Bug 154046

Summary: Konqueror crashes on http://www.adobe.com/products/acrobat/readstep2_allversions.html
Product: [Applications] konqueror Reporter: Javier Jardon <javierjc1982>
Component: generalAssignee: Konqueror Bugs <konqueror-bugs-null>
Status: RESOLVED DUPLICATE    
Severity: crash    
Priority: NOR    
Version First Reported In: unspecified   
Target Milestone: ---   
Platform: Ubuntu   
OS: Linux   
Latest Commit: Version Fixed/Implemented In:
Sentry Crash Report:

Description Javier Jardon 2007-12-14 19:56:09 UTC 
Version:           3.5.8 (using KDE KDE 3.5.8)
Installed from:    Ubuntu Packages
OS:                Linux

Konqueror crashes whenever I try to access this link to Adobe Reader:
http://www.adobe.com/products/acrobat/readstep2_allversions.html
I'm using Konqueror 3.5.8 on KDE 3.5.8, running Ubuntu 7.10 (Gutsy). I've got browser identification set to "default".
Comment 1 Javier Jardon 2007-12-14 19:56:54 UTC 
See Ubuntu bug #175785 (https://bugs.launchpad.net/ubuntu/+source/kdebase/+bug/175785)
Comment 2 Maksim Orlovich 2007-12-14 20:07:26 UTC 
Confirm for both 3.5 and 4.0:

