Bug 130164 - Konqueror crashes on onreadystatechange innerHTML update
Summary: Konqueror crashes on onreadystatechange innerHTML update
Status: RESOLVED REMIND
Alias: None
Product: konqueror
Classification: Applications
Component: khtml parsing (show other bugs)
Version: unspecified
Platform: openSUSE Linux
: NOR crash
Target Milestone: ---
Assignee: Konqueror Developers
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2006-07-02 21:50 UTC by Ciaran Farrell
Modified: 2008-06-04 09:54 UTC (History)
0 users

See Also:
Latest Commit:
Version Fixed In:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Ciaran Farrell 2006-07-02 21:50:46 UTC
Version:           3.5.3 level a (using KDE KDE 3.5.3)
Installed from:    SuSE RPMs
Compiler:          gcc (GCC) 4.1.0 (SUSE Linux) 
OS:                Linux

Not sure if this has been covered already. I have an ajax form which sends data to a php script and received html back, which is inserted into a div using getDocumentById. The trace looks like this:


Using host libthread_db library "/lib/libthread_db.so.1".
[Thread debugging using libthread_db enabled]
[New Thread -1230530896 (LWP 8173)]
[KCrash handler]
#6  0xb5e4ec79 in khtml::KHTMLParser::insertNode ()
   from /opt/kde3/lib/libkhtml.so.4
#7  0xb5e5b0d9 in khtml::KHTMLParser::parseToken ()
   from /opt/kde3/lib/libkhtml.so.4
#8  0xb5e5b3a1 in khtml::HTMLTokenizer::processToken ()
   from /opt/kde3/lib/libkhtml.so.4
#9  0xb5e6d316 in khtml::HTMLTokenizer::write ()
   from /opt/kde3/lib/libkhtml.so.4
#10 0xb5e6d8d0 in DOM::HTMLElementImpl::createContextualFragment ()
   from /opt/kde3/lib/libkhtml.so.4
#11 0xb5e6dc16 in DOM::HTMLElementImpl::setInnerHTML ()
   from /opt/kde3/lib/libkhtml.so.4
#12 0xb5fb7bb9 in DOM::HTMLElement::setInnerHTML ()
   from /opt/kde3/lib/libkhtml.so.4
#13 0xb5f78513 in KJS::HTMLElement::putValueProperty ()
   from /opt/kde3/lib/libkhtml.so.4
#14 0xb5f7ce1c in KJS::HTMLElement::tryPut () from /opt/kde3/lib/libkhtml.so.4
#15 0xb5f74741 in KJS::DOMObject::put () from /opt/kde3/lib/libkhtml.so.4
#16 0xb5caf2ec in KJS::Reference::putValue () from /opt/kde3/lib/libkjs.so.1
#17 0xb5cb0756 in KJS::AssignNode::evaluate () from /opt/kde3/lib/libkjs.so.1
#18 0xb5ccc2ee in KJS::ExprStatementNode::execute ()
   from /opt/kde3/lib/libkjs.so.1
#19 0xb5cc7998 in KJS::SourceElementsNode::execute ()
   from /opt/kde3/lib/libkjs.so.1
#20 0xb5ccc519 in KJS::BlockNode::execute () from /opt/kde3/lib/libkjs.so.1
#21 0xb5ccc17b in KJS::IfNode::execute () from /opt/kde3/lib/libkjs.so.1
#22 0xb5cc78f8 in KJS::SourceElementsNode::execute ()
   from /opt/kde3/lib/libkjs.so.1
#23 0xb5ccc519 in KJS::BlockNode::execute () from /opt/kde3/lib/libkjs.so.1
#24 0xb5ccc17b in KJS::IfNode::execute () from /opt/kde3/lib/libkjs.so.1
#25 0xb5cc7998 in KJS::SourceElementsNode::execute ()
   from /opt/kde3/lib/libkjs.so.1
#26 0xb5ccc519 in KJS::BlockNode::execute () from /opt/kde3/lib/libkjs.so.1
#27 0xb5cc6966 in KJS::DeclaredFunctionImp::execute ()
   from /opt/kde3/lib/libkjs.so.1
#28 0xb5caff84 in KJS::FunctionImp::call () from /opt/kde3/lib/libkjs.so.1
