337789 – Segmentation fault in KJS::allocateBlock

Bug 337789 - Segmentation fault in KJS::allocateBlock

Summary: Segmentation fault in KJS::allocateBlock

Status:	RESOLVED UNMAINTAINED

Alias:	None

Product:	konqueror
Classification:	Applications
Component:	general (other bugs)
Version First Reported In:	4.13.2
Platform:	Ubuntu Linux

Importance:	NOR crash
Target Milestone:	---
Assignee:	Konqueror Bugs

URL:
Keywords:	drkonqi

Depends on:
Blocks:

Reported:	2014-07-25 07:39 UTC by Graeme Hewson
Modified:	2018-10-31 07:41 UTC (History)
CC List:	1 user (show)

See Also:
Latest Commit:
Version Fixed/Implemented In:
Sentry Crash Report:

Attachments
New crash information added by DrKonqi (20.32 KB, text/plain) 2014-07-31 15:56 UTC, Graeme Hewson	Details
View All Add an attachment

Note You need to log in before you can comment on or make changes to this bug.

Description Graeme Hewson 2014-07-25 07:39:25 UTC

Application: konqueror (4.13.2)
KDE Platform Version: 4.13.2
Qt Version: 4.8.6
Operating System: Linux 3.13.0-32-generic x86_64
Distribution: Ubuntu 14.04.1 LTS

-- Information about the crash:
- What I was doing when the application crashed:

Clicked on a link or opened a page. This has been happening on various sites, but isn't reproducible: going to the same link or page works the next time.

The crash can be reproduced sometimes.

-- Backtrace:
Application: Konqueror (konqueror), signal: Segmentation fault
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
[Current thread is 1 (Thread 0x7fcde28917c0 (LWP 11937))]

Thread 3 (Thread 0x7fcdca123700 (LWP 11940)):
#0  0x00007fcde21006bd in read () at ../sysdeps/unix/syscall-template.S:81
#1  0x00007fcddb06cc20 in ?? () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#2  0x00007fcddb02bb14 in g_main_context_check () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#3  0x00007fcddb02bf7b in ?? () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#4  0x00007fcddb02c0ec in g_main_context_iteration () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#5  0x00007fcdded567be in QEventDispatcherGlib::processEvents (this=0x7fcdc40008c0, flags=...) at kernel/qeventdispatcher_glib.cpp:436
#6  0x00007fcdded280af in QEventLoop::processEvents (this=this@entry=0x7fcdca122de0, flags=...) at kernel/qeventloop.cpp:149
#7  0x00007fcdded283a5 in QEventLoop::exec (this=this@entry=0x7fcdca122de0, flags=...) at kernel/qeventloop.cpp:204
#8  0x00007fcddec24c5f in QThread::exec (this=this@entry=0x1a60a90) at thread/qthread.cpp:537
#9  0x00007fcdded09823 in QInotifyFileSystemWatcherEngine::run (this=0x1a60a90) at io/qfilesystemwatcher_inotify.cpp:265
#10 0x00007fcddec2732f in QThreadPrivate::start (arg=0x1a60a90) at thread/qthread_unix.cpp:349
#11 0x00007fcddb50b182 in start_thread (arg=0x7fcdca123700) at pthread_create.c:312
#12 0x00007fcde210f30d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:111

Thread 2 (Thread 0x7fcdc9922700 (LWP 11942)):
#0  __GI___pthread_mutex_unlock (mutex=0x7fcdbc000a60) at pthread_mutex_unlock.c:311
#1  0x00007fcddb06d9c1 in g_mutex_unlock () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#2  0x00007fcddb02b680 in g_main_context_prepare () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#3  0x00007fcddb02bf03 in ?? () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#4  0x00007fcddb02c0ec in g_main_context_iteration () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#5  0x00007fcdded567be in QEventDispatcherGlib::processEvents (this=0x7fcdbc0008c0, flags=...) at kernel/qeventdispatcher_glib.cpp:436
#6  0x00007fcdded280af in QEventLoop::processEvents (this=this@entry=0x7fcdc9921de0, flags=...) at kernel/qeventloop.cpp:149
#7  0x00007fcdded283a5 in QEventLoop::exec (this=this@entry=0x7fcdc9921de0, flags=...) at kernel/qeventloop.cpp:204
#8  0x00007fcddec24c5f in QThread::exec (this=this@entry=0x3a03020) at thread/qthread.cpp:537
#9  0x00007fcde0c2ab2e in KIO::NameLookUpThread::run (this=0x3a03020) at ../../kio/kio/hostinfo.cpp:226
#10 0x00007fcddec2732f in QThreadPrivate::start (arg=0x3a03020) at thread/qthread_unix.cpp:349
#11 0x00007fcddb50b182 in start_thread (arg=0x7fcdc9922700) at pthread_create.c:312
#12 0x00007fcde210f30d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:111

