the application crashes.

Steps to reproduce:
===================

1. Open rekonq with a tab showing the previews.
2. Right click on a preview to get the menu.
3. Double-click on the preview itself.

Expected result:
================
It should have not crashed. It should have just opened the page.


What actually happened:
=======================
It crashed, see the backtrace below.

Version and compile options:
============================
I checked out the git version 4b0a451049fa6ecb11c44a76f18135152b47b13a and configured it with debugfull.

The backtrace:
==============
Application: rekonq (rekonq), signal: Segmentation fault
The current source language is "auto; currently c".
[Current thread is 1 (Thread 0x7fb0bd98e7f0 (LWP 13029))]

Thread 4 (Thread 0x7fb0ac1ea910 (LWP 13030)):
#0  pthread_cond_wait@@GLIBC_2.3.2 () at ../nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_wait.S:261
#1  0x00007fb0bc515556 in WTF::TCMalloc_PageHeap::scavengerThread (this=0x7fb0bd4f70e0) at ../JavaScriptCore/wtf/FastMalloc.cpp:2299
#2  0x00007fb0bc515599 in WTF::TCMalloc_PageHeap::runScavengerThread (context=0x7fb0bd5051ac) at ../JavaScriptCore/wtf/FastMalloc.cpp:1433
#3  0x00007fb0b8d28a04 in start_thread (arg=<value optimized out>) at pthread_create.c:300
#4  0x00007fb0b82e77bd in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:112
#5  0x0000000000000000 in ?? ()

Thread 3 (Thread 0x7fb09ff9f910 (LWP 13087)):
#0  pthread_cond_wait@@GLIBC_2.3.2 () at ../nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_wait.S:261
#1  0x00007fb0b8fb867b in QWaitConditionPrivate::wait (this=<value optimized out>, mutex=0x277a440, time=18446744073709551615) at thread/qwaitcondition_unix.cpp:87
#2  QWaitCondition::wait (this=<value optimized out>, mutex=0x277a440, time=18446744073709551615) at thread/qwaitcondition_unix.cpp:159
#3  0x00007fb0bca15618 in WebCore::IconDatabase::syncThreadMainLoop (this=0x7fb0ab95cb40) at loader/icon/IconDatabase.cpp:1412
#4  0x00007fb0bca19fa8 in WebCore::IconDatabase::iconDatabaseSyncThread (this=0x7fb0ab95cb40) at loader/icon/IconDatabase.cpp:1038
#5  0x00007fb0bc51aadb in WTF::ThreadPrivate::run (this=0x2826250) at ../JavaScriptCore/wtf/qt/ThreadingQt.cpp:64
#6  0x00007fb0b8fb76c5 in QThreadPrivate::start (arg=0x2826250) at thread/qthread_unix.cpp:244
#7  0x00007fb0b8d28a04 in start_thread (arg=<value optimized out>) at pthread_create.c:300
#8  0x00007fb0b82e77bd in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:112
#9  0x0000000000000000 in ?? ()
The current source language is "auto; currently asm".

Thread 2 (Thread 0x7fb09f79e910 (LWP 13093)):
#0  pthread_cond_timedwait@@GLIBC_2.3.2 () at ../nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_timedwait.S:220
#1  0x00007fb0b8fb85e2 in QWaitConditionPrivate::wait (this=<value optimized out>, mutex=0x2775f10, time=30000) at thread/qwaitcondition_unix.cpp:85
#2  QWaitCondition::wait (this=<value optimized out>, mutex=0x2775f10, time=30000) at thread/qwaitcondition_unix.cpp:159
#3  0x00007fb0b8fad989 in QThreadPoolThread::run (this=0x208bd60) at concurrent/qthreadpool.cpp:140
#4  0x00007fb0b8fb76c5 in QThreadPrivate::start (arg=0x208bd60) at thread/qthread_unix.cpp:244
#5  0x00007fb0b8d28a04 in start_thread (arg=<value optimized out>) at pthread_create.c:300
#6  0x00007fb0b82e77bd in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:112
#7  0x0000000000000000 in ?? ()

