Bug 133680

Summary: blogger.com: when adding custom page elements, konqueror crashes
Product: [Applications] konqueror Reporter: stubnitz
Component: khtml xmlAssignee: Konqueror Developers <konq-bugs>
Status: RESOLVED FIXED    
Severity: crash CC: annavoy, bugs, cronopios, darko_kostovski, dbenamy+kde, doyle, francis.lacoste, g4mba5, johan.erlands, kde1844, locket, m.wege, maksim, mihnea_capraru, neilgall, pdedecker, ricardo_0617, shlomif, tilleyrw, yksloll
Priority: NOR    
Version: unspecified   
Target Milestone: ---   
Platform: unspecified   
OS: Linux   
Latest Commit: Version Fixed In:
Sentry Crash Report:
Attachments: patch

Description stubnitz 2006-09-06 23:17:53 UTC 
Version:           3.5.4 (using KDE 3.5.4, Kubuntu Package 4:3.5.4-0ubuntu2~dapper1 )
Compiler:          Target: i486-linux-gnu
OS:                Linux (i686) release 2.6.16.16-ath64

Logged in blogger.com (beta version), everything ok. When trying to save a new page element (by editing HTML code), the save button push cause the browser to crash. Here is the backtrace:

(no debugging symbols found)
Using host libthread_db library "/lib/tls/i686/cmov/libthread_db.so.1".
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
[Thread debugging using libthread_db enabled]
[New Thread -1232070976 (LWP 7213)]
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
[KCrash handler]
#6  0xb60d789e in DOM::XMLAttributeReader::~XMLAttributeReader ()
   from /usr/lib/libkhtml.so.4
#7  0xb6274544 in DOM::Document::importNode () from /usr/lib/libkhtml.so.4
#8  0xb6227420 in TestFunctionImp::call () from /usr/lib/libkhtml.so.4
#9  0xb6222f84 in TestFunctionImp::call () from /usr/lib/libkhtml.so.4
#10 0xb5f5bfcf in KJS::Object::call () from /usr/lib/libkjs.so.1
#11 0xb5f6a4e6 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#12 0xb5f6f237 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#13 0xb5f712e7 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#14 0xb5f6ca70 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#15 0xb5f6cf4f in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#16 0xb5f7137d in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#17 0xb5f6ca70 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#18 0xb5f72371 in KJS::DeclaredFunctionImp::execute ()
   from /usr/lib/libkjs.so.1
#19 0xb5f5897d in KJS::FunctionImp::call () from /usr/lib/libkjs.so.1
#20 0xb5f5bfcf in KJS::Object::call () from /usr/lib/libkjs.so.1
#21 0xb5f6a4e6 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#22 0xb5f6f237 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#23 0xb5f7137d in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#24 0xb5f6ca70 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#25 0xb5f72371 in KJS::DeclaredFunctionImp::execute ()
   from /usr/lib/libkjs.so.1
#26 0xb5f5897d in KJS::FunctionImp::call () from /usr/lib/libkjs.so.1
#27 0xb5f5bfcf in KJS::Object::call () from /usr/lib/libkjs.so.1
#28 0xb5f6a4e6 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#29 0xb5f59730 in KJS::printInfo () from /usr/lib/libkjs.so.1
#30 0xb5f6cbe8 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#31 0xb5f712e7 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#32 0xb5f6ca70 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#33 0xb5f6cf4f in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#34 0xb5f6cdcf in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#35 0xb5f712e7 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#36 0xb5f6ca70 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#37 0xb5f6cf4f in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#38 0xb5f7137d in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#39 0xb5f6ca70 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#40 0xb5f72371 in KJS::DeclaredFunctionImp::execute ()
   from /usr/lib/libkjs.so.1
#41 0xb5f5897d in KJS::FunctionImp::call () from /usr/lib/libkjs.so.1
#42 0xb5f5bfcf in KJS::Object::call () from /usr/lib/libkjs.so.1
#43 0xb5f6a4e6 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#44 0xb5f2d319 in KJS::Interpreter::globalObject () from /usr/lib/libkjs.so.1
#45 0xb5f59373 in KJS::printInfo () from /usr/lib/libkjs.so.1
#46 0xb5f59243 in KJS::printInfo () from /usr/lib/libkjs.so.1
#47 0xb5f6c89a in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#48 0xb5f7137d in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#49 0xb5f6ca70 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#50 0xb5f6d6a5 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#51 0xb5f7137d in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#52 0xb5f6ca70 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#53 0xb5f6cf4f in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#54 0xb5f7137d in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#55 0xb5f6ca70 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#56 0xb5f72371 in KJS::DeclaredFunctionImp::execute ()
   from /usr/lib/libkjs.so.1
#57 0xb5f5897d in KJS::FunctionImp::call () from /usr/lib/libkjs.so.1
#58 0xb5f5bfcf in KJS::Object::call () from /usr/lib/libkjs.so.1
#59 0xb5f6a4e6 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#60 0xb5f2d319 in KJS::Interpreter::globalObject () from /usr/lib/libkjs.so.1
#61 0xb5f59373 in KJS::printInfo () from /usr/lib/libkjs.so.1
#62 0xb5f59243 in KJS::printInfo () from /usr/lib/libkjs.so.1