Thread 1 (Thread 0x7fcde28917c0 (LWP 11937)):
[KCrash Handler]
#6  memset () at ../sysdeps/x86_64/memset.S:78
#7  0x00007fcdcde0404a in memset (__len=65536, __ch=0, __dest=0x0) at /usr/include/x86_64-linux-gnu/bits/string3.h:84
#8  KJS::allocateBlock () at ../../kjs/collector.cpp:209
#9  0x00007fcdcde04b91 in KJS::Collector::allocate (s=s@entry=16) at ../../kjs/collector.cpp:361
#10 0x00007fcdcde34535 in KJS::JSCell::operator new (size=size@entry=16) at ../../kjs/value.cpp:41
#11 0x00007fcdcde34d3e in KJS::jsOwnedString (s=...) at ../../kjs/value.cpp:202
#12 0x00007fcdcde5096b in KJS::Machine::runBlock (exec=0x7fffaa704670, codeBlock=..., parentExec=0x10000, parentExec@entry=0x7fffaa704950) at codes.def:306
#13 0x00007fcdcde31f71 in KJS::FunctionImp::callAsFunction (this=0x7fcdc1eb0100, exec=0x7fffaa704950, thisObj=<optimized out>, args=...) at ../../kjs/function.cpp:171
#14 0x00007fcdcde4d9cd in call (args=..., thisObj=<optimized out>, exec=<optimized out>, this=<optimized out>) at ../../kjs/object.h:632
#15 KJS::Machine::runBlock (exec=0x7fffaa704950, codeBlock=..., parentExec=0x10000, parentExec@entry=0x7fffaa704c30) at codes.def:1233
#16 0x00007fcdcde31f71 in KJS::FunctionImp::callAsFunction (this=0x7fcdc1eb6080, exec=0x7fffaa704c30, thisObj=<optimized out>, args=...) at ../../kjs/function.cpp:171
#17 0x00007fcdcde4d9cd in call (args=..., thisObj=<optimized out>, exec=<optimized out>, this=<optimized out>) at ../../kjs/object.h:632
#18 KJS::Machine::runBlock (exec=0x7fffaa704c30, codeBlock=..., parentExec=0x10000, parentExec@entry=0x7fffaa704f10) at codes.def:1233
#19 0x00007fcdcde31f71 in KJS::FunctionImp::callAsFunction (this=0x7fcdc1eb6100, exec=0x7fffaa704f10, thisObj=<optimized out>, args=...) at ../../kjs/function.cpp:171
#20 0x00007fcdcde4d9cd in call (args=..., thisObj=<optimized out>, exec=<optimized out>, this=<optimized out>) at ../../kjs/object.h:632
#21 KJS::Machine::runBlock (exec=0x7fffaa704f10, codeBlock=..., parentExec=0x10000, parentExec@entry=0x7fffaa705390) at codes.def:1233
#22 0x00007fcdcde31f71 in KJS::FunctionImp::callAsFunction (this=0x7fcdc1dec540, exec=0x7fffaa705390, thisObj=<optimized out>, args=...) at ../../kjs/function.cpp:171
#23 0x00007fcdcde25135 in call (args=..., thisObj=0x7fcdc1de9500, exec=0x7fffaa705390, this=<optimized out>) at ../../kjs/object.h:632
#24 KJS::ArrayProtoFunc::callAsFunction (this=0x7fcdc214de00, exec=0x7fffaa705390, thisObj=0x7fcdc1dec340, args=...) at ../../kjs/array_object.cpp:540
#25 0x00007fcdcde17e05 in call (args=..., thisObj=0x7fcdc1dec340, exec=0x7fffaa705390, this=0x7fcdc214de00) at ../../kjs/object.h:632
#26 KJS::FunctionProtoFunc::callAsFunction (this=<optimized out>, exec=0x7fffaa705390, thisObj=0x7fcdc214de00, args=...) at ../../kjs/function_object.cpp:141
#27 0x00007fcdcde4d9cd in call (args=..., thisObj=<optimized out>, exec=<optimized out>, this=<optimized out>) at ../../kjs/object.h:632
#28 KJS::Machine::runBlock (exec=0x7fffaa705390, codeBlock=..., parentExec=0x10000, parentExec@entry=0x7fffaa705670) at codes.def:1233
#29 0x00007fcdcde31f71 in KJS::FunctionImp::callAsFunction (this=0x7fcdc1e7cb00, exec=0x7fffaa705670, thisObj=<optimized out>, args=...) at ../../kjs/function.cpp:171
#30 0x00007fcdcde4d9cd in call (args=..., thisObj=<optimized out>, exec=<optimized out>, this=<optimized out>) at ../../kjs/object.h:632
