338059 – egroupware crashes KJS (0-deref in DOM::HTMLSelectElementImpl::parseAttribute, DOM::DOMStringImpl::toInt)

Bug 338059 - egroupware crashes KJS (0-deref in DOM::HTMLSelectElementImpl::parseAttribute, DOM::DOMStringImpl::toInt)

Summary: egroupware crashes KJS (0-deref in DOM::HTMLSelectElementImpl::parseAttribute...

Status:	RESOLVED FIXED

Alias:	None

Product:	konqueror
Classification:	Applications
Component:	kjs (show other bugs)
Version:	4.13.3
Platform:	openSUSE Linux

Importance:	NOR crash
Target Milestone:	---
Assignee:	Konqueror Developers

URL:	https://demo.egroupware.net/egw/login...
Keywords:

Depends on:
Blocks:

Reported:	2014-08-05 17:45 UTC by Rolf Eike Beer
Modified:	2014-12-20 14:38 UTC (History)
CC List:	0 users

See Also:
Latest Commit:	http://commits.kde.org/kdelibs/8f85b26d243fcacc6f0379b69ecf70ce3fca6121
Version Fixed In:	14.12.1

Attachments
Add an attachment

Note You need to log in before you can comment on or make changes to this bug.

Description Rolf Eike Beer 2014-08-05 17:45:34 UTC

Use demo URL, login as support. Works for me on one machine, reliably crashes KJS on another one.

