74394 2011-12-13 02:37:34 -0800 [Qt] Crash when submitting remote form from HTML rendered in an KMail email client 2014-02-03 03:19:24 -0800 1 1 1 Unclassified WebKit New Bugs 528+ (Nightly build) PC Linux RESOLVED INVALID P3 Major --- 0 gregap webkit-unassigned oldest_to_newest 519983 0 gregap 2011-12-13 02:37:34 -0800 I submitted this crash report to the KMail bugtracker and they told me to re-submit the bug upstream to QtWebkit ( original bug here: https://bugs.kde.org/show_bug.cgi?id=288793 ). I am attaching the HTML source of the email with authentication tokens masked. - What I was doing when the application crashed: I received an email from Google Checkout asking me to rate my shopping experience (I bought a product a week ago or so). The HTML email contains several images, checkboxes for selecting a rating, a textbox and a submit button. If I select one of the checkboxes and click the submit button, KMail crashes. The crash can be reproduced every time. -- Backtrace: Application: KMail (kmail), signal: Segmentation fault [Current thread is 1 (Thread 0x7fec41957760 (LWP 28285))] Thread 3 (Thread 0x7fec23e83700 (LWP 28289)): #0 0x00007fec3cb25e6c in pthread_cond_wait@@GLIBC_2.3.2 () from /lib64/libpthread.so.0 #1 0x00007fec332629dc in WTF::TCMalloc_PageHeap::scavengerThread (this=0x7fec33c19200) at ../../../Source/JavaScriptCore/wtf/FastMalloc.cpp:2495 #2 0x00007fec33262b09 in WTF::TCMalloc_PageHeap::runScavengerThread (context=<optimized out>) at ../../../Source/JavaScriptCore/wtf/FastMalloc.cpp:1618 #3 0x00007fec3cb21f05 in start_thread () from /lib64/libpthread.so.0 #4 0x00007fec3ed0053d in clone () from /lib64/libc.so.6 Thread 2 (Thread 0x7fec23582700 (LWP 28290)): #0 0x00007fec3ecf7423 in poll () from /lib64/libc.so.6 #1 0x00007fec36f91a98 in ?? () from /usr/lib64/libglib-2.0.so.0 #2 0x00007fec36f91f59 in g_main_context_iteration () from /usr/lib64/libglib-2.0.so.0 #3 0x00007fec40302576 in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib64/libQtCore.so.4 #4 0x00007fec402d6a22 in QEventLoop::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib64/libQtCore.so.4 #5 0x00007fec402d6c1f in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib64/libQtCore.so.4 #6 0x00007fec401ee5df in QThread::exec() () from /usr/lib64/libQtCore.so.4 #7 0x00007fec401f1025 in ?? () from /usr/lib64/libQtCore.so.4 #8 0x00007fec3cb21f05 in start_thread () from /lib64/libpthread.so.0 #9 0x00007fec3ed0053d in clone () from /lib64/libc.so.6 Thread 1 (Thread 0x7fec41957760 (LWP 28285)): [KCrash Handler] #6 WebCore::RenderObject::absoluteBoundingBoxRect (this=0x0, useTransforms=true) at ../../../Source/WebCore/rendering/RenderObject.cpp:1073 #7 0x00007fec32989852 in QWebHitTestResultPrivate::QWebHitTestResultPrivate (this=0x3ca0270, hitTest=...) at ../../../../Source/WebKit/qt/Api/qwebframe.cpp:1705 #8 0x00007fec32989dd2 in QWebFrame::hitTestContent (this=<optimized out>, pos=...) at ../../../../Source/WebKit/qt/Api/qwebframe.cpp:1420 #9 0x00007fec381cc590 in MessageViewer::MailWebView::linkOrImageUrlAt (this=0xae3270, global=...) at /usr/src/debug/kdepim-4.7.4/messageviewer/mailwebview_webkit.cpp:256 #10 0x00007fec381b0cb2 in MessageViewer::ViewerPrivate::eventFilter (this=0xad39f0, e=0x7fffd579aec0) at /usr/src/debug/kdepim-4.7.4/messageviewer/viewer_p.cpp:992 #11 0x00007fec402d79a8 in QCoreApplicationPrivate::sendThroughObjectEventFilters(QObject*, QEvent*) () from /usr/lib64/libQtCore.so.4 #12 0x00007fec3f6a6baf in QApplicationPrivate::notify_helper(QObject*, QEvent*) () from /usr/lib64/libQtGui.so.4 #13 0x00007fec3f6ac36b in QApplication::notify(QObject*, QEvent*) () from /usr/lib64/libQtGui.so.4 #14 0x00007fec41371186 in KApplication::notify (this=0x7fffd579bc80, receiver=0xae3270, event=0x7fffd579aec0) at /usr/src/debug/kdelibs-4.7.4/kdeui/kernel/kapplication.cpp:311 #15 0x00007fec402d781c in QCoreApplication::notifyInternal(QObject*, QEvent*) () from /usr/lib64/libQtCore.so.4 #16 0x00007fec3f6a7bb2 in QApplicationPrivate::sendMouseEvent(QWidget*, QMouseEvent*, QWidget*, QWidget*, QWidget**, QPointer<QWidget>&, bool) () from /usr/lib64/libQtGui.so.4 #17 0x00007fec3f723b55 in ?? () from /usr/lib64/libQtGui.so.4 #18 0x00007fec3f722a2a in QApplication::x11ProcessEvent(_XEvent*) () from /usr/lib64/libQtGui.so.4 #19 0x00007fec3f74a2a2 in ?? () from /usr/lib64/libQtGui.so.4 #20 0x00007fec36f9158d in g_main_context_dispatch () from /usr/lib64/libglib-2.0.so.0 #21 0x00007fec36f91d88 in ?? () from /usr/lib64/libglib-2.0.so.0 #22 0x00007fec36f91f59 in g_main_context_iteration () from /usr/lib64/libglib-2.0.so.0 #23 0x00007fec4030250f in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib64/libQtCore.so.4 #24 0x00007fec3f749f2e in ?? () from /usr/lib64/libQtGui.so.4 #25 0x00007fec402d6a22 in QEventLoop::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib64/libQtCore.so.4 #26 0x00007fec402d6c1f in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib64/libQtCore.so.4 #27 0x00007fec402dade7 in QCoreApplication::exec() () from /usr/lib64/libQtCore.so.4 #28 0x0000000000402df3 in ?? () #29 0x00007fec3ec4823d in __libc_start_main () from /lib64/libc.so.6 #30 0x00000000004032d5 in _start () 519985 1 118984 gregap 2011-12-13 02:39:15 -0800 Created attachment 118984 The HTML source of the email that cause the crash. 