Bug 36206

Summary: fastclick ad code crashes konqueror with SIGABRT
Product: [Applications] konqueror Reporter: dh
Component: kjsAssignee: Konqueror Developers <konq-bugs>
Status: CLOSED FIXED    
Severity: crash    
Priority: NOR    
Version: unspecified   
Target Milestone: ---   
Platform: Compiled Sources   
OS: FreeBSD   
Latest Commit: Version Fixed In:

Description dh 2001-12-15 19:13:23 UTC
(*** This bug was imported into bugs.kde.org ***)

Package:           kjs
Version:           unknown (using KDE 2.2.0 )
Severity:          normal
Installed from:    compiled sources
Compiler:          gcc version 2.95.3 [FreeBSD] 20010315 (release)
OS:                FreeBSD (i386) release 4.4-STABLE
OS/Compiler notes: 

The fastclick adcode at wordassault.com (aka http://dannyboy.worksforfood.com:8081/ ) crashes konqueror when javascript is enabled with SIGABRT.

backtrace: 

0x28d5db38 in wait4 () from /usr/lib/libc.so.4
#0  0x28d5db38 in wait4 () from /usr/lib/libc.so.4
#1  0x28d4ec8f in waitpid () from /usr/lib/libc.so.4
#2  0x28619aa5 in KCrash::defaultCrashHandler ()
   from /usr/local/lib/libkdecore.so.4
#3  0xbfbfffac in ?? ()
#4  0x28d765c7 in __assert () from /usr/lib/libc.so.4
#5  0x291831b4 in khtml::CSSStyleSelector::styleForElement ()
   from /usr/local/lib/libkhtml.so.4
#6  0x29103af8 in DOM::ElementImpl::attach () from /usr/local/lib/libkhtml.so.4
#7  0x29111a96 in KHTMLParser::insertNode () from /usr/local/lib/libkhtml.so.4
#8  0x29111988 in KHTMLParser::parseToken () from /usr/local/lib/libkhtml.so.4
#9  0x291190fd in HTMLTokenizer::processToken ()
   from /usr/local/lib/libkhtml.so.4
#10 0x29117f46 in HTMLTokenizer::parseTag () from /usr/local/lib/libkhtml.so.4
#11 0x291187d6 in HTMLTokenizer::write () from /usr/local/lib/libkhtml.so.4
#12 0x290f813d in DOM::DocumentImpl::write () from /usr/local/lib/libkhtml.so.4
#13 0x291a6dd4 in DOM::HTMLDocument::write () from /usr/local/lib/libkhtml.so.4
#14 0x293986a4 in KJS::HTMLDocFunction::tryExecute ()
   from /usr/local/lib/kde2/kjs_html.so
#15 0x2940b15b in KJS::DOMFunction::execute ()
   from /usr/local/lib/kde2/kjs_html.so
#16 0x2947604e in KJS::FunctionImp::executeCall ()
   from /usr/local/lib/libkjs.so.4
#17 0x29475ecb in KJS::FunctionImp::executeCall ()
   from /usr/local/lib/libkjs.so.4
#18 0x29471260 in KJS::KJSO::executeCall () from /usr/local/lib/libkjs.so.4
#19 0x2946bf7e in KJS::FunctionCallNode::evaluate ()
   from /usr/local/lib/libkjs.so.4
#20 0x2946e8ed in KJS::ExprStatementNode::execute ()
   from /usr/local/lib/libkjs.so.4
#21 0x2946da97 in KJS::StatListNode::execute () from /usr/local/lib/libkjs.so.4
#22 0x2946da4e in KJS::BlockNode::execute () from /usr/local/lib/libkjs.so.4
#23 0x2946e9b7 in KJS::IfNode::execute () from /usr/local/lib/libkjs.so.4
#24 0x2947089e in KJS::SourceElementNode::execute ()
   from /usr/local/lib/libkjs.so.4
