Bug 198141

Summary: konqueror crash with D-Bus assertion on connecting to crashed nsplugin
Product: [Applications] konqueror Reporter: Andrey Borzenkov <arvidjaar>
Component: nspluginsAssignee: Konqueror Developers <konq-bugs>
Status: RESOLVED FIXED    
Severity: crash CC: f.hammer, hammett, j.benner, kollix, kovacs.beni.1995, marcus, marokanski.kazak, nicholas.tripp, null, underscore
Priority: NOR    
Version: unspecified   
Target Milestone: ---   
Platform: Compiled Sources   
OS: Linux   
Latest Commit: Version Fixed In:
Sentry Crash Report:

Description Andrey Borzenkov 2009-06-28 11:30:05 UTC 
Version:            (using Devel)
OS:                Linux
Installed from:    Compiled sources

KDE 4.2.95/Qt 4.5.2 x86_64 as shipped by Mandriva. Flash 10.0.22 from Adobe, D-Bus 1.2.4.6permissive compiled with assertions enabled.

nspluginviewer (or better libflashplayer) crashed. The problem is, next time konqueror crashed as well in D-Bus assertion apparently attempting to connect to this instance over D-Bus.

Connections can go away; crashing application seems a bit too hard reaction.

Application: Konqueror (kdeinit4), signal: Aborted
[KCrash Handler]
#5  0x00007f112e893915 in raise (sig=<value optimized out>) at ../nptl/sysdeps/unix/sysv/linux/raise.c:64
#6  0x00007f112e894f8a in abort () at abort.c:88
#7  0x00007f11249a9f35 in _dbus_abort () at dbus-sysdeps.c:88
#8  0x00007f11249a5d6d in _dbus_warn_check_failed (
    format=0x7f11249b25a0 "arguments to %s() were incorrect, assertion \"%s\" failed in file %s line %d.\nThis is normally a bug in some application using the D-Bus library.\n")
    at dbus-internals.c:283
#9  0x00007f112499ae89 in dbus_message_new_method_call (destination=0x18d40b8 "org.kde.nspluginviewer-22279", path=0x0, interface=0x2e1e9b8 "org.kde.nsplugins.Class", method=0x396fbe8 "newInstance")
    at dbus-message.c:1071
#10 0x00007f112d37e422 in QDBusMessagePrivate::toDBusMessage (message=<value optimized out>) at ./qdbus_symbols_p.h:260
#11 0x00007f112d378f88 in QDBusConnectionPrivate::sendWithReplyAsync (this=0x109aaf0, message=@0x7fff3e347dc0, timeout=<value optimized out>) at qdbusintegrator.cpp:1838
#12 0x00007f112d361a80 in QDBusConnection::asyncCall (this=<value optimized out>, message=@0x0, timeout=-1) at qdbusconnection.cpp:542
#13 0x00007f112d380d8b in QDBusAbstractInterface::asyncCallWithArgumentList (this=<value optimized out>, method=@0x7fff3e347ef0, args=<value optimized out>) at qdbusabstractinterface.cpp:430
#14 0x00007f1116e4c533 in OrgKdeNspluginsClassInterface::newInstance (this=<value optimized out>, url=<value optimized out>, mimeType=<value optimized out>, embed=true, argn=<value optimized out>, 
    argv=@0x7fff3e348230, appId=@0x7fff3e3484b0, callbackId=@0x3cb6960, reload=false) at /usr/src/debug/kdebase-4.2.95/build/apps/nsplugins/nsplugins_class_interface.h:49
#15 0x00007f1116e4a6c8 in NSPluginLoader::newInstance (this=<value optimized out>, parent=<value optimized out>, url=<value optimized out>, mimeType=<value optimized out>, 
