Version: SVN (using Devel)
I was trying to report feedback using http://kde-look.org/feedback/ Clicking into the Spam protection field "Type the two words" I got a crash without a backtrace.
Running in gdb I get a backtrace indicating a stack overflow due to this infinite recursion (the displayed part repeats infinitively):
#17049 0xb2bccaea in khtml::RenderWidget::handleEvent (this=0x8803270, ev=...) at /local/svn/kde/trunk/KDE/kdelibs/khtml/rendering/render_replaced.cpp:1069
#17050 0xb2b20eee in DOM::HTMLFrameElementImpl::defaultEventHandler (this=0x8615cc8, e=0x8721ff0) at /local/svn/kde/trunk/KDE/kdelibs/khtml/html/html_baseimpl.cpp:303
#17051 0xb2abba85 in DOM::NodeImpl::dispatchGenericEvent (this=0x8615cd0, evt=0x8721ff0) at /local/svn/kde/trunk/KDE/kdelibs/khtml/xml/dom_nodeimpl.cpp:494
#17052 0xb2abb564 in DOM::NodeImpl::dispatchEvent (this=0x8615cd0, evt=0x8721ff0, exceptioncode=@0xbfba8518, tempEvent=true) at /local/svn/kde/trunk/KDE/kdelibs/khtml/xml/dom_nodeimpl.cpp:401
#17053 0xb2a164c6 in KHTMLView::dispatchMouseEvent (this=0x844f0c0, eventId=7, targetNode=0x8615cd0, targetNodeNonShared=0x87320e0, cancelable=false, detail=0, _mouse=0xbfba8cbc, setUnder=true,
#17054 0xb2a09c52 in KHTMLView::mouseMoveEvent (this=0x844f0c0, _mouse=0xbfba8cbc) at /local/svn/kde/trunk/KDE/kdelibs/khtml/khtmlview.cpp:1362
#17055 0xb65843ec in QWidget::event (this=0x844f0c0, event=0xbfba8cbc) at /local/git/Qt/qt/src/gui/kernel/qwidget.cpp:8143
#17056 0xb69807a3 in QFrame::event (this=0x844f0c0, e=0xbfba8cbc) at /local/git/Qt/qt/src/gui/widgets/qframe.cpp:557
#17057 0xb2a0e4ea in KHTMLView::widgetEvent (this=0x844f0c0, e=0xbfba8cbc) at /local/svn/kde/trunk/KDE/kdelibs/khtml/khtmlview.cpp:2362
#17058 0xb2a0deaf in KHTMLView::eventFilter (this=0x844f0c0, o=0x844ef80, e=0xbfba8cbc) at /local/svn/kde/trunk/KDE/kdelibs/khtml/khtmlview.cpp:2207
#17059 0xb709500a in QCoreApplicationPrivate::sendThroughObjectEventFilters (this=0x806a398, receiver=0x844ef80, event=0xbfba8cbc) at /local/git/Qt/qt/src/corelib/kernel/qcoreapplication.cpp:847
#17060 0xb652a830 in QApplicationPrivate::notify_helper (this=0x806a398, receiver=0x844ef80, e=0xbfba8cbc) at /local/git/Qt/qt/src/gui/kernel/qapplication.cpp:4385
#17061 0xb6533be9 in QApplication::notify (this=0xbffff054, receiver=0x86c0ee8, e=0xbfba8f20) at /local/git/Qt/qt/src/gui/kernel/qapplication.cpp:3952
#17062 0xb7669aee in KApplication::notify (this=0xbffff054, receiver=0x86c0ee8, event=0xbfba8f20) at /local/svn/kde/trunk/KDE/kdelibs/kdeui/kernel/kapplication.cpp:309
#17063 0xb7094e6b in QCoreApplication::notifyInternal (this=0xbffff054, receiver=0x86c0ee8, event=0xbfba8f20) at /local/git/Qt/qt/src/corelib/kernel/qcoreapplication.cpp:732
#17064 0xb2a1c32b in QCoreApplication::sendEvent (receiver=0x86c0ee8, event=0xbfba8f20) at /local/qt4/include/QtCore/qcoreapplication.h:215
Steps to Reproduce:
Click on Report Abuse link at the bottom
Click into "Type the two words"
=> Konqueror crashes
Created attachment 48699 [details]
crashtest (to be used with iframe_crash.html)
Created attachment 48700 [details]
crash test 2/2 (to be used with crash.html)
