Bug 204834

Summary: Konqueror crash in JavaScript
Product: [Applications] konqueror Reporter: Andrey Borzenkov <arvidjaar>
Component: generalAssignee: Konqueror Developers <konq-bugs>
Status: RESOLVED DUPLICATE    
Severity: crash    
Priority: NOR    
Version: 4.3.0   
Target Milestone: ---   
Platform: Mandriva RPMs   
OS: Linux   
Latest Commit: Version Fixed In:
Sentry Crash Report:

Description Andrey Borzenkov 2009-08-23 09:16:52 UTC 
Version:            (using KDE 4.3.0)
OS:                Linux
Installed from:    Mandriva RPMs

I was on www.nvidia.com, went to driver downloads, selected Linux driver and pressed Search. Result is below.

Application: Konqueror (kdeinit4), signal: Segmentation fault
[Current thread is 1 (Thread 0x7f19b0384710 (LWP 6831))]

Thread 3 (Thread 0x7f1994167910 (LWP 22238)):
#0  0x00007f19afb5d0dd in pthread_cond_timedwait@@GLIBC_2.3.2 () from /lib64/libpthread.so.0
#1  0x00007f19afdc7cc2 in QWaitCondition::wait (this=<value optimized out>, mutex=0x2253b80, time=30000) at thread/qwaitcondition_unix.cpp:85
#2  0x00007f19afdbddf2 in QThreadPoolThread::run (this=<value optimized out>) at concurrent/qthreadpool.cpp:140
#3  0x00007f19afdc6ca5 in QThreadPrivate::start (arg=0x204e150) at thread/qthread_unix.cpp:188
#4  0x00007f19afb587cd in start_thread () from /lib64/libpthread.so.0
#5  0x00007f19ad55c37d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:112
#6  0x0000000000000000 in ?? ()

Thread 2 (Thread 0x7f199b0f3910 (LWP 22245)):
#0  0x00007f19afb5d0dd in pthread_cond_timedwait@@GLIBC_2.3.2 () from /lib64/libpthread.so.0
#1  0x00007f19afdc7cc2 in QWaitCondition::wait (this=<value optimized out>, mutex=0x2253b80, time=30000) at thread/qwaitcondition_unix.cpp:85
#2  0x00007f19afdbddf2 in QThreadPoolThread::run (this=<value optimized out>) at concurrent/qthreadpool.cpp:140
#3  0x00007f19afdc6ca5 in QThreadPrivate::start (arg=0x2253ce0) at thread/qthread_unix.cpp:188
#4  0x00007f19afb587cd in start_thread () from /lib64/libpthread.so.0
#5  0x00007f19ad55c37d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:112
#6  0x0000000000000000 in ?? ()

Thread 1 (Thread 0x7f19b0384710 (LWP 6831)):
[KCrash Handler]
#5  0x00007f199ce9d8f7 in KJS::UString::Rep::data (this=0x3473500) at /usr/src/debug/kdelibs-4.3.0/kjs/ustring.h:155
#6  0x00007f199ceb8e30 in KJS::UString::Rep::hash (this=0x3473500) at /usr/src/debug/kdelibs-4.3.0/kjs/ustring.h:158
#7  0x00007f199cedd84e in WTF::HashTable<KJS::UString::Rep*, std::pair<KJS::UString::Rep*, std::pair<KJS::StringImp*, int> >, WTF::PairFirstExtractor<std::pair<KJS::UString::Rep*, std::pair<KJS::StringImp*, int> > >, WTF::StrHash<KJS::UString::Rep*>, WTF::PairHashTraits<WTF::HashTraits<KJS::UString::Rep*>, WTF::HashTraits<std::pair<KJS::StringImp*, int> > >, WTF::HashTraits<KJS::UString::Rep*> >::lookupForWriting<KJS::UString::Rep*, WTF::IdentityHashTranslator<KJS::UString::Rep*, std::pair<KJS::UString::Rep*, std::pair<KJS::StringImp*, int> >, WTF::StrHash<KJS::UString::Rep*> > > (
