Bug 231017 - [testcase url] Konqueror crashes when loading page [khtml::RenderFlow::lastLineBox]
Summary: [testcase url] Konqueror crashes when loading page [khtml::RenderFlow::lastLi...
Status: RESOLVED WORKSFORME
Alias: None
Product: konqueror
Classification: Applications
Component: khtml renderer (other bugs)
Version First Reported In: unspecified
Platform: Compiled Sources Linux
: NOR crash
Target Milestone: ---
Assignee: Konqueror Bugs
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2010-03-16 20:29 UTC by Tim Eberhardt
Modified: 2013-12-06 21:16 UTC (History)
2 users (show)

See Also:
Latest Commit:
Version Fixed/Implemented In:
Sentry Crash Report:

Attachments
Add an attachment

Note You need to log in before you can comment on or make changes to this bug.
Description Tim Eberhardt 2010-03-16 20:29:52 UTC 
Application: konqueror (4.4.1 (KDE 4.4.1))
KDE Platform Version: 4.4.1 (KDE 4.4.1) (Compiled from sources)
Qt Version: 4.6.2
Operating System: Linux 2.6.33-gentoo x86_64
Distribution (Platform): Gentoo Packages

-- Information about the crash:
When opening the following site konqueror crashes
http://www.chevrolet.de/fahrzeuge/captiva/captiva-diesel/konfigurieren/captiva-diesel-ls-7s.html
reproduceable: always

 -- Backtrace:
Application: Konqueror (kdeinit4), signal: Segmentation fault
The current source language is "auto; currently asm".
[Current thread is 1 (Thread 0x7f8065d17760 (LWP 2853))]

Thread 2 (Thread 0x7f804e3a7710 (LWP 3167)):
#0  pthread_cond_timedwait@@GLIBC_2.3.2 () at ../nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_timedwait.S:211
#1  0x00007f8063a1e1e1 in QWaitConditionPrivate::wait (this=<value optimized out>, mutex=0x2222660, time=30000) at thread/qwaitcondition_unix.cpp:85
#2  QWaitCondition::wait (this=<value optimized out>, mutex=0x2222660, time=30000) at thread/qwaitcondition_unix.cpp:159
#3  0x00007f8063a13698 in QThreadPoolThread::run (this=0x2cd2f90) at concurrent/qthreadpool.cpp:140
#4  0x00007f8063a1d2a5 in QThreadPrivate::start (arg=0x2cd2f90) at thread/qthread_unix.cpp:248
#5  0x00007f806378e8e4 in start_thread (arg=<value optimized out>) at pthread_create.c:297
#6  0x00007f8061e96dfd in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:112
#7  0x0000000000000000 in ?? ()