#31 KJS::Machine::runBlock (exec=0x7fffaa705670, codeBlock=..., parentExec=0x10000, parentExec@entry=0x7fffaa705980) at codes.def:1233
#32 0x00007fcdcde31f71 in KJS::FunctionImp::callAsFunction (this=0x7fcdc1e9e380, exec=0x7fffaa705980, thisObj=<optimized out>, args=...) at ../../kjs/function.cpp:171
#33 0x00007fcdcde301f9 in call (args=..., thisObj=0x7fcdc1de9500, exec=0x7fffaa705980, this=0x7fcdc1e9e380) at ../../kjs/object.h:632
#34 KJS::FunctionImp::construct (this=0x7fcdc1e9e380, exec=0x7fffaa705980, args=...) at ../../kjs/function.cpp:347
#35 0x00007fcdcde4d8be in KJS::Machine::runBlock (exec=0x7fffaa705980, codeBlock=..., parentExec=0x10000, parentExec@entry=0x7fffaa705c60) at codes.def:1254
#36 0x00007fcdcde31f71 in KJS::FunctionImp::callAsFunction (this=0x7fcdc80b5780, exec=0x7fffaa705c60, thisObj=<optimized out>, args=...) at ../../kjs/function.cpp:171
#37 0x00007fcdcde4d9cd in call (args=..., thisObj=<optimized out>, exec=<optimized out>, this=<optimized out>) at ../../kjs/object.h:632
#38 KJS::Machine::runBlock (exec=0x7fffaa705c60, codeBlock=..., parentExec=0x10000, parentExec@entry=0x7fffaa705f40) at codes.def:1233
#39 0x00007fcdcde31f71 in KJS::FunctionImp::callAsFunction (this=0x7fcdc1e34740, exec=0x7fffaa705f40, thisObj=<optimized out>, args=...) at ../../kjs/function.cpp:171
#40 0x00007fcdcde4d9cd in call (args=..., thisObj=<optimized out>, exec=<optimized out>, this=<optimized out>) at ../../kjs/object.h:632
#41 KJS::Machine::runBlock (exec=0x7fffaa705f40, codeBlock=..., parentExec=0x10000, parentExec@entry=0x7fffaa7062d0) at codes.def:1233
#42 0x00007fcdcde31f71 in KJS::FunctionImp::callAsFunction (this=0x7fcdc1e90e00, exec=0x7fffaa7062d0, thisObj=<optimized out>, args=...) at ../../kjs/function.cpp:171
#43 0x00007fcdcde17e05 in call (args=..., thisObj=0x7fcdc1de2ec0, exec=0x7fffaa7062d0, this=0x7fcdc1e90e00) at ../../kjs/object.h:632
#44 KJS::FunctionProtoFunc::callAsFunction (this=<optimized out>, exec=0x7fffaa7062d0, thisObj=0x7fcdc1e90e00, args=...) at ../../kjs/function_object.cpp:141
#45 0x00007fcdcde4d9cd in call (args=..., thisObj=<optimized out>, exec=<optimized out>, this=<optimized out>) at ../../kjs/object.h:632
#46 KJS::Machine::runBlock (exec=0x7fffaa7062d0, codeBlock=..., parentExec=0x10000, parentExec@entry=0x7fffaa7065e0) at codes.def:1233
#47 0x00007fcdcde31f71 in KJS::FunctionImp::callAsFunction (this=0x7fcdc1e92f00, exec=0x7fffaa7065e0, thisObj=<optimized out>, args=...) at ../../kjs/function.cpp:171
#48 0x00007fcdcde301f9 in call (args=..., thisObj=0x7fcdc1de2ec0, exec=0x7fffaa7065e0, this=0x7fcdc1e92f00) at ../../kjs/object.h:632
#49 KJS::FunctionImp::construct (this=0x7fcdc1e92f00, exec=0x7fffaa7065e0, args=...) at ../../kjs/function.cpp:347
#50 0x00007fcdcde4d8be in KJS::Machine::runBlock (exec=0x7fffaa7065e0, codeBlock=..., parentExec=0x10000, parentExec@entry=0x7fffaa7068c0) at codes.def:1254
#51 0x00007fcdcde31f71 in KJS::FunctionImp::callAsFunction (this=0x7fcdc1e93300, exec=0x7fffaa7068c0, thisObj=<optimized out>, args=...) at ../../kjs/function.cpp:171
#52 0x00007fcdcde4d9cd in call (args=..., thisObj=<optimized out>, exec=<optimized out>, this=<optimized out>) at ../../kjs/object.h:632
#53 KJS::Machine::runBlock (exec=0x7fffaa7068c0, codeBlock=..., parentExec=0x10000, parentExec@entry=0x7fffaa706d40) at codes.def:1233
