Bug 238600 - Konqueror crash if this URL open: http://underverse.su/viewtopic.php?t=10420
Summary: Konqueror crash if this URL open: http://underverse.su/viewtopic.php?t=10420
Status: RESOLVED WORKSFORME
Alias: None
Product: konqueror
Classification: Applications
Component: khtml (show other bugs)
Version: 4.4.2
Platform: Ubuntu Linux
: NOR crash
Target Milestone: ---
Assignee: Konqueror Developers
URL:
Keywords:
: 253814 255818 266463 (view as bug list)
Depends on:
Blocks:
 
Reported: 2010-05-23 20:30 UTC by grio
Modified: 2020-12-28 02:32 UTC (History)
6 users (show)

See Also:
Latest Commit:
Version Fixed In:

Attachments
Add an attachment

Note You need to log in before you can comment on or make changes to this bug.
Description grio 2010-05-23 20:30:13 UTC 
Application: konqueror (4.4.2 (KDE 4.4.2))
KDE Platform Version: 4.4.2 (KDE 4.4.2)
Qt Version: 4.6.2
Operating System: Linux 2.6.32-22-generic i686
Distribution: Ubuntu 10.04 LTS

-- Information about the crash:
Konqueror crash if this URL open: http://underverse.su/viewtopic.php?t=10420

The crash can be reproduced every time.

 -- Backtrace:
Application: Konqueror (kdeinit4), signal: Segmentation fault
[Current thread is 1 (Thread 0xb779eaa0 (LWP 1761))]

Thread 2 (Thread 0xb31a5b70 (LWP 1767)):
#0  0x06c7de16 in clock_gettime () from /lib/tls/i686/cmov/librt.so.1
#1  0x0115f6fb in qt_gettime () at kernel/qcore_unix.cpp:111
#2  0x01164825 in QTimerInfoList::updateCurrentTime (this=0xb4102534) at kernel/qeventdispatcher_unix.cpp:340
#3  0x0116486a in QTimerInfoList::timerWait (this=0xb4102534, tm=...) at kernel/qeventdispatcher_unix.cpp:443
#4  0x01162818 in timerSourcePrepareHelper (src=<value optimized out>, timeout=0xb31a50cc) at kernel/qeventdispatcher_glib.cpp:136
#5  0x011628a5 in timerSourcePrepare (source=0x0, timeout=0x6c81ff4) at kernel/qeventdispatcher_glib.cpp:169
#6  0x01d06aca in g_main_context_prepare () from /lib/libglib-2.0.so.0
#7  0x01d06ee9 in ?? () from /lib/libglib-2.0.so.0
#8  0x01d074b8 in g_main_context_iteration () from /lib/libglib-2.0.so.0
#9  0x0116260f in QEventDispatcherGlib::processEvents (this=0x8f0d5b0, flags=...) at kernel/qeventdispatcher_glib.cpp:414
#10 0x01135059 in QEventLoop::processEvents (this=0xb31a5290, flags=) at kernel/qeventloop.cpp:149
#11 0x011354aa in QEventLoop::exec (this=0xb31a5290, flags=...) at kernel/qeventloop.cpp:201
#12 0x010315a8 in QThread::exec (this=0x9056580) at thread/qthread.cpp:487
#13 0x01114c1b in QInotifyFileSystemWatcherEngine::run (this=0x9056580) at io/qfilesystemwatcher_inotify.cpp:248
#14 0x0103432e in QThreadPrivate::start (arg=0x9056580) at thread/qthread_unix.cpp:248
#15 0x0023296e in start_thread () from /lib/tls/i686/cmov/libpthread.so.0
#16 0x00801a0e in clone () from /lib/tls/i686/cmov/libc.so.6

