Bug 323488

When visiting the website
http://einestages.spiegel.de/static/topicalbumbackground/4378/vision_possible.html
Konqueror will crash with a segfault.

Reproducible: Always

Steps to Reproduce:
1. Visit http://einestages.spiegel.de/static/topicalbumbackground/4378/vision_possible.html
Actual Results:  
Konqueror crashes

Expected Results:  
Konqueror should load and display the requested site.

Backtrace:


Application: Konqueror (kdeinit4), signal: Segmentation fault
Using host libthread_db library "/lib64/libthread_db.so.1".
[Current thread is 1 (Thread 0x7f1c26995780 (LWP 6326))]

Thread 5 (Thread 0x7f1c06610700 (LWP 6333)):
#0  0x00007f1c23fe0bd3 in __GI___poll (fds=<optimized out>, nfds=<optimized out>, timeout=<optimized out>) at ../sysdeps/unix/sysv/linux/poll.c:87
#1  0x00007f1c20f1d9d6 in g_main_context_poll (n_fds=1, fds=0x7f1c00002a50, timeout=-1, context=0x7f1c000009a0, priority=<optimized out>) at gmain.c:3440
#2  g_main_context_iterate (dispatch=1, block=<optimized out>, context=0x7f1c000009a0, self=<optimized out>) at gmain.c:3141
#3  g_main_context_iterate (context=0x7f1c000009a0, block=<optimized out>, dispatch=1, self=<optimized out>) at gmain.c:3083
#4  0x00007f1c20f1db04 in g_main_context_iteration (context=0x7f1c000009a0, may_block=1) at gmain.c:3207
#5  0x00007f1c25602186 in QEventDispatcherGlib::processEvents (this=0x7f1c000008c0, flags=...) at kernel/qeventdispatcher_glib.cpp:424
#6  0x00007f1c255d2bcf in QEventLoop::processEvents (this=this@entry=0x7f1c0660fdd0, flags=...) at kernel/qeventloop.cpp:149
#7  0x00007f1c255d2e58 in QEventLoop::exec (this=0x7f1c0660fdd0, flags=...) at kernel/qeventloop.cpp:204
#8  0x00007f1c254d5380 in QThread::exec (this=<optimized out>) at thread/qthread.cpp:542
#9  0x00007f1c1c76a84e in KIO::NameLookUpThread::run (this=0x14f6a20) at /var/tmp/portage/kde-base/kdelibs-4.10.5-r1/work/kdelibs-4.10.5/kio/kio/hostinfo.cpp:226
#10 0x00007f1c254d7b0c in QThreadPrivate::start (arg=0x14f6a20) at thread/qthread_unix.cpp:338
#11 0x00007f1c25241ec6 in start_thread (arg=0x7f1c06610700) at pthread_create.c:305
#12 0x00007f1c23fe986d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:115

Thread 4 (Thread 0x7f1c05e0f700 (LWP 6334)):
#0  pthread_cond_timedwait () at ../nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_timedwait.S:215
#1  0x00007f1c254d7fc7 in wait (time=30000, this=0x7f1c00002db0) at thread/qwaitcondition_unix.cpp:84
#2  QWaitCondition::wait (this=<optimized out>, mutex=0x7f1c00002d28, time=30000) at thread/qwaitcondition_unix.cpp:158
#3  0x00007f1c254cb85f in QThreadPoolThread::run (this=0x7f1c00003110) at concurrent/qthreadpool.cpp:141
#4  0x00007f1c254d7b0c in QThreadPrivate::start (arg=0x7f1c00003110) at thread/qthread_unix.cpp:338
#5  0x00007f1c25241ec6 in start_thread (arg=0x7f1c05e0f700) at pthread_create.c:305
#6  0x00007f1c23fe986d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:115

Thread 3 (Thread 0x7f1c051a6700 (LWP 6337)):
#0  pthread_cond_wait () at ../nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_wait.S:162
#1  0x00007f1c19673cdd in WTF::TCMalloc_PageHeap::scavengerThread (this=0x7f1c1a036200 <WTF::pageheap_memory>) at wtf/FastMalloc.cpp:2495
#2  0x00007f1c19673de9 in WTF::TCMalloc_PageHeap::runScavengerThread (context=<optimized out>) at wtf/FastMalloc.cpp:1618
#3  0x00007f1c25241ec6 in start_thread (arg=0x7f1c051a6700) at pthread_create.c:305
#4  0x00007f1c23fe986d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:115