#54 0x00007fcdcde31f71 in KJS::FunctionImp::callAsFunction (this=0x7fcdc1e2d100, exec=0x7fffaa706d40, thisObj=<optimized out>, args=...) at ../../kjs/function.cpp:171
#55 0x00007fcdcde25135 in call (args=..., thisObj=0x7fcdc211fd00, exec=0x7fffaa706d40, this=<optimized out>) at ../../kjs/object.h:632
#56 KJS::ArrayProtoFunc::callAsFunction (this=0x7fcdc214de00, exec=0x7fffaa706d40, thisObj=0x7fcdc1e53a80, args=...) at ../../kjs/array_object.cpp:540
#57 0x00007fcdcde17e05 in call (args=..., thisObj=0x7fcdc1e53a80, exec=0x7fffaa706d40, this=0x7fcdc214de00) at ../../kjs/object.h:632
#58 KJS::FunctionProtoFunc::callAsFunction (this=<optimized out>, exec=0x7fffaa706d40, thisObj=0x7fcdc214de00, args=...) at ../../kjs/function_object.cpp:141
#59 0x00007fcdcde4d9cd in call (args=..., thisObj=<optimized out>, exec=<optimized out>, this=<optimized out>) at ../../kjs/object.h:632
#60 KJS::Machine::runBlock (exec=0x7fffaa706d40, codeBlock=..., parentExec=0x10000, parentExec@entry=0x7fffaa707020) at codes.def:1233
#61 0x00007fcdcde31f71 in KJS::FunctionImp::callAsFunction (this=0x7fcdc1e7cb00, exec=0x7fffaa707020, thisObj=<optimized out>, args=...) at ../../kjs/function.cpp:171
#62 0x00007fcdcde4d9cd in call (args=..., thisObj=<optimized out>, exec=<optimized out>, this=<optimized out>) at ../../kjs/object.h:632
#63 KJS::Machine::runBlock (exec=0x7fffaa707020, codeBlock=..., parentExec=0x10000, parentExec@entry=0x7fffaa707300) at codes.def:1233
#64 0x00007fcdcde31f71 in KJS::FunctionImp::callAsFunction (this=0x7fcdc1e93180, exec=0x7fffaa707300, thisObj=<optimized out>, args=...) at ../../kjs/function.cpp:171
#65 0x00007fcdcde4d9cd in call (args=..., thisObj=<optimized out>, exec=<optimized out>, this=<optimized out>) at ../../kjs/object.h:632
#66 KJS::Machine::runBlock (exec=0x7fffaa707300, codeBlock=..., parentExec=0x10000, parentExec@entry=0x7fffaa707610) at codes.def:1233
#67 0x00007fcdcde31f71 in KJS::FunctionImp::callAsFunction (this=0x7fcdc1e99f80, exec=0x7fffaa707610, thisObj=<optimized out>, args=...) at ../../kjs/function.cpp:171
#68 0x00007fcdcde301f9 in call (args=..., thisObj=0x7fcdc1e26d80, exec=0x7fffaa707610, this=0x7fcdc1e99f80) at ../../kjs/object.h:632
#69 KJS::FunctionImp::construct (this=0x7fcdc1e99f80, exec=0x7fffaa707610, args=...) at ../../kjs/function.cpp:347
#70 0x00007fcdcde4d8be in KJS::Machine::runBlock (exec=0x7fffaa707610, codeBlock=..., parentExec=0x10000, parentExec@entry=0x7fffaa7079a0) at codes.def:1254
#71 0x00007fcdcde31f71 in KJS::FunctionImp::callAsFunction (this=0x7fcdc1e23780, exec=0x7fffaa7079a0, thisObj=<optimized out>, args=...) at ../../kjs/function.cpp:171
#72 0x00007fcdcde17e05 in call (args=..., thisObj=0x7fcdc23a53c0, exec=0x7fffaa7079a0, this=0x7fcdc1e23780) at ../../kjs/object.h:632
#73 KJS::FunctionProtoFunc::callAsFunction (this=<optimized out>, exec=0x7fffaa7079a0, thisObj=0x7fcdc1e23780, args=...) at ../../kjs/function_object.cpp:141
#74 0x00007fcdcde4d9cd in call (args=..., thisObj=<optimized out>, exec=<optimized out>, this=<optimized out>) at ../../kjs/object.h:632
#75 KJS::Machine::runBlock (exec=0x7fffaa7079a0, codeBlock=..., parentExec=0x10000, parentExec@entry=0x7fffaa707c80) at codes.def:1233
#76 0x00007fcdcde31f71 in KJS::FunctionImp::callAsFunction (this=0x7fcdc80b3140, exec=0x7fffaa707c80, thisObj=<optimized out>, args=...) at ../../kjs/function.cpp:171