    this=<value optimized out>, key=@0x44ddde8) at /usr/src/debug/kdelibs-4.3.0/kjs/wtf/HashTable.h:508
#8  0x00007f199cedd969 in WTF::HashTable<KJS::UString::Rep*, std::pair<KJS::UString::Rep*, std::pair<KJS::StringImp*, int> >, WTF::PairFirstExtractor<std::pair<KJS::UString::Rep*, std::pair<KJS::StringImp*, int> > >, WTF::StrHash<KJS::UString::Rep*>, WTF::PairHashTraits<WTF::HashTraits<KJS::UString::Rep*>, WTF::HashTraits<std::pair<KJS::StringImp*, int> > >, WTF::HashTraits<KJS::UString::Rep*> >::lookupForWriting (this=0x3473500, key=@0x44ddde8) at /usr/src/debug/kdelibs-4.3.0/kjs/wtf/HashTable.h:344
#9  0x00007f199cedd9ce in WTF::HashTable<KJS::UString::Rep*, std::pair<KJS::UString::Rep*, std::pair<KJS::StringImp*, int> >, WTF::PairFirstExtractor<std::pair<KJS::UString::Rep*, std::pair<KJS::StringImp*, int> > >, WTF::StrHash<KJS::UString::Rep*>, WTF::PairHashTraits<WTF::HashTraits<KJS::UString::Rep*>, WTF::HashTraits<std::pair<KJS::StringImp*, int> > >, WTF::HashTraits<KJS::UString::Rep*> >::reinsert (this=0x224cdf0, entry=@0x44ddde8) at /usr/src/debug/kdelibs-4.3.0/kjs/wtf/HashTable.h:732
#10 0x00007f199ceddaf7 in WTF::HashTable<KJS::UString::Rep*, std::pair<KJS::UString::Rep*, std::pair<KJS::StringImp*, int> >, WTF::PairFirstExtractor<std::pair<KJS::UString::Rep*, std::pair<KJS::StringImp*, int> > >, WTF::StrHash<KJS::UString::Rep*>, WTF::PairHashTraits<WTF::HashTraits<KJS::UString::Rep*>, WTF::HashTraits<std::pair<KJS::StringImp*, int> > >, WTF::HashTraits<KJS::UString::Rep*> >::rehash (this=0x224cdf0, newTableSize=<value optimized out>) at /usr/src/debug/kdelibs-4.3.0/kjs/wtf/HashTable.h:893
#11 0x00007f199cedde33 in WTF::HashTable<KJS::UString::Rep*, std::pair<KJS::UString::Rep*, std::pair<KJS::StringImp*, int> >, WTF::PairFirstExtractor<std::pair<KJS::UString::Rep*, std::pair<KJS::StringImp*, int> > >, WTF::StrHash<KJS::UString::Rep*>, WTF::PairHashTraits<WTF::HashTraits<KJS::UString::Rep*>, WTF::HashTraits<std::pair<KJS::StringImp*, int> > >, WTF::HashTraits<KJS::UString::Rep*> >::add<KJS::UString::Rep*, std::pair<KJS::StringImp*, int>, WTF::HashMapTranslator<std::pair<KJS::UString::Rep*, std::pair<KJS::StringImp*, int> >, WTF::PairHashTraits<WTF::HashTraits<KJS::UString::Rep*>, WTF::HashTraits<std::pair<KJS::StringImp*, int> > >, WTF::StrHash<KJS::UString::Rep*> > > (this=0x224cdf0, key=@0x7fffcf2ac028, extra=<value optimized out>)
    at /usr/src/debug/kdelibs-4.3.0/kjs/wtf/HashTable.h:676
#12 0x00007f199cedded9 in WTF::HashMap<KJS::UString::Rep*, std::pair<KJS::StringImp*, int>, WTF::StrHash<KJS::UString::Rep*>, WTF::HashTraits<KJS::UString::Rep*>, WTF::HashTraits<std::pair<KJS::StringImp*, int> > >::inlineAdd (this=0x44ddde8, key=@0x7f1900000000, mapped=@0x4c5e070) at /usr/src/debug/kdelibs-4.3.0/kjs/wtf/HashMap.h:182
#13 0x00007f199ceddf09 in WTF::HashMap<KJS::UString::Rep*, std::pair<KJS::StringImp*, int>, WTF::StrHash<KJS::UString::Rep*>, WTF::HashTraits<KJS::UString::Rep*>, WTF::HashTraits<std::pair<KJS::StringImp*, int> > >::add (this=0x44ddde8, key=@0x7f1900000000, mapped=@0x4c5e070) at /usr/src/debug/kdelibs-4.3.0/kjs/wtf/HashMap.h:201
