Version:            (using KDE Devel)
Installed from:    Compiled sources
Compiler:          gcc 3.4.4 
OS:                Linux

Konqueror crashes when viewing any MySpace profile.

MySpace makes heavy use of JavaScript.  As far as I can tell, it's crashing when it tries to access an IFrame in the page.  It gets the IFrame, then tests to see if it's null or not, and that test is what causes the crash.  (The test in question is in their WDDXRemotingClient.js, line 52.)

Here's the backtrace:

Using host libthread_db library "/lib/libthread_db.so.1".
`system-supplied DSO at 0xffffe000' has disappeared; keeping its symbols.
[Thread debugging using libthread_db enabled]
[New Thread -1232341328 (LWP 28615)]
[KCrash handler]
#4  0xb63693ad in DOM::DocumentImpl::view (this=0x0) at dom_docimpl.h:275
#5  0xb6489ccd in KJS::HTMLElement::tryGet (this=0x0, exec=0xbf93a4e0, 
    propertyName=@0xbf93a200)
    at /srv/home/condor/kde/KDE/kdelibs/khtml/ecma/kjs_html.cpp:1205
#6  0xb644fa3a in KJS::DOMObject::get (this=0x85df0f8, exec=0xbf93a4e0, p=@0x0)
    at /srv/home/condor/kde/KDE/kdelibs/khtml/ecma/kjs_binding.cpp:50
#7  0xb6247bd5 in KJS::Reference::getValue (this=0xbf93a4e0, exec=0xbf93a4e0)
    at /srv/home/condor/kde/KDE/kdelibs/kjs/reference.cpp:143
#8  0xb62063d0 in KJS::Node::evaluate (this=0x0, exec=0xbf93a4e0)
    at /srv/home/condor/kde/KDE/kdelibs/kjs/nodes.cpp:130
#9  0xb6206423 in KJS::Node::toBoolean (this=0x0, exec=0xbf93a4e0)
    at /srv/home/condor/kde/KDE/kdelibs/kjs/nodes.cpp:136
#10 0xb620de09 in KJS::IfNode::execute (this=0x882a7c0, exec=0xbf93a4e0)
    at /srv/home/condor/kde/KDE/kdelibs/kjs/nodes.cpp:2016
#11 0xb6213a42 in KJS::SourceElementsNode::execute (this=0xbf93a330, 
    exec=0xbf93a4e0) at /srv/home/condor/kde/KDE/kdelibs/kjs/nodes.cpp:3097
#12 0xb620da25 in KJS::BlockNode::execute (this=0x882aa68, exec=0xbf93a4e0)
    at /srv/home/condor/kde/KDE/kdelibs/kjs/nodes.cpp:1942
#13 0xb623bea1 in KJS::DeclaredFunctionImp::execute (this=0xbf939d30, exec=0x0)
    at /srv/home/condor/kde/KDE/kdelibs/kjs/function.cpp:579
#14 0xb623b1b9 in KJS::FunctionImp::call (this=0x8829040, exec=0xbf93aa90, 
    thisObj=@0xbf939d30, args=@0xbf93a660)
    at /srv/home/condor/kde/KDE/kdelibs/kjs/function.cpp:354
#15 0xb6241f82 in KJS::Object::call (this=0x0, exec=0xbf93aa90, thisObj=@0x0, 
    args=@0x0) at /srv/home/condor/kde/KDE/kdelibs/kjs/object.cpp:70
#16 0xb62092c5 in KJS::FunctionCallNode::evaluate (this=0xbf93a640, 
    exec=0xbf93a620) at /srv/home/condor/kde/KDE/kdelibs/kjs/nodes.cpp:870
#17 0xb620dbc7 in KJS::ExprStatementNode::execute (this=0x8833190, 
    exec=0xbf93aa90) at /srv/home/condor/kde/KDE/kdelibs/kjs/nodes.cpp:1980
#18 0xb6213a42 in KJS::SourceElementsNode::execute (this=0xbf93a780, 
    exec=0xbf93aa90) at /srv/home/condor/kde/KDE/kdelibs/kjs/nodes.cpp:3097
#19 0xb620da25 in KJS::BlockNode::execute (this=0x88331f8, exec=0xbf93aa90)
    at /srv/home/condor/kde/KDE/kdelibs/kjs/nodes.cpp:1942
#20 0xb620dfd3 in KJS::IfNode::execute (this=0x8833228, exec=0xbf93a8e0)
    at /srv/home/condor/kde/KDE/kdelibs/kjs/nodes.cpp:2021
#21 0xb6213a42 in KJS::SourceElementsNode::execute (this=0xbf93a8e0, 
    exec=0xbf93aa90) at /srv/home/condor/kde/KDE/kdelibs/kjs/nodes.cpp:3097
#22 0xb620da25 in KJS::BlockNode::execute (this=0x8833298, exec=0xbf93aa90)
    at /srv/home/condor/kde/KDE/kdelibs/kjs/nodes.cpp:1942
#23 0xb623bea1 in KJS::DeclaredFunctionImp::execute (this=0xbf939d30, exec=0x0)
    at /srv/home/condor/kde/KDE/kdelibs/kjs/function.cpp:579
#24 0xb623b1b9 in KJS::FunctionImp::call (this=0x88347e8, exec=0xbf93ae50, 
    thisObj=@0xbf939d30, args=@0xbf93ac10)
    at /srv/home/condor/kde/KDE/kdelibs/kjs/function.cpp:354
#25 0xb6241f82 in KJS::Object::call (this=0x0, exec=0xbf93ae50, thisObj=@0x0, 
    args=@0x0) at /srv/home/condor/kde/KDE/kdelibs/kjs/object.cpp:70
#26 0xb62092c5 in KJS::FunctionCallNode::evaluate (this=0xbf93abf0, 
    exec=0xbf93abd0) at /srv/home/condor/kde/KDE/kdelibs/kjs/nodes.cpp:870
#27 0xb620dbc7 in KJS::ExprStatementNode::execute (this=0x87c10a0, 
    exec=0xbf93ae50) at /srv/home/condor/kde/KDE/kdelibs/kjs/nodes.cpp:1980
#28 0xb6213a42 in KJS::SourceElementsNode::execute (this=0xbf93ad30, 
    exec=0xbf93ae50) at /srv/home/condor/kde/KDE/kdelibs/kjs/nodes.cpp:3097
#29 0xb620da25 in KJS::BlockNode::execute (this=0x87c1108, exec=0xbf93ae50)
    at /srv/home/condor/kde/KDE/kdelibs/kjs/nodes.cpp:1942
#30 0xb622ee7d in KJS::InterpreterImp::evaluate (this=0x83b7ca0, 
    code=@0xbf93aeb0, thisV=@0xbf93b040)
    at /srv/home/condor/kde/KDE/kdelibs/kjs/internal.cpp:904
#31 0xb6242926 in KJS::Interpreter::evaluate (this=0x0, code=@0x0, thisV=@0x0)
    at /srv/home/condor/kde/KDE/kdelibs/kjs/interpreter.cpp:166
#32 0xb64a4d16 in KJS::KJSProxyImpl::evaluate (this=0x8558a40, filename=
      {static null = {static null = <same as static member of an already seen type>, d = 0x804c070, static shared_null = 0x804c070}, d = 0x0, static shared_null = 0x804c070}, baseLine=-1080845008, str=@0x0, n=@0xbf93b210, 
    completion=0xbf93b160)
    at /srv/home/condor/kde/KDE/kdelibs/khtml/ecma/kjs_proxy.cpp:154
#33 0xb632ffd8 in KHTMLPart::executeScript (this=0x83f9278, n=@0xbf93b210, 
    script=@0x893497c)
    at /srv/home/condor/kde/KDE/kdelibs/khtml/khtml_part.cpp:1195
#34 0xb648ea23 in KJS::ScheduledAction::execute (this=0x8934970, 
    window=0x83b7ba0)
    at /srv/home/condor/kde/KDE/kdelibs/khtml/ecma/kjs_window.cpp:1849
#35 0xb6496204 in KJS::WindowQObject::timerEvent (this=0x83b7c10)
    at /srv/home/condor/kde/KDE/kdelibs/khtml/ecma/kjs_window.cpp:1980
#36 0xb701d91c in QObject::event () from /usr/qt/3/lib/libqt-mt.so.3
#37 0xb6fbe8de in QApplication::internalNotify ()
   from /usr/qt/3/lib/libqt-mt.so.3
#38 0xb6fbea6d in QApplication::notify () from /usr/qt/3/lib/libqt-mt.so.3
#39 0xb75ec734 in KApplication::notify (this=0xbf93bc80, receiver=0x83b7c10, 
    event=0xbf93b750)
    at /srv/home/condor/kde/KDE/kdelibs/kdecore/kapplication.cpp:549
#40 0xb6fb2550 in QEventLoop::activateTimers ()
   from /usr/qt/3/lib/libqt-mt.so.3
#41 0xb6f6b346 in QEventLoop::processEvents () from /usr/qt/3/lib/libqt-mt.so.3
#42 0xb6fd4851 in QEventLoop::enterLoop () from /usr/qt/3/lib/libqt-mt.so.3
#43 0xb6fd47aa in QEventLoop::exec () from /usr/qt/3/lib/libqt-mt.so.3
#44 0xb6fbdb43 in QApplication::exec () from /usr/qt/3/lib/libqt-mt.so.3
#45 0xb7e93228 in kdemain (argc=0, argv=0x0)
    at /srv/home/condor/kde/KDE/kdebase/konqueror/konq_main.cc:206
#46 0x080486f2 in main (argc=0, argv=0x0) at kdeinit_konqueror.cpp:2