#77 0x00007fcdcde4d9cd in call (args=..., thisObj=<optimized out>, exec=<optimized out>, this=<optimized out>) at ../../kjs/object.h:632
#78 KJS::Machine::runBlock (exec=0x7fffaa707c80, codeBlock=..., parentExec=0x10000, parentExec@entry=0x7fffaa708010) at codes.def:1233
#79 0x00007fcdcde31f71 in KJS::FunctionImp::callAsFunction (this=0x7fcdc1e23680, exec=0x7fffaa708010, thisObj=<optimized out>, args=...) at ../../kjs/function.cpp:171
#80 0x00007fcdcde17e05 in call (args=..., thisObj=0x7fcdc23a53c0, exec=0x7fffaa708010, this=0x7fcdc1e23680) at ../../kjs/object.h:632
#81 KJS::FunctionProtoFunc::callAsFunction (this=<optimized out>, exec=0x7fffaa708010, thisObj=0x7fcdc1e23680, args=...) at ../../kjs/function_object.cpp:141
#82 0x00007fcdcde4d9cd in call (args=..., thisObj=<optimized out>, exec=<optimized out>, this=<optimized out>) at ../../kjs/object.h:632
#83 KJS::Machine::runBlock (exec=0x7fffaa708010, codeBlock=..., parentExec=0x10000, parentExec@entry=0x7fffaa7082f0) at codes.def:1233
#84 0x00007fcdcde31f71 in KJS::FunctionImp::callAsFunction (this=0x7fcdc80b3240, exec=0x7fffaa7082f0, thisObj=<optimized out>, args=...) at ../../kjs/function.cpp:171
#85 0x00007fcdcde4d9cd in call (args=..., thisObj=<optimized out>, exec=<optimized out>, this=<optimized out>) at ../../kjs/object.h:632
#86 KJS::Machine::runBlock (exec=0x7fffaa7082f0, codeBlock=..., parentExec=0x10000, parentExec@entry=0x7fffaa708680) at codes.def:1233
#87 0x00007fcdcde31f71 in KJS::FunctionImp::callAsFunction (this=0x7fcdc2f80240, exec=0x7fffaa708680, thisObj=<optimized out>, args=...) at ../../kjs/function.cpp:171
#88 0x00007fcdcde18197 in call (args=..., thisObj=0x7fcdc23b7dc0, exec=0x7fffaa708680, this=0x7fcdc2f80240) at ../../kjs/object.h:632
#89 KJS::FunctionProtoFunc::callAsFunction (this=<optimized out>, exec=0x7fffaa708680, thisObj=0x7fcdc2f80240, args=...) at ../../kjs/function_object.cpp:125
#90 0x00007fcdcde4d9cd in call (args=..., thisObj=<optimized out>, exec=<optimized out>, this=<optimized out>) at ../../kjs/object.h:632
#91 KJS::Machine::runBlock (exec=0x7fffaa708680, codeBlock=..., parentExec=0x10000, parentExec@entry=0x7fffaa708a10) at codes.def:1233
#92 0x00007fcdcde31f71 in KJS::FunctionImp::callAsFunction (this=0x7fcdc1e63a00, exec=0x7fffaa708a10, thisObj=<optimized out>, args=...) at ../../kjs/function.cpp:171
#93 0x00007fcdcde18197 in call (args=..., thisObj=0x7fcdc23a4740, exec=0x7fffaa708a10, this=0x7fcdc1e63a00) at ../../kjs/object.h:632
#94 KJS::FunctionProtoFunc::callAsFunction (this=<optimized out>, exec=0x7fffaa708a10, thisObj=0x7fcdc1e63a00, args=...) at ../../kjs/function_object.cpp:125
#95 0x00007fcdcde4d9cd in call (args=..., thisObj=<optimized out>, exec=<optimized out>, this=<optimized out>) at ../../kjs/object.h:632
#96 KJS::Machine::runBlock (exec=0x7fffaa708a10, codeBlock=..., parentExec=0x10000, parentExec@entry=0x7fffaa708da0) at codes.def:1233
#97 0x00007fcdcde31f71 in KJS::FunctionImp::callAsFunction (this=0x7fcdc1e66740, exec=0x7fffaa708da0, thisObj=<optimized out>, args=...) at ../../kjs/function.cpp:171
#98 0x00007fcdcde18197 in call (args=..., thisObj=0x7fcdc23a4780, exec=0x7fffaa708da0, this=0x7fcdc1e66740) at ../../kjs/object.h:632
#99 KJS::FunctionProtoFunc::callAsFunction (this=<optimized out>, exec=0x7fffaa708da0, thisObj=0x7fcdc1e66740, args=...) at ../../kjs/function_object.cpp:125