Thread 1 (Thread 0x7fbb4135e780 (LWP 4032)):
[KCrash Handler]
#6  DOM::DOMStringImpl::toInt (this=0x0, ok=0x0) at 
/usr/src/debug/kdelibs-4.13.3/khtml/xml/dom_stringimpl.cpp:458
#7  0x00007fbb25cf4530 in DOM::HTMLSelectElementImpl::parseAttribute 
(this=0x147e3db0, attr=0x7fff58f93830) at 
/usr/src/debug/kdelibs-4.13.3/khtml/html/html_formimpl.cpp:2452
#8  0x00007fbb25c9899c in parseNullAttribute (prefix=..., id=65729, 
this=0x147e3db0) at 
/usr/src/debug/kdelibs-4.13.3/khtml/xml/dom_elementimpl.h:285
#9  DOM::NamedAttrMapImpl::removeNamedItem (this=0x14764000, id=<optimized 
out>, prefix=..., nsAware=<optimized out>, exceptioncode=<optimized out>) at 
/usr/src/debug/kdelibs-4.13.3/khtml/xml/dom_elementimpl.cpp:1502
#10 0x00007fbb25c9c5c3 in DOM::ElementImpl::removeAttribute (this=0x147e3db0, 
name=..., exceptioncode=@0x7fff58f93b78: 0) at 
/usr/src/debug/kdelibs-4.13.3/khtml/xml/dom_elementimpl.cpp:686
#11 0x00007fbb25e228f8 in DOMElementProtoFunc::callAsFunction 
(this=0x7fbb20af1dc0, exec=0x7fff58f94090, thisObj=0x7fbb103e4500, args=...) 
at /usr/src/debug/kdelibs-4.13.3/khtml/ecma/kjs_dom.cpp:1341
#12 0x00007fbb2553b9fa in call (args=..., thisObj=<optimized out>, 
exec=<optimized out>, this=<optimized out>) at 
/usr/src/debug/kdelibs-4.13.3/kjs/object.h:632
#13 KJS::Machine::runBlock (exec=0x7fff58f94090, codeBlock=..., 
parentExec=0x7fff58f94520) at codes.def:1233
#14 0x00007fbb2551f0e8 in KJS::FunctionImp::callAsFunction 
(this=0x7fbb21d20200, exec=0x7fff58f94520, thisObj=<optimized out>, args=...) 
at /usr/src/debug/kdelibs-4.13.3/kjs/function.cpp:171
#15 0x00007fbb2553b9fa in call (args=..., thisObj=<optimized out>, 
exec=<optimized out>, this=<optimized out>) at 
/usr/src/debug/kdelibs-4.13.3/kjs/object.h:632
#16 KJS::Machine::runBlock (exec=0x7fff58f94520, codeBlock=..., 
parentExec=0x7fff58f94aa0) at codes.def:1233
#17 0x00007fbb2551f0e8 in KJS::FunctionImp::callAsFunction 
(this=0x7fbb10181980, exec=0x7fff58f94aa0, thisObj=<optimized out>, args=...) 
at /usr/src/debug/kdelibs-4.13.3/kjs/function.cpp:171
#18 0x00007fbb2550532b in call (args=..., thisObj=<optimized out>, 
exec=<optimized out>, this=<optimized out>) at 
/usr/src/debug/kdelibs-4.13.3/kjs/object.h:632
#19 KJS::FunctionProtoFunc::callAsFunction (this=<optimized out>, 
exec=0x7fff58f94aa0, thisObj=0x7fbb10181980, args=...) at 
/usr/src/debug/kdelibs-4.13.3/kjs/function_object.cpp:141
#20 0x00007fbb2553b9fa in call (args=..., thisObj=<optimized out>, 
exec=<optimized out>, this=<optimized out>) at 
/usr/src/debug/kdelibs-4.13.3/kjs/object.h:632
#21 KJS::Machine::runBlock (exec=0x7fff58f94aa0, codeBlock=..., 
parentExec=0x7fff58f94f30) at codes.def:1233
#22 0x00007fbb2551f0e8 in KJS::FunctionImp::callAsFunction 
(this=0x7fbb216d5980, exec=0x7fff58f94f30, thisObj=<optimized out>, args=...) 
at /usr/src/debug/kdelibs-4.13.3/kjs/function.cpp:171
#23 0x00007fbb2553b9fa in call (args=..., thisObj=<optimized out>, 
exec=<optimized out>, this=<optimized out>) at 
/usr/src/debug/kdelibs-4.13.3/kjs/object.h:632
#24 KJS::Machine::runBlock (exec=0x7fff58f94f30, codeBlock=..., 
parentExec=0x7fff58f953c0) at codes.def:1233
#25 0x00007fbb2551f0e8 in KJS::FunctionImp::callAsFunction 
(this=0x7fbb216d8c80, exec=0x7fff58f953c0, thisObj=<optimized out>, args=...) 
at /usr/src/debug/kdelibs-4.13.3/kjs/function.cpp:171
