[prev in list] [next in list] [prev in thread] [next in thread]
List: konq-bugs
Subject: [Bug 190966] New: KJS crashes in KJS::UString::Rep::computeHash
From: András Manţia <amantia () kde ! org>
Date: 2009-04-28 20:24:52
Message-ID: bug-190966-5021 () http ! bugs ! kde ! org/
[Download RAW message or body]
https://bugs.kde.org/show_bug.cgi?id=190966
Summary: KJS crashes in KJS::UString::Rep::computeHash
Product: konqueror
Version: SVN
Platform: Compiled Sources
OS/Version: Linux
Status: NEW
Severity: normal
Priority: NOR
Component: kjs
AssignedTo: konq-bugs@kde.org
ReportedBy: amantia@kde.org
The below crash happens with r960609.
The easiest way for me to reproduce is to use the feed from
http://autos.groups.yahoo.com/group/audi-hu/ in akregator, click on the posts,
open them in tabs, close them (sometimes open more then one). Soon when opening
a post in a tab it will crash.
rogram received signal SIGSEGV, Segmentation fault.
KJS::UString::Rep::computeHash (s=0x829a2ae, len=251658240) at
/data/development/sources/kde-trunk/kdelibs/kjs/ustring.cpp:245
245 hash += s[0].uc;
(gdb) bt
#0 KJS::UString::Rep::computeHash (s=0x829a2ae, len=251658240) at
/data/development/sources/kde-trunk/kdelibs/kjs/ustring.cpp:245
#1 0x00007ffff679f8f5 in WTF::HashTable<KJS::UString::Rep*,
std::pair<KJS::UString::Rep*, std::pair<KJS::StringImp*, int> >,
WTF::PairFirstExtractor<std::pair<KJS::UString::Rep*,
std::pair<KJS::StringImp*, int> > >, WTF::StrHash<KJS::UString::Rep*>,
WTF::PairHashTraits<WTF::HashTraits<KJS::UString::Rep*>,
WTF::HashTraits<std::pair<KJS::StringImp*, int> > >,
WTF::HashTraits<KJS::UString::Rep*> >::rehash (
this=0x3545540, newTableSize=<value optimized out>) at
/data/development/sources/kde-trunk/kdelibs/kjs/ustring.h:158
#2 0x00007ffff679fab3 in WTF::HashMap<KJS::UString::Rep*,
std::pair<KJS::StringImp*, int>, WTF::StrHash<KJS::UString::Rep*>,
WTF::HashTraits<KJS::UString::Rep*>, WTF::HashTraits<std::pair<KJS::StringImp*,
int> > >::add (this=0x3545540, key=@0x7fffffff8b68, mapped=@0x7fffffff8b50) at
/data/development/sources/kde-trunk/kdelibs/kjs/wtf/HashTable.h:871
#3 0x00007ffff679b23e in KJS::Interpreter::internString (literal=@0x3d5b7a0)
at /data/development/sources/kde-trunk/kdelibs/kjs/interpreter.cpp:949
#4 0x00007ffff67b7069 in KJS::StringNode::generateEvalCode (this=0xf000000,
comp=0x9e3779b9) at
/data/development/sources/kde-trunk/kdelibs/kjs/nodes2bytecode.cpp:120
#5 0x00007ffff67b7914 in KJS::ObjectLiteralNode::generateEvalCode (this=<value
optimized out>, comp=0x7fffffff8fb0) at
/data/development/sources/kde-trunk/kdelibs/kjs/nodes2bytecode.cpp:421
#6 0x00007ffff67b62fe in KJS::AssignExprNode::generateEvalCode (this=<value
optimized out>, comp=0x9e3779b9) at
/data/development/sources/kde-trunk/kdelibs/kjs/nodes2bytecode.cpp:1066
#7 0x00007ffff67b6ba1 in KJS::VarDeclNode::generateCode (this=0x413de60,
comp=0x7fffffff8fb0) at
/data/development/sources/kde-trunk/kdelibs/kjs/nodes2bytecode.cpp:1087
#8 0x00007ffff67b6d04 in KJS::VarDeclListNode::generateEvalCode (this=<value
optimized out>, comp=0x7fffffff8fb0) at
/data/development/sources/kde-trunk/kdelibs/kjs/nodes2bytecode.cpp:1104
#9 0x00007ffff67b9f32 in KJS::VarStatementNode::generateExecCode
(this=0x413dec0, comp=0x7fffffff8fb0) at
