Created attachment 114976 [details] Crash log Not that useful backtrace, but a backtrace nonetheless, from QtTestBrowser run through gdb.

Here is the backtrace from QtTestBrowser in qtwebkit-2.2-devel branch: #0 0x00007ffff608fa4d in WebCore::requiresLineBox (it=..., lineInfo=...) at /usr/local/src/Misc/webkit/Source/WebCore/rendering/RenderBlockLineLayout.cpp:1485 #1 0x00007ffff608fe23 in WebCore::RenderBlock::LineBreaker::skipLeadingWhitespace (this=0x7fffffffb6a0, resolver=..., lineInfo=..., lastFloatFromPreviousLine=0x0, width=...) at /usr/local/src/Misc/webkit/Source/WebCore/rendering/RenderBlockLineLayout.cpp:1528 #2 0x00007ffff60911bc in WebCore::RenderBlock::LineBreaker::nextLineBreak (this=0x7fffffffb6a0, resolver=..., lineInfo=..., lineBreakIteratorInfo=..., lastFloatFromPreviousLine=0x0) at /usr/local/src/Misc/webkit/Source/WebCore/rendering/RenderBlockLineLayout.cpp:1826 #3 0x00007ffff608c405 in WebCore::RenderBlock::layoutRunsAndFloats (this=0x10e0458, fullLayout=false, hasInlineChild=true, floats=..., repaintLogicalTop=@0x7fffffffbbfc, repaintLogicalBottom=@0x7fffffffbbf8) at /usr/local/src/Misc/webkit/Source/WebCore/rendering/RenderBlockLineLayout.cpp:915 #4 0x00007ffff608deac in WebCore::RenderBlock::layoutInlineChildren (this=0x10e0458, relayoutChildren=false, repaintLogicalTop=@0x7fffffffbbfc, repaintLogicalBottom=@0x7fffffffbbf8) at /usr/local/src/Misc/webkit/Source/WebCore/rendering/RenderBlockLineLayout.cpp:1164 #5 0x00007ffff60548cd in WebCore::RenderBlock::layoutBlock (this=0x10e0458, relayoutChildren=false, pageLogicalHeight=0) at /usr/local/src/Misc/webkit/Source/WebCore/rendering/RenderBlock.cpp:1251 #6 0x00007ffff6054200 in WebCore::RenderBlock::layout (this=0x10e0458) at /usr/local/src/Misc/webkit/Source/WebCore/rendering/RenderBlock.cpp:1149 #7 0x00007ffff6057d84 in WebCore::RenderBlock::layoutBlockChild (this=0xd26f28, child=0x10e0458, marginInfo=..., previousFloatLogicalBottom=@0x7fffffffbecc, maxFloatLogicalBottom=@0x7fffffffc024) at /usr/local/src/Misc/webkit/Source/WebCore/rendering/RenderBlock.cpp:1991 #8 0x00007ffff605796b in WebCore::RenderBlock::layoutBlockChildren (this=0xd26f28, relayoutChildren=false, maxFloatLogicalBottom=@0x7fffffffc024) at /usr/local/src/Misc/webkit/Source/WebCore/rendering/RenderBlock.cpp:1929 #9 0x00007ffff60548ee in WebCore::RenderBlock::layoutBlock (this=0xd26f28, relayoutChildren=false, pageLogicalHeight=0) at /usr/local/src/Misc/webkit/Source/WebCore/rendering/RenderBlock.cpp:1253 #10 0x00007ffff6054200 in WebCore::RenderBlock::layout (this=0xd26f28) at /usr/local/src/Misc/webkit/Source/WebCore/rendering/RenderBlock.cpp:1149 #11 0x00007ffff6057d84 in WebCore::RenderBlock::layoutBlockChild (this=0x8c22f8, child=0xd26f28, marginInfo=..., previousFloatLogicalBottom=@0x7fffffffc2fc, maxFloatLogicalBottom=@0x7fffffffc454) at /usr/local/src/Misc/webkit/Source/WebCore/rendering/RenderBlock.cpp:1991 #12 0x00007ffff605796b in WebCore::RenderBlock::layoutBlockChildren (this=0x8c22f8, relayoutChildren=false, maxFloatLogicalBottom=@0x7fffffffc454) at /usr/local/src/Misc/webkit/Source/WebCore/rendering/RenderBlock.cpp:1929 #13 0x00007ffff60548ee in WebCore::RenderBlock::layoutBlock (this=0x8c22f8, relayoutChildren=false, pageLogicalHeight=0) at /usr/local/src/Misc/webkit/Source/WebCore/rendering/RenderBlock.cpp:1253 #14 0x00007ffff6054200 in WebCore::RenderBlock::layout (this=0x8c22f8) at /usr/local/src/Misc/webkit/Source/WebCore/rendering/RenderBlock.cpp:1149 #15 0x00007ffff6057d84 in WebCore::RenderBlock::layoutBlockChild (this=0x940008, child=0x8c22f8, marginInfo=..., previousFloatLogicalBottom=@0x7fffffffc72c, maxFloatLogicalBottom=@0x7fffffffc884) at /usr/local/src/Misc/webkit/Source/WebCore/rendering/RenderBlock.cpp:1991 #16 0x00007ffff605796b in WebCore::RenderBlock::layoutBlockChildren (this=0x940008, relayoutChildren=false, maxFloatLogicalBottom=@0x7fffffffc884) at /usr/local/src/Misc/webkit/Source/WebCore/rendering/RenderBlock.cpp:1929 #17 0x00007ffff60548ee in WebCore::RenderBlock::layoutBlock (this=0x940008, relayoutChildren=false, pageLogicalHeight=0) at /usr/local/src/Misc/webkit/Source/WebCore/rendering/RenderBlock.cpp:1253 #18 0x00007ffff6054200 in WebCore::RenderBlock::layout (this=0x940008) at /usr/local/src/Misc/webkit/Source/WebCore/rendering/RenderBlock.cpp:1149 #19 0x00007ffff616f04b in WebCore::RenderView::layout (this=0x940008) at /usr/local/src/Misc/webkit/Source/WebCore/rendering/RenderView.cpp:130 #20 0x00007ffff5f47bc6 in WebCore::FrameView::layout (this=0x8e7f50, allowSubtree=true) at /usr/local/src/Misc/webkit/Source/WebCore/page/FrameView.cpp:964 #21 0x00007ffff5f4daaf in WebCore::FrameView::updateLayoutAndStyleIfNeededRecursive (this=0x8e7f50) at /usr/local/src/Misc/webkit/Source/WebCore/page/FrameView.cpp:2491 #22 0x00007ffff59d60c6 in QWebFramePrivate::renderRelativeCoords (this=0x9cab20, context=0x7fffffffcdb0, layers=..., clip=...) at /usr/local/src/Misc/webkit/Source/WebKit/qt/Api/qwebframe.cpp:357 #23 0x00007ffff59d9635 in QWebFrame::render (this=0x9cb160, painter=0x7fffffffce80, clip=...) at /usr/local/src/Misc/webkit/Source/WebKit/qt/Api/qwebframe.cpp:1233 #24 0x00007ffff59fe170 in QWebView::paintEvent (this=0x8a1960, ev=0x7fffffffd490) at /usr/local/src/Misc/webkit/Source/WebKit/qt/Api/qwebview.cpp:961 #25 0x00007ffff2de30ac in QWidget::event(QEvent*) () from /usr/lib/libQtGui.so.4 #26 0x00007ffff59fdee4 in QWebView::event (this=0x8a1960, e=0x7fffffffd490) at /usr/local/src/Misc/webkit/Source/WebKit/qt/Api/qwebview.cpp:865 #27 0x00007ffff2d92ae4 in QApplicationPrivate::notify_helper(QObject*, QEvent*) () from /usr/lib/libQtGui.so.4 #28 0x00007ffff2d97951 in QApplication::notify(QObject*, QEvent*) () from /usr/lib/libQtGui.so.4 #29 0x00007ffff257189c in QCoreApplication::notifyInternal(QObject*, QEvent*) () from /usr/lib/libQtCore.so.4 #30 0x00007ffff2ddffe4 in QWidgetPrivate::drawWidget(QPaintDevice*, QRegion const&, QPoint const&, int, QPainter*, QWidgetBackingStore*) () from /usr/lib/libQtGui.so.4 #31 0x00007ffff2f9f1d6 in ?? () from /usr/lib/libQtGui.so.4 #32 0x00007ffff2dd6840 in QWidgetPrivate::syncBackingStore() () from /usr/lib/libQtGui.so.4 #33 0x00007ffff2de35bc in QWidget::event(QEvent*) () from /usr/lib/libQtGui.so.4 #34 0x00007ffff31a0d7b in QMainWindow::event(QEvent*) () from /usr/lib/libQtGui.so.4 #35 0x00007ffff2d92ae4 in QApplicationPrivate::notify_helper(QObject*, QEvent*) () from /usr/lib/libQtGui.so.4 #36 0x00007ffff2d97951 in QApplication::notify(QObject*, QEvent*) () from /usr/lib/libQtGui.so.4 #37 0x00007ffff257189c in QCoreApplication::notifyInternal(QObject*, QEvent*) () from /usr/lib/libQtCore.so.4 #38 0x00007ffff2574c2f in QCoreApplicationPrivate::sendPostedEvents(QObject*, int, QThreadData*) () from /usr/lib/libQtCore.so.4 #39 0x00007ffff259c1a3 in ?? () from /usr/lib/libQtCore.so.4 #40 0x00007ffff044484d in g_main_context_dispatch () from /usr/lib/libglib-2.0.so.0 #41 0x00007ffff0445048 in ?? () from /usr/lib/libglib-2.0.so.0 #42 0x00007ffff0445219 in g_main_context_iteration () from /usr/lib/libglib-2.0.so.0 #43 0x00007ffff259c606 in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib/libQtCore.so.4 #44 0x00007ffff2e35eee in ?? () from /usr/lib/libQtGui.so.4 #45 0x00007ffff2570a92 in QEventLoop::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib/libQtCore.so.4 #46 0x00007ffff2570c97 in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib/libQtCore.so.4 #47 0x00007ffff2574eab in QCoreApplication::exec() () from /usr/lib/libQtCore.so.4 #48 0x000000000043007c in launcherMain (app=...) at /usr/local/src/Misc/webkit/Tools/QtTestBrowser/main.cpp:101 #49 0x00000000004322b6 in main (argc=1, argv=0x7fffffffe628) at /usr/local/src/Misc/webkit/Tools/QtTestBrowser/main.cpp:359

A crash on a second site, http://einestages.spiegel.de/static/topicalbumbackground/24067/teure_putzaktion.html, that produces the same backtrace was reported downstream. See https://bugs.kde.org/show_bug.cgi?id=288631 and the backtrace using QtTestBrowser from qtwebkit-2.2-devel git branch: Program received signal SIGSEGV, Segmentation fault. 0x00007ffff608fa4d in WebCore::requiresLineBox (it=..., lineInfo=...) at /usr/local/src/Misc/webkit/Source/WebCore/rendering/RenderBlockLineLayout.cpp:1485 1485 if (it.m_obj->isRenderInline() && !inlineFlowRequiresLineBox(toRenderInline(it.m_obj))) (gdb) bt #0 0x00007ffff608fa4d in WebCore::requiresLineBox (it=..., lineInfo=...) at /usr/local/src/Misc/webkit/Source/WebCore/rendering/RenderBlockLineLayout.cpp:1485 #1 0x00007ffff608fe23 in WebCore::RenderBlock::LineBreaker::skipLeadingWhitespace (this=0x7fffffff9830, resolver=..., lineInfo=..., lastFloatFromPreviousLine=0x11d0ee0, width=...) at /usr/local/src/Misc/webkit/Source/WebCore/rendering/RenderBlockLineLayout.cpp:1528 #2 0x00007ffff60911bc in WebCore::RenderBlock::LineBreaker::nextLineBreak (this=0x7fffffff9830, resolver=..., lineInfo=..., lineBreakIteratorInfo=..., lastFloatFromPreviousLine=0x11d0ee0) at /usr/local/src/Misc/webkit/Source/WebCore/rendering/RenderBlockLineLayout.cpp:1826 #3 0x00007ffff608c405 in WebCore::RenderBlock::layoutRunsAndFloats (this=0x10f2908, fullLayout=false, hasInlineChild=true, floats=..., repaintLogicalTop=@0x7fffffff9d8c, repaintLogicalBottom=@0x7fffffff9d88) at /usr/local/src/Misc/webkit/Source/WebCore/rendering/RenderBlockLineLayout.cpp:915 #4 0x00007ffff608deac in WebCore::RenderBlock::layoutInlineChildren (this=0x10f2908, relayoutChildren=false, repaintLogicalTop=@0x7fffffff9d8c, repaintLogicalBottom=@0x7fffffff9d88) at /usr/local/src/Misc/webkit/Source/WebCore/rendering/RenderBlockLineLayout.cpp:1164 #5 0x00007ffff60548cd in WebCore::RenderBlock::layoutBlock (this=0x10f2908, relayoutChildren=false, pageLogicalHeight=0) at /usr/local/src/Misc/webkit/Source/WebCore/rendering/RenderBlock.cpp:1251 #6 0x00007ffff6054200 in WebCore::RenderBlock::layout (this=0x10f2908) at /usr/local/src/Misc/webkit/Source/WebCore/rendering/RenderBlock.cpp:1149 #7 0x00007ffff6057d84 in WebCore::RenderBlock::layoutBlockChild (this=0xc52168, child=0x10f2908, marginInfo=..., previousFloatLogicalBottom=@0x7fffffffa05c, maxFloatLogicalBottom=@0x7fffffffa1b4) at /usr/local/src/Misc/webkit/Source/WebCore/rendering/RenderBlock.cpp:1991 #8 0x00007ffff605796b in WebCore::RenderBlock::layoutBlockChildren (this=0xc52168, relayoutChildren=false, maxFloatLogicalBottom=@0x7fffffffa1b4) at /usr/local/src/Misc/webkit/Source/WebCore/rendering/RenderBlock.cpp:1929 #9 0x00007ffff60548ee in WebCore::RenderBlock::layoutBlock (this=0xc52168, relayoutChildren=false, pageLogicalHeight=0) at /usr/local/src/Misc/webkit/Source/WebCore/rendering/RenderBlock.cpp:1253 #10 0x00007ffff6054200 in WebCore::RenderBlock::layout (this=0xc52168) at /usr/local/src/Misc/webkit/Source/WebCore/rendering/RenderBlock.cpp:1149 #11 0x00007ffff6057d84 in WebCore::RenderBlock::layoutBlockChild (this=0x9c1508, child=0xc52168, marginInfo=..., previousFloatLogicalBottom=@0x7fffffffa48c, maxFloatLogicalBottom=@0x7fffffffa5e4) at /usr/local/src/Misc/webkit/Source/WebCore/rendering/RenderBlock.cpp:1991 #12 0x00007ffff605796b in WebCore::RenderBlock::layoutBlockChildren (this=0x9c1508, relayoutChildren=false, maxFloatLogicalBottom=@0x7fffffffa5e4) at /usr/local/src/Misc/webkit/Source/WebCore/rendering/RenderBlock.cpp:1929 #13 0x00007ffff60548ee in WebCore::RenderBlock::layoutBlock (this=0x9c1508, relayoutChildren=false, pageLogicalHeight=0) at /usr/local/src/Misc/webkit/Source/WebCore/rendering/RenderBlock.cpp:1253 #14 0x00007ffff6054200 in WebCore::RenderBlock::layout (this=0x9c1508) at /usr/local/src/Misc/webkit/Source/WebCore/rendering/RenderBlock.cpp:1149 #15 0x00007ffff6057d84 in WebCore::RenderBlock::layoutBlockChild (this=0x9afaf8, child=0x9c1508, marginInfo=..., previousFloatLogicalBottom=@0x7fffffffa8bc, maxFloatLogicalBottom=@0x7fffffffaa14) at /usr/local/src/Misc/webkit/Source/WebCore/rendering/RenderBlock.cpp:1991 #16 0x00007ffff605796b in WebCore::RenderBlock::layoutBlockChildren (this=0x9afaf8, relayoutChildren=false, maxFloatLogicalBottom=@0x7fffffffaa14) at /usr/local/src/Misc/webkit/Source/WebCore/rendering/RenderBlock.cpp:1929 #17 0x00007ffff60548ee in WebCore::RenderBlock::layoutBlock (this=0x9afaf8, relayoutChildren=false, pageLogicalHeight=0) at /usr/local/src/Misc/webkit/Source/WebCore/rendering/RenderBlock.cpp:1253 #18 0x00007ffff6054200 in WebCore::RenderBlock::layout (this=0x9afaf8) at /usr/local/src/Misc/webkit/Source/WebCore/rendering/RenderBlock.cpp:1149 #19 0x00007ffff616f04b in WebCore::RenderView::layout (this=0x9afaf8) at /usr/local/src/Misc/webkit/Source/WebCore/rendering/RenderView.cpp:130 #20 0x00007ffff5f47bc6 in WebCore::FrameView::layout (this=0x94b1f0, allowSubtree=true) at /usr/local/src/Misc/webkit/Source/WebCore/page/FrameView.cpp:964 #21 0x00007ffff5bd58f9 in WebCore::Document::updateLayout (this=0xaa09d0) at /usr/local/src/Misc/webkit/Source/WebCore/dom/Document.cpp:1580 #22 0x00007ffff5bd59da in WebCore::Document::updateLayoutIgnorePendingStylesheets (this=0xaa09d0) at /usr/local/src/Misc/webkit/Source/WebCore/dom/Document.cpp:1611 #23 0x00007ffff5afc253 in WebCore::CSSComputedStyleDeclaration::getPropertyCSSValue (this=0x1243dd0, propertyID=1001, updateLayout=WebCore::UpdateLayout) at /usr/local/src/Misc/webkit/Source/WebCore/css/CSSComputedStyleDeclaration.cpp:803 #24 0x00007ffff5afaab9 in WebCore::CSSComputedStyleDeclaration::getPropertyCSSValue (this=0x1243dd0, propertyID=1001) at /usr/local/src/Misc/webkit/Source/WebCore/css/CSSComputedStyleDeclaration.cpp:675 #25 0x00007ffff5b07582 in WebCore::CSSComputedStyleDeclaration::getPropertyValue (this=0x1243dd0, propertyID=1001) at /usr/local/src/Misc/webkit/Source/WebCore/css/CSSComputedStyleDeclaration.cpp:1819 #26 0x00007ffff5b5e88b in WebCore::CSSStyleDeclaration::getPropertyValue (this=0x1243dd0, propertyName=...) at /usr/local/src/Misc/webkit/Source/WebCore/css/CSSStyleDeclaration.cpp:77 #27 0x00007ffff56c9ab8 in WebCore::jsCSSStyleDeclarationPrototypeFunctionGetPropertyValue (exec=0x7fff9f666d68) at ../../WebCore/generated/JSCSSStyleDeclaration.cpp:295 #28 0x00007fff9fa661e8 in ?? () #29 0x00007fffffffcc20 in ?? () #30 0x00007fff9facb180 in ?? () #31 0x00007fffffffcbb0 in ?? () #32 0x00007fff981b53b0 in ?? () #33 0x0000000001181458 in ?? () #34 0x0000000001181410 in ?? () #35 0x00007fff9fb24317 in ?? () #36 0x00007fff00000010 in ?? () #37 0x00007fffffffcbe0 in ?? () #38 0x00007ffff5696ef5 in JSC::JSValue::decode (ptr=0x7fffffffd3b0) at /usr/local/src/Misc/webkit/Source/JavaScriptCore/runtime/JSValueInlineMethods.h:369 #39 0x00007ffff661b0de in JSC::JITCode::execute (this=0x7fff9dee7768, registerFile=0x903c28, callFrame=0x7fff9f666048, globalData=0xa5a390) at /usr/local/src/Misc/webkit/Source/JavaScriptCore/jit/JITCode.h:77 #40 0x00007ffff6617dae in JSC::Interpreter::executeCall (this=0x903c10, callFrame=0x7ffff7e141d8, function=0x7fff98277490, callType=JSC::CallTypeJS, callData=..., thisValue=..., args=...) at /usr/local/src/Misc/webkit/Source/JavaScriptCore/interpreter/Interpreter.cpp:838 #41 0x00007ffff66461b3 in JSC::call (exec=0x7ffff7e141d8, functionObject=..., callType=JSC::CallTypeJS, callData=..., thisValue=..., args=...) at /usr/local/src/Misc/webkit/Source/JavaScriptCore/runtime/CallData.cpp:38 #42 0x00007ffff5a5de5c in WebCore::JSMainThreadExecState::call (exec=0x7ffff7e141d8, functionObject=..., callType=JSC::CallTypeJS, callData=..., thisValue=..., args=...) ---Type <return> to continue, or q <return> to quit--- at /usr/local/src/Misc/webkit/Source/WebCore/bindings/js/JSMainThreadExecState.h:48 #43 0x00007ffff5a840a5 in WebCore::JSEventListener::handleEvent (this=0xe5fe10, scriptExecutionContext=0xaa0ae8, event=0x11e55f0) at /usr/local/src/Misc/webkit/Source/WebCore/bindings/js/JSEventListener.cpp:128 #44 0x00007ffff5c24236 in WebCore::EventTarget::fireEventListeners (this=0xaa09d0, event=0x11e55f0, d=0xc96570, entry=...) at /usr/local/src/Misc/webkit/Source/WebCore/dom/EventTarget.cpp:360 #45 0x00007ffff5c2409d in WebCore::EventTarget::fireEventListeners (this=0xaa09d0, event=0x11e55f0) at /usr/local/src/Misc/webkit/Source/WebCore/dom/EventTarget.cpp:329 #46 0x00007ffff5c43515 in WebCore::Node::handleLocalEvents (this=0xaa09d0, event=0x11e55f0) at /usr/local/src/Misc/webkit/Source/WebCore/dom/Node.cpp:2808 #47 0x00007ffff5c1f912 in WebCore::EventDispatcher::dispatchEvent (this=0x7fffffffd3b0, event=...) at /usr/local/src/Misc/webkit/Source/WebCore/dom/EventDispatcher.cpp:306 #48 0x00007ffff5c1ddc6 in WebCore::EventDispatchMediator::dispatchEvent (this=0x7fffffffd420, dispatcher=0x7fffffffd3b0) at /usr/local/src/Misc/webkit/Source/WebCore/dom/Event.cpp:313 #49 0x00007ffff5c1e277 in WebCore::EventDispatcher::dispatchEvent (node=0xaa09d0, mediator=...) at /usr/local/src/Misc/webkit/Source/WebCore/dom/EventDispatcher.cpp:53 #50 0x00007ffff5c435cc in WebCore::Node::dispatchEvent (this=0xaa09d0, event=...) at /usr/local/src/Misc/webkit/Source/WebCore/dom/Node.cpp:2818 #51 0x00007ffff5be0a67 in WebCore::Document::finishedParsing (this=0xaa09d0) at /usr/local/src/Misc/webkit/Source/WebCore/dom/Document.cpp:4222 #52 0x00007ffff5ddecac in WebCore::HTMLTreeBuilder::finished (this=0x9c0f30) at /usr/local/src/Misc/webkit/Source/WebCore/html/parser/HTMLTreeBuilder.cpp:2820 #53 0x00007ffff5db7656 in WebCore::HTMLDocumentParser::end (this=0xab84f0) at /usr/local/src/Misc/webkit/Source/WebCore/html/parser/HTMLDocumentParser.cpp:378 #54 0x00007ffff5db7753 in WebCore::HTMLDocumentParser::attemptToRunDeferredScriptsAndEnd (this=0xab84f0) at /usr/local/src/Misc/webkit/Source/WebCore/html/parser/HTMLDocumentParser.cpp:387 #55 0x00007ffff5db66d8 in WebCore::HTMLDocumentParser::prepareToStopParsing (this=0xab84f0) at /usr/local/src/Misc/webkit/Source/WebCore/html/parser/HTMLDocumentParser.cpp:151 #56 0x00007ffff5db780a in WebCore::HTMLDocumentParser::endIfDelayed (this=0xab84f0) at /usr/local/src/Misc/webkit/Source/WebCore/html/parser/HTMLDocumentParser.cpp:412 #57 0x00007ffff5db7ae3 in WebCore::HTMLDocumentParser::resumeParsingAfterScriptExecution (this=0xab84f0) at /usr/local/src/Misc/webkit/Source/WebCore/html/parser/HTMLDocumentParser.cpp:480 #58 0x00007ffff5db7df5 in WebCore::HTMLDocumentParser::notifyFinished (this=0xab84f0, cachedResource=0xd8c6e0) at /usr/local/src/Misc/webkit/Source/WebCore/html/parser/HTMLDocumentParser.cpp:524 #59 0x00007ffff5e795ed in WebCore::CachedResource::checkNotify (this=0xd8c6e0) at /usr/local/src/Misc/webkit/Source/WebCore/loader/cache/CachedResource.cpp:144 #60 0x00007ffff5e80253 in WebCore::CachedScript::data (this=0xd8c6e0, data=..., allDataReceived=true) at /usr/local/src/Misc/webkit/Source/WebCore/loader/cache/CachedScript.cpp:104 #61 0x00007ffff64cdd5d in WebCore::CachedResourceRequest::didFinishLoading (this=0xd8caf0, loader=0xd915c0) at /usr/local/src/Misc/webkit/Source/WebCore/loader/cache/CachedResourceRequest.cpp:166 #62 0x00007ffff5eda9e4 in WebCore::SubresourceLoader::didFinishLoading (this=0xd915c0, finishTime=0) at /usr/local/src/Misc/webkit/Source/WebCore/loader/SubresourceLoader.cpp:196 #63 0x00007ffff5ed11db in WebCore::ResourceLoader::didFinishLoading (this=0xd915c0, finishTime=0) at /usr/local/src/Misc/webkit/Source/WebCore/loader/ResourceLoader.cpp:436 #64 0x00007ffff61c407f in WebCore::QNetworkReplyHandler::finish (this=0xd92480) at /usr/local/src/Misc/webkit/Source/WebCore/platform/network/qt/QNetworkReplyHandler.cpp:459 #65 0x00007ffff61c267d in WebCore::QNetworkReplyHandlerCallQueue::flush (this=0xd924b8) at /usr/local/src/Misc/webkit/Source/WebCore/platform/network/qt/QNetworkReplyHandler.cpp:196 #66 0x00007ffff61c2563 in WebCore::QNetworkReplyHandlerCallQueue::push (this=0xd924b8, method= (void (WebCore::QNetworkReplyHandler::*)(WebCore::QNetworkReplyHandler * const)) 0x7ffff61c3d8e <WebCore::QNetworkReplyHandler::finish()>) at /usr/local/src/Misc/webkit/Source/WebCore/platform/network/qt/QNetworkReplyHandler.cpp:165 #67 0x00007ffff61c375a in WebCore::QNetworkReplyWrapper::didReceiveFinished (this=0xd8f780) at /usr/local/src/Misc/webkit/Source/WebCore/platform/network/qt/QNetworkReplyHandler.cpp:353 #68 0x00007ffff61c6938 in WebCore::QNetworkReplyWrapper::qt_metacall (this=0xd8f780, _c=QMetaObject::InvokeMetaMethod, _id=1, _a=0x7fffffffda90) at ./moc_QNetworkReplyHandler.cpp:80 #69 0x00007ffff25845ea in QMetaObject::activate(QObject*, QMetaObject const*, int, void**) () from /usr/lib/libQtCore.so.4 #70 0x00007ffff2924b14 in ?? () from /usr/lib/libQtNetwork.so.4 #71 0x00007ffff290d161 in ?? () from /usr/lib/libQtNetwork.so.4 #72 0x00007ffff292314d in ?? () from /usr/lib/libQtNetwork.so.4 #73 0x00007ffff29231a1 in ?? () from /usr/lib/libQtNetwork.so.4 #74 0x00007ffff2d92ae4 in QApplicationPrivate::notify_helper(QObject*, QEvent*) () from /usr/lib/libQtGui.so.4 #75 0x00007ffff2d97951 in QApplication::notify(QObject*, QEvent*) () from /usr/lib/libQtGui.so.4 #76 0x00007ffff257189c in QCoreApplication::notifyInternal(QObject*, QEvent*) () from /usr/lib/libQtCore.so.4 #77 0x00007ffff2574c2f in QCoreApplicationPrivate::sendPostedEvents(QObject*, int, QThreadData*) () from /usr/lib/libQtCore.so.4 #78 0x00007ffff259c1a3 in ?? () from /usr/lib/libQtCore.so.4 #79 0x00007ffff044484d in g_main_context_dispatch () from /usr/lib/libglib-2.0.so.0 #80 0x00007ffff0445048 in ?? () from /usr/lib/libglib-2.0.so.0 #81 0x00007ffff0445219 in g_main_context_iteration () from /usr/lib/libglib-2.0.so.0 #82 0x00007ffff259c606 in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib/libQtCore.so.4 #83 0x00007ffff2e35eee in ?? () from /usr/lib/libQtGui.so.4 #84 0x00007ffff2570a92 in QEventLoop::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib/libQtCore.so.4 #85 0x00007ffff2570c97 in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib/libQtCore.so.4 #86 0x00007ffff2574eab in QCoreApplication::exec() () from /usr/lib/libQtCore.so.4 #87 0x000000000043007c in launcherMain (app=...) at /usr/local/src/Misc/webkit/Tools/QtTestBrowser/main.cpp:101 #88 0x00000000004322b6 in main (argc=1, argv=0x7fffffffe628) at /usr/local/src/Misc/webkit/Tools/QtTestBrowser/main.cpp:359