And here's the tail end of the debug log (with KJS_VERBOSE turned on):

---------------------------------------------------
processing parameters for _WDDXRemotingClient_addRequestParameter call
setting parameter name KJS: to: UserIDList : String (0x85df670)
setting parameter value KJS: to: 6433564,1706476,3684759,3835506 : String (0x85df910)
Resolve::evaluateReference: didn't find 'nameValueObject'
KJS: setting property nameValueObject: [object Object] : Object (0x85df638)
KJS: setting property name: UserIDList : String (0x85df670)
KJS: setting property value: 6433564,1706476,3684759,3835506 : String (0x85df910)
KJS: setting property 0: [object Object] : Object (0x85df638)
_WDDXRemotingClient_addRequestParameter returns: undefined
---------------------------------------------------
processing parameters for _WDDXRemotingClient_sendRequest call
KJS: new variable i: 0 : Number (0x1)
KJS: setting property requestURL: http://onlinenow.myspace.com/UsersOnline.html&User... : String (0x85df478)
KJS: setting property i: 1 : Number (0x5)
KJS: setting property requestURL: http://onlinenow.myspace.com/UsersOnline.html?User... : String (0x85df1d8)
KJS: new variable IFrameObj: [object IFRAME] : HTMLIFrameElement (0x85df0f8)
KCrash: crashing... crashRecursionCounter = 2
KCrash: Application Name = konqueror path = <unknown> pid = 28615

The complete debug.log is 135K.  I can attach it to the bug, if it would be helpful.

I unfortunately could not create a simple test case that reproduced the bug.