Thread 1 (Thread 0xb779eaa0 (LWP 1761)):
[KCrash Handler]
#6  0x000c000c in ?? ()
#7  0x07bbe79c in requiresLineBox (this=0x9ab0644, start=..., bidi=...) at ../../khtml/rendering/bidi.cpp:1829
#8  khtml::RenderBlock::findNextLineBreak (this=0x9ab0644, start=..., bidi=...) at ../../khtml/rendering/bidi.cpp:1872
#9  0x07bc0eff in khtml::RenderBlock::layoutInlineChildren (this=0x9ab0644, relayoutChildren=false, breakBeforeLine=0) at ../../khtml/rendering/bidi.cpp:1506
#10 0x07bcb69f in khtml::RenderBlock::layoutBlock (this=0x9ab0644, relayoutChildren=false) at ../../khtml/rendering/render_block.cpp:833
#11 0x07bcb989 in khtml::RenderBlock::layout (this=0x9ab0644) at ../../khtml/rendering/render_block.cpp:736
#12 0x07bcad43 in khtml::RenderObject::layoutIfNeeded (this=0x9a9e988, relayoutChildren=<value optimized out>) at ../../khtml/rendering/render_object.h:480
#13 khtml::RenderBlock::layoutBlockChildren (this=0x9a9e988, relayoutChildren=<value optimized out>) at ../../khtml/rendering/render_block.cpp:1555
#14 0x07bcb4a5 in khtml::RenderBlock::layoutBlock (this=0x9a9e988, relayoutChildren=false) at ../../khtml/rendering/render_block.cpp:835
#15 0x07bcb989 in khtml::RenderBlock::layout (this=0x9a9e988) at ../../khtml/rendering/render_block.cpp:736
#16 0x07bcad43 in khtml::RenderObject::layoutIfNeeded (this=0x9951de4, relayoutChildren=<value optimized out>) at ../../khtml/rendering/render_object.h:480
#17 khtml::RenderBlock::layoutBlockChildren (this=0x9951de4, relayoutChildren=<value optimized out>) at ../../khtml/rendering/render_block.cpp:1555
#18 0x07bcb4a5 in khtml::RenderBlock::layoutBlock (this=0x9951de4, relayoutChildren=false) at ../../khtml/rendering/render_block.cpp:835
#19 0x07bcb989 in khtml::RenderBlock::layout (this=0x9951de4) at ../../khtml/rendering/render_block.cpp:736
#20 0x07bcad43 in khtml::RenderObject::layoutIfNeeded (this=0x9951838, relayoutChildren=<value optimized out>) at ../../khtml/rendering/render_object.h:480
#21 khtml::RenderBlock::layoutBlockChildren (this=0x9951838, relayoutChildren=<value optimized out>) at ../../khtml/rendering/render_block.cpp:1555
#22 0x07bcb4a5 in khtml::RenderBlock::layoutBlock (this=0x9951838, relayoutChildren=false) at ../../khtml/rendering/render_block.cpp:835
#23 0x07c006c3 in khtml::RenderTableCell::layout (this=0x9951838) at ../../khtml/rendering/render_table.cpp:2527
#24 0x07c039c2 in khtml::RenderTableRow::layout (this=0x992765c) at ../../khtml/rendering/render_table.cpp:2308
#25 0x07be3d03 in khtml::RenderObject::layoutIfNeeded (this=0x99275e8) at ../../khtml/rendering/render_object.h:480
#26 khtml::RenderContainer::layout (this=0x99275e8) at ../../khtml/rendering/render_container.cpp:639
#27 0x07c06d74 in khtml::RenderTable::layout (this=0x99272c4) at ../../khtml/rendering/render_table.cpp:347
#28 0x07bcad43 in khtml::RenderObject::layoutIfNeeded (this=0x9926138, relayoutChildren=<value optimized out>) at ../../khtml/rendering/render_object.h:480
#29 khtml::RenderBlock::layoutBlockChildren (this=0x9926138, relayoutChildren=<value optimized out>) at ../../khtml/rendering/render_block.cpp:1555
#30 0x07bcb4a5 in khtml::RenderBlock::layoutBlock (this=0x9926138, relayoutChildren=false) at ../../khtml/rendering/render_block.cpp:835
#31 0x07bcb989 in khtml::RenderBlock::layout (this=0x9926138) at ../../khtml/rendering/render_block.cpp:736
#32 0x07bcad43 in khtml::RenderObject::layoutIfNeeded (this=0x992609c, relayoutChildren=<value optimized out>) at ../../khtml/rendering/render_object.h:480
#33 khtml::RenderBlock::layoutBlockChildren (this=0x992609c, relayoutChildren=<value optimized out>) at ../../khtml/rendering/render_block.cpp:1555
#34 0x07bcb4a5 in khtml::RenderBlock::layoutBlock (this=0x992609c, relayoutChildren=false) at ../../khtml/rendering/render_block.cpp:835
#35 0x07c006c3 in khtml::RenderTableCell::layout (this=0x992609c) at ../../khtml/rendering/render_table.cpp:2527
#36 0x07c039c2 in khtml::RenderTableRow::layout (this=0x9926048) at ../../khtml/rendering/render_table.cpp:2308
#37 0x07be3d03 in khtml::RenderObject::layoutIfNeeded (this=0x9925fd4) at ../../khtml/rendering/render_object.h:480
#38 khtml::RenderContainer::layout (this=0x9925fd4) at ../../khtml/rendering/render_container.cpp:639
#39 0x07c06d74 in khtml::RenderTable::layout (this=0x9925f28) at ../../khtml/rendering/render_table.cpp:347
#40 0x07bcad43 in khtml::RenderObject::layoutIfNeeded (this=0x9925e34, relayoutChildren=<value optimized out>) at ../../khtml/rendering/render_object.h:480