/data/development/sources/kde-trunk/kdelibs/kjs/nodes2bytecode.cpp:1112
#10 0x00007ffff67b62dd in KJS::SourceElementsNode::generateExecCode
(this=0x3726430, comp=0x7fffffff8fb0) at
/data/development/sources/kde-trunk/kdelibs/kjs/nodes2bytecode.cpp:981
#11 0x00007ffff67bca56 in KJS::FunctionBodyNode::generateExecCode
(this=0x46ef780, comp=0x7fffffff8fb0) at
/data/development/sources/kde-trunk/kdelibs/kjs/nodes2bytecode.cpp:1560
#12 0x00007ffff676a3af in KJS::FunctionBodyNode::compile (this=0x46ef780,
ctype=<value optimized out>, compType=<value optimized out>) at
/data/development/sources/kde-trunk/kdelibs/kjs/nodes.cpp:948
#13 0x00007ffff67969f5 in KJS::FunctionImp::callAsFunction
(this=0x7fffd7d614c0, exec=0x7fffffff9c80, thisObj=<value optimized out>,
args=@0x7fffffff9bd0)
at /data/development/sources/kde-trunk/kdelibs/kjs/function.cpp:114
#14 0x00007ffff679a1e9 in KJS::JSObject::call (this=0x829a2ae, exec=0x2629a2ae,
thisObj=0x9e3779b9, args=@0x9e3779b9) at
/data/development/sources/kde-trunk/kdelibs/kjs/object.cpp:69
#15 0x00007ffff67b4f31 in KJS::Machine::runBlock (exec=0x7fffffff9c80,
codeBlock=<value optimized out>, parentExec=0x7fffffffa800) at codes.def:1192
#16 0x00007ffff679676c in KJS::FunctionImp::callAsFunction
(this=0x7fffd7d6d440, exec=0x7fffffffa800, thisObj=<value optimized out>,
args=@0x7fffffffa6c0)
at /data/development/sources/kde-trunk/kdelibs/kjs/function.cpp:144
#17 0x00007ffff679a1e9 in KJS::JSObject::call (this=0x829a2ae, exec=0x2629a2ae,
thisObj=0x9e3779b9, args=@0x9e3779b9) at
/data/development/sources/kde-trunk/kdelibs/kjs/object.cpp:69
#18 0x00007ffff67b4f31 in KJS::Machine::runBlock (exec=0x7fffffffa800,
codeBlock=<value optimized out>, parentExec=0x0) at codes.def:1192
#19 0x00007ffff676a4a9 in KJS::FunctionBodyNode::execute (this=0x36f5850,
exec=0x7fffffffa800) at
/data/development/sources/kde-trunk/kdelibs/kjs/nodes.cpp:928
#20 0x00007ffff679d00a in KJS::Interpreter::evaluate (this=0x389f8b0,
sourceURL=@0x7fffffffab60, startingLineNumber=0, code=<value optimized out>,
codeLength=<value optimized out>, thisV=0x7fffd7db0080)
at /data/development/sources/kde-trunk/kdelibs/kjs/interpreter.cpp:556
#21 0x00007ffff679d0d3 in KJS::Interpreter::evaluate (this=0xf000000,
sourceURL=@0x9e3779b9, startingLineNumber=-1640531527, code=<value optimized
out>, thisV=<value optimized out>)
at /data/development/sources/kde-trunk/kdelibs/kjs/interpreter.cpp:496
#22 0x00007ffff78ed0d1 in KJS::KJSProxyImpl::evaluate (this=0x3b0c6a0,
filename=<value optimized out>, baseLine=0, str=@0x7fffffffaff0, n=<value
optimized out>, completion=0x7fffffffabf0)
at /data/development/sources/kde-trunk/kdelibs/khtml/ecma/kjs_proxy.cpp:158
#23 0x00007ffff76b0dd1 in KHTMLPart::executeScript (this=0x221c7d0,
filename=@0x7fffffffad40, baseLine=0, n=@0x7fffffffad00,
script=@0x7fffffffaff0)
at /data/development/sources/kde-trunk/kdelibs/khtml/khtml_part.cpp:1326
#24 0x00007ffff7741983 in khtml::HTMLTokenizer::scriptExecution
(this=0x35e00e0, str=@0x7fffffffaff0, scriptURL=<value optimized out>,
baseLine=0)
at
/data/development/sources/kde-trunk/kdelibs/khtml/html/htmltokenizer.cpp:501
#25 0x00007ffff7745ec6 in khtml::HTMLTokenizer::notifyFinished (this=0x35e00e0)
at