#26 0x00007fbb2553b9fa in call (args=..., thisObj=<optimized out>, 
exec=<optimized out>, this=<optimized out>) at 
/usr/src/debug/kdelibs-4.13.3/kjs/object.h:632
#27 KJS::Machine::runBlock (exec=0x7fff58f953c0, codeBlock=..., 
parentExec=0x7fff58f95850) at codes.def:1233
#28 0x00007fbb2551f0e8 in KJS::FunctionImp::callAsFunction 
(this=0x7fbb21d212c0, exec=0x7fff58f95850, thisObj=<optimized out>, args=...) 
at /usr/src/debug/kdelibs-4.13.3/kjs/function.cpp:171
#29 0x00007fbb2553b9fa in call (args=..., thisObj=<optimized out>, 
exec=<optimized out>, this=<optimized out>) at 
/usr/src/debug/kdelibs-4.13.3/kjs/object.h:632
#30 KJS::Machine::runBlock (exec=0x7fff58f95850, codeBlock=..., 
parentExec=0x7fff58f95ce0) at codes.def:1233
#31 0x00007fbb2551f0e8 in KJS::FunctionImp::callAsFunction 
(this=0x7fbb20c75b80, exec=0x7fff58f95ce0, thisObj=<optimized out>, args=...) 
at /usr/src/debug/kdelibs-4.13.3/kjs/function.cpp:171
#32 0x00007fbb2553b9fa in call (args=..., thisObj=<optimized out>, 
exec=<optimized out>, this=<optimized out>) at 
/usr/src/debug/kdelibs-4.13.3/kjs/object.h:632
#33 KJS::Machine::runBlock (exec=0x7fff58f95ce0, codeBlock=..., 
parentExec=0x7fff58f96170) at codes.def:1233
#34 0x00007fbb2551f0e8 in KJS::FunctionImp::callAsFunction 
(this=0x7fbb2007e7c0, exec=0x7fff58f96170, thisObj=<optimized out>, args=...) 
at /usr/src/debug/kdelibs-4.13.3/kjs/function.cpp:171
#35 0x00007fbb2553b9fa in call (args=..., thisObj=<optimized out>, 
exec=<optimized out>, this=<optimized out>) at 
/usr/src/debug/kdelibs-4.13.3/kjs/object.h:632
#36 KJS::Machine::runBlock (exec=0x7fff58f96170, codeBlock=..., 
parentExec=0x7fff58f96600) at codes.def:1233
#37 0x00007fbb2551f0e8 in KJS::FunctionImp::callAsFunction 
(this=0x7fbb2007a0c0, exec=0x7fff58f96600, thisObj=<optimized out>, args=...) 
at /usr/src/debug/kdelibs-4.13.3/kjs/function.cpp:171
#38 0x00007fbb2553b9fa in call (args=..., thisObj=<optimized out>, 
exec=<optimized out>, this=<optimized out>) at 
/usr/src/debug/kdelibs-4.13.3/kjs/object.h:632
#39 KJS::Machine::runBlock (exec=0x7fff58f96600, codeBlock=..., 
parentExec=0x7fff58f96a90) at codes.def:1233
#40 0x00007fbb2551f0e8 in KJS::FunctionImp::callAsFunction 
(this=0x7fbb2007a1c0, exec=0x7fff58f96a90, thisObj=<optimized out>, args=...) 
at /usr/src/debug/kdelibs-4.13.3/kjs/function.cpp:171
#41 0x00007fbb2553b9fa in call (args=..., thisObj=<optimized out>, 
exec=<optimized out>, this=<optimized out>) at 
/usr/src/debug/kdelibs-4.13.3/kjs/object.h:632
#42 KJS::Machine::runBlock (exec=0x7fff58f96a90, codeBlock=..., 
parentExec=0x7fff58f97010) at codes.def:1233
#43 0x00007fbb2551f0e8 in KJS::FunctionImp::callAsFunction 
(this=0x7fbb101857c0, exec=0x7fff58f97010, thisObj=<optimized out>, args=...) 
at /usr/src/debug/kdelibs-4.13.3/kjs/function.cpp:171
#44 0x00007fbb2550532b in call (args=..., thisObj=<optimized out>, 
exec=<optimized out>, this=<optimized out>) at 
/usr/src/debug/kdelibs-4.13.3/kjs/object.h:632
#45 KJS::FunctionProtoFunc::callAsFunction (this=<optimized out>, 
exec=0x7fff58f97010, thisObj=0x7fbb101857c0, args=...) at 
/usr/src/debug/kdelibs-4.13.3/kjs/function_object.cpp:141
#46 0x00007fbb2553b9fa in call (args=..., thisObj=<optimized out>, 
exec=<optimized out>, this=<optimized out>) at 
/usr/src/debug/kdelibs-4.13.3/kjs/object.h:632