Thread 1 (Thread 0x7fb0bd98e7f0 (LWP 13029)):
[KCrash Handler]
#5  WebCore::RenderLayer::clearClipRects (this=0x0) at rendering/RenderLayer.cpp:2933
#6  0x00007fb0bc903ff2 in WebCore::RenderLayer::updateLayerPosition (this=0x0) at rendering/RenderLayer.cpp:525
#7  0x00007fb0bc6531f0 in WebCore::MouseRelatedEvent::receivedTarget (this=0x7fb0ab8e86e0) at dom/MouseRelatedEvent.cpp:163
#8  0x00007fb0bc65a0f0 in WebCore::Node::dispatchEvent (this=0x7fb0ab93bcc0, prpEvent=<value optimized out>) at dom/Node.cpp:2444
#9  0x00007fb0bc65e835 in WebCore::Node::dispatchMouseEvent (this=0x7fb0ab93bcc0, eventType=..., button=<value optimized out>, detail=0, pageX=192, pageY=326, screenX=192, screenY=403, 
    ctrlKey=false, altKey=false, shiftKey=false, metaKey=false, isSimulated=false, relatedTargetArg=0x0, underlyingEvent=...) at dom/Node.cpp:2718
#10 0x00007fb0bc65f045 in WebCore::Node::dispatchMouseEvent (this=0x7fb0ab93bcc0, event=..., eventType=..., detail=0, relatedTarget=0x0) at dom/Node.cpp:2627
#11 0x00007fb0bc82033d in WebCore::EventHandler::updateMouseEventTargetNode (this=0x7fb0ab8ef580, targetNode=<value optimized out>, mouseEvent=..., fireMouseOverOut=<value optimized out>)
    at page/EventHandler.cpp:1694
#12 0x00007fb0bc82070e in WebCore::EventHandler::dispatchMouseEvent (this=0x7fb0ab8ef580, eventType=..., targetNode=0x0, clickCount=0, mouseEvent=..., setUnder=15) at page/EventHandler.cpp:1711
#13 0x00007fb0bc8249eb in WebCore::EventHandler::handleMouseMoveEvent (this=0x7fb0ab8ef580, mouseEvent=..., hoveredNode=<value optimized out>) at page/EventHandler.cpp:1414
#14 0x00007fb0bc824ca9 in WebCore::EventHandler::mouseMoved (this=0x7fb0ab8ef580, event=...) at page/EventHandler.cpp:1313
#15 0x00007fb0bc9c2cbf in QWebPagePrivate::mouseMoveEvent (this=<value optimized out>, ev=0x7ffff18e7020) at ../WebKit/qt/Api/qwebpage.cpp:703
#16 0x00007fb0bc9c8489 in QWebPage::event (this=0x2764660, ev=0x7ffff18e7020) at ../WebKit/qt/Api/qwebpage.cpp:2485
#17 0x00007fb0bc9cbc28 in QWebView::mouseMoveEvent (this=<value optimized out>, ev=0x7ffff18e7020) at ../WebKit/qt/Api/qwebview.cpp:783
#18 0x00007fb0bd55901a in WebView::mouseMoveEvent (this=0x275cbf0, event=0x7ffff18e7020) at /home/rwo/Entwicklung/rekonq/src/webview.cpp:316
#19 0x00007fb0b95d31f7 in QWidget::event (this=0x275cbf0, event=0x7ffff18e7020) at kernel/qwidget.cpp:7959
#20 0x00007fb0bc9cc41d in QWebView::event (this=0x275cbf0, e=0x7ffff18e7020) at ../WebKit/qt/Api/qwebview.cpp:657
#21 0x00007fb0b957de8c in QApplicationPrivate::notify_helper (this=0x20192d0, receiver=0x275cbf0, e=0x7ffff18e7020) at kernel/qapplication.cpp:4242
#22 0x00007fb0b9584cf1 in QApplication::notify (this=0x7ffff18e82b0, receiver=0x275cbf0, e=0x7ffff18e7020) at kernel/qapplication.cpp:3822
#23 0x00007fb0bb169856 in KApplication::notify(QObject*, QEvent*) () from /usr/lib/libkdeui.so.5
#24 0x00007fb0b90ab04c in QCoreApplication::notifyInternal (this=0x7ffff18e82b0, receiver=0x275cbf0, event=0x7ffff18e7020) at kernel/qcoreapplication.cpp:704
#25 0x00007fb0b9583e66 in QCoreApplication::sendEvent (receiver=0x275cbf0, event=0x7ffff18e7020, alienWidget=0x275cbf0, nativeWidget=0x21768d0, buttonDown=<value optimized out>, 
