285050 – Crashes when visiting certain websites

Bug 285050 - Crashes when visiting certain websites

Summary: Crashes when visiting certain websites

Status:	RESOLVED UPSTREAM

Alias:	None

Product:	kwebkitpart
Classification:	Frameworks and Libraries
Component:	general (show other bugs)
Version:	unspecified
Platform:	openSUSE Linux

Importance:	NOR crash
Target Milestone:	---
Assignee:	Konqueror Developers

URL:
Keywords:

Depends on:
Blocks:

Reported:	2011-10-26 22:06 UTC by Joshua Houghton
Modified:	2011-11-14 18:25 UTC (History)
CC List:	2 users (show)

See Also:
Latest Commit:
Version Fixed In:

Attachments
the webpage that crashes the browser (364.87 KB, application/x-bzip-compressed-tar) 2011-10-26 22:27 UTC, Joshua Houghton	Details
New crash information added by DrKonqi (8.63 KB, text/plain) 2011-11-01 12:10 UTC, Marcel Partap	Details
View All Add an attachment

Note You need to log in before you can comment on or make changes to this bug.

Description Joshua Houghton 2011-10-26 22:06:10 UTC

Application: konqueror (4.7.2 (4.7.2))
KDE Platform Version: 4.7.2 (4.7.2)
Qt Version: 4.7.4
Operating System: Linux 3.1.0-rc9-1-desktop x86_64
Distribution: "openSUSE 12.1 RC 1 (x86_64)"

-- Information about the crash:
- What I was doing when the application crashed:
Visiting http://www.daniweb.com/software-development/assembly/threads/306415

I have saved the webpage so i have a copy saved on my computer that i've tested and crashes the browser. Email me at joshua.j.houghton@googlemail.com if your interested.
- Custom settings of the application:
Using webkit instead of khtml. In contrast google-chrome doesn't crash, another web browser that uses webkit. Upon further investigation it doesn't crash with khtml

The crash can be reproduced every time.

-- Backtrace:
Application: Konqueror (kdeinit4), signal: Segmentation fault
[Current thread is 1 (Thread 0x7f36462ef760 (LWP 6783))]

Thread 6 (Thread 0x7f362cf72700 (LWP 6785)):
#0  0x00007f3644bd6e6c in pthread_cond_wait@@GLIBC_2.3.2 () from /lib64/libpthread.so.0
#1  0x00007f363aecb56c in WTF::TCMalloc_PageHeap::scavengerThread() () from /usr/lib64/libQtWebKit.so.4
#2  0x00007f363aecb699 in WTF::TCMalloc_PageHeap::runScavengerThread(void*) () from /usr/lib64/libQtWebKit.so.4
#3  0x00007f3644bd2f05 in start_thread () from /lib64/libpthread.so.0
#4  0x00007f364396b53d in clone () from /lib64/libc.so.6

Thread 5 (Thread 0x7f362c659700 (LWP 6786)):
#0  0x00007f3640a0ce65 in clock_gettime () from /lib64/librt.so.1
#1  0x00007f3644eb3054 in ?? () from /usr/lib64/libQtCore.so.4
#2  0x00007f3644f74b4d in ?? () from /usr/lib64/libQtCore.so.4
#3  0x00007f3644f74e83 in ?? () from /usr/lib64/libQtCore.so.4
#4  0x00007f3644f738ec in ?? () from /usr/lib64/libQtCore.so.4
#5  0x00007f3640757b22 in g_main_context_prepare () from /usr/lib64/libglib-2.0.so.0
#6  0x00007f364075892d in ?? () from /usr/lib64/libglib-2.0.so.0
#7  0x00007f3640758f59 in g_main_context_iteration () from /usr/lib64/libglib-2.0.so.0
#8  0x00007f3644f743a6 in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib64/libQtCore.so.4
#9  0x00007f3644f48882 in QEventLoop::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib64/libQtCore.so.4
#10 0x00007f3644f48a7f in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib64/libQtCore.so.4
#11 0x00007f3644e605cf in QThread::exec() () from /usr/lib64/libQtCore.so.4
#12 0x00007f3644e63015 in ?? () from /usr/lib64/libQtCore.so.4
#13 0x00007f3644bd2f05 in start_thread () from /lib64/libpthread.so.0
#14 0x00007f364396b53d in clone () from /lib64/libc.so.6

Thread 4 (Thread 0x7f35e7243700 (LWP 7106)):
#0  0x00007f3644bd6e6c in pthread_cond_wait@@GLIBC_2.3.2 () from /lib64/libpthread.so.0
#1  0x00007f35e7268bc1 in queue_processor(void*) () from /usr/lib64/IcedTeaPlugin.so
#2  0x00007f3644bd2f05 in start_thread () from /lib64/libpthread.so.0
#3  0x00007f364396b53d in clone () from /lib64/libc.so.6

