Crash: blocking JS and deleting a window

Koos Vriezen koos.vriezen at xs4all.nl
Wed Oct 2 19:44:16 BST 2002 

Hi,

Testcase:

<html><head><script>
  var win=open("", "xxx");
  var doc=win.document;
  doc.open();
  doc.write("<html><body onLoad=\"alert(somevar)\">");
  doc.write("</body></html>");
  doc.close();
</script></head>
<body></body></html>

After the second window is created, delete it by clicking the X button.
Even KCrash crashes on this one.
The problem is blocking JS (here the alert box, might as well be a
LiveConnect call). Currently I see these options:
- Konqueror should delete a View after verifying it can. In this case,
  with the alert box, it should poll the view if it can
  be deleted. Probably requires quite some changes for this.
- KHTML or KJSProxy should block somehow the deletion calling chain. Eg.
  while(notfinished) { usleep(20000); qApp->processEvents(100); }
  (which is a rather poor attempt to synchronize these calling chains.
  It also doesn't work. With the processEvent, a timerEvent in KHTMLView
  causes another crash. Without, there is no way to click away the alert
  box).
- Make sure the X button doesn't work when doing JS :)

Anyone have any thoughts on this?

On Fri, 20 Sep 2002, Koos Vriezen wrote:

> Hi,
>
> I sended this to kdm-devel yesterday, but somehow it got lost. David, any
> ideas why scheduled scripts aren't removed here?
>
> Koos
>
> ---------- Forwarded message ----------
> Date: Thu, 19 Sep 2002 21:25:51 +0200 (CEST)
> From: Koos Vriezen <koos at xwing.home>
> To: kfm-devel at kde.org
> Subject: Crash: setTimeout still executed after window closed
>
> Hi,
>
> Small test case:
>  <html><head><script>
>   var win=open("", "xxx");
>   var doc=win.document;
>   doc.open();
>   doc.write("<html><body onLoad=\"setTimeout('alert(somevar)',1000)\">");
>   doc.write("</body></html>");
>   doc.close();
>  </script></head>
> <body></body></html>
>
> To reproduce this crash, the new window must be closed within one second.
> It doesn't crash all the time, but when it does something like:
>
> #6  0x415ad6e3 in KHTMLPart::executeScript(DOM::Node const&, QString const&) ()
>    from /mnt/hda3/usr/local/kde3/lib/libkhtml.so.4
> #7  0x415ad5f4 in KHTMLPart::executeScript(QString const&) ()
>    from /mnt/hda3/usr/local/kde3/lib/libkhtml.so.4
> #8  0x418f44c3 in KJS::ScheduledAction::execute(KJS::Window*) ()
>    from /mnt/hda3/usr/local/kde3/lib/kde3/kjs_html.so
> #9  0x418f4e68 in KJS::WindowQObject::timerEvent(QTimerEvent*) ()
>    from /mnt/hda3/usr/local/kde3/lib/kde3/kjs_html.so
> #10 0x409aada9 in QObject::event(QEvent*) ()
>
> appears.
> (Test case from crash on http://www.n-tv.de when closing the teletext
> window (somewhere in the middle of left menu), reported by Till Krech).
> Turns out, not to be Java related.
>
> Koos
>
>
>
>
>

More information about the kfm-devel mailing list