#47 KJS::Machine::runBlock (exec=0x7fff58f97010, codeBlock=..., 
parentExec=0x7fff58f974a0) at codes.def:1233
#48 0x00007fbb2551f0e8 in KJS::FunctionImp::callAsFunction 
(this=0x7fbb2007a1c0, exec=0x7fff58f974a0, thisObj=<optimized out>, args=...) 
at /usr/src/debug/kdelibs-4.13.3/kjs/function.cpp:171
#49 0x00007fbb2553b9fa in call (args=..., thisObj=<optimized out>, 
exec=<optimized out>, this=<optimized out>) at 
/usr/src/debug/kdelibs-4.13.3/kjs/object.h:632
#50 KJS::Machine::runBlock (exec=0x7fff58f974a0, codeBlock=..., 
parentExec=0x7fff58f97a20) at codes.def:1233
#51 0x00007fbb2551f0e8 in KJS::FunctionImp::callAsFunction 
(this=0x7fbb10188c40, exec=0x7fff58f97a20, thisObj=<optimized out>, args=...) 
at /usr/src/debug/kdelibs-4.13.3/kjs/function.cpp:171
#52 0x00007fbb2550532b in call (args=..., thisObj=<optimized out>, 
exec=<optimized out>, this=<optimized out>) at 
/usr/src/debug/kdelibs-4.13.3/kjs/object.h:632
#53 KJS::FunctionProtoFunc::callAsFunction (this=<optimized out>, 
exec=0x7fff58f97a20, thisObj=0x7fbb10188c40, args=...) at 
/usr/src/debug/kdelibs-4.13.3/kjs/function_object.cpp:141
#54 0x00007fbb2553b9fa in call (args=..., thisObj=<optimized out>, 
exec=<optimized out>, this=<optimized out>) at 
/usr/src/debug/kdelibs-4.13.3/kjs/object.h:632
#55 KJS::Machine::runBlock (exec=0x7fff58f97a20, codeBlock=..., 
parentExec=0x7fff58f97eb0) at codes.def:1233
#56 0x00007fbb2551f0e8 in KJS::FunctionImp::callAsFunction 
(this=0x7fbb2007a1c0, exec=0x7fff58f97eb0, thisObj=<optimized out>, args=...) 
at /usr/src/debug/kdelibs-4.13.3/kjs/function.cpp:171
#57 0x00007fbb2553b9fa in call (args=..., thisObj=<optimized out>, 
exec=<optimized out>, this=<optimized out>) at 
/usr/src/debug/kdelibs-4.13.3/kjs/object.h:632
#58 KJS::Machine::runBlock (exec=0x7fff58f97eb0, codeBlock=..., 
parentExec=0x7fff58f98430) at codes.def:1233
#59 0x00007fbb2551f0e8 in KJS::FunctionImp::callAsFunction 
(this=0x7fbb1018d400, exec=0x7fff58f98430, thisObj=<optimized out>, args=...) 
at /usr/src/debug/kdelibs-4.13.3/kjs/function.cpp:171
#60 0x00007fbb2550532b in call (args=..., thisObj=<optimized out>, 
exec=<optimized out>, this=<optimized out>) at 
/usr/src/debug/kdelibs-4.13.3/kjs/object.h:632
#61 KJS::FunctionProtoFunc::callAsFunction (this=<optimized out>, 
exec=0x7fff58f98430, thisObj=0x7fbb1018d400, args=...) at 
/usr/src/debug/kdelibs-4.13.3/kjs/function_object.cpp:141
#62 0x00007fbb2553b9fa in call (args=..., thisObj=<optimized out>, 
exec=<optimized out>, this=<optimized out>) at 
/usr/src/debug/kdelibs-4.13.3/kjs/object.h:632
#63 KJS::Machine::runBlock (exec=0x7fff58f98430, codeBlock=..., 
parentExec=0x7fff58f989b0) at codes.def:1233
#64 0x00007fbb2551f0e8 in KJS::FunctionImp::callAsFunction 
(this=0x7fbb1018a7c0, exec=0x7fff58f989b0, thisObj=<optimized out>, args=...) 
at /usr/src/debug/kdelibs-4.13.3/kjs/function.cpp:171
#65 0x00007fbb2550532b in call (args=..., thisObj=<optimized out>, 
exec=<optimized out>, this=<optimized out>) at 
/usr/src/debug/kdelibs-4.13.3/kjs/object.h:632
#66 KJS::FunctionProtoFunc::callAsFunction (this=<optimized out>, 
exec=0x7fff58f989b0, thisObj=0x7fbb1018a7c0, args=...) at 
/usr/src/debug/kdelibs-4.13.3/kjs/function_object.cpp:141
#67 0x00007fbb2553b9fa in call (args=..., thisObj=<optimized out>, 
exec=<optimized out>, this=<optimized out>) at 
/usr/src/debug/kdelibs-4.13.3/kjs/object.h:632
