Bug 201053

Summary: konqueror crashed when I was just surfing the internet (not null DOM::DocumentImpl::view, KJS::XMLHttpRequest::slotFinished)
Product: [Applications] konqueror Reporter: Gatoso <gatoso>
Component: khtml ecmaAssignee: Konqueror Developers <konq-bugs>
Status: RESOLVED FIXED    
Severity: crash CC: andresbajotierra, doehni, mtadeunet, ophilar, xtekhne, zahl
Priority: NOR    
Version: 4.2.4   
Target Milestone: ---   
Platform: Fedora RPMs   
OS: Linux   
Latest Commit: Version Fixed In:
Sentry Crash Report:

Description Gatoso 2009-07-22 01:52:01 UTC 
Version:            (using KDE 4.2.4)
OS:                Linux
Installed from:    Fedora RPMs

I have this issue at least 4 times in 2 hours...

really this is frustrating, I can not surf relaxed u___u

I think this issue is caused when konqueror uses the flash plugin. I use the flash plugin content in the adobe repository (I use fedora)

Backtraces

Aplicación: Konqueror (konqueror), señal SIGSEGV
[Current thread is 1 (Thread 0xb7f2d780 (LWP 5483))]

Thread 2 (Thread 0xb45c9b70 (LWP 5614)):
#0  0x00b3c422 in __kernel_vsyscall ()
#1  0x0090aee1 in select () from /lib/libc.so.6
#2  0x06e27605 in QProcessManager::run (this=0x9f91918) at io/qprocess_unix.cpp:305
#3  0x06d5921e in QThreadPrivate::start (arg=0x9f91918) at thread/qthread_unix.cpp:189
#4  0x009de935 in start_thread (arg=0xb45c9b70) at pthread_create.c:297
#5  0x0091282e in clone () at ../sysdeps/unix/sysv/linux/i386/clone.S:130

