| Summary: | konqi crash in khtml::KHTMLParser::popOneBlock | ||
|---|---|---|---|
| Product: | [Applications] konqueror | Reporter: | Martin Koller <kollix> |
| Component: | khtml | Assignee: | Konqueror Developers <konq-bugs> |
| Status: | RESOLVED DUPLICATE | ||
| Severity: | crash | ||
| Priority: | NOR | ||
| Version: | 4.0 | ||
| Target Milestone: | --- | ||
| Platform: | unspecified | ||
| OS: | Linux | ||
| Latest Commit: | Version Fixed In: | ||
| Sentry Crash Report: | |||
Same backtrace as bug #53695 and others, but this one has line numbers. To the reporter: can't you tell us anything about what you were doing when it crashed? Can you at least give us the khtmlparser.cpp:1193 line in your sources (since things change quite frequently in those files)? Subject: Re: konqi crash in khtml::KHTMLParser::popOneBlock On Saturday 20 December 2003 22:50, Thiago Macieira wrote: > > ------- Additional Comments From thiagom@mail.com 2003-12-20 22:50 ------- > Same backtrace as bug #53695 and others, but this one has line numbers. > > To the reporter: can't you tell us anything about what you were doing when > it crashed? I think I was browsing some Webpages on KDE - but I'm sure that info is useless. > Can you at least give us the khtmlparser.cpp:1193 line in your > sources (since things change quite frequently in those files)? #if SPEED_DEBUG < 1 if((Elem->node != current)) { <=== 1193 if (current->maintainsState()) { document->document()->registerMaintainsState(current); QString state(document->document()->nextState()); if (!state.isNull()) current->restoreState(state); } current->closeRenderer(); } #endif I had this again with CVS from yesterday. I can reproduce it with the following link: http://osnews.com/story.php?news_id=5215 Here I see in the konsole the following output: "NodeImpl::toHTML" and then konqi crashes. It's not 100% reproduceable, but if it does not crash immediately after loading of this page, try to use one of the links at the bottom of that page. I also had it crashing inside gdb - if you want me to tell you some values, etc., please tell me. Can't reproduce. Subject: Re: konqi crash in khtml::KHTMLParser::popOneBlock
On Saturday 17 January 2004 23:41, Waldo Bastian wrote:
> ------- Additional Comments From bastian@kde.org 2004-01-17 23:41 -------
> Can't reproduce.
I still can. With a complete new build on a complete new Linux installation
with CVS from 2 days ago.
Tell me how I can help you.
[New Thread 16384 (LWP 19702)]
0x4124c5c9 in waitpid () from /lib/libpthread.so.0
#0 0x4124c5c9 in waitpid () from /lib/libpthread.so.0
#1 0x407c2351 in KCrash::defaultCrashHandler(int) (sig=11) at kcrash.cpp:246
#2 0x4124ac45 in __pthread_sighandler () from /lib/libpthread.so.0
#3 <signal handler called>
#4 0x41ab9371 in khtml::KHTMLParser::popOneBlock() (this=0x851ea88)
at htmlparser.cpp:1195
#5 0x41ab92f5 in khtml::KHTMLParser::popBlock(int) (this=0x851ea88, _id=7)
at htmlparser.cpp:1171
#6 0x41ab91ee in khtml::KHTMLParser::processCloseTag(khtml::Token*) (
this=0x851ea88, t=0x8521bdc) at htmlparser.cpp:1125
#7 0x41ab6bf2 in khtml::KHTMLParser::parseToken(khtml::Token*) (
this=0x851ea88, t=0x8521bdc) at htmlparser.cpp:225
#8 0x41abf0de in khtml::HTMLTokenizer::processToken() (this=0x8521ba8)
at htmltokenizer.cpp:1576
#9 0x41abdac1 in khtml::HTMLTokenizer::parseTag(khtml::DOMStringIt&) (
this=0x8521ba8, src=@0x8521cbc) at htmltokenizer.cpp:1090
#10 0x41abe484 in khtml::HTMLTokenizer::write(QString const&, bool) (
this=0x8521ba8, str=@0xbfffe6f0, appendData=false)
at htmltokenizer.cpp:1344
#11 0x41abf78a in khtml::HTMLTokenizer::notifyFinished(khtml::CachedObject*) (
this=0x8521ba8) at htmltokenizer.cpp:1645
