Bug 166882

Summary: Crash when navigate back (meneame.net)
Product: [Applications] konqueror Reporter: Matías Costa <m.costacano>
Component: generalAssignee: Konqueror Developers <konq-bugs>
Status: RESOLVED DUPLICATE    
Severity: crash CC: christophe
Priority: NOR    
Version: 4.0.98   
Target Milestone: ---   
Platform: Gentoo Packages   
OS: Linux   
Latest Commit: Version Fixed In:
Sentry Crash Report:
Attachments: Console output

Description Matías Costa 2008-07-18 00:27:43 UTC
Version:           4.0.98 (using KDE 4.0.98)
Installed from:    Gentoo Packages
Compiler:          gcc  4.2.4 Build with debug info
OS:                Linux

How to reproduce:

1. Go to http://meneame.net (spanish digg)
2. Click any link out of the site
3. Click back toolbar button
4. Crash

Backtrace:

Application: Konqueror (konqueror), signal SIGABRT
[Thread debugging using libthread_db enabled]
[New Thread 0x2b52d3df92d0 (LWP 6660)]
[KCrash handler]
#5  0x00000036f1631535 in raise () from /lib64/libc.so.6
#6  0x00000036f16329e0 in abort () from /lib64/libc.so.6
#7  0x00000036f162a8bf in __assert_fail () from /lib64/libc.so.6
#8  0x0000003c174095d0 in khtml::HTMLTokenizer::reset (
    this=<value optimized out>)
    at /var/tmp/portage/kde-base/kdelibs-4.0.98-r1/work/kdelibs-4.0.98/khtml/html/htmltokenizer.cpp:164
#9  0x0000003c174096f3 in ~HTMLTokenizer (this=<value optimized out>)
    at /var/tmp/portage/kde-base/kdelibs-4.0.98-r1/work/kdelibs-4.0.98/khtml/html/htmltokenizer.cpp:2054
#10 0x0000003c173c9a87 in DOM::DocumentImpl::detach (
    this=<value optimized out>)
    at /var/tmp/portage/kde-base/kdelibs-4.0.98-r1/work/kdelibs-4.0.98/khtml/xml/dom_docimpl.cpp:1361
#11 0x0000003c1738e62d in KHTMLPart::clear (this=<value optimized out>)
    at /var/tmp/portage/kde-base/kdelibs-4.0.98-r1/work/kdelibs-4.0.98/khtml/khtml_part.cpp:1436
#12 0x0000003c17398d5b in ~KHTMLPart (this=<value optimized out>)
    at /var/tmp/portage/kde-base/kdelibs-4.0.98-r1/work/kdelibs-4.0.98/khtml/khtml_part.cpp:519
#13 0x0000003c1738e81c in KHTMLPart::clear (this=<value optimized out>)
    at /var/tmp/portage/kde-base/kdelibs-4.0.98-r1/work/kdelibs-4.0.98/khtml/khtml_part.cpp:1475
#14 0x0000003c1738f19c in KHTMLPart::begin (this=<value optimized out>, 
    url=<value optimized out>, xOffset=<value optimized out>, 
    yOffset=<value optimized out>)
    at /var/tmp/portage/kde-base/kdelibs-4.0.98-r1/work/kdelibs-4.0.98/khtml/khtml_part.cpp:1874
#15 0x0000003c1755703b in KJS::Window::getValueProperty (
    this=<value optimized out>, exec=<value optimized out>, 
    token=<value optimized out>)
    at /var/tmp/portage/kde-base/kdelibs-4.0.98-r1/work/kdelibs-4.0.98/khtml/ecma/kjs_window.cpp:761
#16 0x00002b52d825de4e in KJS::JSObject::get (this=<value optimized out>, 
    exec=<value optimized out>, propertyName=<value optimized out>)
    at /var/tmp/portage/kde-base/kdelibs-4.0.98-r1/work/kdelibs-4.0.98/kjs/object.cpp:166
#17 0x00002b52d8273ca3 in KJS::Machine::runBlock (exec=<value optimized out>, 
    codeBlock=<value optimized out>, parentExec=<value optimized out>)
    at codes.def:680
#18 0x00002b52d822ed97 in KJS::FunctionBodyNode::execute (
    this=<value optimized out>, exec=<value optimized out>)
    at /var/tmp/portage/kde-base/kdelibs-4.0.98-r1/work/kdelibs-4.0.98/kjs/nodes.cpp:927
#19 0x00002b52d82605ed in KJS::Interpreter::evaluate (
