Bug 195318

Summary: kjs crash caused by javascript error with debugger on on acid3 site
Product: [Applications] konqueror Reporter: Michal Hlavinka <mhlavink>
Component: kjsAssignee: Konqueror Developers <konq-bugs>
Status: RESOLVED DUPLICATE    
Severity: crash CC: zahl
Priority: NOR    
Version: 4.2.4   
Target Milestone: ---   
Platform: Fedora RPMs   
OS: Linux   
Latest Commit: Version Fixed In:
Sentry Crash Report:
Attachments: backtrace and backtrace full

Description Michal Hlavinka 2009-06-05 12:23:48 UTC
Version:           4.2.4 (using KDE 4.2.4)
OS:                Linux
Installed from:    Fedora RPMs

konqueror crash because of error in javascript when visiting http://acid3.acidtests.org/ I don't expect konqueror to achieve 100/100, but it should not crash because of javascript error.

How reproducible:
always

Steps to reproduce:
in configuration:
[x] Enable javascript globaly
[x] Enable debugger
[ ] Report errors (for easier reproduction)

go to http://acid3.acidtests.org/
if it accidentally didn't crash, hit F5
Comment 1 Michal Hlavinka 2009-06-05 12:26:08 UTC
Created attachment 34291 [details]
backtrace and backtrace full
Comment 2 A. Spehr 2009-06-05 13:58:22 UTC
(gdb) bt
#0  KJS::Debugger::reportAtStatement (this=0x0, exec=0x7fff92641110, sourceId=9, firstLine=169, lastLine=172) at /usr/src/debug/kdelibs-4.2.4/kjs/debugger.cpp:122
#1  0x000000349d67b629 in KJS::Machine::runBlock (exec=0x7fff92641110, codeBlock=<value optimized out>, parentExec=<value optimized out>) at codes.def:230        
#2  0x000000349d660f7a in KJS::FunctionImp::callAsFunction (this=0x7fc67c2b1b80, exec=0x7fff92641b00, thisObj=<value optimized out>, args=<value optimized out>)  
    at /usr/src/debug/kdelibs-4.2.4/kjs/function.cpp:144                                                                                                          
#3  0x000000349d6647e9 in KJS::JSObject::call (this=0x0, exec=0xac, thisObj=0x9, args=@0xa9) at /usr/src/debug/kdelibs-4.2.4/kjs/object.cpp:69
#4  0x000000349d6806cb in KJS::Machine::runBlock (exec=0x7fff92641b00, codeBlock=<value optimized out>, parentExec=<value optimized out>) at codes.def:1192
#5  0x000000349d660f7a in KJS::FunctionImp::callAsFunction (this=0x7fc67c2ba1c0, exec=0x7fff926424f0, thisObj=<value optimized out>, args=<value optimized out>)
    at /usr/src/debug/kdelibs-4.2.4/kjs/function.cpp:144
#6  0x000000349d6647e9 in KJS::JSObject::call (this=0x0, exec=0xac, thisObj=0x9, args=@0xa9) at /usr/src/debug/kdelibs-4.2.4/kjs/object.cpp:69
#7  0x000000349d6806cb in KJS::Machine::runBlock (exec=0x7fff926424f0, codeBlock=<value optimized out>, parentExec=<value optimized out>) at codes.def:1192
#8  0x000000349d660f7a in KJS::FunctionImp::callAsFunction (this=0x7fc67c2ba540, exec=0x7fff92642ee0, thisObj=<value optimized out>, args=<value optimized out>)
    at /usr/src/debug/kdelibs-4.2.4/kjs/function.cpp:144
#9  0x000000349d6647e9 in KJS::JSObject::call (this=0x0, exec=0xac, thisObj=0x9, args=@0xa9) at /usr/src/debug/kdelibs-4.2.4/kjs/object.cpp:69
#10 0x000000349d6806cb in KJS::Machine::runBlock (exec=0x7fff92642ee0, codeBlock=<value optimized out>, parentExec=<value optimized out>) at codes.def:1192
#11 0x000000349d660f7a in KJS::FunctionImp::callAsFunction (this=0x7fc67c2ba9c0, exec=0x29417f0, thisObj=<value optimized out>, args=<value optimized out>)
    at /usr/src/debug/kdelibs-4.2.4/kjs/function.cpp:144
#12 0x000000349d6647e9 in KJS::JSObject::call (this=0x0, exec=0xac, thisObj=0x9, args=@0xa9) at /usr/src/debug/kdelibs-4.2.4/kjs/object.cpp:69
#13 0x000000349e22fe1f in KJS::JSNodeFilter::acceptNode (this=0x2ff5d20, n=@0x7fff92643160, bindingsException=@0x7fff92643228)
    at /usr/src/debug/kdelibs-4.2.4/khtml/ecma/kjs_traversal.cpp:351
#14 0x000000349e067667 in DOM::NodeIteratorImpl::isAccepted (this=<value optimized out>, n=0x2a61f60, propagatedExceptionObject=@0x7fff92643228)
    at /usr/src/debug/kdelibs-4.2.4/khtml/xml/dom2_traversalimpl.cpp:222
#15 0x000000349e069b3c in DOM::NodeIteratorImpl::nextNode (this=0x2fd64e0, exceptioncode=<value optimized out>, propagatedExceptionObject=@0xa9)