#41 khtml::RenderBlock::layoutBlockChildren (this=0x9925e34, relayoutChildren=<value optimized out>) at ../../khtml/rendering/render_block.cpp:1555
#42 0x07bcb4a5 in khtml::RenderBlock::layoutBlock (this=0x9925e34, relayoutChildren=false) at ../../khtml/rendering/render_block.cpp:835
#43 0x07bcb989 in khtml::RenderBlock::layout (this=0x9925e34) at ../../khtml/rendering/render_block.cpp:736
#44 0x07bcad43 in khtml::RenderObject::layoutIfNeeded (this=0x9493c7c, relayoutChildren=<value optimized out>) at ../../khtml/rendering/render_object.h:480
#45 khtml::RenderBlock::layoutBlockChildren (this=0x9493c7c, relayoutChildren=<value optimized out>) at ../../khtml/rendering/render_block.cpp:1555
#46 0x07bcb4a5 in khtml::RenderBlock::layoutBlock (this=0x9493c7c, relayoutChildren=false) at ../../khtml/rendering/render_block.cpp:835
#47 0x07bcb989 in khtml::RenderBlock::layout (this=0x9493c7c) at ../../khtml/rendering/render_block.cpp:736
#48 0x07bcad43 in khtml::RenderObject::layoutIfNeeded (this=0x9493bf8, relayoutChildren=<value optimized out>) at ../../khtml/rendering/render_object.h:480
#49 khtml::RenderBlock::layoutBlockChildren (this=0x9493bf8, relayoutChildren=<value optimized out>) at ../../khtml/rendering/render_block.cpp:1555
#50 0x07bcb4a5 in khtml::RenderBlock::layoutBlock (this=0x9493bf8, relayoutChildren=false) at ../../khtml/rendering/render_block.cpp:835
#51 0x07bcb989 in khtml::RenderBlock::layout (this=0x9493bf8) at ../../khtml/rendering/render_block.cpp:736
#52 0x07bcad43 in khtml::RenderObject::layoutIfNeeded (this=0x9493a80, relayoutChildren=<value optimized out>) at ../../khtml/rendering/render_object.h:480
#53 khtml::RenderBlock::layoutBlockChildren (this=0x9493a80, relayoutChildren=<value optimized out>) at ../../khtml/rendering/render_block.cpp:1555
#54 0x07bcb4a5 in khtml::RenderBlock::layoutBlock (this=0x9493a80, relayoutChildren=false) at ../../khtml/rendering/render_block.cpp:835
#55 0x07bcb989 in khtml::RenderBlock::layout (this=0x9493a80) at ../../khtml/rendering/render_block.cpp:736
#56 0x07c2d772 in khtml::RenderBody::layout (this=0x9493a80) at ../../khtml/rendering/render_body.cpp:91
#57 0x07bcad43 in khtml::RenderObject::layoutIfNeeded (this=0x94938a0, relayoutChildren=<value optimized out>) at ../../khtml/rendering/render_object.h:480
#58 khtml::RenderBlock::layoutBlockChildren (this=0x94938a0, relayoutChildren=<value optimized out>) at ../../khtml/rendering/render_block.cpp:1555
#59 0x07bcb4a5 in khtml::RenderBlock::layoutBlock (this=0x94938a0, relayoutChildren=false) at ../../khtml/rendering/render_block.cpp:835
#60 0x07bcb989 in khtml::RenderBlock::layout (this=0x94938a0) at ../../khtml/rendering/render_block.cpp:736
#61 0x07bcad43 in khtml::RenderObject::layoutIfNeeded (this=0x9493758, relayoutChildren=<value optimized out>) at ../../khtml/rendering/render_object.h:480
#62 khtml::RenderBlock::layoutBlockChildren (this=0x9493758, relayoutChildren=<value optimized out>) at ../../khtml/rendering/render_block.cpp:1555
#63 0x07bcb4a5 in khtml::RenderBlock::layoutBlock (this=0x9493758, relayoutChildren=false) at ../../khtml/rendering/render_block.cpp:835
#64 0x07c28c9d in khtml::RenderCanvas::layout (this=0x9493758) at ../../khtml/rendering/render_canvas.cpp:191
#65 0x07a8c2b3 in KHTMLView::layout (this=0x9324ef0) at ../../khtml/khtmlview.cpp:1020
#66 0x07a8c8f1 in KHTMLView::timerEvent (this=0x9324ef0, e=0xbfca7c70) at ../../khtml/khtmlview.cpp:4193
#67 0x01147254 in QObject::event (this=0x9324ef0, e=0x9a9eb94) at kernel/qobject.cpp:1212
#68 0x013df326 in QWidget::event (this=0x9324ef0, event=0xbfca7c70) at kernel/qwidget.cpp:8455
#69 0x017dbfd3 in QFrame::event (this=0x9324ef0, e=0xbfca7c70) at widgets/qframe.cpp:557
#70 0x01876d97 in QAbstractScrollArea::event (this=0x9324ef0, e=0xbfca7c70) at widgets/qabstractscrollarea.cpp:989
#71 0x0187c2ed in QScrollArea::event (this=0x9324ef0, e=0xbfca7c70) at widgets/qscrollarea.cpp:314
#72 0x07a9007c in KHTMLView::event (this=0x9324ef0, e=0xbfca7c70) at ../../khtml/khtmlview.cpp:552
#73 0x013814dc in QApplicationPrivate::notify_helper (this=0x8e63ce8, receiver=0x9324ef0, e=0xbfca7c70) at kernel/qapplication.cpp:4300
#74 0x013880f9 in QApplication::notify (this=0xbfca9214, receiver=0x9324ef0, e=0xbfca7c70) at kernel/qapplication.cpp:4265
#75 0x00df6f2a in KApplication::notify (this=0xbfca9214, receiver=0x9324ef0, event=0xbfca7c70) at ../../kdeui/kernel/kapplication.cpp:302