Very similar crash here:
#16682 0x00007f24e2f9ffed in KHTMLView::mouseMoveEvent (this=0x20ca010, _mouse=0x7ffff24633d0) at /d/kde/src/4/kdelibs/khtml/khtmlview.cpp:1362
#16683 0x00007f24f1d0791d in QWidget::event (this=0x20ca010, event=0x7ffff24633d0) at kernel/qwidget.cpp:8006
#16684 0x00007f24f21e1de7 in QFrame::event (this=0x20ca010, e=0x7ffff24633d0) at widgets/qframe.cpp:557
#16685 0x00007f24e2fa52c5 in KHTMLView::widgetEvent (this=0x20ca010, e=0x7ffff24633d0) at /d/kde/src/4/kdelibs/khtml/khtmlview.cpp:2362
#16686 0x00007f24e2fa4ad9 in KHTMLView::eventFilter (this=0x20ca010, o=0x20dcab0, e=0x7ffff24633d0) at /d/kde/src/4/kdelibs/khtml/khtmlview.cpp:2207
#16687 0x00007f24f31012ab in QCoreApplicationPrivate::sendThroughObjectEventFilters (this=0x18afbb0, receiver=0x20dcab0, event=0x7ffff24633d0) at kernel/qcoreapplication.c
#16688 0x00007f24f1c93b09 in QApplicationPrivate::notify_helper (this=0x18afbb0, receiver=0x20dcab0, e=0x7ffff24633d0) at kernel/qapplication.cpp:4296
#16689 0x00007f24f1c919da in QApplication::notify (this=0x7ffff28bf310, receiver=0x24d8950, e=0x7ffff2463950) at kernel/qapplication.cpp:3865
#16690 0x00007f24f3eae6f9 in KApplication::notify (this=0x7ffff28bf310, receiver=0x24d8950, event=0x7ffff2463950) at /d/kde/src/4/kdelibs/kdeui/kernel/kapplication.cpp:309
#16691 0x00007f24f3100f90 in QCoreApplication::notifyInternal (this=0x7ffff28bf310, receiver=0x24d8950, event=0x7ffff2463950) at kernel/qcoreapplication.cpp:704
#16692 0x00007f24e2fb4edf in QCoreApplication::sendEvent (receiver=0x24d8950, event=0x7ffff2463950) at /d/qt/4/kde-qt-4.6/include/QtCore/../../src/corelib/kernel/qcoreappl
#16693 0x00007f24e31bb64c in khtml::RenderWidget::handleEvent (this=0x23f3608, ev=...) at /d/kde/src/4/kdelibs/khtml/rendering/render_replaced.cpp:1069
#16694 0x00007f24e30f0bb8 in DOM::HTMLFrameElementImpl::defaultEventHandler (this=0x24ca3a0, e=0x2ed82c0) at /d/kde/src/4/kdelibs/khtml/html/html_baseimpl.cpp:303
#16695 0x00007f24e3073a02 in DOM::NodeImpl::dispatchGenericEvent (this=0x24ca3b0, evt=0x2ed82c0) at /d/kde/src/4/kdelibs/khtml/xml/dom_nodeimpl.cpp:494
#16696 0x00007f24e3073408 in DOM::NodeImpl::dispatchEvent (this=0x24ca3b0, evt=0x2ed82c0, exceptioncode=@0x7ffff2463f54, tempEvent=true) at /d/kde/src/4/kdelibs/khtml/xml/
#16697 0x00007f24e2fae485 in KHTMLView::dispatchMouseEvent (this=0x20ca010, eventId=7, targetNode=0x24ca3b0, targetNodeNonShared=0x2452960, cancelable=false, detail=0, _mo
use=0x7ffff24649f0, setUnder=true, mouseEventType=4, orient=0) at /d/kde/src/4/kdelibs/khtml/khtmlview.cpp:3747
#16698 0x00007f24e2f9ffed in KHTMLView::mouseMoveEvent (this=0x20ca010, _mouse=0x7ffff24649f0) at /d/kde/src/4/kdelibs/khtml/khtmlview.cpp:1362
#16699 0x00007f24f1d0791d in QWidget::event (this=0x20ca010, event=0x7ffff24649f0) at kernel/qwidget.cpp:8006
how do trigger the crash:
1) open the crash.html file
2) click on both radio buttons
3) click on the submit button
4) click again the radio buttons
*** Bug 269830 has been marked as a duplicate of this bug. ***
I got the example to crash konqueror when used from a local file-directory, but not when accessed via http.
