Bug 182945

Summary: Crash in ~Interpreter, ASSERT(m_startTimeoutCheckCount == 0)
Product: [Applications] konqueror Reporter: Daniel Richard G. <skunk>
Component: kjsAssignee: Konqueror Developers <konq-bugs>
Status: RESOLVED DUPLICATE    
Severity: crash CC: maksim
Priority: NOR    
Version: unspecified   
Target Milestone: ---   
Platform: Compiled Sources   
OS: Linux   
Latest Commit: Version Fixed In:
Sentry Crash Report:

Description Daniel Richard G. 2009-02-03 02:33:02 UTC 
Version:            (using Devel)
OS:                Linux
Installed from:    Compiled sources

I came across an odd Web page, in Google's Shopping search results, where any attempt to leave the page would send me back to the same page. Even after hitting Home, the browser would boomerang back.

Frustratedly, I hit Home several times in rapid succession, and the browser crashed with

#8  0x00007f4d2ec56932 in ~Interpreter (this=0x7f84750)
    at /home/kdesvn/kdelibs/kjs/interpreter.cpp:266
266         ASSERT (m_startTimeoutCheckCount == 0);
(gdb) p m_startTimeoutCheckCount
$1 = 1

This from from a source tree at r917938. I've saved a core file, in case anyone would like me to poke at this more.

BT:

