Bug 75292 - onkeyup event freeze konqueror
Summary: onkeyup event freeze konqueror
Status: RESOLVED FIXED
Alias: None
Product: konqueror
Classification: Applications
Component: kjs (show other bugs)
Version: unspecified
Platform: RedHat Enterprise Linux Linux
: NOR normal
Target Milestone: ---
Assignee: Harri Porten
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2004-02-15 17:04 UTC by Simon Golicnik
Modified: 2004-02-16 18:36 UTC (History)
0 users

See Also:
Latest Commit:
Version Fixed In:


Attachments
Testcase (116 bytes, text/html)
2004-02-16 11:08 UTC, Jan Schaefer
Details
patch (18 bytes, patch)
2004-02-16 17:08 UTC, David Faure
Details

Note You need to log in before you can comment on or make changes to this bug.
Description Simon Golicnik 2004-02-15 17:04:03 UTC
Version:            (using KDE KDE 3.2.0)
Installed from:    RedHat RPMs
OS:          Linux

Typing into this text field:
<input type=text name=a onkeyup='this.value=this.value.replace(/[^\d\.]*/gi,"");'>
cause konqueror to freeze (100% cpu usage).
Comment 1 Jan Schaefer 2004-02-16 11:08:53 UTC
Created attachment 4718 [details]
Testcase

I can confirm this.
Comment 2 David Faure 2004-02-16 14:47:05 UTC
This appears to fix it, but Harri should review it since it's his code from string_object.cpp -r1.57.

--- string_object.cpp	18 Jan 2004 11:18:33 -0000	1.83
+++ string_object.cpp	16 Feb 2004 13:45:06 -0000
@@ -330,7 +330,7 @@ Value StringProtoFuncImp::call(ExecState
           break;
         len = mstr.size();
         // special case of empty match
-        if (len == 0 && lastIndex > 0) {
+        if (len == 0) {
           pos = lastIndex + 1;
           if (pos > s.size())
             break;
Comment 3 David Faure 2004-02-16 17:07:25 UTC
OK this breaks the following test...
FAIL: js/RegExp.js ['foo'.replace(/z?/g,'x') should be xfxoxox. Was fxoxox]

Will attach better patch.
Comment 4 David Faure 2004-02-16 17:08:16 UTC
Created attachment 4730 [details]
patch
Comment 5 David Faure 2004-02-16 18:36:01 UTC
CVS commit by faure: 

Fixed 75292 - another infinite loop on empty match during search/replace.
This also fixes 40435 the right way, so I can remove Harri's hack.

Well, this is all only working when pcre is present, we lack support for
"forced-non-empty match" when using posix regexp, but pcre is mandatory nowadays, right?
CCMAIL: porten@kde.org, 75292-done@bugs.kde.org


  M +5 -5      regexp.cpp   1.25
  M +1 -7      string_object.cpp   1.84


--- kdelibs/kjs/regexp.cpp  #1.24:1.25
@@ -120,6 +120,5 @@ UString RegExp::match(const UString &s, 
       // We set m_notEmpty ourselves, to look for a non-empty match
       // (see man pcretest or pcretest.c for details).
-      // So this is not the end. We want to try again at i+1.
-      // We won't be at the end of the string - that was checked before setting m_notEmpty.
+      // So we don't stop here, we want to try again at i+1.
       fprintf(stderr, "No match after m_notEmpty. +1 and keep going.\n");
       m_notEmpty = 0;
@@ -132,4 +131,6 @@ UString RegExp::match(const UString &s, 
   }
 
+  // Got a match, proceed with it.
+
   if (!ovector)
     return UString::null; // don't rely on the return value if you pass ovector==0
@@ -166,8 +167,7 @@ UString RegExp::match(const UString &s, 
   *pos = (*ovector)[0];
 #ifdef HAVE_PCREPOSIX  // TODO check this stuff in non-pcre mode
-  if ( *pos == (*ovector)[1] && (flgs & Global) && *pos != bufferSize )
+  if ( *pos == (*ovector)[1] && (flgs & Global) )
   {
-    // empty match, not at end of string.
-    // Next try will be with m_notEmpty=true
+    // empty match, next try will be with m_notEmpty=true
     m_notEmpty=true;
   }

--- kdelibs/kjs/string_object.cpp  #1.83:1.84
@@ -330,10 +330,4 @@ Value StringProtoFuncImp::call(ExecState
           break;
         len = mstr.size();
-        // special case of empty match
-        if (len == 0 && lastIndex > 0) {
-          pos = lastIndex + 1;
-          if (pos > s.size())
-            break;
-        }
 
         UString rstr;
@@ -374,5 +368,5 @@ Value StringProtoFuncImp::call(ExecState
         lastIndex = pos + rstr.size();
         s = s.substr(0, pos) + rstr + s.substr(pos + len);
-        //fprintf(stderr,"pos=%d,len=%d,lastIndex=%d,u=%s\n",pos,len,lastIndex,u.ascii());
+        //fprintf(stderr,"pos=%d,len=%d,lastIndex=%d,s=%s\n",pos,len,lastIndex,s.ascii());
       } while (global);