    lastMouseReceiver=<value optimized out>, spontaneous=true) at ../../include/QtCore/../../src/corelib/kernel/qcoreapplication.h:215
#26 QApplicationPrivate::sendMouseEvent (receiver=0x275cbf0, event=0x7ffff18e7020, alienWidget=0x275cbf0, nativeWidget=0x21768d0, buttonDown=<value optimized out>, 
    lastMouseReceiver=<value optimized out>, spontaneous=true) at kernel/qapplication.cpp:2956
#27 0x00007fb0b958430f in QApplicationPrivate::sendSyntheticEnterLeave (this=<value optimized out>, widget=<value optimized out>) at kernel/qapplication.cpp:3042
#28 0x00007fb0b95d1d24 in QWidgetPrivate::hideChildren (this=<value optimized out>, spontaneous=false) at kernel/qwidget.cpp:7512
#29 0x00007fb0b95d1ce1 in QWidgetPrivate::hideChildren (this=<value optimized out>, spontaneous=false) at kernel/qwidget.cpp:7498
#30 0x00007fb0b95d1ce1 in QWidgetPrivate::hideChildren (this=<value optimized out>, spontaneous=false) at kernel/qwidget.cpp:7498
#31 0x00007fb0b95d1ea4 in QWidgetPrivate::hide_helper (this=0x2805fb0) at kernel/qwidget.cpp:7259
#32 0x00007fb0b95da910 in QWidget::setVisible (this=0x2806ca0, visible=<value optimized out>) at kernel/qwidget.cpp:7431
#33 0x00007fb0bc9a46bd in WebCore::ScrollView::platformRemoveChild (this=0x7fb0ab91ec80, child=0x4000) at platform/qt/ScrollViewQt.cpp:63
#34 0x00007fb0bc9529c8 in WebCore::RenderWidget::destroy (this=0x7fb0ab926930) at rendering/RenderWidget.cpp:86
#35 0x00007fb0bc658585 in WebCore::Node::detach (this=0x7fb0ab93bcc0) at dom/Node.cpp:1256
#36 0x00007fb0bc61e394 in WebCore::ContainerNode::detach (this=0x7fb0ab975690) at dom/ContainerNode.cpp:588
#37 0x00007fb0bc61e394 in WebCore::ContainerNode::detach (this=0x7fb0ab8f3000) at dom/ContainerNode.cpp:588
#38 0x00007fb0bc61e394 in WebCore::ContainerNode::detach (this=0x7fb0ab8f30e0) at dom/ContainerNode.cpp:588
#39 0x00007fb0bc61e394 in WebCore::ContainerNode::detach (this=0x7fb0ab92c528) at dom/ContainerNode.cpp:588
#40 0x00007fb0bc61e394 in WebCore::ContainerNode::detach (this=0x7fb0ab8f3bd0) at dom/ContainerNode.cpp:588
#41 0x00007fb0bc61e394 in WebCore::ContainerNode::detach (this=0x7fb0ab91fa00) at dom/ContainerNode.cpp:588
#42 0x00007fb0bc62e6f2 in WebCore::Document::detach (this=0x7fb0ab91fa00) at dom/Document.cpp:1457
#43 0x00007fb0bc82a164 in WebCore::Frame::setView (this=0x7fb0ab8ef000, view=) at page/Frame.cpp:248
#44 0x00007fb0bc82a202 in WebCore::Frame::createView (this=0x7fb0ab8ef000, viewportSize=..., backgroundColor=..., transparent=15, fixedLayoutSize=..., useFixedLayout=false, 
    horizontalScrollbarMode=WebCore::ScrollbarAuto, verticalScrollbarMode=WebCore::ScrollbarAuto) at page/Frame.cpp:1803
#45 0x00007fb0bc9ade44 in WebCore::FrameLoaderClientQt::transitionToCommittedForNewPage (this=0x2769e60) at ../WebKit/qt/WebCoreSupport/FrameLoaderClientQt.cpp:225
#46 0x00007fb0bc7ccaa6 in WebCore::FrameLoader::transitionToCommitted (this=0x7fb0ab8ef050, cachedPage=) at loader/FrameLoader.cpp:2525
#47 0x00007fb0bc7ccd57 in WebCore::FrameLoader::commitProvisionalLoad (this=0x7fb0ab8ef050, prpCachedPage=<value optimized out>) at loader/FrameLoader.cpp:2391
#48 0x00007fb0bc7b6e32 in WebCore::DocumentLoader::commitIfReady (this=<value optimized out>) at loader/DocumentLoader.cpp:320
