Bug 188061 - konqueror crashes instantly when accessing http://www.bostonstandard.co.uk with javascript switched on. OK with javascript switched off
Summary: konqueror crashes instantly when accessing http://www.bostonstandard.co.uk wi...
Status: RESOLVED FIXED
Alias: None
Product: konqueror
Classification: Applications
Component: general (show other bugs)
Version: unspecified
Platform: Mandriva RPMs Linux
: NOR crash
Target Milestone: ---
Assignee: Konqueror Developers
URL:
Keywords:
: 189662 (view as bug list)
Depends on:
Blocks:
 
Reported: 2009-03-25 10:25 UTC by Paul Dodgshun
Modified: 2009-04-18 18:22 UTC (History)
2 users (show)

See Also:
Latest Commit:
Version Fixed In:

Attachments
Add an attachment

Note You need to log in before you can comment on or make changes to this bug.
Description Paul Dodgshun 2009-03-25 10:25:48 UTC 
Version:           KDE 4.2.1 (using KDE 4.2.1)
Compiler:          Compiled by Mandriva as part of 2009.1 RC1 x86_64 release 
OS:                Linux
Installed from:    Mandriva RPMs

First reported to Mandriva.
Fault not present in konqueror 3.5.10.

Description From Paul Dodgshun on 2009-01-19 18:13:36 CEST 	

Description of problem:

Konqueror crashes instantly when accessing http://www.bostonstandard.co.uk/
with javascript switched on.

This is a fully updated fresh install of 2009.0 x86_64.  Firefox and Epiphany
are OK on this website.

I suggest that one of the javascript applets on this website has found a way to
crash konqueror that does not work on firefox or epiphany.


Application: Konqueror (konqueror), signal SIGSEGV
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
[Thread debugging using libthread_db enabled]
[New Thread 0x7f3c27e95700 (LWP 29797)]
[New Thread 0x424a5950 (LWP 30010)]
[KCrash handler]
#5  0x00007f3c195a16f9 in ?? () from /usr/lib64/libkhtml.so.5
#6  0x00007f3c19610c6f in ?? () from /usr/lib64/libkhtml.so.5
#7  0x00007f3c195a33b8 in ?? () from /usr/lib64/libkhtml.so.5
#8  0x00007f3c1959f21d in ?? () from /usr/lib64/libkhtml.so.5
#9  0x00007f3c19709c1c in ?? () from /usr/lib64/libkhtml.so.5
#10 0x00007f3c18f18f99 in KJS::JSObject::call () from /usr/lib64/libkjs.so.4
#11 0x00007f3c18f349ac in ?? () from /usr/lib64/libkjs.so.4
#12 0x00007f3c18eead99 in ?? () from /usr/lib64/libkjs.so.4
#13 0x00007f3c18f1bfa7 in KJS::Interpreter::evaluate ()
   from /usr/lib64/libkjs.so.4
#14 0x00007f3c18f1c0f3 in KJS::Interpreter::evaluate ()
   from /usr/lib64/libkjs.so.4
#15 0x00007f3c19749423 in ?? () from /usr/lib64/libkhtml.so.5
#16 0x00007f3c19528991 in KHTMLPart::executeScript ()
   from /usr/lib64/libkhtml.so.5
#17 0x00007f3c195cd3d9 in ?? () from /usr/lib64/libkhtml.so.5
#18 0x00007f3c195d0aa5 in ?? () from /usr/lib64/libkhtml.so.5
#19 0x00007f3c195d2a0c in ?? () from /usr/lib64/libkhtml.so.5
#20 0x00007f3c195d3ff5 in ?? () from /usr/lib64/libkhtml.so.5
#21 0x00007f3c195d5ed5 in ?? () from /usr/lib64/libkhtml.so.5
#22 0x00007f3c195d71f5 in ?? () from /usr/lib64/libkhtml.so.5
#23 0x00007f3c195d123d in ?? () from /usr/lib64/libkhtml.so.5
#24 0x00007f3c196e17bf in ?? () from /usr/lib64/libkhtml.so.5
#25 0x00007f3c196e19a4 in ?? () from /usr/lib64/libkhtml.so.5
#26 0x00007f3c196defad in ?? () from /usr/lib64/libkhtml.so.5
#27 0x00007f3c196df2d7 in ?? () from /usr/lib64/libkhtml.so.5
#28 0x00007f3c25e98c34 in QMetaObject::activate ()
   from /usr/lib64/libQtCore.so.4
#29 0x00007f3c26251802 in KJob::result () from /usr/lib64/libkdecore.so.5
#30 0x00007f3c26251b77 in KJob::emitResult () from /usr/lib64/libkdecore.so.5
#31 0x00007f3c26c3b6c0 in KIO::SimpleJob::slotFinished ()
   from /usr/lib64/libkio.so.5
#32 0x00007f3c26c3c243 in KIO::TransferJob::slotFinished ()
   from /usr/lib64/libkio.so.5
#33 0x00007f3c26c3d285 in KIO::TransferJob::qt_metacall ()
   from /usr/lib64/libkio.so.5
#34 0x00007f3c25e98c34 in QMetaObject::activate ()
   from /usr/lib64/libQtCore.so.4
#35 0x00007f3c26ce2671 in KIO::SlaveInterface::dispatch ()
   from /usr/lib64/libkio.so.5
#36 0x00007f3c26ce05c2 in KIO::SlaveInterface::dispatch ()
   from /usr/lib64/libkio.so.5
#37 0x00007f3c26cd3e1e in KIO::Slave::gotInput () from /usr/lib64/libkio.so.5
#38 0x00007f3c26cd4128 in KIO::Slave::qt_metacall ()
   from /usr/lib64/libkio.so.5
#39 0x00007f3c25e98c34 in QMetaObject::activate ()
   from /usr/lib64/libQtCore.so.4
#40 0x00007f3c26c104f1 in ?? () from /usr/lib64/libkio.so.5
#41 0x00007f3c26c10b9a in KIO::Connection::qt_metacall ()
   from /usr/lib64/libkio.so.5
#42 0x00007f3c25e938a5 in QObject::event () from /usr/lib64/libQtCore.so.4
#43 0x00007f3c24963a2d in QApplicationPrivate::notify_helper ()
   from /usr/lib64/libQtGui.so.4
#44 0x00007f3c2496b7ba in QApplication::notify ()
   from /usr/lib64/libQtGui.so.4
#45 0x00007f3c2679a51b in KApplication::notify ()
   from /usr/lib64/libkdeui.so.5
#46 0x00007f3c25e8485f in QCoreApplication::notifyInternal ()
   from /usr/lib64/libQtCore.so.4
#47 0x00007f3c25e854fa in QCoreApplicationPrivate::sendPostedEvents ()
   from /usr/lib64/libQtCore.so.4
#48 0x00007f3c25eacf73 in ?? () from /usr/lib64/libQtCore.so.4
#49 0x00007f3c215bf8d2 in g_main_context_dispatch ()
   from /usr/lib64/libglib-2.0.so.0
#50 0x00007f3c215c305d in ?? () from /usr/lib64/libglib-2.0.so.0
#51 0x00007f3c215c321b in g_main_context_iteration ()
   from /usr/lib64/libglib-2.0.so.0
#52 0x00007f3c25eacbff in QEventDispatcherGlib::processEvents ()
   from /usr/lib64/libQtCore.so.4
#53 0x00007f3c249f472f in ?? () from /usr/lib64/libQtGui.so.4
#54 0x00007f3c25e83182 in QEventLoop::processEvents ()
   from /usr/lib64/libQtCore.so.4
#55 0x00007f3c25e8330d in QEventLoop::exec () from /usr/lib64/libQtCore.so.4
#56 0x00007f3c25e857bd in QCoreApplication::exec ()
   from /usr/lib64/libQtCore.so.4
#57 0x00007f3c27a88ab4 in kdemain () from /usr/lib64/libkdeinit4_konqueror.so
#58 0x00007f3c2768e316 in __libc_start_main () from /lib64/libc.so.6
#59 0x00000000004005d9 in _start ()