#12 0x41b63f44 in khtml::CachedScript::checkNotify() (this=0x85cc618)
at loader.cpp:321
#13 0x41b63ebb in khtml::CachedScript::data(QBuffer&, bool) (this=0x85cc618,
buffer=@0x848d944, eof=true) at loader.cpp:313
#14 0x41b678e6 in khtml::Loader::slotFinished(KIO::Job*) (this=0x82280b0,
job=0x85d0d98) at loader.cpp:1080
#15 0x41b697bc in khtml::Loader::qt_invoke(int, QUObject*) (this=0x82280b0,
_id=2, _o=0xbfffe930) at loader.moc:260
#16 0x40ba38f3 in QObject::activate_signal(QConnectionList*, QUObject*) ()
from /opt/qt3/lib/libqt-mt.so.3
#17 0x401d4354 in KIO::Job::result(KIO::Job*) (this=0x85d0d98, t0=0x85d0d98)
at jobclasses.moc:156
#18 0x401c2619 in KIO::Job::emitResult() (this=0x85d0d98) at job.cpp:206
#19 0x401c3b9b in KIO::SimpleJob::slotFinished() (this=0x85d0d98)
at job.cpp:523
#20 0x401c5906 in KIO::TransferJob::slotFinished() (this=0x85d0d98)
at job.cpp:821
#21 0x401d60c2 in KIO::TransferJob::qt_invoke(int, QUObject*) (this=0x85d0d98,
_id=17, _o=0xbfffebe0) at jobclasses.moc:800
#22 0x40ba38f3 in QObject::activate_signal(QConnectionList*, QUObject*) ()
from /opt/qt3/lib/libqt-mt.so.3
#23 0x40ba371c in QObject::activate_signal(int) ()
from /opt/qt3/lib/libqt-mt.so.3
#24 0x401b53e1 in KIO::SlaveInterface::finished() (this=0x857f358)
at slaveinterface.moc:226
#25 0x401b3b1d in KIO::SlaveInterface::dispatch(int, QMemArray<char> const&) (
this=0x857f358, _cmd=104, rawdata=@0xbfffedb0) at slaveinterface.cpp:255
#26 0x401b377c in KIO::SlaveInterface::dispatch() (this=0x857f358)
at slaveinterface.cpp:191
#27 0x401b1285 in KIO::Slave::gotInput() (this=0x857f358) at slave.cpp:294
#28 0x401b2cb3 in KIO::Slave::qt_invoke(int, QUObject*) (this=0x857f358,
_id=4, _o=0xbfffeee0) at slave.moc:113
#29 0x40ba38f3 in QObject::activate_signal(QConnectionList*, QUObject*) ()
from /opt/qt3/lib/libqt-mt.so.3
#30 0x40ba3a2c in QObject::activate_signal(int, int) ()
from /opt/qt3/lib/libqt-mt.so.3
#31 0x40e9b8b8 in QSocketNotifier::activated(int) ()
from /opt/qt3/lib/libqt-mt.so.3
#32 0x40bbdebd in QSocketNotifier::event(QEvent*) ()
from /opt/qt3/lib/libqt-mt.so.3
#33 0x40b4aacd in QApplication::internalNotify(QObject*, QEvent*) ()
from /opt/qt3/lib/libqt-mt.so.3
#34 0x40b4a179 in QApplication::notify(QObject*, QEvent*) ()
from /opt/qt3/lib/libqt-mt.so.3
#35 0x407398fd in KApplication::notify(QObject*, QEvent*) (this=0xbffff4c0,
receiver=0x857e7e8, event=0xbffff180) at kapplication.cpp:503
#36 0x40b3a712 in QEventLoop::activateSocketNotifiers() ()
from /opt/qt3/lib/libqt-mt.so.3
#37 0x40af9fc4 in QEventLoop::processEvents(unsigned) ()
from /opt/qt3/lib/libqt-mt.so.3
#38 0x40b5cedb in QEventLoop::enterLoop() () from /opt/qt3/lib/libqt-mt.so.3
#39 0x40b5cd84 in QEventLoop::exec() () from /opt/qt3/lib/libqt-mt.so.3
#40 0x40b4ad40 in QApplication::exec() () from /opt/qt3/lib/libqt-mt.so.3
#41 0x4161b72d in kdemain (argc=4, argv=0x8063608) at konq_main.cc:184
#42 0x408cd935 in kdeinitmain (argc=4, argv=0x8063608) at konqueror_dummy.cc:2
#43 0x0804e1bc in launch (argc=4, _name=0x8063d54 "konqueror",
args=0x8063d9c "/root", cwd=0x8063d9c "/root", envc=38, envs=0x80642a3 "",
reset_env=true, tty=0x0, avoid_loops=false,
startup_id_str=0x80642a7 "eiwrk039;1074379436;333530;1273")
at kinit.cpp:604
#44 0x0804f4af in handle_launcher_request (sock=4) at kinit.cpp:1167
#45 0x0804fa97 in handle_requests (waitForPid=0) at kinit.cpp:1334
#46 0x08050ff9 in main (argc=3, argv=0xbffffae4, envp=0xbffffaf4)
at kinit.cpp:1797
#47 0x4139bd06 in __libc_start_main () from /lib/libc.so.6
Subject: Re: konqi crash in khtml::KHTMLParser::popOneBlock
Am Samstag 17 Januar 2004 23:48 schrieb Martin Koller:
> I still can. With a complete new build on a complete new Linux installation
> with CVS from 2 days ago.