    this=<value optimized out>, sourceURL=<value optimized out>, 
    startingLineNumber=<value optimized out>, code=<value optimized out>, 
    codeLength=<value optimized out>, thisV=)
    at /var/tmp/portage/kde-base/kdelibs-4.0.98-r1/work/kdelibs-4.0.98/kjs/interpreter.cpp:555
#20 0x00002b52d82606f6 in KJS::Interpreter::evaluate (
    this=<value optimized out>, sourceURL=<value optimized out>, 
    startingLineNumber=<value optimized out>, code=<value optimized out>, 
    thisV=<value optimized out>)
    at /var/tmp/portage/kde-base/kdelibs-4.0.98-r1/work/kdelibs-4.0.98/kjs/interpreter.cpp:497
#21 0x0000003c175671f9 in KJS::KJSProxyImpl::evaluate (
    this=<value optimized out>, filename=<value optimized out>, 
    baseLine=<value optimized out>, str=<value optimized out>, 
    n=<value optimized out>, completion=<value optimized out>)
    at /var/tmp/portage/kde-base/kdelibs-4.0.98-r1/work/kdelibs-4.0.98/khtml/ecma/kjs_proxy.cpp:157
#22 0x0000003c1739039c in KHTMLPart::executeScript (
    this=<value optimized out>, filename=<value optimized out>, 
    baseLine=<value optimized out>, n=<value optimized out>, 
    script=<value optimized out>)
    at /var/tmp/portage/kde-base/kdelibs-4.0.98-r1/work/kdelibs-4.0.98/khtml/khtml_part.cpp:1207
#23 0x0000003c1740bdbe in khtml::HTMLTokenizer::scriptExecution (
    this=<value optimized out>, str=<value optimized out>, 
    scriptURL=<value optimized out>, baseLine=<value optimized out>)
    at /var/tmp/portage/kde-base/kdelibs-4.0.98-r1/work/kdelibs-4.0.98/khtml/html/htmltokenizer.cpp:475
#24 0x0000003c1740c4b1 in khtml::HTMLTokenizer::scriptHandler (
    this=<value optimized out>)
    at /var/tmp/portage/kde-base/kdelibs-4.0.98-r1/work/kdelibs-4.0.98/khtml/html/htmltokenizer.cpp:428
#25 0x0000003c1740cd24 in khtml::HTMLTokenizer::parseSpecial (
    this=<value optimized out>, src=<value optimized out>)
    at /var/tmp/portage/kde-base/kdelibs-4.0.98-r1/work/kdelibs-4.0.98/khtml/html/htmltokenizer.cpp:344
#26 0x0000003c1740eee9 in khtml::HTMLTokenizer::parseTag (
    this=<value optimized out>, src=<value optimized out>)
    at /var/tmp/portage/kde-base/kdelibs-4.0.98-r1/work/kdelibs-4.0.98/khtml/html/htmltokenizer.cpp:1535
#27 0x0000003c1740f58a in khtml::HTMLTokenizer::write (
    this=<value optimized out>, str=<value optimized out>, 
    appendData=<value optimized out>)
    at /var/tmp/portage/kde-base/kdelibs-4.0.98-r1/work/kdelibs-4.0.98/khtml/html/htmltokenizer.cpp:1789
#28 0x0000003c1738c27e in KHTMLPart::write (this=<value optimized out>, 
    data=<value optimized out>, len=<value optimized out>)
    at /var/tmp/portage/kde-base/kdelibs-4.0.98-r1/work/kdelibs-4.0.98/khtml/khtml_part.cpp:1960
#29 0x0000003c173797c8 in KHTMLPart::slotRestoreData (
    this=<value optimized out>, data=<value optimized out>)
    at /var/tmp/portage/kde-base/kdelibs-4.0.98-r1/work/kdelibs-4.0.98/khtml/khtml_part.cpp:1673
#30 0x0000003c17394a44 in KHTMLPart::qt_metacall (this=<value optimized out>, 
    _c=<value optimized out>, _id=<value optimized out>, 
    _a=<value optimized out>)
    at /var/tmp/portage/kde-base/kdelibs-4.0.98-r1/work/kdelibs_build/khtml/khtml_part.moc:266
#31 0x00000036f8964ae2 in QMetaObject::activate (
    sender=<value optimized out>, from_signal_index=<value optimized out>, 
    to_signal_index=<value optimized out>, argv=<value optimized out>)