Version-Release number of selected component (if applicable):
kdebase4-4.1.3-1.1mdv2009.0.src.rpm   for  konqueror 4.1.3 1.1mdv2009.0

How reproducible:
Every time with javascript switched on in konqueror.  OK if javascript switched
off.

Steps to Reproduce:
1. start konqueror with javascript switched on (java does not matter)
2. enter URL http://www.bostonstandard.co.uk/ and hit return
3. instant crash (also crashes if URL accesses pages deeper into website)

-------- Comment #1 From Paul Dodgshun on 2009-01-20 15:26:50 CEST -------- 	

Have since tested konqueror 3.5.10 in 32 and 64 bit versions of 2009.0

konqueror 3.5.10 does not have this fault, so bug 47132 as reported is a
regression.

-------- Comment #2 From Pacho Ramos on 2009-02-13 15:51:55 CEST -------- 	

Please install debug packages for getting an useful backtrace, you have some
instructions for cooker in:
http://www.linux-wizard.net/blog-help_debugging_kde4_for_20091_spring-248.html

(you have to point to 2009.0 repositories instead of cooker ones)
-- 
Mandriva Triage Team

-------- Comment #3 From Paul Dodgshun on 2009-02-13 19:15:34 CEST -------- 	

debug packages installed as requested
kdebase4-debug is installed according to urpmi
Seems to be a version problem with symbols which I will work on.

[paul@diamond .ssh]$ gdb konqueror
GNU gdb 6.8-2mdv2009.0 (Mandriva Linux release 2009.0)
Copyright (C) 2008 Free Software Foundation, Inc.     
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.           
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"   
and "show warranty" for details.                                             
This GDB was configured as "x86_64-mandriva-linux-gnu"...                    

warning: the debug information found in
"/usr/lib/debug//usr/bin/konqueror.debug" does not match "/usr/bin/konqueror"
(CRC mismatch).                         


warning: the debug information found in
"/usr/lib/debug/usr/bin/konqueror.debug" does not match "/usr/bin/konqueror"
(CRC mismatch).                          

(no debugging symbols found)
Missing debug package(s), you should install: kdebase4-debug
(gdb) run                                                   
Starting program: /usr/bin/konqueror                        
warning: the debug information found in
"/usr/lib/debug//usr/lib64/libkdeinit4_konqueror.so.debug" does not match
"/usr/lib64/libkdeinit4_konqueror.so" (CRC mismatch).                           

warning: the debug information found in
"/usr/lib/debug/usr/lib64/libkdeinit4_konqueror.so.debug" does not match
"/usr/lib64/libkdeinit4_konqueror.so" (CRC mismatch).                           

warning: the debug information found in
"/usr/lib/debug//usr/lib64/libkonquerorprivate.so.4.1.0.debug" does not match
"/usr/lib64/libkonquerorprivate.so.4" (CRC mismatch).                           

warning: the debug information found in
"/usr/lib/debug/usr/lib64/libkonquerorprivate.so.4.1.0.debug" does not match
"/usr/lib64/libkonquerorprivate.so.4" (CRC mismatch).                           

warning: the debug information found in
"/usr/lib/debug//usr/lib64/libkonq.so.5.1.0.debug" does not match
"/usr/lib64/libkonq.so.5" (CRC mismatch).           

warning: the debug information found in
"/usr/lib/debug/usr/lib64/libkonq.so.5.1.0.debug" does not match
"/usr/lib64/libkonq.so.5" (CRC mismatch).            

warning: the debug information found in
"/usr/lib/debug//usr/lib64/libkparts.so.4.1.0.debug" does not match
"/usr/lib64/libkparts.so.4" (CRC mismatch).       

warning: the debug information found in
"/usr/lib/debug/usr/lib64/libkparts.so.4.1.0.debug" does not match
"/usr/lib64/libkparts.so.4" (CRC mismatch).        

warning: the debug information found in
"/usr/lib/debug//usr/lib64/libkio.so.5.1.0.debug" does not match
"/usr/lib64/libkio.so.5" (CRC mismatch).             

warning: the debug information found in
"/usr/lib/debug/usr/lib64/libkio.so.5.1.0.debug" does not match
"/usr/lib64/libkio.so.5" (CRC mismatch).              

