Bug 136120

Can confirm, here's a more detailed backtrace.

Using host libthread_db library "/lib/libthread_db.so.1".
`system-supplied DSO at 0xffffe000' has disappeared; keeping its symbols.
[Thread debugging using libthread_db enabled]
[New Thread -1234151232 (LWP 30327)]
[KCrash handler]
#5  0xb62f54d0 in DOM::DocumentImpl::getId (this=0x0, 
    _type=DOM::NodeImpl::NamespaceId, _nsURI=0x0, _prefix=0x0, 
    _name=0x8472bd0, readonly=false, pExceptioncode=0xbfb8e4f8)
    at /home/bram/KDE/kde3/kdelibs/khtml/xml/dom_docimpl.cpp:1838
#6  0xb63f0349 in DOM::CSSStyleSheetImpl::determineNamespace (this=0x83dacc8, 
    id=@0x847edf4, prefix=@0xbfb8f754)
    at /home/bram/KDE/kde3/kdelibs/khtml/css/css_stylesheetimpl.cpp:253
#7  0xb641c179 in cssyyparse (parser=0xbfb8f92c)
    at /home/bram/KDE/kde3/kdelibs/khtml/css/parser.cpp:1986
#8  0xb6403cfc in DOM::CSSParser::runParser (this=0xbfb8f92c, length=8780)
    at /home/bram/KDE/kde3/kdelibs/khtml/css/cssparser.cpp:159
#9  0xb6404350 in DOM::CSSParser::parseSheet (this=0xbfb8f92c, 
    sheet=0x83dacc8, string=@0x83c2ae4)
    at /home/bram/KDE/kde3/kdelibs/khtml/css/cssparser.cpp:174
#10 0xb63f01dd in DOM::CSSStyleSheetImpl::parseString (this=0x83dacc8, 
    string=@0x83c2ae4, strict=true)
    at /home/bram/KDE/kde3/kdelibs/khtml/css/css_stylesheetimpl.cpp:267
#11 0xb63f3fc6 in DOM::CSSImportRuleImpl::setStyleSheet (this=0x8396550, 
    url=@0x83c2ab0, sheet=@0x83c2ae4, charset=@0xbfb8fa04)
    at /home/bram/KDE/kde3/kdelibs/khtml/css/css_ruleimpl.cpp:144
#12 0xb6428b5c in khtml::CachedCSSStyleSheet::checkNotify (this=0x83c2a90)
    at /home/bram/KDE/kde3/kdelibs/khtml/misc/loader.cpp:283
#13 0xb642bf74 in khtml::CachedCSSStyleSheet::data (this=0x83c2a90, 
    buffer=@0x83ac5fc, eof=true)
    at /home/bram/KDE/kde3/kdelibs/khtml/misc/loader.cpp:271
#14 0xb642837c in khtml::Loader::slotFinished (this=0x823d370, job=0x83d91b8)
    at /home/bram/KDE/kde3/kdelibs/khtml/misc/loader.cpp:1171
#15 0xb64285b6 in khtml::Loader::qt_invoke (this=0x823d370, _id=2, 
    _o=0xbfb8fb98) at loader.moc:260
#16 0xb6e8f559 in QObject::activate_signal () from /usr/qt/3/lib/libqt-mt.so.3
#17 0xb7b3291f in KIO::Job::result (this=0x83d91b8, t0=0x83d91b8)
    at jobclasses.moc:162
#18 0xb7b3940f in KIO::Job::emitResult (this=0x83d91b8)
    at /home/bram/KDE/kde3/kdelibs/kio/kio/job.cpp:227
#19 0xb7b39b48 in KIO::SimpleJob::slotFinished (this=0x83d91b8)
    at /home/bram/KDE/kde3/kdelibs/kio/kio/job.cpp:575
#20 0xb7b39f11 in KIO::TransferJob::slotFinished (this=0x83d91b8)
    at /home/bram/KDE/kde3/kdelibs/kio/kio/job.cpp:945
#21 0xb7b37deb in KIO::TransferJob::qt_invoke (this=0x83d91b8, _id=17, 
    _o=0xbfb8fe88) at jobclasses.moc:1071
#22 0xb6e8f559 in QObject::activate_signal () from /usr/qt/3/lib/libqt-mt.so.3
#23 0xb6e901ad in QObject::activate_signal () from /usr/qt/3/lib/libqt-mt.so.3
#24 0xb7b1ef1f in KIO::SlaveInterface::finished (this=0x82b4650)
    at slaveinterface.moc:226
#25 0xb7b20597 in KIO::SlaveInterface::dispatch (this=0x82b4650, _cmd=104, 
    rawdata=@0xbfb900a8)
    at /home/bram/KDE/kde3/kdelibs/kio/kio/slaveinterface.cpp:243
#26 0xb7b212d0 in KIO::SlaveInterface::dispatch (this=0x82b4650)
    at /home/bram/KDE/kde3/kdelibs/kio/kio/slaveinterface.cpp:173
#27 0xb7b1bc04 in KIO::Slave::gotInput (this=0x82b4650)
    at /home/bram/KDE/kde3/kdelibs/kio/kio/slave.cpp:300
#28 0xb7b1dd01 in KIO::Slave::qt_invoke (this=0x82b4650, _id=4, _o=0xbfb901b4)
    at slave.moc:113
#29 0xb6e8f559 in QObject::activate_signal () from /usr/qt/3/lib/libqt-mt.so.3
#30 0xb6e900a2 in QObject::activate_signal () from /usr/qt/3/lib/libqt-mt.so.3
#31 0xb71c8d00 in QSocketNotifier::activated ()
   from /usr/qt/3/lib/libqt-mt.so.3
#32 0xb6ead4b0 in QSocketNotifier::event () from /usr/qt/3/lib/libqt-mt.so.3
#33 0xb6e30517 in QApplication::internalNotify ()
   from /usr/qt/3/lib/libqt-mt.so.3
#34 0xb6e310e1 in QApplication::notify () from /usr/qt/3/lib/libqt-mt.so.3
#35 0xb74e68b6 in KApplication::notify (this=0xbfb90768, receiver=0x82db238, 
    event=0xbfb90478)
    at /home/bram/KDE/kde3/kdelibs/kdecore/kapplication.cpp:550
#36 0xb6e25151 in QEventLoop::activateSocketNotifiers ()
   from /usr/qt/3/lib/libqt-mt.so.3
#37 0xb6de07ce in QEventLoop::processEvents () from /usr/qt/3/lib/libqt-mt.so.3
#38 0xb6e470a1 in QEventLoop::enterLoop () from /usr/qt/3/lib/libqt-mt.so.3
#39 0xb6e46f26 in QEventLoop::exec () from /usr/qt/3/lib/libqt-mt.so.3
#40 0xb6e2ff9f in QApplication::exec () from /usr/qt/3/lib/libqt-mt.so.3
#41 0xb7f3f9bc in kdemain () from /usr/kde/branch/lib/libkdeinit_konqueror.so
#42 0x080486f2 in main ()