Thread 1 (Thread 0x7f8065d17760 (LWP 2853)):
[KCrash Handler]
#5  khtml::RenderFlow::lastLineBox (this=0x2a6f188, obj=0x0) at /var/tmp/portage/kde-base/kdelibs-4.4.1-r1/work/kdelibs-4.4.1/khtml/rendering/render_flow.h:74
#6  khtml::RenderBlock::createLineBoxes (this=0x2a6f188, obj=0x0) at /var/tmp/portage/kde-base/kdelibs-4.4.1-r1/work/kdelibs-4.4.1/khtml/rendering/bidi.cpp:655
#7  0x00007f8052661544 in khtml::RenderBlock::createLineBoxes (this=0x2a6f188, obj=0x21930c0) at /var/tmp/portage/kde-base/kdelibs-4.4.1-r1/work/kdelibs-4.4.1/khtml/rendering/bidi.cpp:675
#8  0x00007f8052661544 in khtml::RenderBlock::createLineBoxes (this=0x2a6f188, obj=0x21932b8) at /var/tmp/portage/kde-base/kdelibs-4.4.1-r1/work/kdelibs-4.4.1/khtml/rendering/bidi.cpp:675
#9  0x00007f8052661544 in khtml::RenderBlock::createLineBoxes (this=0x2a6f188, obj=0x2193438) at /var/tmp/portage/kde-base/kdelibs-4.4.1-r1/work/kdelibs-4.4.1/khtml/rendering/bidi.cpp:675
#10 0x00007f8052661544 in khtml::RenderBlock::createLineBoxes (this=0x2a6f188, obj=0x2193500) at /var/tmp/portage/kde-base/kdelibs-4.4.1-r1/work/kdelibs-4.4.1/khtml/rendering/bidi.cpp:675
#11 0x00007f8052661544 in khtml::RenderBlock::createLineBoxes (this=0x2a6f188, obj=0x2a5fd88) at /var/tmp/portage/kde-base/kdelibs-4.4.1-r1/work/kdelibs-4.4.1/khtml/rendering/bidi.cpp:675
#12 0x00007f8052661544 in khtml::RenderBlock::createLineBoxes (this=0x2a6f188, obj=0x2a5fe50) at /var/tmp/portage/kde-base/kdelibs-4.4.1-r1/work/kdelibs-4.4.1/khtml/rendering/bidi.cpp:675
#13 0x00007f8052661544 in khtml::RenderBlock::createLineBoxes (this=0x2a6f188, obj=0x2a6eb08) at /var/tmp/portage/kde-base/kdelibs-4.4.1-r1/work/kdelibs-4.4.1/khtml/rendering/bidi.cpp:675
#14 0x00007f8052661544 in khtml::RenderBlock::createLineBoxes (this=0x2a6f188, obj=0x2a6ebd0) at /var/tmp/portage/kde-base/kdelibs-4.4.1-r1/work/kdelibs-4.4.1/khtml/rendering/bidi.cpp:675
#15 0x00007f8052661544 in khtml::RenderBlock::createLineBoxes (this=0x2a6f188, obj=0x2a6f0c0) at /var/tmp/portage/kde-base/kdelibs-4.4.1-r1/work/kdelibs-4.4.1/khtml/rendering/bidi.cpp:675
#16 0x00007f8052661544 in khtml::RenderBlock::createLineBoxes (this=0x2a6f188, obj=0x2a6eff8) at /var/tmp/portage/kde-base/kdelibs-4.4.1-r1/work/kdelibs-4.4.1/khtml/rendering/bidi.cpp:675
#17 0x00007f80526624c2 in khtml::RenderBlock::constructLine (this=0x2a6f188, end=...) at /var/tmp/portage/kde-base/kdelibs-4.4.1-r1/work/kdelibs-4.4.1/khtml/rendering/bidi.cpp:698
#18 0x00007f8052667ced in khtml::RenderBlock::layoutInlineChildren (this=0x2a6f188, relayoutChildren=<value optimized out>, breakBeforeLine=<value optimized out>)
    at /var/tmp/portage/kde-base/kdelibs-4.4.1-r1/work/kdelibs-4.4.1/khtml/rendering/bidi.cpp:1520
#19 0x00007f8052671f3d in khtml::RenderBlock::layoutBlock (this=0x2a6f188, relayoutChildren=false)
    at /var/tmp/portage/kde-base/kdelibs-4.4.1-r1/work/kdelibs-4.4.1/khtml/rendering/render_block.cpp:833
#20 0x00007f80526715dc in khtml::RenderObject::layoutIfNeeded (this=0x2a6ebd0, relayoutChildren=<value optimized out>)
    at /var/tmp/portage/kde-base/kdelibs-4.4.1-r1/work/kdelibs-4.4.1/khtml/rendering/render_object.h:480
#21 khtml::RenderBlock::layoutBlockChildren (this=0x2a6ebd0, relayoutChildren=<value optimized out>)
    at /var/tmp/portage/kde-base/kdelibs-4.4.1-r1/work/kdelibs-4.4.1/khtml/rendering/render_block.cpp:1555
#22 0x00007f8052671d4d in khtml::RenderBlock::layoutBlock (this=0x2a6ebd0, relayoutChildren=false)
    at /var/tmp/portage/kde-base/kdelibs-4.4.1-r1/work/kdelibs-4.4.1/khtml/rendering/render_block.cpp:835
#23 0x00007f80526715dc in khtml::RenderObject::layoutIfNeeded (this=0x2a6eb08, relayoutChildren=<value optimized out>)
    at /var/tmp/portage/kde-base/kdelibs-4.4.1-r1/work/kdelibs-4.4.1/khtml/rendering/render_object.h:480
#24 khtml::RenderBlock::layoutBlockChildren (this=0x2a6eb08, relayoutChildren=<value optimized out>)
    at /var/tmp/portage/kde-base/kdelibs-4.4.1-r1/work/kdelibs-4.4.1/khtml/rendering/render_block.cpp:1555
#25 0x00007f8052671d4d in khtml::RenderBlock::layoutBlock (this=0x2a6eb08, relayoutChildren=false)
    at /var/tmp/portage/kde-base/kdelibs-4.4.1-r1/work/kdelibs-4.4.1/khtml/rendering/render_block.cpp:835