#29 0xb5cb2fa9 in KJS::Object::call () from /opt/kde3/lib/libkjs.so.1
#30 0xb5f59a8c in KJS::JSEventListener::handleEvent ()
   from /opt/kde3/lib/libkhtml.so.4
#31 0xb5f293c4 in KJS::XMLHttpRequest::changeState ()
   from /opt/kde3/lib/libkhtml.so.4
#32 0xb5f5a63d in KJS::XMLHttpRequest::slotFinished ()
   from /opt/kde3/lib/libkhtml.so.4
#33 0xb5f5a6d7 in KJS::XMLHttpRequestQObject::slotFinished ()
   from /opt/kde3/lib/libkhtml.so.4
#34 0xb5f741f2 in KJS::XMLHttpRequestQObject::qt_invoke ()
   from /opt/kde3/lib/libkhtml.so.4
#35 0xb7593edd in QObject::activate_signal ()
   from /usr/lib/qt3/lib/libqt-mt.so.3
#36 0xb7d6684e in KIO::Job::result () from /opt/kde3/lib/libkio.so.4
#37 0xb7daf9dd in KIO::Job::emitResult () from /opt/kde3/lib/libkio.so.4
#38 0xb7dbd65e in KIO::SimpleJob::slotFinished ()
   from /opt/kde3/lib/libkio.so.4
#39 0xb7dbdd5d in KIO::TransferJob::slotFinished ()
   from /opt/kde3/lib/libkio.so.4
#40 0xb7daf60a in KIO::TransferJob::qt_invoke () from /opt/kde3/lib/libkio.so.4
#41 0xb7593edd in QObject::activate_signal ()
   from /usr/lib/qt3/lib/libqt-mt.so.3
#42 0xb7594b3d in QObject::activate_signal ()
   from /usr/lib/qt3/lib/libqt-mt.so.3
#43 0xb7d625fc in KIO::SlaveInterface::finished ()
   from /opt/kde3/lib/libkio.so.4
#44 0xb7dbc005 in KIO::SlaveInterface::dispatch ()
   from /opt/kde3/lib/libkio.so.4
#45 0xb7dcfd6a in KIO::SlaveInterface::dispatch ()
   from /opt/kde3/lib/libkio.so.4
#46 0xb7d76aac in KIO::Slave::gotInput () from /opt/kde3/lib/libkio.so.4
#47 0xb7db4e70 in KIO::Slave::qt_invoke () from /opt/kde3/lib/libkio.so.4
#48 0xb7593edd in QObject::activate_signal ()
   from /usr/lib/qt3/lib/libqt-mt.so.3
#49 0xb7594a42 in QObject::activate_signal ()
   from /usr/lib/qt3/lib/libqt-mt.so.3
#50 0xb78cd910 in QSocketNotifier::activated ()
   from /usr/lib/qt3/lib/libqt-mt.so.3
#51 0xb75b20e0 in QSocketNotifier::event () from /usr/lib/qt3/lib/libqt-mt.so.3
#52 0xb7534ec7 in QApplication::internalNotify ()
   from /usr/lib/qt3/lib/libqt-mt.so.3
#53 0xb7535c91 in QApplication::notify () from /usr/lib/qt3/lib/libqt-mt.so.3
#54 0xb7bbc6f3 in KApplication::notify () from /opt/kde3/lib/libkdecore.so.4
#55 0xb7529b04 in QEventLoop::activateSocketNotifiers ()
   from /usr/lib/qt3/lib/libqt-mt.so.3
#56 0xb74e47d4 in QEventLoop::processEvents ()
   from /usr/lib/qt3/lib/libqt-mt.so.3
#57 0xb754bce8 in QEventLoop::enterLoop () from /usr/lib/qt3/lib/libqt-mt.so.3
#58 0xb754bb7e in QEventLoop::exec () from /usr/lib/qt3/lib/libqt-mt.so.3
#59 0xb7534a7f in QApplication::exec () from /usr/lib/qt3/lib/libqt-mt.so.3
#60 0xb6841525 in kdemain () from /opt/kde3/lib/libkdeinit_konqueror.so
#61 0xb730f534 in kdeinitmain () from /opt/kde3/lib/kde3/konqueror.so
#62 0x0804e8cf in launch ()
#63 0x0804f15a in handle_launcher_request ()
#64 0x0804f4df in handle_requests ()
#65 0x0804feb1 in main ()
Comment 1 Tommi Tervo 2006-07-03 09:07:03 UTC
Could you make a small test case?
Comment 2 Ciaran Farrell 2006-07-03 11:30:42 UTC
The script I was writing is here:
http://www.babelworx.net/babelworx/current/content/processes/code/juiceNewsletter/box.html

