Bug 279168 - Konqueror crashes openning http://userbase.kde.org/NetworkManagement
Summary: Konqueror crashes openning http://userbase.kde.org/NetworkManagement
Status: RESOLVED UPSTREAM
Alias: None
Product: konqueror
Classification: Applications
Component: general (show other bugs)
Version: unspecified
Platform: Fedora RPMs Linux
: NOR crash
Target Milestone: ---
Assignee: Konqueror Developers
URL:
Keywords:
: 278150 278955 279928 281636 (view as bug list)
Depends on:
Blocks:
 
Reported: 2011-08-02 13:04 UTC by Patrick Boutilier
Modified: 2011-09-08 18:46 UTC (History)
5 users (show)

See Also:
Latest Commit:
Version Fixed In: Qt 4.7.4
Sentry Crash Report:

Attachments
Add an attachment

Note You need to log in before you can comment on or make changes to this bug.
Description Patrick Boutilier 2011-08-02 13:04:32 UTC 
Application: konqueror (4.6.95 (4.7 RC2))
KDE Platform Version: 4.6.95 (4.7 RC2)
Qt Version: 4.8.0
Operating System: Linux 2.6.40-4.fc15.x86_64 x86_64
Distribution: "Fedora release 15 (Lovelock)"

-- Information about the crash:
Trying to open the following web page:

http://userbase.kde.org/NetworkManagement

The crash can be reproduced every time.

-- Backtrace:
Application: Konqueror (konqueror), signal: Segmentation fault
82	T_PSEUDO (SYSCALL_SYMBOL, SYSCALL_NAME, SYSCALL_NARGS)
[Current thread is 1 (Thread 0x7f6b4a842860 (LWP 2044))]

Thread 3 (Thread 0x7f6b3cd69700 (LWP 2061)):
#0  pthread_cond_timedwait@@GLIBC_2.3.2 () at ../nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_timedwait.S:219
#1  0x000000339587a30f in wait (time=30000, this=0x10633e0) at thread/qwaitcondition_unix.cpp:84
#2  QWaitCondition::wait (this=<optimized out>, mutex=0x1063388, time=30000) at thread/qwaitcondition_unix.cpp:158
#3  0x000000339586d93f in QThreadPoolThread::run (this=0x10aca00) at concurrent/qthreadpool.cpp:141
#4  0x0000003395879e9b in QThreadPrivate::start (arg=0x10aca00) at thread/qthread_unix.cpp:298
#5  0x00000039f8407af1 in start_thread (arg=0x7f6b3cd69700) at pthread_create.c:305
#6  0x00000039f80dfb7d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:115

Thread 2 (Thread 0x7f6b35062700 (LWP 2065)):
#0  pthread_cond_wait@@GLIBC_2.3.2 () at ../nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_wait.S:165
#1  0x000000339eb84d22 in QTWTF::TCMalloc_PageHeap::scavengerThread (this=0x339ee7e100) at ../3rdparty/javascriptcore/JavaScriptCore/wtf/FastMalloc.cpp:2359
#2  0x000000339eb84d59 in QTWTF::TCMalloc_PageHeap::runScavengerThread (context=<optimized out>) at ../3rdparty/javascriptcore/JavaScriptCore/wtf/FastMalloc.cpp:1464
#3  0x00000039f8407af1 in start_thread (arg=0x7f6b35062700) at pthread_create.c:305
#4  0x00000039f80dfb7d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:115