#14 0x00007f199ced8d50 in KJS::Interpreter::internString (literal=@0x28af390) at /usr/src/debug/kdelibs-4.3.0/kjs/interpreter.cpp:952
#15 0x00007f199cef86b9 in KJS::StringNode::generateEvalCode (this=0x28af380, comp=0x7fffcf2ac740) at /usr/src/debug/kdelibs-4.3.0/kjs/nodes2bytecode.cpp:120
#16 0x00007f199cef3610 in KJS::BinaryOperatorNode::generateEvalCode (this=0x31f4dc0, comp=0x7fffcf2ac740) at /usr/src/debug/kdelibs-4.3.0/kjs/nodes2bytecode.cpp:776
#17 0x00007f199cef35f8 in KJS::BinaryOperatorNode::generateEvalCode (this=0x20db540, comp=0x7fffcf2ac740) at /usr/src/debug/kdelibs-4.3.0/kjs/nodes2bytecode.cpp:775
#18 0x00007f199cef35f8 in KJS::BinaryOperatorNode::generateEvalCode (this=0x27eb750, comp=0x7fffcf2ac740) at /usr/src/debug/kdelibs-4.3.0/kjs/nodes2bytecode.cpp:775
#19 0x00007f199cef35f8 in KJS::BinaryOperatorNode::generateEvalCode (this=0x33306a0, comp=0x7fffcf2ac740) at /usr/src/debug/kdelibs-4.3.0/kjs/nodes2bytecode.cpp:775
#20 0x00007f199cef35f8 in KJS::BinaryOperatorNode::generateEvalCode (this=0x1e6e730, comp=0x7fffcf2ac740) at /usr/src/debug/kdelibs-4.3.0/kjs/nodes2bytecode.cpp:775
#21 0x00007f199cef35f8 in KJS::BinaryOperatorNode::generateEvalCode (this=0x2799540, comp=0x7fffcf2ac740) at /usr/src/debug/kdelibs-4.3.0/kjs/nodes2bytecode.cpp:775
#22 0x00007f199cef5967 in KJS::AssignNode::generateEvalCode (this=<value optimized out>, comp=0x7fffcf2ac740) at /usr/src/debug/kdelibs-4.3.0/kjs/nodes2bytecode.cpp:1004
#23 0x00007f199cef566e in KJS::ExprStatementNode::generateExecCode (this=<value optimized out>, comp=0x7fffcf2ac740) at /usr/src/debug/kdelibs-4.3.0/kjs/nodes2bytecode.cpp:1129
#24 0x00007f199cef3195 in KJS::SourceElementsNode::generateExecCode (this=0x482f370, comp=0x7fffcf2ac740) at /usr/src/debug/kdelibs-4.3.0/kjs/nodes2bytecode.cpp:981
#25 0x00007f199cef68e4 in KJS::WhileNode::generateExecCode (this=0x269f8e0, comp=0x7fffcf2ac740) at /usr/src/debug/kdelibs-4.3.0/kjs/nodes2bytecode.cpp:1195
#26 0x00007f199cef3195 in KJS::SourceElementsNode::generateExecCode (this=0x269f910, comp=0x7fffcf2ac740) at /usr/src/debug/kdelibs-4.3.0/kjs/nodes2bytecode.cpp:981
#27 0x00007f199cef5cba in KJS::FunctionBodyNode::generateExecCode (this=<value optimized out>, comp=0x7fffcf2ac740) at /usr/src/debug/kdelibs-4.3.0/kjs/nodes2bytecode.cpp:1560
#28 0x00007f199cea5820 in KJS::FunctionBodyNode::compile (this=0x3263430, ctype=KJS::FunctionCode, compType=KJS::Release) at /usr/src/debug/kdelibs-4.3.0/kjs/nodes.cpp:948
#29 0x00007f199ced3d36 in KJS::FunctionImp::callAsFunction (this=0x7f199ea3f880, exec=0x7fffcf2acfc0, thisObj=<value optimized out>, args=<value optimized out>)
    at /usr/src/debug/kdelibs-4.3.0/kjs/function.cpp:114
#30 0x00007f199ced81bd in KJS::JSObject::call (this=0x7f199ea3f880, exec=0x7fffcf2acfc0, thisObj=0x7f19a4040000, args=@0x7fffcf2acf30) at /usr/src/debug/kdelibs-4.3.0/kjs/object.cpp:69
