Version: 3.5.7 (using KDE KDE 3.5.7) Installed from: Gentoo Packages Compiler: gcc-4.1.2 OS: Linux Konqueror crashed while I was reading in <http://arstechnica.com/articles/culture/the-pseudoscience-behind-homeopathy.ars/1>. Using host libthread_db library "/lib/libthread_db.so.1". [Thread debugging using libthread_db enabled] [New Thread 47585597240512 (LWP 4780)] [KCrash handler] #5 0x00002b4763b6da19 in KHTMLPart::checkCompleted (this=0x6499070) at /usr/qt/3/include/qvaluelist.h:562 #6 0x00002b4763b7f3a0 in KHTMLPart::processObjectRequest (this=0x6499070, child=0x6723200, _url=<value optimized out>, mimetype=@0x7fff4cbd3010) at khtml_part.cpp:4465 #7 0x00002b4763b7fffb in KHTMLRun::foundMimeType (this=0x67236b0, _type=@0x7fff4cbd3040) at khtml_run.cpp:51 #8 0x00002b475e0294ee in KParts::BrowserRun::slotBrowserMimetype ( this=0x67236b0, _job=<value optimized out>, type=@0x69dad50) at browserrun.cpp:200 #9 0x00002b475e029650 in KParts::BrowserRun::qt_invoke (this=0x67236b0, _id=7, _o=0x7fff4cbd3160) at browserrun.moc:102 #10 0x00002b4763b500c9 in KHTMLRun::qt_invoke (this=0x2b47640d5330, _id=1653284800, _o=0x60000) at khtml_run.moc:77 #11 0x00002b475fad555c in QObject::activate_signal (this=0x6724d00, clist=<value optimized out>, o=0x7fff4cbd3160) at kernel/qobject.cpp:2356 #12 0x00002b475e2d42c1 in KIO::TransferJob::mimetype ( this=<value optimized out>, t0=<value optimized out>, t1=@0x6724f10) at jobclasses.moc:1050 #13 0x00002b475e30d0ac in KIO::TransferJob::qt_invoke (this=0x6724d00, _id=20, _o=0x7fff4cbd3280) at jobclasses.moc:1074 #14 0x00002b475fad555c in QObject::activate_signal (this=0x66444e0, clist=<value optimized out>, o=0x7fff4cbd3280) at kernel/qobject.cpp:2356 #15 0x00002b475fad5e2e in QObject::activate_signal (this=0x66444e0, signal=<value optimized out>, param=<value optimized out>) at kernel/qobject.cpp:2451 #16 0x00002b475e2e1f18 in KIO::SlaveInterface::mimeType (this=0x66444e0, t0=<value optimized out>) at slaveinterface.moc:370 #17 0x00002b475e32c1ba in KIO::SlaveInterface::dispatch (this=0x66444e0, _cmd=21, rawdata=@0x7fff4cbd35c0) at slaveinterface.cpp:338 #18 0x00002b475e323c9d in KIO::SlaveInterface::dispatch (this=0x66444e0) at slaveinterface.cpp:173 #19 0x00002b475e2e33ea in KIO::Slave::gotInput (this=0x2b47640d5330) at slave.cpp:300 #20 0x00002b475e325218 in KIO::Slave::qt_invoke (this=0x66444e0, _id=4, _o=0x7fff4cbd3700) at slave.moc:113 #21 0x00002b475fad555c in QObject::activate_signal (this=0x5e54300, clist=<value optimized out>, o=0x7fff4cbd3700) at kernel/qobject.cpp:2356 #22 0x00002b475fad6135 in QObject::activate_signal (this=0x5e54300, signal=<value optimized out>, param=<value optimized out>) at kernel/qobject.cpp:2449 #23 0x00002b475faefc6b in QSocketNotifier::event (this=0x5e54300, e=0x7fff4cbd3a00) at kernel/qsocketnotifier.cpp:258 #24 0x00002b475fa7efd5 in QApplication::internalNotify ( this=<value optimized out>, receiver=0x5e54300, e=0x7fff4cbd3a00) at kernel/qapplication.cpp:2635 #25 0x00002b475fa7fbd7 in QApplication::notify (this=0x7fff4cbd3d10, receiver=0x5e54300, e=0x7fff4cbd3a00) at kernel/qapplication.cpp:2358 #26 0x00002b475eed350e in KApplication::notify (this=0x7fff4cbd3d10, receiver=0x5e54300, event=0x7fff4cbd3a00) at kapplication.cpp:550 #27 0x00002b475fa751bb in QEventLoop::activateSocketNotifiers (this=0x5c5e20) at kernel/qapplication.h:496 #28 0x00002b475fa35ef3 in QEventLoop::processEvents (this=0x5c5e20, flags=<value optimized out>) at kernel/qeventloop_x11.cpp:383 #29 0x00002b475fa93712 in