263290 – [testcase] Konq segfaults at http://www.dance-tunes.com/text/page/faq

Bug 263290 - [testcase] Konq segfaults at http://www.dance-tunes.com/text/page/faq

Summary: [testcase] Konq segfaults at http://www.dance-tunes.com/text/page/faq

Status:	RESOLVED UNMAINTAINED

Alias:	None

Product:	konqueror
Classification:	Applications
Component:	khtml (show other bugs)
Version:	4.13.2
Platform:	Fedora RPMs Linux

Importance:	NOR crash
Target Milestone:	---
Assignee:	Konqueror Developers

URL:
Keywords:	testcase

Duplicates (2):	285914 333379 (view as bug list)
Depends on:
Blocks:

Reported:	2011-01-16 04:30 UTC by Andreas Nordal
Modified:	2024-05-06 18:40 UTC (History)
CC List:	3 users (show)

See Also:
Latest Commit:
Version Fixed In:

Attachments
Add an attachment

Note You need to log in before you can comment on or make changes to this bug.

Description Andreas Nordal 2011-01-16 04:30:16 UTC

Application: konqueror (4.5.5 (KDE 4.5.5))
KDE Platform Version: 4.5.5 (KDE 4.5.5)
Qt Version: 4.7.1
Operating System: Linux 2.6.35.10-74.fc14.x86_64 x86_64
Distribution (Platform): Fedora RPMs

-- Information about the crash:
Konqueror crashes instantly and reliably when visiting http://www.dance-tunes.com/text/page/faq.

Partially reduced testcase: http://nerdvar.com/A/konq-errors/faq.html
I reduced the HTML, but not the garbled javascript. The HTML must be incorrect for this bug to work.

The crash can be reproduced every time.