#31 0x00007f199cef1949 in KJS::Machine::runBlock (exec=0x7fffcf2acfc0, codeBlock=<value optimized out>, parentExec=<value optimized out>) at codes.def:1192
#32 0x00007f199ced3e33 in KJS::FunctionImp::callAsFunction (this=0x7f199ea33600, exec=0x7fffcf2ad670, thisObj=<value optimized out>, args=<value optimized out>)
    at /usr/src/debug/kdelibs-4.3.0/kjs/function.cpp:144
#33 0x00007f199ced81bd in KJS::JSObject::call (this=0x7f199ea33600, exec=0x7fffcf2ad670, thisObj=0x7f199ea39440, args=@0x7fffcf2ad5e0) at /usr/src/debug/kdelibs-4.3.0/kjs/object.cpp:69
#34 0x00007f199cef1949 in KJS::Machine::runBlock (exec=0x7fffcf2ad670, codeBlock=<value optimized out>, parentExec=<value optimized out>) at codes.def:1192
#35 0x00007f199ced3e33 in KJS::FunctionImp::callAsFunction (this=0x7f199ea33500, exec=0x7fffcf2adec0, thisObj=<value optimized out>, args=<value optimized out>)
    at /usr/src/debug/kdelibs-4.3.0/kjs/function.cpp:144
#36 0x00007f199ced81bd in KJS::JSObject::call (this=0x7f199ea33500, exec=0x7fffcf2adec0, thisObj=0x7f199ea39440, args=@0x7fffcf2adc90) at /usr/src/debug/kdelibs-4.3.0/kjs/object.cpp:69
#37 0x00007f199cef1949 in KJS::Machine::runBlock (exec=0x7fffcf2adec0, codeBlock=<value optimized out>, parentExec=<value optimized out>) at codes.def:1192
#38 0x00007f199cea5985 in KJS::FunctionBodyNode::execute (this=0x356c5b0, exec=0x7fffcf2adec0) at /usr/src/debug/kdelibs-4.3.0/kjs/nodes.cpp:928
#39 0x00007f199ced9d9b in KJS::Interpreter::evaluate (this=0x22307c0, sourceURL=<value optimized out>, startingLineNumber=<value optimized out>, code=<value optimized out>, 
    codeLength=<value optimized out>, thisV=0x7f19a4040000) at /usr/src/debug/kdelibs-4.3.0/kjs/interpreter.cpp:556
#40 0x00007f199ced9e89 in KJS::Interpreter::evaluate (this=0x22307c0, sourceURL=@0x7fffcf2ae170, startingLineNumber=0, code=@0x7fffcf2ae180, thisV=<value optimized out>)
    at /usr/src/debug/kdelibs-4.3.0/kjs/interpreter.cpp:496
#41 0x00007f199d7c42c5 in KJS::KJSProxyImpl::evaluate (this=0x2119fb0, filename=<value optimized out>, baseLine=<value optimized out>, str=<value optimized out>, n=<value optimized out>, 
    completion=0x7fffcf2ae230) at /usr/src/debug/kdelibs-4.3.0/khtml/ecma/kjs_proxy.cpp:158
#42 0x00007f199d5af8bc in KHTMLPart::executeScript (this=0x1f9d590, filename=<value optimized out>, baseLine=<value optimized out>, n=@0x7fffcf2ae320, script=@0x7fffcf2ae4e0)
    at /usr/src/debug/kdelibs-4.3.0/khtml/khtml_part.cpp:1328
#43 0x00007f199d638bce in khtml::HTMLTokenizer::scriptExecution (this=0x35d3380, str=<value optimized out>, scriptURL=<value optimized out>, baseLine=<value optimized out>)
    at /usr/src/debug/kdelibs-4.3.0/khtml/html/htmltokenizer.cpp:501
#44 0x00007f199d638dd8 in khtml::HTMLTokenizer::notifyFinished (this=0x35d3380) at /usr/src/debug/kdelibs-4.3.0/khtml/html/htmltokenizer.cpp:2122
#45 0x00007f199d748c59 in khtml::CachedScript::checkNotify (this=0x35d4690) at /usr/src/debug/kdelibs-4.3.0/khtml/misc/loader.cpp:390