#68 KJS::Machine::runBlock (exec=0x7fff58f989b0, codeBlock=..., 
parentExec=0x7fff58f98e40) at codes.def:1233
#69 0x00007fbb2551f0e8 in KJS::FunctionImp::callAsFunction 
(this=0x7fbb103dc8c0, exec=0x7fff58f98e40, thisObj=<optimized out>, args=...) 
at /usr/src/debug/kdelibs-4.13.3/kjs/function.cpp:171
#70 0x00007fbb2553b9fa in call (args=..., thisObj=<optimized out>, 
exec=<optimized out>, this=<optimized out>) at 
/usr/src/debug/kdelibs-4.13.3/kjs/object.h:632
#71 KJS::Machine::runBlock (exec=0x7fff58f98e40, codeBlock=..., 
parentExec=0x7fff58f992d0) at codes.def:1233
#72 0x00007fbb2551f0e8 in KJS::FunctionImp::callAsFunction 
(this=0x7fbb103dc800, exec=0x7fff58f992d0, thisObj=<optimized out>, args=...) 
at /usr/src/debug/kdelibs-4.13.3/kjs/function.cpp:171
#73 0x00007fbb2553b9fa in call (args=..., thisObj=<optimized out>, 
exec=<optimized out>, this=<optimized out>) at 
/usr/src/debug/kdelibs-4.13.3/kjs/object.h:632
#74 KJS::Machine::runBlock (exec=0x7fff58f992d0, codeBlock=..., 
parentExec=0x7fff58f99760) at codes.def:1233
#75 0x00007fbb2551f0e8 in KJS::FunctionImp::callAsFunction 
(this=0x7fbb2007a1c0, exec=0x7fff58f99760, thisObj=<optimized out>, args=...) 
at /usr/src/debug/kdelibs-4.13.3/kjs/function.cpp:171
#76 0x00007fbb2553b9fa in call (args=..., thisObj=<optimized out>, 
exec=<optimized out>, this=<optimized out>) at 
/usr/src/debug/kdelibs-4.13.3/kjs/object.h:632
#77 KJS::Machine::runBlock (exec=0x7fff58f99760, codeBlock=..., 
parentExec=0x7fff58f99bf0) at codes.def:1233
#78 0x00007fbb2551f0e8 in KJS::FunctionImp::callAsFunction 
(this=0x7fbb20b58440, exec=0x7fff58f99bf0, thisObj=<optimized out>, args=...) 
at /usr/src/debug/kdelibs-4.13.3/kjs/function.cpp:171
#79 0x00007fbb2553b9fa in call (args=..., thisObj=<optimized out>, 
exec=<optimized out>, this=<optimized out>) at 
/usr/src/debug/kdelibs-4.13.3/kjs/object.h:632
#80 KJS::Machine::runBlock (exec=0x7fff58f99bf0, codeBlock=..., 
parentExec=0x7fff58f9a080) at codes.def:1233
#81 0x00007fbb2551f0e8 in KJS::FunctionImp::callAsFunction 
(this=0x7fbb20b6dbc0, exec=0x7fff58f9a080, thisObj=<optimized out>, args=...) 
at /usr/src/debug/kdelibs-4.13.3/kjs/function.cpp:171
#82 0x00007fbb2553b9fa in call (args=..., thisObj=<optimized out>, 
exec=<optimized out>, this=<optimized out>) at 
/usr/src/debug/kdelibs-4.13.3/kjs/object.h:632
#83 KJS::Machine::runBlock (exec=0x7fff58f9a080, codeBlock=..., 
parentExec=0x7fff58f9a510) at codes.def:1233
#84 0x00007fbb2551f0e8 in KJS::FunctionImp::callAsFunction 
(this=0x7fbb2007e7c0, exec=0x7fff58f9a510, thisObj=<optimized out>, args=...) 
at /usr/src/debug/kdelibs-4.13.3/kjs/function.cpp:171
#85 0x00007fbb2553b9fa in call (args=..., thisObj=<optimized out>, 
exec=<optimized out>, this=<optimized out>) at 
/usr/src/debug/kdelibs-4.13.3/kjs/object.h:632
#86 KJS::Machine::runBlock (exec=0x7fff58f9a510, codeBlock=..., 
parentExec=0x7fff58f9a9a0) at codes.def:1233
#87 0x00007fbb2551f0e8 in KJS::FunctionImp::callAsFunction 
(this=0x7fbb2007a0c0, exec=0x7fff58f9a9a0, thisObj=<optimized out>, args=...) 
at /usr/src/debug/kdelibs-4.13.3/kjs/function.cpp:171
#88 0x00007fbb2553b9fa in call (args=..., thisObj=<optimized out>, 
exec=<optimized out>, this=<optimized out>) at 
/usr/src/debug/kdelibs-4.13.3/kjs/object.h:632
#89 KJS::Machine::runBlock (exec=0x7fff58f9a9a0, codeBlock=..., 