#26 0x00007f80526715dc in khtml::RenderObject::layoutIfNeeded (this=0x2a5fe50, relayoutChildren=<value optimized out>)
    at /var/tmp/portage/kde-base/kdelibs-4.4.1-r1/work/kdelibs-4.4.1/khtml/rendering/render_object.h:480
#27 khtml::RenderBlock::layoutBlockChildren (this=0x2a5fe50, relayoutChildren=<value optimized out>)
    at /var/tmp/portage/kde-base/kdelibs-4.4.1-r1/work/kdelibs-4.4.1/khtml/rendering/render_block.cpp:1555
#28 0x00007f8052671d4d in khtml::RenderBlock::layoutBlock (this=0x2a5fe50, relayoutChildren=false)
    at /var/tmp/portage/kde-base/kdelibs-4.4.1-r1/work/kdelibs-4.4.1/khtml/rendering/render_block.cpp:835
#29 0x00007f80526715dc in khtml::RenderObject::layoutIfNeeded (this=0x2a5fd88, relayoutChildren=<value optimized out>)
    at /var/tmp/portage/kde-base/kdelibs-4.4.1-r1/work/kdelibs-4.4.1/khtml/rendering/render_object.h:480
#30 khtml::RenderBlock::layoutBlockChildren (this=0x2a5fd88, relayoutChildren=<value optimized out>)
    at /var/tmp/portage/kde-base/kdelibs-4.4.1-r1/work/kdelibs-4.4.1/khtml/rendering/render_block.cpp:1555
#31 0x00007f8052671d4d in khtml::RenderBlock::layoutBlock (this=0x2a5fd88, relayoutChildren=false)
    at /var/tmp/portage/kde-base/kdelibs-4.4.1-r1/work/kdelibs-4.4.1/khtml/rendering/render_block.cpp:835
#32 0x00007f80526715dc in khtml::RenderObject::layoutIfNeeded (this=0x2193500, relayoutChildren=<value optimized out>)
    at /var/tmp/portage/kde-base/kdelibs-4.4.1-r1/work/kdelibs-4.4.1/khtml/rendering/render_object.h:480
#33 khtml::RenderBlock::layoutBlockChildren (this=0x2193500, relayoutChildren=<value optimized out>)
    at /var/tmp/portage/kde-base/kdelibs-4.4.1-r1/work/kdelibs-4.4.1/khtml/rendering/render_block.cpp:1555
#34 0x00007f8052671d4d in khtml::RenderBlock::layoutBlock (this=0x2193500, relayoutChildren=false)
    at /var/tmp/portage/kde-base/kdelibs-4.4.1-r1/work/kdelibs-4.4.1/khtml/rendering/render_block.cpp:835
#35 0x00007f80526715dc in khtml::RenderObject::layoutIfNeeded (this=0x2193438, relayoutChildren=<value optimized out>)
    at /var/tmp/portage/kde-base/kdelibs-4.4.1-r1/work/kdelibs-4.4.1/khtml/rendering/render_object.h:480
#36 khtml::RenderBlock::layoutBlockChildren (this=0x2193438, relayoutChildren=<value optimized out>)
    at /var/tmp/portage/kde-base/kdelibs-4.4.1-r1/work/kdelibs-4.4.1/khtml/rendering/render_block.cpp:1555
#37 0x00007f8052671d4d in khtml::RenderBlock::layoutBlock (this=0x2193438, relayoutChildren=false)
    at /var/tmp/portage/kde-base/kdelibs-4.4.1-r1/work/kdelibs-4.4.1/khtml/rendering/render_block.cpp:835
#38 0x00007f80526d063c in khtml::RenderBody::layout (this=0x2193438) at /var/tmp/portage/kde-base/kdelibs-4.4.1-r1/work/kdelibs-4.4.1/khtml/rendering/render_body.cpp:91
#39 0x00007f80526715dc in khtml::RenderObject::layoutIfNeeded (this=0x21932b8, relayoutChildren=<value optimized out>)
    at /var/tmp/portage/kde-base/kdelibs-4.4.1-r1/work/kdelibs-4.4.1/khtml/rendering/render_object.h:480
#40 khtml::RenderBlock::layoutBlockChildren (this=0x21932b8, relayoutChildren=<value optimized out>)
    at /var/tmp/portage/kde-base/kdelibs-4.4.1-r1/work/kdelibs-4.4.1/khtml/rendering/render_block.cpp:1555
#41 0x00007f8052671d4d in khtml::RenderBlock::layoutBlock (this=0x21932b8, relayoutChildren=false)
    at /var/tmp/portage/kde-base/kdelibs-4.4.1-r1/work/kdelibs-4.4.1/khtml/rendering/render_block.cpp:835
#42 0x00007f80526715dc in khtml::RenderObject::layoutIfNeeded (this=0x21930c0, relayoutChildren=<value optimized out>)
    at /var/tmp/portage/kde-base/kdelibs-4.4.1-r1/work/kdelibs-4.4.1/khtml/rendering/render_object.h:480
#43 khtml::RenderBlock::layoutBlockChildren (this=0x21930c0, relayoutChildren=<value optimized out>)
    at /var/tmp/portage/kde-base/kdelibs-4.4.1-r1/work/kdelibs-4.4.1/khtml/rendering/render_block.cpp:1555
#44 0x00007f8052671d4d in khtml::RenderBlock::layoutBlock (this=0x21930c0, relayoutChildren=false)
    at /var/tmp/portage/kde-base/kdelibs-4.4.1-r1/work/kdelibs-4.4.1/khtml/rendering/render_block.cpp:835
#45 0x00007f80526cbf42 in khtml::RenderCanvas::layout (this=0x21930c0) at /var/tmp/portage/kde-base/kdelibs-4.4.1-r1/work/kdelibs-4.4.1/khtml/rendering/render_canvas.cpp:191
