| Summary: | konqueror crashes when opening www.krueger-de.org/infos/perl/dyndns/default.asp | ||
|---|---|---|---|
| Product: | [Applications] konqueror | Reporter: | Sten Heinze <sten.heinze> |
| Component: | kjs | Assignee: | Konqueror Bugs <konqueror-bugs-null> |
| Status: | RESOLVED FIXED | ||
| Severity: | crash | CC: | frank78ac |
| Priority: | NOR | ||
| Version First Reported In: | 4.2.0 | ||
| Target Milestone: | --- | ||
| Platform: | Debian testing | ||
| OS: | Linux | ||
| Latest Commit: | Version Fixed/Implemented In: | ||
| Sentry Crash Report: | |||
|
Description
Sten Heinze
2009-02-06 17:34:34 UTC
Thanks for the bug report. I could reproduce the crash in trunk rev. 921917.
Application: Konqueror (konqueror), signal SIGSEGV
[Current thread is 0 (LWP 6964)]
[leaving out threads 2, 3, 4]
Thread 1 (Thread 0xb5e5e6c0 (LWP 6964)):
[KCrash Handler]
#6 0xb403238a in KJS::HTMLDocument::putValueProperty (this=0xb15a28c0, exec=0xbfac98bc, token=3, value=0xb13eaaa0) at /home/kde-devel/kde/src/KDE/kdelibs/khtml/ecma/kjs_html.cpp:447
#7 0xb4045fe3 in KJS::lookupPut<KJS::HTMLDocument> (exec=0xbfac98bc, propertyName=@0x966f64c, value=0xb13eaaa0, attr=0, table=0xb43c9790, thisObj=0xb15a28c0)
at /home/kde-devel/kde/src/KDE/kdelibs/kjs/lookup.h:249
#8 0xb4046031 in KJS::lookupPut<KJS::HTMLDocument, KJS::DOMDocument> (exec=0xbfac98bc, propertyName=@0x966f64c, value=0xb13eaaa0, attr=0, table=0xb43c9790, thisObj=0xb15a28c0)
at /home/kde-devel/kde/src/KDE/kdelibs/kjs/lookup.h:265
#9 0xb4032c9d in KJS::HTMLDocument::put (this=0xb15a28c0, exec=0xbfac98bc, propertyName=@0x966f64c, value=0xb13eaaa0, attr=0) at /home/kde-devel/kde/src/KDE/kdelibs/khtml/ecma/kjs_html.cpp:435
#10 0xb3bf683c in KJS::Machine::runBlock (exec=0xbfac98bc, codeBlock=@0x966d270, parentExec=0xbfacae1c) at codes.def:660
#11 0xb3bd68d7 in KJS::FunctionImp::callAsFunction (this=0xb15a3aa0, exec=0xbfacae1c, thisObj=0xb15b0000, args=@0xbfacad68) at /home/kde-devel/kde/src/KDE/kdelibs/kjs/function.cpp:144
#12 0xb3bdad86 in KJS::JSObject::call (this=0xb15a3aa0, exec=0xbfacae1c, thisObj=0xb15b0000, args=@0xbfacad68) at /home/kde-devel/kde/src/KDE/kdelibs/kjs/object.cpp:99
#13 0xb3bfecea in KJS::Machine::runBlock (exec=0xbfacae1c, codeBlock=@0x96e4c00, parentExec=0x90ab6f8) at codes.def:1192
#14 0xb3bd68d7 in KJS::FunctionImp::callAsFunction (this=0xb15a1740, exec=0x90ab6f8, thisObj=0xb15b0000, args=@0xbfacaf78) at /home/kde-devel/kde/src/KDE/kdelibs/kjs/function.cpp:144
#15 0xb3bdad86 in KJS::JSObject::call (this=0xb15a1740, exec=0x90ab6f8, thisObj=0xb15b0000, args=@0xbfacaf78) at /home/kde-devel/kde/src/KDE/kdelibs/kjs/object.cpp:99
#16 0xb407ce7f in KJS::JSEventListener::handleEvent (this=0x98826d0, evt=@0xbfacafc0) at /home/kde-devel/kde/src/KDE/kdelibs/khtml/ecma/kjs_events.cpp:106
#17 0xb3dda572 in DOM::DocumentImpl::defaultEventHandler (this=0x93b1950, evt=0x936af08) at /home/kde-devel/kde/src/KDE/kdelibs/khtml/xml/dom_docimpl.cpp:2732