-- Backtrace:
Application: Konqueror (konqueror), signal: Segmentation fault
[KCrash Handler]
#6  0x0000003a81f19134 in requiresLineBox (this=0xf31a78, start=..., bidi=...) at /usr/src/debug/kdelibs-4.5.5/khtml/rendering/bidi.cpp:1829
#7  khtml::RenderBlock::findNextLineBreak (this=0xf31a78, start=..., bidi=...) at /usr/src/debug/kdelibs-4.5.5/khtml/rendering/bidi.cpp:1898
#8  0x0000003a81f1b830 in khtml::RenderBlock::layoutInlineChildren (this=0xf31a78, relayoutChildren=false, breakBeforeLine=0) at /usr/src/debug/kdelibs-4.5.5/khtml/rendering/bidi.cpp:1506
#9  0x0000003a81f2620d in khtml::RenderBlock::layoutBlock (this=0xf31a78, relayoutChildren=false) at /usr/src/debug/kdelibs-4.5.5/khtml/rendering/render_block.cpp:835
#10 0x0000003a81f25904 in layoutIfNeeded (this=0xf319b0, relayoutChildren=false) at /usr/src/debug/kdelibs-4.5.5/khtml/rendering/render_object.h:480
#11 khtml::RenderBlock::layoutBlockChildren (this=0xf319b0, relayoutChildren=false) at /usr/src/debug/kdelibs-4.5.5/khtml/rendering/render_block.cpp:1558
#12 0x0000003a81f2601d in khtml::RenderBlock::layoutBlock (this=0xf319b0, relayoutChildren=false) at /usr/src/debug/kdelibs-4.5.5/khtml/rendering/render_block.cpp:837
#13 0x0000003a81f25904 in layoutIfNeeded (this=0xf318e8, relayoutChildren=false) at /usr/src/debug/kdelibs-4.5.5/khtml/rendering/render_object.h:480
#14 khtml::RenderBlock::layoutBlockChildren (this=0xf318e8, relayoutChildren=false) at /usr/src/debug/kdelibs-4.5.5/khtml/rendering/render_block.cpp:1558
#15 0x0000003a81f2601d in khtml::RenderBlock::layoutBlock (this=0xf318e8, relayoutChildren=false) at /usr/src/debug/kdelibs-4.5.5/khtml/rendering/render_block.cpp:837
#16 0x0000003a81f81f9c in khtml::RenderBody::layout (this=0xf318e8) at /usr/src/debug/kdelibs-4.5.5/khtml/rendering/render_body.cpp:91
#17 0x0000003a81f25904 in layoutIfNeeded (this=0xf31768, relayoutChildren=false) at /usr/src/debug/kdelibs-4.5.5/khtml/rendering/render_object.h:480
#18 khtml::RenderBlock::layoutBlockChildren (this=0xf31768, relayoutChildren=false) at /usr/src/debug/kdelibs-4.5.5/khtml/rendering/render_block.cpp:1558
#19 0x0000003a81f2601d in khtml::RenderBlock::layoutBlock (this=0xf31768, relayoutChildren=false) at /usr/src/debug/kdelibs-4.5.5/khtml/rendering/render_block.cpp:837
#20 0x0000003a81f25904 in layoutIfNeeded (this=0xf31570, relayoutChildren=false) at /usr/src/debug/kdelibs-4.5.5/khtml/rendering/render_object.h:480
#21 khtml::RenderBlock::layoutBlockChildren (this=0xf31570, relayoutChildren=false) at /usr/src/debug/kdelibs-4.5.5/khtml/rendering/render_block.cpp:1558
#22 0x0000003a81f2601d in khtml::RenderBlock::layoutBlock (this=0xf31570, relayoutChildren=false) at /usr/src/debug/kdelibs-4.5.5/khtml/rendering/render_block.cpp:837
#23 0x0000003a81f7e2f2 in khtml::RenderCanvas::layout (this=0xf31570) at /usr/src/debug/kdelibs-4.5.5/khtml/rendering/render_canvas.cpp:191
#24 0x0000003a81ded930 in KHTMLView::layout (this=0xd2dab0) at /usr/src/debug/kdelibs-4.5.5/khtml/khtmlview.cpp:1019
#25 0x0000003a81dee225 in KHTMLView::paintEvent (this=0xd2dab0, e=<value optimized out>) at /usr/src/debug/kdelibs-4.5.5/khtml/khtmlview.cpp:917
#26 0x0000003977a08f9a in QWidget::event (this=0xd2dab0, event=0x7fff2d7a7e50) at kernel/qwidget.cpp:8346
#27 0x0000003977db38e6 in QFrame::event (this=0xd2dab0, e=0x7fff2d7a7e50) at widgets/qframe.cpp:557
#28 0x0000003a81de6a25 in KHTMLView::widgetEvent (this=0xd2dab0, e=<value optimized out>) at /usr/src/debug/kdelibs-4.5.5/khtml/khtmlview.cpp:2362
#29 0x0000003a81de6dc4 in KHTMLView::eventFilter (this=0xd2dab0, o=0xd413d0, e=0x7fff2d7a7e50) at /usr/src/debug/kdelibs-4.5.5/khtml/khtmlview.cpp:2207
#30 0x000000397615b937 in QCoreApplicationPrivate::sendThroughObjectEventFilters (this=<value optimized out>, receiver=0xd413d0, event=0x7fff2d7a7e50) at kernel/qcoreapplication.cpp:847
#31 0x00000039779b7891 in QApplicationPrivate::notify_helper (this=0x639e70, receiver=0xd413d0, e=0x7fff2d7a7e50) at kernel/qapplication.cpp:4441
