Bug 171071

I forgot to mention that it works fine with Firefox 3.  Also, when running Konqueror in konsole I get this output:

-----
quini@quinitx:~$ konqueror

(process:31796): Gtk-CRITICAL **: gtk_clipboard_get_for_display: assertion `display != NULL' failed
Adobe Flash Player: gtk_clipboard_get(GDK_SELECTION_PRIMARY); failed. Trying to call gtk_init(0,0);
Not initializing the Gtk-Qt theme engine
QObject: 17 timers now exist for object KJS::WindowQObject::unnamed
QObject: 18 timers now exist for object KJS::WindowQObject::unnamed
QObject: 19 timers now exist for object KJS::WindowQObject::unnamed
QObject: 20 timers now exist for object KJS::WindowQObject::unnamed
QObject: 21 timers now exist for object KJS::WindowQObject::unnamed
QObject: 22 timers now exist for object KJS::WindowQObject::unnamed
QObject: 22 timers now exist for object KJS::WindowQObject::unnamed
QObject: 17 timers now exist for object KJS::WindowQObject::unnamed
QObject: 18 timers now exist for object KJS::WindowQObject::unnamed
QObject: 18 timers now exist for object KJS::WindowQObject::unnamed
QObject: 17 timers now exist for object KJS::WindowQObject::unnamed
QObject: 18 timers now exist for object KJS::WindowQObject::unnamed
QObject: 19 timers now exist for object KJS::WindowQObject::unnamed
QObject: 20 timers now exist for object KJS::WindowQObject::unnamed
QObject: 21 timers now exist for object KJS::WindowQObject::unnamed
QObject: 22 timers now exist for object KJS::WindowQObject::unnamed
QObject: 23 timers now exist for object KJS::WindowQObject::unnamed
QObject: 24 timers now exist for object KJS::WindowQObject::unnamed
QObject: 25 timers now exist for object KJS::WindowQObject::unnamed
QObject: 26 timers now exist for object KJS::WindowQObject::unnamed
QObject: 27 timers now exist for object KJS::WindowQObject::unnamed
QObject: 28 timers now exist for object KJS::WindowQObject::unnamed
QObject: 29 timers now exist for object KJS::WindowQObject::unnamed
QObject: 30 timers now exist for object KJS::WindowQObject::unnamed
QObject: 31 timers now exist for object KJS::WindowQObject::unnamed
QObject: 32 timers now exist for object KJS::WindowQObject::unnamed
QObject: 33 timers now exist for object KJS::WindowQObject::unnamed
QObject: 34 timers now exist for object KJS::WindowQObject::unnamed
QObject: 35 timers now exist for object KJS::WindowQObject::unnamed
QObject: 36 timers now exist for object KJS::WindowQObject::unnamed
QObject: 37 timers now exist for object KJS::WindowQObject::unnamed
QObject: 37 timers now exist for object KJS::WindowQObject::unnamed
Segmentation fault
-----

Confirming on KDE-4.1.1.