#76 0x01136a3b in QCoreApplication::notifyInternal (this=0xbfca9214, receiver=0x9324ef0, event=0xbfca7c70) at kernel/qcoreapplication.cpp:704
#77 0x01165d66 in QCoreApplication::sendEvent (this=0x8e6698c) at ../../include/QtCore/../../src/corelib/kernel/qcoreapplication.h:215
#78 QTimerInfoList::activateTimers (this=0x8e6698c) at kernel/qeventdispatcher_unix.cpp:603
#79 0x011628e4 in timerSourceDispatch (source=0x8e66958) at kernel/qeventdispatcher_glib.cpp:184
#80 0x01d035e5 in g_main_context_dispatch () from /lib/libglib-2.0.so.0
#81 0x01d072d8 in ?? () from /lib/libglib-2.0.so.0
#82 0x01d074b8 in g_main_context_iteration () from /lib/libglib-2.0.so.0
#83 0x011625d5 in QEventDispatcherGlib::processEvents (this=0x8de4b48, flags=...) at kernel/qeventdispatcher_glib.cpp:412
#84 0x01441135 in QGuiEventDispatcherGlib::processEvents (this=0x8de4b48, flags=...) at kernel/qguieventdispatcher_glib.cpp:204
#85 0x01135059 in QEventLoop::processEvents (this=0xbfca7f30, flags=) at kernel/qeventloop.cpp:149
#86 0x011354aa in QEventLoop::exec (this=0xbfca7f30, flags=...) at kernel/qeventloop.cpp:201
#87 0x01823dde in QMenu::exec (this=0x9933540, p=..., action=0x0) at widgets/qmenu.cpp:2063
#88 0x00ee4a08 in KLineEdit::contextMenuEvent (this=0x9122b70, e=0xbfca858c) at ../../kdeui/widgets/klineedit.cpp:1191
#89 0x013dff38 in QWidget::event (this=0x9122b70, event=0xbfca858c) at kernel/qwidget.cpp:8165
#90 0x017ecaeb in QLineEdit::event (this=0x9122b70, e=0xbfca858c) at widgets/qlineedit.cpp:1474
#91 0x00ee2f0c in KLineEdit::event (this=0x9122b70, ev=0xbfca858c) at ../../kdeui/widgets/klineedit.cpp:1329
#92 0x017a5bcf in QComboBox::contextMenuEvent (this=0x91d5178, e=0xbfca858c) at widgets/qcombobox.cpp:2981
#93 0x013dff38 in QWidget::event (this=0x91d5178, event=0xbfca858c) at kernel/qwidget.cpp:8165
#94 0x017aaddc in QComboBox::event (this=0x91d5178, event=0xbfca858c) at widgets/qcombobox.cpp:2746
#95 0x013814dc in QApplicationPrivate::notify_helper (this=0x8e63ce8, receiver=0x91d5178, e=0xbfca858c) at kernel/qapplication.cpp:4300
#96 0x01388470 in QApplication::notify (this=0xbfca9214, receiver=0x9122b70, e=0xbfca8808) at kernel/qapplication.cpp:3944
#97 0x00df6f2a in KApplication::notify (this=0xbfca9214, receiver=0x9122b70, event=0xbfca8808) at ../../kdeui/kernel/kapplication.cpp:302
#98 0x01136a3b in QCoreApplication::notifyInternal (this=0xbfca9214, receiver=0x9122b70, event=0xbfca8808) at kernel/qcoreapplication.cpp:704
#99 0x01418dfe in QCoreApplication::sendSpontaneousEvent (receiver=0x9122b70, event=0x9a9eb94) at ../../include/QtCore/../../src/corelib/kernel/qcoreapplication.h:218
#100 0x014130f4 in QETWidget::translateMouseEvent (this=0x92cce18, event=0xbfca8cfc) at kernel/qapplication_x11.cpp:4373
#101 0x01412511 in QApplication::x11ProcessEvent (this=0xbfca9214, event=0xbfca8cfc) at kernel/qapplication_x11.cpp:3379
#102 0x0144160a in x11EventSourceDispatch (s=0x8e66e00, callback=0, user_data=0x0) at kernel/qguieventdispatcher_glib.cpp:146
#103 0x01d035e5 in g_main_context_dispatch () from /lib/libglib-2.0.so.0
#104 0x01d072d8 in ?? () from /lib/libglib-2.0.so.0
#105 0x01d074b8 in g_main_context_iteration () from /lib/libglib-2.0.so.0
#106 0x011625d5 in QEventDispatcherGlib::processEvents (this=0x8de4b48, flags=...) at kernel/qeventdispatcher_glib.cpp:412
#107 0x01441135 in QGuiEventDispatcherGlib::processEvents (this=0x8de4b48, flags=...) at kernel/qguieventdispatcher_glib.cpp:204
#108 0x01135059 in QEventLoop::processEvents (this=0xbfca8ff4, flags=) at kernel/qeventloop.cpp:149
#109 0x011354aa in QEventLoop::exec (this=0xbfca8ff4, flags=...) at kernel/qeventloop.cpp:201
#110 0x0113969f in QCoreApplication::exec () at kernel/qcoreapplication.cpp:981
#111 0x01381577 in QApplication::exec () at kernel/qapplication.cpp:3579
#112 0x035141ee in kdemain () from /usr/lib/libkdeinit4_konqueror.so
#113 0x0804e133 in launch (argc=<value optimized out>, _name=<value optimized out>, args=<value optimized out>, cwd=0x0, envc=0, envs=0x8e43efc "", reset_env=false, tty=0x0, avoid_loops=false, 
    startup_id_str=0x8e43f00 "homestation;1274639160;117019;1461_TIME42849695") at ../../kinit/kinit.cpp:717
#114 0x0804ec6d in handle_launcher_request (sock=<value optimized out>, who=<value optimized out>) at ../../kinit/kinit.cpp:1209
#115 0x0804f190 in handle_requests (waitForPid=<value optimized out>) at ../../kinit/kinit.cpp:1402
#116 0x0804fe4f in main (argc=4, argv=0xbfca9df4, envp=0xbfca9e08) at ../../kinit/kinit.cpp:1845