#49 0x00007fb0bc7b731c in WebCore::DocumentLoader::commitLoad (this=0x7fb0ab91d080, data=0x286cf48 "<?xml version=\"1.0\" encoding=\"", length=30) at loader/DocumentLoader.cpp:340
#50 0x00007fb0bc7f3201 in WebCore::ResourceLoader::didReceiveData (this=0x7fb0ab941200, data=0x286cf48 "<?xml version=\"1.0\" encoding=\"", length=30, lengthReceived=30, allAtOnce=15)
    at loader/ResourceLoader.cpp:248
#51 0x00007fb0bc7e588c in WebCore::MainResourceLoader::didReceiveData (this=0x7fb0ab941200, data=0x286cf48 "<?xml version=\"1.0\" encoding=\"", length=30, lengthReceived=30, 
    allAtOnce=<value optimized out>) at loader/MainResourceLoader.cpp:374
#52 0x00007fb0bc98e833 in WebCore::QNetworkReplyHandler::forwardData (this=0x2861eb0) at platform/network/qt/QNetworkReplyHandler.cpp:360
#53 0x00007fb0bc98fef4 in WebCore::QNetworkReplyHandler::qt_metacall (this=0x2861eb0, _c=QMetaObject::InvokeMetaMethod, _id=<value optimized out>, _a=<value optimized out>)
    at .moc/release-shared/moc_QNetworkReplyHandler.cpp:84
#54 0x00007fb0b90bad19 in QObject::event (this=0x2861eb0, e=0x2775c50) at kernel/qobject.cpp:1260
#55 0x00007fb0b957de8c in QApplicationPrivate::notify_helper (this=0x20192d0, receiver=0x2861eb0, e=0x2775c50) at kernel/qapplication.cpp:4242
#56 0x00007fb0b958448d in QApplication::notify (this=0x7ffff18e82b0, receiver=0x2861eb0, e=0x2775c50) at kernel/qapplication.cpp:4125
#57 0x00007fb0bb169856 in KApplication::notify(QObject*, QEvent*) () from /usr/lib/libkdeui.so.5
#58 0x00007fb0b90ab04c in QCoreApplication::notifyInternal (this=0x7ffff18e82b0, receiver=0x2861eb0, event=0x2775c50) at kernel/qcoreapplication.cpp:704
#59 0x00007fb0b90ad7c7 in QCoreApplication::sendEvent (receiver=0x0, event_type=<value optimized out>, data=0x1ff17e0) at ../../include/QtCore/../../src/corelib/kernel/qcoreapplication.h:215
#60 QCoreApplicationPrivate::sendPostedEvents (receiver=0x0, event_type=<value optimized out>, data=0x1ff17e0) at kernel/qcoreapplication.cpp:1345
#61 0x00007fb0b90d4ae3 in QCoreApplication::sendPostedEvents (s=<value optimized out>) at ../../include/QtCore/../../src/corelib/kernel/qcoreapplication.h:220
#62 postEventSourceDispatch (s=<value optimized out>) at kernel/qeventdispatcher_glib.cpp:276
#63 0x00007fb0b4ae6bce in g_main_context_dispatch () from /lib/libglib-2.0.so.0
#64 0x00007fb0b4aea598 in ?? () from /lib/libglib-2.0.so.0
#65 0x00007fb0b4aea6c0 in g_main_context_iteration () from /lib/libglib-2.0.so.0
#66 0x00007fb0b90d4623 in QEventDispatcherGlib::processEvents (this=0x1ff0e00, flags=<value optimized out>) at kernel/qeventdispatcher_glib.cpp:407
#67 0x00007fb0b962c2fe in QGuiEventDispatcherGlib::processEvents (this=0x0, flags=<value optimized out>) at kernel/qguieventdispatcher_glib.cpp:202
#68 0x00007fb0b90a9972 in QEventLoop::processEvents (this=<value optimized out>, flags=) at kernel/qeventloop.cpp:149
#69 0x00007fb0b90a9d4c in QEventLoop::exec (this=0x7ffff18e8220, flags=) at kernel/qeventloop.cpp:201
#70 0x00007fb0b90ada8b in QCoreApplication::exec () at kernel/qcoreapplication.cpp:981
#71 0x00007fb0bd5874f4 in kdemain (argc=1, argv=0x7ffff18e8918) at /home/rwo/Entwicklung/rekonq/src/main.cpp:157
#72 0x00000000004008a6 in main (argc=1, argv=0x7ffff18e8918) at /home/rwo/Entwicklung/rekonq/build/src/rekonq_dummy.cpp:3
The current source language is "auto; currently c".