The Crash is consistent even in Qt-4.8-RELEASE Crash is present in 4.8.0-release-Webkit (internally packaged) The Previous 2-3 urls mentioned as well Another URL: http://www.brainyquote.com/quotes/authors/a/atal_bihari_vajpayee.html #0 0x00007ffff6b39c6a in WebCore::requiresLineBox (it=..., lineInfo=...) at rendering/RenderBlockLineLayout.cpp:1485 #1 0x00007ffff6b39fe9 in WebCore::RenderBlock::LineBreaker::skipLeadingWhitespace (this=0x7fffffff88e0, resolver=..., lineInfo=..., lastFloatFromPreviousLine=0x0, width=...) at rendering/RenderBlockLineLayout.cpp:1529 #2 0x00007ffff6b3afe2 in WebCore::RenderBlock::LineBreaker::nextLineBreak (this=0x7fffffff88e0, resolver=..., lineInfo=..., lineBreakIteratorInfo=..., lastFloatFromPreviousLine=0x0) at rendering/RenderBlockLineLayout.cpp:1827 #3 0x00007ffff6b369c5 in WebCore::RenderBlock::layoutRunsAndFloats (this=0x7fffea510120, fullLayout=false, hasInlineChild=true, floats=..., repaintLogicalTop=@0x7fffffff8e3c, repaintLogicalBottom=@0x7fffffff8e38) at rendering/RenderBlockLineLayout.cpp:915 #4 0x00007ffff6b382a2 in WebCore::RenderBlock::layoutInlineChildren (this=0x7fffea510120, relayoutChildren=false, repaintLogicalTop=@0x7fffffff8e3c, repaintLogicalBottom= @0x7fffffff8e38) at rendering/RenderBlockLineLayout.cpp:1164 #5 0x00007ffff6b08601 in WebCore::RenderBlock::layoutBlock (this=0x7fffea510120, relayoutChildren=false, pageLogicalHeight=0) at rendering/RenderBlock.cpp:1260 #6 0x00007ffff6b07f76 in WebCore::RenderBlock::layout (this=0x7fffea510120) at rendering/RenderBlock.cpp:1158 #7 0x00007ffff6b0baa3 in WebCore::RenderBlock::layoutBlockChild (this=0x7fffe01e6d18, child=0x7fffea510120, marginInfo=..., previousFloatLogicalBottom=@0x7fffffff90cc, maxFloatLogicalBottom=@0x7fffffff9224) at rendering/RenderBlock.cpp:2000 #8 0x00007ffff6b0b6d9 in WebCore::RenderBlock::layoutBlockChildren (this=0x7fffe01e6d18, relayoutChildren=false, maxFloatLogicalBottom=@0x7fffffff9224) at rendering/RenderBlock.cpp:1938 #9 0x00007ffff6b08622 in WebCore::RenderBlock::layoutBlock (this=0x7fffe01e6d18, relayoutChildren=false, pageLogicalHeight=0) at rendering/RenderBlock.cpp:1262 #10 0x00007ffff6b07f76 in WebCore::RenderBlock::layout (this=0x7fffe01e6d18) at rendering/RenderBlock.cpp:1158 #11 0x00007ffff6b012f7 in WebCore::RenderObject::layoutIfNeeded (this=0x7fffe01e6d18) at rendering/RenderObject.h:539 #12 0x00007ffff6b12020 in WebCore::RenderBlock::insertFloatingObject (this=0x7fffe01e6218, o=0x7fffe01e6d18) at rendering/RenderBlock.cpp:3169 #13 0x00007ffff6b09c3f in WebCore::RenderBlock::handleFloatingChild (this=0x7fffe01e6218, child=0x7fffe01e6d18, marginInfo=...) at rendering/RenderBlock.cpp:1530 #14 0x00007ffff6b09b7a in WebCore::RenderBlock::handleSpecialChild (this=0x7fffe01e6218, child=0x7fffe01e6d18, marginInfo=...) at rendering/RenderBlock.cpp:1512 #15 0x00007ffff6b0b6a7 in WebCore::RenderBlock::layoutBlockChildren (this=0x7fffe01e6218, relayoutChildren=false, maxFloatLogicalBottom=@0x7fffffff9684) at rendering/RenderBlock.cpp:1934 #16 0x00007ffff6b08622 in WebCore::RenderBlock::layoutBlock (this=0x7fffe01e6218, relayoutChildren=false, pageLogicalHeight=0) at rendering/RenderBlock.cpp:1262 #17 0x00007ffff6b07f76 in WebCore::RenderBlock::layout (this=0x7fffe01e6218) at rendering/RenderBlock.cpp:1158 #18 0x00007ffff6b0baa3 in WebCore::RenderBlock::layoutBlockChild (this=0x7fffe053f6c8, child=0x7fffe01e6218, marginInfo=..., previousFloatLogicalBottom=@0x7fffffff991c, maxFloatLogicalBottom=@0x7fffffff9a74) at rendering/RenderBlock.cpp:2000 #19 0x00007ffff6b0b6d9 in WebCore::RenderBlock::layoutBlockChildren (this=0x7fffe053f6c8, relayoutChildren=false, maxFloatLogicalBottom=@0x7fffffff9a74) at rendering/RenderBlock.cpp:1938 #20 0x00007ffff6b08622 in WebCore::RenderBlock::layoutBlock (this=0x7fffe053f6c8, relayoutChildren=false, pageLogicalHeight=0) at rendering/RenderBlock.cpp:1262 #21 0x00007ffff6b07f76 in WebCore::RenderBlock::layout (this=0x7fffe053f6c8) at rendering/RenderBlock.cpp:1158 #22 0x00007ffff6b0baa3 in WebCore::RenderBlock::layoutBlockChild (this=0x7fffe053f498, child=0x7fffe053f6c8, marginInfo=..., previousFloatLogicalBottom=@0x7fffffff9d0c, maxFloatLogicalBottom=@0x7fffffff9e64) at rendering/RenderBlock.cpp:2000 #23 0x00007ffff6b0b6d9 in WebCore::RenderBlock::layoutBlockChildren (this=0x7fffe053f498, relayoutChildren=false, maxFloatLogicalBottom=@0x7fffffff9e64) at rendering/RenderBlock.cpp:1938 #24 0x00007ffff6b08622 in WebCore::RenderBlock::layoutBlock (this=0x7fffe053f498, relayoutChildren=false, pageLogicalHeight=0) at