warning: the debug information found in
"/usr/lib/debug//usr/lib64/libkdeui.so.5.1.0.debug" does not match
"/usr/lib64/libkdeui.so.5" (CRC mismatch).         

warning: the debug information found in
"/usr/lib/debug/usr/lib64/libkdeui.so.5.1.0.debug" does not match
"/usr/lib64/libkdeui.so.5" (CRC mismatch).          

warning: the debug information found in
"/usr/lib/debug//usr/lib64/libkdecore.so.5.1.0.debug" does not match
"/usr/lib64/libkdecore.so.5" (CRC mismatch).     

warning: the debug information found in
"/usr/lib/debug/usr/lib64/libkdecore.so.5.1.0.debug" does not match
"/usr/lib64/libkdecore.so.5" (CRC mismatch).      

warning: the debug information found in
"/usr/lib/debug//usr/lib64/libkutils.so.4.1.0.debug" does not match
"/usr/lib64/libkutils.so.4" (CRC mismatch).       

warning: the debug information found in
"/usr/lib/debug/usr/lib64/libkutils.so.4.1.0.debug" does not match
"/usr/lib64/libkutils.so.4" (CRC mismatch).        

warning: the debug information found in
"/usr/lib/debug//usr/lib64/libsolid.so.4.1.0.debug" does not match
"/usr/lib64/libsolid.so.4" (CRC mismatch).         

warning: the debug information found in
"/usr/lib/debug/usr/lib64/libsolid.so.4.1.0.debug" does not match
"/usr/lib64/libsolid.so.4" (CRC mismatch).          

[Thread debugging using libthread_db enabled]
[New Thread 0x7f5349c12700 (LWP 8107)]       
warning: the debug information found in
"/usr/lib/debug//usr/lib64/kde4/plugins/imageformats/kimg_dds.so.debug" does
not match "/usr/lib64/kde4/plugins/imageformats/kimg_dds.so" (CRC mismatch).    

warning: the debug information found in
"/usr/lib/debug/usr/lib64/kde4/plugins/imageformats/kimg_dds.so.debug" does not
match "/usr/lib64/kde4/plugins/imageformats/kimg_dds.so" (CRC mismatch).        

warning: the debug information found in
"/usr/lib/debug//usr/lib64/kde4/plugins/imageformats/kimg_eps.so.debug" does
not match "/usr/lib64/kde4/plugins/imageformats/kimg_eps.so" (CRC mismatch).    

warning: the debug information found in
"/usr/lib/debug/usr/lib64/kde4/plugins/imageformats/kimg_eps.so.debug" does not
match "/usr/lib64/kde4/plugins/imageformats/kimg_eps.so" (CRC mismatch).        

warning: the debug information found in
"/usr/lib/debug//usr/lib64/kde4/plugins/imageformats/kimg_exr.so.debug" does
not match "/usr/lib64/kde4/plugins/imageformats/kimg_exr.so" (CRC mismatch).    

warning: the debug information found in
"/usr/lib/debug/usr/lib64/kde4/plugins/imageformats/kimg_exr.so.debug" does not
match "/usr/lib64/kde4/plugins/imageformats/kimg_exr.so" (CRC mismatch).        

warning: the debug information found in
"/usr/lib/debug//usr/lib64/kde4/plugins/imageformats/kimg_jp2.so.debug" does
not match "/usr/lib64/kde4/plugins/imageformats/kimg_jp2.so" (CRC mismatch).    

warning: the debug information found in
"/usr/lib/debug/usr/lib64/kde4/plugins/imageformats/kimg_jp2.so.debug" does not
match "/usr/lib64/kde4/plugins/imageformats/kimg_jp2.so" (CRC mismatch).        

warning: the debug information found in
"/usr/lib/debug//usr/lib64/kde4/plugins/imageformats/kimg_pcx.so.debug" does
not match "/usr/lib64/kde4/plugins/imageformats/kimg_pcx.so" (CRC mismatch).    

warning: the debug information found in
"/usr/lib/debug/usr/lib64/kde4/plugins/imageformats/kimg_pcx.so.debug" does not
match "/usr/lib64/kde4/plugins/imageformats/kimg_pcx.so" (CRC mismatch).        

warning: the debug information found in
"/usr/lib/debug//usr/lib64/kde4/plugins/imageformats/kimg_psd.so.debug" does
not match "/usr/lib64/kde4/plugins/imageformats/kimg_psd.so" (CRC mismatch).    

warning: the debug information found in
"/usr/lib/debug/usr/lib64/kde4/plugins/imageformats/kimg_psd.so.debug" does not
match "/usr/lib64/kde4/plugins/imageformats/kimg_psd.so" (CRC mismatch).        

warning: the debug information found in
"/usr/lib/debug//usr/lib64/kde4/plugins/imageformats/kimg_rgb.so.debug" does
not match "/usr/lib64/kde4/plugins/imageformats/kimg_rgb.so" (CRC mismatch).    

warning: the debug information found in
"/usr/lib/debug/usr/lib64/kde4/plugins/imageformats/kimg_rgb.so.debug" does not
match "/usr/lib64/kde4/plugins/imageformats/kimg_rgb.so" (CRC mismatch).        

warning: the debug information found in
"/usr/lib/debug//usr/lib64/kde4/plugins/imageformats/kimg_tga.so.debug" does
not match "/usr/lib64/kde4/plugins/imageformats/kimg_tga.so" (CRC mismatch).    

warning: the debug information found in
"/usr/lib/debug/usr/lib64/kde4/plugins/imageformats/kimg_tga.so.debug" does not
match "/usr/lib64/kde4/plugins/imageformats/kimg_tga.so" (CRC mismatch).        

warning: the debug information found in
"/usr/lib/debug//usr/lib64/kde4/plugins/imageformats/kimg_xcf.so.debug" does
not match "/usr/lib64/kde4/plugins/imageformats/kimg_xcf.so" (CRC mismatch).    

warning: the debug information found in
"/usr/lib/debug/usr/lib64/kde4/plugins/imageformats/kimg_xcf.so.debug" does not
match "/usr/lib64/kde4/plugins/imageformats/kimg_xcf.so" (CRC mismatch).        