#46 0x00007f8052548406 in KHTMLView::layout (this=0x1f7ff80) at /var/tmp/portage/kde-base/kdelibs-4.4.1-r1/work/kdelibs-4.4.1/khtml/khtmlview.cpp:1020
#47 0x00007f8052548a2e in KHTMLView::timerEvent (this=0x1f7ff80, e=<value optimized out>) at /var/tmp/portage/kde-base/kdelibs-4.4.1-r1/work/kdelibs-4.4.1/khtml/khtmlview.cpp:4193
#48 0x00007f8063b1ff83 in QObject::event (this=0x1f7ff80, e=0x0) at kernel/qobject.cpp:1204
#49 0x00007f8062ad5dbf in QWidget::event (this=0x1f7ff80, event=0x7fff933740b0) at kernel/qwidget.cpp:8455
#50 0x00007f8062e5a216 in QFrame::event (this=0x1f7ff80, e=0x7fff933740b0) at widgets/qframe.cpp:557
#51 0x00007f8062ee51cb in QAbstractScrollArea::event (this=0x1f7ff80, e=0x7fff933740b0) at widgets/qabstractscrollarea.cpp:989
#52 0x00007f805254bfb7 in KHTMLView::event (this=0x1f7ff80, e=<value optimized out>) at /var/tmp/portage/kde-base/kdelibs-4.4.1-r1/work/kdelibs-4.4.1/khtml/khtmlview.cpp:552
#53 0x00007f8062a8066c in QApplicationPrivate::notify_helper (this=0x194b900, receiver=0x1f7ff80, e=0x7fff933740b0) at kernel/qapplication.cpp:4300
#54 0x00007f8062a86cbb in QApplication::notify (this=0x7fff93374560, receiver=0x1f7ff80, e=0x7fff933740b0) at kernel/qapplication.cpp:4183
#55 0x00007f80642c5b36 in KApplication::notify (this=0x7fff93374560, receiver=0x1f7ff80, event=0x7fff933740b0)
    at /var/tmp/portage/kde-base/kdelibs-4.4.1-r1/work/kdelibs-4.4.1/kdeui/kernel/kapplication.cpp:302
#56 0x00007f8063b1061b in QCoreApplication::notifyInternal (this=0x7fff93374560, receiver=0x1f7ff80, event=0x7fff933740b0) at kernel/qcoreapplication.cpp:704
#57 0x00007f8063b3cf12 in QCoreApplication::sendEvent (this=0x1963440) at kernel/qcoreapplication.h:215
#58 QTimerInfoList::activateTimers (this=0x1963440) at kernel/qeventdispatcher_unix.cpp:603
#59 0x00007f8063b39d08 in timerSourceDispatch (source=<value optimized out>) at kernel/qeventdispatcher_glib.cpp:184
#60 idleTimerSourceDispatch (source=<value optimized out>) at kernel/qeventdispatcher_glib.cpp:231
#61 0x00007f805ecb94cd in g_main_dispatch (context=0x194e440) at gmain.c:1960
#62 IA__g_main_context_dispatch (context=0x194e440) at gmain.c:2513
#63 0x00007f805ecbce88 in g_main_context_iterate (context=0x194e440, block=<value optimized out>, dispatch=<value optimized out>, self=<value optimized out>) at gmain.c:2591
#64 0x00007f805ecbcfb0 in IA__g_main_context_iteration (context=0x194e440, may_block=1) at gmain.c:2654
#65 0x00007f8063b399d3 in QEventDispatcherGlib::processEvents (this=0x18e8930, flags=<value optimized out>) at kernel/qeventdispatcher_glib.cpp:412
#66 0x00007f8062b2e8ae in QGuiEventDispatcherGlib::processEvents (this=0x2a6f188, flags=<value optimized out>) at kernel/qguieventdispatcher_glib.cpp:204
#67 0x00007f8063b0ef72 in QEventLoop::processEvents (this=<value optimized out>, flags=) at kernel/qeventloop.cpp:149
#68 0x00007f8063b0f344 in QEventLoop::exec (this=0x7fff93374350, flags=) at kernel/qeventloop.cpp:201
#69 0x00007f8063b1302b in QCoreApplication::exec () at kernel/qcoreapplication.cpp:981
#70 0x00007f8057b470e1 in kdemain (argc=<value optimized out>, argv=<value optimized out>) at /var/tmp/portage/kde-base/konqueror-4.4.1/work/konqueror-4.4.1/konqueror/src/konqmain.cpp:257
#71 0x0000000000407396 in launch (argc=2, _name=<value optimized out>, args=<value optimized out>, cwd=<value optimized out>, envc=16, envs=<value optimized out>, reset_env=false, tty=0x0, 
    avoid_loops=false, startup_id_str=0x40a7dd "0") at /var/tmp/portage/kde-base/kdelibs-4.4.1-r1/work/kdelibs-4.4.1/kinit/kinit.cpp:710
#72 0x0000000000407ff0 in handle_launcher_request (sock=9, who=<value optimized out>) at /var/tmp/portage/kde-base/kdelibs-4.4.1-r1/work/kdelibs-4.4.1/kinit/kinit.cpp:1202
#73 0x0000000000408530 in handle_requests (waitForPid=26442056) at /var/tmp/portage/kde-base/kdelibs-4.4.1-r1/work/kdelibs-4.4.1/kinit/kinit.cpp:1395
#74 0x0000000000409141 in main (argc=4, argv=<value optimized out>, envp=<value optimized out>) at /var/tmp/portage/kde-base/kdelibs-4.4.1-r1/work/kdelibs-4.4.1/kinit/kinit.cpp:1834

