Bug 111055

Summary: Crashes konqueror with small html snippet
Product: [Applications] konqueror Reporter: Dennis <shr3kst3r>
Component: khtmlAssignee: Konqueror Bugs <konqueror-bugs-null>
Status: RESOLVED DUPLICATE    
Severity: crash    
Priority: NOR    
Version First Reported In: unspecified   
Target Milestone: ---   
Platform: Compiled Sources   
OS: Linux   
Latest Commit: Version Fixed/Implemented In:
Sentry Crash Report:

Description Dennis 2005-08-19 06:03:30 UTC 
Version:           3.4.90 (Using KDE 3.4.90 (alpha1, >= 20050806)) (using KDE KDE 3.4.90)
Installed from:    Compiled From Sources
Compiler:          gcc version 3.3.5-20050130 (Gentoo Linux 3.3.5.20050130-r1, ssp-3.3.5.20050130-1, pie-8.7.7.1) 
OS:                Linux

I cut down the html as much as possible and still be able to reproduce the problem.  This causes konqueror svn compiled last night to crash.  The code has a special character in it, so I have also attached an url because I doubt the textbox will all the special character.

HTML code:
<HTML><HEAD>
<FRAME onLoad=top >
<~R>
<FRAMESET onLoad=http:_self onLoad=* >
</HEAD><BODY></BODY></HTML>