warning: the debug information found in
"/usr/lib/debug//usr/lib64/kde4/plugins/imageformats/kimg_xview.so.debug" does
not match "/usr/lib64/kde4/plugins/imageformats/kimg_xview.so" (CRC mismatch).  

warning: the debug information found in
"/usr/lib/debug/usr/lib64/kde4/plugins/imageformats/kimg_xview.so.debug" does
not match "/usr/lib64/kde4/plugins/imageformats/kimg_xview.so" (CRC mismatch).  

warning: the debug information found in
"/usr/lib/debug//usr/lib64/kde4/libkhtmlpart.so.debug" does not match
"/usr/lib64/kde4/libkhtmlpart.so" (CRC mismatch).                               

warning: the debug information found in
"/usr/lib/debug/usr/lib64/kde4/libkhtmlpart.so.debug" does not match
"/usr/lib64/kde4/libkhtmlpart.so" (CRC mismatch).

warning: the debug information found in
"/usr/lib/debug//usr/lib64/libkhtml.so.5.1.0.debug" does not match
"/usr/lib64/libkhtml.so.5" (CRC mismatch).         

warning: the debug information found in
"/usr/lib/debug/usr/lib64/libkhtml.so.5.1.0.debug" does not match
"/usr/lib64/libkhtml.so.5" (CRC mismatch).          

warning: the debug information found in
"/usr/lib/debug//usr/lib64/libktexteditor.so.4.1.0.debug" does not match
"/usr/lib64/libktexteditor.so.4" (CRC mismatch).                                

warning: the debug information found in
"/usr/lib/debug/usr/lib64/libktexteditor.so.4.1.0.debug" does not match
"/usr/lib64/libktexteditor.so.4" (CRC mismatch).                                

warning: the debug information found in
"/usr/lib/debug//usr/lib64/libkjs.so.4.1.0.debug" does not match
"/usr/lib64/libkjs.so.4" (CRC mismatch).             

warning: the debug information found in
"/usr/lib/debug/usr/lib64/libkjs.so.4.1.0.debug" does not match
"/usr/lib64/libkjs.so.4" (CRC mismatch).              

warning: the debug information found in
"/usr/lib/debug//usr/lib64/kde4/khtml_kget.so.debug" does not match
"/usr/lib64/kde4/khtml_kget.so" (CRC mismatch).   

warning: the debug information found in
"/usr/lib/debug/usr/lib64/kde4/khtml_kget.so.debug" does not match
"/usr/lib64/kde4/khtml_kget.so" (CRC mismatch).    

warning: the debug information found in
"/usr/lib/debug//usr/lib64/kde4/khtmlkttsdplugin.so.debug" does not match
"/usr/lib64/kde4/khtmlkttsdplugin.so" (CRC mismatch).                           

warning: the debug information found in
"/usr/lib/debug/usr/lib64/kde4/khtmlkttsdplugin.so.debug" does not match
"/usr/lib64/kde4/khtmlkttsdplugin.so" (CRC mismatch).                           

konqueror(8107) KConfigGroup::readXdgListEntry: List entry mime in
"/usr/share/apps/kjava/pluginsinfo" is not compliant with XDG standard (missing
trailing semicolon).                                                            
konqueror(8107) KConfigGroup::readXdgListEntry: List entry mime in
"/usr/share/apps/kjava/pluginsinfo" is not compliant with XDG standard (missing
trailing semicolon).                                                            

Program received signal SIGSEGV, Segmentation fault.
0x00007f533b31a6f9 in ?? () from /usr/lib64/libkhtml.so.5
(gdb) thread apply all backtrace                         