#25 0x29470710 in KJS::SourceElementsNode::execute ()
   from /usr/local/lib/libkjs.so.4
#26 0x29470650 in KJS::SourceElementsNode::execute ()
   from /usr/local/lib/libkjs.so.4
#27 0x29470277 in KJS::FunctionBodyNode::execute ()
   from /usr/local/lib/libkjs.so.4
#28 0x29479948 in KJS::KJScriptImp::evaluate () from /usr/local/lib/libkjs.so.4
#29 0x29465537 in KJScript::evaluate () from /usr/local/lib/libkjs.so.4
#30 0x2940db93 in kjs_eval () from /usr/local/lib/kde2/kjs_html.so
#31 0x290c0575 in KHTMLPart::executeScript () from /usr/local/lib/libkhtml.so.4
#32 0x290c0473 in KHTMLPart::executeScript () from /usr/local/lib/libkhtml.so.4
#33 0x291153cd in HTMLTokenizer::parseListing ()
   from /usr/local/lib/libkhtml.so.4
#34 0x29115bd1 in HTMLTokenizer::parseScript ()
   from /usr/local/lib/libkhtml.so.4
#35 0x29118214 in HTMLTokenizer::parseTag () from /usr/local/lib/libkhtml.so.4
#36 0x291187d6 in HTMLTokenizer::write () from /usr/local/lib/libkhtml.so.4
#37 0x290c5310 in KHTMLPart::write () from /usr/local/lib/libkhtml.so.4
#38 0x290c4748 in KHTMLPart::slotData () from /usr/local/lib/libkhtml.so.4
#39 0x282751d3 in KIO::TransferJob::data () from /usr/local/lib/libkio.so.4
#40 0x28259f07 in KIO::TransferJob::slotData () from /usr/local/lib/libkio.so.4
#41 0x28246cfb in KIO::SlaveInterface::data () from /usr/local/lib/libkio.so.4
#42 0x282410dc in KIO::SlaveInterface::dispatch ()
   from /usr/local/lib/libkio.so.4
#43 0x28240e65 in KIO::SlaveInterface::dispatch ()
   from /usr/local/lib/libkio.so.4
#44 0x2823f497 in KIO::Slave::gotInput () from /usr/local/lib/libkio.so.4
#45 0x2886fb24 in QObject::activate_signal () from /usr/X11R6/lib/libqt2.so.4
#46 0x288c4800 in QSocketNotifier::activated () from /usr/X11R6/lib/libqt2.so.4
#47 0x288a4488 in QSocketNotifier::event () from /usr/X11R6/lib/libqt2.so.4
#48 0x2881d215 in QApplication::notify () from /usr/X11R6/lib/libqt2.so.4
#49 0x2857f09b in KApplication::notify () from /usr/local/lib/libkdecore.so.4
#50 0x287ea584 in qt_set_socket_handler () from /usr/X11R6/lib/libqt2.so.4
#51 0x287eacd3 in QApplication::processNextEvent ()
   from /usr/X11R6/lib/libqt2.so.4
#52 0x2881f083 in QApplication::enter_loop () from /usr/X11R6/lib/libqt2.so.4
#53 0x287ea5e7 in QApplication::exec () from /usr/X11R6/lib/libqt2.so.4
#54 0x28f1cf92 in main () from /usr/local/lib/konqueror.so
#55 0x804caba in QCollection::newItem ()
#56 0x804d756 in QCollection::newItem ()
#57 0x804dca0 in QCollection::newItem ()
#58 0x804ed62 in QCollection::newItem ()
#59 0x804adf9 in QCollection::newItem ()

(Submitted via bugs.kde.org)
(Called from KBugReport dialog)
Comment 1 Lauri Watts 2002-03-24 20:40:23 UTC
Thank you for your bug report.
This bug can not be reproduced using the current development (CVS) version =
of=20
KDE. This suggests that the bug has already been fixed. The bug report will=
=20
be closed.