    at kernel/qobject.cpp:3001
#32 0x0000003c173ba392 in KHTMLPageCacheDelivery::emitData (
    this=<value optimized out>, _t1=<value optimized out>)
    at /var/tmp/portage/kde-base/kdelibs-4.0.98-r1/work/kdelibs_build/khtml/khtml_pagecache.moc:131
#33 0x0000003c173ba7f7 in KHTMLPageCache::sendData (
    this=<value optimized out>)
    at /var/tmp/portage/kde-base/kdelibs-4.0.98-r1/work/kdelibs-4.0.98/khtml/khtml_pagecache.cpp:250
#34 0x0000003c173ba922 in KHTMLPageCache::qt_metacall (
    this=<value optimized out>, _c=<value optimized out>, 
    _id=<value optimized out>, _a=<value optimized out>)
    at /var/tmp/portage/kde-base/kdelibs-4.0.98-r1/work/kdelibs_build/khtml/khtml_pagecache.moc:68
#35 0x00000036f8964ae2 in QMetaObject::activate (
    sender=<value optimized out>, from_signal_index=<value optimized out>, 
    to_signal_index=<value optimized out>, argv=<value optimized out>)
    at kernel/qobject.cpp:3001
#36 0x00000036f896d0ff in QSingleShotTimer::timerEvent (
    this=<value optimized out>) at kernel/qtimer.cpp:300
#37 0x00000036f8960735 in QObject::event (this=<value optimized out>, 
    e=<value optimized out>) at kernel/qobject.cpp:1096
#38 0x000000377c39360f in QApplicationPrivate::notify_helper (
    this=<value optimized out>, receiver=<value optimized out>, 
    e=<value optimized out>) at kernel/qapplication.cpp:3772
#39 0x000000377c3981d5 in QApplication::notify (this=<value optimized out>, 
    receiver=<value optimized out>, e=<value optimized out>)
    at kernel/qapplication.cpp:3739
#40 0x0000003c147f224e in KApplication::notify (this=<value optimized out>, 
    receiver=<value optimized out>, event=<value optimized out>)
    at /var/tmp/portage/kde-base/kdelibs-4.0.98-r1/work/kdelibs-4.0.98/kdeui/kernel/kapplication.cpp:311
#41 0x00000036f894f1d8 in QCoreApplication::notifyInternal (
    this=<value optimized out>, receiver=<value optimized out>, 
    event=<value optimized out>) at kernel/qcoreapplication.cpp:587
#42 0x00000036f897d729 in QTimerInfoList::activateTimers (
    this=<value optimized out>)
    at ../../include/QtCore/../../src/corelib/kernel/qcoreapplication.h:215
#43 0x00000036f897e238 in QEventDispatcherUNIX::processEvents (
    this=<value optimized out>, flags=<value optimized out>)
    at kernel/qeventdispatcher_unix.cpp:899
#44 0x000000377c42182a in QEventDispatcherX11::processEvents (
    this=<value optimized out>, flags=<value optimized out>)
    at kernel/qeventdispatcher_x11.cpp:154
#45 0x00000036f894e5d5 in QEventLoop::processEvents (
    this=<value optimized out>, flags=<value optimized out>)
    at kernel/qeventloop.cpp:149
#46 0x00000036f894e72e in QEventLoop::exec (this=<value optimized out>, 
    flags=<value optimized out>) at kernel/qeventloop.cpp:200
#47 0x00000036f8950789 in QCoreApplication::exec ()
    at kernel/qcoreapplication.cpp:845
#48 0x0000003c15aae76d in kdemain (argc=<value optimized out>, 
    argv=<value optimized out>)
    at /var/tmp/portage/kde-base/konqueror-4.0.98/work/konqueror-4.0.98/apps/konqueror/src/konqmain.cpp:227
#49 0x00000036f161e4a4 in __libc_start_main () from /lib64/libc.so.6
#50 0x0000000000400779 in _start ()
#0  0x00000036f1698c01 in nanosleep () from /lib64/libc.so.6
Comment 1 Matías Costa 2008-07-18 00:32:32 UTC
Created attachment 26224 [details]
Console output