QEventLoop::enterLoop (this=0x2b47640d5330) at kernel/qeventloop.cpp:198 #30 0x00002b475fa935c2 in QEventLoop::exec (this=0x2b47640d5330) at kernel/qeventloop.cpp:145 #31 0x00002b4762e7c88e in kdemain () from /usr/kde/3.5/lib64/libkdeinit_konqueror.so #32 0x0000000000407786 in launch (argc=3, _name=0x55d898 "konqueror", args=0x55d8e2 "", cwd=0x0, envc=0, envs=0x55d8eb "", reset_env=false, tty=0x0, avoid_loops=false, startup_id_str=0x409f2a "0") at kinit.cpp:673 #33 0x00000000004080d2 in handle_launcher_request (sock=9) at kinit.cpp:1240 #34 0x00000000004084d2 in handle_requests (waitForPid=0) at kinit.cpp:1443 #35 0x00000000004094d3 in main (argc=5, argv=0x7fff4cbd4fd8, envp=0x7fff4cbd5008) at kinit.cpp:1909 #36 0x00002b47627c5584 in __libc_start_main (main=0x408d10 <main>, argc=5, ubp_av=0x7fff4cbd4fd8, init=<value optimized out>, fini=<value optimized out>, rtld_fini=<value optimized out>, stack_end=0x7fff4cbd4fc8) at libc-start.c:229 #37 0x0000000000404dc9 in _start () Current language: auto; currently c
I could not reproduce.
I can reproduce a crash with the given link in a current KDE4 SVN build. (kdelibs r766524, kdebase r766781). However, I get a completely different backtrace. (Maybe a different bug?) Below you can find a GDB backtrace and a Valgrind log for this crash. GDB: Starting program: /usr/kde/svn/bin/konqueror [Thread debugging using libthread_db enabled] [New Thread 0xb637ea10 (LWP 5470)] [New Thread 0xb2c43b90 (LWP 5485)] [New Thread 0xb2442b90 (LWP 5486)] [New Thread 0xb1c41b90 (LWP 5487)] [Thread 0xb1c41b90 (LWP 5487) exited] [Thread 0xb2442b90 (LWP 5486) exited] [Thread 0xb2c43b90 (LWP 5485) exited] Program received signal SIGSEGV, Segmentation fault. [Switching to Thread 0xb637ea10 (LWP 5470)] QString (this=0xbfe0fb2c, other=@0x14) at /usr/include/qt4/QtCore/qstring.h:662 662 inline QString::QString(const QString &other) : d(other.d) #0 QString (this=0xbfe0fb2c, other=@0x14) at /usr/include/qt4/QtCore/qstring.h:662 #1 0xb4a395fc in KJSDebugger::DebugDocument::name (this=0x0) at /var/tmp/portage/kde-base/kdelibs-9999.4/work/kdelibs-9999.4/khtml/ecma/debugger/debugdocument.cpp:60 #2 0xb4a2ff24 in KJSDebugger::DebugWindow::enterContext (this=0x829ad68, exec=0xbfe0fbb8, sourceId=3, lineno=1, function=0xb143f300, args=@0xbfe0fc80) at /var/tmp/portage/kde-base/kdelibs-9999.4/work/kdelibs-9999.4/khtml/ecma/debugger/debugwindow.cpp:673 #3 0xb4c7e378 in KJS::FunctionImp::callAsFunction (this=0xb143f300, exec=0xbfe0fe40, thisObj=0xb2d00040, args=@0xbfe0fc80) at /var/tmp/portage/kde-base/kdelibs-9999.4/work/kdelibs-9999.4/kjs/function.cpp:154 #4 0xb4c858bb in KJS::JSObject::call (this=0xb143f300, exec=0xbfe0fe40, thisObj=0xb2d00040, args=@0xbfe0fc80) at /var/tmp/portage/kde-base/kdelibs-9999.4/work/kdelibs-9999.4/kjs/object.cpp:99 #5 0xb4c42090 in KJS::FunctionCallReferenceNode::evaluate (this=0x8791ad0, exec=0xbfe0fe40) at /var/tmp/portage/kde-base/kdelibs-9999.4/work/kdelibs-9999.4/kjs/nodes.cpp:1038 #6 0xb4c42cc7 in KJS::FunctionCallDotNode::evaluate (this=0x8791b90, exec=0xbfe0fe40) at /var/tmp/portage/kde-base/kdelibs-9999.4/work/kdelibs-9999.4/kjs/nodes.cpp:1117 #7 0xb4c3f7aa in KJS::ExprStatementNode::execute (this=0x8791bb0, exec=0xbfe0fe40) at /var/tmp/portage/kde-base/kdelibs-9999.4/work/kdelibs-9999.4/kjs/nodes.cpp:2168 #8 0xb4c3ed9e in KJS::SourceElementsNode::execute (this=0x88223a0, exec=0xbfe0fe40) at /var/tmp/portage/kde-base/kdelibs-9999.4/work/kdelibs-9999.4/kjs/nodes.cpp:2979 #9 0xb4c3b6cb in KJS::BlockNode::execute (this=0x8791be8, exec=0xbfe0fe40) at /var/tmp/portage/kde-base/kdelibs-9999.4/work/kdelibs-9999.4/kjs/nodes.cpp:2145 #10 0xb4c8ac2a in KJS::Interpreter::evaluate (this=0x83f99b0, sourceURL=@0xbfe0ff40, startingLineNumber=1, code=0x89a76b8, codeLength=11694, thisV=0xb2d00040) at /var/tmp/portage/kde-base/kdelibs-9999.4/work/kdelibs-9999.4/kjs/interpreter.cpp:501 #11 0xb4c8acee in KJS::Interpreter::evaluate (this=0x83f99b0, sourceURL=@0xbfe0ff40, startingLineNumber=1, code=@0xbfe0ff3c, thisV=0xb2d00040) at /var/tmp/portage/kde-base/kdelibs-9999.4/work/kdelibs-9999.4/kjs/interpreter.cpp:442 #12 0xb4a014b6 in KJS::KJSProxyImpl::evaluate (this=0x8227c88, filename=@0xbfe0ffd0, baseLine=1, str=@0xbfe10118, n=@0xbfe1003c, completion=0xbfe0ffc0) at /var/tmp/portage/kde-base/kdelibs-9999.4/work/kdelibs-9999.4/khtml/ecma/kjs_proxy.cpp:157 #13 0xb480fb72 in KHTMLPart::executeScript (this=0x81e3150, filename=@0xbfe10044, baseLine=1, n=@0xbfe1003c, script=@0xbfe10118) at /var/tmp/portage/kde-base/kdelibs-9999.4/work/kdelibs-9999.4/khtml/khtml_part.cpp:1181 #14 0xb48924f2 in khtml::HTMLTokenizer::scriptExecution (this=0x825b3c0, str=@0xbfe10118, scriptURL=@0xbfe10110, baseLine=0) at /var/tmp/portage/kde-base/kdelibs-9999.4/work/kdelibs-9999.4/khtml/html/htmltokenizer.cpp:450 #15 0xb48926c1 in khtml::HTMLTokenizer::notifyFinished (this=0x825b3c0) at /var/tmp/portage/kde-base/kdelibs-9999.4/work/kdelibs-9999.4/khtml/html/htmltokenizer.cpp:1755 #16 0xb499cb74 in khtml::CachedScript::checkNotify (this=0x8709328) at /var/tmp/portage/kde-base/kdelibs-9999.4/work/kdelibs-9999.4/khtml/misc/loader.cpp:374 #17 0xb49a2529 in khtml::CachedScript::data (this=0x8709328, buffer=@0x81e6544, eof=true) at /var/tmp/portage/kde-base/kdelibs-9999.4/work/kdelibs-9999.4/khtml/misc/loader.cpp:366 #18 0xb499f699 in khtml::Loader::slotFinished (this=0x821fe10, job=0x873fa38) at /var/tmp/portage/kde-base/kdelibs-9999.4/work/kdelibs-9999.4/khtml/misc/loader.cpp:1299 #19 0xb499f981 in khtml::Loader::qt_metacall (this=0x821fe10, _c=QMetaObject::InvokeMetaMethod, _id=3, _a=0xbfe1075c) at /var/tmp/portage/kde-base/kdelibs-9999.4/work/kdelibs_build/khtml/loader.moc:126 #20 0xb72921f4 in QMetaObject::activate (sender=0x873fa38, from_signal_index=7, to_signal_index=7, argv=<value optimized out>) at kernel/qobject.cpp:3081 #21 0xb7292d94 in QMetaObject::activate (sender=0x873fa38, m=0xb7b933a8, local_signal_index=3, argv=0xbfe1075c) at kernel/qobject.cpp:3140 #22 0xb7a91e34 in KJob::result (this=0x873fa38, _t1=0x873fa38) at /var/tmp/portage/kde-base/kdelibs-9999.4/work/kdelibs_build/kdecore/kjob.moc:185 #23 0xb7a92372 in KJob::emitResult (this=0x873fa38) at /var/tmp/portage/kde-base/kdelibs-9999.4/work/kdelibs-9999.4/kdecore/jobs/kjob.cpp:290 #24 0xb7c4a5b8 in KIO::SimpleJob::slotFinished (this=0x873fa38) at /var/tmp/portage/kde-base/kdelibs-9999.4/work/kdelibs-9999.4/kio/kio/job.cpp:491 #25 0xb7c4a96a in KIO::TransferJob::slotFinished (this=0x873fa38) at /var/tmp/portage/kde-base/kdelibs-9999.4/work/kdelibs-9999.4/kio/kio/job.cpp:961 #26 0xb7c51503 in KIO::TransferJob::qt_metacall (this=0x873fa38, _c=QMetaObject::InvokeMetaMethod, _id=47, _a=0xbfe10de4) at /var/tmp/portage/kde-base/kdelibs-9999.4/work/kdelibs_build/kio/jobclasses.moc:335 #27 0xb72921f4 in QMetaObject::activate (sender=0x823b8e8, from_signal_index=8, to_signal_index=8, argv=<value optimized out>) at kernel/qobject.cpp:3081 #28 0xb7292d94 in QMetaObject::activate (sender=0x823b8e8, m=0xb7dbb024, local_signal_index=4, argv=0x0) at kernel/qobject.cpp:3140 #29 0xb7cf27e6 in