/data/development/sources/kde-trunk/kdelibs/khtml/html/htmltokenizer.cpp:2123
#26 0x00007ffff774751c in khtml::HTMLTokenizer::scriptHandler (this=0x35e00e0)
at /data/development/sources/kde-trunk/kdelibs/khtml/html/htmltokenizer.cpp:446
#27 0x00007ffff7748795 in khtml::HTMLTokenizer::parseSpecial (this=0x35e00e0,
src=@0x35e0648) at
/data/development/sources/kde-trunk/kdelibs/khtml/html/htmltokenizer.cpp:369
#28 0x00007ffff774a5cb in khtml::HTMLTokenizer::parseTag (this=0x35e00e0,
src=@0x35e0648) at
/data/development/sources/kde-trunk/kdelibs/khtml/html/htmltokenizer.cpp:1551
#29 0x00007ffff774b992 in khtml::HTMLTokenizer::write (this=0x35e00e0,
str=@0x7fffffffb9e0, appendData=true) at
/data/development/sources/kde-trunk/kdelibs/khtml/html/htmltokenizer.cpp:1811
#30 0x00007ffff769232d in KHTMLPart::write (this=0x221c7d0,
data=0x36459c8 "!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0
Transitional//EN\"
\"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd\">\n<html
xmlns=\"http://www.w3.org/1999/xhtml\">\n\n <head>\n\n <title>Index
-"..., len=4096) at
/data/development/sources/kde-trunk/kdelibs/khtml/khtml_part.cpp:2093
---Type <return> to continue, or q <return> to quit---
#31 0x00007ffff76946a4 in KHTMLPart::slotData (this=0x221c7d0, kio_job=<value
optimized out>, data=@0x7fffffffc3d0) at
/data/development/sources/kde-trunk/kdelibs/khtml/khtml_part.cpp:1778
#32 0x00007ffff76b4cd8 in KHTMLPart::qt_metacall (this=0x221c7d0,
_c=QMetaObject::InvokeMetaMethod, _id=<value optimized out>, _a=0x7fffffffbf90)
at /data/development/build/kde-trunk/kdelibs/khtml/khtml_part.moc:271
#33 0x00007ffff36bb2cc in QMetaObject::activate(QObject*, int, int, void**) ()
from /opt/qt4/lib/libQtCore.so.4
#34 0x00007ffff36bc989 in QMetaObject::activate(QObject*, QMetaObject const*,
int, void**) () from /opt/qt4/lib/libQtCore.so.4
#35 0x00007ffff4a7d0b4 in KIO::TransferJob::data (this=0x829a2ae,
_t1=0x3d7d620, _t2=<value optimized out>) at
/data/development/build/kde-trunk/kdelibs/kio/jobclasses.moc:364
#36 0x00007ffff4a87fe9 in KIO::TransferJob::qt_metacall (this=0x3d7d620,
_c=QMetaObject::InvokeMetaMethod, _id=<value optimized out>, _a=0x7fffffffc140)
at /data/development/build/kde-trunk/kdelibs/kio/jobclasses.moc:344
#37 0x00007ffff36bb2cc in QMetaObject::activate(QObject*, int, int, void**) ()
from /opt/qt4/lib/libQtCore.so.4
#38 0x00007ffff36bc989 in QMetaObject::activate(QObject*, QMetaObject const*,
int, void**) () from /opt/qt4/lib/libQtCore.so.4
#39 0x00007ffff4b42052 in KIO::SlaveInterface::data (this=0x829a2ae, _t1=<value
optimized out>) at
/data/development/build/kde-trunk/kdelibs/kio/slaveinterface.moc:140
#40 0x00007ffff4b458d8 in KIO::SlaveInterface::dispatch (this=0x37d2130,
_cmd=100, rawdata=<value optimized out>) at
/data/development/sources/kde-trunk/kdelibs/kio/kio/slaveinterface.cpp:163
#41 0x00007ffff4b42302 in KIO::SlaveInterface::dispatch (this=0x37d2130) at
/data/development/sources/kde-trunk/kdelibs/kio/kio/slaveinterface.cpp:91
#42 0x00007ffff4b34e93 in KIO::Slave::gotInput (this=0x37d2130) at
/data/development/sources/kde-trunk/kdelibs/kio/kio/slave.cpp:322
#43 0x00007ffff4b370f8 in KIO::Slave::qt_metacall (this=0x37d2130,
_c=QMetaObject::InvokeMetaMethod, _id=125829119, _a=0x7fffffffc550) at