975357 2 jturcotte 2014-02-03 03:19:24 -0800 === Bulk closing of Qt bugs === If you believe that this bug report is still relevant for a non-Qt port of webkit.org, please re-open it and remove [Qt] from the summary. If you believe that this is still an important QtWebKit bug, please fill a new report at https://bugreports.qt-project.org and add a link to this issue. See http://qt-project.org/wiki/ReportingBugsInQt for additional guidelines. 118984 2011-12-13 02:39:15 -0800 2011-12-13 02:39:15 -0800 The HTML source of the email that cause the crash. email-form.html text/html 3460 gregap PHA+RGVhciAgWFhYLDwvcD4KPHA+VGhhbmtzIGZvciB5b3VyIHJlY2VudCBwdXJjaGFzZSBmcm9t ICBIdW1ibGUgQnVuZGxlLCBJbmMuLjwvcD4KPHA+V2UmIzM5O2QgYXBwcmVjaWF0ZSBoZWFyaW5n IGFuZCBzaGFyaW5nIHlvdXIgZXhwZXJpZW5jZS4gUGxlYXNlIHRha2UgYSBtb21lbnQgdG8gdGVs bCB1cyBhYm91dCBpdCBieSBmaWxsaW5nIG91dCB0aGUgZm9ybSBiZWxvdy4gV2Ugd2lsbCBwdWJs aXNoIHlvdXIgcmV2aWV3IG9ubGluZSBzbyB0aGF0IG90aGVycyBjYW4gbGVhcm4gZnJvbSB5b3Vy IGV4cGVyaWVuY2UuIFlvdXIgcmV2aWV3IHdpbGwgYmUgbGlua2VkIHRvIHlvdXIgR29vZ2xlIGFj Y291bnQuPC9wPgo8cD48L3A+Cjxmb3JtIGFjdGlvbj0iaHR0cHM6Ly9jaGVja291dC5nb29nbGUu Y29tL3Jldmlld3MvbWVyY2hhbnQvcmF0ZU1lcmNoYW50RW1haWw/dD14eHh4eHh4eHh4eHh4eHh4 eHh4eHgmYW1wO2U9ZiZhbXA7YXV0aFRvaz14eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4 eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4IiBtZXRob2Q9IlBP U1QiIG5hbWU9InJhdGVGb3JtIj48dGFibGU+PHRyPjx0aCB2YWxpZ249InRvcCIgYWxpZ249Imxl ZnQiIHN0eWxlPSJwYWRkaW5nLXRvcDo2cHg7Ij48L3RoPjwvdHI+Cjx0cj48dGQ+PHRhYmxlIGNl bGxwYWRkaW5nPSIyIiBjZWxsc3BhY2luZz0iMCI+PHRyPjx0ZD48aW5wdXQgdHlwZT0icmFkaW8i IG5hbWU9InJhdGluZ0luZGljYXRvciIgdmFsdWU9IjUiIGlkPSJyYXRpbmc1Ij48L3RkPgo8dGQ+ PGZvbnQgc3R5bGU9ImZvbnQtZmFtaWx5OkFyaWFsLCBzYW5zIHNlcmlmOyBmb250LXNpemU6IDgz JSI+PGxhYmVsIGZvcj0icmF0aW5nNSI+PGltZyBzcmM9Imh0dHBzOi8vY2hlY2tvdXQuZ29vZ2xl LmNvbS9pbWcvY29tcG9zaXRlLTUuZ2lmIiBhbHQ9IjUgc3RhcnMiPjwvbGFiZWw+PC9mb250Pjwv dGQ+Cjx0ZD5FeGNlbGxlbnQ6IEkgd291bGQgZGVmaW5pdGVseSBidXkgZnJvbSB0aGlzIHN0b3Jl IGFnYWluLjwvdGQ+PC90cj4KPHRyPjx0ZD48aW5wdXQgdHlwZT0icmFkaW8iIG5hbWU9InJhdGlu Z0luZGljYXRvciIgdmFsdWU9IjQiIGlkPSJyYXRpbmc0Ij48L3RkPgo8dGQ+PGZvbnQgc3R5bGU9 ImZvbnQtZmFtaWx5OkFyaWFsLCBzYW5zIHNlcmlmOyBmb250LXNpemU6IDgzJSI+PGxhYmVsIGZv cj0icmF0aW5nNCI+PGltZyBzcmM9Imh0dHBzOi8vY2hlY2tvdXQuZ29vZ2xlLmNvbS9pbWcvY29t cG9zaXRlLTQuZ2lmIiBhbHQ9IjQgc3RhcnMiPjwvbGFiZWw+PC9mb250PjwvdGQ+Cjx0ZD48L3Rk PjwvdHI+Cjx0cj48dGQ+PGlucHV0IHR5cGU9InJhZGlvIiBuYW1lPSJyYXRpbmdJbmRpY2F0b3Ii IHZhbHVlPSIzIiBpZD0icmF0aW5nMyI+PC90ZD4KPHRkPjxmb250IHN0eWxlPSJmb250LWZhbWls eTpBcmlhbCwgc2FucyBzZXJpZjsgZm9udC1zaXplOiA4MyUiPjxsYWJlbCBmb3I9InJhdGluZzMi