Thread 1 (Thread 0xb7f2d780 (LWP 5483)):
[KCrash Handler]
#6  DOM::DocumentImpl::view (this=0xb4920140) at /usr/src/debug/kdelibs-4.2.4/khtml/xml/dom_docimpl.cpp:2907
#7  0x04c39714 in KJS::XMLHttpRequest::slotFinished (this=0xb4920140) at /usr/src/debug/kdelibs-4.2.4/khtml/ecma/xmlhttprequest.cpp:719
#8  0x04c3a962 in KJS::XMLHttpRequestQObject::slotFinished (job=<value optimized out>, this=<value optimized out>, this=<value optimized out>, job=<value optimized out>)
    at /usr/src/debug/kdelibs-4.2.4/khtml/ecma/xmlhttprequest.cpp:93
#9  KJS::XMLHttpRequestQObject::qt_metacall (job=<value optimized out>, this=<value optimized out>, this=<value optimized out>, job=<value optimized out>)
    at /usr/src/debug/kdelibs-4.2.4/i586-redhat-linux-gnu/khtml/xmlhttprequest.moc:72
#10 0x06e5efc3 in QMetaObject::activate (sender=0xbf4d808, from_signal_index=7, to_signal_index=7, argv=0xbfac7cf8) at kernel/qobject.cpp:3120
#11 0x06e5fc12 in QMetaObject::activate (sender=0xbf4d808, m=0x59a5648, local_signal_index=3, argv=0xbfac7cf8) at kernel/qobject.cpp:3194
#12 0x0582c193 in KJob::result (this=0xbf4d808, _t1=0xbf4d808) at /usr/src/debug/kdelibs-4.2.4/i586-redhat-linux-gnu/kdecore/kjob.moc:188
#13 0x0582c619 in KJob::emitResult (this=0xbf4d808) at /usr/src/debug/kdelibs-4.2.4/kdecore/jobs/kjob.cpp:294
#14 0x05f15b50 in KIO::SimpleJob::slotFinished (this=0xbf4d808) at /usr/src/debug/kdelibs-4.2.4/kio/kio/job.cpp:489
#15 0x05f1605a in KIO::TransferJob::slotFinished (this=0xbf4d808) at /usr/src/debug/kdelibs-4.2.4/kio/kio/job.cpp:966
#16 0x05f15393 in KIO::TransferJob::qt_metacall (this=0xbf4d808, _c=QMetaObject::InvokeMetaMethod, _id=47, _a=0xbfac7f5c) at /usr/src/debug/kdelibs-4.2.4/i586-redhat-linux-gnu/kio/jobclasses.moc:343
#17 0x06e5efc3 in QMetaObject::activate (sender=0xab5cf58, from_signal_index=8, to_signal_index=8, argv=0x0) at kernel/qobject.cpp:3120
#18 0x06e5fc12 in QMetaObject::activate (sender=0xab5cf58, m=0x60d7804, local_signal_index=4, argv=0x0) at kernel/qobject.cpp:3194
#19 0x05fcb197 in KIO::SlaveInterface::finished (this=0xab5cf58) at /usr/src/debug/kdelibs-4.2.4/i586-redhat-linux-gnu/kio/slaveinterface.moc:165
#20 0x05fcda72 in KIO::SlaveInterface::dispatch (this=0xab5cf58, _cmd=104, rawdata=@0xbfac8108) at /usr/src/debug/kdelibs-4.2.4/kio/kio/slaveinterface.cpp:175
#21 0x05fcb783 in KIO::SlaveInterface::dispatch (this=0xab5cf58) at /usr/src/debug/kdelibs-4.2.4/kio/kio/slaveinterface.cpp:91
#22 0x05fbe680 in KIO::Slave::gotInput (this=0xab5cf58) at /usr/src/debug/kdelibs-4.2.4/kio/kio/slave.cpp:322
#23 0x05fbe813 in KIO::Slave::qt_metacall (this=0xab5cf58, _c=QMetaObject::InvokeMetaMethod, _id=30, _a=0xbfac822c) at /usr/src/debug/kdelibs-4.2.4/i586-redhat-linux-gnu/kio/slave.moc:76
#24 0x06e5efc3 in QMetaObject::activate (sender=0xab7b438, from_signal_index=4, to_signal_index=4, argv=0x0) at kernel/qobject.cpp:3120
#25 0x06e5fc12 in QMetaObject::activate (sender=0xab7b438, m=0x60d42e0, local_signal_index=0, argv=0x0) at kernel/qobject.cpp:3194
#26 0x05ee53c7 in KIO::Connection::readyRead (this=0xab7b438) at /usr/src/debug/kdelibs-4.2.4/i586-redhat-linux-gnu/kio/connection.moc:86
#27 0x05ee74ae in KIO::ConnectionPrivate::dequeue (this=0xa5b84f8) at /usr/src/debug/kdelibs-4.2.4/kio/kio/connection.cpp:82
#28 0x05ee75de in KIO::Connection::qt_metacall (this=0xab7b438, _c=QMetaObject::InvokeMetaMethod, _id=5, _a=0xa044900) at /usr/src/debug/kdelibs-4.2.4/i586-redhat-linux-gnu/kio/connection.moc:73
#29 0x06e57b7b in QMetaCallEvent::placeMetaCall (this=0xa630180, object=0xab7b438) at kernel/qobject.cpp:489
#30 0x06e5926e in QObject::event (this=0xab7b438, e=0xa630180) at kernel/qobject.cpp:1118
#31 0x07269444 in QApplicationPrivate::notify_helper (this=0x9f8e0f8, receiver=0xab7b438, e=0xa630180) at kernel/qapplication.cpp:4057
#32 0x07270abe in QApplication::notify (this=0xbfac8b60, receiver=0xab7b438, e=0xa630180) at kernel/qapplication.cpp:4022
#33 0x05b733ca in KApplication::notify (this=0xbfac8b60, receiver=0xab7b438, event=0xa630180) at /usr/src/debug/kdelibs-4.2.4/kdeui/kernel/kapplication.cpp:307
#34 0x06e48fdb in QCoreApplication::notifyInternal (this=0xbfac8b60, receiver=0xab7b438, event=0xa630180) at kernel/qcoreapplication.cpp:610
#35 0x06e49ad8 in QCoreApplication::sendEvent (event=<value optimized out>, receiver=<value optimized out>) at kernel/qcoreapplication.h:213
#36 QCoreApplicationPrivate::sendPostedEvents (event=<value optimized out>, receiver=<value optimized out>) at kernel/qcoreapplication.cpp:1247
#37 0x06e49cad in QCoreApplication::sendPostedEvents (receiver=0x0, event_type=0) at kernel/qcoreapplication.cpp:1140
#38 0x06e740af in QCoreApplication::sendPostedEvents () at kernel/qcoreapplication.h:218
#39 postEventSourceDispatch () at kernel/qeventdispatcher_glib.cpp:209
#40 0x00145d78 in g_main_dispatch (context=<value optimized out>) at gmain.c:1814
#41 IA__g_main_context_dispatch (context=<value optimized out>) at gmain.c:2367
#42 0x00149310 in g_main_context_iterate (context=0x9f90490, block=<value optimized out>, dispatch=1, self=0x9f8e2e0) at gmain.c:2445
#43 0x00149443 in IA__g_main_context_iteration (context=0x9f90490, may_block=1) at gmain.c:2508
#44 0x06e73cdc in QEventDispatcherGlib::processEvents (this=0x9f7b4c8, flags={i = 36}) at kernel/qeventdispatcher_glib.cpp:324
#45 0x07308305 in QGuiEventDispatcherGlib::processEvents (this=0x9f7b4c8, flags={i = 36}) at kernel/qguieventdispatcher_glib.cpp:202
#46 0x06e475c9 in QEventLoop::processEvents (this=0xbfac8a24, flags={i = 36}) at kernel/qeventloop.cpp:149
#47 0x06e47a12 in QEventLoop::exec (this=0xbfac8a24, flags={i = 0}) at kernel/qeventloop.cpp:200
#48 0x06e49d6f in QCoreApplication::exec () at kernel/qcoreapplication.cpp:888
#49 0x072692c7 in QApplication::exec () at kernel/qapplication.cpp:3526
#50 0x062ba0b9 in kdemain (argc=2, argv=0xbfac8ed4) at /usr/src/debug/kdebase-4.2.4/apps/konqueror/src/konqmain.cpp:257
#51 0x080486db in main (argc=2, argv=0xbfac8ed4) at /usr/src/debug/kdebase-4.2.4/i586-redhat-linux-gnu/apps/konqueror/src/konqueror_dummy.cpp:3
Comment 1 Pino Toscano 2009-07-22 01:58:19 UTC 
Can you find out which sites crash, with this backtrace, konqueror for you?
Comment 2 Gatoso 2009-07-22 03:31:52 UTC 
well many many many sites youtube, comunidadconce.cl, deviantar.com and sorry I can't remember more...