    embed=<value optimized out>, _argn=<value optimized out>, _argv=@0x7fff3e3485a0, ownDBusId=@0x7fff3e3484b0, callbackId=@0x3cb6960, reload=<value optimized out>)
    at /usr/src/debug/kdebase-4.2.95/apps/nsplugins/nspluginloader.cpp:474
#16 0x00007f1116e451fa in PluginPart::openUrl (this=<value optimized out>, url=<value optimized out>) at /usr/src/debug/kdebase-4.2.95/apps/nsplugins/plugin_part.cpp:266
#17 0x00007f111c36c339 in KHTMLPart::processObjectRequest (this=0x163ab70, child=0x3673f80, _url=<value optimized out>, mimetype=<value optimized out>)
    at /usr/src/debug/kdelibs-4.2.95/khtml/khtml_part.cpp:4496
#18 0x00007f111c36d034 in KHTMLPart::requestObject (this=0x163ab70, child=0x3673f80, url=@0x7fff3e348c50, _args=<value optimized out>, browserArgs=<value optimized out>)
    at /usr/src/debug/kdelibs-4.2.95/khtml/khtml_part.cpp:4247
#19 0x00007f111c36d47f in KHTMLPart::requestObject (this=0x163ab70, frame=<value optimized out>, url=<value optimized out>, serviceType=<value optimized out>, params=<value optimized out>)
    at /usr/src/debug/kdelibs-4.2.95/khtml/khtml_part.cpp:4181
#20 0x00007f111c438e56 in DOM::HTMLObjectBaseElementImpl::computeContent (this=<value optimized out>) at /usr/src/debug/kdelibs-4.2.95/khtml/html/html_objectimpl.cpp:522
#21 0x00007f111c3fb69a in khtml::KHTMLParser::popOneBlock (this=0x1b5f090, delBlock=true) at /usr/src/debug/kdelibs-4.2.95/khtml/html/htmlparser.cpp:1863
#22 0x00007f111c3fc386 in khtml::KHTMLParser::popBlock (this=0x1b5f090, _id=72) at /usr/src/debug/kdelibs-4.2.95/khtml/html/htmlparser.cpp:1804
#23 0x00007f111c3fe96d in khtml::KHTMLParser::parseToken (this=0x1b5f090, t=0x1712b08) at /usr/src/debug/kdelibs-4.2.95/khtml/html/htmlparser.cpp:254
#24 0x00007f111c4000be in khtml::HTMLTokenizer::processToken (this=0x1712ae0) at /usr/src/debug/kdelibs-4.2.95/khtml/html/htmltokenizer.cpp:2056
#25 0x00007f111c405e26 in khtml::HTMLTokenizer::parseTag (this=0x1712ae0, src=@0x1713048) at /usr/src/debug/kdelibs-4.2.95/khtml/html/htmltokenizer.cpp:1529
#26 0x00007f111c4066dc in khtml::HTMLTokenizer::write (this=0x1712ae0, str=<value optimized out>, appendData=<value optimized out>) at /usr/src/debug/kdelibs-4.2.95/khtml/html/htmltokenizer.cpp:1810
#27 0x00007f111c3b5051 in DOM::DocumentImpl::write (this=0x1a07ad0, text=@0x7fff3e349b20) at /usr/src/debug/kdelibs-4.2.95/khtml/xml/dom_docimpl.cpp:1679
#28 0x00007f111c573aaf in KJS::HTMLDocFunction::callAsFunction (this=0x7f1119f6eec0, exec=0x7fff3e34a090, thisObj=<value optimized out>, args=@0x7fff3e34a000)
    at /usr/src/debug/kdelibs-4.2.95/khtml/ecma/kjs_html.cpp:137
#29 0x00007f111bc9f6fd in KJS::JSObject::call (this=0x7f1119f6eec0, exec=0x7fff3e34a090, thisObj=0x7f1119f6f140, args=@0x7fff3e34a000) at /usr/src/debug/kdelibs-4.2.95/kjs/object.cpp:69
#30 0x00007f111bcb9109 in KJS::Machine::runBlock (exec=0x7fff3e34a090, codeBlock=<value optimized out>, parentExec=<value optimized out>) at codes.def:1192