Thread 2 (Thread 0x7f1c048a5700 (LWP 6338)):
#0  0x00007f1c23fe0bd3 in __GI___poll (fds=<optimized out>, nfds=<optimized out>, timeout=<optimized out>) at ../sysdeps/unix/sysv/linux/poll.c:87
#1  0x00007f1c20f1d9d6 in g_main_context_poll (n_fds=1, fds=0x7f1bfc0029c0, timeout=-1, context=0x7f1bfc0009a0, priority=<optimized out>) at gmain.c:3440
#2  g_main_context_iterate (dispatch=1, block=<optimized out>, context=0x7f1bfc0009a0, self=<optimized out>) at gmain.c:3141
#3  g_main_context_iterate (context=0x7f1bfc0009a0, block=<optimized out>, dispatch=1, self=<optimized out>) at gmain.c:3083
#4  0x00007f1c20f1db04 in g_main_context_iteration (context=0x7f1bfc0009a0, may_block=1) at gmain.c:3207
#5  0x00007f1c256021a6 in QEventDispatcherGlib::processEvents (this=0x7f1bfc0008c0, flags=...) at kernel/qeventdispatcher_glib.cpp:426
#6  0x00007f1c255d2bcf in QEventLoop::processEvents (this=this@entry=0x7f1c048a4e00, flags=...) at kernel/qeventloop.cpp:149
#7  0x00007f1c255d2e58 in QEventLoop::exec (this=0x7f1c048a4e00, flags=...) at kernel/qeventloop.cpp:204
#8  0x00007f1c254d5380 in QThread::exec (this=<optimized out>) at thread/qthread.cpp:542
#9  0x00007f1c254d7b0c in QThreadPrivate::start (arg=0x112f580) at thread/qthread_unix.cpp:338
#10 0x00007f1c25241ec6 in start_thread (arg=0x7f1c048a5700) at pthread_create.c:305
#11 0x00007f1c23fe986d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:115