but as I say I think this a problem with the flash plugin becouse this error occurs when flash is runing (a video and facebook apps make in flash for example)...
Comment 3 Dario Andres 2009-07-22 15:39:55 UTC 
Looks like this could be related to bug 198065 and bug 199959 (deviantart related). Thanks
Comment 4 Dario Andres 2009-09-16 03:44:34 UTC 
*** Bug 198065 has been marked as a duplicate of this bug. ***
Comment 5 Dario Andres 2009-09-16 03:44:36 UTC 
*** Bug 207525 has been marked as a duplicate of this bug. ***
Comment 6 Dario Andres 2009-10-21 17:05:37 UTC 
*** Bug 210968 has been marked as a duplicate of this bug. ***
Comment 7 Dario Andres 2009-10-21 17:06:20 UTC 
From bug 210968: 

What I was doing when the application crashed:
Was browsing with some tabs (about 5?) open. In a new tab I opened the
brainstorm section of the kde forums and konqueror crashed.
Comment 8 Dario Andres 2009-12-06 23:54:42 UTC 
From bug 217102:
---
What I was doing when the application crashed:
Surfed the KDE Brainstorm site, closed Konqueror and it crashed.

--
Updated backtrace:
---
 -- Backtrace:
Application: Konqueror (kdeinit4), signal: Segmentation fault
[KCrash Handler]
#6  DOM::DocumentImpl::view (this=0xb6820040) at
../../khtml/xml/dom_docimpl.cpp:2907
#7  0xb46ec294 in KJS::XMLHttpRequest::slotFinished (this=0xb6820040) at
../../khtml/ecma/xmlhttprequest.cpp:720
#8  0xb46ed4e2 in KJS::XMLHttpRequestQObject::slotFinished (this=0x8e2cb80,
_c=QMetaObject::InvokeMetaMethod, _id=5, _a=0xbfd7e028) at
../../khtml/ecma/xmlhttprequest.cpp:93
#9  KJS::XMLHttpRequestQObject::qt_metacall (this=0x8e2cb80,
_c=QMetaObject::InvokeMetaMethod, _id=5, _a=0xbfd7e028) at
./xmlhttprequest.moc:72
Comment 9 Dario Andres 2009-12-06 23:54:44 UTC 
*** Bug 217102 has been marked as a duplicate of this bug. ***
Comment 10 Dario Andres 2009-12-06 23:54:59 UTC 
*** Bug 216992 has been marked as a duplicate of this bug. ***
Comment 11 Maksim Orlovich 2010-01-15 19:10:58 UTC 
SVN commit 1075245 by orlovich:

- Make sure to cancel non-POST XHR jobs when the related document 
object is destroyed. (#160087)
- Related to this, don't crash trying to emit events when we get 
to changeState w/o a doc (#187597, #214584, #213987, #201053).
Also add some paranoia about that for the methods.
- Handle encoding inside mimetype overrides. (Some demo by Mr. Strigi).

BUG: 160087
BUG: 187597
BUG: 214584
BUG: 213987
BUG: 201053


 M  +32 -6     xmlhttprequest.cpp  


WebSVN link: http://websvn.kde.org/?view=rev&revision=1075245
Comment 12 Maksim Orlovich 2010-01-15 19:17:54 UTC 
SVN commit 1075253 by orlovich:

automatically merged revision 1075245:
- Make sure to cancel non-POST XHR jobs when the related document 
object is destroyed. (#160087)
- Related to this, don't crash trying to emit events when we get 
to changeState w/o a doc (#187597, #214584, #213987, #201053).
Also add some paranoia about that for the methods.
- Handle encoding inside mimetype overrides. (Some demo by Mr. Strigi).

BUG: 160087
BUG: 187597
BUG: 214584
BUG: 213987
BUG: 201053

 M  +32 -6     xmlhttprequest.cpp  


WebSVN link: http://websvn.kde.org/?view=rev&revision=1075253