/data/development/build/kde-trunk/kdelibs/kio/slave.moc:76
#44 0x00007ffff36bb2cc in QMetaObject::activate(QObject*, int, int, void**) ()
from /opt/qt4/lib/libQtCore.so.4
#45 0x00007ffff36bc989 in QMetaObject::activate(QObject*, QMetaObject const*,
int, void**) () from /opt/qt4/lib/libQtCore.so.4
#46 0x00007ffff4a51131 in KIO::ConnectionPrivate::dequeue (this=0x3c71200) at
/data/development/sources/kde-trunk/kdelibs/kio/kio/connection.cpp:82
#47 0x00007ffff4a5158a in KIO::Connection::qt_metacall (this=0x39571a0,
_c=QMetaObject::InvokeMetaMethod, _id=125829119, _a=0x37303e0) at
/data/development/build/kde-trunk/kdelibs/kio/connection.moc:73
#48 0x00007ffff36b2f8b in QMetaCallEvent::placeMetaCall(QObject*) () from
/opt/qt4/lib/libQtCore.so.4
#49 0x00007ffff36b8670 in QObject::event(QEvent*) () from
/opt/qt4/lib/libQtCore.so.4
#50 0x00007ffff203c5b7 in QApplicationPrivate::notify_helper(QObject*, QEvent*)
() from /opt/qt4/lib/libQtGui.so.4
#51 0x00007ffff203c96e in QApplication::notify(QObject*, QEvent*) () from
/opt/qt4/lib/libQtGui.so.4
#52 0x00007ffff458c81b in KApplication::notify (this=0x7fffffffd540,
receiver=0x39571a0, event=0x37d9e80) at
/data/development/sources/kde-trunk/kdelibs/kdeui/kernel/kapplication.cpp:307
#53 0x00007ffff369fa9f in QCoreApplication::notifyInternal(QObject*, QEvent*)
() from /opt/qt4/lib/libQtCore.so.4
#54 0x00007ffff625d42d in QCoreApplication::sendEvent(QObject*, QEvent*) ()
from /opt/qt4/lib/libQt3Support.so.4
#55 0x00007ffff36a00b5 in QCoreApplicationPrivate::sendPostedEvents(QObject*,
int, QThreadData*) () from /opt/qt4/lib/libQtCore.so.4
#56 0x00007ffff36a03c4 in QCoreApplication::sendPostedEvents(QObject*, int) ()
from /opt/qt4/lib/libQtCore.so.4
#57 0x00007ffff62fec41 in QCoreApplication::sendPostedEvents() () from
/opt/qt4/lib/libQt3Support.so.4
#58 0x00007ffff36d8794 in postEventSourceDispatch(_GSource*, int (*)(void*),
void*) () from /opt/qt4/lib/libQtCore.so.4
#59 0x00007fffecff50fb in g_main_context_dispatch () from
/usr/lib64/libglib-2.0.so.0
#60 0x00007fffecff88cd in ?? () from /usr/lib64/libglib-2.0.so.0
#61 0x00007fffecff8a8b in g_main_context_iteration () from
/usr/lib64/libglib-2.0.so.0
#62 0x00007ffff36d786e in
QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) ()
from /opt/qt4/lib/libQtCore.so.4
#63 0x00007ffff2107ffb in
QGuiEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>)
() from /opt/qt4/lib/libQtGui.so.4
#64 0x00007ffff369c15f in
QEventLoop::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from
/opt/qt4/lib/libQtCore.so.4
#65 0x00007ffff369c36e in
QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () from
/opt/qt4/lib/libQtCore.so.4
#66 0x00007ffff36a04e9 in QCoreApplication::exec() () from
/opt/qt4/lib/libQtCore.so.4
#67 0x00007ffff203c314 in QApplication::exec() () from
/opt/qt4/lib/libQtGui.so.4
#68 0x0000000000404911 in main (argc=2, argv=0x7fffffffdb18) at
/data/development/sources/kde-trunk/kdepim/kontact/src/main.cpp:218
--
Configure bugmail: https://bugs.kde.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
_______________________________________________
Konq-bugs mailing list
Konq-bugs@mail.kde.org
https://mail.kde.org/mailman/listinfo/konq-bugs
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic