Bug 288793 - KMail crashed when I clicked on a submit button in an HTML mail
Summary: KMail crashed when I clicked on a submit button in an HTML mail
Status: RESOLVED UPSTREAM
Alias: None
Product: kmail2
Classification: Applications
Component: general (show other bugs)
Version: unspecified
Platform: openSUSE Linux
: NOR crash
Target Milestone: ---
Assignee: kdepim bugs
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2011-12-12 12:14 UTC by Gregor Petrin
Modified: 2011-12-13 10:40 UTC (History)
1 user (show)

See Also:
Latest Commit:
Version Fixed In:

Attachments
Add an attachment

Note You need to log in before you can comment on or make changes to this bug.
Description Gregor Petrin 2011-12-12 12:14:56 UTC 
Application: kmail (4.7.4)
KDE Platform Version: 4.7.4 (4.7.4) "release 11"
Qt Version: 4.7.4
Operating System: Linux 3.1.0-1.2-desktop x86_64
Distribution: "openSUSE 12.1 (x86_64)"

-- Information about the crash:
- What I was doing when the application crashed:

I received an email from Google Checkout asking me to rate my shopping experience (I bought a product a week ago or so). The HTML email contains several images, checkboxes for selecting a rating, a textbox and a submit button. If I select one of the checkboxes and click the submit button, KMail crashes.

The crash can be reproduced every time.

-- Backtrace:
Application: KMail (kmail), signal: Segmentation fault
[Current thread is 1 (Thread 0x7fec41957760 (LWP 28285))]

Thread 3 (Thread 0x7fec23e83700 (LWP 28289)):
#0  0x00007fec3cb25e6c in pthread_cond_wait@@GLIBC_2.3.2 () from /lib64/libpthread.so.0
#1  0x00007fec332629dc in WTF::TCMalloc_PageHeap::scavengerThread (this=0x7fec33c19200) at ../../../Source/JavaScriptCore/wtf/FastMalloc.cpp:2495
#2  0x00007fec33262b09 in WTF::TCMalloc_PageHeap::runScavengerThread (context=<optimized out>) at ../../../Source/JavaScriptCore/wtf/FastMalloc.cpp:1618
#3  0x00007fec3cb21f05 in start_thread () from /lib64/libpthread.so.0
#4  0x00007fec3ed0053d in clone () from /lib64/libc.so.6

Thread 2 (Thread 0x7fec23582700 (LWP 28290)):
#0  0x00007fec3ecf7423 in poll () from /lib64/libc.so.6
#1  0x00007fec36f91a98 in ?? () from /usr/lib64/libglib-2.0.so.0
#2  0x00007fec36f91f59 in g_main_context_iteration () from /usr/lib64/libglib-2.0.so.0
#3  0x00007fec40302576 in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib64/libQtCore.so.4
#4  0x00007fec402d6a22 in QEventLoop::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib64/libQtCore.so.4
#5  0x00007fec402d6c1f in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib64/libQtCore.so.4
#6  0x00007fec401ee5df in QThread::exec() () from /usr/lib64/libQtCore.so.4
#7  0x00007fec401f1025 in ?? () from /usr/lib64/libQtCore.so.4
#8  0x00007fec3cb21f05 in start_thread () from /lib64/libpthread.so.0
#9  0x00007fec3ed0053d in clone () from /lib64/libc.so.6

Thread 1 (Thread 0x7fec41957760 (LWP 28285)):
[KCrash Handler]
#6  WebCore::RenderObject::absoluteBoundingBoxRect (this=0x0, useTransforms=true) at ../../../Source/WebCore/rendering/RenderObject.cpp:1073
#7  0x00007fec32989852 in QWebHitTestResultPrivate::QWebHitTestResultPrivate (this=0x3ca0270, hitTest=...) at ../../../../Source/WebKit/qt/Api/qwebframe.cpp:1705
#8  0x00007fec32989dd2 in QWebFrame::hitTestContent (this=<optimized out>, pos=...) at ../../../../Source/WebKit/qt/Api/qwebframe.cpp:1420
#9  0x00007fec381cc590 in MessageViewer::MailWebView::linkOrImageUrlAt (this=0xae3270, global=...) at /usr/src/debug/kdepim-4.7.4/messageviewer/mailwebview_webkit.cpp:256
#10 0x00007fec381b0cb2 in MessageViewer::ViewerPrivate::eventFilter (this=0xad39f0, e=0x7fffd579aec0) at /usr/src/debug/kdepim-4.7.4/messageviewer/viewer_p.cpp:992
#11 0x00007fec402d79a8 in QCoreApplicationPrivate::sendThroughObjectEventFilters(QObject*, QEvent*) () from /usr/lib64/libQtCore.so.4
#12 0x00007fec3f6a6baf in QApplicationPrivate::notify_helper(QObject*, QEvent*) () from /usr/lib64/libQtGui.so.4
#13 0x00007fec3f6ac36b in QApplication::notify(QObject*, QEvent*) () from /usr/lib64/libQtGui.so.4
#14 0x00007fec41371186 in KApplication::notify (this=0x7fffd579bc80, receiver=0xae3270, event=0x7fffd579aec0) at /usr/src/debug/kdelibs-4.7.4/kdeui/kernel/kapplication.cpp:311
#15 0x00007fec402d781c in QCoreApplication::notifyInternal(QObject*, QEvent*) () from /usr/lib64/libQtCore.so.4
#16 0x00007fec3f6a7bb2 in QApplicationPrivate::sendMouseEvent(QWidget*, QMouseEvent*, QWidget*, QWidget*, QWidget**, QPointer<QWidget>&, bool) () from /usr/lib64/libQtGui.so.4
#17 0x00007fec3f723b55 in ?? () from /usr/lib64/libQtGui.so.4
#18 0x00007fec3f722a2a in QApplication::x11ProcessEvent(_XEvent*) () from /usr/lib64/libQtGui.so.4
#19 0x00007fec3f74a2a2 in ?? () from /usr/lib64/libQtGui.so.4
#20 0x00007fec36f9158d in g_main_context_dispatch () from /usr/lib64/libglib-2.0.so.0
#21 0x00007fec36f91d88 in ?? () from /usr/lib64/libglib-2.0.so.0
#22 0x00007fec36f91f59 in g_main_context_iteration () from /usr/lib64/libglib-2.0.so.0
#23 0x00007fec4030250f in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib64/libQtCore.so.4
#24 0x00007fec3f749f2e in ?? () from /usr/lib64/libQtGui.so.4
#25 0x00007fec402d6a22 in QEventLoop::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib64/libQtCore.so.4
#26 0x00007fec402d6c1f in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib64/libQtCore.so.4
#27 0x00007fec402dade7 in QCoreApplication::exec() () from /usr/lib64/libQtCore.so.4
#28 0x0000000000402df3 in ?? ()
#29 0x00007fec3ec4823d in __libc_start_main () from /lib64/libc.so.6
#30 0x00000000004032d5 in _start ()

Reported using DrKonqi
Comment 1 Laurent Montel 2011-12-12 12:42:45 UTC 
webkit bug
Comment 2 Gregor Petrin 2011-12-12 12:44:15 UTC 
Do you want me to refile the bug (and mark it as resolved here) or something like that?
Comment 3 Laurent Montel 2011-12-13 08:56:59 UTC 
Close this bug as upstream and create a bug report to qtwebkit.
Regards
Comment 4 Gregor Petrin 2011-12-13 10:40:12 UTC 
Submitted upstream, link: https://bugs.webkit.org/show_bug.cgi?id=74394