Reported using DrKonqi
Comment 1 Dario Andres 2010-03-22 01:24:06 UTC 
I can reproduce the crash, here using:

Qt: 4.6.2 (kde-qt master commit 62cda737405d0f2163094c44189cfd71ca3c576a
        Date:   Mon Feb 15 14:37:02 2010 +0100)
KDE Development Platform: 4.4.68 (KDE 4.4.68 (KDE 4.5 >= 20100318))
kdelibs svn rev. 1105269 / kdebase svn rev. 1105269
on ArchLinux i686 - Kernel 2.6.32.9

However I'm getting a backtrace a bit different:

#11 0xb2d9841d in khtml::RenderBlock::createLineBoxes (this=0x947a6dc, obj=0x947a5d4) at /home/kde-devel/kde/src/KDE/kdelibs/khtml/rendering/bidi.cpp:651
#12 0xb2d98708 in khtml::RenderBlock::constructLine (this=0x947a6dc, end=...) at /home/kde-devel/kde/src/KDE/kdelibs/khtml/rendering/bidi.cpp:698
#13 0xb2d9aca9 in khtml::RenderBlock::layoutInlineChildren (this=0x947a6dc, relayoutChildren=false, breakBeforeLine=0) at /home/kde-devel/kde/src/KDE/kdelibs/khtml/rendering/bidi.cpp:1520
#14 0xb2da3c2e in khtml::RenderBlock::layoutBlock (this=0x947a6dc, relayoutChildren=false) at /home/kde-devel/kde/src/KDE/kdelibs/khtml/rendering/render_block.cpp:834
...

The unique interesting line from valgrind was that "`obj->isInlineFlow() || obj == this'" failed
Comment 2 Andrea Iacovitti 2013-12-06 21:16:04 UTC 
No longer reproducible using KDE 4.11.4