Possible duplicates by query: bug 213272, bug 208414.

Reported using DrKonqi
Comment 1 Maksim Orlovich 2010-05-27 17:54:18 UTC 
==10131== Invalid read of size 1
==10131==    at 0xF05E5F7: khtml::RenderObject::isFloating() const (render_object.h:324)
==10131==    by 0xF1BBBC3: khtml::requiresLineBox(khtml::BidiIterator&) (bidi.cpp:1827)
==10131==    by 0xF1BE122: khtml::RenderBlock::findNextLineBreak(khtml::BidiIterator&, khtml::BidiState&) (bidi.cpp:1898)
==10131==    by 0xF1C1198: khtml::RenderBlock::layoutInlineChildren(bool, int) (bidi.cpp:1506)
==10131==    by 0xF1CCF82: khtml::RenderBlock::layoutBlock(bool) (render_block.cpp:834)
==10131==    by 0xF1CD484: khtml::RenderBlock::layout() (render_block.cpp:737)
==10131==    by 0xF074E50: khtml::RenderObject::layoutIfNeeded() (render_object.h:480)
==10131==    by 0xF1CC74F: khtml::RenderBlock::layoutBlockChildren(bool) (render_block.cpp:1557)
==10131==    by 0xF1CCF93: khtml::RenderBlock::layoutBlock(bool) (render_block.cpp:836)
==10131==    by 0xF1CD484: khtml::RenderBlock::layout() (render_block.cpp:737)
==10131==    by 0xF074E50: khtml::RenderObject::layoutIfNeeded() (render_object.h:480)
==10131==    by 0xF1CC74F: khtml::RenderBlock::layoutBlockChildren(bool) (render_block.cpp:1557)
==10131==    by 0xF1CCF93: khtml::RenderBlock::layoutBlock(bool) (render_block.cpp:836)
==10131==    by 0xF1CD484: khtml::RenderBlock::layout() (render_block.cpp:737)
==10131==    by 0xF074E50: khtml::RenderObject::layoutIfNeeded() (render_object.h:480)
==10131==    by 0xF1CC74F: khtml::RenderBlock::layoutBlockChildren(bool) (render_block.cpp:1557)
==10131==    by 0xF1CCF93: khtml::RenderBlock::layoutBlock(bool) (render_block.cpp:836)
==10131==    by 0xF2130A2: khtml::RenderTableCell::layout() (render_table.cpp:2527)
==10131==    by 0xF213D20: khtml::RenderTableRow::layout() (render_table.cpp:2310)
==10131==    by 0xF074E50: khtml::RenderObject::layoutIfNeeded() (render_object.h:480)
==10131==    by 0xF1F029D: khtml::RenderContainer::layout() (render_container.cpp:640)
==10131==    by 0xF21ACFA: khtml::RenderTable::layout() (render_table.cpp:347)
==10131==    by 0xF074E50: khtml::RenderObject::layoutIfNeeded() (render_object.h:480)
==10131==    by 0xF1CC74F: khtml::RenderBlock::layoutBlockChildren(bool) (render_block.cpp:1557)
==10131==    by 0xF1CCF93: khtml::RenderBlock::layoutBlock(bool) (render_block.cpp:836)
==10131==    by 0xF1CD484: khtml::RenderBlock::layout() (render_block.cpp:737)
==10131==    by 0xF074E50: khtml::RenderObject::layoutIfNeeded() (render_object.h:480)
==10131==    by 0xF1CC74F: khtml::RenderBlock::layoutBlockChildren(bool) (render_block.cpp:1557)
==10131==    by 0xF1CCF93: khtml::RenderBlock::layoutBlock(bool) (render_block.cpp:836)
==10131==    by 0xF2130A2: khtml::RenderTableCell::layout() (render_table.cpp:2527)
==10131==    by 0xF213D20: khtml::RenderTableRow::layout() (render_table.cpp:2310)
==10131==    by 0xF074E50: khtml::RenderObject::layoutIfNeeded() (render_object.h:480)
==10131==    by 0xF1F029D: khtml::RenderContainer::layout() (render_container.cpp:640)
==10131==    by 0xF21ACFA: khtml::RenderTable::layout() (render_table.cpp:347)
==10131==    by 0xF074E50: khtml::RenderObject::layoutIfNeeded() (render_object.h:480)
==10131==    by 0xF1CC74F: khtml::RenderBlock::layoutBlockChildren(bool) (render_block.cpp:1557)
==10131==    by 0xF1CCF93: khtml::RenderBlock::layoutBlock(bool) (render_block.cpp:836)
==10131==    by 0xF1CD484: khtml::RenderBlock::layout() (render_block.cpp:737)
==10131==    by 0xF074E50: khtml::RenderObject::layoutIfNeeded() (render_object.h:480)
==10131==    by 0xF1CC74F: khtml::RenderBlock::layoutBlockChildren(bool) (render_block.cpp:1557)
==10131==    by 0xF1CCF93: khtml::RenderBlock::layoutBlock(bool) (render_block.cpp:836)