#32 0x00000039779bc3da in QApplication::notify (this=<value optimized out>, receiver=0xd413d0, e=0x7fff2d7a7e50) at kernel/qapplication.cpp:4324
#33 0x0000003a7a620596 in KApplication::notify (this=0x7fff2d7ab3a0, receiver=0xd413d0, event=0x7fff2d7a7e50) at /usr/src/debug/kdelibs-4.5.5/kdeui/kernel/kapplication.cpp:310
#34 0x000000397615b7ac in QCoreApplication::notifyInternal (this=0x7fff2d7ab3a0, receiver=0xd413d0, event=0x7fff2d7a7e50) at kernel/qcoreapplication.cpp:732
#35 0x0000003977a05e68 in sendSpontaneousEvent (this=0xd522f0, pdev=0x723e38, rgn=..., offset=..., flags=4, sharedPainter=0x0, backingStore=0xcd0dc0) at ../../src/corelib/kernel/qcoreapplication.h:218
#36 QWidgetPrivate::drawWidget (this=0xd522f0, pdev=0x723e38, rgn=..., offset=..., flags=4, sharedPainter=0x0, backingStore=0xcd0dc0) at kernel/qwidget.cpp:5433
#37 0x0000003977a06a2f in QWidgetPrivate::paintSiblingsRecursive (this=0xd2de50, pdev=0x723e38, siblings=<value optimized out>, index=<value optimized out>, rgn=..., offset=..., flags=4, sharedPainter=0x0, backingStore=0xcd0dc0) at kernel/qwidget.cpp:5640
#38 0x0000003977a05baa in QWidgetPrivate::drawWidget (this=0xd2de50, pdev=0x723e38, rgn=..., offset=..., flags=<value optimized out>, sharedPainter=0x0, backingStore=0xcd0dc0) at kernel/qwidget.cpp:5486
#39 0x0000003977a06a2f in QWidgetPrivate::paintSiblingsRecursive (this=0xd2db10, pdev=0x723e38, siblings=<value optimized out>, index=<value optimized out>, rgn=..., offset=..., flags=4, sharedPainter=0x0, backingStore=0xcd0dc0) at kernel/qwidget.cpp:5640
#40 0x0000003977a05baa in QWidgetPrivate::drawWidget (this=0xd2db10, pdev=0x723e38, rgn=..., offset=..., flags=<value optimized out>, sharedPainter=0x0, backingStore=0xcd0dc0) at kernel/qwidget.cpp:5486
#41 0x0000003977a06a2f in QWidgetPrivate::paintSiblingsRecursive (this=0xd400f0, pdev=0x723e38, siblings=<value optimized out>, index=<value optimized out>, rgn=..., offset=..., flags=4, sharedPainter=0x0, backingStore=0xcd0dc0) at kernel/qwidget.cpp:5640
#42 0x0000003977a05baa in QWidgetPrivate::drawWidget (this=0xd400f0, pdev=0x723e38, rgn=..., offset=..., flags=<value optimized out>, sharedPainter=0x0, backingStore=0xcd0dc0) at kernel/qwidget.cpp:5486
#43 0x0000003977a06a2f in QWidgetPrivate::paintSiblingsRecursive (this=0xccbbf0, pdev=0x723e38, siblings=<value optimized out>, index=<value optimized out>, rgn=..., offset=..., flags=4, sharedPainter=0x0, backingStore=0xcd0dc0) at kernel/qwidget.cpp:5640
#44 0x0000003977a05baa in QWidgetPrivate::drawWidget (this=0xccbbf0, pdev=0x723e38, rgn=..., offset=..., flags=<value optimized out>, sharedPainter=0x0, backingStore=0xcd0dc0) at kernel/qwidget.cpp:5486
#45 0x0000003977a06a2f in QWidgetPrivate::paintSiblingsRecursive (this=0xc0b690, pdev=0x723e38, siblings=<value optimized out>, index=<value optimized out>, rgn=..., offset=..., flags=4, sharedPainter=0x0, backingStore=0xcd0dc0) at kernel/qwidget.cpp:5640
#46 0x0000003977a05baa in QWidgetPrivate::drawWidget (this=0xc0b690, pdev=0x723e38, rgn=..., offset=..., flags=<value optimized out>, sharedPainter=0x0, backingStore=0xcd0dc0) at kernel/qwidget.cpp:5486
#47 0x0000003977a06a2f in QWidgetPrivate::paintSiblingsRecursive (this=0xc0b410, pdev=0x723e38, siblings=<value optimized out>, index=<value optimized out>, rgn=..., offset=..., flags=4, sharedPainter=0x0, backingStore=0xcd0dc0) at kernel/qwidget.cpp:5640
#48 0x0000003977a068ec in QWidgetPrivate::paintSiblingsRecursive (this=0xc0b410, pdev=0x723e38, siblings=..., index=0, rgn=..., offset=..., flags=4, sharedPainter=0x0, backingStore=0xcd0dc0) at kernel/qwidget.cpp:5627
#49 0x0000003977a068ec in QWidgetPrivate::paintSiblingsRecursive (this=0xc0b410, pdev=0x723e38, siblings=..., index=1, rgn=..., offset=..., flags=4, sharedPainter=0x0, backingStore=0xcd0dc0) at kernel/qwidget.cpp:5627