Thread 1 (Thread 0x7f4d40fdc6f0 (LWP 927)):
[KCrash Handler]
#5  0x00007f4d3bbf2fd5 in raise () from /lib/libc.so.6
#6  0x00007f4d3bbf4b43 in abort () from /lib/libc.so.6
#7  0x00007f4d3bbebd49 in __assert_fail () from /lib/libc.so.6
#8  0x00007f4d2ec56932 in ~Interpreter (this=0x7f84750) at /home/kdesvn/kdelibs/kjs/interpreter.cpp:266
#9  0x00007f4d2f77cd2c in ~ScriptInterpreter (this=0x7f84750) at /home/kdesvn/kdelibs/khtml/ecma/kjs_binding.cpp:91
#10 0x00007f4d2f7d2ef4 in ~KJSProxyImpl (this=0xb8b06f0) at /home/kdesvn/kdelibs/khtml/ecma/kjs_proxy.cpp:108
#11 0x00007f4d2f52c892 in ~ChildFrame (this=0x9f2d190) at /home/kdesvn/kdelibs/khtml/khtmlpart_p.h:98
#12 0x00007f4d2f5183c1 in KHTMLPart::clear (this=0xba9cb30) at /home/kdesvn/kdelibs/khtml/khtml_part.cpp:1573
#13 0x00007f4d2f5189cb in KHTMLPart::begin (this=0xba9cb30, url=@0x7fff4900bba0, xOffset=0, yOffset=0) at /home/kdesvn/kdelibs/khtml/khtml_part.cpp:1979
#14 0x00007f4d2f7be14d in KJS::Window::getValueProperty (this=0x7f4d30162e80, exec=0x7fff4900e3f0, token=4) at /home/kdesvn/kdelibs/khtml/ecma/kjs_window.cpp:730
#15 0x00007f4d2f7c97d8 in KJS::staticValueGetter<KJS::Window> (exec=0x7fff4900e3f0, slot=@0x7fff4900bd30) at /home/kdesvn/kdelibs/kjs/lookup.h:147
#16 0x00007f4d2ec5626f in KJS::PropertySlot::getValue (this=0x7fff4900bd30, exec=0x7fff4900e3f0, originalObject=0x7f4d30162e80, propertyName=@0xc1b9138)
    at /home/kdesvn/kdelibs/kjs/property_slot.h:46
#17 0x00007f4d2ec54c50 in KJS::JSObject::get (this=0x7f4d30162e80, exec=0x7fff4900e3f0, propertyName=@0xc1b9138) at /home/kdesvn/kdelibs/kjs/object.cpp:166
#18 0x00007f4d2ec71ac2 in KJS::Machine::runBlock (exec=0x7fff4900e3f0, codeBlock=@0x66cb6d0, parentExec=0x7fff49010cd0) at codes.def:673
#19 0x00007f4d2ec50a3a in KJS::FunctionImp::callAsFunction (this=0x7f4d2bead540, exec=0x7fff49010cd0, thisObj=0x7f4d30162f80, args=@0x7fff4900e960)
    at /home/kdesvn/kdelibs/kjs/function.cpp:144
#20 0x00007f4d2ec559ca in KJS::JSObject::call (this=0x7f4d2bead540, exec=0x7fff49010cd0, thisObj=0x7f4d30162f80, args=@0x7fff4900e960)
    at /home/kdesvn/kdelibs/kjs/object.cpp:99
#21 0x00007f4d2ec7b801 in KJS::Machine::runBlock (exec=0x7fff49010cd0, codeBlock=@0x6bc2d40, parentExec=0x7f84770) at codes.def:1192
#22 0x00007f4d2ec50a3a in KJS::FunctionImp::callAsFunction (this=0x7f4d2bead340, exec=0x7f84770, thisObj=0x7f4d30162f80, args=@0x7fff49010f50)
    at /home/kdesvn/kdelibs/kjs/function.cpp:144
#23 0x00007f4d2ec559ca in KJS::JSObject::call (this=0x7f4d2bead340, exec=0x7f84770, thisObj=0x7f4d30162f80, args=@0x7fff49010f50) at /home/kdesvn/kdelibs/kjs/object.cpp:99
#24 0x00007f4d2f7ea76a in KJS::JSEventListener::handleEvent (this=0x7f2f6e0, evt=@0x7fff49011010) at /home/kdesvn/kdelibs/khtml/ecma/kjs_events.cpp:106
#25 0x00007f4d2f7ea8d3 in KJS::JSLazyEventListener::handleEvent (this=0x7f2f6e0, evt=@0x7fff49011010) at /home/kdesvn/kdelibs/khtml/ecma/kjs_events.cpp:159
#26 0x00007f4d2f5725ea in DOM::DocumentImpl::defaultEventHandler (this=0x80501a0, evt=0xae5f790) at /home/kdesvn/kdelibs/khtml/xml/dom_docimpl.cpp:2732
#27 0x00007f4d2f588e31 in DOM::NodeImpl::dispatchWindowEvent (this=0x80501b8, _id=16, canBubbleArg=false, cancelableArg=false)
    at /home/kdesvn/kdelibs/khtml/xml/dom_nodeimpl.cpp:566
#28 0x00007f4d2f5ec118 in DOM::HTMLDocumentImpl::close (this=0x80501a0) at /home/kdesvn/kdelibs/khtml/html/html_documentimpl.cpp:249
#29 0x00007f4d2f4fdb8f in KHTMLPart::checkEmitLoadEvent (this=0x6805f10) at /home/kdesvn/kdelibs/khtml/khtml_part.cpp:2454
#30 0x00007f4d2f5034df in KHTMLPart::slotFinishedParsing (this=0x6805f10) at /home/kdesvn/kdelibs/khtml/khtml_part.cpp:2187