So no more gcc 2.96? Because I'm starting to believe in that.
line 1195 is accessing current. You could add an assert(current) before the
whole block.
Greetings, Stephan
Subject: Re: konqi crash in khtml::KHTMLParser::popOneBlock On Sunday 18 January 2004 10:19, Stephan Kulow wrote: > So no more gcc 2.96? Because I'm starting to believe in that. Yes! Finally! I'm now on gcc-3.2.3 (Slackware 9.1) > line 1195 is accessing current. You could add an assert(current) before the > whole block. OK, did that. It still crashes on 1196, where I have if (current->maintainsState()) { Running in gdb, I see that "current" is not NULL: Program received signal SIGSEGV, Segmentation fault. [Switching to Thread 16384 (LWP 22936)] 0x41a68399 in khtml::KHTMLParser::popOneBlock() (this=0x837cb18) at htmlparser.cpp:1196 1196 if (current->maintainsState()) { (gdb) p current warning: can't find class named `khtml::KHTMLParser', as given by C++ RTTI $1 = (class NodeImpl *) 0x8419810 (gdb) bt #0 0x41a68399 in khtml::KHTMLParser::popOneBlock() (this=0x837cb18) at htmlparser.cpp:1196 #1 0x41a682f5 in khtml::KHTMLParser::popBlock(int) (this=0x837cb18, _id=7) at htmlparser.cpp:1171 #2 0x41a681ee in khtml::KHTMLParser::processCloseTag(khtml::Token*) (this=0x837cb18, t=0x837ca14) at htmlparser.cpp:1125 #3 0x41a65bf2 in khtml::KHTMLParser::parseToken(khtml::Token*) (this=0x837cb18, t=0x837ca14) at htmlparser.cpp:225 #4 0x41a6e106 in khtml::HTMLTokenizer::processToken() (this=0x837c9e0) at htmltokenizer.cpp:1576 #5 0x41a6cae9 in khtml::HTMLTokenizer::parseTag(khtml::DOMStringIt&) (this=0x837c9e0, src=@0x837caf4) at htmltokenizer.cpp:1090 #6 0x41a6d4ac in khtml::HTMLTokenizer::write(QString const&, bool) (this=0x837c9e0, str=@0xbfffe7d0, appendData=false) at htmltokenizer.cpp:1344 <snip> What I see immediately when I open http://osnews.com/story.php?news_id=5215 is ASSERT: "m_part->xmlDocImpl()" in khtmlview.cpp (901) - -- Best regards/Schöne Grüße Martin registered as user #332716 with the Linux Counter, http://counter.li.org Some operating systems are called 'user friendly', Linux however is 'expert friendly'. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (GNU/Linux) iD8DBQFACnVhHmdPoI37D4YRArKrAJ9889iQkN0mKxkrP6mJmgCU4rWCwQCfQh2t /24UCx/anGKfBAe8aiKYPYA= =zIZl -----END PGP SIGNATURE----- The assert is meanwhile removed - but that was in key events. You didn't talk about keys? Subject: Re: konqi crash in khtml::KHTMLParser::popOneBlock
>> ------- Additional Comments From coolo@kde.org 2004-01-18 13:08 -------
> The assert is meanwhile removed - but that was in key events. You didn't
> talk about keys?
I did not use any keys (except the return key after entering the URL).
