RESOLVED INVALID74394
[Qt] Crash when submitting remote form from HTML rendered in an KMail email client 
https://bugs.webkit.org/show_bug.cgi?id=74394
Summary [Qt] Crash when submitting remote form from HTML rendered in an KMail email c...
gregap
Reported 2011-12-13 02:37:34 PST
I submitted this crash report to the KMail bugtracker and they told me to re-submit the bug upstream to QtWebkit ( original bug here: https://bugs.kde.org/show_bug.cgi?id=288793 ). I am attaching the HTML source of the email with authentication tokens masked. - What I was doing when the application crashed: I received an email from Google Checkout asking me to rate my shopping experience (I bought a product a week ago or so). The HTML email contains several images, checkboxes for selecting a rating, a textbox and a submit button. If I select one of the checkboxes and click the submit button, KMail crashes. The crash can be reproduced every time. -- Backtrace: Application: KMail (kmail), signal: Segmentation fault [Current thread is 1 (Thread 0x7fec41957760 (LWP 28285))] Thread 3 (Thread 0x7fec23e83700 (LWP 28289)): #0 0x00007fec3cb25e6c in pthread_cond_wait@@GLIBC_2.3.2 () from /lib64/libpthread.so.0 #1 0x00007fec332629dc in WTF::TCMalloc_PageHeap::scavengerThread (this=0x7fec33c19200) at ../../../Source/JavaScriptCore/wtf/FastMalloc.cpp:2495 #2 0x00007fec33262b09 in WTF::TCMalloc_PageHeap::runScavengerThread (context=<optimized out>) at ../../../Source/JavaScriptCore/wtf/FastMalloc.cpp:1618 #3 0x00007fec3cb21f05 in start_thread () from /lib64/libpthread.so.0 #4 0x00007fec3ed0053d in clone () from /lib64/libc.so.6 Thread 2 (Thread 0x7fec23582700 (LWP 28290)): #0 0x00007fec3ecf7423 in poll () from /lib64/libc.so.6 #1 0x00007fec36f91a98 in ?? () from /usr/lib64/libglib-2.0.so.0 #2 0x00007fec36f91f59 in g_main_context_iteration () from /usr/lib64/libglib-2.0.so.0 #3 0x00007fec40302576 in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib64/libQtCore.so.4 #4 0x00007fec402d6a22 in QEventLoop::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib64/libQtCore.so.4 #5 0x00007fec402d6c1f in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib64/libQtCore.so.4 #6 0x00007fec401ee5df in QThread::exec() () from /usr/lib64/libQtCore.so.4 #7 0x00007fec401f1025 in ?? () from /usr/lib64/libQtCore.so.4 #8 0x00007fec3cb21f05 in start_thread () from /lib64/libpthread.so.0 #9 0x00007fec3ed0053d in clone () from /lib64/libc.so.6 Thread 1 (Thread 0x7fec41957760 (LWP 28285)): [KCrash Handler] #6 WebCore::RenderObject::absoluteBoundingBoxRect (this=0x0, useTransforms=true) at ../../../Source/WebCore/rendering/RenderObject.cpp:1073 #7 0x00007fec32989852 in QWebHitTestResultPrivate::QWebHitTestResultPrivate (this=0x3ca0270, hitTest=...) at ../../../../Source/WebKit/qt/Api/qwebframe.cpp:1705 #8 0x00007fec32989dd2 in QWebFrame::hitTestContent (this=<optimized out>, pos=...) at ../../../../Source/WebKit/qt/Api/qwebframe.cpp:1420 #9 0x00007fec381cc590 in MessageViewer::MailWebView::linkOrImageUrlAt (this=0xae3270, global=...) at /usr/src/debug/kdepim-4.7.4/messageviewer/mailwebview_webkit.cpp:256 #10 0x00007fec381b0cb2 in MessageViewer::ViewerPrivate::eventFilter (this=0xad39f0, e=0x7fffd579aec0) at /usr/src/debug/kdepim-4.7.4/messageviewer/viewer_p.cpp:992 #11 0x00007fec402d79a8 in QCoreApplicationPrivate::sendThroughObjectEventFilters(QObject*, QEvent*) () from /usr/lib64/libQtCore.so.4 #12 0x00007fec3f6a6baf in QApplicationPrivate::notify_helper(QObject*, QEvent*) () from /usr/lib64/libQtGui.so.4 #13 0x00007fec3f6ac36b in QApplication::notify(QObject*, QEvent*) () from /usr/lib64/libQtGui.so.4 #14 0x00007fec41371186 in KApplication::notify (this=0x7fffd579bc80, receiver=0xae3270, event=0x7fffd579aec0) at /usr/src/debug/kdelibs-4.7.4/kdeui/kernel/kapplication.cpp:311 #15 0x00007fec402d781c in QCoreApplication::notifyInternal(QObject*, QEvent*) () from /usr/lib64/libQtCore.so.4 #16 0x00007fec3f6a7bb2 in QApplicationPrivate::sendMouseEvent(QWidget*, QMouseEvent*, QWidget*, QWidget*, QWidget**, QPointer<QWidget>&, bool) () from /usr/lib64/libQtGui.so.4 #17 0x00007fec3f723b55 in ?? () from /usr/lib64/libQtGui.so.4 #18 0x00007fec3f722a2a in QApplication::x11ProcessEvent(_XEvent*) () from /usr/lib64/libQtGui.so.4 #19 0x00007fec3f74a2a2 in ?? () from /usr/lib64/libQtGui.so.4 #20 0x00007fec36f9158d in g_main_context_dispatch () from /usr/lib64/libglib-2.0.so.0 #21 0x00007fec36f91d88 in ?? () from /usr/lib64/libglib-2.0.so.0 #22 0x00007fec36f91f59 in g_main_context_iteration () from /usr/lib64/libglib-2.0.so.0 #23 0x00007fec4030250f in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib64/libQtCore.so.4 #24 0x00007fec3f749f2e in ?? () from /usr/lib64/libQtGui.so.4 #25 0x00007fec402d6a22 in QEventLoop::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib64/libQtCore.so.4 #26 0x00007fec402d6c1f in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib64/libQtCore.so.4 #27 0x00007fec402dade7 in QCoreApplication::exec() () from /usr/lib64/libQtCore.so.4 #28 0x0000000000402df3 in ?? () #29 0x00007fec3ec4823d in __libc_start_main () from /lib64/libc.so.6 #30 0x00000000004032d5 in _start ()
Attachments
The HTML source of the email that cause the crash. (3.38 KB, text/html)
2011-12-13 02:39 PST, gregap 		no flags
Details
View All Add attachment proposed patch, testcase, etc.
gregap
Comment 1 2011-12-13 02:39:15 PST
Created attachment 118984 [details] The HTML source of the email that cause the crash.
Jocelyn Turcotte
Comment 2 2014-02-03 03:19:24 PST
=== Bulk closing of Qt bugs === If you believe that this bug report is still relevant for a non-Qt port of webkit.org, please re-open it and remove [Qt] from the summary. If you believe that this is still an important QtWebKit bug, please fill a new report at https://bugreports.qt-project.org and add a link to this issue. See http://qt-project.org/wiki/ReportingBugsInQt for additional guidelines.
Note You need to log in before you can comment on or make changes to this bug.