parentExec=0x7fff58f9ae30) at codes.def:1233
#90 0x00007fbb2551f0e8 in KJS::FunctionImp::callAsFunction 
(this=0x7fbb2007a1c0, exec=0x7fff58f9ae30, thisObj=<optimized out>, args=...) 
at /usr/src/debug/kdelibs-4.13.3/kjs/function.cpp:171
#91 0x00007fbb2553b9fa in call (args=..., thisObj=<optimized out>, 
exec=<optimized out>, this=<optimized out>) at 
/usr/src/debug/kdelibs-4.13.3/kjs/object.h:632
#92 KJS::Machine::runBlock (exec=0x7fff58f9ae30, codeBlock=..., 
parentExec=0x7fff58f9b3b0) at codes.def:1233
#93 0x00007fbb2551f0e8 in KJS::FunctionImp::callAsFunction 
(this=0x7fbb109ddf00, exec=0x7fff58f9b3b0, thisObj=<optimized out>, args=...) 
at /usr/src/debug/kdelibs-4.13.3/kjs/function.cpp:171
#94 0x00007fbb2550532b in call (args=..., thisObj=<optimized out>, 
exec=<optimized out>, this=<optimized out>) at 
/usr/src/debug/kdelibs-4.13.3/kjs/object.h:632
#95 KJS::FunctionProtoFunc::callAsFunction (this=<optimized out>, 
exec=0x7fff58f9b3b0, thisObj=0x7fbb109ddf00, args=...) at 
/usr/src/debug/kdelibs-4.13.3/kjs/function_object.cpp:141
#96 0x00007fbb2553b9fa in call (args=..., thisObj=<optimized out>, 
exec=<optimized out>, this=<optimized out>) at 
/usr/src/debug/kdelibs-4.13.3/kjs/object.h:632
#97 KJS::Machine::runBlock (exec=0x7fff58f9b3b0, codeBlock=..., 
parentExec=0x7fff58f9b840) at codes.def:1233
#98 0x00007fbb2551f0e8 in KJS::FunctionImp::callAsFunction 
(this=0x7fbb2007a1c0, exec=0x7fff58f9b840, thisObj=<optimized out>, args=...) 
at /usr/src/debug/kdelibs-4.13.3/kjs/function.cpp:171
#99 0x00007fbb2553b9fa in call (args=..., thisObj=<optimized out>, 
exec=<optimized out>, this=<optimized out>) at 
/usr/src/debug/kdelibs-4.13.3/kjs/object.h:632
#100 KJS::Machine::runBlock (exec=0x7fff58f9b840, codeBlock=..., 
parentExec=0x7fff58f9bdc0) at codes.def:1233
#101 0x00007fbb2551f0e8 in KJS::FunctionImp::callAsFunction 
(this=0x7fbb10a46b40, exec=0x7fff58f9bdc0, thisObj=<optimized out>, args=...) 
at /usr/src/debug/kdelibs-4.13.3/kjs/function.cpp:171
#102 0x00007fbb2550532b in call (args=..., thisObj=<optimized out>, 
exec=<optimized out>, this=<optimized out>) at 
/usr/src/debug/kdelibs-4.13.3/kjs/object.h:632
#103 KJS::FunctionProtoFunc::callAsFunction (this=<optimized out>, 
exec=0x7fff58f9bdc0, thisObj=0x7fbb10a46b40, args=...) at 
/usr/src/debug/kdelibs-4.13.3/kjs/function_object.cpp:141
#104 0x00007fbb2553b9fa in call (args=..., thisObj=<optimized out>, 
exec=<optimized out>, this=<optimized out>) at 
/usr/src/debug/kdelibs-4.13.3/kjs/object.h:632
#105 KJS::Machine::runBlock (exec=0x7fff58f9bdc0, codeBlock=..., 
parentExec=0x7fff58f9c250) at codes.def:1233
#106 0x00007fbb2551f0e8 in KJS::FunctionImp::callAsFunction 
(this=0x7fbb2007a1c0, exec=0x7fff58f9c250, thisObj=<optimized out>, args=...) 
at /usr/src/debug/kdelibs-4.13.3/kjs/function.cpp:171
#107 0x00007fbb2553b9fa in call (args=..., thisObj=<optimized out>, 
exec=<optimized out>, this=<optimized out>) at 
/usr/src/debug/kdelibs-4.13.3/kjs/object.h:632
#108 KJS::Machine::runBlock (exec=0x7fff58f9c250, codeBlock=..., 
parentExec=0x7fff58f9c7d0) at codes.def:1233
#109 0x00007fbb2551f0e8 in KJS::FunctionImp::callAsFunction 
(this=0x7fbb10965d40, exec=0x7fff58f9c7d0, thisObj=<optimized out>, args=...) 
at /usr/src/debug/kdelibs-4.13.3/kjs/function.cpp:171
#110 0x00007fbb2550532b in call (args=..., thisObj=<optimized out>, 