And even if I simply click on the link given in BKO, it crashes.
As I have now updated again to kdelibs+kdebase with 3.2 RELEASE tag, and this crash still happens by simply clicking on the http://osnews.com/story.php?news_id=5215 link, I changed the severity to grave. Any chance to fix this ? can you please stop playing with your own bug reports? You're still the only one to reproduce that crash. BTW: the _RELEASE tag is right now pretty pointless as several fixes have already gone into the BRANCH I got it! I have the reason why it only crashes on my setup. If I have the following line in the kio_httprc file, the crash always appears: UserAgent=Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 5.0) Please try to confirm this ... slowly I'm thinking I'm stupid ... *** This bug has been marked as a duplicate of 73112 *** |
Version: 4.0 (using KDE 3.1.94 (CVS >= 20031206), compiled sources) Compiler: gcc version 2.96 20000731 (Red Hat Linux 7.2 2.96-112.7.2) OS: Linux (i686) release 2.4.22 Sorry that I can't tell you, how I got this crash ... [New Thread 1024 (LWP 4186)] 0x413c4219 in __wait4 () from /lib/i686/libc.so.6 #0 0x413c4219 in __wait4 () from /lib/i686/libc.so.6 #1 0x413c41a9 in __libc_waitpid (pid=4218, stat_loc=0x0, options=0) at ../sysdeps/unix/sysv/linux/waitpid.c:26 #2 0x4126c6d3 in waitpid (pid=4218, stat_loc=0x0, options=0) at wrapsyscall.c:172 #3 0x40765e60 in KCrash::defaultCrashHandler (sig=11) at kcrash.cpp:246 #4 0x4126aa65 in pthread_sighandler (signo=11, ctx= {gs = 7, __gsh = 0, fs = 0, __fsh = 0, es = 43, __esh = 0, ds = 43, __dsh = 0, edi = 3221219168, esi = 3221218928, ebp = 3221217816, esp = 3221217760, ebx = 1130486036, edx = 138176448, ecx = 139659856, eax = 212, trapno = 14, err = 4, eip = 1128071605, cs = 35, __csh = 0, eflags = 2163206, esp_at_signal = 3221217760, ss = 43, __ssh = 0, fpstate = 0xbfffdf60, oldmask = 2147483648, cr2 = 212}) at signals.c:97 #5 <signal handler called> #6 0x433d01b5 in khtml::KHTMLParser::popOneBlock (this=0x83c67c0) at htmlparser.cpp:1193 #7 0x433d0131 in khtml::KHTMLParser::popBlock (this=0x83c67c0, _id=7) at htmlparser.cpp:1169 #8 0x433d002f in khtml::KHTMLParser::processCloseTag (this=0x83c67c0, t=0x8530a84) at htmlparser.cpp:1123 #9 0x433cd3e5 in khtml::KHTMLParser::parseToken (this=0x83c67c0, t=0x8530a84) at htmlparser.cpp:225 #10 0x433d63d5 in khtml::HTMLTokenizer::processToken (this=0x8530a50) at htmltokenizer.cpp:1576 #11 0x433d4a9a in khtml::HTMLTokenizer::parseTag (this=0x8530a50, src=@0x8530b64) at htmltokenizer.cpp:1090 #12 0x433d55f7 in khtml::HTMLTokenizer::write (this=0x8530a50, str=@0xbfffe660, appendData=false) at htmltokenizer.cpp:1344 #13 0x433d6861 in khtml::HTMLTokenizer::notifyFinished (this=0x8530a50) at htmltokenizer.cpp:1644 #14 0x4347b28b in khtml::CachedScript::checkNotify (this=0x85f8f90) at loader.cpp:340 #15 0x4347b1fb in khtml::CachedScript::data (this=0x85f8f90, buffer=@0x85f8f64, eof=true) at loader.cpp:332 #16 0x4347e8a6 in khtml::Loader::slotFinished (this=0x82d9148, job=0x830a930) at loader.cpp:1149 #17 0x434812b1 in khtml::Loader::qt_invoke (this=0x82d9148, _id=2, _o=0xbfffe870) at loader.moc:260 #18 0x40ba25e7 in QObject::activate_signal (this=0x830a930, clist=0x84a66c8, o=0xbfffe870) at kernel/qobject.cpp:2333 #19 0x401c24aa in KIO::Job::result (this=0x830a930, t0=0x830a930) at jobclasses.moc:156 #20 0x401b10a7 in KIO::Job::emitResult (this=0x830a930) at job.cpp:206 #21 0x401b2421 in KIO::SimpleJob::slotFinished (this=0x830a930) at job.cpp:530 #22 0x401b409e in KIO::TransferJob::slotFinished (this=0x830a930) at job.cpp:828 #23 0x401c44bb in KIO::TransferJob::qt_invoke (this=0x830a930, _id=17, _o=0xbfffeb70) at jobclasses.moc:800 #24 0x40ba25e7 in QObject::activate_signal (this=0x8340880, clist=0x840afb8, o=0xbfffeb70) at kernel/qobject.cpp:2333 #25 0x40ba2466 in QObject::activate_signal (this=0x8340880, signal=6) at kernel/qobject.cpp:2302 #26 0x401a42e0 in KIO::SlaveInterface::finished (this=0x8340880) at slaveinterface.moc:226 #27 0x401a289d in KIO::SlaveInterface::dispatch (this=0x8340880, _cmd=104, rawdata=@0xbfffed20) at slaveinterface.cpp:255 #28 0x401a233a in KIO::SlaveInterface::dispatch (this=0x8340880) at slaveinterface.cpp:191 #29 0x4019fd20 in KIO::Slave::gotInput (this=0x8340880) at slave.cpp:294 #30 0x401a1817 in KIO::Slave::qt_invoke (this=0x8340880, _id=4, _o=0xbfffee50) at slave.moc:113 #31 0x40ba25e7 in QObject::activate_signal (this=0x83d6e00, clist=0x85530b0, o=0xbfffee50) at kernel/qobject.cpp:2333 #32 0x40ba299e in QObject::activate_signal (this=0x83d6e00, signal=2, param=26) at kernel/qobject.cpp:2426 #33 0x40ed8678 in QSocketNotifier::activated (this=0x83d6e00, t0=26) at .moc/debug-shared-mt/moc_qsocketnotifier.cpp:85 #34 0x40bc05aa in QSocketNotifier::event (this=0x83d6e00, e=0xbffff0a0) at kernel/qsocketnotifier.cpp:271 #35 0x40b42902 in QApplication::internalNotify (this=0xbffff510, receiver=0x83d6e00, e=0xbffff0a0) at kernel/qapplication.cpp:2582 #36 0x40b41a32 in QApplication::notify (this=0xbffff510, receiver=0x83d6e00, e=0xbffff0a0) at kernel/qapplication.cpp:2305 #37 0x406dd80c in KApplication::notify (this=0xbffff510, receiver=0x83d6e00, event=0xbffff0a0) at kapplication.cpp:503 #38 0x40048296 in QApplication::sendEvent (receiver=0x83d6e00, event=0xbffff0a0) at /opt/qt3/include/qapplication.h:492 #39 0x40b31c9f in QEventLoop::activateSocketNotifiers (this=0x8090978) at kernel/qeventloop_unix.cpp:579 #40 0x40aee017 in QEventLoop::processEvents (this=0x8090978, flags=4) at kernel/qeventloop_x11.cpp:340 #41 0x40b56dd5 in QEventLoop::enterLoop (this=0x8090978) at kernel/qeventloop.cpp:198 #42 0x40b56cf8 in QEventLoop::exec (this=0x8090978) at kernel/qeventloop.cpp:145 #43 0x40b42a9b in QApplication::exec (this=0xbffff510) at kernel/qapplication.cpp:2705 #44 0x41598992 in kdemain (argc=4, argv=0x8069980) at konq_main.cc:177 #45 0x4086d901 in kdeinitmain (argc=4, argv=0x8069980) at konqueror_dummy.cc:2 #46 0x0804e26c in launch (argc=4, _name=0x80648f4 "konqueror", args=0x8064936 "/root", cwd=0x8064936 "/root", envc=36, envs=0x8064d60 "", reset_env=true, tty=0x0, avoid_loops=false, startup_id_str=0x8064d64 "eiwnt048;1071929981;179786;1704") at kinit.cpp:604 #47 0x0804f669 in handle_launcher_request (sock=4) at kinit.cpp:1169 #48 0x0804fca0 in handle_requests (waitForPid=0) at kinit.cpp:1334 #49 0x080513a0 in main (argc=3, argv=0xbffffbc4, envp=0xbffffbd4) at kinit.cpp:1797