#63 0xb5f6c89a in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#64 0xb5f7137d in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#65 0xb5f6ca70 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#66 0xb5f6d6a5 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#67 0xb5f7137d in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#68 0xb5f6ca70 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#69 0xb5f6cf4f in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#70 0xb5f7137d in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#71 0xb5f6ca70 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#72 0xb5f72371 in KJS::DeclaredFunctionImp::execute ()
   from /usr/lib/libkjs.so.1
#73 0xb5f5897d in KJS::FunctionImp::call () from /usr/lib/libkjs.so.1
#74 0xb5f5bfcf in KJS::Object::call () from /usr/lib/libkjs.so.1
#75 0xb5f6a4e6 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#76 0xb5f2d319 in KJS::Interpreter::globalObject () from /usr/lib/libkjs.so.1
#77 0xb5f59373 in KJS::printInfo () from /usr/lib/libkjs.so.1
#78 0xb5f59243 in KJS::printInfo () from /usr/lib/libkjs.so.1
#79 0xb5f6c89a in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#80 0xb5f7137d in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#81 0xb5f6ca70 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#82 0xb5f6d6a5 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#83 0xb5f7137d in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#84 0xb5f6ca70 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#85 0xb5f6cf4f in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#86 0xb5f7137d in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#87 0xb5f6ca70 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#88 0xb5f72371 in KJS::DeclaredFunctionImp::execute ()
   from /usr/lib/libkjs.so.1
#89 0xb5f5897d in KJS::FunctionImp::call () from /usr/lib/libkjs.so.1
#90 0xb5f5bfcf in KJS::Object::call () from /usr/lib/libkjs.so.1
#91 0xb5f6a4e6 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#92 0xb5f2d319 in KJS::Interpreter::globalObject () from /usr/lib/libkjs.so.1
#93 0xb5f59373 in KJS::printInfo () from /usr/lib/libkjs.so.1
#94 0xb5f59243 in KJS::printInfo () from /usr/lib/libkjs.so.1
#95 0xb5f6c89a in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#96 0xb5f7137d in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#97 0xb5f6ca70 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#98 0xb5f6d6a5 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#99 0xb5f7137d in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#100 0xb5f6ca70 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#101 0xb5f6cf4f in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#102 0xb5f7137d in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#103 0xb5f6ca70 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#104 0xb5f72371 in KJS::DeclaredFunctionImp::execute ()
   from /usr/lib/libkjs.so.1
#105 0xb5f5897d in KJS::FunctionImp::call () from /usr/lib/libkjs.so.1
#106 0xb5f5bfcf in KJS::Object::call () from /usr/lib/libkjs.so.1
#107 0xb5f6a4e6 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#108 0xb5f2d319 in KJS::Interpreter::globalObject () from /usr/lib/libkjs.so.1
#109 0xb5f59373 in KJS::printInfo () from /usr/lib/libkjs.so.1
#110 0xb5f59243 in KJS::printInfo () from /usr/lib/libkjs.so.1
#111 0xb5f6c89a in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#112 0xb5f7137d in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#113 0xb5f6ca70 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#114 0xb5f6d6a5 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#115 0xb5f7137d in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#116 0xb5f6ca70 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#117 0xb5f6cf4f in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#118 0xb5f7137d in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#119 0xb5f6ca70 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#120 0xb5f72371 in KJS::DeclaredFunctionImp::execute ()
   from /usr/lib/libkjs.so.1
#121 0xb5f5897d in KJS::FunctionImp::call () from /usr/lib/libkjs.so.1
#122 0xb5f5bfcf in KJS::Object::call () from /usr/lib/libkjs.so.1
#123 0xb5f6a4e6 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#124 0xb5f2d319 in KJS::Interpreter::globalObject () from /usr/lib/libkjs.so.1
#125 0xb5f59373 in KJS::printInfo () from /usr/lib/libkjs.so.1
#126 0xb5f59243 in KJS::printInfo () from /usr/lib/libkjs.so.1
#127 0xb5f6c89a in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#128 0xb5f7137d in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#129 0xb5f6ca70 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#130 0xb5f6d6a5 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#131 0xb5f7137d in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#132 0xb5f6ca70 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#133 0xb5f6cf4f in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#134 0xb5f7137d in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#135 0xb5f6ca70 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#136 0xb5f72371 in KJS::DeclaredFunctionImp::execute ()
   from /usr/lib/libkjs.so.1
#137 0xb5f5897d in KJS::FunctionImp::call () from /usr/lib/libkjs.so.1
#138 0xb5f5bfcf in KJS::Object::call () from /usr/lib/libkjs.so.1
#139 0xb5f6a4e6 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#140 0xb5f2d319 in KJS::Interpreter::globalObject () from /usr/lib/libkjs.so.1
#141 0xb5f59373 in KJS::printInfo () from /usr/lib/libkjs.so.1
#142 0xb5f59243 in KJS::printInfo () from /usr/lib/libkjs.so.1