URL to offending code:
http://www.engrowe.com/konq/konq_crash_snip.html

Backtrace:
Using host libthread_db library "/lib/tls/libthread_db.so.1".
`system-supplied DSO at 0xffffe000' has disappeared; keeping its symbols.
[Thread debugging using libthread_db enabled]
[New Thread -1231509280 (LWP 27741)]
[KCrash handler]
#4  0x006b0072 in ?? ()
#5  0xb6383516 in DOM::Node::nodeType ()
   from /home/shrek/kde3.5-alpha1/lib/libkhtml.so.4
#6  0xb62f7608 in KJS::getDOMNode ()
   from /home/shrek/kde3.5-alpha1/lib/libkhtml.so.4
#7  0xb634e43e in KJS::JSLazyEventListener::parseCode ()
   from /home/shrek/kde3.5-alpha1/lib/libkhtml.so.4
#8  0xb634df92 in KJS::JSLazyEventListener::handleEvent ()
   from /home/shrek/kde3.5-alpha1/lib/libkhtml.so.4
#9  0xb61e161e in DOM::NodeImpl::handleLocalEvents ()
   from /home/shrek/kde3.5-alpha1/lib/libkhtml.so.4
#10 0xb61e0aa6 in DOM::NodeImpl::dispatchGenericEvent ()
   from /home/shrek/kde3.5-alpha1/lib/libkhtml.so.4
#11 0xb61e0dbb in DOM::NodeImpl::dispatchWindowEvent ()
   from /home/shrek/kde3.5-alpha1/lib/libkhtml.so.4
#12 0xb62128dd in DOM::HTMLDocumentImpl::close ()
   from /home/shrek/kde3.5-alpha1/lib/libkhtml.so.4
#13 0xb619497f in KHTMLPart::checkEmitLoadEvent ()
   from /home/shrek/kde3.5-alpha1/lib/libkhtml.so.4
#14 0xb6193b8f in KHTMLPart::slotFinishedParsing ()
   from /home/shrek/kde3.5-alpha1/lib/libkhtml.so.4
#15 0xb61b47f7 in KHTMLPart::qt_invoke ()
   from /home/shrek/kde3.5-alpha1/lib/libkhtml.so.4
#16 0xb712f7cc in QObject::activate_signal ()
   from /home/shrek/kde3.5-alpha1/lib/libqt-mt.so.3
#17 0xb712f5f4 in QObject::activate_signal ()
   from /home/shrek/kde3.5-alpha1/lib/libqt-mt.so.3
#18 0xb61df96b in DOM::DocumentImpl::finishedParsing ()
   from /home/shrek/kde3.5-alpha1/lib/libkhtml.so.4
#19 0xb61dfa18 in DOM::DocumentImpl::qt_emit ()
   from /home/shrek/kde3.5-alpha1/lib/libkhtml.so.4
#20 0xb6213a5d in DOM::HTMLDocumentImpl::qt_emit ()
   from /home/shrek/kde3.5-alpha1/lib/libkhtml.so.4
#21 0xb712f801 in QObject::activate_signal ()
   from /home/shrek/kde3.5-alpha1/lib/libqt-mt.so.3
#22 0xb712f5f4 in QObject::activate_signal ()
   from /home/shrek/kde3.5-alpha1/lib/libqt-mt.so.3
#23 0xb61f37ab in khtml::Tokenizer::finishedParsing ()
   from /home/shrek/kde3.5-alpha1/lib/libkhtml.so.4
#24 0xb62068e0 in khtml::HTMLTokenizer::end ()
   from /home/shrek/kde3.5-alpha1/lib/libkhtml.so.4
#25 0xb6206cfa in khtml::HTMLTokenizer::finish ()
   from /home/shrek/kde3.5-alpha1/lib/libkhtml.so.4
#26 0xb61d91bc in DOM::DocumentImpl::finishParsing ()
   from /home/shrek/kde3.5-alpha1/lib/libkhtml.so.4
#27 0xb61936f8 in KHTMLPart::end ()
   from /home/shrek/kde3.5-alpha1/lib/libkhtml.so.4
#28 0xb6192985 in KHTMLPart::slotFinished ()
   from /home/shrek/kde3.5-alpha1/lib/libkhtml.so.4
#29 0xb61b47e7 in KHTMLPart::qt_invoke ()
   from /home/shrek/kde3.5-alpha1/lib/libkhtml.so.4
#30 0xb712f746 in QObject::activate_signal ()
   from /home/shrek/kde3.5-alpha1/lib/libqt-mt.so.3
#31 0xb7d656ea in KIO::Job::result ()
   from /home/shrek/kde3.5-alpha1/lib/libkio.so.4
#32 0xb7d49edc in KIO::Job::emitResult ()
   from /home/shrek/kde3.5-alpha1/lib/libkio.so.4
#33 0xb7d4bcbc in KIO::SimpleJob::slotFinished ()
   from /home/shrek/kde3.5-alpha1/lib/libkio.so.4
#34 0xb7d4fa7e in KIO::TransferJob::slotFinished ()
   from /home/shrek/kde3.5-alpha1/lib/libkio.so.4
#35 0xb7d677cd in KIO::TransferJob::qt_invoke ()
   from /home/shrek/kde3.5-alpha1/lib/libkio.so.4
#36 0xb712f7cc in QObject::activate_signal ()
   from /home/shrek/kde3.5-alpha1/lib/libqt-mt.so.3