#100 0x00007fcdcde4d9cd in call (args=..., thisObj=<optimized out>, exec=<optimized out>, this=<optimized out>) at ../../kjs/object.h:632
#101 KJS::Machine::runBlock (exec=0x7fffaa708da0, codeBlock=..., parentExec=0x10000, parentExec@entry=0x7fffaa709080) at codes.def:1233
#102 0x00007fcdcde31f71 in KJS::FunctionImp::callAsFunction (this=0x7fcdc1e346c0, exec=0x7fffaa709080, thisObj=<optimized out>, args=...) at ../../kjs/function.cpp:171
#103 0x00007fcdcde4d9cd in call (args=..., thisObj=<optimized out>, exec=<optimized out>, this=<optimized out>) at ../../kjs/object.h:632
#104 KJS::Machine::runBlock (exec=0x7fffaa709080, codeBlock=..., parentExec=0x10000, parentExec@entry=0x7fffaa709360) at codes.def:1233
#105 0x00007fcdcde31f71 in KJS::FunctionImp::callAsFunction (this=0x7fcdc80b34c0, exec=0x7fffaa709360, thisObj=<optimized out>, args=...) at ../../kjs/function.cpp:171
#106 0x00007fcdcde4d9cd in call (args=..., thisObj=<optimized out>, exec=<optimized out>, this=<optimized out>) at ../../kjs/object.h:632
#107 KJS::Machine::runBlock (exec=0x7fffaa709360, codeBlock=..., parentExec=0x10000, parentExec@entry=0x7fffaa709640) at codes.def:1233
#108 0x00007fcdcde31f71 in KJS::FunctionImp::callAsFunction (this=0x7fcdc1e35140, exec=0x7fffaa709640, thisObj=<optimized out>, args=...) at ../../kjs/function.cpp:171
#109 0x00007fcdcde4d9cd in call (args=..., thisObj=<optimized out>, exec=<optimized out>, this=<optimized out>) at ../../kjs/object.h:632
#110 KJS::Machine::runBlock (exec=0x7fffaa709640, codeBlock=..., parentExec=0x10000, parentExec@entry=0x7fffaa709950) at codes.def:1233
#111 0x00007fcdcde31f71 in KJS::FunctionImp::callAsFunction (this=0x7fcdc1e79e00, exec=0x7fffaa709950, thisObj=<optimized out>, args=...) at ../../kjs/function.cpp:171
#112 0x00007fcdcde301f9 in call (args=..., thisObj=0x7fcdc23b7dc0, exec=0x7fffaa709950, this=0x7fcdc1e79e00) at ../../kjs/object.h:632
#113 KJS::FunctionImp::construct (this=0x7fcdc1e79e00, exec=0x7fffaa709950, args=...) at ../../kjs/function.cpp:347
#114 0x00007fcdcde4d8be in KJS::Machine::runBlock (exec=0x7fffaa709950, codeBlock=..., parentExec=0x10000, parentExec@entry=0x7fffaa709c30) at codes.def:1254
#115 0x00007fcdcde31f71 in KJS::FunctionImp::callAsFunction (this=0x7fcdc2f80740, exec=0x7fffaa709c30, thisObj=<optimized out>, args=...) at ../../kjs/function.cpp:171
#116 0x00007fcdcde4d9cd in call (args=..., thisObj=<optimized out>, exec=<optimized out>, this=<optimized out>) at ../../kjs/object.h:632
#117 KJS::Machine::runBlock (exec=0x7fffaa709c30, codeBlock=..., parentExec=0x10000, parentExec@entry=0x7fffaa70a030) at codes.def:1233
#118 0x00007fcdcde31f71 in KJS::FunctionImp::callAsFunction (this=0x7fcdc20f37c0, exec=0x7fffaa70a030, thisObj=<optimized out>, args=...) at ../../kjs/function.cpp:171
#119 0x00007fcdcde3036d in KJS::BoundFunction::callAsFunction (this=<optimized out>, exec=0x7fffaa70a030, extraArgs=...) at ../../kjs/function.cpp:409
#120 0x00007fcdcde18197 in call (args=..., thisObj=0x7fcdca392f40, exec=0x7fffaa70a030, this=0x7fcdca393cc0) at ../../kjs/object.h:632
#121 KJS::FunctionProtoFunc::callAsFunction (this=<optimized out>, exec=0x7fffaa70a030, thisObj=0x7fcdca393cc0, args=...) at ../../kjs/function_object.cpp:125