#143 0xb5f6c89a in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#144 0xb5f7137d in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#145 0xb5f6ca70 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#146 0xb5f72371 in KJS::DeclaredFunctionImp::execute ()
   from /usr/lib/libkjs.so.1
#147 0xb5f5897d in KJS::FunctionImp::call () from /usr/lib/libkjs.so.1
#148 0xb5f5bfcf in KJS::Object::call () from /usr/lib/libkjs.so.1
#149 0xb5f6a4e6 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#150 0xb5f2d319 in KJS::Interpreter::globalObject () from /usr/lib/libkjs.so.1
#151 0xb5f59373 in KJS::printInfo () from /usr/lib/libkjs.so.1
#152 0xb5f59243 in KJS::printInfo () from /usr/lib/libkjs.so.1
#153 0xb5f6c89a in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#154 0xb5f7137d in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#155 0xb5f6ca70 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#156 0xb5f72371 in KJS::DeclaredFunctionImp::execute ()
   from /usr/lib/libkjs.so.1
#157 0xb5f5897d in KJS::FunctionImp::call () from /usr/lib/libkjs.so.1
#158 0xb5f5bfcf in KJS::Object::call () from /usr/lib/libkjs.so.1
#159 0xb5f6a4e6 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#160 0xb5f5b603 in KJS::printInfo () from /usr/lib/libkjs.so.1
#161 0xb5f5b71b in KJS::printInfo () from /usr/lib/libkjs.so.1
#162 0xb5f6a1b0 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#163 0xb5f6cbe8 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#164 0xb5f712e7 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#165 0xb5f6ca70 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#166 0xb5f6cf4f in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#167 0xb5f7137d in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#168 0xb5f6ca70 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#169 0xb5f72371 in KJS::DeclaredFunctionImp::execute ()
   from /usr/lib/libkjs.so.1
#170 0xb5f5897d in KJS::FunctionImp::call () from /usr/lib/libkjs.so.1
#171 0xb5f5bfcf in KJS::Object::call () from /usr/lib/libkjs.so.1
#172 0xb5f6a4e6 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#173 0xb5f6cbe8 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#174 0xb5f712e7 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#175 0xb5f6ca70 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#176 0xb5f6cf4f in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#177 0xb5f7137d in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#178 0xb5f6ca70 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#179 0xb5f72371 in KJS::DeclaredFunctionImp::execute ()
   from /usr/lib/libkjs.so.1
#180 0xb5f5897d in KJS::FunctionImp::call () from /usr/lib/libkjs.so.1
#181 0xb5f5bfcf in KJS::Object::call () from /usr/lib/libkjs.so.1
#182 0xb5f6a4e6 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#183 0xb5f6cbe8 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#184 0xb5f7137d in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#185 0xb5f6ca70 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#186 0xb5f72371 in KJS::DeclaredFunctionImp::execute ()
   from /usr/lib/libkjs.so.1
#187 0xb5f5897d in KJS::FunctionImp::call () from /usr/lib/libkjs.so.1
#188 0xb5f5bfcf in KJS::Object::call () from /usr/lib/libkjs.so.1
#189 0xb5f6a4e6 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#190 0xb5f6cbe8 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#191 0xb5f712e7 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#192 0xb5f6ca70 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#193 0xb5f6cf4f in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#194 0xb5f712e7 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#195 0xb5f6ca70 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#196 0xb5f72371 in KJS::DeclaredFunctionImp::execute ()
   from /usr/lib/libkjs.so.1
#197 0xb5f5897d in KJS::FunctionImp::call () from /usr/lib/libkjs.so.1
#198 0xb5f5bfcf in KJS::Object::call () from /usr/lib/libkjs.so.1
#199 0xb5f6a4e6 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#200 0xb5f6cbe8 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#201 0xb5f712e7 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#202 0xb5f6ca70 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#203 0xb5f72371 in KJS::DeclaredFunctionImp::execute ()
   from /usr/lib/libkjs.so.1
#204 0xb5f5897d in KJS::FunctionImp::call () from /usr/lib/libkjs.so.1
#205 0xb5f5bfcf in KJS::Object::call () from /usr/lib/libkjs.so.1
#206 0xb5f6a4e6 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#207 0xb5f6cbe8 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#208 0xb5f7137d in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#209 0xb5f6ca70 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#210 0xb5f6cf4f in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#211 0xb5f712e7 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#212 0xb5f6ca70 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#213 0xb5f72371 in KJS::DeclaredFunctionImp::execute ()
   from /usr/lib/libkjs.so.1
#214 0xb5f5897d in KJS::FunctionImp::call () from /usr/lib/libkjs.so.1
#215 0xb5f5bfcf in KJS::Object::call () from /usr/lib/libkjs.so.1
#216 0xb5f6a4e6 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#217 0xb5f6cbe8 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#218 0xb5f7137d in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#219 0xb5f6ca70 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#220 0xb5f72371 in KJS::DeclaredFunctionImp::execute ()
   from /usr/lib/libkjs.so.1
#221 0xb5f5897d in KJS::FunctionImp::call () from /usr/lib/libkjs.so.1
#222 0xb5f5bfcf in KJS::Object::call () from /usr/lib/libkjs.so.1