#18 0xb3dfd250 in DOM::NodeImpl::dispatchWindowEvent (this=0x93b195c, _id=16, canBubbleArg=false, cancelableArg=false) at /home/kde-devel/kde/src/KDE/kdelibs/khtml/xml/dom_nodeimpl.cpp:566
#19 0xb3e63132 in DOM::HTMLDocumentImpl::close (this=0x93b1950) at /home/kde-devel/kde/src/KDE/kdelibs/khtml/html/html_documentimpl.cpp:249
#20 0xb3d71e06 in KHTMLPart::checkEmitLoadEvent (this=0x9247618) at /home/kde-devel/kde/src/KDE/kdelibs/khtml/khtml_part.cpp:2464
#21 0xb3d7215e in KHTMLPart::checkCompleted (this=0x9247618) at /home/kde-devel/kde/src/KDE/kdelibs/khtml/khtml_part.cpp:2385
#22 0xb3d7277b in KHTMLPart::slotChildCompleted (this=0x9247618, pendingAction=false) at /home/kde-devel/kde/src/KDE/kdelibs/khtml/khtml_part.cpp:4893
#23 0xb3d727a9 in KHTMLPart::slotChildCompleted (this=0x9247618) at /home/kde-devel/kde/src/KDE/kdelibs/khtml/khtml_part.cpp:4876
#24 0xb3d83760 in KHTMLPart::qt_metacall (this=0x9247618, _c=QMetaObject::InvokeMetaMethod, _id=62, _a=0xbfacb2f8) at /home/kde-devel/kde/build/KDE/kdelibs/khtml/khtml_part.moc:307
#25 0xb73f0788 in QMetaObject::activate (sender=0x9852378, from_signal_index=8, to_signal_index=8, argv=0x0) at kernel/qobject.cpp:3031
#26 0xb73f0d3b in QMetaObject::activate (sender=0x9852378, m=0xb7f47830, local_signal_index=1, argv=0x0) at kernel/qobject.cpp:3101
#27 0xb7f24265 in KParts::ReadOnlyPart::completed (this=0x9852378) at /home/kde-devel/kde/build/KDE/kdelibs/kparts/part.moc:203
#28 0xb3d36380 in KHTMLView::complete (this=0x9c32770, pendingAction=false) at /home/kde-devel/kde/src/KDE/kdelibs/khtml/khtmlview.cpp:4376
#29 0xb3d72223 in KHTMLPart::checkCompleted (this=0x9852378) at /home/kde-devel/kde/src/KDE/kdelibs/khtml/khtml_part.cpp:2412
#30 0xb3d75ab1 in KHTMLPart::slotLoaderRequestDone (this=0x9852378, dl=0x92d6640, obj=0x9910008) at /home/kde-devel/kde/src/KDE/kdelibs/khtml/khtml_part.cpp:2239
#31 0xb3d83850 in KHTMLPart::qt_metacall (this=0x9852378, _c=QMetaObject::InvokeMetaMethod, _id=69, _a=0xbfacb598) at /home/kde-devel/kde/build/KDE/kdelibs/khtml/khtml_part.moc:314
#32 0xb73f0788 in QMetaObject::activate (sender=0x928a4f8, from_signal_index=5, to_signal_index=5, argv=0xbfacb598) at kernel/qobject.cpp:3031
#33 0xb73f0d3b in QMetaObject::activate (sender=0x928a4f8, m=0xb43e6a5c, local_signal_index=1, argv=0xbfacb598) at kernel/qobject.cpp:3101
#34 0xb3fb5129 in khtml::Loader::requestDone (this=0x928a4f8, _t1=0x92d6640, _t2=0x9910008) at /home/kde-devel/kde/build/KDE/kdelibs/khtml/loader.moc:150
#35 0xb3fb9961 in khtml::Loader::slotFinished (this=0x928a4f8, job=0x97a21a8) at /home/kde-devel/kde/src/KDE/kdelibs/khtml/misc/loader.cpp:1403
#36 0xb3fb9cf7 in khtml::Loader::qt_metacall (this=0x928a4f8, _c=QMetaObject::InvokeMetaMethod, _id=3, _a=0xbfacb73c) at /home/kde-devel/kde/build/KDE/kdelibs/khtml/loader.moc:129
#37 0xb73f0788 in QMetaObject::activate (sender=0x97a21a8, from_signal_index=7, to_signal_index=7, argv=0xbfacb73c) at kernel/qobject.cpp:3031