Comment 1 Dario Andres 2010-01-13 15:06:21 UTC

This is likely a QtWebKit issue... merging here all the related reports.

Comment 2 Dario Andres 2010-01-13 15:10:26 UTC

From bug 222454 (Qt4.5.3):
-- What I was doing when the application crashed:
First I opened rekonq and load a page, soon after I opened a new tab and begin
to type the URL in address bar and... boom. The program crashed.

From bug 217845 (Qt 4.6.0):
-- What I was doing when the application crashed:
rekonq crashed when I tipped an Url in the bar and used the auto history
completation. I had that a few times but it seems to be sporatic.

From bug 220863 (Qt 4.6.0):
-- Information about the crash:
Middle clicked a tab and instantly hit Ctrl+T to open another new tab and it
crashed..
OK I had reopened it and it seems that it's loading the HTML in the second tab
that crashes it. 

From bug 222093 (Qt 4.6.0):
-- Information about the crash:
This is about the 4th time that rekonq has crashed after I opened a new tab and
entered information. There seems to be no delay in terms of contacting the
server etc. Like the act of either entering the data or pressing enter to
initiate the server contact kills rekonq

Comment 3 Dario Andres 2010-01-13 15:10:43 UTC

*** Bug 222454 has been marked as a duplicate of this bug. ***

Comment 4 Dario Andres 2010-01-13 15:10:45 UTC

*** Bug 217845 has been marked as a duplicate of this bug. ***

Comment 5 Dario Andres 2010-01-13 15:10:47 UTC

*** Bug 220863 has been marked as a duplicate of this bug. ***

Comment 6 Dario Andres 2010-01-13 15:20:35 UTC

*** Bug 222093 has been marked as a duplicate of this bug. ***

Comment 7 Dario Andres 2010-01-15 00:25:03 UTC

From bug 222771:
-- Information about the crash:
I had two tabs opened, I opened a third tab, wrote "de." which proposed
"de.wikipedia.org" to me, I selected it and loaded it (<1sec) then rekonq
crashed.
Using KDE SC 4.3.90 and Rekonq 0.3

Comment 8 Dario Andres 2010-01-15 00:25:05 UTC

*** Bug 222771 has been marked as a duplicate of this bug. ***

Comment 9 Andrea Diamantini 2010-02-13 02:15:35 UTC

uhm.. what about this?

Comment 10 Andrea Diamantini 2010-02-14 10:36:09 UTC

Fixed in 0.3.90 (moving from plugins to webelements)