Thread 3 (Thread 0x7f35e6a42700 (LWP 7107)):
#0  0x00007f3644bd6e6c in pthread_cond_wait@@GLIBC_2.3.2 () from /lib64/libpthread.so.0
#1  0x00007f35e7268bc1 in queue_processor(void*) () from /usr/lib64/IcedTeaPlugin.so
#2  0x00007f3644bd2f05 in start_thread () from /lib64/libpthread.so.0
#3  0x00007f364396b53d in clone () from /lib64/libc.so.6

Thread 2 (Thread 0x7f35e6241700 (LWP 7108)):
#0  0x00007f3644bd6e6c in pthread_cond_wait@@GLIBC_2.3.2 () from /lib64/libpthread.so.0
#1  0x00007f35e7268bc1 in queue_processor(void*) () from /usr/lib64/IcedTeaPlugin.so
#2  0x00007f3644bd2f05 in start_thread () from /lib64/libpthread.so.0
#3  0x00007f364396b53d in clone () from /lib64/libc.so.6

Thread 1 (Thread 0x7f36462ef760 (LWP 6783)):
[KCrash Handler]
#6  0x00007f363aac03c3 in WebCore::requiresLineBox(WebCore::InlineIterator const&, WebCore::LineInfo const&) () from /usr/lib64/libQtWebKit.so.4
#7  0x00007f363aac512c in WebCore::RenderBlock::LineBreaker::skipLeadingWhitespace(WebCore::BidiResolver<WebCore::InlineIterator, WebCore::BidiRun>&, WebCore::LineInfo const&, WebCore::RenderBlock::FloatingObject*, WebCore::LineWidth&) () from /usr/lib64/libQtWebKit.so.4
#8  0x00007f363aac55bf in WebCore::RenderBlock::LineBreaker::nextLineBreak(WebCore::BidiResolver<WebCore::InlineIterator, WebCore::BidiRun>&, WebCore::LineInfo&, std::pair<WebCore::RenderText*, WebCore::LazyLineBreakIterator>&, WebCore::RenderBlock::FloatingObject*) () from /usr/lib64/libQtWebKit.so.4
#9  0x00007f363aacc006 in WebCore::RenderBlock::layoutRunsAndFloats(bool, bool, WTF::Vector<WebCore::RenderBlock::FloatWithRect, 0ul>&, int&, int&) () from /usr/lib64/libQtWebKit.so.4
#10 0x00007f363aacd95f in WebCore::RenderBlock::layoutInlineChildren(bool, int&, int&) () from /usr/lib64/libQtWebKit.so.4
#11 0x00007f363aabf73b in WebCore::RenderBlock::layoutBlock(bool, int) () from /usr/lib64/libQtWebKit.so.4
#12 0x00007f363aaa2d8d in WebCore::RenderBlock::layout() () from /usr/lib64/libQtWebKit.so.4
#13 0x00007f363aab86a9 in WebCore::RenderBlock::layoutBlockChild(WebCore::RenderBox*, WebCore::RenderBlock::MarginInfo&, int&, int&) () from /usr/lib64/libQtWebKit.so.4
#14 0x00007f363aab8f60 in WebCore::RenderBlock::layoutBlockChildren(bool, int&) () from /usr/lib64/libQtWebKit.so.4
#15 0x00007f363aabf0da in WebCore::RenderBlock::layoutBlock(bool, int) () from /usr/lib64/libQtWebKit.so.4
#16 0x00007f363aaa2d8d in WebCore::RenderBlock::layout() () from /usr/lib64/libQtWebKit.so.4
#17 0x00007f363aab86a9 in WebCore::RenderBlock::layoutBlockChild(WebCore::RenderBox*, WebCore::RenderBlock::MarginInfo&, int&, int&) () from /usr/lib64/libQtWebKit.so.4
#18 0x00007f363aab8f60 in WebCore::RenderBlock::layoutBlockChildren(bool, int&) () from /usr/lib64/libQtWebKit.so.4
#19 0x00007f363aabf0da in WebCore::RenderBlock::layoutBlock(bool, int) () from /usr/lib64/libQtWebKit.so.4
#20 0x00007f363aaa2d8d in WebCore::RenderBlock::layout() () from /usr/lib64/libQtWebKit.so.4
#21 0x00007f363aab86a9 in WebCore::RenderBlock::layoutBlockChild(WebCore::RenderBox*, WebCore::RenderBlock::MarginInfo&, int&, int&) () from /usr/lib64/libQtWebKit.so.4
#22 0x00007f363aab8f60 in WebCore::RenderBlock::layoutBlockChildren(bool, int&) () from /usr/lib64/libQtWebKit.so.4
#23 0x00007f363aabf0da in WebCore::RenderBlock::layoutBlock(bool, int) () from /usr/lib64/libQtWebKit.so.4
#24 0x00007f363aaa2d8d in WebCore::RenderBlock::layout() () from /usr/lib64/libQtWebKit.so.4
#25 0x00007f363ab714d8 in WebCore::RenderView::layout() () from /usr/lib64/libQtWebKit.so.4
#26 0x00007f363a9fe4b7 in WebCore::FrameView::layout(bool) () from /usr/lib64/libQtWebKit.so.4
#27 0x00007f363aa7a072 in WebCore::ThreadTimers::sharedTimerFiredInternal() () from /usr/lib64/libQtWebKit.so.4
#28 0x00007f3644f5fcd9 in QObject::event(QEvent*) () from /usr/lib64/libQtCore.so.4
#29 0x00007f36440fbbe4 in QApplicationPrivate::notify_helper(QObject*, QEvent*) () from /usr/lib64/libQtGui.so.4
#30 0x00007f3644100a71 in QApplication::notify(QObject*, QEvent*) () from /usr/lib64/libQtGui.so.4
#31 0x00007f3645cdbe36 in KApplication::notify(QObject*, QEvent*) () from /usr/lib64/libkdeui.so.5
#32 0x00007f3644f4967c in QCoreApplication::notifyInternal(QObject*, QEvent*) () from /usr/lib64/libQtCore.so.4
#33 0x00007f3644f761c8 in ?? () from /usr/lib64/libQtCore.so.4
#34 0x00007f3644f739b4 in ?? () from /usr/lib64/libQtCore.so.4
#35 0x00007f364075858d in g_main_context_dispatch () from /usr/lib64/libglib-2.0.so.0
#36 0x00007f3640758d88 in ?? () from /usr/lib64/libglib-2.0.so.0
#37 0x00007f3640758f59 in g_main_context_iteration () from /usr/lib64/libglib-2.0.so.0
#38 0x00007f3644f7433f in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib64/libQtCore.so.4
#39 0x00007f364419eeae in ?? () from /usr/lib64/libQtGui.so.4
#40 0x00007f3644f48882 in QEventLoop::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib64/libQtCore.so.4
#41 0x00007f3644f48a7f in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib64/libQtCore.so.4
#42 0x00007f3644f4cc47 in QCoreApplication::exec() () from /usr/lib64/libQtCore.so.4
#43 0x00007f36337518e2 in kdemain () from /usr/lib64/libkdeinit4_konqueror.so
#44 0x0000000000408897 in _start ()