Not sure what is going on with that.
Created attachment 58482 [details]
A part of the infinite loop had comments above it, warning of event duplication and question the need to do it. This patch simplies disables that part, hopefully this doesn't break anything.
Thanks Allen, the patch fixes the bug. If there are regressions because of this, I will report them clearly indicating that I applied this patch.
This is not a good patch, i have done tests building kdelibs with and without the patch and with the patch applied in severall websites konqueror takes forever to load, seams like theres no internet.
Althoutgh this patch does fix this problem, but since causes a major issue.
What you see has nothing to do with this patch, but is a recent kio issue. And you already noticed it yourself, see bug 271896...
Yes, please ignore my previous comment.
Why not commit it in trunk?
Allen, I am using your patch since nearly two months now, and I did not see any regressions. Could you commit it to master?
(In reply to comment #7)
> Created an attachment (id=58482) [details]
> Possible patch
> A part of the infinite loop had comments above it, warning of event duplication
> and question the need to do it. This patch simplies disables that part,
> hopefully this doesn't break anything.
Your patch fixes another bad bug i encountered:
open http://www.w3schools.com/tags/tryit.asp?filename=tryhtml_iframe and try to scroll down the iframe on the left of page by left clicking an moving down the vertical scrollbar -> konq will first block then simply die with "Segmentation fault".
*** Bug 271113 has been marked as a duplicate of this bug. ***
*** Bug 270829 has been marked as a duplicate of this bug. ***
I triaged this bug at http://www.w3schools.com/tags/tryit.asp?filename=tryhtml_iframe I couldn't get konqueror to crash with either of the tescase files or the URL reported by the original reporter.
I'm attaching a valgrind log which indicates that this bug leads to a stack overflow.
I cam here since I myself had a stack overflow crash, only with a different top part KJS related (KJS::Machine::runBlock KJS::FunctionImp::callAsFunction). If you are interested I got this crash when I chose firefox 3.6 as UA on gmail and I moved around while viewing an HTML draft message.
If this bug is about stack overflow maybe worthwhile to also take a look at https://bugs.kde.org/show_bug.cgi?id=258111 and eventually to mark it as duplicate.
Created attachment 68389 [details]
Valgrind log for the crash.
Crash reproduced on KDE 4.7.4 on Debian testing.
http://www.atm-molise.it/orari.asp is another page that makes konqueror close with "segmentstion fault" error: just try to scroll one of the SELECT element by moving the scollbar with the mouse.
Patch in comment #7 fixes the issue.
@Allan: I am using your patch since you posted it and AFAICT I have not observed any regression
*** Bug 299181 has been marked as a duplicate of this bug. ***
Created attachment 71388 [details]
testcase: IFRAME whose content is the attachment at comment #2
Git commit 5feb2da93c4fcd18d3a38659abb9fb040704d123 by Andrea Iacovitti.
Committed on 28/05/2012 at 07:18.
Pushed by aiacovitti into branch 'KDE/4.8'.
Do not duplicate mouse move events
(patch by Allan Sandfeld)
M +2 -2 khtml/rendering/render_replaced.cpp
*** Bug 279570 has been marked as a duplicate of this bug. ***
*** Bug 226737 has been marked as a duplicate of this bug. ***