Summary: | Konqueror crashes when using Facebook chat [KJS::JSValue::type, KJS::cloneInternal, KJS::encapsulateMessageEventData] | ||
---|---|---|---|
Product: | [Applications] konqueror | Reporter: | Charles Opondo <charlesopondo> |
Component: | khtml ecma | Assignee: | Konqueror Developers <konq-bugs> |
Status: | RESOLVED FIXED | ||
Severity: | crash | CC: | ag+services, aiacovitti, andreas.hencke, andresbajotierra, b.buschinski, bryandiazg, bugs, christopher.j.bayliss, christopherheiny, crissi.be, damijan.bec, davidsboogs, donald, dudleyd, fischer, flunsidelacal, frederic.coiffier, gabrimonfa, gatoso, georgevp, hobbyblobby, ice00, independent.scientist, j.mairboeck, j4y.m4c4, jjm, jlp, joshua, julian.g, kavol, kde, kde, krege, kushagra1276, kushagra1276, m.wege, maarten, mail, matthew, minieri.paolo, mzanetti, nagorny.denis, nano, nick, olischuk, pasha-pivo, peter.blaiklock, petr.nadeiko, rasasi78, rossi.f, ruben.mueller, sharovse, shydoow, stormrunner79, svenbartscher, thomas, tibesignerie1, uriasrandy, zenomorph.ebe |
Priority: | NOR | ||
Version: | 4.10.1 | ||
Target Milestone: | --- | ||
Platform: | Ubuntu | ||
OS: | Linux | ||
Latest Commit: | 8dabd6ac70d8f7b3690d0e7cdbe9cc66ba337251 | Version Fixed In: | 4.11.3 |
Sentry Crash Report: | |||
Attachments: |
New crash information added by DrKonqi
New crash information added by DrKonqi New crash information added by DrKonqi New crash information added by DrKonqi New crash information added by DrKonqi New crash information added by DrKonqi New crash information added by DrKonqi New crash information added by DrKonqi New crash information added by DrKonqi New crash information added by DrKonqi New crash information added by DrKonqi New crash information added by DrKonqi New crash information added by DrKonqi New crash information added by DrKonqi |
Description
Charles Opondo
2011-01-27 21:00:12 UTC
Created attachment 56585 [details]
New crash information added by DrKonqi
konqueror (4.6.00 (4.6.0)) on KDE Platform 4.6.00 (4.6.0) using Qt 4.7.0
- What I was doing when the application crashed:
I was using Facebook chat when Konqueror crashed
-- Backtrace (Reduced):
#7 0x05828a8c in type (exec=0x9e71ec8, ctx=0x9e71eb8, in=0xaea40be0, path=...) at ../../kjs/value.h:452
#8 KJS::cloneInternal (exec=0x9e71ec8, ctx=0x9e71eb8, in=0xaea40be0, path=...) at ../../khtml/ecma/kjs_data.cpp:37
#9 0x05828f24 in KJS::encapsulateMessageEventData (exec=0x9e71ec8, ctx=0x9e71eb8, data=0xaea40be0) at ../../khtml/ecma/kjs_data.cpp:117
#10 0x05829126 in KJS::DelayedPostMessage::execute (this=0xbd64060, w=0xb5040000) at ../../khtml/ecma/kjs_data.cpp:169
#11 0x057cbbbb in KJS::Window::afterScriptExecution (this=0xb5040000) at ../../khtml/ecma/kjs_window.cpp:1327
[Comment from a bug triager] From bug 266255: - What I was doing when the application crashed: Sometimes, when I get a new message on facebook chat, Konqueror crashes. This behaviour has occurred at least twice *** Bug 266340 has been marked as a duplicate of this bug. *** *** Bug 266255 has been marked as a duplicate of this bug. *** Created attachment 57716 [details]
New crash information added by DrKonqi
konqueror (4.6.00 (4.6.0)) on KDE Platform 4.6.00 (4.6.0) using Qt 4.7.2
- What I was doing when the application crashed:
I clicked around gta.wikia.com. Konqueror crashs on different pages, sometime at the start page, sometimes later.
-- Backtrace (Reduced):
#6 0x00007f7d6c60e81a in type (exec=<value optimized out>, ctx=0xf204f0, in=0x7f7d6781e6c0, path=...) at /usr/src/debug/kdelibs-4.6.0/kjs/value.h:452
#7 KJS::cloneInternal (exec=<value optimized out>, ctx=0xf204f0, in=0x7f7d6781e6c0, path=...) at /usr/src/debug/kdelibs-4.6.0/khtml/ecma/kjs_data.cpp:37
#8 0x00007f7d6c60ebd0 in KJS::encapsulateMessageEventData (exec=0xf20510, ctx=<value optimized out>, data=<value optimized out>) at /usr/src/debug/kdelibs-4.6.0/khtml/ecma/kjs_data.cpp:117
#9 0x00007f7d6c60ede6 in KJS::DelayedPostMessage::execute (this=0x34379f0, w=<value optimized out>) at /usr/src/debug/kdelibs-4.6.0/khtml/ecma/kjs_data.cpp:169
#10 0x00007f7d6c5c3a13 in KJS::Window::afterScriptExecution (this=0x7f7d6caf0000) at /usr/src/debug/kdelibs-4.6.0/khtml/ecma/kjs_window.cpp:1327
Created attachment 58283 [details]
New crash information added by DrKonqi
konqueror (4.6.00 (4.6.0) "release 6") on KDE Platform 4.6.00 (4.6.0) "release 6" using Qt 4.7.1
- What I was doing when the application crashed:Just chatting on facebook makes konqueror crash with webkit.with khtml it does not crash that regularly
-- Backtrace (Reduced):
#6 0xafb1d680 in type (exec=0x8421818, ctx=0x8421808, in=0xaaca4660, path=...) at /usr/src/debug/kdelibs-4.6.0/kjs/value.h:452
#7 KJS::cloneInternal (exec=0x8421818, ctx=0x8421808, in=0xaaca4660, path=...) at /usr/src/debug/kdelibs-4.6.0/khtml/ecma/kjs_data.cpp:37
#8 0xafb1dacd in KJS::encapsulateMessageEventData (exec=0x8421818, ctx=0x8421808, data=0xaaca4660) at /usr/src/debug/kdelibs-4.6.0/khtml/ecma/kjs_data.cpp:117
#9 0xafb1dcc4 in KJS::DelayedPostMessage::execute (this=0xaa52bb8, w=0x0) at /usr/src/debug/kdelibs-4.6.0/khtml/ecma/kjs_data.cpp:169
#10 0xafacbdfc in KJS::Window::afterScriptExecution (this=0xad760000) at /usr/src/debug/kdelibs-4.6.0/khtml/ecma/kjs_window.cpp:1327
Created attachment 58496 [details]
New crash information added by DrKonqi
konqueror (4.6.00 (4.6.0) "release 6") on KDE Platform 4.6.00 (4.6.0) "release 6" using Qt 4.7.1
i just surfing on the zizi.ru. my system is busy, all memory is used. na 90% CPU.
