Version: (using KDE 4.2.1) Compiler: gcc (Gentoo 4.3.3-r2 p1.1, pie-10.1.5) 4.3.3 OS: Linux Installed from: Compiled From Sources When visiting http://ego.istic.org/ , if I click the first comment link ("3 comments"), konqueror crashes. Since the site is a blog which occasionally gets updated, I have reproduced the relevant two pages at http://www.srcf.ucam.org/~md401/konquerorbug/ ; the exact same behaviour occurs there. Backtrace: Application: Konqueror (konqueror), signal SIGSEGV 0x00007f3c7daa6ba1 in nanosleep () from /lib/libc.so.6 Thread 1 (Thread 0x7f3c7e0fe750 (LWP 31538)): [KCrash Handler] #5 0x0000000001a18700 in ?? () #6 0x00007f3c6edae344 in khtml::RenderObject::detach () from /usr/lib64/libkhtml.so.5 #7 0x00007f3c6ed061f0 in DOM::NodeImpl::detach () from /usr/lib64/libkhtml.so.5 #8 0x00007f3c6ed06865 in DOM::NodeBaseImpl::detach () from /usr/lib64/libkhtml.so.5 #9 0x00007f3c6ed1329c in DOM::ElementImpl::detach () from /usr/lib64/libkhtml.so.5 #10 0x00007f3c6ef49e05 in WebCore::SVGStyledElement::detach () from /usr/lib64/libkhtml.so.5 #11 0x00007f3c6efa15d0 in WebCore::SVGUseElement::detach () from /usr/lib64/libkhtml.so.5 #12 0x00007f3c6ed0684f in DOM::NodeBaseImpl::detach () from /usr/lib64/libkhtml.so.5 #13 0x00007f3c6ed1329c in DOM::ElementImpl::detach () from /usr/lib64/libkhtml.so.5 #14 0x00007f3c6ef49e05 in WebCore::SVGStyledElement::detach () from /usr/lib64/libkhtml.so.5 #15 0x00007f3c6ed0684f in DOM::NodeBaseImpl::detach () from /usr/lib64/libkhtml.so.5 #16 0x00007f3c6ed1329c in DOM::ElementImpl::detach () from /usr/lib64/libkhtml.so.5 #17 0x00007f3c6ef49e05 in WebCore::SVGStyledElement::detach () from /usr/lib64/libkhtml.so.5 #18 0x00007f3c6ed0684f in DOM::NodeBaseImpl::detach () from /usr/lib64/libkhtml.so.5 #19 0x00007f3c6ed1329c in DOM::ElementImpl::detach () from /usr/lib64/libkhtml.so.5 #20 0x00007f3c6ef49e05 in WebCore::SVGStyledElement::detach () from /usr/lib64/libkhtml.so.5 #21 0x00007f3c6ed0684f in DOM::NodeBaseImpl::detach () from /usr/lib64/libkhtml.so.5 #22 0x00007f3c6ed1329c in DOM::ElementImpl::detach () from /usr/lib64/libkhtml.so.5 #23 0x00007f3c6ef49e05 in WebCore::SVGStyledElement::detach () from /usr/lib64/libkhtml.so.5 #24 0x00007f3c6ed0684f in DOM::NodeBaseImpl::detach () from /usr/lib64/libkhtml.so.5 #25 0x00007f3c6ed1329c in DOM::ElementImpl::detach () from /usr/lib64/libkhtml.so.5 #26 0x00007f3c6ef49e05 in WebCore::SVGStyledElement::detach () from /usr/lib64/libkhtml.so.5 #27 0x00007f3c6ed0684f in DOM::NodeBaseImpl::detach () from /usr/lib64/libkhtml.so.5 #28 0x00007f3c6ed1329c in DOM::ElementImpl::detach () from /usr/lib64/libkhtml.so.5 #29 0x00007f3c6ef49e05 in WebCore::SVGStyledElement::detach () from /usr/lib64/libkhtml.so.5 #30 0x00007f3c6ed0684f in DOM::NodeBaseImpl::detach () from /usr/lib64/libkhtml.so.5 #31 0x00007f3c6ecf618b in DOM::DocumentImpl::detach () from /usr/lib64/libkhtml.so.5 #32 0x00007f3c6eca8ae7 in KHTMLPart::clear () from /usr/lib64/libkhtml.so.5 #33 0x00007f3c6ecbe764 in KHTMLPart::~KHTMLPart () from /usr/lib64/libkhtml.so.5 #34 0x00007f3c6eca8d46 in KHTMLPart::clear () from /usr/lib64/libkhtml.so.5 #35 0x00007f3c6eca9143 in KHTMLPart::begin () from /usr/lib64/libkhtml.so.5 #36 0x00007f3c6eca5721 in KHTMLPart::slotData () from /usr/lib64/libkhtml.so.5 #37 0x00007f3c6ecc5e70 in KHTMLPart::qt_metacall () from /usr/lib64/libkhtml.so.5 #38 0x00007f3c7b80f039 in QMetaObject::activate () from /usr/lib64/qt4/libQtCore.so.4 #39 0x00007f3c7b80f47b in QMetaObject::activate () from /usr/lib64/qt4/libQtCore.so.4 #40 0x00007f3c7ca5be11 in KIO::TransferJob::data () from /usr/lib64/libkio.so.5 #41 0x00007f3c7ca5c450 in KIO::TransferJob::slotData () from /usr/lib64/libkio.so.5 #42 0x00007f3c7ca6637e in KIO::TransferJob::qt_metacall () from /usr/lib64/libkio.so.5 #43 0x00007f3c7b80f039 in QMetaObject::activate () from /usr/lib64/qt4/libQtCore.so.4 #44 0x00007f3c7b80f47b in QMetaObject::activate () from /usr/lib64/qt4/libQtCore.so.4 #45 0x00007f3c7cb04b63 in KIO::SlaveInterface::data () from /usr/lib64/libkio.so.5 #46 0x00007f3c7cb07d21 in KIO::SlaveInterface::dispatch () from /usr/lib64/libkio.so.5 #47 0x00007f3c7cb05404 in KIO::SlaveInterface::dispatch () from /usr/lib64/libkio.so.5 #48 0x00007f3c7caf7426 in KIO::Slave::gotInput () from /usr/lib64/libkio.so.5 #49 0x00007f3c7caf973a in KIO::Slave::qt_metacall () from /usr/lib64/libkio.so.5 #50 0x00007f3c7b80f039 in QMetaObject::activate () from /usr/lib64/qt4/libQtCore.so.4 #51 0x00007f3c7b80f47b in QMetaObject::activate () from /usr/lib64/qt4/libQtCore.so.4 #52 0x00007f3c7ca331c8 in KIO::Connection::readyRead () from /usr/lib64/libkio.so.5 #53 0x00007f3c7ca351db in KIO::ConnectionPrivate::dequeue () from /usr/lib64/libkio.so.5 #54 0x00007f3c7ca352d4 in KIO::Connection::qt_metacall () from /usr/lib64/libkio.so.5 #55 0x00007f3c7b808d0f in QMetaCallEvent::placeMetaCall () from /usr/lib64/qt4/libQtCore.so.4 #56 0x00007f3c7b80bb4e in QObject::event () from /usr/lib64/qt4/libQtCore.so.4 #57 0x00007f3c7addead3 in QApplicationPrivate::notify_helper () from /usr/lib64/qt4/libQtGui.so.4 #58 0x00007f3c7ade6d1a in QApplication::notify () from /usr/lib64/qt4/libQtGui.so.4 #59 0x00007f3c7c36a49c in KApplication::notify () from /usr/lib64/libkdeui.so.5 #60 0x00007f3c7b7fccb2 in QCoreApplication::notifyInternal () from /usr/lib64/qt4/libQtCore.so.4 #61 0x00007f3c7b7fd4c5 in QCoreApplicationPrivate::sendPostedEvents () from /usr/lib64/qt4/libQtCore.so.4 #62 0x00007f3c7b7fd691 in QCoreApplication::sendPostedEvents () from /usr/lib64/qt4/libQtCore.so.4 #63 0x00007f3c7b820553 in postEventSourceDispatch () from /usr/lib64/qt4/libQtCore.so.4 #64 0x00007f3c777eb027 in g_main_context_dispatch () from /usr/lib/libglib-2.0.so.0 #65 0x00007f3c777ee121 in g_main_context_iterate () from /usr/lib/libglib-2.0.so.0 #66 0x00007f3c777ee247 in g_main_context_iteration () from /usr/lib/libglib-2.0.so.0 #67 0x00007f3c7b81fdde in QEventDispatcherGlib::processEvents () from /usr/lib64/qt4/libQtCore.so.4 #68 0x00007f3c7ae5e62b in QGuiEventDispatcherGlib::processEvents () from /usr/lib64/qt4/libQtGui.so.4 #69 0x00007f3c7b7fad01 in QEventLoop::processEvents () from /usr/lib64/qt4/libQtCore.so.4 #70 0x00007f3c7b7fb087 in QEventLoop::exec () from /usr/lib64/qt4/libQtCore.so.4 #71 0x00007f3c7b7fd784 in QCoreApplication::exec () from /usr/lib64/qt4/libQtCore.so.4 #72 0x00007f3c7adde96e in QApplication::exec () from /usr/lib64/qt4/libQtGui.so.4 #73 0x00007f3c7de283ab in kdemain () from /usr/lib64/libkdeinit4_konqueror.so #74 0x00000000004007a5 in main ()
Running it through gdb, trunk version, kdebase r948091 (gdb) bt #0 0xffffe424 in __kernel_vsyscall () #1 0xb656eda0 in raise () from /lib/i686/libc.so.6 #2 0xb6570808 in abort () from /lib/i686/libc.so.6 #3 0xb6567cde in __assert_fail () from /lib/i686/libc.so.6 #4 0xb42d912a in WebCore::SVGUseElement::buildShadowTree (this=0xa9f0c50, target=0xa9f0848, targetInstance=0xa9f1168) at /usr/local/trunk-src/kdelibs/khtml/svg/SVGUseElement.cpp:551 #5 0xb42da027 in WebCore::SVGUseElement::buildPendingResource (this=0xa9f0c50) at /usr/local/trunk-src/kdelibs/khtml/svg/SVGUseElement.cpp:330 #6 0xb42d85cd in WebCore::SVGUseElement::insertedIntoDocument (this=0xa9f0c50) at /usr/local/trunk-src/kdelibs/khtml/svg/SVGUseElement.cpp:119 #7 0xb3f4b378 in DOM::NodeBaseImpl::addChild (this=0xa9f0398, newChild=0xa9f0c50) at /usr/local/trunk-src/kdelibs/khtml/xml/dom_nodeimpl.cpp:1709 #8 0xb3f7316f in khtml::XMLHandler::startElement (this=0xa553b74, namespaceURI=@0xbfd1bb6c, qName=@0xa9f0558, atts=@0xa553dec) at /usr/local/trunk-src/kdelibs/khtml/xml/xml_tokenizer.cpp:215 #9 0xb7afb22d in QXmlSimpleReaderPrivate::processElementEmptyTag (this=0xa553da8) at sax/qxml.cpp:3987 #10 0xb7b01853 in QXmlSimpleReaderPrivate::parseElement (this=0xa553da8) at sax/qxml.cpp:3955 #11 0xb7b00ded in QXmlSimpleReaderPrivate::parseContent (this=0xa553da8) at sax/qxml.cpp:4408 #12 0xb7b01724 in QXmlSimpleReaderPrivate::parseElement (this=0xa553da8) at sax/qxml.cpp:3934 #13 0xb7b00ded in QXmlSimpleReaderPrivate::parseContent (this=0xa553da8) at sax/qxml.cpp:4408 #14 0xb7b01724 in QXmlSimpleReaderPrivate::parseElement (this=0xa553da8) at sax/qxml.cpp:3934 #15 0xb7b00ded in QXmlSimpleReaderPrivate::parseContent (this=0xa553da8) at sax/qxml.cpp:4408 #16 0xb7b01724 in QXmlSimpleReaderPrivate::parseElement (this=0xa553da8) at sax/qxml.cpp:3934 #17 0xb7b00ded in QXmlSimpleReaderPrivate::parseContent (this=0xa553da8) at sax/qxml.cpp:4408 #18 0xb7b01724 in QXmlSimpleReaderPrivate::parseElement (this=0xa553da8) at sax/qxml.cpp:3934 #19 0xb7b00ded in QXmlSimpleReaderPrivate::parseContent (this=0xa553da8) at sax/qxml.cpp:4408 #20 0xb7b01724 in QXmlSimpleReaderPrivate::parseElement (this=0xa553da8) at sax/qxml.cpp:3934 #21 0xb7b00ded in QXmlSimpleReaderPrivate::parseContent (this=0xa553da8) at sax/qxml.cpp:4408 #22 0xb7b01724 in QXmlSimpleReaderPrivate::parseElement (this=0xa553da8) at sax/qxml.cpp:3934 #23 0xb7b05964 in QXmlSimpleReaderPrivate::parseBeginOrContinue (this=0xa553da8, state=1, ---Type <return> to continue, or q <return> to