    at /usr/src/debug/kdelibs-4.2.4/khtml/xml/dom2_traversalimpl.cpp:98
#16 0x000000349e22fc4b in DOMNodeIteratorProtoFunc::callAsFunction (this=<value optimized out>, exec=0x7fff92643ad0, thisObj=<value optimized out>)
    at /usr/src/debug/kdelibs-4.2.4/khtml/ecma/kjs_traversal.cpp:111
#17 0x000000349d6647e9 in KJS::JSObject::call (this=0x0, exec=0xac, thisObj=0x9, args=@0xa9) at /usr/src/debug/kdelibs-4.2.4/kjs/object.cpp:69
#18 0x000000349d6806cb in KJS::Machine::runBlock (exec=0x7fff92643ad0, codeBlock=<value optimized out>, parentExec=<value optimized out>) at codes.def:1192
#19 0x000000349d660f7a in KJS::FunctionImp::callAsFunction (this=0x7fc67c2b2040, exec=0x7fff926444c0, thisObj=<value optimized out>, args=<value optimized out>)
    at /usr/src/debug/kdelibs-4.2.4/kjs/function.cpp:144
#20 0x000000349d6647e9 in KJS::JSObject::call (this=0x0, exec=0xac, thisObj=0x9, args=@0xa9) at /usr/src/debug/kdelibs-4.2.4/kjs/object.cpp:69
#21 0x000000349d6806cb in KJS::Machine::runBlock (exec=0x7fff926444c0, codeBlock=<value optimized out>, parentExec=<value optimized out>) at codes.def:1192
#22 0x000000349d660f7a in KJS::FunctionImp::callAsFunction (this=0x7fc67c2b1d80, exec=0x24a4e70, thisObj=<value optimized out>, args=<value optimized out>)
    at /usr/src/debug/kdelibs-4.2.4/kjs/function.cpp:144
#23 0x000000349d6647e9 in KJS::JSObject::call (this=0x0, exec=0xac, thisObj=0x9, args=@0xa9) at /usr/src/debug/kdelibs-4.2.4/kjs/object.cpp:69
#24 0x000000349e20beb2 in KJS::ScheduledAction::execute (this=0x2c2a1e0, window=0x7fc67c2c0000) at /usr/src/debug/kdelibs-4.2.4/khtml/ecma/kjs_window.cpp:2196
#25 0x000000349e20fb83 in KJS::WindowQObject::timerEvent (this=0x24a01a0) at /usr/src/debug/kdelibs-4.2.4/khtml/ecma/kjs_window.cpp:2372
#26 0x000000349354ebc3 in QObject::event(QEvent*) () from /usr/lib64/libQtCore.so.4
#27 0x0000003494d8ea8c in QApplicationPrivate::notify_helper(QObject*, QEvent*) () from /usr/lib64/libQtGui.so.4
#28 0x0000003494d95e3e in QApplication::notify(QObject*, QEvent*) () from /usr/lib64/libQtGui.so.4
#29 0x0000003495e04b16 in KApplication::notify (this=0x7fff92645200, receiver=0x24a01a0, event=0x7fff92644d60)
    at /usr/src/debug/kdelibs-4.2.4/kdeui/kernel/kapplication.cpp:307
#30 0x000000349353f61c in QCoreApplication::notifyInternal(QObject*, QEvent*) () from /usr/lib64/libQtCore.so.4
#31 0x000000349356a622 in ?? () from /usr/lib64/libQtCore.so.4
#32 0x000000349356815d in ?? () from /usr/lib64/libQtCore.so.4
#33 0x00000036efa3818e in g_main_context_dispatch () from /lib64/libglib-2.0.so.0
#34 0x00000036efa3b8e8 in ?? () from /lib64/libglib-2.0.so.0
#35 0x00000036efa3ba5c in g_main_context_iteration () from /lib64/libglib-2.0.so.0
#36 0x00000034935680a6 in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib64/libQtCore.so.4
#37 0x0000003494e2162e in ?? () from /usr/lib64/libQtGui.so.4
#38 0x000000349353df52 in QEventLoop::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib64/libQtCore.so.4
#39 0x000000349353e324 in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib64/libQtCore.so.4
#40 0x00000034935403c9 in QCoreApplication::exec() () from /usr/lib64/libQtCore.so.4
---Type <return> to continue, or q <return> to quit---
#41 0x00000034978b893b in kdemain (argc=<value optimized out>, argv=<value optimized out>) at /usr/src/debug/kdebase-4.2.4/apps/konqueror/src/konqmain.cpp:257
#42 0x00000036eca1ea2d in __libc_start_main () from /lib64/libc.so.6
#43 0x0000000000400759 in _start ()

(simple backtrace portion of the attachment)

Huh. I can confirm this (it doesn't crash when not using the debugger). The backtrace is different than the "crash when start debugger", so not a dup of bug #137772.

If you're curious about acid3 tests and all, here's a link: http://techbase.kde.org/Projects/KHTML
Comment 3 A. Spehr 2009-06-05 14:06:26 UTC
This one is missing a line in the bt, but otherwise looks like the same crash.

Thanks!

*** This bug has been marked as a duplicate of bug 171747 ***