#31 0x00007f111bc9b323 in KJS::FunctionImp::callAsFunction (this=0x7f1119f61640, exec=0x7fff3e34a8e0, thisObj=<value optimized out>, args=<value optimized out>)
    at /usr/src/debug/kdelibs-4.2.95/kjs/function.cpp:144
#32 0x00007f111bc9f6fd in KJS::JSObject::call (this=0x7f1119f61640, exec=0x7fff3e34a8e0, thisObj=0x7f1119f70000, args=@0x7fff3e34a6b0) at /usr/src/debug/kdelibs-4.2.95/kjs/object.cpp:69
#33 0x00007f111bcb9109 in KJS::Machine::runBlock (exec=0x7fff3e34a8e0, codeBlock=<value optimized out>, parentExec=<value optimized out>) at codes.def:1192
#34 0x00007f111bc6caa5 in KJS::FunctionBodyNode::execute (this=0x3e27670, exec=0x7fff3e34a8e0) at /usr/src/debug/kdelibs-4.2.95/kjs/nodes.cpp:928
#35 0x00007f111bca132b in KJS::Interpreter::evaluate (this=0x183ffa0, sourceURL=<value optimized out>, startingLineNumber=<value optimized out>, code=<value optimized out>, 
    codeLength=<value optimized out>, thisV=0x7f1119f70000) at /usr/src/debug/kdelibs-4.2.95/kjs/interpreter.cpp:556
#36 0x00007f111bca1419 in KJS::Interpreter::evaluate (this=0x183ffa0, sourceURL=@0x7fff3e34ab90, startingLineNumber=12, code=@0x7fff3e34aba0, thisV=<value optimized out>)
    at /usr/src/debug/kdelibs-4.2.95/kjs/interpreter.cpp:496
#37 0x00007f111c595435 in KJS::KJSProxyImpl::evaluate (this=0x1789870, filename=<value optimized out>, baseLine=<value optimized out>, str=<value optimized out>, n=<value optimized out>, 
    completion=0x7fff3e34ac50) at /usr/src/debug/kdelibs-4.2.95/khtml/ecma/kjs_proxy.cpp:158
#38 0x00007f111c376684 in KHTMLPart::executeScript (this=0x163ab70, filename=<value optimized out>, baseLine=<value optimized out>, n=@0x7fff3e34ad40, script=@0x7fff3e34af80)
    at /usr/src/debug/kdelibs-4.2.95/khtml/khtml_part.cpp:1328
#39 0x00007f111c402c06 in khtml::HTMLTokenizer::scriptExecution (this=0x1712ae0, str=<value optimized out>, scriptURL=<value optimized out>, baseLine=<value optimized out>)
    at /usr/src/debug/kdelibs-4.2.95/khtml/html/htmltokenizer.cpp:501
#40 0x00007f111c4032f9 in khtml::HTMLTokenizer::scriptHandler (this=0x1712ae0) at /usr/src/debug/kdelibs-4.2.95/khtml/html/htmltokenizer.cpp:454
#41 0x00007f111c403c05 in khtml::HTMLTokenizer::parseSpecial (this=0x1712ae0, src=<value optimized out>) at /usr/src/debug/kdelibs-4.2.95/khtml/html/htmltokenizer.cpp:369
#42 0x00007f111c405f41 in khtml::HTMLTokenizer::parseTag (this=0x1712ae0, src=@0x1713048) at /usr/src/debug/kdelibs-4.2.95/khtml/html/htmltokenizer.cpp:1550
#43 0x00007f111c4066dc in khtml::HTMLTokenizer::write (this=0x1712ae0, str=<value optimized out>, appendData=<value optimized out>) at /usr/src/debug/kdelibs-4.2.95/khtml/html/htmltokenizer.cpp:1810
#44 0x00007f111c402eda in khtml::HTMLTokenizer::notifyFinished (this=0x1712ae0) at /usr/src/debug/kdelibs-4.2.95/khtml/html/htmltokenizer.cpp:2135
#45 0x00007f111c5181a9 in khtml::CachedScript::checkNotify (this=0x1959d90) at /usr/src/debug/kdelibs-4.2.95/khtml/misc/loader.cpp:390