==10131==    by 0xF1CD484: khtml::RenderBlock::layout() (render_block.cpp:737)
==10131==    by 0xF074E50: khtml::RenderObject::layoutIfNeeded() (render_object.h:480)
==10131==    by 0xF1CC74F: khtml::RenderBlock::layoutBlockChildren(bool) (render_block.cpp:1557)
==10131==    by 0xF1CCF93: khtml::RenderBlock::layoutBlock(bool) (render_block.cpp:836)
==10131==    by 0xF1CD484: khtml::RenderBlock::layout() (render_block.cpp:737)
==10131==    by 0xF074E50: khtml::RenderObject::layoutIfNeeded() (render_object.h:480)
==10131==    by 0xF1CC74F: khtml::RenderBlock::layoutBlockChildren(bool) (render_block.cpp:1557)
==10131==    by 0xF1CCF93: khtml::RenderBlock::layoutBlock(bool) (render_block.cpp:836)
==10131==    by 0xF1CD484: khtml::RenderBlock::layout() (render_block.cpp:737)
==10131==  Address 0x97767ba is 34 bytes inside a block of size 68 free'd
==10131==    at 0x4023996: free (vg_replace_malloc.c:325)
==10131==    by 0xF2042D5: khtml::RenderArena::free(unsigned int, void*) (render_arena.cpp:122)
==10131==    by 0xF1E2712: khtml::RenderObject::arenaDelete(khtml::RenderArena*, void*) (render_object.cpp:2400)
==10131==    by 0xF1E27D7: khtml::RenderObject::detach() (render_object.cpp:2385)
==10131==    by 0xF201A9A: khtml::RenderText::detach() (render_text.cpp:729)
==10131==    by 0xF11A8FB: DOM::NodeImpl::detach() (dom_nodeimpl.cpp:976)
==10131==    by 0xF11FB09: DOM::NodeBaseImpl::removeChild(DOM::NodeImpl*, int&) (dom_nodeimpl.cpp:1749)
==10131==    by 0xF2FD5B9: DOMNodeProtoFunc::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List const&) (kjs_dom.cpp:649)
==10131==    by 0xF33A705: KJS::JSObject::call(KJS::ExecState*, KJS::JSObject*, KJS::List const&) (object.h:616)
==10131==    by 0xFC88D00: KJS::Machine::runBlock(KJS::ExecState*, WTF::Vector<unsigned char, 0u> const&, KJS::ExecState*) (codes.def:1209)
==10131==    by 0xFC64409: KJS::FunctionImp::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List const&) (function.cpp:172)
==10131==    by 0xF33A705: KJS::JSObject::call(KJS::ExecState*, KJS::JSObject*, KJS::List const&) (object.h:616)
==10131==    by 0xFC45D29: KJS::FunctionProtoFunc::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List const&) (function_object.cpp:123)
==10131==    by 0xF33A705: KJS::JSObject::call(KJS::ExecState*, KJS::JSObject*, KJS::List const&) (object.h:616)
==10131==    by 0xFC88D00: KJS::Machine::runBlock(KJS::ExecState*, WTF::Vector<unsigned char, 0u> const&, KJS::ExecState*) (codes.def:1209)
==10131==    by 0xFC64409: KJS::FunctionImp::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List const&) (function.cpp:172)
==10131==    by 0xF33A705: KJS::JSObject::call(KJS::ExecState*, KJS::JSObject*, KJS::List const&) (object.h:616)
==10131==    by 0xFC88D00: KJS::Machine::runBlock(KJS::ExecState*, WTF::Vector<unsigned char, 0u> const&, KJS::ExecState*) (codes.def:1209)
==10131==    by 0xFC64409: KJS::FunctionImp::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List const&) (function.cpp:172)
==10131==    by 0xF33A705: KJS::JSObject::call(KJS::ExecState*, KJS::JSObject*, KJS::List const&) (object.h:616)
==10131==    by 0xFC88D00: KJS::Machine::runBlock(KJS::ExecState*, WTF::Vector<unsigned char, 0u> const&, KJS::ExecState*) (codes.def:1209)
==10131==    by 0xFC64409: KJS::FunctionImp::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List const&) (function.cpp:172)
==10131==    by 0xF33A705: KJS::JSObject::call(KJS::ExecState*, KJS::JSObject*, KJS::List const&) (object.h:616)
==10131==    by 0xFC88D00: KJS::Machine::runBlock(KJS::ExecState*, WTF::Vector<unsigned char, 0u> const&, KJS::ExecState*) (codes.def:1209)
==10131==    by 0xFC64409: KJS::FunctionImp::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List const&) (function.cpp:172)