Reported using DrKonqi

Comment 1 Joshua Houghton 2011-10-26 22:24:54 UTC

i can't get rekonq to crash when loading this page either.

Comment 2 Joshua Houghton 2011-10-26 22:27:30 UTC

Created attachment 64917 [details]
the webpage that crashes the browser

Comment 3 Marcel Partap 2011-11-01 12:10:16 UTC

Created attachment 65110 [details]
New crash information added by DrKonqi

konqueror (4.7.2 (4.7.2)) on KDE Platform 4.7.3 (4.7.3) using Qt 4.8.0

- What I was doing when the application crashed:
Another test case:
http://www.daniweb.com/software-development/shell-scripting/threads/2805
It doesn't kill rekonq, but konqueror dies after rendering is complete (no crash if pressed ESC before that).

-- Backtrace (Reduced):
#7  0x00007f0803afcae9 in WebCore::RenderBlock::LineBreaker::skipLeadingWhitespace(WebCore::BidiResolver<WebCore::InlineIterator, WebCore::BidiRun>&, WebCore::LineInfo const&, WebCore::RenderBlock::FloatingObject*, WebCore::LineWidth&) () from /usr/lib64/qt4/libQtWebKit.so.4
#8  0x00007f0803afcdbb in WebCore::RenderBlock::LineBreaker::nextLineBreak(WebCore::BidiResolver<WebCore::InlineIterator, WebCore::BidiRun>&, WebCore::LineInfo&, std::pair<WebCore::RenderText*, WebCore::LazyLineBreakIterator>&, WebCore::RenderBlock::FloatingObject*) () from /usr/lib64/qt4/libQtWebKit.so.4
#9  0x00007f0803b05804 in WebCore::RenderBlock::layoutRunsAndFloats(bool, bool, WTF::Vector<WebCore::RenderBlock::FloatWithRect, 0ul>&, int&, int&) () from /usr/lib64/qt4/libQtWebKit.so.4
#10 0x00007f0803b06e3d in WebCore::RenderBlock::layoutInlineChildren(bool, int&, int&) () from /usr/lib64/qt4/libQtWebKit.so.4
#11 0x00007f0803af6fbc in WebCore::RenderBlock::layoutBlock(bool, int) () from /usr/lib64/qt4/libQtWebKit.so.4

Comment 4 Dawit Alemayehu 2011-11-14 18:11:28 UTC

This is an upstream issue because both links mentioned above cause QtTestBrowser from the latest QtWebKit 2.2 branch to crash.

Comment 5 Dawit Alemayehu 2011-11-14 18:25:10 UTC

Opened a ticket upstream. See https://bugs.webkit.org/show_bug.cgi?id=72285.