#37 0xb712f5f4 in QObject::activate_signal ()
   from /home/shrek/kde3.5-alpha1/lib/libqt-mt.so.3
#38 0xb7d3ee6e in KIO::SlaveInterface::finished ()
   from /home/shrek/kde3.5-alpha1/lib/libkio.so.4
#39 0xb7d3bc78 in KIO::SlaveInterface::dispatch ()
   from /home/shrek/kde3.5-alpha1/lib/libkio.so.4
#40 0xb7d3ad60 in KIO::SlaveInterface::dispatch ()
   from /home/shrek/kde3.5-alpha1/lib/libkio.so.4
#41 0xb7d37b68 in KIO::Slave::gotInput ()
   from /home/shrek/kde3.5-alpha1/lib/libkio.so.4
#42 0xb7d3a4a8 in KIO::Slave::qt_invoke ()
   from /home/shrek/kde3.5-alpha1/lib/libkio.so.4
#43 0xb712f7cc in QObject::activate_signal ()
   from /home/shrek/kde3.5-alpha1/lib/libqt-mt.so.3
#44 0xb712f92d in QObject::activate_signal ()
   from /home/shrek/kde3.5-alpha1/lib/libqt-mt.so.3
#45 0xb746f472 in QSocketNotifier::activated ()
   from /home/shrek/kde3.5-alpha1/lib/libqt-mt.so.3
#46 0xb714bfa0 in QSocketNotifier::event ()
   from /home/shrek/kde3.5-alpha1/lib/libqt-mt.so.3
#47 0xb70d2f1f in QApplication::internalNotify ()
   from /home/shrek/kde3.5-alpha1/lib/libqt-mt.so.3
#48 0xb70d251e in QApplication::notify ()
   from /home/shrek/kde3.5-alpha1/lib/libqt-mt.so.3
#49 0xb7736785 in KApplication::notify ()
   from /home/shrek/kde3.5-alpha1/lib/libkdecore.so.4
#50 0xb70c293a in QEventLoop::activateSocketNotifiers ()
   from /home/shrek/kde3.5-alpha1/lib/libqt-mt.so.3
#51 0xb707b973 in QEventLoop::processEvents ()
   from /home/shrek/kde3.5-alpha1/lib/libqt-mt.so.3
#52 0xb70e5338 in QEventLoop::enterLoop ()
   from /home/shrek/kde3.5-alpha1/lib/libqt-mt.so.3
#53 0xb70e51e8 in QEventLoop::exec ()
   from /home/shrek/kde3.5-alpha1/lib/libqt-mt.so.3
#54 0xb70d3171 in QApplication::exec ()
   from /home/shrek/kde3.5-alpha1/lib/libqt-mt.so.3
#55 0xb682b0dc in kdemain ()
   from /home/shrek/kde3.5-alpha1/lib/libkdeinit_konqueror.so
#56 0xb7651816 in kdeinitmain ()
   from /home/shrek/kde3.5-alpha1/lib/kde3/konqueror.so
#57 0x0804cec3 in launch ()
#58 0x0804e6d1 in handle_launcher_request ()
#59 0x0804ec1d in handle_requests ()
#60 0x0804fd72 in main ()
Comment 1 Tommi Tervo 2005-08-19 09:13:29 UTC 
#6  0x015896e2 in DOM::Node::nodeType (this=0xbfedf870) at dom_node.cpp:202
#7  0x014edd48 in KJS::getDOMNode (exec=0x9eb8528, n=@0xbfedf870)
    at kjs_dom.cpp:1427
#8  0x01548eca in KJS::JSLazyEventListener::parseCode (this=0x97aaa98)
    at kjs_events.cpp:201
#9  0x01548956 in KJS::JSLazyEventListener::handleEvent (this=0x97aaa98, 
    evt=@0xbfedf970) at kjs_events.cpp:149
#10 0x013cfe37 in DOM::NodeImpl::handleLocalEvents (this=0x9ec3dac, 
    evt=0x9dec668, useCapture=false) at dom_nodeimpl.cpp:662
#11 0x013cf1ff in DOM::NodeImpl::dispatchGenericEvent (this=0x9ec3dac, 
    evt=0x9dec668) at dom_nodeimpl.cpp:449
#12 0x013cf5d0 in DOM::NodeImpl::dispatchWindowEvent (this=0x9ec3dac, _id=17, 
    canBubbleArg=false, cancelableArg=false) at dom_nodeimpl.cpp:507
#13 0x0140526f in DOM::HTMLDocumentImpl::close (this=0x9ec3d80)
    at html_documentimpl.cpp:276
#14 0x01381c0c in KHTMLPart::checkEmitLoadEvent (this=0x9b05350)
    at khtml_part.cpp:2313
#15 0x01380d0a in KHTMLPart::slotFinishedParsing (this=0x9b05350)
    at khtml_part.cpp:2050
#16 0x0139bc38 in KHTMLPart::qt_invoke (this=0x9b05350, _id=20, _o=0xbfedfc70)
    at khtml_part.moc:503
#17 0x07969430 in QObject::activate_signal ()
   from /usr/lib/qt-3.3/lib/libqt-mt.so.3
#18 0x07969b0a in QObject::activate_signal ()
   from /usr/lib/qt-3.3/lib/libqt-mt.so.3
#19 0x013cdd1e in DOM::DocumentImpl::finishedParsing (this=0x9ec3d80)
    at dom_docimpl.moc:86