Using host libthread_db library "/lib/i686/libthread_db.so.1".
[Thread debugging using libthread_db enabled]
[New Thread -1243138320 (LWP 6762)]
[KCrash handler]
#6  0xb555931a in khtml::RenderBlock::addChildToFlow (this=0x843a9a4, 
    newChild=0x871cf48, beforeChild=0x843a3c4)
    at /home/maksim/kde3/kdelibs/khtml/rendering/render_block.cpp:372
#7  0xb557a699 in khtml::RenderFlow::addChild (this=0x843a9a4, 
    newChild=0x871cf48, beforeChild=0x843a3c4)
    at /home/maksim/kde3/kdelibs/khtml/rendering/render_flow.cpp:128
#8  0xb5558f43 in khtml::RenderBlock::addChildToFlow (this=0x8439a7c, 
    newChild=0x871cf48, beforeChild=0x843a3c4)
    at /home/maksim/kde3/kdelibs/khtml/rendering/render_block.cpp:298
#9  0xb557a699 in khtml::RenderFlow::addChild (this=0x8439a7c, 
    newChild=0x871cf48, beforeChild=0x843a3c4)
    at /home/maksim/kde3/kdelibs/khtml/rendering/render_flow.cpp:128
#10 0xb54ed367 in DOM::NodeImpl::createRendererIfNeeded (this=0x88a94f8)
    at /home/maksim/kde3/kdelibs/khtml/xml/dom_nodeimpl.cpp:938
#11 0xb54f48ad in DOM::ElementImpl::attach (this=0x88a94f8)
    at /home/maksim/kde3/kdelibs/khtml/xml/dom_elementimpl.cpp:536
#12 0xb54f4f0c in DOM::ElementImpl::recalcStyle (this=0x88a94f8, 
    change=DOM::NodeImpl::Force)
    at /home/maksim/kde3/kdelibs/khtml/xml/dom_elementimpl.cpp:626
#13 0xb55213d9 in DOM::HTMLElementImpl::recalcStyle (this=0x88a94f8, 
    ch=DOM::NodeImpl::Force)
    at /home/maksim/kde3/kdelibs/khtml/html/html_elementimpl.cpp:274
#14 0xb54f500f in DOM::ElementImpl::recalcStyle (this=0x86d43c8, 
    change=DOM::NodeImpl::Force)
    at /home/maksim/kde3/kdelibs/khtml/xml/dom_elementimpl.cpp:654
#15 0xb55213d9 in DOM::HTMLElementImpl::recalcStyle (this=0x86d43c8, 
    ch=DOM::NodeImpl::Force)
    at /home/maksim/kde3/kdelibs/khtml/html/html_elementimpl.cpp:274
#16 0xb54f500f in DOM::ElementImpl::recalcStyle (this=0x8497508, 
    change=DOM::NodeImpl::Force)
    at /home/maksim/kde3/kdelibs/khtml/xml/dom_elementimpl.cpp:654
#17 0xb55213d9 in DOM::HTMLElementImpl::recalcStyle (this=0x8497508, 
    ch=DOM::NodeImpl::Force)
    at /home/maksim/kde3/kdelibs/khtml/html/html_elementimpl.cpp:274
#18 0xb54e7372 in DOM::DocumentImpl::recalcStyle (this=0x84364d0, 
    change=DOM::NodeImpl::Force)
    at /home/maksim/kde3/kdelibs/khtml/xml/dom_docimpl.cpp:1166
#19 0xb54e461b in DOM::DocumentImpl::updateStyleSelector (this=0x84364d0, 
    shallow=false) at /home/maksim/kde3/kdelibs/khtml/xml/dom_docimpl.cpp:2057
#20 0xb54e49e5 in DOM::DocumentImpl::styleSheetLoaded (this=0xb576a4c8)
    at /home/maksim/kde3/kdelibs/khtml/xml/dom_docimpl.cpp:1980
#21 0xb551c858 in DOM::HTMLLinkElementImpl::finished (this=0x88f5188)
    at /home/maksim/kde3/kdelibs/khtml/html/html_headimpl.cpp:257
#22 0xb551d028 in DOM::HTMLLinkElementImpl::setStyleSheet (this=0x88f5188, 
    url=@0x88f2ef8, sheetStr=@0x88f2f2c, charset=@0xbfcd06e0)
    at /home/maksim/kde3/kdelibs/khtml/html/html_headimpl.cpp:248
#23 0xb560113e in khtml::CachedCSSStyleSheet::checkNotify (this=0x88f2ed8)
    at /home/maksim/kde3/kdelibs/khtml/misc/loader.cpp:283
#24 0xb56013df in khtml::CachedCSSStyleSheet::data (this=0x88f2ed8, 
    buffer=@0x88f410c, eof=true)
    at /home/maksim/kde3/kdelibs/khtml/misc/loader.cpp:271
#25 0xb560332e in khtml::Loader::slotFinished (this=0x8331070, job=0x894d898)
    at /home/maksim/kde3/kdelibs/khtml/misc/loader.cpp:1205
#26 0xb5603cbc in khtml::Loader::qt_invoke (this=0x8331070, _id=2, 
    _o=0xbfcd0844) at ../khtml/misc/loader.moc:260
#27 0xb7193b9d in QObject::activate_signal (this=0x894d898, clist=0x88c7c10, 
    o=0xbfcd0844) at kernel/qobject.cpp:2356
#28 0xb7d908e8 in KIO::Job::result (this=0x894d898, t0=0x894d898)
    at ./kio/kio/jobclasses.moc:162
#29 0xb7d96f5c in KIO::Job::emitResult (this=0x894d898)
    at /home/maksim/kde3/kdelibs/kio/kio/job.cpp:235
#30 0xb7d97668 in KIO::SimpleJob::slotFinished (this=0x894d898)
    at /home/maksim/kde3/kdelibs/kio/kio/job.cpp:601
#31 0xb7d97a48 in KIO::TransferJob::slotFinished (this=0x894d898)
    at /home/maksim/kde3/kdelibs/kio/kio/job.cpp:971
#32 0xb7d95945 in KIO::TransferJob::qt_invoke (this=0x894d898, _id=17, 
    _o=0xbfcd0b58) at ./kio/kio/jobclasses.moc:1071
#33 0xb7193b9d in QObject::activate_signal (this=0x86bfe90, clist=0x86c0798, 
    o=0xbfcd0b58) at kernel/qobject.cpp:2356
#34 0xb71947ad in QObject::activate_signal (this=0x86bfe90, signal=6)
    at kernel/qobject.cpp:2325
#35 0xb7d7dc41 in KIO::SlaveInterface::finished (this=0x86bfe90)
    at ./kio/kio/slaveinterface.moc:226