Backtrace

#0  0xb65214a9 in _int_malloc (av=0xb65f1140, bytes=12) at malloc.c:4085
#1  0xb6523446 in *__GI___libc_malloc (bytes=12) at malloc.c:3551
#2  0xb73eee7e in qMalloc (size=12) at global/qmalloc.cpp:57
#3  0xb7416420 in QHashData::allocateNode (this=0x85b73b8) at tools/qhash.cpp:176
#4  0xb46d9b5e in QHash<DOM::ElementImpl*, QHashDummyValue>::createNode (this=0x8bce7d0, ah=170092840, akey=@0xbf0411b8, avalue=@0xbf04113f, anextNode=0x9bf67e8) at /usr/include/qt4/QtCore/qhash.h:519
#5  0xb46d9c1f in QHash<DOM::ElementImpl*, QHashDummyValue>::insert (this=0x8bce7d0, akey=@0xbf0411b8, avalue=@0xbf04113f) at /usr/include/qt4/QtCore/qhash.h:745
#6  0xb46d9c77 in QSet<DOM::ElementImpl*>::insert (this=0x8bce7d0, value=@0xbf0411b8) at /usr/include/qt4/QtCore/qset.h:176
#7  0xb46d9d36 in KMultiMap<DOM::ElementImpl, DOM::ElementImpl>::insert (this=0x8961720, key=0x8976830, element=0xa236928)
    at /var/tmp/portage/kde-base/kdelibs-4.1.1/work/kdelibs-4.1.1/khtml/misc/multimap.h:57
#8  0xb46d8f98 in khtml::DynamicDomRestyler::addDependency (this=0x8961720, subject=0xa236928, dependency=0x8976830, type=khtml::StructuralDependency)
    at /var/tmp/portage/kde-base/kdelibs-4.1.1/work/kdelibs-4.1.1/khtml/xml/dom_restyler.cpp:36
#9  0xb47d3558 in khtml::CSSStyleSelector::addDependency (this=0x87b28e8, dependencyType=khtml::StructuralDependency, dependency=0x8976830)
    at /var/tmp/portage/kde-base/kdelibs-4.1.1/work/kdelibs-4.1.1/khtml/css/cssstyleselector.cpp:1184
#10 0xb47d3f74 in khtml::CSSStyleSelector::checkSimpleSelector (this=0x87b28e8, sel=0x85bca00, e=0xa236928, isAncestor=true, isSubSelector=false)
    at /var/tmp/portage/kde-base/kdelibs-4.1.1/work/kdelibs-4.1.1/khtml/css/cssstyleselector.cpp:1349
#11 0xb47d56e7 in khtml::CSSStyleSelector::checkSelector (this=0x87b28e8, sel=0x85bca00, e=0xa236928, isAncestor=true, isSubSelector=<value optimized out>)
    at /var/tmp/portage/kde-base/kdelibs-4.1.1/work/kdelibs-4.1.1/khtml/css/cssstyleselector.cpp:1090
#12 0xb47d5a19 in khtml::CSSStyleSelector::checkSelector (this=0x87b28e8, selIndex=331, e=0xa236928) at /var/tmp/portage/kde-base/kdelibs-4.1.1/work/kdelibs-4.1.1/khtml/css/cssstyleselector.cpp:1169
#13 0xb47d6364 in khtml::CSSStyleSelector::styleForElement (this=0x87b28e8, e=0xa236928) at /var/tmp/portage/kde-base/kdelibs-4.1.1/work/kdelibs-4.1.1/khtml/css/cssstyleselector.cpp:601
#14 0xb46c03bc in DOM::ElementImpl::styleForRenderer (this=0xa236928) at /var/tmp/portage/kde-base/kdelibs-4.1.1/work/kdelibs-4.1.1/khtml/xml/dom_elementimpl.cpp:751
#15 0xb46b8ccd in DOM::NodeImpl::createRendererIfNeeded (this=0xa236928) at /var/tmp/portage/kde-base/kdelibs-4.1.1/work/kdelibs-4.1.1/khtml/xml/dom_nodeimpl.cpp:1088
#16 0xb46c08a9 in DOM::ElementImpl::attach (this=0xa236928) at /var/tmp/portage/kde-base/kdelibs-4.1.1/work/kdelibs-4.1.1/khtml/xml/dom_elementimpl.cpp:772
#17 0xb470a621 in DOM::HTMLLIElementImpl::attach (this=0xa236928) at /var/tmp/portage/kde-base/kdelibs-4.1.1/work/kdelibs-4.1.1/khtml/html/html_listimpl.cpp:135
#18 0xb46e6409 in khtml::KHTMLParser::insertNode (this=0x879c190, n=0xa236928, flat=false) at /var/tmp/portage/kde-base/kdelibs-4.1.1/work/kdelibs-4.1.1/khtml/html/htmlparser.cpp:421
#19 0xb46e7225 in khtml::KHTMLParser::insertNode (this=0x879c190, n=0x85b7628, flat=false) at /var/tmp/portage/kde-base/kdelibs-4.1.1/work/kdelibs-4.1.1/khtml/html/htmlparser.cpp:801
#20 0xb46e742f in khtml::KHTMLParser::insertNode (this=0x879c190, n=0x85b7628, flat=false) at /var/tmp/portage/kde-base/kdelibs-4.1.1/work/kdelibs-4.1.1/khtml/html/htmlparser.cpp:648
#21 0xb46e742f in khtml::KHTMLParser::insertNode (this=0x879c190, n=0x85b7628, flat=false) at /var/tmp/portage/kde-base/kdelibs-4.1.1/work/kdelibs-4.1.1/khtml/html/htmlparser.cpp:648
#22 0xb46e742f in khtml::KHTMLParser::insertNode (this=0x879c190, n=0x85b7628, flat=false) at /var/tmp/portage/kde-base/kdelibs-4.1.1/work/kdelibs-4.1.1/khtml/html/htmlparser.cpp:648
#23 0xb46e742f in khtml::KHTMLParser::insertNode (this=0x879c190, n=0x85b7628, flat=false) at /var/tmp/portage/kde-base/kdelibs-4.1.1/work/kdelibs-4.1.1/khtml/html/htmlparser.cpp:648
#24 0xb46e742f in khtml::KHTMLParser::insertNode (this=0x879c190, n=0x85b7628, flat=false) at /var/tmp/portage/kde-base/kdelibs-4.1.1/work/kdelibs-4.1.1/khtml/html/htmlparser.cpp:648
#25 0xb46e742f in khtml::KHTMLParser::insertNode (this=0x879c190, n=0x85b7628, flat=false) at /var/tmp/portage/kde-base/kdelibs-4.1.1/work/kdelibs-4.1.1/khtml/html/htmlparser.cpp:648
#26 0xb46e742f in khtml::KHTMLParser::insertNode (this=0x879c190, n=0x85b7628, flat=false) at /var/tmp/portage/kde-base/kdelibs-4.1.1/work/kdelibs-4.1.1/khtml/html/htmlparser.cpp:648
[...]

