Bug 131199 - konqueror crashed when pressing back
Summary: konqueror crashed when pressing back
Status: RESOLVED FIXED
Alias: None
Product: konqueror
Classification: Applications
Component: khtml (show other bugs)
Version: unspecified
Platform: Compiled Sources Linux
: NOR crash
Target Milestone: ---
Assignee: Konqueror Developers
URL:
Keywords: needs_verification
Depends on:
Blocks:
 
Reported: 2006-07-22 13:02 UTC by Thorsten Staerk
Modified: 2008-11-22 08:48 UTC (History)
3 users (show)

See Also:
Latest Commit:
Version Fixed In:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Thorsten Staerk 2006-07-22 13:02:54 UTC
Version:            (using KDE Devel)
Installed from:    Compiled sources
OS:                Linux

surf to www.bild.de, click onto an article, click back.

In 10% of the cases you get a crash like:


Using host libthread_db library "/lib/libthread_db.so.1".
[Thread debugging using libthread_db enabled]
[New Thread -1232488256 (LWP 14567)]
[KCrash handler]
#6  0xb5e189d8 in QPtrDictIterator<QWidget>::currentKey (this=0x4)
    at /usr/lib/qt3/include/qptrdict.h:109
#7  0xb5e8a0f6 in NameNodeListImpl (this=0xbfe8e650, n=0x0, t=@0xf)
    at /root/svn/3.5/kdelibs/khtml/xml/dom_nodeimpl.cpp:1829
#8  0xb5ecdc43 in DOM::HTMLCollectionImpl::nodeMatches (this=0xbfe8e650, 
    current=0x0, deep=@0xf)
    at /root/svn/3.5/kdelibs/khtml/html/html_miscimpl.cpp:132
#9  0xb6009d1c in KJS::Window::executeOpenWindow (this=0x889bfd8, 
    exec=0xbfe8e8fc, url=@0xbfe8e738, frameName=@0x889bfd8, 
    features=@0x889bfd8)
    at /root/svn/3.5/kdelibs/khtml/ecma/kjs_window.cpp:1430
#10 0xb5c4f3e4 in KJS::Reference::getValue (this=0xbfe8e728, exec=0xbfe8e8fc)
    at /root/svn/3.5/kdelibs/kjs/reference.cpp:143
#11 0xb5c0b244 in KJS::Node::evaluate (this=0x8464858, exec=0xbfe8e8fc)
    at /root/svn/3.5/kdelibs/kjs/nodes.cpp:130
#12 0xb5c0b343 in KJS::Node::toBoolean (this=0x8464858, exec=0xbfe8e8fc)
    at /root/svn/3.5/kdelibs/kjs/nodes.cpp:136
#13 0xb5c0ec2c in KJS::IfNode::execute (this=0x87c5c00, exec=0xbfe8e8fc)
    at /root/svn/3.5/kdelibs/kjs/nodes.cpp:2016
#14 0xb5c0bd4c in KJS::SourceElementsNode::execute (this=0x8d0c1f8, 
    exec=0xbfe8e8fc) at /root/svn/3.5/kdelibs/kjs/nodes.cpp:3091
#15 0xb5c09d1a in KJS::BlockNode::execute (this=0x85de1e8, exec=0xbfe8e8fc)
    at /root/svn/3.5/kdelibs/kjs/nodes.cpp:1942
#16 0xb5c33799 in KJS::InterpreterImp::evaluate (this=0x84abe20, 
    code=@0xbfe8ea44, thisV=@0xbfe8ea48)
    at /root/svn/3.5/kdelibs/kjs/internal.cpp:904
#17 0xb5c49124 in KJS::Interpreter::evaluate (this=0x8a0a9f0, 
    code=@0xbfe8ea44, thisV=@0xbfe8ea48)
    at /root/svn/3.5/kdelibs/kjs/interpreter.cpp:166
#18 0xb601e0e9 in KJS::KJSProxyImpl::evaluate (this=0x849bcc0, 
    filename=@0xbfe8eae8, baseLine=9, str=@0xbfe8ec04, n=@0xbfe8eba4, 
    completion=0xbfe8ead4)
    at /root/svn/3.5/kdelibs/khtml/ecma/kjs_proxy.cpp:186
#19 0xb5e3ca81 in KHTMLPart::executeScript (this=0x8c47068, 
    filename=@0xbfe8eb68, baseLine=9, n=@0xbfe8eba4, script=@0xbfe8ec04)
    at /root/svn/3.5/kdelibs/khtml/khtml_part.cpp:1162
#20 0xb5eb169c in khtml::HTMLTokenizer::notifyFinished (this=0x8852d18)
    at /root/svn/3.5/kdelibs/khtml/html/htmltokenizer.cpp:1723
#21 0xb5eb1dbf in khtml::HTMLTokenizer::scriptHandler (this=0x8852d18)
    at /root/svn/3.5/kdelibs/khtml/html/htmltokenizer.cpp:430