==10131==    by 0xF33A705: KJS::JSObject::call(KJS::ExecState*, KJS::JSObject*, KJS::List const&) (object.h:616)
==10131==    by 0xFC45DD3: KJS::FunctionProtoFunc::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List const&) (function_object.cpp:139)
==10131==    by 0xF33A705: KJS::JSObject::call(KJS::ExecState*, KJS::JSObject*, KJS::List const&) (object.h:616)
==10131==    by 0xFC88D00: KJS::Machine::runBlock(KJS::ExecState*, WTF::Vector<unsigned char, 0u> const&, KJS::ExecState*) (codes.def:1209)
==10131==    by 0xFC64409: KJS::FunctionImp::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List const&) (function.cpp:172)
==10131==    by 0xF33A705: KJS::JSObject::call(KJS::ExecState*, KJS::JSObject*, KJS::List const&) (object.h:616)
==10131==    by 0xFC88D00: KJS::Machine::runBlock(KJS::ExecState*, WTF::Vector<unsigned char, 0u> const&, KJS::ExecState*) (codes.def:1209)
==10131==    by 0xFC64409: KJS::FunctionImp::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List const&) (function.cpp:172)
==10131==    by 0xF33A705: KJS::JSObject::call(KJS::ExecState*, KJS::JSObject*, KJS::List const&) (object.h:616)
==10131==    by 0xFC88D00: KJS::Machine::runBlock(KJS::ExecState*, WTF::Vector<unsigned char, 0u> const&, KJS::ExecState*) (codes.def:1209)
==10131==    by 0xFC64409: KJS::FunctionImp::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List const&) (function.cpp:172)
==10131==    by 0xF33A705: KJS::JSObject::call(KJS::ExecState*, KJS::JSObject*, KJS::List const&) (object.h:616)
==10131==    by 0xFC88D00: KJS::Machine::runBlock(KJS::ExecState*, WTF::Vector<unsigned char, 0u> const&, KJS::ExecState*) (codes.def:1209)
==10131==    by 0xFC64409: KJS::FunctionImp::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List const&) (function.cpp:172)
==10131==    by 0xF33A705: KJS::JSObject::call(KJS::ExecState*, KJS::JSObject*, KJS::List const&) (object.h:616)
==10131==    by 0xFC88D00: KJS::Machine::runBlock(KJS::ExecState*, WTF::Vector<unsigned char, 0u> const&, KJS::ExecState*) (codes.def:1209)
==10131==    by 0xFC64409: KJS::FunctionImp::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List const&) (function.cpp:172)
==10131==    by 0xF33A705: KJS::JSObject::call(KJS::ExecState*, KJS::JSObject*, KJS::List const&) (object.h:616)
==10131==    by 0xFC45DD3: KJS::FunctionProtoFunc::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List const&) (function_object.cpp:139)
==10131==    by 0xF33A705: KJS::JSObject::call(KJS::ExecState*, KJS::JSObject*, KJS::List const&) (object.h:616)
==10131==    by 0xFC88D00: KJS::Machine::runBlock(KJS::ExecState*, WTF::Vector<unsigned char, 0u> const&, KJS::ExecState*) (codes.def:1209)
==10131==    by 0xFC64409: KJS::FunctionImp::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List const&) (function.cpp:172)
==10131==    by 0xF33A705: KJS::JSObject::call(KJS::ExecState*, KJS::JSObject*, KJS::List const&) (object.h:616)
==10131==    by 0xFC88D00: KJS::Machine::runBlock(KJS::ExecState*, WTF::Vector<unsigned char, 0u> const&, KJS::ExecState*) (codes.def:1209)
==10131==    by 0xFC64409: KJS::FunctionImp::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List const&) (function.cpp:172)
Comment 2 Tommi Tervo 2010-11-01 16:18:04 UTC 
*** Bug 253814 has been marked as a duplicate of this bug. ***
Comment 3 Tommi Tervo 2010-11-01 16:18:14 UTC 
*** Bug 255818 has been marked as a duplicate of this bug. ***
Comment 4 Tommi Tervo 2011-01-16 12:38:17 UTC 
*** Bug 263290 has been marked as a duplicate of this bug. ***
Comment 5 Andreas Nordal 2011-01-16 13:31:54 UTC 
Bug 263290 has a partially reduced testcase.
Comment 6 Tommi Tervo 2011-02-16 18:55:07 UTC 
*** Bug 266463 has been marked as a duplicate of this bug. ***
Comment 7 Justin Zobel 2020-12-09 02:10:14 UTC 
Thank you for the crash report.