Still reproducible (khtml 4.5)

==7010== Stack overflow in thread 1: can't grow stack to 0xbe1defc0
==7010== Can't extend stack to 0xbe1de8e0 during signal delivery for thread 1:
==7010==   no stack segment
==7010== 
==7010== Process terminating with default action of signal 11 (SIGSEGV)
==7010==  Access not within mapped region at address 0xBE1DE8E0
==7010==    at 0xE4CAEB7: khtml::CSSStyleSelector::applyRule(int, DOM::CSSValueImpl*) (cssstyleselector.cpp:2287)

Thank you for the report, Joan.

As it has been a while since this was reported, can you please test and confirm if this issue is still occurring or if this bug report can be marked as resolved.

I have set the bug status to "needsinfo" pending your response, please change back to "reported" or "resolved/worksforme" when you respond, thank you.

Dear Bug Submitter,

This bug has been in NEEDSINFO status with no change for at least
15 days. Please provide the requested information as soon as
possible and set the bug status as REPORTED. Due to regular bug
tracker maintenance, if the bug is still in NEEDSINFO status with
no change in 30 days the bug will be closed as RESOLVED > WORKSFORME
due to lack of needed information.

For more information about our bug triaging procedures please read the
wiki located here:
https://community.kde.org/Guidelines_and_HOWTOs/Bug_triaging

If you have already provided the requested information, please
mark the bug as REPORTED so that the KDE team knows that the bug is
ready to be confirmed.

Thank you for helping us make KDE software even better for everyone!

This bug has been in NEEDSINFO status with no change for at least
30 days. The bug is now closed as RESOLVED > WORKSFORME
due to lack of needed information.

For more information about our bug triaging procedures please read the
wiki located here:
https://community.kde.org/Guidelines_and_HOWTOs/Bug_triaging

Thank you for helping us make KDE software even better for everyone!