Bug 336017

Summary: crash when clicking on a link on a page from Agilent.com
Product: [Frameworks and Libraries] kwebkitpart Reporter: Gahn Hye Nun <sanzoh>
Component: generalAssignee: webkit-devel
Status: RESOLVED WORKSFORME    
Severity: crash Keywords: drkonqi
Priority: NOR    
Version: unspecified   
Target Milestone: ---   
Platform: Fedora RPMs   
OS: Linux   
Latest Commit: Version Fixed In:
Sentry Crash Report:

Description Gahn Hye Nun 2014-06-09 23:18:53 UTC 
Application: konqueror (4.11.5)
KDE Platform Version: 4.11.5
Qt Version: 4.8.6
Operating System: Linux 3.14.4-100.fc19.x86_64 x86_64
Distribution (Platform): Fedora RPMs

-- Information about the crash:
- What I was doing when the application crashed:
1. Go to this page:http://www.home.agilent.com/zh-CN/pc-1000001736:epsg:pgr/oscilloscope?nid=-536902447.0&cc=CN&lc=chi

2. Because I live in China, so if any pop-up dialogue from upper right corner of my screen, I will surely confirm that "I am from China Indeed."

3. Back to the crashing. There is a region labelled [新增内容(updated contents, maybe)], within which is a hyperlink displayed as [升级到旗舰示波器(upgrade to our flagship oscilloscope)], CLICK IT AND BOOMMM..
4. That's it. It's repeat-able.

The crash can be reproduced every time.

-- Backtrace:
Application: Konqueror (konqueror), signal: Aborted
Using host libthread_db library "/lib64/libthread_db.so.1".
81	T_PSEUDO (SYSCALL_SYMBOL, SYSCALL_NAME, SYSCALL_NARGS)
[Current thread is 1 (Thread 0x7f96315528c0 (LWP 30223))]

Thread 11 (Thread 0x7f96234ff700 (LWP 30224)):
#0  0x0000003205686eda in g_mutex_get_impl (mutex=0x7f961c0009a0) at gthread-posix.c:121
#1  0x0000003205687189 in g_mutex_lock (mutex=mutex@entry=0x7f961c0009a0) at gthread-posix.c:210
#2  0x0000003205648069 in g_main_context_iterate (context=context@entry=0x7f961c0009a0, block=block@entry=1, dispatch=dispatch@entry=1, self=<optimized out>) at gmain.c:3705
#3  0x00000032056481bc in g_main_context_iteration (context=0x7f961c0009a0, may_block=1) at gmain.c:3762
#4  0x00000035c27a9966 in QEventDispatcherGlib::processEvents (this=0x7f961c0008c0, flags=...) at kernel/qeventdispatcher_glib.cpp:427
#5  0x00000035c277b5af in QEventLoop::processEvents (this=this@entry=0x7f96234fece0, flags=...) at kernel/qeventloop.cpp:149
#6  0x00000035c277b8a5 in QEventLoop::exec (this=this@entry=0x7f96234fece0, flags=...) at kernel/qeventloop.cpp:204
#7  0x00000035c2678d2f in QThread::exec (this=this@entry=0x1f0cf60) at thread/qthread.cpp:538
#8  0x00000035c275ce63 in QInotifyFileSystemWatcherEngine::run (this=0x1f0cf60) at io/qfilesystemwatcher_inotify.cpp:265
#9  0x00000035c267b3ff in QThreadPrivate::start (arg=0x1f0cf60) at thread/qthread_unix.cpp:349
#10 0x0000003445407c53 in start_thread (arg=0x7f96234ff700) at pthread_create.c:308
#11 0x00000034448f5dbd in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:113

Thread 10 (Thread 0x7f95dbffd700 (LWP 30226)):
#0  0x00000035c27a995f in QEventDispatcherGlib::processEvents (this=0x7f95d40008c0, flags=...) at kernel/qeventdispatcher_glib.cpp:427
#1  0x00000035c277b5af in QEventLoop::processEvents (this=this@entry=0x7f95dbffcd20, flags=...) at kernel/qeventloop.cpp:149
#2  0x00000035c277b8a5 in QEventLoop::exec (this=this@entry=0x7f95dbffcd20, flags=...) at kernel/qeventloop.cpp:204
#3  0x00000035c2678d2f in QThread::exec (this=<optimized out>) at thread/qthread.cpp:538
#4  0x00000035c267b3ff in QThreadPrivate::start (arg=0x2750fa0) at thread/qthread_unix.cpp:349
#5  0x0000003445407c53 in start_thread (arg=0x7f95dbffd700) at pthread_create.c:308
#6  0x00000034448f5dbd in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:113

Thread 9 (Thread 0x7f95db11d700 (LWP 30244)):
#0  pthread_cond_wait@@GLIBC_2.3.2 () at ../nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_wait.S:185
#1  0x000000397000d95d in JSC::BlockAllocator::blockFreeingThreadMain (this=0x306c728) at /usr/src/debug/webkit-qtwebkit-23/Source/JavaScriptCore/heap/BlockAllocator.cpp:128
#2  0x00000039702f2916 in WTF::wtfThreadEntryPoint (param=0x26fc9f0) at /usr/src/debug/webkit-qtwebkit-23/Source/WTF/wtf/ThreadingPthreads.cpp:196
#3  0x0000003445407c53 in start_thread (arg=0x7f95db11d700) at pthread_create.c:308
#4  0x00000034448f5dbd in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:113

Thread 8 (Thread 0x7f95c28dc700 (LWP 30273)):
#0  pthread_cond_wait@@GLIBC_2.3.2 () at ../nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_wait.S:185
#1  0x00007f95c29440b3 in queue_processor(void*) () from /usr/lib64/IcedTeaPlugin.so
#2  0x0000003445407c53 in start_thread (arg=0x7f95c28dc700) at pthread_create.c:308
#3  0x00000034448f5dbd in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:113

Thread 7 (Thread 0x7f95c20db700 (LWP 30274)):
#0  pthread_cond_wait@@GLIBC_2.3.2 () at ../nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_wait.S:185
#1  0x00007f95c29440b3 in queue_processor(void*) () from /usr/lib64/IcedTeaPlugin.so
#2  0x0000003445407c53 in start_thread (arg=0x7f95c20db700) at pthread_create.c:308
#3  0x00000034448f5dbd in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:113

Thread 6 (Thread 0x7f95c18da700 (LWP 30275)):
#0  pthread_cond_wait@@GLIBC_2.3.2 () at ../nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_wait.S:185
#1  0x00007f95c29440b3 in queue_processor(void*) () from /usr/lib64/IcedTeaPlugin.so
#2  0x0000003445407c53 in start_thread (arg=0x7f95c18da700) at pthread_create.c:308
#3  0x00000034448f5dbd in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:113

Thread 5 (Thread 0x7f95da51c700 (LWP 30333)):
#0  0x000000320568718c in g_mutex_lock (mutex=mutex@entry=0x7f95d00052e0) at gthread-posix.c:210
#1  0x0000003205647627 in g_main_context_prepare (context=context@entry=0x7f95d00052e0, priority=priority@entry=0x7f95da51bba8) at gmain.c:3268
#2  0x0000003205647fd3 in g_main_context_iterate (context=context@entry=0x7f95d00052e0, block=block@entry=1, dispatch=dispatch@entry=1, self=<optimized out>) at gmain.c:3681
#3  0x00000032056481bc in g_main_context_iteration (context=0x7f95d00052e0, may_block=1) at gmain.c:3762
#4  0x00000035c27a9966 in QEventDispatcherGlib::processEvents (this=0x7f95d0002d80, flags=...) at kernel/qeventdispatcher_glib.cpp:427
#5  0x00000035c277b5af in QEventLoop::processEvents (this=this@entry=0x7f95da51bce0, flags=...) at kernel/qeventloop.cpp:149
#6  0x00000035c277b8a5 in QEventLoop::exec (this=this@entry=0x7f95da51bce0, flags=...) at kernel/qeventloop.cpp:204
#7  0x00000035c2678d2f in QThread::exec (this=this@entry=0x829a040) at thread/qthread.cpp:538
#8  0x000000396c7a6fce in KIO::NameLookUpThread::run (this=0x829a040) at /usr/src/debug/kdelibs-4.11.5/kio/kio/hostinfo.cpp:226
#9  0x00000035c267b3ff in QThreadPrivate::start (arg=0x829a040) at thread/qthread_unix.cpp:349
#10 0x0000003445407c53 in start_thread (arg=0x7f95da51c700) at pthread_create.c:308
#11 0x00000034448f5dbd in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:113

Thread 4 (Thread 0x7f95c0eb5700 (LWP 30484)):
#0  pthread_cond_wait@@GLIBC_2.3.2 () at ../nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_wait.S:185
#1  0x00000039702d792c in WTF::ParallelEnvironment::ThreadPrivate::workerThread (threadData=0xa9810e0) at /usr/src/debug/webkit-qtwebkit-23/Source/WTF/wtf/ParallelJobsGeneric.cpp:137
#2  0x00000039702f2916 in WTF::wtfThreadEntryPoint (param=0x46d1f60) at /usr/src/debug/webkit-qtwebkit-23/Source/WTF/wtf/ThreadingPthreads.cpp:196
#3  0x0000003445407c53 in start_thread (arg=0x7f95c0eb5700) at pthread_create.c:308
#4  0x00000034448f5dbd in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:113

Thread 3 (Thread 0x7f95d9246700 (LWP 30485)):
#0  pthread_cond_wait@@GLIBC_2.3.2 () at ../nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_wait.S:185
#1  0x00000039702d792c in WTF::ParallelEnvironment::ThreadPrivate::workerThread (threadData=0x42f1120) at /usr/src/debug/webkit-qtwebkit-23/Source/WTF/wtf/ParallelJobsGeneric.cpp:137
#2  0x00000039702f2916 in WTF::wtfThreadEntryPoint (param=0x9fc3690) at /usr/src/debug/webkit-qtwebkit-23/Source/WTF/wtf/ThreadingPthreads.cpp:196
#3  0x0000003445407c53 in start_thread (arg=0x7f95d9246700) at pthread_create.c:308
#4  0x00000034448f5dbd in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:113

Thread 2 (Thread 0x7f95d8a45700 (LWP 30486)):
#0  pthread_cond_wait@@GLIBC_2.3.2 () at ../nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_wait.S:185
#1  0x00000039702d792c in WTF::ParallelEnvironment::ThreadPrivate::workerThread (threadData=0x83ae240) at /usr/src/debug/webkit-qtwebkit-23/Source/WTF/wtf/ParallelJobsGeneric.cpp:137
#2  0x00000039702f2916 in WTF::wtfThreadEntryPoint (param=0x74cc0a0) at /usr/src/debug/webkit-qtwebkit-23/Source/WTF/wtf/ThreadingPthreads.cpp:196
#3  0x0000003445407c53 in start_thread (arg=0x7f95d8a45700) at pthread_create.c:308
#4  0x00000034448f5dbd in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:113

Thread 1 (Thread 0x7f96315528c0 (LWP 30223)):
[KCrash Handler]
#6  0x00000034448359e9 in __GI_raise (sig=sig@entry=6) at ../nptl/sysdeps/unix/sysv/linux/raise.c:56
#7  0x00000034448370f8 in __GI_abort () at abort.c:90
#8  0x0000003444875d17 in __libc_message (do_abort=do_abort@entry=2, fmt=fmt@entry=0x344497e568 "*** Error in `%s': %s: 0x%s ***\n") at ../sysdeps/unix/sysv/linux/libc_fatal.c:196
#9  0x000000344487bbe7 in malloc_printerr (action=<optimized out>, str=0x344497e6d8 "malloc(): smallbin double linked list corrupted", ptr=<optimized out>) at malloc.c:4937
#10 0x000000344487e2c4 in _int_malloc (av=0x3444bba780 <main_arena>, bytes=432) at malloc.c:3322
#11 0x000000344488002c in __GI___libc_malloc (bytes=432) at malloc.c:2863
#12 0x00000039702cbae9 in WTF::fastMalloc (n=<optimized out>) at /usr/src/debug/webkit-qtwebkit-23/Source/WTF/wtf/FastMalloc.cpp:269
#13 0x0000003970120acd in allocateBuffer (newCapacity=<optimized out>, this=0x7fff6eee9c48) at /usr/src/debug/webkit-qtwebkit-23/Source/WTF/wtf/Vector.h:258
#14 allocateBuffer (newCapacity=<optimized out>, this=0x7fff6eee9c48) at /usr/src/debug/webkit-qtwebkit-23/Source/WTF/wtf/Vector.h:412
#15 reserveCapacity (newCapacity=<optimized out>, this=0x7fff6eee9c40) at /usr/src/debug/webkit-qtwebkit-23/Source/WTF/wtf/Vector.h:896
#16 expandCapacity (newMinCapacity=432, this=0x7fff6eee9c40) at /usr/src/debug/webkit-qtwebkit-23/Source/WTF/wtf/Vector.h:813
#17 grow (size=432, this=0x7fff6eee9c40) at /usr/src/debug/webkit-qtwebkit-23/Source/WTF/wtf/Vector.h:883
#18 JSC::AssemblerBuffer::grow (this=this@entry=0x7fff6eee9c40, extraCapacity=0) at /usr/src/debug/webkit-qtwebkit-23/Source/JavaScriptCore/assembler/AssemblerBuffer.h:166
#19 0x000000397012939f in ensureSpace (space=16, this=0x7fff6eee9c40) at /usr/src/debug/webkit-qtwebkit-23/Source/JavaScriptCore/assembler/AssemblerBuffer.h:86
#20 oneByteOp64 (opcode=JSC::X86Assembler::OP_MOV_OvEAX, this=0x7fff6eee9c40) at /usr/src/debug/webkit-qtwebkit-23/Source/JavaScriptCore/assembler/X86Assembler.h:2185
#21 movq_EAXm (addr=0x7f467e8, this=0x7fff6eee9c40) at /usr/src/debug/webkit-qtwebkit-23/Source/JavaScriptCore/assembler/X86Assembler.h:1231
#22 store64 (src=JSC::X86Registers::eax, address=0x7f467e8, this=0x7fff6eee9c40) at /usr/src/debug/webkit-qtwebkit-23/Source/JavaScriptCore/assembler/MacroAssemblerX86_64.h:339
#23 emitValueProfilingSite (valueProfile=<optimized out>, this=0x7fff6eee9c40) at /usr/src/debug/webkit-qtwebkit-23/Source/JavaScriptCore/jit/JITInlines.h:463
#24 emitValueProfilingSite (bytecodeOffset=<optimized out>, this=0x7fff6eee9c40) at /usr/src/debug/webkit-qtwebkit-23/Source/JavaScriptCore/jit/JITInlines.h:490
#25 emitValueProfilingSite (this=0x7fff6eee9c40) at /usr/src/debug/webkit-qtwebkit-23/Source/JavaScriptCore/jit/JITInlines.h:495
#26 JSC::JIT::emit_op_get_by_id (this=this@entry=0x7fff6eee9c40, currentInstruction=currentInstruction@entry=0x5f90e88) at /usr/src/debug/webkit-qtwebkit-23/Source/JavaScriptCore/jit/JITPropertyAccess.cpp:514
#27 0x000000397010bcbd in JSC::JIT::privateCompileMainPass (this=this@entry=0x7fff6eee9c40) at /usr/src/debug/webkit-qtwebkit-23/Source/JavaScriptCore/jit/JIT.cpp:271
#28 0x000000397010e1ea in JSC::JIT::privateCompile (this=this@entry=0x7fff6eee9c40, functionEntryArityCheck=functionEntryArityCheck@entry=0x7f95be9d68f0, effort=effort@entry=JSC::JITCompilationCanFail) at /usr/src/debug/webkit-qtwebkit-23/Source/JavaScriptCore/jit/JIT.cpp:695
#29 0x00000039701fdfbb in JSC::JIT::compile (globalData=globalData@entry=0x306c690, codeBlock=<optimized out>, effort=effort@entry=JSC::JITCompilationCanFail, functionEntryArityCheck=functionEntryArityCheck@entry=0x7f95be9d68f0) at /usr/src/debug/webkit-qtwebkit-23/Source/JavaScriptCore/jit/JIT.h:304
#30 0x00000039701fa2a6 in jitCompileFunctionIfAppropriate (effort=JSC::JITCompilationCanFail, bytecodeIndex=4294967295, jitType=JSC::JITCode::BaselineJIT, jitCodeWithArityCheck=..., jitCode=..., codeBlock=..., exec=<optimized out>) at /usr/src/debug/webkit-qtwebkit-23/Source/JavaScriptCore/jit/JITDriver.h:106
#31 JSC::FunctionExecutable::jitCompileForCall (this=0x7f95be9d68a0, exec=<optimized out>) at /usr/src/debug/webkit-qtwebkit-23/Source/JavaScriptCore/runtime/Executable.cpp:476
#32 0x000000397014b2ed in jitCompile (exec=0x7f95da51d238, this=<optimized out>) at /usr/src/debug/webkit-qtwebkit-23/Source/JavaScriptCore/bytecode/CodeBlock.h:490
#33 jitCompileAndSetHeuristics (exec=0x7f95da51d238, codeBlock=<optimized out>) at /usr/src/debug/webkit-qtwebkit-23/Source/JavaScriptCore/llint/LLIntSlowPaths.cpp:287
#34 JSC::LLInt::llint_replace (exec=0x7f95da51d238, pc=0x5f91120) at /usr/src/debug/webkit-qtwebkit-23/Source/JavaScriptCore/llint/LLIntSlowPaths.cpp:401
#35 0x000000397015d022 in llint_op_ret () from /lib64/libQtWebKit.so.4
#36 0x00007f95be93df10 in ?? ()
#37 0x00007f962376f9c0 in ?? ()
#38 0x0000000000000000 in ?? ()

Possible duplicates by query: bug 336015, bug 335225, bug 335224, bug 333332, bug 333327.

Reported using DrKonqi
Comment 1 Andrew Crouthamel 2018-10-31 04:02:43 UTC 
Dear Bug Submitter,

This bug has been stagnant for a long time. Could you help us out and re-test if the bug is valid in the latest version? I am setting the status to NEEDSINFO pending your response, please change the Status back to REPORTED when you respond.

Thank you for helping us make KDE software even better for everyone!
Comment 2 Bug Janitor Service 2018-11-15 10:47:44 UTC 
Dear Bug Submitter,

This bug has been in NEEDSINFO status with no change for at least
15 days. Please provide the requested information as soon as
possible and set the bug status as REPORTED. Due to regular bug
tracker maintenance, if the bug is still in NEEDSINFO status with
no change in 30 days the bug will be closed as RESOLVED > WORKSFORME
due to lack of needed information.

For more information about our bug triaging procedures please read the
wiki located here:
https://community.kde.org/Guidelines_and_HOWTOs/Bug_triaging

If you have already provided the requested information, please
mark the bug as REPORTED so that the KDE team knows that the bug is
ready to be confirmed.

Thank you for helping us make KDE software even better for everyone!
Comment 3 Bug Janitor Service 2018-11-30 04:00:41 UTC 
This bug has been in NEEDSINFO status with no change for at least
30 days. The bug is now closed as RESOLVED > WORKSFORME
due to lack of needed information.

For more information about our bug triaging procedures please read the
wiki located here:
https://community.kde.org/Guidelines_and_HOWTOs/Bug_triaging

Thank you for helping us make KDE software even better for everyone!