Thread 1 (Thread 0x7f5349c12700 (LWP 8107)):
#0  0x00007f533b31a6f9 in ?? () from /usr/lib64/libkhtml.so.5
#1  0x00007f533b389c6f in ?? () from /usr/lib64/libkhtml.so.5
#2  0x00007f533b31c3b8 in ?? () from /usr/lib64/libkhtml.so.5
#3  0x00007f533b31821d in ?? () from /usr/lib64/libkhtml.so.5
#4  0x00007f533b482c1c in ?? () from /usr/lib64/libkhtml.so.5
#5  0x00007f533ac91f99 in KJS::JSObject::call () from /usr/lib64/libkjs.so.4
#6  0x00007f533acad9ac in ?? () from /usr/lib64/libkjs.so.4                 
#7  0x00007f533ac63d99 in ?? () from /usr/lib64/libkjs.so.4                 
#8  0x00007f533ac94fa7 in KJS::Interpreter::evaluate ()                     
   from /usr/lib64/libkjs.so.4                                              
#9  0x00007f533ac950f3 in KJS::Interpreter::evaluate ()                     
   from /usr/lib64/libkjs.so.4                                              
#10 0x00007f533b4c2423 in ?? () from /usr/lib64/libkhtml.so.5               
#11 0x00007f533b2a1991 in KHTMLPart::executeScript ()                       
   from /usr/lib64/libkhtml.so.5                                            
#12 0x00007f533b3463d9 in ?? () from /usr/lib64/libkhtml.so.5               
#13 0x00007f533b349aa5 in ?? () from /usr/lib64/libkhtml.so.5               
#14 0x00007f533b45a7bf in ?? () from /usr/lib64/libkhtml.so.5               
#15 0x00007f533b45a9a4 in ?? () from /usr/lib64/libkhtml.so.5               
#16 0x00007f533b457fad in ?? () from /usr/lib64/libkhtml.so.5               
#17 0x00007f533b4582d7 in ?? () from /usr/lib64/libkhtml.so.5               
#18 0x00007f5347c16c34 in QMetaObject::activate (sender=0x19de6c0,          
    from_signal_index=<value optimized out>, to_signal_index=7, argv=0x0)   
    at kernel/qobject.cpp:3031                                              
#19 0x00007f5347fcf802 in KJob::result () from /usr/lib64/libkdecore.so.5   
#20 0x00007f5347fcfb77 in KJob::emitResult () from /usr/lib64/libkdecore.so.5
#21 0x00007f53489b96c0 in KIO::SimpleJob::slotFinished ()                    
   from /usr/lib64/libkio.so.5                                               
#22 0x00007f53489ba243 in KIO::TransferJob::slotFinished ()                  
   from /usr/lib64/libkio.so.5                                               
#23 0x00007f53489bb285 in KIO::TransferJob::qt_metacall ()                   
   from /usr/lib64/libkio.so.5                                               
#24 0x00007f5347c16c34 in QMetaObject::activate (sender=0x1c773d0,           
    from_signal_index=<value optimized out>, to_signal_index=8, argv=0x0)    
    at kernel/qobject.cpp:3031                                               
#25 0x00007f5348a60671 in KIO::SlaveInterface::dispatch ()                   
   from /usr/lib64/libkio.so.5                                               
#26 0x00007f5348a5e5c2 in KIO::SlaveInterface::dispatch ()                   
   from /usr/lib64/libkio.so.5                                               
#27 0x00007f5348a51e1e in KIO::Slave::gotInput () from /usr/lib64/libkio.so.5
#28 0x00007f5348a52128 in KIO::Slave::qt_metacall ()
   from /usr/lib64/libkio.so.5
#29 0x00007f5347c16c34 in QMetaObject::activate (sender=0x1cbc5e0,
    from_signal_index=<value optimized out>, to_signal_index=4, argv=0x0)
---Type <return> to continue, or q <return> to quit---
    at kernel/qobject.cpp:3031
#30 0x00007f534898e4f1 in ?? () from /usr/lib64/libkio.so.5
#31 0x00007f534898eb9a in KIO::Connection::qt_metacall ()
   from /usr/lib64/libkio.so.5
#32 0x00007f5347c118a5 in QObject::event (this=0x1cbc5e0, e=0x1c3c1d0)
    at kernel/qobject.cpp:1155
#33 0x00007f53466e1a2d in QApplicationPrivate::notify_helper (this=0x12cc0c0,
    receiver=0x1cbc5e0, e=0x1c3c1d0) at kernel/qapplication.cpp:3803
#34 0x00007f53466e97ba in QApplication::notify (this=0x7fff51c49250,
    receiver=0x1cbc5e0, e=0x1c3c1d0) at kernel/qapplication.cpp:3768
#35 0x00007f534851851b in KApplication::notify ()
   from /usr/lib64/libkdeui.so.5
#36 0x00007f5347c0285f in QCoreApplication::notifyInternal (
    this=0x7fff51c49250, receiver=0x1cbc5e0, event=0x1c3c1d0)
    at kernel/qcoreapplication.cpp:587
#37 0x00007f5347c034fa in QCoreApplicationPrivate::sendPostedEvents (
    receiver=0x0, event_type=0, data=0x12b1e70)
    at kernel/qcoreapplication.h:209
#38 0x00007f5347c2af73 in postEventSourceDispatch (s=<value optimized out>)
    at kernel/qcoreapplication.h:214
#39 0x00007f534333d8d2 in g_main_context_dispatch ()
   from /usr/lib64/libglib-2.0.so.0
#40 0x00007f534334105d in ?? () from /usr/lib64/libglib-2.0.so.0
#41 0x00007f534334121b in g_main_context_iteration ()
   from /usr/lib64/libglib-2.0.so.0
#42 0x00007f5347c2abff in QEventDispatcherGlib::processEvents (
    this=0x12cbfc0, flags=<value optimized out>)
    at kernel/qeventdispatcher_glib.cpp:319
#43 0x00007f534677272f in QGuiEventDispatcherGlib::processEvents (this=0xc,
    flags=<value optimized out>) at kernel/qguieventdispatcher_glib.cpp:198
#44 0x00007f5347c01182 in QEventLoop::processEvents (
    this=<value optimized out>, flags={i = 1371836304})
    at kernel/qeventloop.cpp:143
#45 0x00007f5347c0130d in QEventLoop::exec (this=0x7fff51c48fd0, flags=
      {i = 1371836384}) at kernel/qeventloop.cpp:194
#46 0x00007f5347c037bd in QCoreApplication::exec ()
    at kernel/qcoreapplication.cpp:845
#47 0x00007f5349806ab4 in kdemain () from /usr/lib64/libkdeinit4_konqueror.so
#48 0x00007f534940c316 in __libc_start_main () from /lib64/libc.so.6
#49 0x00000000004005d9 in _start ()
(gdb)
(gdb)

-------- Comment #4 From Paul Dodgshun on 2009-02-13 20:38:26 CEST -------- 	

Tried another approach.
Saved www.bostonstandard.co.uk home page source file.
Edited it to look to http://www.bostonstandard.co.uk/... for src files.
Opened saved file in Konqueror

Error reported at www.bostonstandard.co.uk/template/javascript/wtbase.js line
34
TypeError: Null Value

32function dcsGetIdCrumb(name,crumb){

33    var cookie=dcsGetCookie(name);

34    var id=cookie.substring(0,cookie.indexOf(":lv="));

35    var aCrumb=id.split("=");

36    for (var i=0;i<aCrumb.length;i++){

37        if (crumb==aCrumb[0]){

38            return aCrumb[1];

39        }

40    }

41    return null;


Stepped over error line with Konqueror Javascript Debugger - result crash.

-------- Comment #5 From Paul Dodgshun on 2009-03-19 09:40:23 CEST -------- 	

Konqueror continues to crash in exactly the same way in 2009.1 RC1 x86_64
(released 11/3/2009) with javascript switched on.  OK with javascript switched
off.  Bug still present.