#46 0x00007f111c51e091 in khtml::CachedScript::data (this=0x1959d90, buffer=<value optimized out>, eof=<value optimized out>) at /usr/src/debug/kdelibs-4.2.95/khtml/misc/loader.cpp:382
#47 0x00007f111c51aa33 in khtml::Loader::slotFinished (this=0x166bef0, job=0x177c1a0) at /usr/src/debug/kdelibs-4.2.95/khtml/misc/loader.cpp:1461
#48 0x00007f111c51ad23 in khtml::Loader::qt_metacall (this=0x166bef0, _c=QMetaObject::InvokeMetaMethod, _id=<value optimized out>, _a=0x7fff3e34bc80)
    at /usr/src/debug/kdelibs-4.2.95/build/khtml/loader.moc:131
#49 0x00007f11312b8942 in QMetaObject::activate (sender=0x177c1a0, from_signal_index=<value optimized out>, to_signal_index=<value optimized out>, argv=0xffffffffffffffff) at kernel/qobject.cpp:3104
#50 0x00007f1130bd0222 in KJob::result (this=0x5707, _t1=0x177c1a0) at /usr/src/debug/kdelibs-4.2.95/build/kdecore/kjob.moc:188
#51 0x00007f1130bd0623 in KJob::emitResult (this=0x177c1a0) at /usr/src/debug/kdelibs-4.2.95/kdecore/jobs/kjob.cpp:304
#52 0x00007f113016ed81 in KIO::SimpleJob::slotFinished (this=0x177c1a0) at /usr/src/debug/kdelibs-4.2.95/kio/kio/job.cpp:477
#53 0x00007f113016f0f8 in KIO::TransferJob::slotFinished (this=0x177c1a0) at /usr/src/debug/kdelibs-4.2.95/kio/kio/job.cpp:948
#54 0x00007f113017525d in KIO::TransferJob::qt_metacall (this=0x177c1a0, _c=QMetaObject::InvokeMetaMethod, _id=<value optimized out>, _a=0x7fff3e34c070)
    at /usr/src/debug/kdelibs-4.2.95/build/kio/jobclasses.moc:343
#55 0x00007f11312b8942 in QMetaObject::activate (sender=0x29b3840, from_signal_index=<value optimized out>, to_signal_index=<value optimized out>, argv=0xffffffffffffffff) at kernel/qobject.cpp:3104
#56 0x00007f113020bb42 in KIO::SlaveInterface::dispatch (this=<value optimized out>, _cmd=104, rawdata=@0x7fff3e34c2b0) at /usr/src/debug/kdelibs-4.2.95/kio/kio/slaveinterface.cpp:175
#57 0x00007f113020c44a in KIO::SlaveInterface::dispatch (this=0x29b3840) at /usr/src/debug/kdelibs-4.2.95/kio/kio/slaveinterface.cpp:91
#58 0x00007f11302014b9 in KIO::Slave::gotInput (this=0x29b3840) at /usr/src/debug/kdelibs-4.2.95/kio/kio/slave.cpp:322
#59 0x00007f11302025bc in KIO::Slave::qt_metacall (this=0x29b3840, _c=QMetaObject::InvokeMetaMethod, _id=<value optimized out>, _a=0x7fff3e34c420)
    at /usr/src/debug/kdelibs-4.2.95/build/kio/slave.moc:76
#60 0x00007f11312b8942 in QMetaObject::activate (sender=0x2c16f30, from_signal_index=<value optimized out>, to_signal_index=<value optimized out>, argv=0xffffffffffffffff) at kernel/qobject.cpp:3104
#61 0x00007f113014793b in KIO::ConnectionPrivate::dequeue (this=0x188f880) at /usr/src/debug/kdelibs-4.2.95/kio/kio/connection.cpp:82
#62 0x00007f11301486cd in KIO::Connection::qt_metacall (this=0x2c16f30, _c=QMetaObject::InvokeMetaMethod, _id=<value optimized out>, _a=0x28adee0)
    at /usr/src/debug/kdelibs-4.2.95/build/kio/connection.moc:73
#63 0x00007f11312b2ad9 in QObject::event (this=0x2c16f30, e=0x11cfda0) at kernel/qobject.cpp:1102