#223 0xb5f6a4e6 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#224 0xb5f6cbe8 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#225 0xb5f712e7 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#226 0xb5f6ca70 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#227 0xb5f6cf4f in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#228 0xb5f712e7 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#229 0xb5f6ca70 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#230 0xb5f72371 in KJS::DeclaredFunctionImp::execute ()
   from /usr/lib/libkjs.so.1
#231 0xb5f5897d in KJS::FunctionImp::call () from /usr/lib/libkjs.so.1
#232 0xb5f5bfcf in KJS::Object::call () from /usr/lib/libkjs.so.1
#233 0xb5f6a4e6 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#234 0xb5f6cbe8 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#235 0xb5f7137d in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#236 0xb5f6ca70 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#237 0xb5f72371 in KJS::DeclaredFunctionImp::execute ()
   from /usr/lib/libkjs.so.1
#238 0xb5f5897d in KJS::FunctionImp::call () from /usr/lib/libkjs.so.1
#239 0xb5f5bfcf in KJS::Object::call () from /usr/lib/libkjs.so.1
#240 0xb5f6a4e6 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#241 0xb5f6cbe8 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#242 0xb5f712e7 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#243 0xb5f6ca70 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#244 0xb5f70d91 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#245 0xb5f712e7 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#246 0xb5f6ca70 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#247 0xb5f5e1d2 in KJS::GlobalFuncImp::call () from /usr/lib/libkjs.so.1
#248 0xb5f5bfcf in KJS::Object::call () from /usr/lib/libkjs.so.1
#249 0xb5f6a4e6 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#250 0xb5f6cbe8 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#251 0xb5f712e7 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#252 0xb5f6ca70 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#253 0xb5f6cf4f in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#254 0xb5f7137d in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#255 0xb5f6ca70 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#256 0xb5f70d91 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#257 0xb5f7137d in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#258 0xb5f6ca70 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#259 0xb5f6cf4f in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#260 0xb5f7137d in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#261 0xb5f6ca70 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#262 0xb5f6cf4f in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#263 0xb5f712e7 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#264 0xb5f6ca70 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#265 0xb5f72371 in KJS::DeclaredFunctionImp::execute ()
   from /usr/lib/libkjs.so.1
#266 0xb5f5897d in KJS::FunctionImp::call () from /usr/lib/libkjs.so.1
#267 0xb5f5bfcf in KJS::Object::call () from /usr/lib/libkjs.so.1
#268 0xb5f6a4e6 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#269 0xb5f6cbe8 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#270 0xb5f712e7 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#271 0xb5f6ca70 in KJS::UndefinedImp::toObject () from /usr/lib/libkjs.so.1
#272 0xb5f72371 in KJS::DeclaredFunctionImp::execute ()
   from /usr/lib/libkjs.so.1
#273 0xb5f5897d in KJS::FunctionImp::call () from /usr/lib/libkjs.so.1
#274 0xb5f5bfcf in KJS::Object::call () from /usr/lib/libkjs.so.1
#275 0xb622e4ed in TestFunctionImp::call () from /usr/lib/libkhtml.so.4
#276 0xb61dbd14 in EmbedLiveConnect::toBoolean () from /usr/lib/libkhtml.so.4
#277 0xb61fbb3d in EmbedLiveConnect::call () from /usr/lib/libkhtml.so.4
#278 0xb61fbbc9 in EmbedLiveConnect::call () from /usr/lib/libkhtml.so.4
#279 0xb61fd1f0 in EmbedLiveConnect::call () from /usr/lib/libkhtml.so.4
#280 0xb72a3eb9 in QObject::activate_signal () from /usr/lib/libqt-mt.so.3
#281 0xb7af0ade in KIO::Job::result () from /usr/lib/libkio.so.4
#282 0xb7b4dfc4 in KIO::Job::emitResult () from /usr/lib/libkio.so.4
#283 0xb7b4e108 in KIO::SimpleJob::slotFinished () from /usr/lib/libkio.so.4
#284 0xb7b4e80b in KIO::TransferJob::slotFinished () from /usr/lib/libkio.so.4
#285 0xb7b5035f in KIO::TransferJob::qt_invoke () from /usr/lib/libkio.so.4
#286 0xb72a3eb9 in QObject::activate_signal () from /usr/lib/libqt-mt.so.3
#287 0xb72a4954 in QObject::activate_signal () from /usr/lib/libqt-mt.so.3
#288 0xb7aec118 in KIO::SlaveInterface::finished () from /usr/lib/libkio.so.4
#289 0xb7b6119e in KIO::SlaveInterface::dispatch () from /usr/lib/libkio.so.4
#290 0xb7b34620 in KIO::SlaveInterface::dispatch () from /usr/lib/libkio.so.4
#291 0xb7b29730 in KIO::Slave::gotInput () from /usr/lib/libkio.so.4
#292 0xb7b2da87 in KIO::Slave::qt_invoke () from /usr/lib/libkio.so.4
#293 0xb72a3eb9 in QObject::activate_signal () from /usr/lib/libqt-mt.so.3
#294 0xb72a47c8 in QObject::activate_signal () from /usr/lib/libqt-mt.so.3
#295 0xb763806f in QSocketNotifier::activated () from /usr/lib/libqt-mt.so.3
#296 0xb72c41fe in QSocketNotifier::event () from /usr/lib/libqt-mt.so.3
#297 0xb7239e56 in QApplication::internalNotify () from /usr/lib/libqt-mt.so.3
#298 0xb723a052 in QApplication::notify () from /usr/lib/libqt-mt.so.3
#299 0xb79187ab in KApplication::notify () from /usr/lib/libkdecore.so.4