#122 0x00007fcdcde4d9cd in call (args=..., thisObj=<optimized out>, exec=<optimized out>, this=<optimized out>) at ../../kjs/object.h:632
#123 KJS::Machine::runBlock (exec=0x7fffaa70a030, codeBlock=..., parentExec=0x10000, parentExec@entry=0x80ccea0) at codes.def:1233
#124 0x00007fcdcde31f71 in KJS::FunctionImp::callAsFunction (this=0x7fcdc23bdbc0, exec=0x80ccea0, thisObj=<optimized out>, args=...) at ../../kjs/function.cpp:171
#125 0x00007fcdce9d7070 in call (args=..., thisObj=0x7fcdca392f40, exec=0x80ccea0, this=<optimized out>) at ../../kjs/object.h:632
#126 KJS::ScheduledAction::execute (this=0xaf91bb0, window=0x7fcdca392f40) at ../../khtml/ecma/kjs_window.cpp:2504
#127 0x00007fcdce9d72a1 in KJS::WindowQObject::timerEvent (this=0x76cee20) at ../../khtml/ecma/kjs_window.cpp:2679
#128 0x00007fcdded41a31 in QObject::event (this=0x76cee20, e=<optimized out>) at kernel/qobject.cpp:1156
#129 0x00007fcddf71be2c in QApplicationPrivate::notify_helper (this=this@entry=0x14ac1d0, receiver=receiver@entry=0x76cee20, e=e@entry=0x7fffaa70a610) at kernel/qapplication.cpp:4567
#130 0x00007fcddf7224a0 in QApplication::notify (this=this@entry=0x7fffaa70aa60, receiver=receiver@entry=0x76cee20, e=e@entry=0x7fffaa70a610) at kernel/qapplication.cpp:4353
#131 0x00007fcde0426d1a in KApplication::notify (this=0x7fffaa70aa60, receiver=0x76cee20, event=0x7fffaa70a610) at ../../kdeui/kernel/kapplication.cpp:311
#132 0x00007fcdded294dd in QCoreApplication::notifyInternal (this=0x7fffaa70aa60, receiver=0x76cee20, event=0x7fffaa70a610) at kernel/qcoreapplication.cpp:953
#133 0x00007fcdded59323 in sendEvent (event=<optimized out>, receiver=<optimized out>) at ../../include/QtCore/../../src/corelib/kernel/qcoreapplication.h:231
#134 QTimerInfoList::activateTimers (this=0x14ac7b0) at kernel/qeventdispatcher_unix.cpp:621
#135 0x00007fcdded56629 in timerSourceDispatch (source=<optimized out>) at kernel/qeventdispatcher_glib.cpp:193
#136 idleTimerSourceDispatch (source=<optimized out>) at kernel/qeventdispatcher_glib.cpp:240
#137 0x00007fcddb02be04 in g_main_context_dispatch () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#138 0x00007fcddb02c048 in ?? () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#139 0x00007fcddb02c0ec in g_main_context_iteration () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#140 0x00007fcdded567a1 in QEventDispatcherGlib::processEvents (this=0x1468b50, flags=...) at kernel/qeventdispatcher_glib.cpp:434
#141 0x00007fcddf7bdbb6 in QGuiEventDispatcherGlib::processEvents (this=<optimized out>, flags=...) at kernel/qguieventdispatcher_glib.cpp:204
#142 0x00007fcdded280af in QEventLoop::processEvents (this=this@entry=0x7fffaa70a880, flags=...) at kernel/qeventloop.cpp:149
#143 0x00007fcdded283a5 in QEventLoop::exec (this=this@entry=0x7fffaa70a880, flags=...) at kernel/qeventloop.cpp:204
#144 0x00007fcdded2db79 in QCoreApplication::exec () at kernel/qcoreapplication.cpp:1225
#145 0x00007fcddf71a37c in QApplication::exec () at kernel/qapplication.cpp:3828
#146 0x00007fcde248bdee in kdemain (argc=<optimized out>, argv=<optimized out>) at ../../../konqueror/src/konqmain.cpp:227
#147 0x00007fcde2035ec5 in __libc_start_main (main=0x4006d0 <main(int, char**)>, argc=1, argv=0x7fffaa70ac08, init=<optimized out>, fini=<optimized out>, rtld_fini=<optimized out>, stack_end=0x7fffaa70abf8) at libc-start.c:287
#148 0x00000000004006fe in _start ()

