Version: (using KDE 4.2.2) Installed from: Mandriva RPMs A mandriva user reported me a crash on konqueror. I reproduced but i have pbs with my debugs so for the moment i can't give a better backtrace : Description of problem: Konqueror crashes instantly when accessing http://www.bostonstandard.co.uk/ with javascript switched on. This is a fully updated fresh install of 2009.0 x86_64. Firefox and Epiphany are OK on this website. I suggest that one of the javascript applets on this website has found a way to crash konqueror that does not work on firefox or epiphany. Application: Konqueror (konqueror), signal SIGSEGV [Thread debugging using libthread_db enabled] [New Thread 0x7f3c27e95700 (LWP 29797)] [New Thread 0x424a5950 (LWP 30010)] [KCrash handler] #5 0x00007f3c195a16f9 in ?? () from /usr/lib64/libkhtml.so.5 #6 0x00007f3c19610c6f in ?? () from /usr/lib64/libkhtml.so.5 #7 0x00007f3c195a33b8 in ?? () from /usr/lib64/libkhtml.so.5 #8 0x00007f3c1959f21d in ?? () from /usr/lib64/libkhtml.so.5 #9 0x00007f3c19709c1c in ?? () from /usr/lib64/libkhtml.so.5 #10 0x00007f3c18f18f99 in KJS::JSObject::call () from /usr/lib64/libkjs.so.4 #11 0x00007f3c18f349ac in ?? () from /usr/lib64/libkjs.so.4 #12 0x00007f3c18eead99 in ?? () from /usr/lib64/libkjs.so.4 #13 0x00007f3c18f1bfa7 in KJS::Interpreter::evaluate () from /usr/lib64/libkjs.so.4 #14 0x00007f3c18f1c0f3 in KJS::Interpreter::evaluate () from /usr/lib64/libkjs.so.4 #15 0x00007f3c19749423 in ?? () from /usr/lib64/libkhtml.so.5 #16 0x00007f3c19528991 in KHTMLPart::executeScript () from /usr/lib64/libkhtml.so.5 #17 0x00007f3c195cd3d9 in ?? () from /usr/lib64/libkhtml.so.5 #18 0x00007f3c195d0aa5 in ?? () from /usr/lib64/libkhtml.so.5 #19 0x00007f3c195d2a0c in ?? () from /usr/lib64/libkhtml.so.5 #20 0x00007f3c195d3ff5 in ?? () from /usr/lib64/libkhtml.so.5 #21 0x00007f3c195d5ed5 in ?? () from /usr/lib64/libkhtml.so.5 #22 0x00007f3c195d71f5 in ?? () from /usr/lib64/libkhtml.so.5 #23 0x00007f3c195d123d in ?? () from /usr/lib64/libkhtml.so.5 #24 0x00007f3c196e17bf in ?? () from /usr/lib64/libkhtml.so.5 #25 0x00007f3c196e19a4 in ?? () from /usr/lib64/libkhtml.so.5 #26 0x00007f3c196defad in ?? () from /usr/lib64/libkhtml.so.5 #27 0x00007f3c196df2d7 in ?? () from /usr/lib64/libkhtml.so.5 #28 0x00007f3c25e98c34 in QMetaObject::activate () from /usr/lib64/libQtCore.so.4 #29 0x00007f3c26251802 in KJob::result () from /usr/lib64/libkdecore.so.5 #30 0x00007f3c26251b77 in KJob::emitResult () from /usr/lib64/libkdecore.so.5 #31 0x00007f3c26c3b6c0 in KIO::SimpleJob::slotFinished () from /usr/lib64/libkio.so.5 #32 0x00007f3c26c3c243 in KIO::TransferJob::slotFinished () from /usr/lib64/libkio.so.5 #33 0x00007f3c26c3d285 in KIO::TransferJob::qt_metacall () from /usr/lib64/libkio.so.5 #34 0x00007f3c25e98c34 in QMetaObject::activate () from /usr/lib64/libQtCore.so.4 #35 0x00007f3c26ce2671 in KIO::SlaveInterface::dispatch () from /usr/lib64/libkio.so.5 #36 0x00007f3c26ce05c2 in KIO::SlaveInterface::dispatch () from /usr/lib64/libkio.so.5 #37 0x00007f3c26cd3e1e in KIO::Slave::gotInput () from /usr/lib64/libkio.so.5 #38 0x00007f3c26cd4128 in KIO::Slave::qt_metacall () from /usr/lib64/libkio.so.5 #39 0x00007f3c25e98c34 in QMetaObject::activate () from /usr/lib64/libQtCore.so.4 #40 0x00007f3c26c104f1 in ?? () from /usr/lib64/libkio.so.5 #41 0x00007f3c26c10b9a in KIO::Connection::qt_metacall () from /usr/lib64/libkio.so.5 #42 0x00007f3c25e938a5 in QObject::event () from /usr/lib64/libQtCore.so.4 #43 0x00007f3c24963a2d in QApplicationPrivate::notify_helper () from /usr/lib64/libQtGui.so.4 #44 0x00007f3c2496b7ba in QApplication::notify () from /usr/lib64/libQtGui.so.4 #45 0x00007f3c2679a51b in KApplication::notify () from /usr/lib64/libkdeui.so.5 #46 0x00007f3c25e8485f in QCoreApplication::notifyInternal () from /usr/lib64/libQtCore.so.4 #47 0x00007f3c25e854fa in QCoreApplicationPrivate::sendPostedEvents () from /usr/lib64/libQtCore.so.4 #48 0x00007f3c25eacf73 in ?? () from /usr/lib64/libQtCore.so.4 #49 0x00007f3c215bf8d2 in g_main_context_dispatch () from /usr/lib64/libglib-2.0.so.0 #50 0x00007f3c215c305d in ?? () from /usr/lib64/libglib-2.0.so.0 #51 0x00007f3c215c321b in g_main_context_iteration () from /usr/lib64/libglib-2.0.so.0 #52 0x00007f3c25eacbff in QEventDispatcherGlib::processEvents () from /usr/lib64/libQtCore.so.4 #53 0x00007f3c249f472f in ?? () from /usr/lib64/libQtGui.so.4 #54 0x00007f3c25e83182 in QEventLoop::processEvents () from /usr/lib64/libQtCore.so.4 #55 0x00007f3c25e8330d in QEventLoop::exec () from /usr/lib64/libQtCore.so.4 #56 0x00007f3c25e857bd in QCoreApplication::exec () from /usr/lib64/libQtCore.so.4 #57 0x00007f3c27a88ab4 in kdemain () from /usr/lib64/libkdeinit4_konqueror.so #58 0x00007f3c2768e316 in __libc_start_main () from /lib64/libc.so.6 #59 0x00000000004005d9 in _start () How reproducible: Every time with javascript switched on in konqueror. OK if javascript switched off. Steps to Reproduce: 1. start konqueror with javascript switched on (java does not matter) 2. enter URL http://www.bostonstandard.co.uk/ and hit return 3. instant crash (also crashes if URL accesses pages deeper into website) Tried another approach. Saved www.bostonstandard.co.uk home page source file. Edited it to look to http://www.bostonstandard.co.uk/... for src files. Opened saved file in Konqueror Error reported at www.bostonstandard.co.uk/template/javascript/wtbase.js line 34 TypeError: Null Value 32function dcsGetIdCrumb(name,crumb){ 33 var cookie=dcsGetCookie(name); 34 var id=cookie.substring(0,cookie.indexOf(":lv=")); 35 var aCrumb=id.split("="); 36 for (var i=0;i<aCrumb.length;i++){ 37 if (crumb==aCrumb[0]){ 38 return aCrumb[1]; 39 } 40 } 41 return null; Stepped over error line with Konqueror Javascript Debugger - result crash.
Bug report 188061 also refers to this bug being present in konqueror 4.1.3. Bug was not present in konqueror 3.5.9.
Thread 1 (Thread 0xb5d97700 (LWP 11572)): [KCrash Handler] #6 khtml::Shared<DOM::DOMStringImpl>::deref (this=0x0) at /home/teve/src/kdelibs/khtml/misc/shared.h:39 #7 0xb3f76f57 in DOM::AttributeImpl::rewriteValue (this=0xbfd73e5c, newValue=@0xbfd73de4) at /home/teve/src/kdelibs/khtml/xml/dom_elementimpl.cpp:325 #8 0xb3fe852c in DOM::HTMLTableElementImpl::parseAttribute (this=0xaca0690, attr=0xbfd73e5c) at /home/teve/src/kdelibs/khtml/html/html_tableimpl.cpp:469 #9 0xb3f79d7d in DOM::ElementImpl::parseNullAttribute (this=0xaca0690, id=65658, prefix={m_id = 16058}) at /home/teve/src/kdelibs/khtml/xml/dom_elementimpl.h:271 #10 0xb3f77c8b in DOM::NamedAttrMapImpl::removeNamedItem (this=0xaca0540, id=65658, prefix=@0xbfd73f08, nsAware=<value optimized out>, exceptioncode=@0xbfd74098) at /home/teve/src/kdelibs/khtml/xml/dom_elementimpl.cpp:1419 #11 0xb3f7432b in DOM::ElementImpl::removeAttribute (this=0xaca0690, name=@0xbfd7406c, exceptioncode=@0xbfd74098) at /home/teve/src/kdelibs/khtml/xml/dom_elementimpl.cpp:636 #12 0xb4119195 in DOMElementProtoFunc::callAsFunction (this=0xb177e680, exec=0xbfd74650, thisObj=0xb177e600, args=@0xbfd74508) at /home/teve/src/kdelibs/khtml/ecma/kjs_dom.cpp:1316 #13 