#300 0xb71cb157 in QApplication::sendEvent () from /usr/lib/libqt-mt.so.3
#301 0xb722b973 in QEventLoop::activateSocketNotifiers ()
   from /usr/lib/libqt-mt.so.3
#302 0xb71def43 in QEventLoop::processEvents () from /usr/lib/libqt-mt.so.3
#303 0xb7252947 in QEventLoop::enterLoop () from /usr/lib/libqt-mt.so.3
#304 0xb725286a in QEventLoop::exec () from /usr/lib/libqt-mt.so.3
#305 0xb7238965 in QApplication::exec () from /usr/lib/libqt-mt.so.3
#306 0xb6886c11 in kdemain () from /usr/lib/libkdeinit_konqueror.so
#307 0xb7faf4f4 in kdeinitmain () from /usr/lib/kde3/konqueror.so
#308 0x0804e173 in ?? ()
#309 0x00000002 in ?? ()
#310 0x080e3480 in ?? ()
#311 0x00000001 in ?? ()
#312 0x00000000 in ?? ()
Comment 1 Tommi Tervo 2006-09-07 09:33:48 UTC 
==31273== Invalid read of size 4
==31273==    at 0x6A45A03: DOM::DocumentImpl::importNode(DOM::NodeImpl*, bool, int&) (dom_docimpl.cpp:552)
==31273==    by 0x6C3CAA9: DOM::Document::importNode(DOM::Node const&, bool) (dom_doc.cpp:340)
==31273==    by 0x6B88855: KJS::DOMDocumentProtoFunc::tryCall(KJS::ExecState*, KJS::Object&, KJS::List const&) (kjs_dom.cpp:1027)
==31273==    by 0x6B7B005: KJS::DOMFunction::call(KJS::ExecState*, KJS::Object&, KJS::List const&) (kjs_binding.cpp:114)
==31273==    by 0x6D6F147: KJS::Object::call(KJS::ExecState*, KJS::Object&, KJS::List const&) (object.cpp:73)
==31273==    by 0x6D3A77F: KJS::FunctionCallNode::evaluate(KJS::ExecState*) const (nodes.cpp:870)
==31273==    by 0x6D393DC: KJS::ReturnNode::execute(KJS::ExecState*) (nodes.cpp:2401)
==31273==    by 0x6D32D4B: KJS::SourceElementsNode::execute(KJS::ExecState*) (nodes.cpp:3091)
==31273==    by 0x6D30D19: KJS::BlockNode::execute(KJS::ExecState*) (nodes.cpp:1942)
==31273==    by 0x6D35D3A: KJS::IfNode::execute(KJS::ExecState*) (nodes.cpp:2021)
==31273==    by 0x6D32E8D: KJS::SourceElementsNode::execute(KJS::ExecState*) (nodes.cpp:3097)
==31273==    by 0x6D30D19: KJS::BlockNode::execute(KJS::ExecState*) (nodes.cpp:1942)
==31273==    by 0x6D67763: KJS::DeclaredFunctionImp::execute(KJS::ExecState*) (function.cpp:588)
==31273==    by 0x6D67BB1: KJS::FunctionImp::call(KJS::ExecState*, KJS::Object&, KJS::List const&) (function.cpp:363)
==31273==    by 0x6D6F147: KJS::Object::call(KJS::ExecState*, KJS::Object&, KJS::List const&) (object.cpp:73)
==31273==    by 0x6D3A77F: KJS::FunctionCallNode::evaluate(KJS::ExecState*) const (nodes.cpp:870)
==31273==    by 0x6D393DC: KJS::ReturnNode::execute(KJS::ExecState*) (nodes.cpp:2401)
==31273==    by 0x6D32E8D: KJS::SourceElementsNode::execute(KJS::ExecState*) (nodes.cpp:3097)
==31273==    by 0x6D30D19: KJS::BlockNode::execute(KJS::ExecState*) (nodes.cpp:1942)
==31273==    by 0x6D67763: KJS::DeclaredFunctionImp::execute(KJS::ExecState*) (function.cpp:588)
==31273==    by 0x6D67BB1: KJS::FunctionImp::call(KJS::ExecState*, KJS::Object&, KJS::List const&) (function.cpp:363)
==31273==    by 0x6D6F147: KJS::Object::call(KJS::ExecState*, KJS::Object&, KJS::List const&) (object.cpp:73)
==31273==    by 0x6D3A77F: KJS::FunctionCallNode::evaluate(KJS::ExecState*) const (nodes.cpp:870)
==31273==    by 0x6D366E0: KJS::AssignNode::evaluate(KJS::ExecState*) const (nodes.cpp:1562)
==31273==    by 0x6D35E50: KJS::ExprStatementNode::execute(KJS::ExecState*) (nodes.cpp:1980)
==31273==    by 0x6D32D4B: KJS::SourceElementsNode::execute(KJS::ExecState*) (nodes.cpp:3091)
==31273==    by 0x6D30D19: KJS::BlockNode::execute(KJS::ExecState*) (nodes.cpp:1942)
==31273==    by 0x6D35D3A: KJS::IfNode::execute(KJS::ExecState*) (nodes.cpp:2021)
==31273==    by 0x6D35DAC: KJS::IfNode::execute(KJS::ExecState*) (nodes.cpp:2028)
==31273==    by 0x6D32D4B: KJS::SourceElementsNode::execute(KJS::ExecState*) (nodes.cpp:3091)
==31273==    by 0x6D30D19: KJS::BlockNode::execute(KJS::ExecState*) (nodes.cpp:1942)
==31273==    by 0x6D35D3A: KJS::IfNode::execute(KJS::ExecState*) (nodes.cpp:2021)
==31273==    by 0x6D32E8D: KJS::SourceElementsNode::execute(KJS::ExecState*) (nodes.cpp:3097)
==31273==    by 0x6D30D19: KJS::BlockNode::execute(KJS::ExecState*) (nodes.cpp:1942)
==31273==    by 0x6D67763: KJS::DeclaredFunctionImp::execute(KJS::ExecState*) (function.cpp:588)
==31273==    by 0x6D67BB1: KJS::FunctionImp::call(KJS::ExecState*, KJS::Object&, KJS::List const&) (function.cpp:363)
==31273==    by 0x6D6F147: KJS::Object::call(KJS::ExecState*, KJS::Object&, KJS::List const&) (object.cpp:73)
==31273==    by 0x6D3A77F: KJS::FunctionCallNode::evaluate(KJS::ExecState*) const (nodes.cpp:870)
==31273==    by 0x6D2E75D: KJS::AssignExprNode::evaluate(KJS::ExecState*) const (nodes.cpp:1760)
==31273==    by 0x6D362DF: KJS::VarDeclNode::evaluate(KJS::ExecState*) const (nodes.cpp:1791)
==31273==    by 0x6D36175: KJS::VarDeclListNode::evaluate(KJS::ExecState*) const (nodes.cpp:1863)
==31273==    by 0x6D35FFE: KJS::VarStatementNode::execute(KJS::ExecState*) (nodes.cpp:1896)
==31273==  Address 0x0 is not stack'd, malloc'd or (recently) free'd
KCrash: crashing... crashRecursionCounter = 2
KCrash: Application Name = konqueror path = <unknown> pid = 31273
==31273==
Comment 2 Tommi Tervo 2006-09-08 11:57:04 UTC 
*** Bug 133748 has been marked as a duplicate of this bug. ***
Comment 3 Tommi Tervo 2006-09-08 12:01:07 UTC 
Easier way to reproduce this crash:
http://mundosubliminal.blogspot.com/2006/09/truco-gmail-correos-ilimitados.html
Comment 4 Maksim Orlovich 2006-09-08 16:37:44 UTC 
The crash happens when doing an importNode on a documentFragment...
Comment 5 Maksim Orlovich 2006-09-08 16:50:44 UTC 
Created attachment 17667 [details]
patch