konqueror debug output
Comment 2 Christophe Marin 2008-07-18 01:45:45 UTC
Confirmed in trunk (kdelibs rev. 833686)
bugs 161082 118104 140643 159031 may be related. (?)

It only crashes if you click back before the ads on the right are loaded.


konqueror(7991)/khtml (part) KHTMLPart::closeUrl:  was still parsing... calling end
konqueror: /media/kde/src/KDE/kdelibs/khtml/html/htmltokenizer.cpp:164: void khtml::HTMLTokenizer::reset():  l'assertion « m_executingScript == 0 » a échoué.

---


Thread 1 (Thread 0xb6121700 (LWP 3447)):
[KCrash Handler]
#6  0xffffe424 in __kernel_vsyscall ()
#7  0xb64ee5e0 in raise () from /lib/i686/cmov/libc.so.6
#8  0xb64effb8 in abort () from /lib/i686/cmov/libc.so.6
#9  0xb64e756e in __assert_fail () from /lib/i686/cmov/libc.so.6
#10 0xb27cebab in khtml::HTMLTokenizer::reset (this=0x8a8db00) at /media/kde/src/KDE/kdelibs/khtml/html/htmltokenizer.cpp:164
#11 0xb27ceced in ~HTMLTokenizer (this=0x8a8db00) at /media/kde/src/KDE/kdelibs/khtml/html/htmltokenizer.cpp:2054
#12 0xb2785d86 in DOM::DocumentImpl::detach (this=0x8ae2778) at /media/kde/src/KDE/kdelibs/khtml/xml/dom_docimpl.cpp:1361
#13 0xb273facf in KHTMLPart::clear (this=0x8dc8728) at /media/kde/src/KDE/kdelibs/khtml/khtml_part.cpp:1448
#14 0xb274bfae in ~KHTMLPart (this=0x8dc8728) at /media/kde/src/KDE/kdelibs/khtml/khtml_part.cpp:531
#15 0xb273fcf2 in KHTMLPart::clear (this=0x88c7450) at /media/kde/src/KDE/kdelibs/khtml/khtml_part.cpp:1487
#16 0xb27407d1 in KHTMLPart::begin (this=0x88c7450, url=@0xbfb69074, xOffset=0, yOffset=0) at /media/kde/src/KDE/kdelibs/khtml/khtml_part.cpp:1886
#17 0xb294c71b in KJS::Window::getValueProperty (this=0xafd60140, exec=0xbfb695d4, token=4) at /media/kde/src/KDE/kdelibs/khtml/ecma/kjs_window.cpp:761
#18 0xb2bc3e72 in KJS::PropertySlot::getValue (this=0xbfb69100, exec=0xbfb695d4, originalObject=0xafd60140, propertyName=@0x9763ea4) at /media/kde/src/KDE/kdelibs/kjs/property_slot.h:46
#19 0xb2bc2808 in KJS::JSObject::get (this=0xafd60140, exec=0xbfb695d4, propertyName=@0x9763ea4) at /media/kde/src/KDE/kdelibs/kjs/object.cpp:166
#20 0xb2bdb78f in KJS::Machine::runBlock (exec=0xbfb695d4, codeBlock=@0x9339ff4, parentExec=0x0) at codes.def:680
#21 0xb2b8bb14 in KJS::FunctionBodyNode::execute (this=0x9339fa0, exec=0xbfb695d4) at /media/kde/src/KDE/kdelibs/kjs/nodes.cpp:927
#22 0xb2bc559e in KJS::Interpreter::evaluate (this=0x958d760, sourceURL=@0xbfb69794, startingLineNumber=8, code=0x9661778, codeLength=998, thisV=0xafd60180)