As it has been a while since this was reported, can you please test and confirm if this issue is still occurring or if this bug report can be marked as resolved.

I have set the bug status to "needsinfo" pending your response, please change back to "reported" or "resolved/worksforme" when you respond, thank you.
Comment 8 Bug Janitor Service 2020-12-24 04:34:29 UTC 
Dear Bug Submitter,

This bug has been in NEEDSINFO status with no change for at least
15 days. Please provide the requested information as soon as
possible and set the bug status as REPORTED. Due to regular bug
tracker maintenance, if the bug is still in NEEDSINFO status with
no change in 30 days the bug will be closed as RESOLVED > WORKSFORME
due to lack of needed information.

For more information about our bug triaging procedures please read the
wiki located here:
https://community.kde.org/Guidelines_and_HOWTOs/Bug_triaging

If you have already provided the requested information, please
mark the bug as REPORTED so that the KDE team knows that the bug is
ready to be confirmed.

Thank you for helping us make KDE software even better for everyone!
Comment 9 Raúl 2020-12-26 23:28:44 UTC 
Hi:
I'm not seeing this crashing on konqueror 20.08.3 either using KHTML engine or webengine.
Debian unstable
KDE Frameworks 5.77.0
Qt 5.15.2
Comment 10 Justin Zobel 2020-12-28 02:32:48 UTC 
Thanks for the update Raul. I'm marking this as resolved. If anyone else is still experiencing the issue please feel free to reopen this report.