This should fix this crash, but there is still something funny on the public
test URL (not sure about blogger...)
Comment 6 Tommi Tervo 2006-09-08 22:56:39 UTC 
that patch didn't fix the crashes, both gave same bactraces:

#6  0xb5fe3a09 in DOM::DocumentImpl::getName (this=0x0, 
    _type=DOM::NodeImpl::AttributeId, _id=327765) at dom_docimpl.cpp:1871
#7  0xb5ffe177 in DOM::AttrImpl::name (this=0x8b4fca0)
    at dom_elementimpl.cpp:134
#8  0xb5fffa8b in DOM::AttrImpl::nodeName (this=0x8b4fca0)
    at dom_elementimpl.cpp:84
#9  0xb61d1ebd in DOM::Node::nodeName (this=0x8b36204) at dom_node.cpp:178
#10 0xb6135af2 in KJS::DOMNode::getValueProperty (this=0x8b361d8, 
    exec=0xbfa9c72c, token=0) at kjs_dom.cpp:229
#11 0xb613e582 in KJS::DOMObjectLookupGetValue<KJS::DOMNode, KJS::DOMObject> (
    exec=0xbfa9c72c, propertyName=@0xbfa9c118, table=0xb6273570, 
    thisObj=0x8b361d8) at ../../khtml/ecma/kjs_binding.h:220
#12 0xb6137a27 in KJS::DOMNode::tryGet (this=0x8b361d8, exec=0xbfa9c72c, 
    propertyName=@0xbfa9c118) at kjs_dom.cpp:182
#13 0xb613ea5d in KJS::DOMObjectLookupGetValue<KJS::DOMAttr, KJS::DOMNode> (
    exec=0xbfa9c72c, propertyName=@0xbfa9c118, table=0xb6273598, 
    thisObj=0x8b361d8) at ../../khtml/ecma/kjs_binding.h:216
#14 0xb61380c1 in KJS::DOMAttr::tryGet (this=0x8b361d8, exec=0xbfa9c72c, 
    propertyName=@0xbfa9c118) at kjs_dom.cpp:814
#15 0xb61226d0 in KJS::DOMObject::get (this=0x8b361d8, exec=0xbfa9c72c,
Comment 7 Maksim Orlovich 2006-09-09 23:38:50 UTC 
That's probably the same as bug #128015. Working on a fix now (actually merging Apple's semi-fix)
Comment 8 Maksim Orlovich 2006-09-10 16:54:45 UTC 
OK, with the patch for that (not yet 100% ready to attach, need to cleanup a few things, but if you want to test, please let me know), this doesn't crash, but pops up some JS error...
Comment 9 Maksim Orlovich 2006-09-10 18:27:15 UTC 
... And that error is likely because we do not have the auto-adopt quirk IE/Mozilla have, but are actually following the DOM spec...
Comment 10 Tommi Tervo 2006-09-20 15:07:42 UTC 
*** Bug 134394 has been marked as a duplicate of this bug. ***
Comment 11 Maksim Orlovich 2006-09-22 21:09:05 UTC 
*** Bug 134511 has been marked as a duplicate of this bug. ***
Comment 12 Maksim Orlovich 2006-09-23 19:18:12 UTC 
*** Bug 134546 has been marked as a duplicate of this bug. ***
Comment 13 Maksim Orlovich 2006-10-02 14:31:40 UTC 
SVN commit 591440 by orlovich:

Don't crash on deep importNode with type we don't support 
(or type that the DOM spec says we should not support);
but for now do not add support for missing types such as
DocumentFragment; these acts as a partial workaround for the
blogger widgets crash as we throw an exception on this op then instead of 
generally crashing on later op (though it can still  crash with 
dangling document in other scenarios, at least it seems to be 
relatively rare)


CCBUG:133680


 M  +3 -1      dom_docimpl.cpp  


--- branches/KDE/3.5/kdelibs/khtml/xml/dom_docimpl.cpp #591439:591440
@@ -547,8 +547,10 @@
     }
     else
 	exceptioncode = DOMException::NOT_SUPPORTED_ERR;
+	
+    //### FIXME: This should handle DocumentFragment, Attributes, and a few other things
 
-    if(deep)
+    if(deep && result)
     {
 	for(Node n = importedNode->firstChild(); !n.isNull(); n = n.nextSibling())
 	    result->appendChild(importNode(n.handle(), true, exceptioncode), exceptioncode);
Comment 14 Tommi Tervo 2006-10-04 16:50:15 UTC 
*** Bug 135091 has been marked as a duplicate of this bug. ***
Comment 15 Maksim Orlovich 2006-10-08 00:59:39 UTC 
*** Bug 135267 has been marked as a duplicate of this bug. ***
Comment 16 Maksim Orlovich 2006-10-14 16:42:39 UTC 
SVN commit 595496 by orlovich:

Improve memory management of documents: they are no longer 
destroyed way too early when there are out-side referenced nodes 
hanging around and that need them. However, since we're
refcounting, the documents have to disconnect the children in that 
case to avoid cycles.. Should fix some crashes with some AJAXy stuff