The reporter indicates this bug may be a duplicate of or related to bug 210888.

Possible duplicates by query: bug 210888.

Reported using DrKonqi

Comment 1 Graeme Hewson 2014-07-25 08:29:58 UTC

To reproduce a similar problem:

1. Start Konqueror through Kickoff or an icon, or from Konsole with "kfmclient openProfile webbrowsing".

2. Go to http://tfl.gov.uk/oyster - this currently redirects to http://tfl.gov.uk/fares-and-payments/oyster?cid=fs076

3. Crash occurs at this point (maybe helped by moving the mouse).

The crash doesn't occur if Konqueror is started from Konsole with "/usr/bin/konqueror".

I say it's a similar problem because the Crash Reporting Assistant says debug symbols are missing. If I click on "Install Debug Symbols", it goes through the motions of installing the symbols, but I'm not asked for my password and they're not installed. There's no way I can see of determining which symbols are missing.

If I go directly to http://tfl.gov.uk/fares-and-payments/oyster?cid=fs076 after starting Konqueror, the Crash Reporting Assistant isn't invoked, and the browser simply quits with no message.

Comment 2 Graeme Hewson 2014-07-31 15:56:18 UTC

Created attachment 88063 [details]
New crash information added by DrKonqi

konqueror (4.13.2) on KDE Platform 4.13.2 using Qt 4.8.6

- What I was doing when the application crashed:

In bash session:

$ ulimit -v 850000
$ konqueror http://lwn.net

Browse for a while.

-- Backtrace (Reduced):
#6  memset () at ../sysdeps/x86_64/memset.S:78
#7  0x00007fd27fb1104a in memset (__len=65536, __ch=0, __dest=0x0) at /usr/include/x86_64-linux-gnu/bits/string3.h:84
#8  KJS::allocateBlock () at ../../kjs/collector.cpp:209
#9  0x00007fd27fb11b91 in KJS::Collector::allocate (s=s@entry=64) at ../../kjs/collector.cpp:361
#10 0x00007fd27fb41535 in KJS::JSCell::operator new (size=size@entry=64) at ../../kjs/value.cpp:41

Comment 3 Graeme Hewson 2014-07-31 15:59:39 UTC

I'm not sure exactly what happened before my original report, but I had a Konsole session with a limited amount of virtual memory (through ulimit). I think the limit was somehow applied to all Konqueror sessions.

Comment 4 Andrew Crouthamel 2018-10-31 04:12:09 UTC

Dear Bug Submitter,

This bug has been stagnant for a long time. Could you help us out and re-test if the bug is valid in the latest version? I am setting the status to NEEDSINFO pending your response, please change the Status back to REPORTED when you respond.

Thank you for helping us make KDE software even better for everyone!

Comment 5 Graeme Hewson 2018-10-31 07:41:46 UTC

It's possible to induce a crash in Konqueror 5.0.97 when storage is limited, but I don't know if it's the same problem as reported above.

$ ulimit -v 1500000
$ konqueror http://lwn.net
KonqFrame(0x55bdbb41ee70) QObject(0x0)
mmap() failed: Cannot allocate memory
mmap() failed: Cannot allocate memory
Received signal 11 SEGV_MAPERR 000000000000
LLVM ERROR: out of memory
Received signal 6