Version: 3.5.8 (using KDE KDE 3.5.8) Installed from: Ubuntu Packages OS: Linux Konqueror crashes whenever I try to access this link to Adobe Reader: http://www.adobe.com/products/acrobat/readstep2_allversions.html I'm using Konqueror 3.5.8 on KDE 3.5.8, running Ubuntu 7.10 (Gutsy). I've got browser identification set to "default".
See Ubuntu bug #175785 (https://bugs.launchpad.net/ubuntu/+source/kdebase/+bug/175785)
Confirm for both 3.5 and 4.0: Using host libthread_db library "/lib/i686/libthread_db.so.1". [Thread debugging using libthread_db enabled] [New Thread -1243138320 (LWP 6762)] [KCrash handler] #6 0xb555931a in khtml::RenderBlock::addChildToFlow (this=0x843a9a4, newChild=0x871cf48, beforeChild=0x843a3c4) at /home/maksim/kde3/kdelibs/khtml/rendering/render_block.cpp:372 #7 0xb557a699 in khtml::RenderFlow::addChild (this=0x843a9a4, newChild=0x871cf48, beforeChild=0x843a3c4) at /home/maksim/kde3/kdelibs/khtml/rendering/render_flow.cpp:128 #8 0xb5558f43 in khtml::RenderBlock::addChildToFlow (this=0x8439a7c, newChild=0x871cf48, beforeChild=0x843a3c4) at /home/maksim/kde3/kdelibs/khtml/rendering/render_block.cpp:298 #9 0xb557a699 in khtml::RenderFlow::addChild (this=0x8439a7c, newChild=0x871cf48, beforeChild=0x843a3c4) at /home/maksim/kde3/kdelibs/khtml/rendering/render_flow.cpp:128 #10 0xb54ed367 in DOM::NodeImpl::createRendererIfNeeded (this=0x88a94f8) at /home/maksim/kde3/kdelibs/khtml/xml/dom_nodeimpl.cpp:938 #11 0xb54f48ad in DOM::ElementImpl::attach (this=0x88a94f8) at /home/maksim/kde3/kdelibs/khtml/xml/dom_elementimpl.cpp:536 #12 0xb54f4f0c in DOM::ElementImpl::recalcStyle (this=0x88a94f8, change=DOM::NodeImpl::Force) at /home/maksim/kde3/kdelibs/khtml/xml/dom_elementimpl.cpp:626 #13 0xb55213d9 in DOM::HTMLElementImpl::recalcStyle (this=0x88a94f8, ch=DOM::NodeImpl::Force) at /home/maksim/kde3/kdelibs/khtml/html/html_elementimpl.cpp:274 #14 0xb54f500f in DOM::ElementImpl::recalcStyle (this=0x86d43c8, change=DOM::NodeImpl::Force) at /home/maksim/kde3/kdelibs/khtml/xml/dom_elementimpl.cpp:654 #15 0xb55213d9 in DOM::HTMLElementImpl::recalcStyle (this=0x86d43c8, ch=DOM::NodeImpl::Force) at /home/maksim/kde3/kdelibs/khtml/html/html_elementimpl.cpp:274 #16 0xb54f500f in DOM::ElementImpl::recalcStyle (this=0x8497508, change=DOM::NodeImpl::Force) at /home/maksim/kde3/kdelibs/khtml/xml/dom_elementimpl.cpp:654 #17 0xb55213d9 in DOM::HTMLElementImpl::recalcStyle (this=0x8497508, ch=DOM::NodeImpl::Force) at /home/maksim/kde3/kdelibs/khtml/html/html_elementimpl.cpp:274 #18 0xb54e7372 in DOM::DocumentImpl::recalcStyle (this=0x84364d0, change=DOM::NodeImpl::Force) at /home/maksim/kde3/kdelibs/khtml/xml/dom_docimpl.cpp:1166 #19 0xb54e461b in DOM::DocumentImpl::updateStyleSelector (this=0x84364d0, shallow=false) at /home/maksim/kde3/kdelibs/khtml/xml/dom_docimpl.cpp:2057 #20 0xb54e49e5 in DOM::DocumentImpl::styleSheetLoaded (this=0xb576a4c8) at /home/maksim/kde3/kdelibs/khtml/xml/dom_docimpl.cpp:1980 #21 0xb551c858 in DOM::HTMLLinkElementImpl::finished (this=0x88f5188) at /home/maksim/kde3/kdelibs/khtml/html/html_headimpl.cpp:257 #22 0xb551d028 in DOM::HTMLLinkElementImpl::setStyleSheet (this=0x88f5188, url=@0x88f2ef8, sheetStr=@0x88f2f2c, charset=@0xbfcd06e0) at /home/maksim/kde3/kdelibs/khtml/html/html_headimpl.cpp:248 #23 0xb560113e in khtml::CachedCSSStyleSheet::checkNotify (this=0x88f2ed8) at /home/maksim/kde3/kdelibs/khtml/misc/loader.cpp:283 #24 0xb56013df in khtml::CachedCSSStyleSheet::data (this=0x88f2ed8, buffer=@0x88f410c, eof=true) at /home/maksim/kde3/kdelibs/khtml/misc/loader.cpp:271 #25 0xb560332e in khtml::Loader::slotFinished (this=0x8331070, job=0x894d898) at /home/maksim/kde3/kdelibs/khtml/misc/loader.cpp:1205 #26 0xb5603cbc in khtml::Loader::qt_invoke (this=0x8331070, _id=2, _o=0xbfcd0844) at ../khtml/misc/loader.moc:260 #27 0xb7193b9d in QObject::activate_signal (this=0x894d898, clist=0x88c7c10, o=0xbfcd0844) at kernel/qobject.cpp:2356 #28 0xb7d908e8 in KIO::Job::result (this=0x894d898, t0=0x894d898) at ./kio/kio/jobclasses.moc:162 #29 0xb7d96f5c in KIO::Job::emitResult (this=0x894d898) at /home/maksim/kde3/kdelibs/kio/kio/job.cpp:235 #30 0xb7d97668 in KIO::SimpleJob::slotFinished (this=0x894d898) at /home/maksim/kde3/kdelibs/kio/kio/job.cpp:601 #31 0xb7d97a48 in KIO::TransferJob::slotFinished (this=0x894d898) at /home/maksim/kde3/kdelibs/kio/kio/job.cpp:971 #32 0xb7d95945 in KIO::TransferJob::qt_invoke (this=0x894d898, _id=17, _o=0xbfcd0b58) at ./kio/kio/jobclasses.moc:1071 #33 0xb7193b9d in QObject::activate_signal (this=0x86bfe90, clist=0x86c0798, o=0xbfcd0b58) at kernel/qobject.cpp:2356 #34 0xb71947ad in QObject::activate_signal (this=0x86bfe90, signal=6) at kernel/qobject.cpp:2325 #35 0xb7d7dc41 in KIO::SlaveInterface::finished (this=0x86bfe90) at ./kio/kio/slaveinterface.moc:226 #36 0xb7d7f17d in KIO::SlaveInterface::dispatch (this=0x86bfe90, _cmd=104, rawdata=@0xbfcd0d90) at /home/maksim/kde3/kdelibs/kio/kio/slaveinterface.cpp:243 #37 0xb7d7fcde in KIO::SlaveInterface::dispatch (this=0x86bfe90) at /home/maksim/kde3/kdelibs/kio/kio/slaveinterface.cpp:173 #38 0xb7d7ac9d in KIO::Slave::gotInput (this=0x86bfe90) at /home/maksim/kde3/kdelibs/kio/kio/slave.cpp:300 #39 0xb7d7cac8 in KIO::Slave::qt_invoke (this=0x86bfe90, _id=4, _o=0xbfcd0eb4) at ./kio/kio/slave.moc:113 #40 0xb7193b9d in QObject::activate_signal (this=0x854e300, clist=0x86c00a8, o=0xbfcd0eb4) at kernel/qobject.cpp:2356 #41 0xb71946b2 in QObject::activate_signal (this=0x854e300, signal=2, param=19) at kernel/qobject.cpp:2449 #42 0xb74c1f90 in QSocketNotifier::activated (this=0x854e300, t0=19) at .moc/release-shared-mt/moc_qsocketnotifier.cpp:85 #43 0xb71b1b00 in QSocketNotifier::event (this=0x854e300, e=0xbfcd1148) at kernel/qsocketnotifier.cpp:258 #44 0xb7135887 in QApplication::internalNotify (this=0xbfcd1434, receiver=0x854e300, e=0xbfcd1148) at kernel/qapplication.cpp:2636 #45 0xb71365a9 in QApplication::notify (this=0xbfcd1434, receiver=0x854e300, e=0xbfcd1148) at kernel/qapplication.cpp:2359 #46 0xb7793089 in