#46 0x00007f199d74e971 in khtml::CachedScript::data (this=0x35d4690, buffer=<value optimized out>, eof=<value optimized out>) at /usr/src/debug/kdelibs-4.3.0/khtml/misc/loader.cpp:382
#47 0x00007f199d74b413 in khtml::Loader::slotFinished (this=0x1fb35d0, job=0x26c2a10) at /usr/src/debug/kdelibs-4.3.0/khtml/misc/loader.cpp:1461
#48 0x00007f199d74b6e3 in khtml::Loader::qt_metacall (this=0x1fb35d0, _c=QMetaObject::InvokeMetaMethod, _id=<value optimized out>, _a=0x7fffcf2ae820)
    at /usr/src/debug/kdelibs-4.3.0/build/khtml/loader.moc:131
#49 0x00007f19afec228c in QMetaObject::activate (sender=0x26c2a10, from_signal_index=<value optimized out>, to_signal_index=<value optimized out>, argv=0x4c5e070) at kernel/qobject.cpp:3112
#50 0x00007f19af7dea22 in KJob::result (this=0x3473500, _t1=0x26c2a10) at /usr/src/debug/kdelibs-4.3.0/build/kdecore/kjob.moc:188
#51 0x00007f19af7dee23 in KJob::emitResult (this=0x26c2a10) at /usr/src/debug/kdelibs-4.3.0/kdecore/jobs/kjob.cpp:304
#52 0x00007f19aed7faa9 in KIO::SimpleJob::slotFinished (this=0x26c2a10) at /usr/src/debug/kdelibs-4.3.0/kio/kio/job.cpp:477
#53 0x00007f19aed7fe20 in KIO::TransferJob::slotFinished (this=0x26c2a10) at /usr/src/debug/kdelibs-4.3.0/kio/kio/job.cpp:948
#54 0x00007f19aed85e8d in KIO::TransferJob::qt_metacall (this=0x26c2a10, _c=QMetaObject::InvokeMetaMethod, _id=<value optimized out>, _a=0x7fffcf2aec10)
    at /usr/src/debug/kdelibs-4.3.0/build/kio/jobclasses.moc:343
#55 0x00007f19afec228c in QMetaObject::activate (sender=0x2410600, from_signal_index=<value optimized out>, to_signal_index=<value optimized out>, argv=0x4c5e070) at kernel/qobject.cpp:3112
#56 0x00007f19aee1b812 in KIO::SlaveInterface::dispatch (this=<value optimized out>, _cmd=104, rawdata=@0x7fffcf2aee50) at /usr/src/debug/kdelibs-4.3.0/kio/kio/slaveinterface.cpp:175
#57 0x00007f19aee1c11a in KIO::SlaveInterface::dispatch (this=0x2410600) at /usr/src/debug/kdelibs-4.3.0/kio/kio/slaveinterface.cpp:91
#58 0x00007f19aee11249 in KIO::Slave::gotInput (this=0x2410600) at /usr/src/debug/kdelibs-4.3.0/kio/kio/slave.cpp:322
#59 0x00007f19aee12344 in KIO::Slave::qt_metacall (this=0x2410600, _c=QMetaObject::InvokeMetaMethod, _id=<value optimized out>, _a=0x7fffcf2aefc0)
    at /usr/src/debug/kdelibs-4.3.0/build/kio/slave.moc:76
#60 0x00007f19afec228c in QMetaObject::activate (sender=0x2db3890, from_signal_index=<value optimized out>, to_signal_index=<value optimized out>, argv=0x4c5e070) at kernel/qobject.cpp:3112
#61 0x00007f19aed58854 in KIO::ConnectionPrivate::dequeue (this=0x3944590) at /usr/src/debug/kdelibs-4.3.0/kio/kio/connection.cpp:82
#62 0x00007f19aed595d5 in KIO::Connection::qt_metacall (this=0x2db3890, _c=QMetaObject::InvokeMetaMethod, _id=<value optimized out>, _a=0x4721280)
    at /usr/src/debug/kdelibs-4.3.0/build/kio/connection.moc:73
#63 0x00007f19afebc5a9 in QObject::event (this=0x2db3890, e=0x2a368a0) at kernel/qobject.cpp:1110
#64 0x00007f19adc7d18c in QApplicationPrivate::notify_helper (this=0x1a23f10, receiver=0x2db3890, e=0x2a368a0) at kernel/qapplication.cpp:4056