rendering/RenderBlock.cpp:1262 #25 0x00007ffff6b07f76 in WebCore::RenderBlock::layout (this=0x7fffe053f498) at rendering/RenderBlock.cpp:1158 #26 0x00007ffff6b0baa3 in WebCore::RenderBlock::layoutBlockChild (this=0x7fffe053f220, child=0x7fffe053f498, marginInfo=..., previousFloatLogicalBottom=@0x7fffffffa0fc, maxFloatLogicalBottom=@0x7fffffffa254) at rendering/RenderBlock.cpp:2000 #27 0x00007ffff6b0b6d9 in WebCore::RenderBlock::layoutBlockChildren (this=0x7fffe053f220, relayoutChildren=false, maxFloatLogicalBottom=@0x7fffffffa254) at rendering/RenderBlock.cpp:1938 #28 0x00007ffff6b08622 in WebCore::RenderBlock::layoutBlock (this=0x7fffe053f220, relayoutChildren=false, pageLogicalHeight=0) at rendering/RenderBlock.cpp:1262 #29 0x00007ffff6b07f76 in WebCore::RenderBlock::layout (this=0x7fffe053f220) at rendering/RenderBlock.cpp:1158 #30 0x00007ffff6c0345a in WebCore::RenderView::layout (this=0x7fffe053f220) at rendering/RenderView.cpp:130 #31 0x00007ffff6a41c57 in WebCore::FrameView::layout (this=0x7fffea50ab80, allowSubtree=true) at page/FrameView.cpp:964 #32 0x00007ffff6a47334 in WebCore::FrameView::updateLayoutAndStyleIfNeededRecursive (this=0x7fffea50ab80) at page/FrameView.cpp:2491 #33 0x00007ffff65ffb32 in QWebFramePrivate::renderRelativeCoords (this=0x7fffe4002d10, context=0x7fffffffa750, layers=..., clip=...) at Api/qwebframe.cpp:357 ---Type <return> to continue, or q <return> to quit--- #34 0x00007ffff6602920 in QWebFrame::render (this=0x7fffe4002c30, painter=0x7fffffffa820, clip=...) at Api/qwebframe.cpp:1233 #35 0x00007ffff66223ab in QWebView::paintEvent (this=0x7e92b0, ev=0x7fffffffb270) at Api/qwebview.cpp:961 #36 0x00007ffff5144b4f in QWidget::event (this=0x7e92b0, event=0x7fffffffb270) at kernel/qwidget.cpp:8507 #37 0x00007ffff662213a in QWebView::event (this=0x7e92b0, e=0x7fffffffb270) at Api/qwebview.cpp:865 #38 0x00007ffff50ec526 in QApplicationPrivate::notify_helper (this=0x6a33b0, receiver=0x7e92b0, e=0x7fffffffb270) at kernel/qapplication.cpp:4550 #39 0x00007ffff50ec387 in QApplication::notify (this=0x7fffffffd700, receiver=0x7e92b0, e=0x7fffffffb270) at kernel/qapplication.cpp:4515 #40 0x00007ffff46deb55 in QCoreApplication::notifyInternal (this=0x7fffffffd700, receiver=0x7e92b0, event=0x7fffffffb270) at kernel/qcoreapplication.cpp:876 #41 0x00007ffff50ee5cb in QCoreApplication::sendSpontaneousEvent (receiver=0x7e92b0, event=0x7fffffffb270) at ../../include/QtCore/../../src/corelib/kernel/qcoreapplication.h:234 #42 0x00007ffff513cf4a in QWidgetPrivate::drawWidget (this=0x7e9310, pdev=0x7f5298, rgn=..., offset=..., flags=4, sharedPainter=0x0, backingStore=0x7f5220) at kernel/qwidget.cpp:5584 #43 0x00007ffff513de16 in QWidgetPrivate::paintSiblingsRecursive (this=0x737870, pdev=0x7f5298, siblings=..., index=0, rgn=..., offset=..., flags=4, sharedPainter=0x0, backingStore=0x7f5220) at kernel/qwidget.cpp:5793 #44 0x00007ffff513d36e in QWidgetPrivate::drawWidget (this=0x737870, pdev=0x7f5298, rgn=..., offset=..., flags=4, sharedPainter=0x0, backingStore=0x7f5220) at kernel/qwidget.cpp:5637 #45 0x00007ffff513de16 in QWidgetPrivate::paintSiblingsRecursive (this=0x71b120, pdev=0x7f5298, siblings=..., index=0, rgn=..., offset=..., flags=4, sharedPainter=0x0, backingStore=0x7f5220) at kernel/qwidget.cpp:5793 #46 0x00007ffff513dc9a in QWidgetPrivate::paintSiblingsRecursive (this=0x71b120, pdev=0x7f5298, siblings=..., index=0, rgn=..., offset=..., flags=4, sharedPainter=0x0, backingStore=0x7f5220) at kernel/qwidget.cpp:5780 #47 0x00007ffff513d36e in QWidgetPrivate::drawWidget (this=0x71b120, pdev=0x7f5298, rgn=..., offset=..., flags=4, sharedPainter=0x0, backingStore=0x7f5220) at kernel/qwidget.cpp:5637 #48 0x00007ffff513de16 in QWidgetPrivate::paintSiblingsRecursive (this=0x7934f0, pdev=0x7f5298, siblings=..., index=0, rgn=..., offset=..., flags=4, sharedPainter=0x0, backingStore=0x7f5220) at kernel/qwidget.cpp:5793 #49 0x00007ffff513d36e in QWidgetPrivate::drawWidget (this=0x7934f0, pdev=0x7f5298, rgn=..., offset=..., flags=4, sharedPainter=0x0, backingStore=0x7f5220) at kernel/qwidget.cpp:5637 #50 0x00007ffff513de16 in QWidgetPrivate::paintSiblingsRecursive (this=0x736a00, pdev=0x7f5298, siblings=..., index=21, rgn=..., offset=..., flags=4, sharedPainter=0x0, backingStore=0x7f5220) at kernel/qwidget.cpp:5793 #51 0x00007ffff513dc9a in QWidgetPrivate::paintSiblingsRecursive (this=0x736a00, pdev=0x7f5298, siblings=..., index=22, rgn=..., offset=..., flags=4, sharedPainter=0x0, backingStore=0x7f5220) at kernel/qwidget.cpp:5780 #52 0x00007ffff513d36e in QWidgetPrivate::drawWidget (this=0x736a00, pdev=0x7f5298, rgn=..., offset=..., flags=5, sharedPainter=0x0, backingStore=0x7f5220) at kernel/qwidget.cpp:5637 #53 0x00007ffff5348888 in QWidgetBackingStore::sync (this=0x7f5220) at painting/qbackingstore.cpp:1373 #54 0x00007ffff5134657 in QWidgetPrivate::syncBackingStore (this=0x736a00) at kernel/qwidget.cpp:1890 #55 0x00007ffff5145126 in QWidget::event (this=0x735fd0, event=0x9aa7b0) at kernel/qwidget.cpp:8654 #56 0x00007ffff559acd0 in QMainWindow::event (this=0x735fd0, event=0x9aa7b0) at widgets/qmainwindow.cpp:1478 #57 0x00007ffff50ec526 in QApplicationPrivate::notify_helper (this=0x6a33b0, receiver=0x735fd0, e=0x9aa7b0) at kernel/qapplication.cpp:4550 #58 0x00007ffff50ec387 in QApplication::notify (this=0x7fffffffd700, receiver=0x735fd0, e=0x9aa7b0) at kernel/qapplication.cpp:4515 #59 0x00007ffff46deb55 in QCoreApplication::notifyInternal (this=0x7fffffffd700, receiver=0x735fd0, event=0x9aa7b0) at kernel/qcoreapplication.cpp:876 #60 0x00007ffff66081e7 in QCoreApplication::sendEvent (receiver=0x735fd0, event=0x9aa7b0) at ../../../../../../include/QtCore/../../src/corelib/kernel/qcoreapplication.h:231 #61 0x00007ffff46dfab1 in QCoreApplicationPrivate::sendPostedEvents (receiver=0x0, event_type=0, data=0x6a3500) at kernel/qcoreapplication.cpp:1497 #62 0x00007ffff46df717 in QCoreApplication::sendPostedEvents (receiver=0x0, event_type=0) at kernel/qcoreapplication.cpp:1393 #63 0x00007ffff50c224d in QCoreApplication::sendPostedEvents () at ../../include/QtCore/../../src/corelib/kernel/qcoreapplication.h:236 #64 0x00007ffff4714a91 in postEventSourceDispatch (s=0x6ab1c0) at kernel/qeventdispatcher_glib.cpp:279 #65 0x00007ffff191abd3 in g_main_context_dispatch () from /lib64/libglib-2.0.so.0 #66 0x00007ffff191b3b0 in ?? () from /lib64/libglib-2.0.so.0 #67 0x00007ffff191b650 in g_main_context_iteration () from /lib64/libglib-2.0.so.0 #68 0x00007ffff47152bb in QEventDispatcherGlib::processEvents (this=0x6a86b0, flags=...) at kernel/qeventdispatcher_glib.cpp:424 ---Type <return> to continue, or q <return> to quit--- #69 0x00007ffff517fe66 in QWSEventDispatcherGlib::processEvents (this=0x6a86b0, flags=...) at kernel/qeventdispatcher_glib_qws.cpp:183 #70 0x00007ffff46dc892 in QEventLoop::processEvents (this=0x7fffffffd6a0, flags=...) at kernel/qeventloop.cpp:149 #71 0x00007ffff46dca1c in QEventLoop::exec (this=0x7fffffffd6a0, flags=...) at kernel/qeventloop.cpp:200 #72 0x00007ffff46df1a2 in QCoreApplication::exec () at kernel/qcoreapplication.cpp:1148 #73 0x00007ffff50e9a01 in QApplication::exec () at kernel/qapplication.cpp:3811 #74 0x000000000046af3b in main (argc=3, argv=0x7fffffffd828) at main.cpp:51

I can't reproduce this on trunk, even on a Qt debug build.

Can one of the reporters try to reproduce it on WebKit trunk and provide a reduced test case please? Otherwise this will have to be closed as invalid.

Robert, The bug is on Qt-4.8/Qt-Webkit2.2 release ... seems to be fixed on Trunk (not sure what fixed it.. too many changes to RenderBlock since the last 4.8 release) this one Should be blocking 68616

I believe that this bug is resolved by Changeset 86060 on trunk (https://trac.webkit.org/changeset/86060). The site http://www.usa.com/chamblee-ga-crime-and-crime-rate.htm in it's current state (3/2/12) should repro the crash 100% of the time.

Hello, I've encountered the same bug on symbian^3 using QtWebkit and Qt version 4.7.4 when i disable javascript on the QtWebView the crash doesnt not happen so i believe this bug also related to javascript (or any javascript code that runs on load and interact with the html dom) so far what i observed is that all the mentioned sites (and my own sites that are faulting "http://www.themarker.com/misc/iphone-article/1.1681964") are using jquery.min.js perhaps this could help in trackback the bug and solve it and offer a work-around for those that are "stuck" on older versions of QtWebKit (since i cannot do an upgrade on Qt version on symbian device that isnt via the smartinstaller and that is fixed to a certain version)

The suggestion in comment #8 is correct. The issue seems to be resolved by Changeset 86060 on trunk (https://trac.webkit.org/changeset/86060) which is part of the qtwebkit 2.3 branch. Closing as fixed in future qtwebkit release.