Thread 1 (Thread 0x7f1c26995780 (LWP 6326)):
[KCrash Handler]
#6  parentIsConstructedOrHaveNext (parentBox=0x29) at rendering/RenderBlockLineLayout.cpp:226
#7  WebCore::RenderBlock::createLineBoxes (this=this@entry=0x7f1c0974a3f8, obj=0x7f1c096c5820, lineInfo=..., childBox=childBox@entry=0x7f1c0974a930) at rendering/RenderBlockLineLayout.cpp:256
#8  0x00007f1c1928b1e3 in WebCore::RenderBlock::constructLine (this=this@entry=0x7f1c0974a3f8, bidiRuns=..., lineInfo=...) at rendering/RenderBlockLineLayout.cpp:343
#9  0x00007f1c19296037 in WebCore::RenderBlock::createLineBoxesFromBidiRuns (this=this@entry=0x7f1c0974a3f8, bidiRuns=..., end=..., lineInfo=..., verticalPositionCache=..., trailingSpaceRun=0x0) at rendering/RenderBlockLineLayout.cpp:775
#10 0x00007f1c19296cc0 in WebCore::RenderBlock::layoutRunsAndFloats (this=this@entry=0x7f1c0974a3f8, fullLayout=fullLayout@entry=false, hasInlineChild=<optimized out>, floats=..., repaintLogicalTop=@0x7fff4af97b84: 19, repaintLogicalBottom=@0x7fff4af97b88: 2262) at rendering/RenderBlockLineLayout.cpp:947
#11 0x00007f1c19298128 in WebCore::RenderBlock::layoutInlineChildren (this=0x7f1c0974a3f8, relayoutChildren=false, repaintLogicalTop=@0x7fff4af97b84: 19, repaintLogicalBottom=@0x7fff4af97b88: 2262) at rendering/RenderBlockLineLayout.cpp:1164
#12 0x00007f1c192881d6 in WebCore::RenderBlock::layoutBlock (this=0x7f1c0974a3f8, relayoutChildren=false, pageLogicalHeight=0) at rendering/RenderBlock.cpp:1260
#13 0x00007f1c1926c3fd in WebCore::RenderBlock::layout (this=0x7f1c0974a3f8) at rendering/RenderBlock.cpp:1158
#14 0x00007f1c19283ff9 in WebCore::RenderBlock::layoutBlockChild (this=this@entry=0x7f1c048ea968, child=0x7f1c0974a3f8, marginInfo=..., previousFloatLogicalBottom=@0x7fff4af97cf8: 2263, maxFloatLogicalBottom=@0x7fff4af97dac: 2265) at rendering/RenderBlock.cpp:2000
#15 0x00007f1c1928491b in WebCore::RenderBlock::layoutBlockChildren (this=this@entry=0x7f1c048ea968, relayoutChildren=relayoutChildren@entry=false, maxFloatLogicalBottom=@0x7fff4af97dac: 2265) at rendering/RenderBlock.cpp:1938
#16 0x00007f1c19287b70 in WebCore::RenderBlock::layoutBlock (this=0x7f1c048ea968, relayoutChildren=false, pageLogicalHeight=0) at rendering/RenderBlock.cpp:1262
#17 0x00007f1c1926c3fd in WebCore::RenderBlock::layout (this=0x7f1c048ea968) at rendering/RenderBlock.cpp:1158
#18 0x00007f1c19283ff9 in WebCore::RenderBlock::layoutBlockChild (this=this@entry=0x7f1c048ea698, child=0x7f1c048ea968, marginInfo=..., previousFloatLogicalBottom=@0x7fff4af97f18: 2263, maxFloatLogicalBottom=@0x7fff4af97fcc: 0) at rendering/RenderBlock.cpp:2000
#19 0x00007f1c1928491b in WebCore::RenderBlock::layoutBlockChildren (this=this@entry=0x7f1c048ea698, relayoutChildren=relayoutChildren@entry=false, maxFloatLogicalBottom=@0x7fff4af97fcc: 0) at rendering/RenderBlock.cpp:1938
#20 0x00007f1c19287b70 in WebCore::RenderBlock::layoutBlock (this=0x7f1c048ea698, relayoutChildren=false, pageLogicalHeight=0) at rendering/RenderBlock.cpp:1262
#21 0x00007f1c1926c3fd in WebCore::RenderBlock::layout (this=0x7f1c048ea698) at rendering/RenderBlock.cpp:1158
#22 0x00007f1c19283ff9 in WebCore::RenderBlock::layoutBlockChild (this=this@entry=0x7f1c048ea420, child=0x7f1c048ea698, marginInfo=..., previousFloatLogicalBottom=@0x7fff4af98138: 2263, maxFloatLogicalBottom=@0x7fff4af981ec: 0) at rendering/RenderBlock.cpp:2000
#23 0x00007f1c1928491b in WebCore::RenderBlock::layoutBlockChildren (this=this@entry=0x7f1c048ea420, relayoutChildren=relayoutChildren@entry=false, maxFloatLogicalBottom=@0x7fff4af981ec: 0) at rendering/RenderBlock.cpp:1938
#24 0x00007f1c19287b70 in WebCore::RenderBlock::layoutBlock (this=0x7f1c048ea420, relayoutChildren=false, pageLogicalHeight=0) at rendering/RenderBlock.cpp:1262
#25 0x00007f1c1926c3fd in WebCore::RenderBlock::layout (this=0x7f1c048ea420) at rendering/RenderBlock.cpp:1158
#26 0x00007f1c19339298 in WebCore::RenderView::layout (this=0x7f1c048ea420) at rendering/RenderView.cpp:130
#27 0x00007f1c191cd797 in WebCore::FrameView::layout (this=0x7f1c048e1b80, allowSubtree=<optimized out>) at page/FrameView.cpp:964
#28 0x00007f1c18f5e59a in WebCore::Document::updateLayoutIgnorePendingStylesheets (this=0x7f1c048e3800) at dom/Document.cpp:1611
#29 0x00007f1c18ed0529 in WebCore::CSSComputedStyleDeclaration::getPropertyCSSValue (this=0x7f1bb30389d8, propertyID=1001, updateLayout=updateLayout@entry=WebCore::UpdateLayout) at css/CSSComputedStyleDeclaration.cpp:803
#30 0x00007f1c18ed951e in WebCore::CSSComputedStyleDeclaration::getPropertyCSSValue (this=<optimized out>, propertyID=<optimized out>) at css/CSSComputedStyleDeclaration.cpp:675
#31 0x00007f1c18ecaa75 in WebCore::CSSComputedStyleDeclaration::getPropertyValue (this=<optimized out>, propertyID=<optimized out>) at css/CSSComputedStyleDeclaration.cpp:1819
#32 0x00007f1c18f07362 in WebCore::CSSStyleDeclaration::getPropertyValue (this=0x7f1bb30389d8, propertyName=...) at css/CSSStyleDeclaration.cpp:77
#33 0x00007f1c189a95b4 in WebCore::jsCSSStyleDeclarationPrototypeFunctionGetPropertyValue (exec=0x7f1c09b2cd68) at ../../WebCore/generated/JSCSSStyleDeclaration.cpp:295
#34 0x00007f1bb80001e8 in ?? ()
#35 0x00007f1c09810498 in ?? ()
#36 0x00007f1bb80e1180 in ?? ()
#37 0x0000000000000000 in ?? ()