(Merged from Apple's tree)
BUG:128015
CCBUG:133680


 M  +1 -1      ecma/kjs_traversal.cpp  
 M  +4 -4      html/html_baseimpl.cpp  
 M  +6 -6      html/html_baseimpl.h  
 M  +2 -2      html/html_blockimpl.cpp  
 M  +5 -5      html/html_blockimpl.h  
 M  +3 -3      html/html_elementimpl.cpp  
 M  +2 -2      html/html_elementimpl.h  
 M  +13 -13    html/html_formimpl.cpp  
 M  +13 -13    html/html_formimpl.h  
 M  +1 -1      html/html_headimpl.cpp  
 M  +6 -6      html/html_headimpl.h  
 M  +3 -3      html/html_imageimpl.cpp  
 M  +3 -3      html/html_imageimpl.h  
 M  +3 -3      html/html_inlineimpl.h  
 M  +6 -6      html/html_listimpl.h  
 M  +1 -1      html/html_miscimpl.cpp  
 M  +1 -1      html/html_miscimpl.h  
 M  +4 -4      html/html_objectimpl.cpp  
 M  +5 -5      html/html_objectimpl.h  
 M  +4 -4      html/html_tableimpl.cpp  
 M  +7 -7      html/html_tableimpl.h  
 M  +11 -15    html/htmlparser.cpp  
 M  +6 -6      html/htmlparser.h  
 M  +5 -5      html/htmltokenizer.cpp  
 M  +3 -3      html/htmltokenizer.h  
 M  +115 -1    misc/shared.h  
 M  +10 -10    xml/dom2_rangeimpl.cpp  
 M  +3 -3      xml/dom2_rangeimpl.h  
 M  +66 -10    xml/dom_docimpl.cpp  
 M  +19 -2     xml/dom_docimpl.h  
 M  +6 -6      xml/dom_elementimpl.cpp  
 M  +5 -5      xml/dom_elementimpl.h  
 M  +12 -16    xml/dom_nodeimpl.cpp  
 M  +6 -18     xml/dom_nodeimpl.h  
 M  +1 -1      xml/dom_textimpl.cpp  
 M  +8 -8      xml/dom_textimpl.h  
 M  +9 -9      xml/dom_xmlimpl.cpp  
 M  +9 -9      xml/dom_xmlimpl.h  
 M  +22 -26    xml/xml_tokenizer.cpp  
 M  +5 -5      xml/xml_tokenizer.h
Comment 17 Maksim Orlovich 2006-10-14 16:58:43 UTC 
SVN commit 595505 by orlovich:

Fix importNode on DocumentFragment..
Testcase upcoming...

CCBUG:133680


 M  +3 -1      dom_docimpl.cpp  


--- branches/KDE/3.5/kdelibs/khtml/xml/dom_docimpl.cpp #595504:595505
@@ -601,10 +601,12 @@
 	result = createComment(static_cast<CommentImpl*>(importedNode)->string());
 	deep = false;
     }
+    else if (importedNode->nodeType() == Node::DOCUMENT_FRAGMENT_NODE)
+	result = createDocumentFragment();
     else
 	exceptioncode = DOMException::NOT_SUPPORTED_ERR;
 	
-    //### FIXME: This should handle DocumentFragment, Attributes, and a few other things
+    //### FIXME: This should handle Attributes, and a few other things
 
     if(deep && result)
     {
Comment 18 Maksim Orlovich 2006-10-14 17:01:10 UTC 
OK, with this the crash should be gone. The JS popup doesn't occur any more, either, but it's a change on their end... And since I'll have to do the autoimport quirk regardless, I consider this fixed.
Comment 19 Maksim Orlovich 2006-10-15 01:57:50 UTC 
*** Bug 135658 has been marked as a duplicate of this bug. ***
Comment 20 Maksim Orlovich 2006-10-25 00:37:13 UTC 
*** Bug 136270 has been marked as a duplicate of this bug. ***
Comment 21 Maksim Orlovich 2006-11-13 17:05:22 UTC 
*** Bug 137289 has been marked as a duplicate of this bug. ***
Comment 22 Tommi Tervo 2007-01-31 15:20:02 UTC 
*** Bug 138611 has been marked as a duplicate of this bug. ***
Comment 23 Tommi Tervo 2007-02-25 16:36:06 UTC 
*** Bug 142184 has been marked as a duplicate of this bug. ***
Comment 24 Tommi Tervo 2007-03-16 08:04:39 UTC 
*** Bug 143031 has been marked as a duplicate of this bug. ***
Comment 25 Tommi Tervo 2007-03-22 09:13:48 UTC 
*** Bug 143329 has been marked as a duplicate of this bug. ***
Comment 26 Tommi Tervo 2007-03-24 22:23:42 UTC 
*** Bug 138858 has been marked as a duplicate of this bug. ***
Comment 27 Tommi Tervo 2007-04-02 10:23:31 UTC 
*** Bug 143719 has been marked as a duplicate of this bug. ***
Comment 28 Tommi Tervo 2007-04-02 12:09:58 UTC 
*** Bug 143720 has been marked as a duplicate of this bug. ***
Comment 29 Tommi Tervo 2007-04-04 08:45:48 UTC 
*** Bug 143815 has been marked as a duplicate of this bug. ***
Comment 30 Tommi Tervo 2007-09-12 21:58:15 UTC 
*** Bug 149802 has been marked as a duplicate of this bug. ***
Comment 31 Tommi Tervo 2007-10-19 15:06:21 UTC 
*** Bug 140000 has been marked as a duplicate of this bug. ***
Comment 32 Frank Reininghaus 2008-10-31 21:15:19 UTC 
*** Bug 173988 has been marked as a duplicate of this bug. ***