#50 0x0000003977a068ec in QWidgetPrivate::paintSiblingsRecursive (this=0xc0b410, pdev=0x723e38, siblings=..., index=2, rgn=..., offset=..., flags=4, sharedPainter=0x0, backingStore=0xcd0dc0) at kernel/qwidget.cpp:5627
#51 0x0000003977a05baa in QWidgetPrivate::drawWidget (this=0xc0b410, pdev=0x723e38, rgn=..., offset=..., flags=<value optimized out>, sharedPainter=0x0, backingStore=0xcd0dc0) at kernel/qwidget.cpp:5486
#52 0x0000003977a06a2f in QWidgetPrivate::paintSiblingsRecursive (this=0x753d60, pdev=0x723e38, siblings=<value optimized out>, index=<value optimized out>, rgn=..., offset=..., flags=4, sharedPainter=0x0, backingStore=0xcd0dc0) at kernel/qwidget.cpp:5640
#53 0x0000003977a05baa in QWidgetPrivate::drawWidget (this=0x753d60, pdev=0x723e38, rgn=..., offset=..., flags=<value optimized out>, sharedPainter=0x0, backingStore=0xcd0dc0) at kernel/qwidget.cpp:5486
#54 0x0000003977bc8fe9 in QWidgetBackingStore::sync (this=0xcd0dc0) at painting/qbackingstore.cpp:1333
#55 0x00000039779fc1b0 in QWidgetPrivate::syncBackingStore (this=0x753d60) at kernel/qwidget.cpp:1816
#56 0x0000003977a094a2 in QWidget::event (this=0x732320, event=0x1009df0) at kernel/qwidget.cpp:8493
#57 0x0000003977dcd56b in QMainWindow::event (this=0x732320, event=0x1009df0) at widgets/qmainwindow.cpp:1478
#58 0x0000003a7a724443 in KXmlGuiWindow::event (this=0x732320, ev=0x1009df0) at /usr/src/debug/kdelibs-4.5.5/kdeui/xmlgui/kxmlguiwindow.cpp:132
#59 0x0000003a7c07a57c in KonqMainWindow::event (this=0x732320, e=0x1009df0) at /usr/src/debug/kdebase-4.5.5/apps/konqueror/src/konqmainwindow.cpp:5594
#60 0x00000039779b78c4 in QApplicationPrivate::notify_helper (this=0x639e70, receiver=0x732320, e=0x1009df0) at kernel/qapplication.cpp:4445
#61 0x00000039779bc3da in QApplication::notify (this=<value optimized out>, receiver=0x732320, e=0x1009df0) at kernel/qapplication.cpp:4324
#62 0x0000003a7a620596 in KApplication::notify (this=0x7fff2d7ab3a0, receiver=0x732320, event=0x1009df0) at /usr/src/debug/kdelibs-4.5.5/kdeui/kernel/kapplication.cpp:310
#63 0x000000397615b7ac in QCoreApplication::notifyInternal (this=0x7fff2d7ab3a0, receiver=0x732320, event=0x1009df0) at kernel/qcoreapplication.cpp:732
#64 0x000000397615ef95 in sendEvent (receiver=0x0, event_type=0, data=0x61e5f0) at kernel/qcoreapplication.h:215
#65 QCoreApplicationPrivate::sendPostedEvents (receiver=0x0, event_type=0, data=0x61e5f0) at kernel/qcoreapplication.cpp:1373
#66 0x0000003976186723 in sendPostedEvents (s=0x63da40) at kernel/qcoreapplication.h:220
#67 postEventSourceDispatch (s=0x63da40) at kernel/qeventdispatcher_glib.cpp:277
#68 0x0000003369a41e33 in g_main_dispatch (context=0x63c920) at gmain.c:2149
#69 g_main_context_dispatch (context=0x63c920) at gmain.c:2702
#70 0x0000003369a42610 in g_main_context_iterate (context=0x63c920, block=1, dispatch=1, self=<value optimized out>) at gmain.c:2780
#71 0x0000003369a428ad in g_main_context_iteration (context=0x63c920, may_block=1) at gmain.c:2843
#72 0x00000039761868bf in QEventDispatcherGlib::processEvents (this=0x61dce0, flags=<value optimized out>) at kernel/qeventdispatcher_glib.cpp:415
#73 0x0000003977a5c59e in QGuiEventDispatcherGlib::processEvents (this=<value optimized out>, flags=<value optimized out>) at kernel/qguieventdispatcher_glib.cpp:207
#74 0x000000397615ab42 in QEventLoop::processEvents (this=<value optimized out>, flags=...) at kernel/qeventloop.cpp:149
#75 0x000000397615ad8c in QEventLoop::exec (this=0x7fff2d7ab170, flags=...) at kernel/qeventloop.cpp:201
#76 0x000000397615f24b in QCoreApplication::exec () at kernel/qcoreapplication.cpp:1009
#77 0x0000003a7c0b2a6a in kdemain (argc=<value optimized out>, argv=<value optimized out>) at /usr/src/debug/kdebase-4.5.5/apps/konqueror/src/konqmain.cpp:219
#78 0x0000003367e1ee7d in __libc_start_main (main=0x4008a0 <main(int, char**)>, argc=2, ubp_av=0x7fff2d7abc48, init=<value optimized out>, fini=<value optimized out>, rtld_fini=<value optimized out>, stack_end=0x7fff2d7abc38) at libc-start.c:226
#79 0x00000000004007c9 in _start ()