#64 0x00007f112f05bc9c in QApplicationPrivate::notify_helper (this=0x1064e50, receiver=0x2c16f30, e=0x11cfda0) at kernel/qapplication.cpp:4056
#65 0x00007f112f062f5e in QApplication::notify (this=0x7fff3e34cf20, receiver=0x2c16f30, e=0x11cfda0) at kernel/qapplication.cpp:4021
#66 0x00007f112fc71ade in KApplication::notify (this=0x7fff3e34cf20, receiver=0x2c16f30, event=0x11cfda0) at /usr/src/debug/kdelibs-4.2.95/kdeui/kernel/kapplication.cpp:302
#67 0x00007f11312a327c in QCoreApplication::notifyInternal (this=0x7fff3e34cf20, receiver=0x2c16f30, event=0x11cfda0) at kernel/qcoreapplication.cpp:610
#68 0x00007f11312a3e78 in QCoreApplicationPrivate::sendPostedEvents (receiver=0x0, event_type=<value optimized out>, data=0xfc0750) at ../../src/corelib/kernel/qcoreapplication.h:213
#69 0x00007f11312cc6f3 in postEventSourceDispatch (s=<value optimized out>) at ../../src/corelib/kernel/qcoreapplication.h:218
#70 0x00007f112dfb3a8e in IA__g_main_context_dispatch (context=0x10678c0) at gmain.c:1814
#71 0x00007f112dfb71f8 in g_main_context_iterate (context=0x10678c0, block=<value optimized out>, dispatch=<value optimized out>, self=<value optimized out>) at gmain.c:2445
#72 0x00007f112dfb7340 in IA__g_main_context_iteration (context=0x10678c0, may_block=1) at gmain.c:2508
#73 0x00007f11312cc366 in QEventDispatcherGlib::processEvents (this=0xfc3070, flags=<value optimized out>) at kernel/qeventdispatcher_glib.cpp:327
#74 0x00007f112f0f0a3e in QGuiEventDispatcherGlib::processEvents (this=0x5707, flags=<value optimized out>) at kernel/qguieventdispatcher_glib.cpp:202
#75 0x00007f11312a1b42 in QEventLoop::processEvents (this=<value optimized out>, flags=) at kernel/qeventloop.cpp:149
#76 0x00007f11312a1f1c in QEventLoop::exec (this=0x7fff3e34cd30, flags=) at kernel/qeventloop.cpp:201
#77 0x00007f11312a4129 in QCoreApplication::exec () at kernel/qcoreapplication.cpp:888
#78 0x00007f1125ba5807 in kdemain (argc=<value optimized out>, argv=<value optimized out>) at /usr/src/debug/kdebase-4.2.95/apps/konqueror/src/konqmain.cpp:257
#79 0x00000000004067f2 in launch (argc=4, _name=<value optimized out>, args=<value optimized out>, cwd=<value optimized out>, envc=<value optimized out>, envs=<value optimized out>, reset_env=true, 
    tty=0x0, avoid_loops=false, startup_id_str=0x1017157 "cooker;1246163256;672402;3352_TIME80520678") at /usr/src/debug/kdelibs-4.2.95/kinit/kinit.cpp:672
#80 0x0000000000406f88 in handle_launcher_request (sock=31, who=<value optimized out>) at /usr/src/debug/kdelibs-4.2.95/kinit/kinit.cpp:1164
#81 0x0000000000407be8 in handle_requests (waitForPid=0) at /usr/src/debug/kdelibs-4.2.95/kinit/kinit.cpp:1348
#82 0x0000000000408430 in main (argc=2, argv=<value optimized out>, envp=<value optimized out>) at /usr/src/debug/kdelibs-4.2.95/kinit/kinit.cpp:1784
Comment 1 Andrey Borzenkov 2009-06-28 11:34:48 UTC 
Hmm ... according to debug sources, line dbus-message.c:1071 is