exec=<optimized out>, this=<optimized out>) at 
/usr/src/debug/kdelibs-4.13.3/kjs/object.h:632
#111 KJS::FunctionProtoFunc::callAsFunction (this=<optimized out>, 
exec=0x7fff58f9c7d0, thisObj=0x7fbb10965d40, args=...) at 
/usr/src/debug/kdelibs-4.13.3/kjs/function_object.cpp:141
#112 0x00007fbb2553b9fa in call (args=..., thisObj=<optimized out>, 
exec=<optimized out>, this=<optimized out>) at 
/usr/src/debug/kdelibs-4.13.3/kjs/object.h:632
#113 KJS::Machine::runBlock (exec=0x7fff58f9c7d0, codeBlock=..., 
parentExec=0x7fff58f9cd50) at codes.def:1233
#114 0x00007fbb2551f0e8 in KJS::FunctionImp::callAsFunction 
(this=0x7fbb10965cc0, exec=0x7fff58f9cd50, thisObj=<optimized out>, args=...) 
at /usr/src/debug/kdelibs-4.13.3/kjs/function.cpp:171
#115 0x00007fbb2550532b in call (args=..., thisObj=<optimized out>, 
exec=<optimized out>, this=<optimized out>) at 
/usr/src/debug/kdelibs-4.13.3/kjs/object.h:632
#116 KJS::FunctionProtoFunc::callAsFunction (this=<optimized out>, 
exec=0x7fff58f9cd50, thisObj=0x7fbb10965cc0, args=...) at 
/usr/src/debug/kdelibs-4.13.3/kjs/function_object.cpp:141
#117 0x00007fbb2553b9fa in call (args=..., thisObj=<optimized out>, 
exec=<optimized out>, this=<optimized out>) at 
/usr/src/debug/kdelibs-4.13.3/kjs/object.h:632
#118 KJS::Machine::runBlock (exec=0x7fff58f9cd50, codeBlock=..., 
parentExec=0x8fc7040) at codes.def:1233
#119 0x00007fbb2551f0e8 in KJS::FunctionImp::callAsFunction 
(this=0x7fbb10965b40, exec=0x8fc7040, thisObj=<optimized out>, args=...) at 
/usr/src/debug/kdelibs-4.13.3/kjs/function.cpp:171
#120 0x00007fbb25e8306a in call (args=..., thisObj=0x7fbb10820780, 
exec=0x8fc7040, this=<optimized out>) at 
/usr/src/debug/kdelibs-4.13.3/kjs/object.h:632
#121 KJS::JSEventListener::handleEvent (this=0x40d4e60, evt=...) at 
/usr/src/debug/kdelibs-4.13.3/khtml/ecma/kjs_events.cpp:108
#122 0x00007fbb25e8bca9 in KJS::XMLHttpRequest::changeState 
(this=this@entry=0x7fbb10820780, newState=newState@entry=KJS::XHRS_Loaded) at 
/usr/src/debug/kdelibs-4.13.3/khtml/ecma/xmlhttprequest.cpp:365
#123 0x00007fbb25e8d5da in KJS::XMLHttpRequest::slotFinished 
(this=0x7fbb10820780) at 
/usr/src/debug/kdelibs-4.13.3/khtml/ecma/xmlhttprequest.cpp:779
#124 0x00007fbb3ffe011f in QMetaObject::activate (sender=0x13c40df0, 
m=<optimized out>, local_signal_index=<optimized out>, argv=0x7fff58f9d140) at 
kernel/qobject.cpp:3576
#125 0x00007fbb40458f12 in KJob::result (this=this@entry=0x13c40df0, 
_t1=_t1@entry=0x13c40df0) at 
/usr/src/debug/kdelibs-4.13.3/build/kdecore/kjob.moc:208
#126 0x00007fbb40458f50 in KJob::emitResult (this=0x13c40df0) at 
/usr/src/debug/kdelibs-4.13.3/kdecore/jobs/kjob.cpp:318
#127 0x00007fbb38c53ba2 in KIO::SimpleJob::slotFinished 
(this=this@entry=0x13c40df0) at 
/usr/src/debug/kdelibs-4.13.3/kio/kio/job.cpp:496
#128 0x00007fbb38c5b21d in KIO::TransferJob::slotFinished (this=0x13c40df0) at 
/usr/src/debug/kdelibs-4.13.3/kio/kio/job.cpp:1110
#129 0x00007fbb3ffe011f in QMetaObject::activate (sender=0x3673db0, 
m=<optimized out>, local_signal_index=<optimized out>, argv=0x0) at 
kernel/qobject.cpp:3576
#130 0x00007fbb38cf77c1 in KIO::SlaveInterface::dispatch (this=0x3673db0, 
_cmd=104, rawdata=...) at 
/usr/src/debug/kdelibs-4.13.3/kio/kio/slaveinterface.cpp:176
#131 0x00007fbb38cf509a in KIO::SlaveInterface::dispatch (this=0x3673db0) at 