This bug may be a duplicate of or related to bug 238600.

Possible duplicates by query: bug 255818, bug 253814, bug 238600, bug 233703.

Reported using DrKonqi

Comment 1 Tommi Tervo 2011-01-16 12:38:17 UTC


*** This bug has been marked as a duplicate of bug 238600 ***

Comment 2 Andreas Nordal 2012-02-09 00:33:33 UTC

I can not reproduce bug 238600, but I can reproduce this.

Comment 3 Andrea Iacovitti 2014-12-02 11:23:27 UTC

*** Bug 285914 has been marked as a duplicate of this bug. ***

Comment 4 Andrea Iacovitti 2014-12-02 11:25:01 UTC

*** Bug 333379 has been marked as a duplicate of this bug. ***

Comment 5 Justin Zobel 2020-12-17 05:20:48 UTC

Thank you for the crash report.

As it has been a while since this was reported, can you please test and confirm if this issue is still occurring or if this bug report can be marked as resolved.

I have set the bug status to "needsinfo" pending your response, please change back to "reported" or "resolved/worksforme" when you respond, thank you.

Comment 6 Bug Janitor Service 2021-01-01 04:34:23 UTC

Dear Bug Submitter,

This bug has been in NEEDSINFO status with no change for at least
15 days. Please provide the requested information as soon as
possible and set the bug status as REPORTED. Due to regular bug
tracker maintenance, if the bug is still in NEEDSINFO status with
no change in 30 days the bug will be closed as RESOLVED > WORKSFORME
due to lack of needed information.

For more information about our bug triaging procedures please read the
wiki located here:
https://community.kde.org/Guidelines_and_HOWTOs/Bug_triaging

If you have already provided the requested information, please
mark the bug as REPORTED so that the KDE team knows that the bug is
ready to be confirmed.

Thank you for helping us make KDE software even better for everyone!

Comment 7 Graeme Hewson 2021-01-01 07:24:54 UTC

Segmentation fault occurs using KHTML on partially reduced testcase in original report.

The original FAQ page appears not to exist any more -- URL redirects to dance-tunes.com home page. Segmentation fault doesn't occur using WebEngine.

Comment 8 Christoph Cullmann 2024-05-06 18:40:02 UTC

Dear user,

KHTML (and KJS) was a long time more or less unmaintained and got removed in KF6.

Please migrate to use a QWebEngine based HTML component.

We will do no further fixes or improvements to the KF5 branches of these components beside important security fixes.

For security issues, please see:

https://kde.org/info/security/

Sorry that we did not fix this issue during the life-time of KHTML.

Greetings
Christoph Cullmann