    at /media/kde/src/KDE/kdelibs/kjs/interpreter.cpp:557
#23 0xb2bc563e in KJS::Interpreter::evaluate (this=0x958d760, sourceURL=@0xbfb69794, startingLineNumber=8, code=@0xbfb69798, thisV=0xafd60180) at /media/kde/src/KDE/kdelibs/kjs/interpreter.cpp:499
#24 0xb295f71b in KJS::KJSProxyImpl::evaluate (this=0x8a752c8, filename=
      {static null = {<No data fields>}, static shared_null = {ref = {_q_value = 44311}, alloc = 0, size = 0, data = 0xb74eecba, clean = 0, simpletext = 0, righttoleft = 0, asciiCache = 0, capacity = 0, reserved = 0, array = {0}}, static shared_empty = {ref = {_q_value = 234}, alloc = 0, size = 0, data = 0xb74eecce, clean = 0, simpletext = 0, righttoleft = 0, asciiCache = 0, capacity = 0, reserved = 0, array = {0}}, d = 0xbfb69828, static codecForCStrings = 0x0}, baseLine=8, str=@0xbfb699d4, n=@0xbfb6987c, completion=0xbfb69808) at /media/kde/src/KDE/kdelibs/khtml/ecma/kjs_proxy.cpp:157
#25 0xb2741cb5 in KHTMLPart::executeScript (this=0x8dc8728, filename=@0xbfb69898, baseLine=8, n=@0xbfb6987c, script=@0xbfb699d4) at /media/kde/src/KDE/kdelibs/khtml/khtml_part.cpp:1219
#26 0xb27d1664 in khtml::HTMLTokenizer::scriptExecution (this=0x8a8db00, str=@0xbfb699d4, scriptURL=@0xbfb699cc, baseLine=7) at /media/kde/src/KDE/kdelibs/khtml/html/htmltokenizer.cpp:475
#27 0xb27d1e00 in khtml::HTMLTokenizer::scriptHandler (this=0x8a8db00) at /media/kde/src/KDE/kdelibs/khtml/html/htmltokenizer.cpp:428
#28 0xb27d2784 in khtml::HTMLTokenizer::parseSpecial (this=0x8a8db00, src=@0x8a8dff0) at /media/kde/src/KDE/kdelibs/khtml/html/htmltokenizer.cpp:344
#29 0xb27d4d63 in khtml::HTMLTokenizer::parseTag (this=0x8a8db00, src=@0x8a8dff0) at /media/kde/src/KDE/kdelibs/khtml/html/htmltokenizer.cpp:1535
#30 0xb27d5500 in khtml::HTMLTokenizer::write (this=0x8a8db00, str=@0xbfb69cf8, appendData=true) at /media/kde/src/KDE/kdelibs/khtml/html/htmltokenizer.cpp:1789
#31 0xb273d221 in KHTMLPart::write (this=0x8dc8728, 
    data=0x99aea18 "<html>\n<head>\n<style>\nbody {margin: 0;padding: 0;}\n</style>\n</head>\n<body>\n<script type='text/javascript'>\n<!--//<![CDATA[\nvar zone = '1296';\nvar ord = '1884016442058615';\nvar source = parent.media_so"..., len=1388) at /media/kde/src/KDE/kdelibs/khtml/khtml_part.cpp:1972
#32 0xb272791a in KHTMLPart::slotRestoreData (this=0x8dc8728, data=@0xbfb69f14) at /media/kde/src/KDE/kdelibs/khtml/khtml_part.cpp:1685
#33 0xb2746f77 in KHTMLPart::qt_metacall (this=0x8dc8728, _c=QMetaObject::InvokeMetaMethod, _id=21, _a=0xbfb69edc) at /media/kde/build/KDE/kdelibs/khtml/khtml_part.moc:266