0xb3d7f9e5 in KJS::JSObject::call (this=0xb177e680, exec=0xbfd74650, thisObj=0xb177e600, args=@0xbfd74508) at /home/teve/src/kdelibs/kjs/object.cpp:69 #14 0xb3d9bc22 in KJS::Machine::runBlock (exec=0xbfd74650, codeBlock=@0x0, parentExec=0x0) at codes.def:1192 #15 0xb3d45dd4 in KJS::FunctionBodyNode::execute (this=0xacff968, exec=0xbfd74650) at /home/teve/src/kdelibs/kjs/nodes.cpp:927 #16 0xb3d8167a in KJS::Interpreter::evaluate (this=0xaa644b8, sourceURL=@0xbfd747d4, startingLineNumber=0, code=0xa9a2f38, codeLength=1075, thisV=0xb1780000) at /home/teve/src/kdelibs/kjs/interpreter.cpp:553 #17 0xb3d8173e in KJS::Interpreter::evaluate (this=0xaa644b8, sourceURL=@0xbfd747d4, startingLineNumber=0, code=@0xbfd747d8, thisV=0xb1780000) at /home/teve/src/kdelibs/kjs/interpreter.cpp:493 #18 0xb416163e in KJS::KJSProxyImpl::evaluate (this=0xa937748, filename= {static null = {<No data fields>}, static shared_null = {ref = {_q_value = 11194}, alloc = 0, size = 0, data = 0xb73bda5a, clean = 0, simpletext = 0, righttoleft = 0, asciiCache = 0, capacity = 0, reserved = 0, array = {0}}, static shared_empty = {ref = {_q_value = 164}, alloc = 0, size = 0, data = 0xb73bda6e, clean = 0, simpletext = 0, righttoleft = 0, asciiCache = 0, capacity = 0, reserved = 0, array = {0}}, d = 0xbfd74868, static codecForCStrings = 0x0}, baseLine=0, str=@0xbfd749c0, n=@0xbfd748bc, completion=0xbfd74848) at /home/teve/src/kdelibs/khtml/ecma/kjs_proxy.cpp:158 #19 0xb3f0da15 in KHTMLPart::executeScript (this=0xa91bf08, filename=@0xbfd748d8, baseLine=0, n=@0xbfd748bc, script=@0xbfd749c0) at /home/teve/src/kdelibs/khtml/khtml_part.cpp:1326 #20 0xb3fa8211 in khtml::HTMLTokenizer::scriptExecution (this=0xa331ba0, str=@0xbfd749c0, scriptURL=@0xbfd749c4, baseLine=0) at /home/teve/src/kdelibs/khtml/html/htmltokenizer.cpp:501 #21 0xb3fa8442 in khtml::HTMLTokenizer::notifyFinished (this=0xa331ba0) at /home/teve/src/kdelibs/khtml/html/htmltokenizer.cpp:2123 #22 0xb40d3ee0 in khtml::CachedScript::checkNotify (this=0xaa2ada8) at /home/teve/src/kdelibs/khtml/misc/loader.cpp:391 #23 0xb40d9f90 in khtml::CachedScript::data (this=0xaa2ada8, buffer=@0xacacfb4, eof=true) at /home/teve/src/kdelibs/khtml/misc/loader.cpp:383 #24 0xb40d6b05 in khtml::Loader::slotFinished (this=0x9e75708, job=0xacbd6e0) at /home/teve/src/kdelibs/khtml/misc/loader.cpp:1409 #25 0xb40d6e27 in khtml::Loader::qt_metacall (this=0x9e75708, _c=QMetaObject::InvokeMetaMethod, _id=3, _a=0xbfd74bec) at /home/teve/src/klb/khtml/loader.moc:131 #26 0xb72deca8 in QMetaObject::activate () from /usr/lib/libQtCore.so.4 #27 0xb72df932 in QMetaObject::activate () from /usr/lib/libQtCore.so.4 #28 0xb75085b3 in KJob::result (this=0xacbd6e0, _t1=0xacbd6e0) at /home/teve/src/klb/kdecore/kjob.moc:188 #29 0xb7508ace in KJob::emitResult (this=0xacbd6e0) at /home/teve/src/kdelibs/kdecore/jobs/kjob.cpp:294 #30 0xb7c284ef in KIO::SimpleJob::slotFinished (this=0xacbd6e0) at /home/teve/src/kdelibs/kio/kio/job.cpp:485 #31 0xb7c28873 in KIO::TransferJob::slotFinished (this=0xacbd6e0) at /home/teve/src/kdelibs/kio/kio/job.cpp:962 #32 0xb7c2f2fb in KIO::TransferJob::qt_metacall (this=0xacbd6e0, _c=QMetaObject::InvokeMetaMethod, _id=7, _a=0xbfd74e38) at /home/teve/src/klb/kio/jobclasses.moc:343 #33 0xb72deca8 in QMetaObject::activate () from /usr/lib/libQtCore.so.4 #34 0xb72df932 in QMetaObject::activate () from /usr/lib/libQtCore.so.4
*** This bug has been marked as a duplicate of bug 188061 ***
Bug 189662 confirmed cleared in Mandriva 2009.1 RC2 konqueror 4.2.2 rpm latest version at 20/4/2009.