#38 0xb73f0d3b in QMetaObject::activate (sender=0x97a21a8, m=0xb776dee8, local_signal_index=3, argv=0xbfacb73c) at kernel/qobject.cpp:3101
#39 0xb763c588 in KJob::result (this=0x97a21a8, _t1=0x97a21a8) at /home/kde-devel/kde/build/KDE/kdelibs/kdecore/kjob.moc:186
#40 0xb763cadb in KJob::emitResult (this=0x97a21a8) at /home/kde-devel/kde/src/KDE/kdelibs/kdecore/jobs/kjob.cpp:294
#41 0xb7d78eb1 in KIO::SimpleJob::slotFinished (this=0x97a21a8) at /home/kde-devel/kde/src/KDE/kdelibs/kio/kio/job.cpp:489
#42 0xb7d7928a in KIO::TransferJob::slotFinished (this=0x97a21a8) at /home/kde-devel/kde/src/KDE/kdelibs/kio/kio/job.cpp:966
#43 0xb7d801f1 in KIO::TransferJob::qt_metacall (this=0x97a21a8, _c=QMetaObject::InvokeMetaMethod, _id=7, _a=0xbfacb978) at /home/kde-devel/kde/build/KDE/kdelibs/kio/jobclasses.moc:336
#44 0xb73f0788 in QMetaObject::activate (sender=0x9bf7e30, from_signal_index=8, to_signal_index=8, argv=0x0) at kernel/qobject.cpp:3031
#45 0xb73f0d3b in QMetaObject::activate (sender=0x9bf7e30, m=0xb7f04e04, local_signal_index=4, argv=0x0) at kernel/qobject.cpp:3101
#46 0xb7e28d51 in KIO::SlaveInterface::finished (this=0x9bf7e30) at /home/kde-devel/kde/build/KDE/kdelibs/kio/slaveinterface.moc:163
#47 0xb7e2aacf in KIO::SlaveInterface::dispatch (this=0x9bf7e30, _cmd=104, rawdata=@0xbfacbb08) at /home/kde-devel/kde/src/KDE/kdelibs/kio/kio/slaveinterface.cpp:175
#48 0xb7e2a9be in KIO::SlaveInterface::dispatch (this=0x9bf7e30) at /home/kde-devel/kde/src/KDE/kdelibs/kio/kio/slaveinterface.cpp:91
#49 0xb7e1d37c in KIO::Slave::gotInput (this=0x9bf7e30) at /home/kde-devel/kde/src/KDE/kdelibs/kio/kio/slave.cpp:322
#50 0xb7e1e7b2 in KIO::Slave::qt_metacall (this=0x9bf7e30, _c=QMetaObject::InvokeMetaMethod, _id=2, _a=0xbfacbc28) at /home/kde-devel/kde/build/KDE/kdelibs/kio/slave.moc:75
#51 0xb73f0788 in QMetaObject::activate (sender=0x9bf7590, from_signal_index=4, to_signal_index=4, argv=0x0) at kernel/qobject.cpp:3031
#52 0xb73f0d3b in QMetaObject::activate (sender=0x9bf7590, m=0xb7f018e0, local_signal_index=0, argv=0x0) at kernel/qobject.cpp:3101
#53 0xb7d47ec3 in KIO::Connection::readyRead (this=0x9bf7590) at /home/kde-devel/kde/build/KDE/kdelibs/kio/connection.moc:84
#54 0xb7d48dff in KIO::ConnectionPrivate::dequeue (this=0x9ba1f88) at /home/kde-devel/kde/src/KDE/kdelibs/kio/kio/connection.cpp:82
#55 0xb7d49d39 in KIO::Connection::qt_metacall (this=0x9bf7590, _c=QMetaObject::InvokeMetaMethod, _id=1, _a=0x9ae22b0) at /home/kde-devel/kde/build/KDE/kdelibs/kio/connection.moc:72
#56 0xb73e93aa in QMetaCallEvent::placeMetaCall (this=0x9945858, object=0x9bf7590) at kernel/qobject.cpp:529
#57 0xb73ee2ea in QObject::event (this=0x9bf7590, e=0x9945858) at kernel/qobject.cpp:1155
#58 0xb68f74cf in QApplicationPrivate::notify_helper (this=0x8fa71b0, receiver=0x9bf7590, e=0x9945858) at kernel/qapplication.cpp:3803
#59 0xb68f77b1 in QApplication::notify (this=0xbfacc5d8, receiver=0x9bf7590, e=0x9945858) at kernel/qapplication.cpp:3393