#31 0x00007f4d2f522e0e in KHTMLPart::qt_metacall (this=0x6805f10, _c=QMetaObject::InvokeMetaMethod, _id=22, _a=0x7fff49011340) at /tmp/kdesvn-build/kdelibs/khtml/khtml_part.moc:267
#32 0x00007f4d3e0f4c3f in QMetaObject::activate (sender=0x80501a0, from_signal_index=4, to_signal_index=4, argv=0x0) at /home/kdesvn/qt-copy/src/corelib/kernel/qobject.cpp:3028
#33 0x00007f4d3e0f4f29 in QMetaObject::activate (sender=0x80501a0, m=0x7f4d2fe07680, local_signal_index=0, argv=0x0) at /home/kdesvn/qt-copy/src/corelib/kernel/qobject.cpp:3101
#34 0x00007f4d2f56c5ec in DOM::DocumentImpl::finishedParsing (this=0x80501a0) at /tmp/kdesvn-build/kdelibs/khtml/dom_docimpl.moc:77
#35 0x00007f4d2f56c640 in DOM::DocumentImpl::qt_metacall (this=0x80501a0, _c=QMetaObject::InvokeMetaMethod, _id=0, _a=0x7fff490114f0) at /tmp/kdesvn-build/kdelibs/khtml/dom_docimpl.moc:67
#36 0x00007f4d2f5ec959 in DOM::HTMLDocumentImpl::qt_metacall (this=0x80501a0, _c=QMetaObject::InvokeMetaMethod, _id=4, _a=0x7fff490114f0)
    at /tmp/kdesvn-build/kdelibs/khtml/html_documentimpl.moc:62
#37 0x00007f4d3e0f4c3f in QMetaObject::activate (sender=0xbc80970, from_signal_index=4, to_signal_index=4, argv=0x0) at /home/kdesvn/qt-copy/src/corelib/kernel/qobject.cpp:3028
#38 0x00007f4d3e0f4f29 in QMetaObject::activate (sender=0xbc80970, m=0x7f4d2fe076a0, local_signal_index=0, argv=0x0) at /home/kdesvn/qt-copy/src/corelib/kernel/qobject.cpp:3101
#39 0x00007f4d2f5a8464 in khtml::Tokenizer::finishedParsing (this=0xbc80970) at /tmp/kdesvn-build/kdelibs/khtml/xml_tokenizer.moc:75
#40 0x00007f4d2f5ce4ff in khtml::HTMLTokenizer::end (this=0xbc80970) at /home/kdesvn/kdelibs/khtml/html/htmltokenizer.cpp:1943
#41 0x00007f4d2f5d3795 in khtml::HTMLTokenizer::finish (this=0xbc80970) at /home/kdesvn/kdelibs/khtml/html/htmltokenizer.cpp:1992
#42 0x00007f4d2f56807a in DOM::DocumentImpl::finishParsing (this=0x80501a0) at /home/kdesvn/kdelibs/khtml/xml/dom_docimpl.cpp:1703
#43 0x00007f4d2f4f3950 in KHTMLPart::end (this=0x6805f10) at /home/kdesvn/kdelibs/khtml/khtml_part.cpp:2109
#44 0x00007f4d2f4f376c in KHTMLPart::slotRestoreData (this=0x6805f10, data=@0x7fff49011a20) at /home/kdesvn/kdelibs/khtml/khtml_part.cpp:1785
#45 0x00007f4d2f522dfd in KHTMLPart::qt_metacall (this=0x6805f10, _c=QMetaObject::InvokeMetaMethod, _id=21, _a=0x7fff490119e0) at /tmp/kdesvn-build/kdelibs/khtml/khtml_part.moc:266
#46 0x00007f4d3e0f4c3f in QMetaObject::activate (sender=0xc7d6110, from_signal_index=4, to_signal_index=4, argv=0x7fff490119e0)
    at /home/kdesvn/qt-copy/src/corelib/kernel/qobject.cpp:3028
#47 0x00007f4d3e0f4f29 in QMetaObject::activate (sender=0xc7d6110, m=0x7f4d2fe07580, local_signal_index=0, argv=0x7fff490119e0)
    at /home/kdesvn/qt-copy/src/corelib/kernel/qobject.cpp:3101
#48 0x00007f4d2f554c25 in KHTMLPageCacheDelivery::emitData (this=0xc7d6110, _t1=@0x7fff49011a20) at /tmp/kdesvn-build/kdelibs/khtml/khtml_pagecache.moc:131
#49 0x00007f4d2f554d81 in KHTMLPageCache::sendData (this=0x2305a70) at /home/kdesvn/kdelibs/khtml/khtml_pagecache.cpp:257
#50 0x00007f4d2f55513e in KHTMLPageCache::qt_metacall (this=0x2305a70, _c=QMetaObject::InvokeMetaMethod, _id=1, _a=0x7fff49011b00) at /tmp/kdesvn-build/kdelibs/khtml/khtml_pagecache.moc:68
#51 0x00007f4d3e0f4c3f in QMetaObject::activate (sender=0x8558f20, from_signal_index=4, to_signal_index=4, argv=0x0) at /home/kdesvn/qt-copy/src/corelib/kernel/qobject.cpp:3028
#52 0x00007f4d3e0f4f29 in QMetaObject::activate (sender=0x8558f20, m=0x7f4d3e3f1420, local_signal_index=0, argv=0x0) at /home/kdesvn/qt-copy/src/corelib/kernel/qobject.cpp:3101
#53 0x00007f4d3e101aca in QSingleShotTimer::timeout (this=0x8558f20) at .moc/debug-shared/qtimer.moc:74
#54 0x00007f4d3e101b6f in QSingleShotTimer::timerEvent (this=0x8558f20) at /home/kdesvn/qt-copy/src/corelib/kernel/qtimer.cpp:294
#55 0x00007f4d3e0f90de in QObject::event (this=0x8558f20, e=0x7fff49012430) at /home/kdesvn/qt-copy/src/corelib/kernel/qobject.cpp:1120
#56 0x00007f4d3d4f7bef in QApplicationPrivate::notify_helper (this=0x18d9780, receiver=0x8558f20, e=0x7fff49012430) at /home/kdesvn/qt-copy/src/gui/kernel/qapplication.cpp:3803
#57 0x00007f4d3d4f7f11 in QApplication::notify (this=0x7fff490128a0, receiver=0x8558f20, e=0x7fff49012430) at /home/kdesvn/qt-copy/src/gui/kernel/qapplication.cpp:3393
#58 0x00007f4d3f1d000a in KApplication::notify (this=0x7fff490128a0, receiver=0x8558f20, event=0x7fff49012430) at /home/kdesvn/kdelibs/kdeui/kernel/kapplication.cpp:307
#59 0x00007f4d3e0e15d4 in QCoreApplication::notifyInternal (this=0x7fff490128a0, receiver=0x8558f20, event=0x7fff49012430)
    at /home/kdesvn/qt-copy/src/corelib/kernel/qcoreapplication.cpp:583
#60 0x00007f4d3e0e5915 in QCoreApplication::sendEvent (receiver=0x8558f20, event=0x7fff49012430) at /home/kdesvn/qt-copy/src/corelib/kernel/qcoreapplication.h:209
#61 0x00007f4d3e113e5d in QTimerInfoList::activateTimers (this=0x18dcd70) at /home/kdesvn/qt-copy/src/corelib/kernel/qeventdispatcher_unix.cpp:557
#62 0x00007f4d3e110079 in timerSourceDispatch (source=0x18dcd10) at /home/kdesvn/qt-copy/src/corelib/kernel/qeventdispatcher_glib.cpp:160
#63 0x00007f4d3a355d3b in g_main_context_dispatch () from /usr/lib/libglib-2.0.so.0
#64 0x00007f4d3a35950d in ?? () from /usr/lib/libglib-2.0.so.0
#65 0x00007f4d3a3596cb in g_main_context_iteration () from /usr/lib/libglib-2.0.so.0
#66 0x00007f4d3e110c54 in QEventDispatcherGlib::processEvents (this=0x18d8f30, flags=@0x7fff49012690) at /home/kdesvn/qt-copy/src/corelib/kernel/qeventdispatcher_glib.cpp:319
#67 0x00007f4d3d59757f in QGuiEventDispatcherGlib::processEvents (this=0x18d8f30, flags=@0x7fff490126f0) at /home/kdesvn/qt-copy/src/gui/kernel/qguieventdispatcher_glib.cpp:198
#68 0x00007f4d3e0e0438 in QEventLoop::processEvents (this=0x7fff490127a0, flags=@0x7fff49012750) at /home/kdesvn/qt-copy/src/corelib/kernel/qeventloop.cpp:143
#69 0x00007f4d3e0e0633 in QEventLoop::exec (this=0x7fff490127a0, flags=@0x7fff490127b0) at /home/kdesvn/qt-copy/src/corelib/kernel/qeventloop.cpp:190
#70 0x00007f4d3e0e4a82 in QCoreApplication::exec () at /home/kdesvn/qt-copy/src/corelib/kernel/qcoreapplication.cpp:845
#71 0x00007f4d3d4f6f90 in QApplication::exec () at /home/kdesvn/qt-copy/src/gui/kernel/qapplication.cpp:3331
#72 0x00007f4d40baa817 in kdemain (argc=2, argv=0x7fff49013518) at /home/kdesvn/kdebase/apps/konqueror/src/konqmain.cpp:257
#73 0x00000000004008a1 in main (argc=2, argv=0x7fff49013518) at /tmp/kdesvn-build/kdebase/apps/konqueror/src/konqueror_dummy.cpp:3
Comment 1 Daniel Richard G. 2009-02-03 02:45:42 UTC 
For reference, the Google page in question:

http://www.google.com/products/catalog?q=kensington+expert+trackball&btnG=Search+Froogle&cid=8301514163452884180&sa=title#ps-sellers

If you click on the name of a vendor (e.g. Newegg.com), the page basically reloads. Oddly enough, this happens the first and second times you click, but not the third.

I cannot reproduce the original behavior, where this would also occur after hitting Home (and no third-time's-the-charm bit either).
Comment 2 Maksim Orlovich 2009-02-05 00:19:48 UTC 

*** This bug has been marked as a duplicate of bug 170185 ***