#34 0xb745588c in QMetaObject::activate (sender=0x8bfa748, from_signal_index=4, to_signal_index=4, argv=0xbfb69edc) at kernel/qobject.cpp:3007
#35 0xb7455d19 in QMetaObject::activate (sender=0x8bfa748, m=0xb2aedfc8, local_signal_index=0, argv=0xbfb69edc) at kernel/qobject.cpp:3080
#36 0xb2773a93 in KHTMLPageCacheDelivery::emitData (this=0x8bfa748, _t1=@0xbfb69f14) at /media/kde/build/KDE/kdelibs/khtml/khtml_pagecache.moc:131
#37 0xb2773fdc in KHTMLPageCache::sendData (this=0x8977510) at /media/kde/src/KDE/kdelibs/khtml/khtml_pagecache.cpp:250
#38 0xb277414a in KHTMLPageCache::qt_metacall (this=0x8977510, _c=QMetaObject::InvokeMetaMethod, _id=1, _a=0xbfb69fb4) at /media/kde/build/KDE/kdelibs/khtml/khtml_pagecache.moc:68
#39 0xb745588c in QMetaObject::activate (sender=0x96cc328, from_signal_index=4, to_signal_index=4, argv=0x0) at kernel/qobject.cpp:3007
#40 0xb7455d19 in QMetaObject::activate (sender=0x96cc328, m=0xb74eba68, local_signal_index=0, argv=0x0) at kernel/qobject.cpp:3080
#41 0xb745f3dd in QSingleShotTimer::timeout (this=0x96cc328) at .moc/debug-shared/qtimer.moc:74
#42 0xb745f4f8 in QSingleShotTimer::timerEvent (this=0x96cc328) at kernel/qtimer.cpp:300
#43 0xb7453b84 in QObject::event (this=0x96cc328, e=0xbfb6a564) at kernel/qobject.cpp:1105
#44 0xb68c4289 in QApplicationPrivate::notify_helper (this=0x8415948, receiver=0x96cc328, e=0xbfb6a564) at kernel/qapplication.cpp:3772
#45 0xb68c459e in QApplication::notify (this=0xbfb6a9dc, receiver=0x96cc328, e=0xbfb6a564) at kernel/qapplication.cpp:3366
#46 0xb7a68421 in KApplication::notify (this=0xbfb6a9dc, receiver=0x96cc328, event=0xbfb6a564) at /media/kde/src/KDE/kdelibs/kdeui/kernel/kapplication.cpp:311
#47 0xb744128b in QCoreApplication::notifyInternal (this=0xbfb6a9dc, receiver=0x96cc328, event=0xbfb6a564) at kernel/qcoreapplication.cpp:583
#48 0xb7444dd3 in QCoreApplication::sendEvent (receiver=0x96cc328, event=0xbfb6a564) at kernel/qcoreapplication.h:215
#49 0xb7472293 in QTimerInfoList::activateTimers (this=0x8418784) at kernel/qeventdispatcher_unix.cpp:563
#50 0xb746fba4 in timerSourceDispatch (source=0x8418750) at kernel/qeventdispatcher_glib.cpp:166
#51 0xb63672f1 in g_main_context_dispatch () from /usr/lib/libglib-2.0.so.0
Comment 3 Christophe Marin 2008-08-04 00:48:13 UTC
note : probably a dup of bug 159031.
Comment 4 A. Spehr 2008-08-05 22:23:02 UTC

*** This bug has been marked as a duplicate of 145666 ***