KIO::SlaveInterface::finished (this=0x823b8e8) at /var/tmp/portage/kde-base/kdelibs-9999.4/work/kdelibs_build/kio/slaveinterface.moc:160 #30 0xb7cf43aa in KIO::SlaveInterface::dispatch (this=0x823b8e8, _cmd=104, rawdata=@0xbfe10fc4) at /var/tmp/portage/kde-base/kdelibs-9999.4/work/kdelibs-9999.4/kio/kio/slaveinterface.cpp:176 #31 0xb7cf5006 in KIO::SlaveInterface::dispatch (this=0x823b8e8) at /var/tmp/portage/kde-base/kdelibs-9999.4/work/kdelibs-9999.4/kio/kio/slaveinterface.cpp:90 #32 0xb7ce7677 in KIO::Slave::gotInput (this=0x823b8e8) at /var/tmp/portage/kde-base/kdelibs-9999.4/work/kdelibs-9999.4/kio/kio/slave.cpp:319 #33 0xb7ce8bcd in KIO::Slave::qt_metacall (this=0x823b8e8, _c=QMetaObject::InvokeMetaMethod, _id=2, _a=0xbfe114e4) at /var/tmp/portage/kde-base/kdelibs-9999.4/work/kdelibs_build/kio/slave.moc:74 #34 0xb72921f4 in QMetaObject::activate (sender=0x83877f0, from_signal_index=4, to_signal_index=4, argv=<value optimized out>) at kernel/qobject.cpp:3081 #35 0xb7292d94 in QMetaObject::activate (sender=0x83877f0, m=0xb7db7f20, local_signal_index=0, argv=0x0) at kernel/qobject.cpp:3140 #36 0xb7c229a3 in KIO::Connection::readyRead (this=0x83877f0) at /var/tmp/portage/kde-base/kdelibs-9999.4/work/kdelibs_build/kio/connection.moc:83 #37 0xb7c23826 in KIO::ConnectionPrivate::dequeue (this=0x8350190) at /var/tmp/portage/kde-base/kdelibs-9999.4/work/kdelibs-9999.4/kio/kio/connection.cpp:82 #38 0xb7c245d5 in KIO::Connection::qt_metacall (this=0x83877f0, _c=QMetaObject::InvokeMetaMethod, _id=1, _a=0x8873db0) at /var/tmp/portage/kde-base/kdelibs-9999.4/work/kdelibs_build/kio/connection.moc:71 #39 0xb728d2f9 in QMetaCallEvent::placeMetaCall (this=0x86e15b0, object=0x83877f0) at kernel/qobject.cpp:536 #40 0xb7290017 in QObject::event (this=0x83877f0, e=0xc) at kernel/qobject.cpp:1122 #41 0xb691fe8a in QApplicationPrivate::notify_helper (this=0x80587d0, receiver=0x83877f0, e=0x86e15b0) at kernel/qapplication.cpp:3556 #42 0xb692177a in QApplication::notify (this=0xbfe11ef8, receiver=0x83877f0, e=0x86e15b0) at kernel/qapplication.cpp:3115 #43 0xb785dcb3 in KApplication::notify (this=0xbfe11ef8, receiver=0x83877f0, event=0x86e15b0) at /var/tmp/portage/kde-base/kdelibs-9999.4/work/kdelibs-9999.4/kdeui/kernel/kapplication.cpp:314 #44 0xb727ed7b in QCoreApplication::notifyInternal (this=0xbfe11ef8, receiver=0x83877f0, event=0x86e15b0) at kernel/qcoreapplication.cpp:530 #45 0xb728021a in QCoreApplicationPrivate::sendPostedEvents (receiver=0x0, event_type=0, data=0x804ce50) at kernel/qcoreapplication.h:200 #46 0xb72a8905 in QEventDispatcherUNIX::processEvents (this=0x8057f50, flags=@0xbfe11bd8) at kernel/qeventdispatcher_unix.cpp:858 #47 0xb69a9cce in QEventDispatcherX11::processEvents (this=0x8057f50, flags=@0xbfe11c04) at kernel/qeventdispatcher_x11.cpp:145 #48 0xb727e191 in QEventLoop::processEvents (this=0xbfe11c70, flags=@0xbfe11c38) at kernel/qeventloop.cpp:140 #49 0xb727e29a in QEventLoop::exec (this=0xbfe11c70, flags=@0xbfe11c78) at kernel/qeventloop.cpp:186 #50 0xb7280626 in QCoreApplication::exec () at kernel/qcoreapplication.cpp:759 #51 0xb691f487 in QApplication::exec () at kernel/qapplication.cpp:3053 #52 0xb7f00717 in kdemain (argc=1, argv=0xbfe12274) at /var/tmp/portage/kde-base/kdebase-9999.4/work/kdebase-9999.4/apps/konqueror/src/konqmain.cpp:218 #53 0x080487e2 in main (argc=Cannot access memory at address 0xc ) at /var/tmp/portage/kde-base/kdebase-9999.4/work/kdebase_build/apps/konqueror/src/konqueror_dummy.cpp:3 #54 0xb658cfdc in __libc_start_main (main=0x80487c0 <main>, argc=1, ubp_av=0xbfe12274, init=0x8048810 <__libc_csu_init>, fini=0x8048800 <__libc_csu_fini>, rtld_fini=0xb7f25100 <_dl_fini>, stack_end=0xbfe1226c) at libc-start.c:229 #55 0x08048731 in _start () Valgrind: ==5501== Source and destination overlap in mempcpy(0x7884680, 0x7884680, 21) ==5501== at 0x4021E3A: (within /usr/lib/valgrind/x86-linux/vgpreload_memcheck.so) ==5501== by 0x4022781: mempcpy (in /usr/lib/valgrind/x86-linux/vgpreload_memcheck.so) ==5501== by 0x58F61D2: _IO_default_xsputn (genops.c:463) ==5501== by 0x58D121E: vfprintf (vfprintf.c:1568) ==5501== by 0x58EACBA: vsprintf (iovsprintf.c:43) ==5501== by 0x58D6ADD: sprintf (sprintf.c:34) ==5501== by 0x4981942: parse_fontdata (omGeneric.c:618) ==5501== by 0x4981AE2: parse_vw (omGeneric.c:1095) ==5501== by 0x4982301: create_oc (omGeneric.c:1233) ==5501== by 0x4941C0A: XCreateOC (OCWrap.c:53) ==5501== by 0x49380A9: XCreateFontSet (FSWrap.c:185) ==5501== by 0x552A69D: getFontSet(QFont const&) (qximinputcontext_x11.cpp:319) --5501-- Reading syms from /usr/kde/svn/lib/kde4/libkshorturifilter.so (0xB9B8000) --5501-- Reading debug info from /usr/lib/debug/usr/kde/svn/lib/kde4/libkshorturifilter.so.debug... --5501-- Reading syms from /usr/kde/svn/lib/kde4/libkurisearchfilter.so (0xB9C5000) --5501-- Reading debug info from /usr/lib/debug/usr/kde/svn/lib/kde4/libkurisearchfilter.so.debug... --5501-- Reading syms from /usr/kde/svn/lib/kde4/liblocaldomainurifilter.so (0xB9E2000) --5501-- Reading debug info from /usr/lib/debug/usr/kde/svn/lib/kde4/liblocaldomainurifilter.so.debug... --5501-- Reading syms from /usr/kde/svn/lib/kde4/libkuriikwsfilter.so (0xB9E9000) --5501-- Reading debug info from /usr/lib/debug/usr/kde/svn/lib/kde4/libkuriikwsfilter.so.debug... --5501-- Reading syms from /usr/kde/svn/lib/kde4/libfixhosturifilter.so (0xB9F9000) --5501-- Reading debug info from /usr/lib/debug/usr/kde/svn/lib/kde4/libfixhosturifilter.so.debug... --5501-- Reading syms from /lib/libnss_dns-2.6.1.so (0xD226000) --5501-- Reading debug info from /usr/lib/debug/lib/libnss_dns-2.6.1.so.debug... --5501-- Reading syms from /usr/kde/svn/lib/kde4/libkhtmlpart.so (0xA870000) --5501-- Reading debug info from /usr/lib/debug/usr/kde/svn/lib/kde4/libkhtmlpart.so.debug... ==5501== ==5501== Conditional jump or move depends on uninitialised value(s) ==5501== at 0x4B7925C: (within /lib/libz.so.1.2.3) ==5501== ==5501== Conditional jump or move depends on uninitialised value(s) ==5501== at 0x4B79212: (within /lib/libz.so.1.2.3) --5501-- memcheck GC: 262144 nodes, 243080 survivors ( 92.7%) --5501-- memcheck GC: increase table size to 524288 ==5501== ==5501== Invalid read of size 4 ==5501== at 0x8E67E2D: QString::QString(QString const&) (qstring.h:662) ==5501== by 0x90B55FB: KJSDebugger::DebugDocument::name() const (debugdocument.cpp:60) ==5501== by 0x90ABF23: KJSDebugger::DebugWindow::enterContext(KJS::ExecState*, int, int, KJS::JSObject*, KJS::List const&) (debugwindow.cpp:673) ==5501== by 0x8CF4377: KJS::FunctionImp::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List const&) (function.cpp:154) ==5501== by 0x8CFB8BA: KJS::JSObject::call(KJS::ExecState*, KJS::JSObject*, KJS::List const&) (object.cpp:99) ==5501== by 0x8CB808F: KJS::FunctionCallReferenceNode::evaluate(KJS::ExecState*) (nodes.cpp:1038) ==5501== by 0x8CB8CC6: KJS::FunctionCallDotNode::evaluate(KJS::ExecState*) (nodes.cpp:1117) ==5501== by 0x8CB57A9: KJS::ExprStatementNode::execute(KJS::ExecState*) (nodes.cpp:2168) ==5501== by 0x8CB4D9D: KJS::SourceElementsNode::execute(KJS::ExecState*) (nodes.cpp:2979) ==5501== by 0x8CB16CA: KJS::BlockNode::execute(KJS::ExecState*) (nodes.cpp:2145) ==5501== by 0x8D00C29: KJS::Interpreter::evaluate(KJS::UString const&, int, KJS::UChar const*, int, KJS::JSValue*) (interpreter.cpp:501) ==5501== by 0x8D00CED: KJS::Interpreter::evaluate(KJS::UString const&, int, KJS::UString const&, KJS::JSValue*) (interpreter.cpp:442) ==5501== Address 0x14 is not stack'd, malloc'd or (recently) free'd --5501-- REDIR: 0x58FE840 (strncat) redirected to 0x4021FAC (strncat) ==5501== Warning: invalid file descriptor -1 in syscall write() ==5501== at 0x4DCBFAB: (within /lib/libpthread-2.6.1.so) ==5501== by 0x4785DDE: KCrash::startDrKonqi(char const**, int) (kcrash.cpp:349) ==5501== by 0x478645A: KCrash::defaultCrashHandler(int) (kcrash.cpp:287) ==5501== by 0x58BB287: (within /lib/libc-2.6.1.so) ==5501== by 0x90B55FB: KJSDebugger::DebugDocument::name() const (debugdocument.cpp:60) ==5501== by 0x90ABF23: KJSDebugger::DebugWindow::enterContext(KJS::ExecState*, int, int, KJS::JSObject*, KJS::List const&) (debugwindow.cpp:673) ==5501== by 0x8CF4377: KJS::FunctionImp::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List const&) (function.cpp:154) ==5501== by 0x8CFB8BA: KJS::JSObject::call(KJS::ExecState*, KJS::JSObject*, KJS::List const&) (object.cpp:99) ==5501== by 0x8CB808F: KJS::FunctionCallReferenceNode::evaluate(KJS::ExecState*) (nodes.cpp:1038) ==5501== by 0x8CB8CC6: KJS::FunctionCallDotNode::evaluate(KJS::ExecState*) (nodes.cpp:1117) ==5501== by 0x8CB57A9: KJS::ExprStatementNode::execute(KJS::ExecState*) (nodes.cpp:2168) ==5501== by 0x8CB4D9D: KJS::SourceElementsNode::execute(KJS::ExecState*) (nodes.cpp:2979) ==5501== Warning: invalid file descriptor -1 in syscall write() ==5501== at 0x4DCBFAB: (within /lib/libpthread-2.6.1.so) ==5501== by 0x4785DF1: KCrash::startDrKonqi(char const**, int) (kcrash.cpp:350) ==5501== by 0x478645A: KCrash::defaultCrashHandler(int) (kcrash.cpp:287) ==5501== by 0x58BB287: (within /lib/libc-2.6.1.so) ==5501== by 0x90B55FB: KJSDebugger::DebugDocument::name() const (debugdocument.cpp:60) ==5501== by 0x90ABF23: KJSDebugger::DebugWindow::enterContext(KJS::ExecState*, int, int, KJS::JSObject*, KJS::List const&) (debugwindow.cpp:673) ==5501== by 0x8CF4377: KJS::FunctionImp::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List const&) (function.cpp:154) ==5501== by 0x8CFB8BA: KJS::JSObject::call(KJS::ExecState*, KJS::JSObject*, KJS::List const&) (object.cpp:99) ==5501== by 0x8CB808F: KJS::FunctionCallReferenceNode::evaluate(KJS::ExecState*) (nodes.cpp:1038) ==5501== by 0x8CB8CC6: KJS::FunctionCallDotNode::evaluate(KJS::ExecState*) (nodes.cpp:1117) ==5501== by 0x8CB57A9: KJS::ExprStatementNode::execute(KJS::ExecState*) (nodes.cpp:2168) ==5501== by 0x8CB4D9D: KJS::SourceElementsNode::execute(KJS::ExecState*) (nodes.cpp:2979) ==5501== Warning: invalid file descriptor -1 in syscall read() ==5501== at 0x4DCC02B: (within /lib/libpthread-2.6.1.so) ==5501== by 0x4785E03: KCrash::startDrKonqi(char const**, int) (kcrash.cpp:351) ==5501== by 0x478645A: KCrash::defaultCrashHandler(int) (kcrash.cpp:287) ==5501== by 0x58BB287: (within /lib/libc-2.6.1.so) ==5501== by 0x90B55FB: KJSDebugger::DebugDocument::name() const (debugdocument.cpp:60) ==5501== by 0x90ABF23: KJSDebugger::DebugWindow::enterContext(KJS::ExecState*, int, int, KJS::JSObject*, KJS::List const&) (debugwindow.cpp:673) ==5501== by 0x8CF4377: KJS::FunctionImp::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List const&) (function.cpp:154) ==5501== by 