-- Backtrace (Reduced):
#6 0x00007fd772e7e48a in type (exec=0xbbaeb0, ctx=0xbbae90, in=0x7fd76dce5340, path=...) at /usr/src/debug/kdelibs-4.6.0/kjs/value.h:452
#7 KJS::cloneInternal (exec=0xbbaeb0, ctx=0xbbae90, in=0x7fd76dce5340, path=...) at /usr/src/debug/kdelibs-4.6.0/khtml/ecma/kjs_data.cpp:37
#8 0x00007fd772e7e840 in KJS::encapsulateMessageEventData (exec=0xbbaeb0, ctx=<value optimized out>, data=<value optimized out>) at /usr/src/debug/kdelibs-4.6.0/khtml/ecma/kjs_data.cpp:117
#9 0x00007fd772e7ea56 in KJS::DelayedPostMessage::execute (this=0x2e3a800, w=<value optimized out>) at /usr/src/debug/kdelibs-4.6.0/khtml/ecma/kjs_data.cpp:169
#10 0x00007fd772e33553 in KJS::Window::afterScriptExecution (this=0x7fd7737d0000) at /usr/src/debug/kdelibs-4.6.0/khtml/ecma/kjs_window.cpp:1327
*** Bug 270555 has been marked as a duplicate of this bug. *** *** Bug 270847 has been marked as a duplicate of this bug. *** Created attachment 59481 [details]
New crash information added by DrKonqi
konqueror (4.6.2 (4.6.2)) on KDE Platform 4.6.2 (4.6.2) using Qt 4.7.2
- What I was doing when the application crashed:
I was simply surfing on FB while it happened, it does pretty un-conditional (from users point of view).
-- Backtrace (Reduced):
#6 0x00007f20f2a0d02a in type (exec=0x2005810, ctx=0x20057f0, in=0x7f20eaec3400, path=...) at ../../kjs/value.h:452
#7 KJS::cloneInternal (exec=0x2005810, ctx=0x20057f0, in=0x7f20eaec3400, path=...) at ../../khtml/ecma/kjs_data.cpp:37
#8 0x00007f20f2a0d4c3 in KJS::encapsulateMessageEventData (exec=0x2005810, ctx=<value optimized out>, data=<value optimized out>) at ../../khtml/ecma/kjs_data.cpp:117
#9 0x00007f20f2a0d6b5 in KJS::DelayedPostMessage::execute (this=0x4584700, w=<value optimized out>) at ../../khtml/ecma/kjs_data.cpp:169
#10 0x00007f20f29c2a0b in KJS::Window::afterScriptExecution (this=0x7f20f8e20180) at ../../khtml/ecma/kjs_window.cpp:1327
Created attachment 60429 [details] New crash information added by DrKonqi konqueror (4.6.3 (4.6.3)) on KDE Platform 4.6.3 (4.6.3) using Qt 4.7.3 - What I was doing when the application crashed: It not only affects facebook. I was typing a comment on a site that uses Disqus for comments (http://www.eatyourkimchi.com/). -- Backtrace (Reduced): #7 0xaedc76b0 in type (exec=0x9ae3030, ctx=0x9ae3020, in=0xa8164c40, path=...) at /usr/src/debug/kdelibs-4.6.3/kjs/value.h:452 #8 KJS::cloneInternal (exec=0x9ae3030, ctx=0x9ae3020, in=0xa8164c40, path=...) at /usr/src/debug/kdelibs-4.6.3/khtml/ecma/kjs_data.cpp:37 #9 0xaedc7afd in KJS::encapsulateMessageEventData (exec=0x9ae3030, ctx=0x9ae3020, data=0xa8164c40) at /usr/src/debug/kdelibs-4.6.3/khtml/ecma/kjs_data.cpp:117 #10 0xaedc7cf4 in KJS::DelayedPostMessage::execute (this=0xb011580, w=0x0) at /usr/src/debug/kdelibs-4.6.3/khtml/ecma/kjs_data.cpp:169 #11 0xaed75e2c in KJS::Window::afterScriptExecution (this=0xac9c0080) at /usr/src/debug/kdelibs-4.6.3/khtml/ecma/kjs_window.cpp:1327 Created attachment 61884 [details]
New crash information added by DrKonqi
konqueror (4.6.3 (4.6.3)) on KDE Platform 4.6.3 (4.6.3) using Qt 4.7.3
- What I was doing when the application crashed:
When browsing the android market place, konqueror will sometimes crash. No particular page or action will cause it, but it happens pretty regularly.
-- Backtrace (Reduced):
#6 0x00007f1301292833 in type (exec=<value optimized out>, ctx=0x2db1770, in=0x7f12f90322c0, path=...) at /usr/src/debug/kde-base/kdelibs-4.6.3-r3/kdelibs-4.6.3/kjs/value.h:452
#7 KJS::cloneInternal (exec=<value optimized out>, ctx=0x2db1770, in=0x7f12f90322c0, path=...) at /usr/src/debug/kde-base/kdelibs-4.6.3-r3/kdelibs-4.6.3/khtml/ecma/kjs_data.cpp:37
#8 0x00007f1301292cc3 in KJS::encapsulateMessageEventData (exec=0x2db1790, ctx=<value optimized out>, data=<value optimized out>) at /usr/src/debug/kde-base/kdelibs-4.6.3-r3/kdelibs-4.6.3/khtml/ecma/kjs_data.cpp:117
#9 0x00007f1301292e7c in KJS::DelayedPostMessage::execute (this=0x6331100, w=<value optimized out>) at /usr/src/debug/kde-base/kdelibs-4.6.3-r3/kdelibs-4.6.3/khtml/ecma/kjs_data.cpp:169
#10 0x00007f1301247cfb in KJS::Window::afterScriptExecution (this=0x7f1318840180) at /usr/src/debug/kde-base/kdelibs-4.6.3-r3/kdelibs-4.6.3/khtml/ecma/kjs_window.cpp:1327
I can confirm this bug on Gentoo Linux KDE 4.6.4, Qt 4.7.3, and kernel 2.6.37-gentoo-r4. Multiple tabs were open, I cannot trace which one caused the crash. My backtrace looks like this: Thread 1 (Thread 0xb5908710 (LWP 3546)): [KCrash Handler] #7 0xace0adda in KJS::JSValue::type (this=0xa7fe0260) at /var/tmp/portage/kde-base/kdelibs-4.6.4-r2/work/kdelibs-4.6.4/kjs/value.h:452 #8 0xace8fb38 in KJS::cloneInternal (exec=0x9e22820, ctx=0x9e22810, in=0xa7fe0260, path=...) at /var/tmp/portage/kde-base/kdelibs-4.6.4-r2/work/kdelibs-4.6.4/khtml/ecma/kjs_data.cpp:37 #9 0xace8fdd2 in KJS::encapsulateMessageEventData (exec=0x9e22820, ctx=0x9e22810, data=0xa7fe0260) at /var/tmp/portage/kde-base/kdelibs-4.6.4-r2/work/kdelibs-4.6.4/khtml/ecma/kjs_data.cpp:117 #10 0xace8ff85 in KJS::DelayedPostMessage::execute (this=0xcbde360, w=0xad430180) at /var/tmp/portage/kde-base/kdelibs-4.6.4-r2/work/kdelibs-4.6.4/khtml/ecma/kjs_data.cpp:169 #11 0xace439f3 in KJS::Window::afterScriptExecution (this=0xad430180) at /var/tmp/portage/kde-base/kdelibs-4.6.4-r2/work/kdelibs-4.6.4/khtml/ecma/kjs_window.cpp:1327 #12 0xace43b4c in KJS::WindowQObject::timerEvent (this=0xa2c07f8) at /var/tmp/portage/kde-base/kdelibs-4.6.4-r2/work/kdelibs-4.6.4/khtml/ecma/kjs_window.cpp:2481 #13 0xb6e4188c in QObject::event (this=0xa2c07f8, e=0xa7fe0260) at kernel/qobject.cpp:1181 #14 0xb62e637f in QApplicationPrivate::notify_helper (this=0x9afc560, receiver=0xa2c07f8, e=0xbfa5adfc) at kernel/qapplication.cpp:4462 #15 0xb62ee292 in QApplication::notify (this=0xbfa5b1f8, receiver=0xa2c07f8, e=0xbfa5adfc) at kernel/qapplication.cpp:3862 #16 0xb74e3885 in KApplication::notify (this=0xbfa5b1f8, receiver=0xa2c07f8, event=0xbfa5adfc) at /var/tmp/portage/kde-base/kdelibs-4.6.4-r2/work/kdelibs-4.6.4/kdeui/kernel/kapplication.cpp:311 #17 0xb6e2eb25 in QCoreApplication::notifyInternal (this=0xbfa5b1f8, receiver=0xa2c07f8, event=0xbfa5adfc) at kernel/qcoreapplication.cpp:731 #18 0xb6e62164 in sendEvent (this=0x9afee8c) at kernel/qcoreapplication.h:215 #19 QTimerInfoList::activateTimers (this=0x9afee8c) at kernel/qeventdispatcher_unix.cpp:604 #20 0xb6e5ee89 in timerSourceDispatch (source=0x9afeec0) at kernel/qeventdispatcher_glib.cpp:184 #21 idleTimerSourceDispatch (source=0x9afeec0) at kernel/qeventdispatcher_glib.cpp:231 #22 0xb5aaab60 in g_main_context_dispatch () from /usr/lib/libglib-2.0.so.0 #23 0xb5aaec48 in ?? () from /usr/lib/libglib-2.0.so.0 #24 0xb5aaedfd in g_main_context_iteration () from /usr/lib/libglib-2.0.so.0 #25 0xb6e5eba6 in QEventDispatcherGlib::processEvents (this=0x9ac3990, flags=...) at kernel/qeventdispatcher_glib.cpp:422 #26 0xb63ab30c in QGuiEventDispatcherGlib::processEvents (this=0x9ac3990, flags=...) at kernel/qguieventdispatcher_glib.cpp:204 #27 0xb6e2d5ff in QEventLoop::processEvents (this=0xbfa5b0c4, flags=) at kernel/qeventloop.cpp:149 #28 0xb6e2da25 in QEventLoop::exec (this=0xbfa5b0c4, flags=...) at kernel/qeventloop.cpp:201 #29 0xb6e30432 in QCoreApplication::exec () at kernel/qcoreapplication.cpp:1008 #30 0xb62e4b06 in QApplication::exec () at kernel/qapplication.cpp:3736 #31 0xb029138b in kdemain (argc=2, argv=0x9acb9d8) at /var/tmp/portage/kde-base/konqueror-4.6.4/work/konqueror-4.6.4/konqueror/src/konqmain.cpp:219 #32 0x0804e872 in launch (argc=<value optimized out>, _name=<value optimized out>, args=<value optimized out>, cwd=0x9acba3b "/home/fischer", envc=56, envs=0x9acba4d "MANPATH=/etc/java-config-2/current-system-vm/man:/usr/local/share/man:/usr/share/man:/usr/share/binutils-data/i686-pc-linux-gnu/2.20.1/man:/usr/share/gcc-data/i486-pc-linux-gnu/4.1.2/man:/usr/share/gc"..., reset_env=true, tty=0x0, avoid_loops=false, startup_id_str=0x9acc4e4 "0") at /var/tmp/portage/kde-base/kdelibs-4.6.4-r2/work/kdelibs-4.6.4/kinit/kinit.cpp:734 #33 0x0804f323 in handle_launcher_request (sock=<value optimized out>, who=<value optimized out>) at /var/tmp/portage/kde-base/kdelibs-4.6.4-r2/work/kdelibs-4.6.4/kinit/kinit.cpp:1226 #34 0x0805001a in handle_requests (waitForPid=<value optimized out>) at /var/tmp/portage/kde-base/kdelibs-4.6.4-r2/work/kdelibs-4.6.4/kinit/kinit.cpp:1410 #35 0x080505ea in main (argc=2, argv=0xbfa5b9a4, envp=0xbfa5b9b0) at /var/tmp/portage/kde-base/kdelibs-4.6.4-r2/work/kdelibs-4.6.4/kinit/kinit.cpp:1907 *** Bug 271960 has been marked as a duplicate of this bug. *** First invalid read error message is propably different bug but second invalid read looks like a hit. ==30114== Invalid read of size 2 ==30114== at 0x5016600: QChar::isSpace() const (qchar.cpp:545) ==30114== by 0xBD69C33: DOM::Selection::validate(DOM::Selection::ETextGranularity) (dom_selection.cpp:643) ==30114== by 0xBD67C2A: DOM::Selection::expandUsingGranularity(DOM::Selection::ETextGranularity) (dom_selection.cpp:305) ==30114== by 0xBCB74A4: KHTMLPart::handleMousePressEventDoubleClick(khtml::MouseDoubleClickEvent*) (khtml_part.cpp:6185) ==30114== by 0xBCB808C: KHTMLPart::khtmlMouseDoubleClickEvent(khtml::MouseDoubleClickEvent*) (khtml_part.cpp:6317) ==30114== by 0xBCB6F20: KHTMLPart::customEvent(QEvent*) (khtml_part.cpp:6064) ==30114== by 0x50E1E1B: QObject::event(QEvent*) (qobject.cpp:1248) ==30114== by 0x53DE683: QApplicationPrivate::notify_helper(QObject*, QEvent*) (qapplication.cpp:4462) ==30114== by 0x53E7426: QApplication::notify(QObject*, QEvent*) (qapplication.cpp:3862) ==30114== Address 0xfb50062 is 0 bytes after a block of size 10 alloc'd ==30114== at 0x4028679: operator new[](unsigned int) (in /usr/lib/valgrind/vgpreload_memcheck-x86-linux.so) ==30114== by 0xBFB4C6F: DOM::DOMString::DOMString(QChar const*, unsigned int) (dom_string.cpp:32) ==30114== by 0xBF0ABE4: KJS::UString::domString() const (kjs_binding.cpp:214) ==30114== by 0xBF120C6: DOMDocumentProtoFunc::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List const&) (kjs_dom.cpp:1089) ==30114== by 0xBF50B90: KJS::JSObject::call(KJS::ExecState*, KJS::JSObject*, KJS::List const&) (object.h:626) ==30114== by 0xC4A1B6B: KJS::Machine::runBlock(KJS::ExecState*, WTF::Vector<unsigned char, 0u> const&, KJS::ExecState*) (codes.def:1223) ==30114== by 0xC475A61: KJS::FunctionImp::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List const&) (function.cpp:172) ==30114== by 0xBF50B90: KJS::JSObject::call(KJS::ExecState*, KJS::JSObject*, KJS::List const&) (object.h:626) ==30114== by 0xC4A1B6B: KJS::Machine::runBlock(KJS::ExecState*, WTF::Vector<unsigned char, 0u> const&, KJS::ExecState*) (codes.def:1223) ==30114== by 0xC475A61: KJS::FunctionImp::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List const&) (function.cpp:172) ==30114== by 0xBF50B90: KJS::JSObject::call(KJS::ExecState*, KJS::JSObject*, KJS::List const&) (object.h:626) ==30114== by 0xC4A1B6B: KJS::Machine::runBlock(KJS::ExecState*, WTF::Vector<unsigned char, 0u> const&, KJS::ExecState*) (codes.def:1223) ==30114== by 0xC475A61: KJS::FunctionImp::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List const&) (function.cpp:172) ==30114== by 0xBF50B90: KJS::JSObject::call(KJS::ExecState*, KJS::JSObject*, KJS::List const&) (object.h:626) ==30114== by 0xC4A1B6B: KJS::Machine::runBlock(KJS::ExecState*, WTF::Vector<unsigned char, 0u> const&, KJS::ExecState*) (codes.def:1223) ==30114== by 0xC475A61: KJS::FunctionImp::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List const&) (function.cpp:172) ==30114== by 0xBF50B90: KJS::JSObject::call(KJS::ExecState*, KJS::JSObject*, KJS::List const&) (object.h:626) ==30114== by 0xC4A1B6B: KJS::Machine::runBlock(KJS::ExecState*, WTF::Vector<unsigned char, 0u> const&, KJS::ExecState*) (codes.def:1223) ==30114== by 0xC475A61: KJS::FunctionImp::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List const&) (function.cpp:172) ==30114== by 0xBF50B90: KJS::JSObject::call(KJS::ExecState*, KJS::JSObject*, KJS::List const&) (object.h:626) ==30114== by 0xC4A1B6B: KJS::Machine::runBlock(KJS::ExecState*, WTF::Vector<unsigned char, 0u> const&, KJS::ExecState*) (codes.def:1223) ==30114== by 0xC475A61: KJS::FunctionImp::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List const&) (function.cpp:172) ==30114== by 0xBF50B90: KJS::JSObject::call(KJS::ExecState*, KJS::JSObject*, KJS::List const&) (object.h:626) ==30114== by 0xC4A1B6B: KJS::Machine::runBlock(KJS::ExecState*, WTF::Vector<unsigned char, 0u> const&, KJS::ExecState*) (codes.def:1223) ==30114== by 0xC475A61: KJS::FunctionImp::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List const&) (function.cpp:172) ==30114== by 0xBF50B90: KJS::JSObject::call(KJS::ExecState*, KJS::JSObject*, KJS::List const&) (object.h:626) ==30114== by 0xC45D600: KJS::FunctionProtoFunc::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List const&) (function_object.cpp:123) ==30114== by 0xBF50B90: KJS::JSObject::call(KJS::ExecState*, KJS::JSObject*, KJS::List const&) (object.h:626) ==30114== by 0xC4A1B6B: KJS::Machine::runBlock(KJS::ExecState*, WTF::Vector<unsigned char, 0u> const&, KJS::ExecState*) (codes.def:1223) ==30114== by 0xC475A61: KJS::FunctionImp::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List const&) (function.cpp:172) ==30114== by 0xBF50B90: KJS::JSObject::call(KJS::ExecState*, KJS::JSObject*, KJS::List const&) (object.h:626) ==30114== by 0xC4A1B6B: KJS::Machine::runBlock(KJS::ExecState*, WTF::Vector<unsigned char, 0u> const&, KJS::ExecState*) (codes.def:1223) ==30114== by 0xC475A61: KJS::FunctionImp::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List const&) (function.cpp:172) ==30114== by 0xBF50B90: KJS::JSObject::call(KJS::ExecState*, KJS::JSObject*, KJS::List const&) (object.h:626) ==30114== by 0xC45D600: KJS::FunctionProtoFunc::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List const&) (function_object.cpp:123) ==30114== by 0xBF50B90: KJS::JSObject::call(KJS::ExecState*, KJS::JSObject*, KJS::List const&) (object.h:626) ==30114== by 0xC4A1B6B: KJS::Machine::runBlock(KJS::ExecState*, WTF::Vector<unsigned char, 0u> const&, KJS::ExecState*) (codes.def:1223) ==30114== by 0xC475A61: KJS::FunctionImp::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List const&) (function.cpp:172) ==30114== by 0xBF50B90: KJS::JSObject::call(KJS::ExecState*, KJS::JSObject*, KJS::List const&) (object.h:626) ==30114== by 0xC45D600: KJS::FunctionProtoFunc::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List const&) (function_object.cpp:123) ==30114== by 0xBF50B90: KJS::JSObject::call(KJS::ExecState*, KJS::JSObject*, KJS::List const&) (object.h:626) ==30114== by 0xC4A1B6B: KJS::Machine::runBlock(KJS::ExecState*, WTF::Vector<unsigned char, 0u> const&, KJS::ExecState*) (codes.def:1223) ==30114== by 0xC475A61: KJS::FunctionImp::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List const&) (function.cpp:172) ==30114== by 0xBF50B90: KJS::JSObject::call(KJS::ExecState*, KJS::JSObject*, KJS::List const&) (object.h:626) ==30114== by 0xC4A1B6B: KJS::Machine::runBlock(KJS::ExecState*, WTF::Vector<unsigned char, 0u> const&, KJS::ExecState*) (codes.def:1223) ==30114== by 0xC475A61: KJS::FunctionImp::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List const&) (function.cpp:172) ==30114== by 0xBF50B90: KJS::JSObject::call(KJS::ExecState*, KJS::JSObject*, KJS::List const&) (object.h:626) ==30114== by 0xBF4D0B3: KJS::ScheduledAction::execute(KJS::Window*) (kjs_window.cpp:2283) ==30114== by 0xBF4DD76: KJS::WindowQObject::timerEvent(QTimerEvent*) (kjs_window.cpp:2458) ==30114== by 0x50E1C03: QObject::event(QEvent*) (qobject.cpp:1181) ==30114== Invalid read of size 4 ==30114== at 0xBF0BBC4: KJS::JSValue::type() const (value.h:452) ==30114== by 0xBF95B67: KJS::cloneInternal(KJS::ExecState*, KJS::Interpreter*, KJS::JSValue*, QSet<KJS::JSObject*>&) (kjs_data.cpp:37) ==30114== by 0xBF95EA1: KJS::encapsulateMessageEventData(KJS::ExecState*, KJS::Interpreter*, KJS::JSValue*) (kjs_data.cpp:117) ==30114== by 0xBF962F2: KJS::DelayedPostMessage::execute(KJS::Window*) (kjs_data.cpp:169) ==30114== by 0xBF46252: KJS::Window::afterScriptExecution() (kjs_window.cpp:1327) ==30114== by 0xBF4DEC6: KJS::WindowQObject::timerEvent(QTimerEvent*) (kjs_window.cpp:2481) ==30114== by 0x50E1C03: QObject::event(QEvent*) (qobject.cpp:1181) ==30114== by 0x53DE683: QApplicationPrivate::notify_helper(QObject*, QEvent*) (qapplication.cpp:4462) ==30114== by 0x53E7426: QApplication::notify(QObject*, QEvent*) (qapplication.cpp:3862) ==30114== Address 0x8 is not stack'd, malloc'd or (recently) free'd *** Bug 278507 has been marked as a duplicate of this bug. *** Created attachment 62761 [details] New crash information added by DrKonqi konqueror (4.7.00 (4.7.0)) on KDE Platform 4.7.00 (4.7.0) using Qt 4.7.3 - What I was doing when the application crashed: Crash when opening http://www.slate.fr/story/9843/le-voyage-dans-le-temps-pour-les-nuls but cannot be reproduced. -- Backtrace (Reduced): #6 0x00007fee02858806 in type (this=<optimized out>) at /var/tmp/portage/kde-base/kdelibs-4.7.0-r1/work/kdelibs-4.7.0/kjs/value.h:452 #7 KJS::cloneInternal (exec=0x15a4a00, ctx=0x15a49e0, in=0x7fedfd437a80, path=...) at /var/tmp/portage/kde-base/kdelibs-4.7.0-r1/work/kdelibs-4.7.0/khtml/ecma/kjs_data.cpp:37 #8 0x00007fee02858c43 in KJS::encapsulateMessageEventData (exec=0x7fedfd437a80, ctx=0x15a49e0, data=0x7fedfd437a80) at /var/tmp/portage/kde-base/kdelibs-4.7.0-r1/work/kdelibs-4.7.0/khtml/ecma/kjs_data.cpp:117 #9 0x00007fee02858e54 in KJS::DelayedPostMessage::execute (this=0x3cb2ad0, w=<optimized out>) at /var/tmp/portage/kde-base/kdelibs-4.7.0-r1/work/kdelibs-4.7.0/khtml/ecma/kjs_data.cpp:169 #10 0x00007fee028023d3 in KJS::Window::afterScriptExecution (this=0x7fedfff90000) at /var/tmp/portage/kde-base/kdelibs-4.7.0-r1/work/kdelibs-4.7.0/khtml/ecma/kjs_window.cpp:1327 *** Bug 282575 has been marked as a duplicate of this bug. *** *** Bug 281325 has been marked as a duplicate of this bug. *** Created attachment 67216 [details]
New crash information added by DrKonqi
kontact (4.7.4) on KDE Platform 4.7.4 (4.7.4) using Qt 4.7.4
- What I was doing when the application crashed:
Konqueror was in the background when crash occured.
-- Backtrace (Reduced):
#6 0x00007f48ac27d2ca in type (this=0x7f48a2dee2c0) at ../../kjs/value.h:452
#7 KJS::cloneInternal (exec=0x7a78640, ctx=0x7a78620, in=0x7f48a2dee2c0, path=...) at ../../khtml/ecma/kjs_data.cpp:37
#8 0x00007f48ac27d763 in KJS::encapsulateMessageEventData (exec=0x7a78640, ctx=<optimized out>, data=<optimized out>) at ../../khtml/ecma/kjs_data.cpp:117
#9 0x00007f48ac27d955 in KJS::DelayedPostMessage::execute (this=0x43beb40, w=<optimized out>) at ../../khtml/ecma/kjs_data.cpp:169
#10 0x00007f48ac232c8b in KJS::Window::afterScriptExecution (this=0x7f48a5f10280) at ../../khtml/ecma/kjs_window.cpp:1327
*** Bug 291864 has been marked as a duplicate of this bug. *** *** Bug 292308 has been marked as a duplicate of this bug. *** *** Bug 261403 has been marked as a duplicate of this bug. *** *** Bug 244154 has been marked as a duplicate of this bug. *** *** Bug 270652 has been marked as a duplicate of this bug. *** *** Bug 290555 has been marked as a duplicate of this bug. *** *** Bug 262703 has been marked as a duplicate of this bug. *** *** Bug 299672 has been marked as a duplicate of this bug. *** *** Bug 307096 has been marked as a duplicate of this bug. *** *** Bug 307712 has been marked as a duplicate of this bug. *** *** Bug 312751 has been marked as a duplicate of this bug. *** Still reproducible in KDE 4.10 RC2. *** Bug 313800 has been marked as a duplicate of this bug. *** *** Bug 316940 has been marked as a duplicate of this bug. *** *** Bug 317609 has been marked as a duplicate of this bug. *** *** Bug 317776 has been marked as a duplicate of this bug. *** *** Bug 317912 has been marked as a duplicate of this bug. *** *** Bug 316476 has been marked as a duplicate of this bug. *** *** Bug 317981 has been marked as a duplicate of this bug. *** *** Bug 318037 has been marked as a duplicate of this bug. *** *** Bug 318117 has been marked as a duplicate of this bug. *** Created attachment 78978 [details]
New crash information added by DrKonqi
konqueror (4.10.2 "release 553") on KDE Platform 4.10.2 "release 556" using Qt 4.8.4
The crash happened on session login. The webpages restored in the browser window seem to haven been loaded normally.
While the ending frames of this backtrace are the same as in the other crashes this was not triggered by a timer event as it looks like.
-- Backtrace (Reduced):
#6 0x00007f4503980713 in type (this=0x7f44fb2e57c0) at /usr/src/debug/kdelibs-4.10.2/kjs/value.h:452
#7 KJS::cloneInternal (exec=exec@entry=0x36b6840, ctx=ctx@entry=0x36b6820, in=in@entry=0x7f44fb2e57c0, path=...) at /usr/src/debug/kdelibs-4.10.2/khtml/ecma/kjs_data.cpp:37
#8 0x00007f4503980a73 in KJS::encapsulateMessageEventData (exec=0x36b6840, ctx=ctx@entry=0x36b6820, data=data@entry=0x7f44fb2e57c0) at /usr/src/debug/kdelibs-4.10.2/khtml/ecma/kjs_data.cpp:117
#9 0x00007f4503980c78 in KJS::DelayedPostMessage::execute (this=0x2a74040, w=<optimized out>) at /usr/src/debug/kdelibs-4.10.2/khtml/ecma/kjs_data.cpp:169
#10 0x00007f4503936c0b in KJS::Window::afterScriptExecution (this=0x7f4503e70280) at /usr/src/debug/kdelibs-4.10.2/khtml/ecma/kjs_window.cpp:1337
Created attachment 79536 [details]
New crash information added by DrKonqi
konqueror (4.10.2) on KDE Platform 4.10.2 using Qt 4.8.2
- What I was doing when the application crashed:
I was not surfing facebook. Probably the crash occured while opening link from google results page in a new tab.
-- Backtrace (Reduced):
#7 0xb1e84930 in type (this=0xb08ef500) at ../../kjs/value.h:452
#8 KJS::cloneInternal (exec=exec@entry=0xaa0e030, ctx=ctx@entry=0xaa0e020, in=in@entry=0xb08ef500, path=...) at ../../khtml/ecma/kjs_data.cpp:37
#9 0xb1e84d2d in KJS::encapsulateMessageEventData (exec=0xaa0e030, ctx=0xaa0e020, data=0xb08ef500) at ../../khtml/ecma/kjs_data.cpp:117
#10 0xb1e84f1b in KJS::DelayedPostMessage::execute (this=0xa788858, w=0x0) at ../../khtml/ecma/kjs_data.cpp:169
#11 0xb1e31804 in KJS::Window::afterScriptExecution (this=0xae573520) at ../../khtml/ecma/kjs_window.cpp:1549
Crash still happens with 4.10.3 Rückverfolgung des Absturzes: Application: Akregator (akregator), signal: Segmentation fault Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1". [Current thread is 1 (Thread 0x7f2fbe8177c0 (LWP 2377))] Thread 2 (Thread 0x7f2f7d327700 (LWP 2548)): #0 0x00007f2fbb3d43cd in poll () at ../sysdeps/unix/syscall-template.S:81 #1 0x00007f2fb5d521dc in g_main_context_poll (n_fds=1, fds=0x7f2f74002660, timeout=-1, context=0x7f2f74000bb0, priority=<optimized out>) at /build/buildd/glib2.0-2.36.0/./glib/gmain.c:3995 #2 g_main_context_iterate (context=context@entry=0x7f2f74000bb0, block=block@entry=1, dispatch=dispatch@entry=1, self=<optimized out>) at /build/buildd/glib2.0-2.36.0/./glib/gmain.c:3696 #3 0x00007f2fb5d52304 in g_main_context_iteration (context=0x7f2f74000bb0, may_block=1) at /build/buildd/glib2.0-2.36.0/./glib/gmain.c:3762 #4 0x00007f2fbbfea036 in QEventDispatcherGlib::processEvents (this=0x7f2f740024f0, flags=...) at kernel/qeventdispatcher_glib.cpp:426 #5 0x00007f2fbbfba38f in QEventLoop::processEvents (this=this@entry=0x7f2f7d326d90, flags=...) at kernel/qeventloop.cpp:149 #6 0x00007f2fbbfba618 in QEventLoop::exec (this=this@entry=0x7f2f7d326d90, flags=...) at kernel/qeventloop.cpp:204 #7 0x00007f2fbbebc410 in QThread::exec (this=this@entry=0x233a9920) at thread/qthread.cpp:542 #8 0x00007f2fbbf9bedf in QInotifyFileSystemWatcherEngine::run (this=0x233a9920) at io/qfilesystemwatcher_inotify.cpp:256 #9 0x00007f2fbbebebec in QThreadPrivate::start (arg=0x233a9920) at thread/qthread_unix.cpp:338 #10 0x00007f2fb6224f8e in start_thread (arg=0x7f2f7d327700) at pthread_create.c:311 #11 0x00007f2fbb3e0e1d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:113 Thread 1 (Thread 0x7f2fbe8177c0 (LWP 2377)): [KCrash Handler] #6 0x00007f2fb8697373 in type (this=0x7f2f91d0ddc0) at ../../kjs/value.h:452 #7 KJS::cloneInternal (exec=exec@entry=0x3ea6f5c0, ctx=ctx@entry=0x3ea6f5a0, in=in@entry=0x7f2f91d0ddc0, path=...) at ../../khtml/ecma/kjs_data.cpp:37 #8 0x00007f2fb86976d3 in KJS::encapsulateMessageEventData (exec=0x3ea6f5c0, ctx=ctx@entry=0x3ea6f5a0, data=data@entry=0x7f2f91d0ddc0) at ../../khtml/ecma/kjs_data.cpp:117 #9 0x00007f2fb8697948 in KJS::DelayedPostMessage::execute (this=0x19b2d230, w=<optimized out>) at ../../khtml/ecma/kjs_data.cpp:169 #10 0x00007f2fb864605b in KJS::Window::afterScriptExecution (this=this@entry=0x7f2f99783e80) at ../../khtml/ecma/kjs_window.cpp:1337 #11 0x00007f2fb865b03d in KJSProxy::evaluate (this=this@entry=0x3e3cb480, filename=..., baseLine=baseLine@entry=1, str=..., n=..., completion=completion@entry=0x7fff7cd371f0) at ../../khtml/ecma/kjs_proxy.cpp:138 #12 0x00007f2fb84165d9 in KHTMLPart::executeScript (this=this@entry=0x3e4e3d80, n=..., script=...) at ../../khtml/khtml_part.cpp:1336 #13 0x00007f2fb86961d2 in KJS::KHTMLPartScriptable::evaluateScript (this=<optimized out>, caller=<optimized out>, contextObjectId=<optimized out>, code=..., lang=<optimized out>) at ../../khtml/ecma/kjs_scriptable.cpp:891 #14 0x00007f2fbe44e8c0 in KParts::ScriptableLiveConnectExtension::liveConnectEvent (this=0x3ea63c90, event=..., args=...) at ../../kparts/scriptableextension.cpp:427 #15 0x00007f2fbbfd00ef in QMetaObject::activate (sender=sender@entry=0x28d204c0, m=m@entry=0x7f2f931ae560 <PluginLiveConnectExtension::staticMetaObject>, local_signal_index=local_signal_index@entry=0, argv=argv@entry=0x7fff7cd37530) at kernel/qobject.cpp:3539 #16 0x00007f2f92f9e249 in PluginLiveConnectExtension::partEvent (this=this@entry=0x28d204c0, _t1=_t1@entry=0, _t2=..., _t3=...) at ./plugin_part.moc:321 #17 0x00007f2f92f9f8e9 in PluginLiveConnectExtension::evalJavaScript (this=0x28d204c0, script=...) at ../../nsplugins/plugin_part.cpp:137 #18 0x00007f2f92f9fa6c in PluginPart::evalJavaScript (this=0x1178fca0, id=3, script=...) at ../../nsplugins/plugin_part.cpp:375 #19 0x00007f2f92fa7bab in CallBackAdaptor::qt_metacall (this=0x3d5547a0, _c=QMetaObject::InvokeMetaMethod, _id=<optimized out>, _a=0x7fff7cd37860) at callbackadaptor.moc:121 #20 0x00007f2fbbbec063 in QDBusConnectionPrivate::deliverCall (this=this@entry=0x1a1c5b0, object=object@entry=0x3d5547a0, msg=..., metaTypes=..., slotIdx=4) at qdbusintegrator.cpp:951 #21 0x00007f2fbbbec886 in QDBusConnectionPrivate::activateCall (this=this@entry=0x1a1c5b0, object=0x3d5547a0, flags=flags@entry=273, msg=...) at qdbusintegrator.cpp:856 #22 0x00007f2fbbbed2cf in QDBusConnectionPrivate::activateObject (this=0x1a1c5b0, node=..., msg=..., pathStartPos=<optimized out>) at qdbusintegrator.cpp:1427 #23 0x00007f2fbbbed3ab in QDBusActivateObjectEvent::placeMetaCall (this=0x20469b40) at qdbusintegrator.cpp:1541 #24 0x00007f2fbbfd55be in QObject::event (this=0x1178fca0, e=<optimized out>) at kernel/qobject.cpp:1194 #25 0x00007f2fbc9a48ec in QApplicationPrivate::notify_helper (this=this@entry=0x1a38a50, receiver=receiver@entry=0x1178fca0, e=e@entry=0x20469b40) at kernel/qapplication.cpp:4567 #26 0x00007f2fbc9a725b in QApplication::notify (this=this@entry=0x7fff7cd385a0, receiver=receiver@entry=0x1178fca0, e=e@entry=0x20469b40) at kernel/qapplication.cpp:4428 #27 0x00007f2fbd6b1af6 in KApplication::notify (this=0x7fff7cd385a0, receiver=0x1178fca0, event=0x20469b40) at ../../kdeui/kernel/kapplication.cpp:311 #28 0x00007f2fbbfbb63e in QCoreApplication::notifyInternal (this=0x7fff7cd385a0, receiver=receiver@entry=0x1178fca0, event=event@entry=0x20469b40) at kernel/qcoreapplication.cpp:946 #29 0x00007f2fbbfbf171 in sendEvent (event=0x20469b40, receiver=0x1178fca0) at ../../include/QtCore/../../src/corelib/kernel/qcoreapplication.h:231 #30 QCoreApplicationPrivate::sendPostedEvents (receiver=receiver@entry=0x0, event_type=event_type@entry=0, data=0x19f3220) at kernel/qcoreapplication.cpp:1570 #31 0x00007f2fbbfbf4a3 in QCoreApplication::sendPostedEvents (receiver=receiver@entry=0x0, event_type=event_type@entry=0) at kernel/qcoreapplication.cpp:1463 #32 0x00007f2fbbfe9e83 in sendPostedEvents () at ../../include/QtCore/../../src/corelib/kernel/qcoreapplication.h:236 #33 postEventSourceDispatch (s=s@entry=0x1a36740) at kernel/qeventdispatcher_glib.cpp:279 #34 0x00007f2fb5d51f05 in g_main_dispatch (context=0x1a38f30) at /build/buildd/glib2.0-2.36.0/./glib/gmain.c:3054 #35 g_main_context_dispatch (context=context@entry=0x1a38f30) at /build/buildd/glib2.0-2.36.0/./glib/gmain.c:3630 #36 0x00007f2fb5d52248 in g_main_context_iterate (context=context@entry=0x1a38f30, block=block@entry=1, dispatch=dispatch@entry=1, self=<optimized out>) at /build/buildd/glib2.0-2.36.0/./glib/gmain.c:3701 #37 0x00007f2fb5d52304 in g_main_context_iteration (context=0x1a38f30, may_block=1) at /build/buildd/glib2.0-2.36.0/./glib/gmain.c:3762 #38 0x00007f2fbbfea016 in QEventDispatcherGlib::processEvents (this=0x19f4ab0, flags=...) at kernel/qeventdispatcher_glib.cpp:424 #39 0x00007f2fbca4a1ae in QGuiEventDispatcherGlib::processEvents (this=<optimized out>, flags=...) at kernel/qguieventdispatcher_glib.cpp:204 #40 0x00007f2fbbfba38f in QEventLoop::processEvents (this=this@entry=0x7fff7cd383c0, flags=...) at kernel/qeventloop.cpp:149 #41 0x00007f2fbbfba618 in QEventLoop::exec (this=this@entry=0x7fff7cd383c0, flags=...) at kernel/qeventloop.cpp:204 #42 0x00007f2fbbfbfcf6 in QCoreApplication::exec () at kernel/qcoreapplication.cpp:1218 #43 0x0000000000407ca3 in ?? () #44 0x00007f2fbb308ea5 in __libc_start_main (main=0x407800, argc=5, ubp_av=0x7fff7cd386c8, init=<optimized out>, fini=<optimized out>, rtld_fini=<optimized out>, stack_end=0x7fff7cd386b8) at libc-start.c:260 #45 0x0000000000407f8d in _start () Bump also on 4.10.4 Hit it again. Another site with hopefully easier to debug JS code: https://lkml.org/lkml/... I just opened a link to a random post there and got the crash. I got this crash in trunk (which is to become 4.11) when opening http://www.wired.com/wiredscience/2013/06/voyager-unexpected-region/ *** Bug 321757 has been marked as a duplicate of this bug. *** Is it possible to get a statement from a developer/maintainer, on whether this has a chance of getting fixed? This issue combined with https://bugs.kde.org/show_bug.cgi?id=294707 renders Akregator practically useless. If the timeframe for a possible solution is too far in the future, I might instead try to compile qtwebkit 2.3. *** Bug 323585 has been marked as a duplicate of this bug. *** *** Bug 324571 has been marked as a duplicate of this bug. *** *** Bug 324696 has been marked as a duplicate of this bug. *** Created attachment 82249 [details] New crash information added by DrKonqi konqueror (4.10.5) on KDE Platform 4.10.5 using Qt 4.8.5 Konqueror often (but not always) crashes on opennet.ru. Example URL: http://www.opennet.ru/opennews/art.shtml?num=37866 -- Backtrace (Reduced): #7 0xb1e47344 in type (this=0xb0b4c360) at ../../kjs/value.h:452 #8 KJS::cloneInternal (exec=exec@entry=0xb7a4058, ctx=ctx@entry=0xb7a4048, in=in@entry=0xb0b4c360, path=...) at ../../khtml/ecma/kjs_data.cpp:37 #9 0xb1e47781 in KJS::encapsulateMessageEventData (exec=0xb7a4058, ctx=0xb7a4048, data=0xb0b4c360) at ../../khtml/ecma/kjs_data.cpp:117 #10 0xb1e4796d in KJS::DelayedPostMessage::execute (this=0xdb93460, w=0xb06e0000) at ../../khtml/ecma/kjs_data.cpp:169 #11 0xb1def2fc in KJS::Window::afterScriptExecution (this=0xb06e0000) at ../../khtml/ecma/kjs_window.cpp:1337 *** Bug 324773 has been marked as a duplicate of this bug. *** *** Bug 325355 has been marked as a duplicate of this bug. *** Created attachment 82593 [details]
New crash information added by DrKonqi
konqueror (4.11.1) on KDE Platform 4.11.1 using Qt 4.8.5
I got this crash when opening the KDE 4.11.2 from the announcement page.