quit--- incremental=true) at sax/qxml.cpp:3479 #24 0xb7b05cb5 in QXmlSimpleReader::parseContinue (this=0xa553bb4) at sax/qxml.cpp:3456 #25 0xb3f7136f in khtml::XMLTokenizer::write (this=0xa553b58, str=@0xbfd1cce8, appendData=true) at /usr/local/trunk-src/kdelibs/khtml/xml/xml_tokenizer.cpp:463 #26 0xb3ec934c in KHTMLPart::write (this=0xa851710, data=0xa629888 "PE svg PUBLIC \"-//W3C//DTD SVG 1.1//EN\" \"http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd\">\r\n<svg xmlns='http://www.w3.org/2000/svg' xml:space='preserve' version='1.1' overflow='visible' xmlns:xlink='"..., len=2432) at /usr/local/trunk-src/kdelibs/khtml/khtml_part.cpp:2093 #27 0xb3eccf85 in KHTMLPart::slotData (this=0xa851710, kio_job=0x948b918, data=@0xbfd1d294) at /usr/local/trunk-src/kdelibs/khtml/khtml_part.cpp:1778 #28 0xb3ed6411 in KHTMLPart::qt_metacall (this=0xa851710, _c=QMetaObject::InvokeMetaMethod, _id=19, _a=0xbfd1cfd8) at /home/annma/build/kdelibs/khtml/khtml_part.moc:271 #29 0xb73e9c46 in QMetaObject::activate (sender=0x948b918, from_signal_index=40, to_signal_index=40, argv=0xbfd1cfd8) at kernel/qobject.cpp:3057 #30 0xb73eb025 in QMetaObject::activate (sender=0x948b918, m=0xb7e42fd0, local_signal_index=0, argv=0xbfd1cfd8) at kernel/qobject.cpp:3134 #31 0xb7ca5d1b in KIO::TransferJob::data (this=0x948b918, _t1=0x948b918, _t2=@0xbfd1d294) at /home/annma/build/kdelibs/kio/jobclasses.moc:364 #32 0xb7ca66bb in KIO::TransferJob::slotData (this=0x948b918, _data=@0xbfd1d294) at /usr/local/trunk-src/kdelibs/kio/kio/job.cpp:917 #33 0xb7cb168e in KIO::TransferJob::qt_metacall (this=0x948b918, _c=QMetaObject::InvokeMetaMethod, _id=8, _a=0xbfd1d12c) at /home/annma/build/kdelibs/kio/jobclasses.moc:344 #34 0xb73e9c46 in QMetaObject::activate (sender=0x934aa00, from_signal_index=4, to_signal_index=4, argv=0xbfd1d12c) at kernel/qobject.cpp:3057 #35 0xb73eb025 in QMetaObject::activate (sender=0x934aa00, m=0xb7e45be4, local_signal_index=0, argv=0xbfd1d12c) at kernel/qobject.cpp:3134 #36 0xb7d63524 in KIO::SlaveInterface::data (this=0x934aa00, _t1=@0xbfd1d294) at /home/annma/build/kdelibs/kio/slaveinterface.moc:140 #37 0xb7d651a1 in KIO::SlaveInterface::dispatch (this=0x934aa00, _cmd=100, rawdata=@0xbfd1d294) at /usr/local/trunk-src/kdelibs/kio/kio/slaveinterface.cpp:163 #38 0xb7d650e2 in KIO::SlaveInterface::dispatch (this=0x934aa00) ---Type <return> to continue, or q <return> to quit--- at /usr/local/trunk-src/kdelibs/kio/kio/slaveinterface.cpp:91 #39 0xb7d578f4 in KIO::Slave::gotInput (this=0x934aa00) at /usr/local/trunk-src/kdelibs/kio/kio/slave.cpp:322 #40 0xb7d58d6e in KIO::Slave::qt_metacall (this=0x934aa00, _c=QMetaObject::InvokeMetaMethod, _id=2, _a=0xbfd1d388) at /home/annma/build/kdelibs/kio/slave.moc:76 #41 0xb73e9c46 in QMetaObject::activate (sender=0x92e9cc0, from_signal_index=4, to_signal_index=4, argv=0x0) at kernel/qobject.cpp:3057 #42 0xb73eb025 in QMetaObject::activate (sender=0x92e9cc0, m=0xb7e42580, local_signal_index=0, argv=0x0) at kernel/qobject.cpp:3134 #43 0xb7c78327 in