KApplication::notify (this=0xbfcd1434, receiver=0x854e300, event=0xbfcd1148) at /home/maksim/kde3/kdelibs/kdecore/kapplication.cpp:550 #47 0xb712a801 in QEventLoop::activateSocketNotifiers (this=0x80d5d68) at kernel/qapplication.h:496 #48 0xb70e4bd4 in QEventLoop::processEvents (this=0x80d5d68, flags=4) at kernel/qeventloop_x11.cpp:383 #49 0xb714c0a0 in QEventLoop::enterLoop (this=0x80d5d68) at kernel/qeventloop.cpp:198 #50 0xb714bf66 in QEventLoop::exec (this=0x80d5d68) at kernel/qeventloop.cpp:145 #51 0xb71354ef in QApplication::exec (this=0xbfcd1434) at kernel/qapplication.cpp:2759 #52 0xb5bc73a3 in kdemain (argc=4, argv=0x809a200) at /home/maksim/kde3/kdebase/konqueror/konq_main.cc:206 #53 0xb7655674 in kdeinitmain (argc=4, argv=0x809a200) at ./konqueror/kdeinit_konqueror.la.cpp:3 #54 0x0804f53d in launch (argc=4, _name=0x809a364 "konqueror", args=<value optimized out>, cwd=0x809a3c3 "/home/maksim", envc=56, envs=0x809a3d4 "LC_PAPER=en_US.UTF-8", reset_env=true, tty=0x0, avoid_loops=false, startup_id_str=0x809a9e6 "nest;1197658829;812982;4741_TIME3657920999") at /home/maksim/kde3/kdelibs/kinit/kinit.cpp:673 #55 0x08050062 in handle_launcher_request (sock=6) at /home/maksim/kde3/kdelibs/kinit/kinit.cpp:1240 #56 0x080503a1 in handle_requests (waitForPid=0) at /home/maksim/kde3/kdelibs/kinit/kinit.cpp:1433 #57 0x08050cf0 in main (argc=5, argv=0xbfcd1e14, envp=0xbfcd1e2c) at /home/maksim/kde3/kdelibs/kinit/kinit.cpp:1908
Null pointer someplace: ==6940== Invalid read of size 4 ==6940== at 0x7A1B31A: khtml::RenderBlock::addChildToFlow(khtml::RenderObject*, khtml::RenderObject*) (render_block.cpp:372) ==6940== by 0x7A3C698: khtml::RenderFlow::addChild(khtml::RenderObject*, khtml::RenderObject*) (render_flow.cpp:128) ==6940== by 0x7A1AF42: khtml::RenderBlock::addChildToFlow(khtml::RenderObject*, khtml::RenderObject*) (render_block.cpp:298) ==6940== by 0x7A3C698: khtml::RenderFlow::addChild(khtml::RenderObject*, khtml::RenderObject*) (render_flow.cpp:128) ==6940== by 0x79AF366: DOM::NodeImpl::createRendererIfNeeded() (dom_nodeimpl.cpp:938) ==6940== by 0x79B68AC: DOM::ElementImpl::attach() (dom_elementimpl.cpp:536) ==6940== by 0x79B6F0B: DOM::ElementImpl::recalcStyle(DOM::NodeImpl::StyleChange) (dom_elementimpl.cpp:626) ==6940== by 0x79E33D8: DOM::HTMLElementImpl::recalcStyle(DOM::NodeImpl::StyleChange) (html_elementimpl.cpp:274) ==6940== by 0x79B700E: DOM::ElementImpl::recalcStyle(DOM::NodeImpl::StyleChange) (dom_elementimpl.cpp:654) ==6940== by 0x79E33D8: DOM::HTMLElementImpl::recalcStyle(DOM::NodeImpl::StyleChange) (html_elementimpl.cpp:274) ==6940== by 0x79B700E: DOM::ElementImpl::recalcStyle(DOM::NodeImpl::StyleChange) (dom_elementimpl.cpp:654) ==6940== by 0x79E33D8: DOM::HTMLElementImpl::recalcStyle(DOM::NodeImpl::StyleChange) (html_elementimpl.cpp:274) ==6940== Address 0x244 is not stack'd, malloc'd or (recently) free'd
I can confirm that this bug is 100% reproducible on mandriva 2008.0 (kde-3.5.7).
*** This bug has been marked as a duplicate of 150006 ***