-- Backtrace (Reduced):
#6 0x00007fd9eb25fd03 in type (this=0x7fd9e808e540) at /usr/src/debug/kdelibs-4.11.1/kjs/value.h:452
#7 KJS::cloneInternal (exec=exec@entry=0x2606e60, ctx=ctx@entry=0x2606e40, in=in@entry=0x7fd9e808e540, path=...) at /usr/src/debug/kdelibs-4.11.1/khtml/ecma/kjs_data.cpp:37
#8 0x00007fd9eb260073 in KJS::encapsulateMessageEventData (exec=0x2606e60, ctx=ctx@entry=0x2606e40, data=data@entry=0x7fd9e808e540) at /usr/src/debug/kdelibs-4.11.1/khtml/ecma/kjs_data.cpp:117
#9 0x00007fd9eb260278 in KJS::DelayedPostMessage::execute (this=0x2c19c00, w=<optimized out>) at /usr/src/debug/kdelibs-4.11.1/khtml/ecma/kjs_data.cpp:169
#10 0x00007fd9eb213e2b in KJS::Window::afterScriptExecution (this=0x7fd9f06d0000) at /usr/src/debug/kdelibs-4.11.1/khtml/ecma/kjs_window.cpp:1549
Git commit 8dabd6ac70d8f7b3690d0e7cdbe9cc66ba337251 by Bernd Buschinski. Committed on 28/09/2013 at 21:02. Pushed by buschinski into branch 'KDE/4.11'. khtml/ecma: Protect the value in DelayedPostMessage, the "gc" might clean it before we use it I hope this fixes Bug 264526, but the lack of a 100% reproduceable testcase makes it difficult to confirm. M +1 -1 khtml/ecma/kjs_data.h http://commits.kde.org/kdelibs/8dabd6ac70d8f7b3690d0e7cdbe9cc66ba337251 *** Bug 325578 has been marked as a duplicate of this bug. *** Created attachment 82656 [details] New crash information added by DrKonqi konqueror (4.11.1) on KDE Platform 4.11.1 using Qt 4.8.5 well, this seems reproducible for me - I just got three crashes in three tries ... it happens when opening this link: http://www.czc.cz/fractal-define-xl-usb-3-0-titanium-grey/102829/produkt from an email displayed in Trojitá -- Backtrace (Reduced): #5 0x000000325f6bde43 in type (this=0x7f87b3af83c0) at /usr/src/debug/kdelibs-4.11.1/kjs/value.h:452 #6 KJS::cloneInternal (exec=exec@entry=0x12a5db0, ctx=ctx@entry=0x12a5d90, in=in@entry=0x7f87b3af83c0, path=...) at /usr/src/debug/kdelibs-4.11.1/khtml/ecma/kjs_data.cpp:37 #7 0x000000325f6be24b in KJS::encapsulateMessageEventData (exec=0x12a5db0, ctx=ctx@entry=0x12a5d90, data=data@entry=0x7f87b3af83c0) at /usr/src/debug/kdelibs-4.11.1/khtml/ecma/kjs_data.cpp:117 #8 0x000000325f6be435 in KJS::DelayedPostMessage::execute (this=0x6318b60, w=<optimized out>) at /usr/src/debug/kdelibs-4.11.1/khtml/ecma/kjs_data.cpp:169 #9 0x000000325f6691cb in KJS::Window::afterScriptExecution (this=0x7f87b3e00000) at /usr/src/debug/kdelibs-4.11.1/khtml/ecma/kjs_window.cpp:1549 > http://commits.kde.org/kdelibs/8dabd6ac70d8f7b3690d0e7cdbe9cc66ba337251 The patch works for me. Konqueror on my machine used to crash reproducibly when opening http://www.opennet.ru/opennews/art.shtml?num=37866. I've repeatedly tried opening that page with both patched and unpatched libkhtml, and the unpatched version still crashes every time, while with the patched one the crashing stopped. Just as a data point, the page http://www.opennet.ru/opennews/art.shtml?num=37866 does not crash Konqueror in KDE 4.11.2 I don't know if the referenced patch has been merged into 4.11.2 or not. (In reply to comment #61) > I don't know if the referenced patch has been merged into 4.11.2 or not. No, unless the distribution you are using did. (In reply to comment #62) > (In reply to comment #61) > > I don't know if the referenced patch has been merged into 4.11.2 or not. > No, unless the distribution you are using did. These are the packages from https://launchpad.net/~kubuntu-ppa/+archive/backports As far as I know, they are pretty much stock code + Kubuntu additions. I don't think they cherry pick upstream patches. *** Bug 325767 has been marked as a duplicate of this bug. *** *** Bug 325870 has been marked as a duplicate of this bug. *** *** Bug 325910 has been marked as a duplicate of this bug. *** *** Bug 326588 has been marked as a duplicate of this bug. *** *** Bug 327039 has been marked as a duplicate of this bug. *** *** Bug 325910 has been marked as a duplicate of this bug. *** *** Bug 327371 has been marked as a duplicate of this bug. *** *** Bug 327372 has been marked as a duplicate of this bug. *** *** Bug 327517 has been marked as a duplicate of this bug. *** *** Bug 325910 has been marked as a duplicate of this bug. *** *** Bug 330717 has been marked as a duplicate of this bug. *** *** Bug 334682 has been marked as a duplicate of this bug. *** *** Bug 336760 has been marked as a duplicate of this bug. *** *** Bug 328266 has been marked as a duplicate of this bug. *** |