0x8CFB8BA: KJS::JSObject::call(KJS::ExecState*, KJS::JSObject*, KJS::List const&) (object.cpp:99) ==5501== by 0x8CB808F: KJS::FunctionCallReferenceNode::evaluate(KJS::ExecState*) (nodes.cpp:1038) ==5501== by 0x8CB8CC6: KJS::FunctionCallDotNode::evaluate(KJS::ExecState*) (nodes.cpp:1117) ==5501== by 0x8CB57A9: KJS::ExprStatementNode::execute(KJS::ExecState*) (nodes.cpp:2168) ==5501== by 0x8CB4D9D: KJS::SourceElementsNode::execute(KJS::ExecState*) (nodes.cpp:2979) --5501-- Discarding syms at 0x48DE000-0x48E2000 in /usr/lib/gconv/UTF-16.so due to munmap() --5501-- Discarding syms at 0x8C28000-0x8C30000 in /lib/libnss_compat-2.6.1.so due to munmap() --5501-- Discarding syms at 0x8C47000-0x8C51000 in /lib/libnss_nis-2.6.1.so due to munmap() --5501-- Discarding syms at 0x8C51000-0x8C5B000 in /lib/libnss_files-2.6.1.so due to munmap() --5501-- Discarding syms at 0xD226000-0xD22C000 in /lib/libnss_dns-2.6.1.so due to munmap() ==5501== ==5501== ERROR SUMMARY: 148 errors from 11 contexts (suppressed: 22 from 3) ==5501== ==5501== 1 errors in context 1 of 11: ==5501== Invalid read of size 4 ==5501== at 0x8E67E2D: QString::QString(QString const&) (qstring.h:662) ==5501== by 0x90B55FB: KJSDebugger::DebugDocument::name() const (debugdocument.cpp:60) ==5501== by 0x90ABF23: KJSDebugger::DebugWindow::enterContext(KJS::ExecState*, int, int, KJS::JSObject*, KJS::List const&) (debugwindow.cpp:673) ==5501== by 0x8CF4377: KJS::FunctionImp::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List const&) (function.cpp:154) ==5501== by 0x8CFB8BA: KJS::JSObject::call(KJS::ExecState*, KJS::JSObject*, KJS::List const&) (object.cpp:99) ==5501== by 0x8CB808F: KJS::FunctionCallReferenceNode::evaluate(KJS::ExecState*) (nodes.cpp:1038) ==5501== by 0x8CB8CC6: KJS::FunctionCallDotNode::evaluate(KJS::ExecState*) (nodes.cpp:1117) ==5501== by 0x8CB57A9: KJS::ExprStatementNode::execute(KJS::ExecState*) (nodes.cpp:2168) ==5501== by 0x8CB4D9D: KJS::SourceElementsNode::execute(KJS::ExecState*) (nodes.cpp:2979) ==5501== by 0x8CB16CA: KJS::BlockNode::execute(KJS::ExecState*) (nodes.cpp:2145) ==5501== by 0x8D00C29: KJS::Interpreter::evaluate(KJS::UString const&, int, KJS::UChar const*, int, KJS::JSValue*) (interpreter.cpp:501) ==5501== by 0x8D00CED: KJS::Interpreter::evaluate(KJS::UString const&, int, KJS::UString const&, KJS::JSValue*) (interpreter.cpp:442) ==5501== Address 0x14 is not stack'd, malloc'd or (recently) free'd ==5501== ==5501== 1 errors in context 2 of 11: ==5501== Conditional jump or move depends on uninitialised value(s) ==5501== at 0x4B7925C: (within /lib/libz.so.1.2.3) ==5501== ==5501== 1 errors in context 3 of 11: ==5501== Conditional jump or move depends on uninitialised value(s) ==5501== at 0x400AAF3: _dl_relocate_object (do-rel.h:117) ==5501== by 0x4004169: dl_main (rtld.c:2284) ==5501== by 0x4013C45: _dl_sysdep_start (dl-sysdep.c:239) ==5501== by 0x400124E: _dl_start (rtld.c:327) ==5501== by 0x40008A6: (within /lib/ld-2.6.1.so) ==5501== ==5501== 1 errors in context 4 of 11: ==5501== Conditional jump or move depends on uninitialised value(s) ==5501== at 0x400A9BD: _dl_relocate_object (do-rel.h:68) ==5501== by 0x4004169: dl_main (rtld.c:2284) ==5501== by 0x4013C45: _dl_sysdep_start (dl-sysdep.c:239) ==5501== by 0x400124E: _dl_start (rtld.c:327) ==5501== by 0x40008A6: (within /lib/ld-2.6.1.so) ==5501== ==5501== 1 errors in context 5 of 11: ==5501== Conditional jump or move depends on uninitialised value(s) ==5501== at 0x400A9B5: _dl_relocate_object (do-rel.h:65) ==5501== by 