Thread 1 (Thread 0x7f6b4a842860 (LWP 2044)):
[KCrash Handler]
#6  QFontEngineFT::loadFlags (this=<optimized out>, set=0x0, format=<optimized out>, flags=<optimized out>, hsubpixel=@0x7fff7ed8032f, vfactor=@0x7fff7ed80328) at text/qfontengine_ft.cpp:800
#7  0x0000003396eb82c4 in QFontEngineFT::getPointInOutline (this=0x1888a90, glyph=690, flags=0, point=4, xpos=0x7fff7ed804c0, ypos=0x7fff7ed804bc, nPoints=0x7fff7ed80388) at text/qfontengine_ft.cpp:1968
#8  0x00000033958dbb0d in Get_Anchor (gpi=<optimized out>, an=0xb9da78, glyph_index=<optimized out>, x_value=0x7fff7ed804c0, y_value=0x7fff7ed804bc) at ../3rdparty/harfbuzz/src/harfbuzz-gpos.c:759
#9  0x00000033958dfc55 in Lookup_MarkBasePos (nesting_level=1, context_length=65535, flags=<optimized out>, buffer=0xb4ba40, st=0xb416d0, gpi=0x7fff7ed80540) at ../3rdparty/harfbuzz/src/harfbuzz-gpos.c:2302
#10 GPOS_Do_Glyph_Lookup (gpi=<optimized out>, lookup_index=<optimized out>, buffer=0xb4ba40, context_length=65535, nesting_level=1) at ../3rdparty/harfbuzz/src/harfbuzz-gpos.c:5805
#11 0x00000033958e4b38 in GPOS_Do_String_Lookup (buffer=0xb4ba40, lookup_index=13, gpi=0x7fff7ed80540) at ../3rdparty/harfbuzz/src/harfbuzz-gpos.c:5899
#12 HB_GPOS_Apply_String (font=<optimized out>, gpos=0xb3ad30, load_flags=<optimized out>, buffer=0xb4ba40, dvi=<optimized out>, r2l=<optimized out>) at ../3rdparty/harfbuzz/src/harfbuzz-gpos.c:6070
#13 0x00000033958e95cb in HB_OpenTypePosition (item=0x7fff7ed80900, availableGlyphs=11, doLogClusters=1 '\001') at ../3rdparty/harfbuzz/src/harfbuzz-shaper.cpp:1232
#14 0x00000033958edc74 in HB_ShapeItem (shaper_item=0x7fff7ed80900) at ../3rdparty/harfbuzz/src/harfbuzz-shaper.cpp:1364
#15 0x0000003396e17c6c in QTextEngine::shapeTextWithHarfbuzz (this=0x7fff7ed81210, item=<optimized out>) at text/qtextengine.cpp:1330
#16 0x0000003396e1850b in QTextEngine::shapeText (this=0x7fff7ed81210, item=0) at text/qtextengine.cpp:922
#17 0x0000003396e1883e in QTextEngine::shape (this=0x7fff7ed81210, item=0) at text/qtextengine.cpp:1437
#18 0x0000003396e1e50b in QTextEngine::boundingBox (this=0x7fff7ed81210, from=0, len=<optimized out>) at text/qtextengine.cpp:1727
#19 0x0000003396df554e in QFontMetrics::boundingRect (this=<optimized out>, text=...) at text/qfontmetrics.cpp:705
#20 0x0000003396f9fd8d in QComboBoxPrivate::recomputeSizeHint (this=0x198d9a0, sh=...) at widgets/qcombobox.cpp:315
#21 0x0000003396f9fff4 in QComboBox::sizeHint (this=<optimized out>) at widgets/qcombobox.cpp:2327
#22 0x00000030aa97eb02 in khtml::RenderSelect::layout (this=0x11a5738) at /usr/src/debug/kdelibs-4.6.95/khtml/rendering/render_form.cpp:1889
#23 0x00000030aa977455 in layoutIfNeeded (this=0x11a5748) at /usr/src/debug/kdelibs-4.6.95/khtml/rendering/render_object.h:480
#24 layoutIfNeeded (this=0x11a5748) at /usr/src/debug/kdelibs-4.6.95/khtml/rendering/render_form.cpp:1804
#25 khtml::RenderSelect::calcMinMaxWidth (this=0x11a5738) at /usr/src/debug/kdelibs-4.6.95/khtml/rendering/render_form.cpp:1814
#26 0x00000030aa93d49a in khtml::RenderObject::recalcMinMaxWidths (this=0x11a5748) at /usr/src/debug/kdelibs-4.6.95/khtml/rendering/render_object.cpp:2714