-------- Comment #6 From Nicolas Lécureuil on 2009-03-24 22:35:36 CEST -------- 	

can you please report this bug on kde bugzilla ?
Comment 1 Dario Andres 2009-03-25 13:56:18 UTC 
Here using:

Qt: 4.5.0 + qt-copy-patches-936035
KDE: 4.2.67 (KDE 4.2.67 (KDE 4.3 >= 20090318))
kdelibs svn rev. 944099 / kdebase svn rev. 944099
on ArchLinux i686 - Kernel 2.6.28.7

I can reproduce the crash with the following backtrace:

Application: Konqueror (konqueror), signal SIGSEGV

[Current thread is 0 (LWP 3139)]

Thread 3 (Thread 0xb2694b90 (LWP 3144)):
#0  0xb803e424 in __kernel_vsyscall ()
#1  0xb728ff82 in pthread_cond_timedwait@@GLIBC_2.3.2 () from /lib/libpthread.so.0
#2  0xb72ee71c in QWaitCondition::wait (this=0x90db278, mutex=0x90db274, time=30000) at thread/qwaitcondition_unix.cpp:85
#3  0xb72e3da6 in QThreadPoolThread::run (this=0x90db3c8) at concurrent/qthreadpool.cpp:140
#4  0xb72edb60 in QThreadPrivate::start (arg=0x90db3c8) at thread/qthread_unix.cpp:189
#5  0xb728c155 in start_thread () from /lib/libpthread.so.0
#6  0xb66cca5e in clone () from /lib/libc.so.6

Thread 2 (Thread 0xb1c9eb90 (LWP 3151)):
#0  0xb803e424 in __kernel_vsyscall ()
#1  0xb66c5ab1 in select () from /lib/libc.so.6
#2  0xb73bdb07 in QProcessManager::run (this=0x8b37280) at io/qprocess_unix.cpp:305
#3  0xb72edb60 in QThreadPrivate::start (arg=0x8b37280) at thread/qthread_unix.cpp:189
#4  0xb728c155 in start_thread () from /lib/libpthread.so.0
#5  0xb66cca5e in clone () from /lib/libc.so.6