#22 0xb5eb2724 in khtml::HTMLTokenizer::parseSpecial (this=0x8852d18, 
    src=@0x8853218) at /root/svn/3.5/kdelibs/khtml/html/htmltokenizer.cpp:339
#23 0xb5eb4b5a in khtml::HTMLTokenizer::parseTag (this=0x8852d18, 
    src=@0x8853218) at /root/svn/3.5/kdelibs/khtml/html/htmltokenizer.cpp:1214
#24 0xb5eb520a in khtml::HTMLTokenizer::write (this=0x8852d18, 
    str=@0xbfe8efc8, appendData=true)
    at /root/svn/3.5/kdelibs/khtml/html/htmltokenizer.cpp:1451
#25 0xb5e38838 in KHTMLPart::slotFinished (this=0x8c47068, job=0xbfe8f1d4)
    at /root/svn/3.5/kdelibs/khtml/khtml_part.cpp:1829
#26 0xb5e24834 in KHTMLPart::requestFrameName (this=0xbfe911d4)
    at /root/svn/3.5/kdelibs/khtml/khtml_part.cpp:4330
#27 0xb5e417c4 in KHTMLPart::qt_invoke (this=0x8c47068, _id=18, _o=0xbfe8f188)
    at /root/svn/3.5/kdelibs/khtml/khtml_part.moc:506
#28 0xb6fe2b5d in QObject::activate_signal ()
   from /usr/lib/qt3/lib/libqt-mt.so.3
#29 0xb5e6a4ba in KHTMLPageCacheDelivery::qt_emit (this=0x8513e60, 
    _id=-1075244588, _o=0x451)
    at /root/svn/3.5/kdelibs/khtml/khtml_pagecache.moc:190
#30 0xb5e6aa40 in KHTMLPageCache::qt_invoke (this=0x8541598, _id=-1075244408, 
    _o=0xbfe91228) at /root/svn/3.5/kdelibs/khtml/khtml_pagecache.moc:81
#31 0xb5e6aadd in ~KHTMLPageCache (this=0x8541598)
    at /root/svn/3.5/kdelibs/khtml/khtml_pagecache.cpp:139
#32 0xb6fe2b5d in QObject::activate_signal ()
   from /usr/lib/qt3/lib/libqt-mt.so.3
#33 0xb7319cde in QSignal::signal () from /usr/lib/qt3/lib/libqt-mt.so.3
#34 0xb6ffec27 in QSignal::activate () from /usr/lib/qt3/lib/libqt-mt.so.3
#35 0xb7005fe3 in QSingleShotTimer::event ()
   from /usr/lib/qt3/lib/libqt-mt.so.3
#36 0xb6f83c47 in QApplication::internalNotify ()
   from /usr/lib/qt3/lib/libqt-mt.so.3
#37 0xb6f84a11 in QApplication::notify () from /usr/lib/qt3/lib/libqt-mt.so.3
#38 0xb76477b5 in KApplication::notify (this=0xbfe91744, receiver=0x8346340, 
    event=0xbfe91524) at /root/svn/3.5/kdelibs/kdecore/kapplication.cpp:550
#39 0xb6f78dd5 in QEventLoop::activateTimers ()
   from /usr/lib/qt3/lib/libqt-mt.so.3
#40 0xb6f33710 in QEventLoop::processEvents ()
   from /usr/lib/qt3/lib/libqt-mt.so.3
#41 0xb6f9aa78 in QEventLoop::enterLoop () from /usr/lib/qt3/lib/libqt-mt.so.3
#42 0xb6f9a90e in QEventLoop::exec () from /usr/lib/qt3/lib/libqt-mt.so.3
#43 0xb6f837ff in QApplication::exec () from /usr/lib/qt3/lib/libqt-mt.so.3
#44 0xb66e0eb2 in kdemain (argc=2, argv=0x8070b60)
    at /root/svn/3.5/kdebase/konqueror/konq_main.cc:206
#45 0xb74ee740 in kdeinitmain (argc=2, argv=0x8070b60)
    at ./konqueror/kdeinit_konqueror.la.cpp:3
#46 0x0804fd1e in launch (argc=2, _name=0x807220c "konqueror", 
    args=0x807221f "\001", cwd=0x0, envc=1, envs=0x8072230 "", 
    reset_env=false, tty=0x0, avoid_loops=false, 
    startup_id_str=0x8072234 "scorpio;1153648813;950975;3931_TIME625156")
    at /root/svn/3.5/kdelibs/kinit/kinit.cpp:639
#47 0x0805071a in handle_launcher_request (sock=8)
    at /root/svn/3.5/kdelibs/kinit/kinit.cpp:1206
#48 0x08050efc in handle_requests (waitForPid=0)
    at /root/svn/3.5/kdelibs/kinit/kinit.cpp:1407
#49 0x080519c8 in main (argc=3, argv=0xbfe92254, envp=0xbfe92264)
    at /root/svn/3.5/kdelibs/kinit/kinit.cpp:1863
Comment 1 Tommi Tervo 2006-07-22 13:19:13 UTC
Confirmed, r565066
Comment 2 Maksim Orlovich 2006-07-22 18:10:03 UTC
SVN commit 565178 by orlovich:

Put in a safe workaround for #127147, and likely #131199. 
This isn't the correct fix, but it'll at least prevent crashing and log the actual bug;
the real fix is too complicated to do in time for 3.5.4. 

CCBUG:127147
CCBUG:131199


 M  +17 -13    kjs_window.cpp  


--- branches/KDE/3.5/kdelibs/khtml/ecma/kjs_window.cpp #565177:565178
@@ -2237,20 +2237,24 @@
   // hence, it can find non-frame things (and even let them hide frame ones!)
   // We don't quite do that, but do this as a fallback.
   DOM::DocumentImpl* doc  = static_cast<DOM::DocumentImpl*>(part->document().handle());
-  DOM::HTMLCollectionImpl docuAll(doc, DOM::HTMLCollectionImpl::DOC_ALL);
-  DOM::NodeImpl*     node = docuAll.namedItem(p.string());
-  if (node) {
-    if (node->id() == ID_FRAME || node->id() == ID_IFRAME) {
-      //Return the Window object.
-      KHTMLPart* part = static_cast<DOM::HTMLFrameElementImpl*>(node)->contentPart();
-      if (part)
-        return Value(Window::retrieveWindow(part));
-      else
-        return Undefined();
-    } else {
-      //Just a regular node..
-      return getDOMNode(exec, node);
+  if (doc) {
+    DOM::HTMLCollectionImpl docuAll(doc, DOM::HTMLCollectionImpl::DOC_ALL);
+    DOM::NodeImpl*     node = docuAll.namedItem(p.string());
+    if (node) {
+      if (node->id() == ID_FRAME || node->id() == ID_IFRAME) {
+        //Return the Window object.
+        KHTMLPart* part = static_cast<DOM::HTMLFrameElementImpl*>(node)->contentPart();
+        if (part)
+          return Value(Window::retrieveWindow(part));
+        else
+          return Undefined();
+      } else {
+        //Just a regular node..
+        return getDOMNode(exec, node);
+      }
     }
+  } else {
+    kdWarning(6070) << "Missing own document in FrameArray::get()" << endl;
   }
 
   return ObjectImp::get(exec, p);
Comment 3 Thorsten Staerk 2006-07-23 09:58:18 UTC
Thanks a lot, Maxim! KDE 3.5.4 will rock!
I tried it out, the crash no longer occurs.
Comment 4 Thorsten Staerk 2006-07-23 09:59:15 UTC
...and your name is Maksim. Sorry, Maksim.
Comment 5 Frank Reininghaus 2008-07-11 23:10:58 UTC
Maksim, can we mark this as fixed or is there a reason you didn't do it?
Comment 6 Maksim Orlovich 2008-07-11 23:20:34 UTC
Doesn't really matter, either way --- the underlying issue is still there, but there are other reports that deal with it, e.g. bug #166056
Comment 7 FiNeX 2008-11-22 02:25:38 UTC
As bug #166056 has been closed, can this be closed too? It is no more reproducible.
Comment 8 Thorsten Staerk 2008-11-22 08:48:17 UTC
This bug is not assigned to anyone and has no votes. So it is not important to anyone. As I am the reporter - I confirmed it to be fixed.