Don't need the wrapper....

Somehow we end up with a stylesheet w/o a document, so trying to lookup namespace IDs crashes.

Testcase:
<link rel="stylesheet" href="style1.css" type="text/css">

style1.css:
@import "style2.css"

style2.css:
@namespace xhtml2 url(http://www.w3.org/2002/06/xhtml2);
.ref xhtml2|l {display: block; }

This fixes this crash but needs more testing:
--- css/css_stylesheetimpl.cpp  (revision 597771)
+++ css/css_stylesheetimpl.cpp  (working copy)
@@ -130,7 +130,7 @@
     : StyleSheetImpl(ownerRule, href)
 {
     m_lstChildren = new QPtrList<StyleBaseImpl>;
-    m_doc = 0;
+    m_doc = ownerRule->parentStyleSheet()->doc();
     m_implicit = false;
     m_namespaces = 0;
     m_defaultNamespace = anyNamespace;

*** Bug 137469 has been marked as a duplicate of this bug. ***

Hi,

Sorry for the duplicate post Bug 137469.

I tried the patch on testcase for bug 137469, but it still crashes.

I'l try to investigate more in the weekend, don't have time now.

/ Fredrik

To Fredrik: your testcase and that webpage both work fine for me with the patch applied.

To Maksim:
You're right, and I was wrong (I mistakenly tested it in my old stable build)
Guess that one should never test things in a hurry.

Sorry for the noise

/ Fredrik

Actually there is a problem here since the namespace translations are supposed to be local to the stylesheet, and not shared with parent stylesheet or document.

Eek, so is the mapping in the wrong place? 

SVN commit 606304 by carewolf:

Always remember the document for new stylesheets
BUG: 136120 


 M  +3 -3      css_stylesheetimpl.cpp  


--- branches/KDE/3.5/kdelibs/khtml/css/css_stylesheetimpl.cpp #606303:606304
@@ -111,7 +111,7 @@
     : StyleSheetImpl(parentSheet, href)
 {
     m_lstChildren = new QPtrList<StyleBaseImpl>;
-    m_doc = 0;
+    m_doc = parentSheet->doc();
     m_implicit = false;
     m_namespaces = 0;
     m_defaultNamespace = anyNamespace;
@@ -131,7 +131,7 @@
     : StyleSheetImpl(ownerRule, href)
 {
     m_lstChildren = new QPtrList<StyleBaseImpl>;
-    m_doc = 0;
+    m_doc = static_cast<CSSStyleSheetImpl*>(ownerRule->stylesheet())->doc();
     m_implicit = false;
     m_namespaces = 0;
     m_defaultNamespace = anyNamespace;
@@ -164,7 +164,7 @@
         m_lstChildren->append(rule);
         rule->setParent(this);
     }
-    m_doc  = 0;
+    m_doc = static_cast<CSSStyleSheetImpl*>(ownerRule->stylesheet())->doc();
     m_implicit = false;
     m_namespaces = 0;
     m_defaultNamespace = anyNamespace;

No it was done correctly. I was just confused for a while on the difference between mapping prefix->uri which is done per stylesheet and uri->id which is done per document.

*** Bug 138472 has been marked as a duplicate of this bug. ***

*** Bug 139312 has been marked as a duplicate of this bug. ***

*** Bug 140063 has been marked as a duplicate of this bug. ***