Thread 1 (Thread 0xb5f4d700 (LWP 3139)):
[KCrash Handler]
#6  DOM::AttributeImpl::rewriteValue (this=0xbfe57910, newValue=@0xbfe5789c) at /home/kde-devel/kde/src/KDE/kdelibs/khtml/misc/shared.h:39
#7  0xb3fc28f7 in DOM::HTMLTableElementImpl::parseAttribute (this=0x94c0e18, attr=0xbfe57910) at /home/kde-devel/kde/src/KDE/kdelibs/khtml/html/html_tableimpl.cpp:469
#8  0xb3f4cc27 in DOM::NamedAttrMapImpl::removeNamedItem (this=0x94c0cd0, id=65658, prefix=@0xbfe57968, nsAware=<value optimized out>, exceptioncode=@0xbfe57ae8)
    at /home/kde-devel/kde/src/KDE/kdelibs/khtml/xml/dom_elementimpl.h:271
#9  0xb3f4887f in DOM::ElementImpl::removeAttribute (this=0x94c0e18, name=@0xbfe57abc, exceptioncode=@0xbfe57ae8) at /home/kde-devel/kde/src/KDE/kdelibs/khtml/xml/dom_elementimpl.cpp:636
#10 0xb40ecf5a in DOMElementProtoFunc::callAsFunction (this=0xb272a860, exec=0xbfe58254, thisObj=0xb272a7e0, args=@0xbfe581a4) at /home/kde-devel/kde/src/KDE/kdelibs/khtml/ecma/kjs_dom.cpp:1316
#11 0xb3d6cbed in KJS::JSObject::call (this=0x29, exec=0xbfe58254, thisObj=0xb272a7e0, args=@0xbfe581a4) at /home/kde-devel/kde/src/KDE/kdelibs/kjs/object.cpp:69
#12 0xb3d8925b in KJS::Machine::runBlock (exec=0xbfe58254, codeBlock=@0xbfe5789c, parentExec=0x0) at codes.def:1192
#13 0xb3d3cb00 in KJS::FunctionBodyNode::execute (this=0x940ea38, exec=0xbfe58254) at /home/kde-devel/kde/src/KDE/kdelibs/kjs/nodes.cpp:927
#14 0xb3d6f84a in KJS::Interpreter::evaluate (this=0x8eab548, sourceURL=@0xbfe58404, startingLineNumber=0, code=0x940dfe0, codeLength=1075, thisV=0xb2700000)
    at /home/kde-devel/kde/src/KDE/kdelibs/kjs/interpreter.cpp:553
#15 0xb3d6f9d7 in KJS::Interpreter::evaluate (this=0x8eab548, sourceURL=@0xbfe58404, startingLineNumber=0, code=@0xbfe58408, thisV=0xb2700000)
    at /home/kde-devel/kde/src/KDE/kdelibs/kjs/interpreter.cpp:493
#16 0xb413a619 in KJS::KJSProxyImpl::evaluate (this=0x8e97c40, filename=
      {static null = {<No data fields>}, static shared_null = {ref = {_q_value = 13467}, alloc = 0, size = 0, data = 0xb7490b5a, clean = 0, simpletext = 0, righttoleft = 0, asciiCache = 0, capacity = 0, reserved = 0, array = {0}}, static shared_empty = {ref = {_q_value = 170}, alloc = 0, size = 0, data = 0xb7490b6e, clean = 0, simpletext = 0, righttoleft = 0, asciiCache = 0, capacity = 0, reserved = 0, array = {0}}, d = 0xbfe58498, static codecForCStrings = 0x0}, baseLine=0, str=@0xbfe586c4, n=@0xbfe584fc, completion=0xbfe58470)
    at /home/kde-devel/kde/src/KDE/kdelibs/khtml/ecma/kjs_proxy.cpp:158
#17 0xb3ee380e in KHTMLPart::executeScript (this=0x8f910c8, filename=@0xbfe58518, baseLine=0, n=@0xbfe584fc, script=@0xbfe586c4) at /home/kde-devel/kde/src/KDE/kdelibs/khtml/khtml_part.cpp:1320
#18 0xb3f7bb39 in khtml::HTMLTokenizer::scriptExecution (this=0x8f22720, str=@0xbfe586c4, scriptURL=@0xbfe586c8, baseLine=0) at /home/kde-devel/kde/src/KDE/kdelibs/khtml/html/htmltokenizer.cpp:501
#19 0xb3f7fd83 in khtml::HTMLTokenizer::notifyFinished (this=0x8f22720) at /home/kde-devel/kde/src/KDE/kdelibs/khtml/html/htmltokenizer.cpp:2123
#20 0xb40a886d in khtml::CachedScript::checkNotify (this=0x94d5678) at /home/kde-devel/kde/src/KDE/kdelibs/khtml/misc/loader.cpp:391
#21 0xb40abfcc in khtml::CachedScript::data (this=0x94d5678, buffer=@0x94ce8e4, eof=true) at /home/kde-devel/kde/src/KDE/kdelibs/khtml/misc/loader.cpp:383
#22 0xb40abbf2 in khtml::Loader::slotFinished (this=0x8e35980, job=0x9460658) at /home/kde-devel/kde/src/KDE/kdelibs/khtml/misc/loader.cpp:1408
#23 0xb40b1e37 in khtml::Loader::qt_metacall (this=0x8e35980, _c=QMetaObject::InvokeMetaMethod, _id=3, _a=0xbfe588dc) at /home/kde-devel/kde/build/KDE/kdelibs/khtml/loader.moc:131
#24 0xb73f34c1 in QMetaObject::activate (sender=0x9460658, from_signal_index=<value optimized out>, to_signal_index=7, argv=0xbfe588dc) at kernel/qobject.cpp:3066
#25 0xb73f3ad2 in QMetaObject::activate (sender=0x9460658, m=0xb7718128, local_signal_index=3, argv=0xbfe588dc) at kernel/qobject.cpp:3143
#26 0xb75c3733 in KJob::result (this=0x9460658, _t1=0x9460658) at /home/kde-devel/kde/build/KDE/kdelibs/kdecore/kjob.moc:188
#27 0xb75c3bd9 in KJob::emitResult (this=0x9460658) at /home/kde-devel/kde/src/KDE/kdelibs/kdecore/jobs/kjob.cpp:294
#28 0xb7ce4d35 in KIO::SimpleJob::slotFinished (this=0x9460658) at /home/kde-devel/kde/src/KDE/kdelibs/kio/kio/job.cpp:485
#29 0xb7ce5fa3 in KIO::TransferJob::slotFinished (this=0x9460658) at /home/kde-devel/kde/src/KDE/kdelibs/kio/kio/job.cpp:962
#30 0xb7ce708b in KIO::TransferJob::qt_metacall (this=0x9460658, _c=QMetaObject::InvokeMetaMethod, _id=7, _a=0xbfe58b18) at /home/kde-devel/kde/build/KDE/kdelibs/kio/jobclasses.moc:343
#31 0xb73f34c1 in QMetaObject::activate (sender=0x8e6e018, from_signal_index=<value optimized out>, to_signal_index=8, argv=0x0) at kernel/qobject.cpp:3066
#32 0xb73f3ad2 in QMetaObject::activate (sender=0x8e6e018, m=0xb7e9aca4, local_signal_index=4, argv=0x0) at kernel/qobject.cpp:3143
#33 0xb7dada87 in KIO::SlaveInterface::finished (this=0x8e6e018) at /home/kde-devel/kde/build/KDE/kdelibs/kio/slaveinterface.moc:165
#34 0xb7db17c7 in KIO::SlaveInterface::dispatch (this=0x8e6e018, _cmd=104, rawdata=@0xbfe58ce4) at /home/kde-devel/kde/src/KDE/kdelibs/kio/kio/slaveinterface.cpp:175
#35 0xb7dadf67 in KIO::SlaveInterface::dispatch (this=0x8e6e018) at /home/kde-devel/kde/src/KDE/kdelibs/kio/kio/slaveinterface.cpp:91
#36 0xb7d9e3dd in KIO::Slave::gotInput (this=0x8e6e018) at /home/kde-devel/kde/src/KDE/kdelibs/kio/kio/slave.cpp:322
#37 0xb7da0873 in KIO::Slave::qt_metacall (this=0x8e6e018, _c=QMetaObject::InvokeMetaMethod, _id=2, _a=0xbfe58df8) at /home/kde-devel/kde/build/KDE/kdelibs/kio/slave.moc:76
#38 0xb73f34c1 in QMetaObject::activate (sender=0x924ccf0, from_signal_index=<value optimized out>, to_signal_index=4, argv=0x0) at kernel/qobject.cpp:3066
#39 0xb73f3ad2 in QMetaObject::activate (sender=0x924ccf0, m=0xb7e97640, local_signal_index=0, argv=0x0) at kernel/qobject.cpp:3143
#40 0xb7cab497 in KIO::Connection::readyRead (this=0x924ccf0) at /home/kde-devel/kde/build/KDE/kdelibs/kio/connection.moc:86
#41 0xb7cacdf3 in KIO::ConnectionPrivate::dequeue (this=0x92b2150) at /home/kde-devel/kde/src/KDE/kdelibs/kio/kio/connection.cpp:82
#42 0xb7cad1d6 in KIO::Connection::qt_metacall (this=0x924ccf0, _c=QMetaObject::InvokeMetaMethod, _id=1, _a=0x942b420) at /home/kde-devel/kde/build/KDE/kdelibs/kio/connection.moc:73
#43 0xb73ebe6b in QMetaCallEvent::placeMetaCall (this=0x939d2d8, object=0x924ccf0) at kernel/qobject.cpp:489
#44 0xb73ee0c0 in QObject::event (this=0x924ccf0, e=0x939d2d8) at kernel/qobject.cpp:1115
#45 0xb6b0a00c in QApplicationPrivate::notify_helper (this=0x8b339a0, receiver=0x924ccf0, e=0x939d2d8) at kernel/qapplication.cpp:4084
#46 0xb6b12bbf in QApplication::notify (this=0xbfe59748, receiver=0x924ccf0, e=0x939d2d8) at kernel/qapplication.cpp:3631
#47 0xb7933b0d in KApplication::notify (this=0xbfe59748, receiver=0x924ccf0, event=0x939d2d8) at /home/kde-devel/kde/src/KDE/kdelibs/kdeui/kernel/kapplication.cpp:307
#48 0xb73dd11b in QCoreApplication::notifyInternal (this=0xbfe59748, receiver=0x924ccf0, event=0x939d2d8) at kernel/qcoreapplication.cpp:598
#49 0xb73e0ad3 in QCoreApplicationPrivate::sendPostedEvents (receiver=0x0, event_type=0, data=0x8b01c60) at ../../include/QtCore/../../src/corelib/kernel/qcoreapplication.h:213
#50 0xb73e0cdd in QCoreApplication::sendPostedEvents (receiver=0x0, event_type=0) at kernel/qcoreapplication.cpp:1132
#51 0xb7407d6f in postEventSourceDispatch (s=0x8b35d18) at ../../include/QtCore/../../src/corelib/kernel/qcoreapplication.h:218
#52 0xb6287311 in g_main_context_dispatch () from /usr/lib/libglib-2.0.so.0
#53 0xb628a9a3 in g_main_context_iterate () from /usr/lib/libglib-2.0.so.0
#54 0xb628ab61 in g_main_context_iteration () from /usr/lib/libglib-2.0.so.0
#55 0xb7407a58 in QEventDispatcherGlib::processEvents (this=0x8b33980, flags={i = -1075473272}) at kernel/qeventdispatcher_glib.cpp:323
#56 0xb6ba2535 in QGuiEventDispatcherGlib::processEvents (this=0x8b33980, flags={i = -1075473224}) at kernel/qguieventdispatcher_glib.cpp:202
#57 0xb73dbb5a in QEventLoop::processEvents (this=0xbfe59520, flags={i = -1075473160}) at kernel/qeventloop.cpp:149
#58 0xb73dbd1a in QEventLoop::exec (this=0xbfe59520, flags={i = -1075473112}) at kernel/qeventloop.cpp:196
#59 0xb73e0da1 in QCoreApplication::exec () at kernel/qcoreapplication.cpp:880
#60 0xb6b09d37 in QApplication::exec () at kernel/qapplication.cpp:3553
#61 0xb802551f in kdemain (argc=2, argv=0xbfe59ac4) at /home/kde-devel/kde/src/KDE/kdebase/apps/konqueror/src/konqmain.cpp:257
#62 0x08048732 in main (argc=) at /home/kde-devel/kde/build/KDE/kdebase/apps/konqueror/src/konqueror_dummy.cpp:3
Comment 2 Dario Andres 2009-03-25 15:40:51 UTC 
I mean using:

Qt: 4.5.0 + qt-copy-patches-936035
KDE: 4.2.67 (KDE 4.2.67 (KDE 4.3 >= 20090318))
kdelibs svn rev. 944348 / kdebase svn rev. 944348
on ArchLinux i686 - Kernel 2.6.28.7
Comment 3 Maksim Orlovich 2009-03-25 16:33:35 UTC 
Looks simple enough:

==6124== Invalid read of size 4
==6124==    at 0xA2BFB80: DOM::AttributeImpl::rewriteValue(DOM::DOMString const&) (shared.h:39)
==6124==    by 0xA33F246: DOM::HTMLTableElementImpl::parseAttribute(DOM::AttributeImpl*) (html_tableimpl.cpp:469)
==6124==    by 0xA2C8B29: DOM::ElementImpl::parseNullAttribute(unsigned int, khtml::IDString<khtml::PrefixFactory>) (dom_elementimpl.h:271)
==6124==    by 0xA2C32D9: DOM::NamedAttrMapImpl::removeNamedItem(unsigned int, khtml::IDString<khtml::PrefixFactory> const&, bool, int&) (dom_elementimpl.cpp:1419)
==6124==    by 0xA2C039E: DOM::ElementImpl::removeAttribute(DOM::DOMString const&, int&) (dom_elementimpl.cpp:636)
==6124==    by 0xA48C45F: DOMElementProtoFunc::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List const&) (kjs_dom.cpp:1316)
==6124==    by 0x7F18EBC: KJS::JSObject::call(KJS::ExecState*, KJS::JSObject*, KJS::List const&) (object.cpp:69)
==6124==    by 0x7F34EF0: KJS::Machine::runBlock(KJS::ExecState*, WTF::Vector<unsigned char, 0u> const&, KJS::ExecState*) (codes.def:1192)
==6124==    by 0x7EE85D4: KJS::FunctionBodyNode::execute(KJS::ExecState*) (nodes.cpp:927)
==6124==    by 0x7F1BB79: KJS::Interpreter::evaluate(KJS::UString const&, int, KJS::UChar const*, int, KJS::JSValue*) (interpreter.cpp:553)
==6124==    by 0x7F1BD06: KJS::Interpreter::evaluate(KJS::UString const&, int, KJS::UString const&, KJS::JSValue*) (interpreter.cpp:493)
==6124==    by 0xA4E2D08: KJS::KJSProxyImpl::evaluate(QString, int, QString const&, DOM::Node const&, KJS::Completion*) (kjs_proxy.cpp:158)
==6124==  Address 0x0 is not stack'd, malloc'd or (recently) free'd
Comment 4 Tommi Tervo 2009-04-15 10:15:07 UTC 
*** Bug 189662 has been marked as a duplicate of this bug. ***
Comment 5 Maksim Orlovich 2009-04-18 17:50:49 UTC 
SVN commit 955821 by orlovich:

Don't crash when attempting attribute value normalization during removeAttribute
BUG: 188061


 M  +6 -0      dom_elementimpl.cpp  


WebSVN link: http://websvn.kde.org/?view=rev&revision=955821
Comment 6 Maksim Orlovich 2009-04-18 17:55:15 UTC 
SVN commit 955823 by orlovich:

automatically merged revision 955821:
Don't crash when attempting attribute value normalization during removeAttribute
BUG: 188061

 M  +6 -0      dom_elementimpl.cpp  


WebSVN link: http://websvn.kde.org/?view=rev&revision=955823
Comment 7 Maksim Orlovich 2009-04-18 18:22:14 UTC 
SVN commit 955837 by orlovich:

Regression test for #188061
CCBUG:188061


 M  +2 -0      baseline/dom/svnignore  
 A             baseline/dom/table-remove-border-normalize-crash.html-dom  
 A             tests/dom/table-remove-border-normalize-crash.html  


WebSVN link: http://websvn.kde.org/?view=rev&revision=955837