#27 0x00000030aa93d400 in khtml::RenderObject::recalcMinMaxWidths (this=0x11a5698) at /usr/src/debug/kdelibs-4.6.95/khtml/rendering/render_object.cpp:2700
#28 0x00000030aa93d400 in khtml::RenderObject::recalcMinMaxWidths (this=0x11a55d0) at /usr/src/debug/kdelibs-4.6.95/khtml/rendering/render_object.cpp:2700
#29 0x00000030aa93d400 in khtml::RenderObject::recalcMinMaxWidths (this=0x11a4ba8) at /usr/src/debug/kdelibs-4.6.95/khtml/rendering/render_object.cpp:2700
#30 0x00000030aa93d400 in khtml::RenderObject::recalcMinMaxWidths (this=0x11a4ae0) at /usr/src/debug/kdelibs-4.6.95/khtml/rendering/render_object.cpp:2700
#31 0x00000030aa93d400 in khtml::RenderObject::recalcMinMaxWidths (this=0x11a48f0) at /usr/src/debug/kdelibs-4.6.95/khtml/rendering/render_object.cpp:2700
#32 0x00000030aa93d400 in khtml::RenderObject::recalcMinMaxWidths (this=0xf6ab98) at /usr/src/debug/kdelibs-4.6.95/khtml/rendering/render_object.cpp:2700
#33 0x00000030aa93d400 in khtml::RenderObject::recalcMinMaxWidths (this=0xf6aad0) at /usr/src/debug/kdelibs-4.6.95/khtml/rendering/render_object.cpp:2700
#34 0x00000030aa93d400 in khtml::RenderObject::recalcMinMaxWidths (this=0xf6aa08) at /usr/src/debug/kdelibs-4.6.95/khtml/rendering/render_object.cpp:2700
#35 0x00000030aa93d400 in khtml::RenderObject::recalcMinMaxWidths (this=0xf6a940) at /usr/src/debug/kdelibs-4.6.95/khtml/rendering/render_object.cpp:2700
#36 0x00000030aa93d400 in khtml::RenderObject::recalcMinMaxWidths (this=0xf6a878) at /usr/src/debug/kdelibs-4.6.95/khtml/rendering/render_object.cpp:2700
#37 0x00000030aa93d400 in khtml::RenderObject::recalcMinMaxWidths (this=0xf6a2c8) at /usr/src/debug/kdelibs-4.6.95/khtml/rendering/render_object.cpp:2700
#38 0x00000030aa93d400 in khtml::RenderObject::recalcMinMaxWidths (this=0xf698e0) at /usr/src/debug/kdelibs-4.6.95/khtml/rendering/render_object.cpp:2700
#39 0x00000030aa93d400 in khtml::RenderObject::recalcMinMaxWidths (this=0xf69818) at /usr/src/debug/kdelibs-4.6.95/khtml/rendering/render_object.cpp:2700
#40 0x00000030aa93d400 in khtml::RenderObject::recalcMinMaxWidths (this=0xf69698) at /usr/src/debug/kdelibs-4.6.95/khtml/rendering/render_object.cpp:2700
#41 0x00000030aa93d400 in khtml::RenderObject::recalcMinMaxWidths (this=0xf694a0) at /usr/src/debug/kdelibs-4.6.95/khtml/rendering/render_object.cpp:2700
#42 0x00000030aa985e3f in khtml::RenderCanvas::layout (this=0xf694a0) at /usr/src/debug/kdelibs-4.6.95/khtml/rendering/render_canvas.cpp:182
#43 0x00000030aa7f212b in KHTMLView::layout (this=0xd73700) at /usr/src/debug/kdelibs-4.6.95/khtml/khtmlview.cpp:1007
#44 0x00000030aa7f3216 in KHTMLView::timerEvent (this=0xd73700, e=<optimized out>) at /usr/src/debug/kdelibs-4.6.95/khtml/khtmlview.cpp:4013
#45 0x000000339598ee99 in QObject::event (this=0xd73700, e=<optimized out>) at kernel/qobject.cpp:1156
#46 0x0000003396c1454b in QWidget::event (this=0xd73700, event=0x7fff7ed84e00) at kernel/qwidget.cpp:8801
#47 0x0000003396fca536 in QFrame::event (this=0xd73700, e=0x7fff7ed84e00) at widgets/qframe.cpp:557
#48 0x000000339704bd93 in QAbstractScrollArea::event (this=0xd73700, e=0x7fff7ed84e00) at widgets/qabstractscrollarea.cpp:996
#49 0x00000030aa7e8c33 in KHTMLView::event (this=0xd73700, e=0x7fff7ed84e00) at /usr/src/debug/kdelibs-4.6.95/khtml/khtmlview.cpp:546
