Summary: | Konqueror always crash while opens URL http://www.strizhi.ru/cgi-bin/yabb/YaBB.pl?num=1284473992/0#0 | ||
---|---|---|---|
Product: | [Applications] konqueror | Reporter: | Sergey Burladyan <eshkinkot> |
Component: | general | Assignee: | Konqueror Developers <konq-bugs> |
Status: | RESOLVED DUPLICATE | ||
Severity: | crash | CC: | maksim |
Priority: | NOR | ||
Version: | unspecified | ||
Target Milestone: | --- | ||
Platform: | Debian stable | ||
OS: | Linux | ||
Latest Commit: | Version Fixed In: |
Description
Sergey Burladyan
2010-10-11 08:53:27 UTC
Confirmed... ==11957== Jump to the invalid address stated on the next line ==11957== at 0xA5: ??? ==11957== by 0xBC1337E: khtml::RenderBlock::findNextLineBreak(khtml::BidiIterator&, khtml::BidiState&) (bidi.cpp:1898) ==11957== by 0xBC15508: khtml::RenderBlock::layoutInlineChildren(bool, int) (bidi.cpp:1506) ==11957== by 0xBC21C42: khtml::RenderBlock::layoutBlock(bool) (render_block.cpp:835) ==11957== by 0xBC60A72: khtml::RenderTableCell::layout() (render_table.cpp:2525) ==11957== by 0xBC69C0D: khtml::RenderTableRow::layout() (render_table.cpp:2308) ==11957== by 0xBAE2C40: khtml::RenderObject::layoutIfNeeded() (in /opt/kde42/lib/libkhtml.so.5.5.0) ==11957== by 0xBC41FE5: khtml::RenderContainer::layout() (render_container.cpp:640) ==11957== by 0xBC6B7FA: khtml::RenderTable::layout() (render_table.cpp:345) ==11957== by 0xBAE2C40: khtml::RenderObject::layoutIfNeeded() (in /opt/kde42/lib/libkhtml.so.5.5.0) ==11957== by 0xBC20615: khtml::RenderBlock::layoutBlockChildren(bool) (render_block.cpp:1558) ==11957== by 0xBC21C53: khtml::RenderBlock::layoutBlock(bool) (render_block.cpp:837) ==11957== Address 0xa5 is not stack'd, malloc'd or (recently) free'd Better one (forgot I didn't disable arenas).. ==18525== Invalid read of size 1 ==18525== at 0xBBC1D57: khtml::RenderObject::isFloating() const (render_object.h:324) ==18525== by 0xBD08D06: khtml::requiresLineBox(khtml::BidiIterator&) (bidi.cpp:1827) ==18525== by 0xBD0B0BE: khtml::RenderBlock::findNextLineBreak(khtml::BidiIterator&, khtml::BidiState&) (bidi.cpp:1898) ==18525== by 0xBD0D248: khtml::RenderBlock::layoutInlineChildren(bool, int) (bidi.cpp:1506) ==18525== by 0xBD19982: khtml::RenderBlock::layoutBlock(bool) (render_block.cpp:835) ==18525== by 0xBD58772: khtml::RenderTableCell::layout() (render_table.cpp:2525) ==18525== by 0xBD6190D: khtml::RenderTableRow::layout() (render_table.cpp:2308) ==18525== by 0xBBD9480: khtml::RenderObject::layoutIfNeeded() (in /opt/kde42/lib/libkhtml.so.5.6.0) ==18525== by 0xBD39D15: khtml::RenderContainer::layout() (render_container.cpp:640) ==18525== by 0xBD634FA: khtml::RenderTable::layout() (render_table.cpp:345) ==18525== by 0xBBD9480: khtml::RenderObject::layoutIfNeeded() (in /opt/kde42/lib/libkhtml.so.5.6.0) ==18525== by 0xBD18355: khtml::RenderBlock::layoutBlockChildren(bool) (render_block.cpp:1558) ==18525== by 0xBD19993: khtml::RenderBlock::layoutBlock(bool) (render_block.cpp:837) ==18525== by 0xBD19E74: khtml::RenderBlock::layout() (render_block.cpp:738) ==18525== by 0xBBD9480: khtml::RenderObject::layoutIfNeeded() (in /opt/kde42/lib/libkhtml.so.5.6.0) ==18525== by 0xBD18355: khtml::RenderBlock::layoutBlockChildren(bool) (render_block.cpp:1558) ==18525== by 0xBD19993: khtml::RenderBlock::layoutBlock(bool) (render_block.cpp:837) ==18525== by 0xBD19E74: khtml::RenderBlock::layout() (render_block.cpp:738) ==18525== by 0xBBD9480: khtml::RenderObject::layoutIfNeeded() (in /opt/kde42/lib/libkhtml.so.5.6.0) ==18525== by 0xBD18355: khtml::RenderBlock::layoutBlockChildren(bool) (render_block.cpp:1558) ==18525== by 0xBD19993: khtml::RenderBlock::layoutBlock(bool) (render_block.cpp:837) ==18525== by 