/usr/src/debug/kdelibs-4.13.3/kio/kio/slaveinterface.cpp:92
#132 0x00007fbb38ce95fe in KIO::Slave::gotInput (this=0x3673db0) at 
/usr/src/debug/kdelibs-4.13.3/kio/kio/slave.cpp:344
#133 0x00007fbb3ffe011f in QMetaObject::activate (sender=0x1decff0, 
m=<optimized out>, local_signal_index=<optimized out>, argv=0x0) at 
kernel/qobject.cpp:3576
#134 0x00007fbb38c28912 in dequeue (this=<optimized out>) at 
/usr/src/debug/kdelibs-4.13.3/kio/kio/connection.cpp:82
#135 KIO::ConnectionPrivate::dequeue (this=0xb408020) at 
/usr/src/debug/kdelibs-4.13.3/kio/kio/connection.cpp:71
#136 0x00007fbb3ffdf5fe in QObject::event (this=0x1decff0, e=<optimized out>) 
at kernel/qobject.cpp:1231
#137 0x00007fbb3f14fa8c in QApplicationPrivate::notify_helper 
(this=this@entry=0x7f62a0, receiver=receiver@entry=0x1decff0, 
e=e@entry=0x13253d70) at kernel/qapplication.cpp:4565
#138 0x00007fbb3f153ed9 in QApplication::notify (this=0x7fff58f9e4a0, 
receiver=0x1decff0, e=0x13253d70) at kernel/qapplication.cpp:3947
#139 0x00007fbb40d694e6 in KApplication::notify (this=0x7fff58f9e4a0, 
receiver=0x1decff0, event=0x13253d70) at 
/usr/src/debug/kdelibs-4.13.3/kdeui/kernel/kapplication.cpp:311
#140 0x00007fbb3ffcab2e in QCoreApplication::notifyInternal 
(this=0x7fff58f9e4a0, receiver=receiver@entry=0x1decff0, 
event=event@entry=0x13253d70) at kernel/qcoreapplication.cpp:953
#141 0x00007fbb3ffce581 in sendEvent (event=0x13253d70, receiver=0x1decff0) at 
kernel/qcoreapplication.h:231
#142 QCoreApplicationPrivate::sendPostedEvents (receiver=0x0, event_type=0, 
data=0x70a2b0) at kernel/qcoreapplication.cpp:1577
#143 0x00007fbb3fff912e in sendPostedEvents () at 
kernel/qcoreapplication.h:236
#144 postEventSourceDispatch (s=0x7f78e0) at 
kernel/qeventdispatcher_glib.cpp:300
#145 postEventSourceDispatch (s=0x7f78e0) at 
kernel/qeventdispatcher_glib.cpp:291
#146 0x00007fbb3baf57d5 in g_main_context_dispatch () from 
/usr/lib64/libglib-2.0.so.0
#147 0x00007fbb3baf5b08 in ?? () from /usr/lib64/libglib-2.0.so.0
#148 0x00007fbb3baf5bc4 in g_main_context_iteration () from 
/usr/lib64/libglib-2.0.so.0
#149 0x00007fbb3fff92c1 in QEventDispatcherGlib::processEvents (this=0x7107f0, 
flags=...) at kernel/qeventdispatcher_glib.cpp:449
#150 0x00007fbb3f1eff5e in QGuiEventDispatcherGlib::processEvents 
(this=<optimized out>, flags=...) at kernel/qguieventdispatcher_glib.cpp:204
#151 0x00007fbb3ffc972f in QEventLoop::processEvents 
(this=this@entry=0x7fff58f9e1a0, flags=...) at kernel/qeventloop.cpp:149
#152 0x00007fbb3ffc99b8 in QEventLoop::exec (this=0x7fff58f9e1a0, flags=...) 
at kernel/qeventloop.cpp:204
#153 0x00007fbb3ffce898 in QCoreApplication::exec () at 
kernel/qcoreapplication.cpp:1225
#154 0x00007fbb2d26a742 in kdemain (argc=<optimized out>, argv=<optimized 
out>) at /usr/src/debug/kde-baseapps-4.13.3/konqueror/src/konqmain.cpp:227
#155 0x000000000040889a in _start ()

Reproducible: Always

Comment 1 Andrea Iacovitti 2014-12-20 10:46:54 UTC

Git commit 8f85b26d243fcacc6f0379b69ecf70ce3fca6121 by Andrea Iacovitti.
Committed on 20/12/2014 at 10:42.
Pushed by aiacovitti into branch 'KDE/4.14'.

Convert to int from DOMString that check for null implementation and return 0 in case.
FIXED-IN: 4.14.4

M  +2    -2    khtml/html/html_formimpl.cpp

http://commits.kde.org/kdelibs/8f85b26d243fcacc6f0379b69ecf70ce3fca6121