#50 0x0000003396bc4564 in notify_helper (e=0x7fff7ed84e00, receiver=0xd73700, this=0x997bf0) at kernel/qapplication.cpp:4495
#51 QApplicationPrivate::notify_helper (this=0x997bf0, receiver=0xd73700, e=0x7fff7ed84e00) at kernel/qapplication.cpp:4467
#52 0x0000003396bc93f3 in QApplication::notify (this=0x7fff7ed85260, receiver=0xd73700, e=0x7fff7ed84e00) at kernel/qapplication.cpp:4356
#53 0x000000309c04c0c6 in KApplication::notify (this=0x7fff7ed85260, receiver=0xd73700, event=0x7fff7ed84e00) at /usr/src/debug/kdelibs-4.6.95/kdeui/kernel/kapplication.cpp:311
#54 0x000000339597616c in QCoreApplication::notifyInternal (this=0x7fff7ed85260, receiver=0xd73700, event=0x7fff7ed84e00) at kernel/qcoreapplication.cpp:853
#55 0x00000033959a6d82 in sendEvent (event=0x7fff7ed84e00, receiver=<optimized out>) at kernel/qcoreapplication.h:231
#56 QTimerInfoList::activateTimers (this=0x99c340) at kernel/qeventdispatcher_unix.cpp:611
#57 0x00000033959a477d in timerSourceDispatch (source=<optimized out>) at kernel/qeventdispatcher_glib.cpp:186
#58 timerSourceDispatch (source=<optimized out>) at kernel/qeventdispatcher_glib.cpp:180
#59 0x00000039fa8427ed in g_main_dispatch (context=0x99b4e0) at gmain.c:2441
#60 g_main_context_dispatch (context=0x99b4e0) at gmain.c:3014
#61 0x00000039fa842fc8 in g_main_context_iterate (context=0x99b4e0, block=<optimized out>, dispatch=1, self=<optimized out>) at gmain.c:3092
#62 0x00000039fa84325c in g_main_context_iteration (context=0x99b4e0, may_block=1) at gmain.c:3155
#63 0x00000033959a4faf in QEventDispatcherGlib::processEvents (this=0x973520, flags=<optimized out>) at kernel/qeventdispatcher_glib.cpp:424
#64 0x0000003396c66fbe in QGuiEventDispatcherGlib::processEvents (this=<optimized out>, flags=<optimized out>) at kernel/qguieventdispatcher_glib.cpp:207
#65 0x00000033959752a2 in QEventLoop::processEvents (this=<optimized out>, flags=...) at kernel/qeventloop.cpp:149
#66 0x00000033959754f7 in QEventLoop::exec (this=0x7fff7ed85090, flags=...) at kernel/qeventloop.cpp:204
#67 0x0000003395979f35 in QCoreApplication::exec () at kernel/qcoreapplication.cpp:1125
#68 0x000000309e4b55e2 in kdemain () from /usr/lib64/libkdeinit4_konqueror.so
#69 0x00000039f802139d in __libc_start_main (main=0x4007c0, argc=2, ubp_av=0x7fff7ed85b28, init=<optimized out>, fini=<optimized out>, rtld_fini=<optimized out>, stack_end=0x7fff7ed85b18) at libc-start.c:226
#70 0x00000000004007f1 in _start ()

Reported using DrKonqi
Comment 1 Martin Koller 2011-08-04 11:32:57 UTC 
*** Bug 278955 has been marked as a duplicate of this bug. ***
Comment 2 Martin Koller 2011-08-04 11:36:29 UTC 
*** Bug 278150 has been marked as a duplicate of this bug. ***
Comment 3 Martin Koller 2011-08-04 12:41:16 UTC 
The crash comes from Qt/harfbuzz.
Searching The qt bugreports I came across
https://bugreports.qt.nokia.com/browse/QTBUG-17238
Try running with valgrind and submit a bug report on bugreports.qt.nokia.com
Comment 4 Christophe Marin 2011-09-08 18:44:51 UTC 
*** Bug 281636 has been marked as a duplicate of this bug. ***
Comment 5 Christophe Marin 2011-09-08 18:45:33 UTC 
*** Bug 279928 has been marked as a duplicate of this bug. ***