PjxpbWcgc3JjPSJodHRwczovL2NoZWNrb3V0Lmdvb2dsZS5jb20vaW1nL2NvbXBvc2l0ZS0zLmdp ZiIgYWx0PSIzIHN0YXJzIj48L2xhYmVsPjwvZm9udD48L3RkPgo8dGQ+PC90ZD48L3RyPgo8dHI+ PHRkPjxpbnB1dCB0eXBlPSJyYWRpbyIgbmFtZT0icmF0aW5nSW5kaWNhdG9yIiB2YWx1ZT0iMiIg aWQ9InJhdGluZzIiPjwvdGQ+Cjx0ZD48Zm9udCBzdHlsZT0iZm9udC1mYW1pbHk6QXJpYWwsIHNh bnMgc2VyaWY7IGZvbnQtc2l6ZTogODMlIj48bGFiZWwgZm9yPSJyYXRpbmcyIj48aW1nIHNyYz0i aHR0cHM6Ly9jaGVja291dC5nb29nbGUuY29tL2ltZy9jb21wb3NpdGUtMi5naWYiIGFsdD0iMiBz dGFycyI+PC9sYWJlbD48L2ZvbnQ+PC90ZD4KPHRkPjwvdGQ+PC90cj4KPHRyPjx0ZD48aW5wdXQg dHlwZT0icmFkaW8iIG5hbWU9InJhdGluZ0luZGljYXRvciIgdmFsdWU9IjEiIGlkPSJyYXRpbmcx Ij48L3RkPgo8dGQ+PGZvbnQgc3R5bGU9ImZvbnQtZmFtaWx5OkFyaWFsLCBzYW5zIHNlcmlmOyBm b250LXNpemU6IDgzJSI+PGxhYmVsIGZvcj0icmF0aW5nMSI+PGltZyBzcmM9Imh0dHBzOi8vY2hl Y2tvdXQuZ29vZ2xlLmNvbS9pbWcvY29tcG9zaXRlLTEuZ2lmIiBhbHQ9IjEgc3RhciI+PC9sYWJl bD48L2ZvbnQ+PC90ZD4KPHRkPlBvb3I6IEkgd291bGQgZGlzY291cmFnZSBvdGhlcnMgZnJvbSB0 aGlzIHN0b3JlLjwvdGQ+PC90cj48L3RhYmxlPjwvdGQ+PC90cj4KPHRyPjx0ZCBjb2xzcGFuPSIz Ij48YnI+CkhvdyB3YXMgeW91ciBvdmVyYWxsIGV4cGVyaWVuY2Ugd2l0aCB0aGlzIHN0b3JlPzwv dGQ+PC90cj4KPHRyPjx0ZCBjb2xzcGFuPSIzIj48dGV4dGFyZWEgbmFtZT0iY29tbWVudFRleHQi IHJvd3M9IjUiIGNvbHM9Ijc1Ij48L3RleHRhcmVhPgo8YnI+PC90ZD48L3RyPjwvdGFibGU+Cjxi cj4KPGlucHV0IHR5cGU9ImhpZGRlbiIgbmFtZT0iZW5hYmxlRW1haWxSZXZpZXdzIiB2YWx1ZT0i ZW5hYmxlRW1haWxSZXZpZXdzIj4KPHRhYmxlPjx0cj48dGQgdmFsaWduPSJ0b3AiPjxpbnB1dCB0 eXBlPSJzdWJtaXQiIG5hbWU9InN1Ym1pdCIgdmFsdWU9IlB1Ymxpc2ggdGhpcyBSZXZpZXciPjwv dGQ+PC90cj48L3RhYmxlPjwvZm9ybT4KPGJyPgo8cD48c3Ryb25nPkhhdmluZyB0cm91YmxlIHdp dGggdGhpcyBmb3JtPzwvc3Ryb25nPjxicj4KPGEgaHJlZj0iaHR0cHM6Ly9jaGVja291dC5nb29n bGUuY29tL3Jldmlld3MvbWVyY2hhbnQvcmF0ZU1lcmNoYW50P3Q9eHh4eHh4eHh4eHh4eHh4eHh4 eHh4JmFtcDtlPWwiPlN1Ym1pdCB5b3VyIHJldmlldyBvbmxpbmU8L2E+PGJyPjxicj4KPHN0cm9u Zz5Ib3cgZG8gSSBnZXQgZGV0YWlscyBhYm91dCB0aGlzIG9yZGVyPzwvc3Ryb25nPjxicj4KPGEg aHJlZj0iaHR0cHM6Ly9jaGVja291dC5nb29nbGUuY29tL3ZpZXcvcmVjZWlwdD90PXh4eHh4eHh4 eHh4eHh4eHh4eHh4eCI+R2V0IHVwLXRvLWRhdGUgaW5mb3JtYXRpb24gYWJvdXQgb3JkZXIgI3h4 eHh4eHh4eHh4eHh4eHh4eHh4eDwvYT48L3A+Cjxicj4KPGRpdiBzdHlsZT0icGFkZGluZzogMnB4 OyBib3JkZXItdG9wOiAxcHggc29saWQgIzMzNjZDQyI+PGNlbnRlcj48Zm9udCBjb2xvcj0iIzY3 Njc2NyIgc2l6ZT0iLTIiPjxicj4KTmVlZCBoZWxwPyBWaXNpdCB0aGUKPGEgaHJlZj0iaHR0cHM6 Ly9jaGVja291dC5nb29nbGUuY29tL3N1cHBvcnQ/aGw9ZW5fVVMiPkdvb2dsZSBDaGVja291dCBo ZWxwIGNlbnRlci48L2E+PGJyPgo8YSBocmVmPSJodHRwczovL2NoZWNrb3V0Lmdvb2dsZS5jb20v cmV2aWV3cy9tZXJjaGFudC9yZXZpZXdzRW1haWxPcHRPdXQ/dD14eHh4eHh4eHh4eHh4eHh4eHh4 eHgmYW1wO2F1dGhUb2s9eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4 eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eCI+U3RvcCByZWNlaXZpbmcgc2VsbGVy IHJldmlldyBlbWFpbHM8L2E+PC9mb250PjwvY2VudGVyPjwvZGl2Pg==