KIO::Connection::readyRead (this=0x92e9cc0) at /home/annma/build/kdelibs/kio/connection.moc:86 #44 0xb7c792c1 in KIO::ConnectionPrivate::dequeue (this=0x91a86c8) at /usr/local/trunk-src/kdelibs/kio/kio/connection.cpp:82 #45 0xb7c7a1fb in KIO::Connection::qt_metacall (this=0x92e9cc0, _c=QMetaObject::InvokeMetaMethod, _id=1, _a=0xa6cd3b8) at /home/annma/build/kdelibs/kio/connection.moc:73 #46 0xb73e3432 in QMetaCallEvent::placeMetaCall (this=0x94895b8, object=0x92e9cc0) at kernel/qobject.cpp:489 #47 0xb73e7af7 in QObject::event (this=0x92e9cc0, e=0x94895b8) at kernel/qobject.cpp:1106 #48 0xb6a6e783 in QApplicationPrivate::notify_helper (this=0x8df07a0, receiver=0x92e9cc0, e=0x94895b8) at kernel/qapplication.cpp:4084 #49 0xb6a6eb37 in QApplication::notify (this=0xbfd1dd90, receiver=0x92e9cc0, e=0x94895b8) at kernel/qapplication.cpp:3631 #50 0xb7906009 in KApplication::notify (this=0xbfd1dd90, receiver=0x92e9cc0, event=0x94895b8) at /usr/local/trunk-src/kdelibs/kdeui/kernel/kapplication.cpp:307 #51 0xb73d380b in QCoreApplication::notifyInternal (this=0xbfd1dd90, receiver=0x92e9cc0, event=0x94895b8) at kernel/qcoreapplication.cpp:598 #52 0xb73d7399 in QCoreApplication::sendEvent (receiver=0x92e9cc0, event=0x94895b8) at ../../include/QtCore/../../src/corelib/kernel/qcoreapplication.h:213 #53 0xb73d3cf3 in QCoreApplicationPrivate::sendPostedEvents (receiver=0x0, event_type=0, data=0x8dd7f20) at kernel/qcoreapplication.cpp:1236 #54 0xb73d3eaf in QCoreApplication::sendPostedEvents (receiver=0x0, event_type=0) ---Type <return> to continue, or q <return> to quit--- at kernel/qcoreapplication.cpp:1132 #55 0xb7403f32 in QCoreApplication::sendPostedEvents () at ../../include/QtCore/../../src/corelib/kernel/qcoreapplication.h:218 #56 0xb740313c in postEventSourceDispatch (s=0x8df2ae8) at kernel/qeventdispatcher_glib.cpp:209 #57 0xb62c77ca in g_main_context_dispatch () from /usr/lib/libglib-2.0.so.0 #58 0xb62caee8 in ?? () from /usr/lib/libglib-2.0.so.0 #59 0xb62cb0a8 in g_main_context_iteration () from /usr/lib/libglib-2.0.so.0 #60 0xb7402556 in QEventDispatcherGlib::processEvents (this=0x8df0760, flags={i = -1076765784}) at kernel/qeventdispatcher_glib.cpp:323 #61 0xb6b1b940 in QGuiEventDispatcherGlib::processEvents (this=0x8df0760, flags={i = -1076765736}) at kernel/qguieventdispatcher_glib.cpp:202 #62 0xb73d07f0 in QEventLoop::processEvents (this=0xbfd1dc60, flags={i = -1076765664}) at kernel/qeventloop.cpp:149 #63 0xb73d0a4a in QEventLoop::exec (this=0xbfd1dc60, flags={i = -1076765592}) at kernel/qeventloop.cpp:196 #64 0xb73d3fe3 in QCoreApplication::exec () at kernel/qcoreapplication.cpp:880 #65 0xb6a6e49c in QApplication::exec () at kernel/qapplication.cpp:3553 #66 0xb7fdeca7 in kdemain (argc=1, argv=0xbfd1e174) at /usr/local/trunk-src/kdebase/apps/konqueror/src/konqmain.cpp:257 #67 0x080486d6 in main (argc=Cannot access memory at address 0x2bb ) at /home/annma/build/kdebase/apps/konqueror/src/konqueror_dummy.cpp:3
*** This bug has been marked as a duplicate of bug 185555 ***