0xBD19E74: khtml::RenderBlock::layout() (render_block.cpp:738) ==18525== by 0xBD8A7A3: khtml::RenderBody::layout() (render_body.cpp:91) ==18525== by 0xBBD9480: khtml::RenderObject::layoutIfNeeded() (in /opt/kde42/lib/libkhtml.so.5.6.0) ==18525== by 0xBD18355: khtml::RenderBlock::layoutBlockChildren(bool) (render_block.cpp:1558) ==18525== by 0xBD19993: khtml::RenderBlock::layoutBlock(bool) (render_block.cpp:837) ==18525== by 0xBD19E74: khtml::RenderBlock::layout() (render_block.cpp:738) ==18525== by 0xBBD9480: khtml::RenderObject::layoutIfNeeded() (in /opt/kde42/lib/libkhtml.so.5.6.0) ==18525== by 0xBD18355: khtml::RenderBlock::layoutBlockChildren(bool) (render_block.cpp:1558) ==18525== by 0xBD19993: khtml::RenderBlock::layoutBlock(bool) (render_block.cpp:837) ==18525== by 0xBD85FD8: khtml::RenderCanvas::layout() (render_canvas.cpp:191) ==18525== by 0xBBD4AEA: KHTMLView::layout() (khtmlview.cpp:1020) ==18525== by 0xBBD60BA: KHTMLView::timerEvent(QTimerEvent*) (khtmlview.cpp:4179) ==18525== by 0x54CCB0F: QObject::event(QEvent*) (qobject.cpp:1183) ==18525== by 0x5AF189C: QWidget::event(QEvent*) (qwidget.cpp:8646) ==18525== by 0x5F1C5FD: QFrame::event(QEvent*) (qframe.cpp:557) ==18525== by 0x5FB4FBB: QAbstractScrollArea::event(QEvent*) (qabstractscrollarea.cpp:996) ==18525== by 0x5FB9E0C: QScrollArea::event(QEvent*) (qscrollarea.cpp:314) ==18525== by 0xBBC8A24: KHTMLView::event(QEvent*) (khtmlview.cpp:551) ==18525== by 0x5A94C6F: QApplicationPrivate::notify_helper(QObject*, QEvent*) (qapplication.cpp:4397) ==18525== by 0x5A94ADB: QApplication::notify(QObject*, QEvent*) (qapplication.cpp:4362) ==18525== by 0x4CB8732: KApplication::notify(QObject*, QEvent*) (kapplication.cpp:311) ==18525== by 0x54B7E3B: QCoreApplication::notifyInternal(QObject*, QEvent*) (qcoreapplication.cpp:732) ==18525== by 0x40A36CD: QCoreApplication::sendEvent(QObject*, QEvent*) (in /opt/kde42/lib/libkdeinit4_konqueror.so) ==18525== by 0x54EBB3E: QTimerInfoList::activateTimers() (qeventdispatcher_unix.cpp:602) ==18525== by 0x54E88DE: timerSourceDispatch(_GSource*, int (*)(void*), void*) (qeventdispatcher_glib.cpp:184) ==18525== by 0x6BFBA18: g_main_context_dispatch (gmain.c:2149) ==18525== by 0x6BFC21F: g_main_context_iterate.clone.5 (gmain.c:2780) ==18525== by 0x6BFC4D9: g_main_context_iteration (gmain.c:2843) ==18525== by 0x54E9183: QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) (qeventdispatcher_glib.cpp:415) ==18525== Address 0xb1c13f2 is 34 bytes inside a block of size 68 free'd ==18525== at 0x4023996: free (vg_replace_malloc.c:325) ==18525== by 0xBD4D585: khtml::RenderArena::free(unsigned int, void*) (render_arena.cpp:122) ==18525== by 0xBD29AB2: khtml::RenderObject::arenaDelete(khtml::RenderArena*, void*) (render_object.cpp:2408) ==18525== by 0xBD31567: khtml::RenderObject::detach() (render_object.cpp:2384) ==18525== by 0xBD485C2: khtml::RenderText::detach() (render_text.cpp:729) ==18525== by 0xBC7287B: DOM::NodeImpl::detach() (dom_nodeimpl.cpp:901) ==18525== by 0xBC72FFA: DOM::NodeBaseImpl::removeChildren() (dom_nodeimpl.cpp:1712) ==18525== by 0xBCCC2B8: DOM::HTMLElementImpl::setInnerHTML(DOM::DOMString const&, int&) (html_elementimpl.cpp:526) ==18525== by 0xBE49878: KJS::HTMLElement::putValueProperty(KJS::ExecState*, int, KJS::JSValue*, int) (kjs_html.cpp:2646) ==18525== by 0xBE49DA8: KJS::HTMLElement::put(KJS::ExecState*, KJS::Identifier const&, KJS::JSValue*, int) (kjs_html.cpp:2404) ==18525== by 0xC6F1ED0: KJS::Machine::runBlock(KJS::ExecState*, WTF::Vector<unsigned char, 0u> const&, KJS::ExecState*) (codes.def:672) ==18525== by 0xC6D2ED0: KJS::FunctionImp::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List const&) (function.cpp:172) ==18525== by 0xBE6C2C5: KJS::JSObject::call(KJS::ExecState*, KJS::JSObject*, KJS::List const&) (object.h:626) ==18525== by 0xBE8D7AE: KJS::JSEventListener::handleEvent(DOM::Event&) (kjs_events.cpp:107) ==18525== by 0xBC9B444: DOM::EventTargetImpl::handleLocalEvents(DOM::EventImpl*, bool) (dom2_eventsimpl.cpp:61) ==18525== by 0xBC75B51: DOM::NodeImpl::dispatchGenericEvent(DOM::EventImpl*, int&) (dom_nodeimpl.cpp:469) ==18525== by 0xBC75E35: DOM::NodeImpl::dispatchWindowEvent(int, bool, bool) (dom_nodeimpl.cpp:535) ==18525== by 0xBCCF695: DOM::HTMLDocumentImpl::close() (html_documentimpl.cpp:237) ==18525== by 0xBBEE5B1: KHTMLPart::checkEmitLoadEvent() (khtml_part.cpp:2482) ==18525== by 0xBBF2D57: KHTMLPart::checkCompleted() (khtml_part.cpp:2421) ==18525== by 0xBBF35C0: KHTMLPart::slotLoaderRequestDone(khtml::DocLoader*, khtml::CachedObject*) (khtml_part.cpp:2261) ==18525== by 0xBC0CE35: KHTMLPart::qt_metacall(QMetaObject::Call, int, void**) (khtml_part.moc:332) ==18525== by 0x54BED0D: QMetaObject::metacall(QObject*, QMetaObject::Call, int, void**) (qmetaobject.cpp:237) ==18525== by 0x54D060A: QMetaObject::activate(QObject*, QMetaObject const*, int, void**) (qobject.cpp:3277) ==18525== by 0xBDEBBA8: khtml::Loader::requestDone(khtml::DocLoader*, khtml::CachedObject*) (loader.moc:162) ==18525== by 0xBDEF051: khtml::Loader::slotFinished(KJob*) (loader.cpp:1263) ==18525== by 0xBDEF486: khtml::Loader::qt_metacall(QMetaObject::Call, int, void**) (loader.moc:141) ==18525== by 0x54BED0D: QMetaObject::metacall(QObject*, QMetaObject::Call, int, void**) (qmetaobject.cpp:237) ==18525== by 0x54D060A: QMetaObject::activate(QObject*, QMetaObject const*, int, void**) (qobject.cpp:3277) ==18525== by 0x511F492: KJob::result(KJob*) (kjob.moc:194) ==18525== by 0x511F4E8: KJob::emitResult() (kjob.cpp:312) ==18525== by 0x448ECD4: KIO::SimpleJob::slotFinished() (job.cpp:523) ==18525== by 0x4499497: KIO::TransferJob::slotFinished() (job.cpp:1112) ==18525== by 0x4497112: KIO::TransferJob::qt_metacall(QMetaObject::Call, int, void**) (jobclasses.moc:367) ==18525== by 0x54BED0D: QMetaObject::metacall(QObject*, QMetaObject::Call, int, void**) (qmetaobject.cpp:237) ==18525== by 0x54D060A: QMetaObject::activate(QObject*, QMetaObject const*, int, void**) (qobject.cpp:3277) ==18525== by 0x4541966: KIO::SlaveInterface::finished() (slaveinterface.moc:171) ==18525== by 0x45438D6: KIO::SlaveInterface::dispatch(int, QByteArray const&) (slaveinterface.cpp:173) ==18525== by 0x45412D9: KIO::SlaveInterface::dispatch() (slaveinterface.cpp:89) ==18525== by 0x4536EA4: KIO::Slave::gotInput() (slave.cpp:347) ==18525== by 0x453756A: KIO::Slave::qt_metacall(QMetaObject::Call, int, void**) (slave.moc:82) ==18525== by 0x54BED0D: QMetaObject::metacall(QObject*, QMetaObject::Call, int, void**) (qmetaobject.cpp:237) ==18525== by 0x54D060A: QMetaObject::activate(QObject*, QMetaObject const*, int, void**) (qobject.cpp:3277) ==18525== by 0x4460356: KIO::Connection::readyRead() (connection.moc:92) ==18525== by 0x44619B5: KIO::ConnectionPrivate::dequeue() (connection.cpp:82) ==18525== by 0x4461A5D: KIO::Connection::qt_metacall(QMetaObject::Call, int, void**) (connection.moc:79) ==18525== by 0x54BED0D: QMetaObject::metacall(QObject*, QMetaObject::Call, int, void**) (qmetaobject.cpp:237) ==18525== by 0x54CBCAE: QMetaCallEvent::placeMetaCall(QObject*) (qobject.cpp:534) ==18525== by 0x54CCBD2: QObject::event(QEvent*) (qobject.cpp:1216) ==18525== by 0x5A94C6F: QApplicationPrivate::notify_helper(QObject*, QEvent*) (qapplication.cpp:4397) *** This bug has been marked as a duplicate of bug 238600 *** |