#36 0xb7d7f17d in KIO::SlaveInterface::dispatch (this=0x86bfe90, _cmd=104, 
    rawdata=@0xbfcd0d90)
    at /home/maksim/kde3/kdelibs/kio/kio/slaveinterface.cpp:243
#37 0xb7d7fcde in KIO::SlaveInterface::dispatch (this=0x86bfe90)
    at /home/maksim/kde3/kdelibs/kio/kio/slaveinterface.cpp:173
#38 0xb7d7ac9d in KIO::Slave::gotInput (this=0x86bfe90)
    at /home/maksim/kde3/kdelibs/kio/kio/slave.cpp:300
#39 0xb7d7cac8 in KIO::Slave::qt_invoke (this=0x86bfe90, _id=4, _o=0xbfcd0eb4)
    at ./kio/kio/slave.moc:113
#40 0xb7193b9d in QObject::activate_signal (this=0x854e300, clist=0x86c00a8, 
    o=0xbfcd0eb4) at kernel/qobject.cpp:2356
#41 0xb71946b2 in QObject::activate_signal (this=0x854e300, signal=2, 
    param=19) at kernel/qobject.cpp:2449
#42 0xb74c1f90 in QSocketNotifier::activated (this=0x854e300, t0=19)
    at .moc/release-shared-mt/moc_qsocketnotifier.cpp:85
#43 0xb71b1b00 in QSocketNotifier::event (this=0x854e300, e=0xbfcd1148)
    at kernel/qsocketnotifier.cpp:258
#44 0xb7135887 in QApplication::internalNotify (this=0xbfcd1434, 
    receiver=0x854e300, e=0xbfcd1148) at kernel/qapplication.cpp:2636
#45 0xb71365a9 in QApplication::notify (this=0xbfcd1434, receiver=0x854e300, 
    e=0xbfcd1148) at kernel/qapplication.cpp:2359
#46 0xb7793089 in KApplication::notify (this=0xbfcd1434, receiver=0x854e300, 
    event=0xbfcd1148)
    at /home/maksim/kde3/kdelibs/kdecore/kapplication.cpp:550
#47 0xb712a801 in QEventLoop::activateSocketNotifiers (this=0x80d5d68)
    at kernel/qapplication.h:496
#48 0xb70e4bd4 in QEventLoop::processEvents (this=0x80d5d68, flags=4)
    at kernel/qeventloop_x11.cpp:383
#49 0xb714c0a0 in QEventLoop::enterLoop (this=0x80d5d68)
    at kernel/qeventloop.cpp:198
#50 0xb714bf66 in QEventLoop::exec (this=0x80d5d68)
    at kernel/qeventloop.cpp:145
#51 0xb71354ef in QApplication::exec (this=0xbfcd1434)
    at kernel/qapplication.cpp:2759
#52 0xb5bc73a3 in kdemain (argc=4, argv=0x809a200)
    at /home/maksim/kde3/kdebase/konqueror/konq_main.cc:206
#53 0xb7655674 in kdeinitmain (argc=4, argv=0x809a200)
    at ./konqueror/kdeinit_konqueror.la.cpp:3
#54 0x0804f53d in launch (argc=4, _name=0x809a364 "konqueror", 
    args=<value optimized out>, cwd=0x809a3c3 "/home/maksim", envc=56, 
    envs=0x809a3d4 "LC_PAPER=en_US.UTF-8", reset_env=true, tty=0x0, 
    avoid_loops=false, 
    startup_id_str=0x809a9e6 "nest;1197658829;812982;4741_TIME3657920999")
    at /home/maksim/kde3/kdelibs/kinit/kinit.cpp:673
#55 0x08050062 in handle_launcher_request (sock=6)
    at /home/maksim/kde3/kdelibs/kinit/kinit.cpp:1240
#56 0x080503a1 in handle_requests (waitForPid=0)
    at /home/maksim/kde3/kdelibs/kinit/kinit.cpp:1433
#57 0x08050cf0 in main (argc=5, argv=0xbfcd1e14, envp=0xbfcd1e2c)
    at /home/maksim/kde3/kdelibs/kinit/kinit.cpp:1908
Comment 3 Maksim Orlovich 2007-12-14 20:10:22 UTC 
Null pointer someplace:
==6940== Invalid read of size 4
==6940==    at 0x7A1B31A: khtml::RenderBlock::addChildToFlow(khtml::RenderObject*, khtml::RenderObject*) (render_block.cpp:372)
==6940==    by 0x7A3C698: khtml::RenderFlow::addChild(khtml::RenderObject*, khtml::RenderObject*) (render_flow.cpp:128)
==6940==    by 0x7A1AF42: khtml::RenderBlock::addChildToFlow(khtml::RenderObject*, khtml::RenderObject*) (render_block.cpp:298)
==6940==    by 0x7A3C698: khtml::RenderFlow::addChild(khtml::RenderObject*, khtml::RenderObject*) (render_flow.cpp:128)
==6940==    by 0x79AF366: DOM::NodeImpl::createRendererIfNeeded() (dom_nodeimpl.cpp:938)
==6940==    by 0x79B68AC: DOM::ElementImpl::attach() (dom_elementimpl.cpp:536)
==6940==    by 0x79B6F0B: DOM::ElementImpl::recalcStyle(DOM::NodeImpl::StyleChange) (dom_elementimpl.cpp:626)
==6940==    by 0x79E33D8: DOM::HTMLElementImpl::recalcStyle(DOM::NodeImpl::StyleChange) (html_elementimpl.cpp:274)
==6940==    by 0x79B700E: DOM::ElementImpl::recalcStyle(DOM::NodeImpl::StyleChange) (dom_elementimpl.cpp:654)
==6940==    by 0x79E33D8: DOM::HTMLElementImpl::recalcStyle(DOM::NodeImpl::StyleChange) (html_elementimpl.cpp:274)
==6940==    by 0x79B700E: DOM::ElementImpl::recalcStyle(DOM::NodeImpl::StyleChange) (dom_elementimpl.cpp:654)
==6940==    by 0x79E33D8: DOM::HTMLElementImpl::recalcStyle(DOM::NodeImpl::StyleChange) (html_elementimpl.cpp:274)
==6940==  Address 0x244 is not stack'd, malloc'd or (recently) free'd
Comment 4 ndeb 2008-01-24 07:27:23 UTC 
I can confirm that this bug is 100% reproducible on mandriva 2008.0 (kde-3.5.7).
Comment 5 Tommi Tervo 2008-01-31 08:51:03 UTC 

*** This bug has been marked as a duplicate of 150006 ***