This is a simple ajax form which sends info to a php script. With Firefox, this works. As the php script isn't ready yet, either put in a badly formed email address or put in my email address (ciaranfarrell@babelworx.net). 

With Konqueror, put in anything at all - it crashes.
Comment 3 Tommi Tervo 2006-07-03 12:14:47 UTC
#0  0xb5f30f58 in DOM::NodeImpl::parentNode (this=0x0) at dom_nodeimpl.h:125
#1  0xb5fcb365 in khtml::KHTMLParser::insertNode (this=0x8518820, n=0x85649d8,
    flat=true) at htmlparser.cpp:700
#2  0xb5fcd0e2 in khtml::KHTMLParser::parseToken (this=0x8518820, t=0xbfec0c90)
    at htmlparser.cpp:289
#3  0xb5fcdf08 in khtml::HTMLTokenizer::processToken (this=0xbfec0c5c)
    at htmltokenizer.cpp:1684
#4  0xb5fd42b5 in khtml::HTMLTokenizer::write (this=0xbfec0c5c,
    str=@0xbfec119c, appendData=true) at htmltokenizer.cpp:1439
#5  0xb5fdea8a in DOM::HTMLElementImpl::createContextualFragment (
    this=0x84ff388, html=@0xbfec161c) at html_elementimpl.cpp:523
#6  0xb5fdedac in DOM::HTMLElementImpl::setInnerHTML (this=0x84ff388,
    html=@0xbfec161c, exceptioncode=@0xbfec125c) at html_elementimpl.cpp:566
#7  0xb619c543 in DOM::HTMLElement::setInnerHTML (this=0xbfec1608,
    html=@0xbfec161c) at html_element.cpp:145
#8  0xb6108aac in KJS::HTMLElement::putValueProperty (this=0x85103d8,
    exec=0xbfec1d0c, token=354, value=@0xbfec18b8) at kjs_html.cpp:3099
#9  0xb612638e in KJS::DOMObjectLookupPut<KJS::HTMLElement, KJS::DOMElement> (
    exec=0xbfec1d0c, propertyName=@0xbfec18cc, value=@0xbfec18b8, attr=0,
    table=0xb6235edc, thisObj=0x85103d8) at kjs_binding.h:245
#10 0xb6121152 in KJS::HTMLElement::tryPut (this=0x85103d8, exec=0xbfec1d0c,
    propertyName=@0xbfec18cc, value=@0xbfec18b8, attr=0) at kjs_html.cpp:2392
#11 0xb60d8f38 in KJS::DOMObject::put (this=0x85103d8, exec=0xbfec1d0c,
    propertyName=@0xbfec18cc, value=@0xbfec18b8, attr=0) at kjs_binding.cpp:72
#12 0xb5d68933 in KJS::Reference::putValue (this=0xbfec18bc, exec=0xbfec1d0c,
    w=@0xbfec18b8) at reference.cpp:165
#13 0xb5d24ea8 in KJS::AssignNode::evaluate (this=0x851bc88, exec=0xbfec1d0c)
    at nodes.cpp:1624
#14 0xb5d26a69 in KJS::ExprStatementNode::execute (this=0x851bca8,
    exec=0xbfec1d0c) at nodes.cpp:1980
#15 0xb5d2d614 in KJS::SourceElementsNode::execute (this=0x851bb60,
Comment 4 mario tuling 2008-04-20 17:02:14 UTC
can anyone provide more information? the site is down, a testcase is needed. thanks!
Comment 5 Jaime Torres 2008-06-04 09:54:25 UTC
Waiting for an answer. The wayback machine does not have the link.