#65 0x00007f19adc8445e in QApplication::notify (this=0x7fffcf2afac0, receiver=0x2db3890, e=0x2a368a0) at kernel/qapplication.cpp:4021
#66 0x00007f19ae884a7e in KApplication::notify (this=0x7fffcf2afac0, receiver=0x2db3890, event=0x2a368a0) at /usr/src/debug/kdelibs-4.3.0/kdeui/kernel/kapplication.cpp:302
#67 0x00007f19afead0dc in QCoreApplication::notifyInternal (this=0x7fffcf2afac0, receiver=0x2db3890, event=0x2a368a0) at kernel/qcoreapplication.cpp:610
#68 0x00007f19afeadcba in QCoreApplicationPrivate::sendPostedEvents (receiver=0x0, event_type=<value optimized out>, data=0x197d760) at ../../src/corelib/kernel/qcoreapplication.h:213
#69 0x00007f19afed59e3 in postEventSourceDispatch (s=<value optimized out>) at ../../src/corelib/kernel/qcoreapplication.h:218
#70 0x00007f19acbd6bce in IA__g_main_context_dispatch (context=0x1a268c0) at gmain.c:1960
#71 0x00007f19acbda638 in g_main_context_iterate (context=0x1a268c0, block=<value optimized out>, dispatch=<value optimized out>, self=<value optimized out>) at gmain.c:2591
#72 0x00007f19acbda780 in IA__g_main_context_iteration (context=0x1a268c0, may_block=1) at gmain.c:2654
#73 0x00007f19afed5656 in QEventDispatcherGlib::processEvents (this=0x1980080, flags=<value optimized out>) at kernel/qeventdispatcher_glib.cpp:327
#74 0x00007f19add1060e in QGuiEventDispatcherGlib::processEvents (this=0x3473500, flags=<value optimized out>) at kernel/qguieventdispatcher_glib.cpp:202
#75 0x00007f19afeab9e2 in QEventLoop::processEvents (this=<value optimized out>, flags=) at kernel/qeventloop.cpp:149
#76 0x00007f19afeabdb4 in QEventLoop::exec (this=0x7fffcf2af8d0, flags=) at kernel/qeventloop.cpp:201
#77 0x00007f19afeadf69 in QCoreApplication::exec () at kernel/qcoreapplication.cpp:888
#78 0x00007f19a490cd77 in kdemain (argc=<value optimized out>, argv=<value optimized out>) at /usr/src/debug/kdebase-4.3.0/apps/konqueror/src/konqmain.cpp:257
#79 0x0000000000406849 in launch (argc=2, _name=<value optimized out>, args=<value optimized out>, cwd=<value optimized out>, envc=<value optimized out>, envs=<value optimized out>, reset_env=false, 
    tty=0x0, avoid_loops=false, startup_id_str=0x19e53f4 "cooker;1250788569;607944;6091_TIME9107324") at /usr/src/debug/kdelibs-4.3.0/kinit/kinit.cpp:676
#80 0x0000000000406fb8 in handle_launcher_request (sock=8, who=<value optimized out>) at /usr/src/debug/kdelibs-4.3.0/kinit/kinit.cpp:1168
#81 0x0000000000407c59 in handle_requests (waitForPid=0) at /usr/src/debug/kdelibs-4.3.0/kinit/kinit.cpp:1361
#82 0x0000000000408440 in main (argc=2, argv=<value optimized out>, envp=<value optimized out>) at /usr/src/debug/kdelibs-4.3.0/kinit/kinit.cpp:1788
Comment 1 Andrey Borzenkov 2009-08-23 09:19:25 UTC 
And this is reproducible. Not every time, but I got the same crash again in the same place (slightly different selection).
Comment 2 Maksim Orlovich 2009-08-23 16:15:35 UTC 

*** This bug has been marked as a duplicate of bug 204760 ***