#20 0x013cdd98 in DOM::DocumentImpl::qt_emit (this=0x9ec3d80, _id=2, 
    _o=0xbfedfda0) at dom_docimpl.moc:97
#21 0x014062c8 in DOM::HTMLDocumentImpl::qt_emit (this=0x9ec3d80, _id=2, 
    _o=0xbfedfda0) at html_documentimpl.moc:91
#22 0x079694ad in QObject::activate_signal ()
   from /usr/lib/qt-3.3/lib/libqt-mt.so.3
#23 0x07969b0a in QObject::activate_signal ()
   from /usr/lib/qt-3.3/lib/libqt-mt.so.3
#24 0x013e4096 in khtml::Tokenizer::finishedParsing (this=0x9deab40)
    at xml_tokenizer.moc:82
#25 0x013fa555 in khtml::HTMLTokenizer::end (this=0x9deab40)
    at htmltokenizer.cpp:1571
#26 0x013fa8b8 in khtml::HTMLTokenizer::finish (this=0x9deab40)
    at htmltokenizer.cpp:1620
#27 0x013c788d in DOM::DocumentImpl::finishParsing (this=0x9ec3d80)
    at dom_docimpl.cpp:1315
#28 0x013808bd in KHTMLPart::end (this=0x9b05350) at khtml_part.cpp:1988
#29 0x0137fee5 in KHTMLPart::slotFinished (this=0x9b05350, job=0x9a78fc8)
    at khtml_part.cpp:1855
#30 0x0139bc25 in KHTMLPart::qt_invoke (this=0x9b05350, _id=19, _o=0xbfee0020)
    at khtml_part.moc:502
#31 0x079693b9 in QObject::activate_signal ()
   from /usr/lib/qt-3.3/lib/libqt-mt.so.3
#32 0x004aff5e in KIO::Job::result (this=0x9a78fc8, t0=0x9a78fc8)
    at jobclasses.moc:162
#33 0x0049b635 in KIO::Job::emitResult (this=0x9a78fc8) at job.cpp:222
#34 0x0049ccd6 in KIO::SimpleJob::slotFinished (this=0x9a78fc8) at job.cpp:570
#35 0x0049efac in KIO::TransferJob::slotFinished (this=0x9a78fc8)
    at job.cpp:938
#36 0x004b25b4 in KIO::TransferJob::qt_invoke (this=0x9a78fc8, _id=17, 
    _o=0xbfee02f0) at jobclasses.moc:1071
#37 0x07969430 in QObject::activate_signal ()
   from /usr/lib/qt-3.3/lib/libqt-mt.so.3
#38 0x07969b0a in QObject::activate_signal ()
   from /usr/lib/qt-3.3/lib/libqt-mt.so.3
#39 0x00492dd1 in KIO::SlaveInterface::finished (this=0x9ec0a20)
    at slaveinterface.moc:226
#40 0x00491399 in KIO::SlaveInterface::dispatch (this=0x9ec0a20, _cmd=104, 
    rawdata=@0xbfee04d0) at slaveinterface.cpp:243
#41 0x00490fc0 in KIO::SlaveInterface::dispatch (this=0x9ec0a20)
    at slaveinterface.cpp:173
#42 0x0048edb5 in KIO::Slave::gotInput (this=0x9ec0a20) at slave.cpp:300
#43 0x0049084b in KIO::Slave::qt_invoke (this=0x9ec0a20, _id=4, _o=0xbfee0600)
    at slave.moc:113
#44 0x07969430 in QObject::activate_signal ()
   from /usr/lib/qt-3.3/lib/libqt-mt.so.3
#45 0x079699c2 in QObject::activate_signal ()
   from /usr/lib/qt-3.3/lib/libqt-mt.so.3
#46 0x07c9b164 in QSocketNotifier::activated ()
   from /usr/lib/qt-3.3/lib/libqt-mt.so.3
#47 0x079844b5 in QSocketNotifier::event ()
   from /usr/lib/qt-3.3/lib/libqt-mt.so.3
#48 0x0790a8c9 in QApplication::internalNotify ()
   from /usr/lib/qt-3.3/lib/libqt-mt.so.3
#49 0x0790aa5a in QApplication::notify ()
   from /usr/lib/qt-3.3/lib/libqt-mt.so.3
#50 0x010405fc in KApplication::notify (this=0xbfee0d00, receiver=0x9ea44d0, 
    event=0xbfee0920) at kapplication.cpp:550
#51 0x078fed84 in QEventLoop::activateSocketNotifiers ()
   from /usr/lib/qt-3.3/lib/libqt-mt.so.3
#52 0x078babce in QEventLoop::processEvents ()
   from /usr/lib/qt-3.3/lib/libqt-mt.so.3
#53 0x0791fef5 in QEventLoop::enterLoop ()
   from /usr/lib/qt-3.3/lib/libqt-mt.so.3
#54 0x0791fe4e in QEventLoop::exec () from /usr/lib/qt-3.3/lib/libqt-mt.so.3
#55 0x07909acb in QApplication::exec () from /usr/lib/qt-3.3/lib/libqt-mt.so.3
#56 0x00ebdf7f in kdemain (argc=1, argv=0xbfee0e64) at konq_main.cc:206
#57 0x0804863a in main (argc=1, argv=0xbfee0e64) at konqueror.la.cc:2
Comment 2 Tommi Tervo 2005-08-19 11:09:48 UTC 

*** This bug has been marked as a duplicate of 106795 ***