#60 0xb799d491 in KApplication::notify (this=0xbfacc5d8, receiver=0x9bf7590, event=0x9945858) at /home/kde-devel/kde/src/KDE/kdelibs/kdeui/kernel/kapplication.cpp:307
#61 0xb73d7f07 in QCoreApplication::notifyInternal (this=0xbfacc5d8, receiver=0x9bf7590, event=0x9945858) at kernel/qcoreapplication.cpp:587
#62 0xb73dc90d in QCoreApplication::sendEvent (receiver=0x9bf7590, event=0x9945858) at ../../include/QtCore/../../src/corelib/kernel/qcoreapplication.h:209
#63 0xb73d84ca in QCoreApplicationPrivate::sendPostedEvents (receiver=0x0, event_type=0, data=0x8f95268) at kernel/qcoreapplication.cpp:1198
#64 0xb73d875f in QCoreApplication::sendPostedEvents (receiver=0x0, event_type=0) at kernel/qcoreapplication.cpp:1091
#65 0xb740fb96 in QCoreApplication::sendPostedEvents () at ../../include/QtCore/../../src/corelib/kernel/qcoreapplication.h:214
#66 0xb740ed83 in postEventSourceDispatch (s=0x8fa9510) at kernel/qeventdispatcher_glib.cpp:205
#67 0xb61656f8 in g_main_context_dispatch () from /usr/lib/libglib-2.0.so.0
#68 0xb6168da3 in ?? () from /usr/lib/libglib-2.0.so.0
#69 0xb6168f61 in g_main_context_iteration () from /usr/lib/libglib-2.0.so.0
#70 0xb740df9a in QEventDispatcherGlib::processEvents (this=0x8fa72a8, flags={i = -1079196716}) at kernel/qeventdispatcher_glib.cpp:319
#71 0xb69b99cc in QGuiEventDispatcherGlib::processEvents (this=0x8fa72a8, flags={i = -1079196668}) at kernel/qguieventdispatcher_glib.cpp:198
#72 0xb73d4588 in QEventLoop::processEvents (this=0xbfacc488, flags={i = -1079196608}) at kernel/qeventloop.cpp:143
#73 0xb73d47c6 in QEventLoop::exec (this=0xbfacc488, flags={i = -1079196528}) at kernel/qeventloop.cpp:194
#74 0xb73d8881 in QCoreApplication::exec () at kernel/qcoreapplication.cpp:845
#75 0xb68f71e8 in QApplication::exec () at kernel/qapplication.cpp:3331
#76 0xb80953e4 in kdemain (argc=1, argv=0xbfacc944) at /home/kde-devel/kde/src/KDE/kdebase/apps/konqueror/src/konqmain.cpp:257
#77 0x08048766 in main (argc=) at /home/kde-devel/kde/build/KDE/kdebase/apps/konqueror/src/konqueror_dummy.cpp:3
Likely testcase, judging from bt: <script> document.body = 43; </script> If so, easy one, just needs a null check. From one of the scripts: document.body = new Object; document.body.clientWidth = window.innerWidth-20; document.body.clientHeight = window.innerHeight-20 I think it's trying to emulate IE or something. Anyway, just need to not lose track of the obvious tc + fix. SVN commit 922913 by orlovich: Don't crash if someone tries to set body to a non-Node BUG:183457 M +1 -1 kjs_html.cpp WebSVN link: http://websvn.kde.org/?view=rev&revision=922913 SVN commit 922914 by orlovich: Merged revision 922913: Don't crash if someone tries to set body to a non-Node BUG:183457 M +1 -1 kjs_html.cpp WebSVN link: http://websvn.kde.org/?view=rev&revision=922914 SVN commit 922920 by orlovich: Regression test for #183457 CCBUG:183457 M +2 -0 baseline/ecma/document.html-dom M +2 -0 tests/ecma/document.html WebSVN link: http://websvn.kde.org/?view=rev&revision=922920 |