Bug 172684

Summary: Konqueror crashes when navigating back or forward in history
Product: [Applications] konqueror Reporter: Rune Jensen <jensrune>
Component: generalAssignee: Konqueror Developers <konq-bugs>
Status: RESOLVED DUPLICATE    
Severity: crash CC: andresbajotierra, gfh, h.ozinga, kojot350, mail, maksim, nadavkav, porten, simon
Priority: NOR    
Version: 4.1.2   
Target Milestone: ---   
Platform: openSUSE   
OS: Linux   
Latest Commit: Version Fixed In:
Sentry Crash Report:
Attachments: Backtrace

Description Rune Jensen 2008-10-12 22:44:46 UTC 
Version:            (using KDE 4.1.2)
OS:                Linux
Installed from:    SuSE RPMs

Go to www.vg.no (many sites does this)
click some links and navigate back.
Konq crashes

Application: Konqueror (konqueror), signal SIGSEGV
[?1034h(no debugging symbols found)

[KCrash handler]
#6  0x00000020 in ?? ()
#7  0xb4441038 in KJS::Collector::markStackObjectsConservatively ()
   from /usr/lib/libkjs.so.4
#8  0xb44417eb in KJS::Collector::markCurrentThreadConservatively ()
   from /usr/lib/libkjs.so.4
#9  0xb4441827 in KJS::Collector::markStackObjectsConservatively ()
   from /usr/lib/libkjs.so.4
#10 0xb444186f in KJS::Collector::collect () from /usr/lib/libkjs.so.4
#11 0xb44740f7 in KJS::Interpreter::collect () from /usr/lib/libkjs.so.4
#12 0xb4259845 in ?? () from /usr/lib/libkhtml.so.5
#13 0xb404a110 in ?? () from /usr/lib/libkhtml.so.5
#14 0xb40275a8 in KHTMLPart::clear () from /usr/lib/libkhtml.so.5
#15 0xb402f8bb in KHTMLPart::begin () from /usr/lib/libkhtml.so.5
#16 0xb42451e4 in ?? () from /usr/lib/libkhtml.so.5
#17 0xb4472024 in KJS::JSObject::get () from /usr/lib/libkjs.so.4
#18 0xb4488b60 in ?? () from /usr/lib/libkjs.so.4
#19 0xb446c6b1 in KJS::FunctionImp::callAsFunction () from /usr/lib/libkjs.so.4
#20 0xb44728bd in KJS::JSObject::call () from /usr/lib/libkjs.so.4
#21 0xb448f99d in ?? () from /usr/lib/libkjs.so.4
#22 0xb446c6b1 in KJS::FunctionImp::callAsFunction () from /usr/lib/libkjs.so.4
#23 0xb44728bd in KJS::JSObject::call () from /usr/lib/libkjs.so.4
#24 0xb426d0dd in ?? () from /usr/lib/libkhtml.so.5
#25 0xb407bc2d in ?? () from /usr/lib/libkhtml.so.5
#26 0xb40953ef in ?? () from /usr/lib/libkhtml.so.5
#27 0xb40e63c3 in ?? () from /usr/lib/libkhtml.so.5
#28 0xb40168cc in KHTMLPart::checkEmitLoadEvent () from /usr/lib/libkhtml.so.5
#29 0xb401f381 in KHTMLPart::slotFinishedParsing () from /usr/lib/libkhtml.so.5
#30 0xb404385f in KHTMLPart::qt_metacall () from /usr/lib/libkhtml.so.5
#31 0xb7500730 in QMetaObject::activate () from /usr/lib/libQtCore.so.4
#32 0xb75014b2 in QMetaObject::activate () from /usr/lib/libQtCore.so.4
#33 0xb40774b7 in ?? () from /usr/lib/libkhtml.so.5
#34 0xb4077515 in ?? () from /usr/lib/libkhtml.so.5
#35 0xb40e5d57 in ?? () from /usr/lib/libkhtml.so.5
#36 0xb7500730 in QMetaObject::activate () from /usr/lib/libQtCore.so.4
#37 0xb75014b2 in QMetaObject::activate () from /usr/lib/libQtCore.so.4
#38 0xb40aa927 in ?? () from /usr/lib/libkhtml.so.5
#39 0xb40ca8b9 in ?? () from /usr/lib/libkhtml.so.5
#40 0xb40d0d87 in ?? () from /usr/lib/libkhtml.so.5
#41 0xb4077048 in ?? () from /usr/lib/libkhtml.so.5
#42 0xb401af6d in KHTMLPart::end () from /usr/lib/libkhtml.so.5
#43 0xb401c81f in KHTMLPart::slotRestoreData () from /usr/lib/libkhtml.so.5
#44 0xb4043877 in KHTMLPart::qt_metacall () from /usr/lib/libkhtml.so.5
#45 0xb7500730 in QMetaObject::activate () from /usr/lib/libQtCore.so.4
#46 0xb75014b2 in QMetaObject::activate () from /usr/lib/libQtCore.so.4
#47 0xb406d743 in ?? () from /usr/lib/libkhtml.so.5
#48 0xb406df97 in ?? () from /usr/lib/libkhtml.so.5
#49 0xb406eadd in ?? () from /usr/lib/libkhtml.so.5
#50 0xb7500730 in QMetaObject::activate () from /usr/lib/libQtCore.so.4
#51 0xb75014b2 in QMetaObject::activate () from /usr/lib/libQtCore.so.4
#52 0xb7506b77 in ?? () from /usr/lib/libQtCore.so.4
#53 0xb7506c9c in ?? () from /usr/lib/libQtCore.so.4
#54 0xb74fb1ef in QObject::event () from /usr/lib/libQtCore.so.4
#55 0xb682c82c in QApplicationPrivate::notify_helper ()
   from /usr/lib/libQtGui.so.4
#56 0xb68346ce in QApplication::notify () from /usr/lib/libQtGui.so.4
#57 0xb7ad0e0d in KApplication::notify () from /usr/lib/libkdeui.so.5
#58 0xb74eba61 in QCoreApplication::notifyInternal ()
   from /usr/lib/libQtCore.so.4
#59 0xb7519dd6 in ?? () from /usr/lib/libQtCore.so.4
#60 0xb75162a0 in ?? () from /usr/lib/libQtCore.so.4
#61 0xb63142d9 in g_main_context_dispatch () from /usr/lib/libglib-2.0.so.0
#62 0xb631785b in ?? () from /usr/lib/libglib-2.0.so.0
#63 0xb63179d8 in g_main_context_iteration () from /usr/lib/libglib-2.0.so.0
#64 0xb75161f8 in QEventDispatcherGlib::processEvents ()
   from /usr/lib/libQtCore.so.4
#65 0xb68c5885 in ?? () from /usr/lib/libQtGui.so.4
#66 0xb74ea13a in QEventLoop::processEvents () from /usr/lib/libQtCore.so.4
#67 0xb74ea2fa in QEventLoop::exec () from /usr/lib/libQtCore.so.4
#68 0xb74ec995 in QCoreApplication::exec () from /usr/lib/libQtCore.so.4
#69 0xb682c6a7 in QApplication::exec () from /usr/lib/libQtGui.so.4
#70 0xb7fad3bf in kdemain () from /usr/lib/libkdeinit4_konqueror.so
#71 0x080487c2 in _start ()
#0  0xffffe430 in __kernel_vsyscall ()
Comment 1 Rune Jensen 2008-10-12 22:46:56 UTC 
No, www.itavisen.no does it. Not www.vg.no
Comment 2 Harri Porten 2008-10-13 00:22:03 UTC 
I get a crash, too. But the backtrace is different so it might be about a different bug. Steps:

1.) http://www.itavisen.no/
2.) Click on any of the "Lesernes beste nettips" below the KUDOS logo
3.) I ended up on http://www.kudos.no/needCookies.html (not sure whether this is a bug by its own or my setting)
4.) Click on the brower Back button quickly after each other

Will add backtrace.
Comment 3 Harri Porten 2008-10-13 00:27:30 UTC 
Created attachment 27838 [details]
Backtrace
Comment 4 Paweł Prażak 2008-10-15 19:55:19 UTC 
I can't reproduce this bug on openSuSE 11, KDE 4.1.2
Comment 5 Rune Jensen 2008-10-15 20:49:58 UTC 
Navigating back or forward where www.itavisen.no is the target will cause the crash
Comment 6 Rune Jensen 2008-10-15 21:41:50 UTC 
Looking at the source, I think maybe it should be two & in this if sentence, it should be a logical AND and not the bit AND operator ?

void Collector::markStackObjectsConservatively(void *start, void *end)
..........
        if ((blocks[block] == blockAddr) & (offset <= lastCellOffset)) {
          if (((CollectorCell *)x)->u.freeCell.zeroIfFree != 0) {
            JSCell *imp = reinterpret_cast<JSCell *>(x);
            if (!imp->marked())
              imp->mark();
.........
Comment 7 Sebastian Sauer 2008-10-26 23:04:49 UTC 
see also bug #167966 and bug #170185 and bug #173066
They are all dealing with crashes on back/next-navigation.
Comment 8 Herman Ozinga 2008-12-30 13:53:47 UTC 
this bug is still there in release KDE 4.1.3 "release 4.9"
same problem with www.imdb.com
Comment 9 Dario Andres 2009-01-04 15:46:53 UTC 
Bug 179573 may be a duplicate of this
Comment 10 FiNeX 2009-01-05 01:48:59 UTC 
*** Bug 179573 has been marked as a duplicate of this bug. ***
Comment 11 FiNeX 2009-01-06 17:55:41 UTC 
*** Bug 179813 has been marked as a duplicate of this bug. ***
Comment 12 Dario Andres 2009-01-29 15:11:33 UTC 
*** Bug 182231 has been marked as a duplicate of this bug. ***
Comment 13 simon 2009-01-29 15:36:25 UTC 
any plans on this one?
Comment 14 Maksim Orlovich 2009-02-05 00:19:47 UTC 

*** This bug has been marked as a duplicate of bug 170185 ***