0x4004169: dl_main (rtld.c:2284) ==5501== by 0x4013C45: _dl_sysdep_start (dl-sysdep.c:239) ==5501== by 0x400124E: _dl_start (rtld.c:327) ==5501== by 0x40008A6: (within /lib/ld-2.6.1.so) ==5501== ==5501== 1 errors in context 6 of 11: ==5501== Conditional jump or move depends on uninitialised value(s) ==5501== at 0x400AAF3: _dl_relocate_object (do-rel.h:117) ==5501== by 0x400454C: dl_main (rtld.c:2214) ==5501== by 0x4013C45: _dl_sysdep_start (dl-sysdep.c:239) ==5501== by 0x400124E: _dl_start (rtld.c:327) ==5501== by 0x40008A6: (within /lib/ld-2.6.1.so) ==5501== ==5501== 1 errors in context 7 of 11: ==5501== Conditional jump or move depends on uninitialised value(s) ==5501== at 0x400B053: _dl_relocate_object (do-rel.h:104) ==5501== by 0x400454C: dl_main (rtld.c:2214) ==5501== by 0x4013C45: _dl_sysdep_start (dl-sysdep.c:239) ==5501== by 0x400124E: _dl_start (rtld.c:327) ==5501== by 0x40008A6: (within /lib/ld-2.6.1.so) ==5501== ==5501== 1 errors in context 8 of 11: ==5501== Conditional jump or move depends on uninitialised value(s) ==5501== at 0x400A9BD: _dl_relocate_object (do-rel.h:68) ==5501== by 0x400454C: dl_main (rtld.c:2214) ==5501== by 0x4013C45: _dl_sysdep_start (dl-sysdep.c:239) ==5501== by 0x400124E: _dl_start (rtld.c:327) ==5501== by 0x40008A6: (within /lib/ld-2.6.1.so) ==5501== ==5501== 1 errors in context 9 of 11: ==5501== Conditional jump or move depends on uninitialised value(s) ==5501== at 0x400A9B5: _dl_relocate_object (do-rel.h:65) ==5501== by 0x400454C: dl_main (rtld.c:2214) ==5501== by 0x4013C45: _dl_sysdep_start (dl-sysdep.c:239) ==5501== by 0x400124E: _dl_start (rtld.c:327) ==5501== by 0x40008A6: (within /lib/ld-2.6.1.so) ==5501== ==5501== 11 errors in context 10 of 11: ==5501== Source and destination overlap in mempcpy(0x7884680, 0x7884680, 21) ==5501== at 0x4021E3A: (within /usr/lib/valgrind/x86-linux/vgpreload_memcheck.so) ==5501== by 0x4022781: mempcpy (in /usr/lib/valgrind/x86-linux/vgpreload_memcheck.so) ==5501== by 0x58F61D2: _IO_default_xsputn (genops.c:463) ==5501== by 0x58D121E: vfprintf (vfprintf.c:1568) ==5501== by 0x58EACBA: vsprintf (iovsprintf.c:43) ==5501== by 0x58D6ADD: sprintf (sprintf.c:34) ==5501== by 0x4981942: parse_fontdata (omGeneric.c:618) ==5501== by 0x4981AE2: parse_vw (omGeneric.c:1095) ==5501== by 0x4982301: create_oc (omGeneric.c:1233) ==5501== by 0x4941C0A: XCreateOC (OCWrap.c:53) ==5501== by 0x49380A9: XCreateFontSet (FSWrap.c:185) ==5501== by 0x552A69D: getFontSet(QFont const&) (qximinputcontext_x11.cpp:319) ==5501== ==5501== 128 errors in context 11 of 11: ==5501== Conditional jump or move depends on uninitialised value(s) ==5501== at 0x4B79212: (within /lib/libz.so.1.2.3) --5501-- --5501-- supp: 1 X11-64bit-padding-2a --5501-- supp: 5 X11-64bit-padding-1d --5501-- supp: 16 X11-64bit-padding-1c ==5501== ==5501== IN SUMMARY: 148 errors from 11 contexts (suppressed: 22 from 3) ==5501== ==5501== malloc/free: in use at exit: 14,420,138 bytes in 98,319 blocks. ==5501== malloc/free: 1,146,666 allocs, 1,048,347 frees, 205,213,249 bytes allocated. ==5501== ==5501== searching for pointers to 98,319 not-freed blocks. ==5501== checked 53,747,480 bytes. ==5501== ==5501== LEAK SUMMARY: ==5501== definitely lost: 12,848 bytes in 487 blocks. ==5501== possibly lost: 184,936 bytes in 4,017 blocks. ==5501== still reachable: 14,222,354 bytes in 93,815 blocks. ==5501== suppressed: 0 bytes in 0 blocks. ==5501== Rerun with --leak-check=full to see details of leaked memory.
Cannot reproduce. I'm using 4.0 branch r802754 (4.0.3++)