DBusMessage*
dbus_message_new_method_call (const char *destination,
                              const char *path,
                              const char *interface,
                              const char *method)
{
  DBusMessage *message;

  _dbus_return_val_if_fail (path != NULL, NULL);
  _dbus_return_val_if_fail (method != NULL, NULL);

but backtrace claims method is valid != NULL. Confused.
Comment 2 Pino Toscano 2009-06-28 12:09:32 UTC 
Maksim: didn't you fix invalid QDBusObjectPath's few days ago?
Comment 3 Maksim Orlovich 2009-06-28 17:32:33 UTC 
re: comment #2: what I fixed was nspluginviewer crashing with an assert inside QDBus if it failed to open a plugin.

I think I should ask thiago about this one. @reporter: what Qt and libdbus versions are you using?
Comment 4 Andrey Borzenkov 2009-06-28 18:00:54 UTC 
(In reply to comment #3)
> @reporter: what Qt and libdbus
> versions are you using?

As stated:

KDE 4.2.95/Qt 4.5.2 x86_64 as shipped by Mandriva. Flash 10.0.22 from Adobe,
D-Bus 1.2.4.6permissive compiled with assertions enabled.

If more specific information is required, please tell me.
Comment 5 Maksim Orlovich 2009-06-29 01:40:37 UTC 
Yeah, sorry. Missed that --- was reading the report before my morning tea..

Anyway:
<thiago_home> SadEagle:
<thiago_home> #9  0x00007f112499ae89 in dbus_message_new_method_call (destination=0x18d40b8
<thiago_home> "org.kde.nspluginviewer-22279", path=0x0, interface=0x2e1e9b8
<thiago_home> "org.kde.nsplugins.Class", method=0x396fbe8 "newInstance")
<thiago_home> path=0x0 is the problem
<thiago_home> which means the object in frame 14 is not properly created
Comment 6 Dario Andres 2009-07-07 23:07:14 UTC 
*** Bug 198591 has been marked as a duplicate of this bug. ***
Comment 7 Dario Andres 2009-07-07 23:07:34 UTC 
*** Bug 199334 has been marked as a duplicate of this bug. ***
Comment 8 Dario Andres 2009-07-09 20:28:33 UTC 
*** Bug 199535 has been marked as a duplicate of this bug. ***
Comment 9 Dario Andres 2009-07-09 22:21:36 UTC 
*** Bug 199600 has been marked as a duplicate of this bug. ***
Comment 10 Dario Andres 2009-07-10 17:09:50 UTC 
*** Bug 199642 has been marked as a duplicate of this bug. ***
Comment 11 Dario Andres 2009-07-15 22:46:36 UTC 
*** Bug 200366 has been marked as a duplicate of this bug. ***
Comment 12 Dario Andres 2009-07-16 17:15:59 UTC 
*** Bug 200416 has been marked as a duplicate of this bug. ***
Comment 13 Dario Andres 2009-07-18 17:37:44 UTC 
*** Bug 200547 has been marked as a duplicate of this bug. ***
Comment 14 Maksim Orlovich 2009-07-19 19:20:38 UTC 
SVN commit 999357 by orlovich:

Handle hard failures here as well. Much credit to 
Thiago for helping me understand the assert.

BUG: 198141


 M  +2 -2      nspluginloader.cpp  


WebSVN link: http://websvn.kde.org/?view=rev&revision=999357
Comment 15 Maksim Orlovich 2009-07-19 19:56:21 UTC 
SVN commit 999376 by orlovich:

Merged revision:r999357 | orlovich | 2009-07-19 13:20:34 -0400 (Sun, 19 Jul 2009) | 5 lines

Handle hard failures here as well. Much credit to 
Thiago for helping me understand the assert.

BUG: 198141

 M  +2 -2      nspluginloader.cpp  


WebSVN link: http://websvn.kde.org/?view=rev&revision=999376
Comment 16 Dario Andres 2009-07-22 15:42:53 UTC 
*** Bug 201105 has been marked as a duplicate of this bug. ***
Comment 17 Dario Andres 2009-07-31 15:10:59 UTC 
*** Bug 202033 has been marked as a duplicate of this bug. ***