It's flash-plugin crashing for me, it's calling g_object_unref on an invalid pointer.

I'd venture to guess qtwebkit needs the same workaround that kde's khtml includes, that pre-initializes the glib-event loop (egads, flash has had this bug for 2+ years).

but why flash don't crash with others renderings like firefox ?

Newer flash doesn't seem to crash for me anymore (since upgrading to flash-11.1)

currently, I have
flash-plugin-11.1.102.55-release.x86_64

flash likely failed to initialize the glib event loop properly, which only is evident when using a non glib/gtk-based browser.

Is this still a problem for you?

rats, arora/rekonq still crashes on that site, and others now (like youtube), so I take it back.

It was better for time... :(

this link :
http://bitsandpieces.us/2011/12/16/top-10-biggest-and-best-jumps-ever/

crash on konqueror with webkit rendering and flash-plugin-11.1.102.55-release.x86_64 on Fedora 16 updated .

when I press on right ad which is something like  http://www.googleadservices.com/pagead/aclk?sa=L&ai=BVLCKW8UHT5SkL(...) , konqueor crash

Re: comment #1 , for better or worse, I've confirmed that qtwebkit already does include a workaround to call gtk_init for flash-plugin case.

(In reply to comment #6)
> Re: comment #1 , for better or worse, I've confirmed that qtwebkit already does
> include a workaround to call gtk_init for flash-plugin case.

with update qtwebkit-2.2.1-2.fc16, doesn't fix my crash at #5,
Anyone have also the crash ? 
I wonder, if the problem is in video-driver

Here's a typical backtrace of the crashes I see (using rekonq):

You'll notice that it eventually ends in flash-plugin calling  g_object_unref on an invalid pointer.   I very much doubt this is video driver related.

Thread 1 (Thread 0x7fc0efa27840 (LWP 25225)):
[KCrash Handler]
#6  0x0000003f09411449 in g_object_unref (_object=0x5335040) at gobject.c:2740
#7  0x00007fc084699418 in ?? () from /usr/lib64/flash-plugin/libflashplayer.so
#8  0x00007fc0846995dd in ?? () from /usr/lib64/flash-plugin/libflashplayer.so
#9  0x00007fc084695ca0 in ?? () from /usr/lib64/flash-plugin/libflashplayer.so
#10 0x00007fc08468f182 in ?? () from /usr/lib64/flash-plugin/libflashplayer.so
#11 0x0000003f19f78994 in WebCore::PluginView::stop (this=0x7fc07a272340) at ../../../Source/WebCore/plugins/PluginView.cpp:385
#12 0x0000003f19f7a551 in (anonymous namespace)::PluginView::~PluginView (this=0x7fc07a272340, __in_chrg=<optimized out>) at ../../../Source/WebCore/plugins/PluginView.cpp:301
#13 0x0000003f19f7acc9 in (anonymous namespace)::PluginView::~PluginView (this=0x7fc07a272340, __in_chrg=<optimized out>) at ../../../Source/WebCore/plugins/PluginView.cpp:314
#14 0x0000003f1a061c80 in deref (this=<optimized out>) at ../../../Source/JavaScriptCore/wtf/RefCounted.h:141
#15 derefIfNotNull<WebCore::Widget> (ptr=<optimized out>) at ../../../Source/JavaScriptCore/wtf/PassRefPtr.h:59
#16 derefIfNotNull<WebCore::Widget> (ptr=<optimized out>) at ../../../Source/JavaScriptCore/wtf/HashTable.h:888
#17 ~RefPtr (this=<optimized out>, __in_chrg=<optimized out>) at ../../../Source/JavaScriptCore/wtf/RefPtr.h:58
#18 ~pair (this=<optimized out>, __in_chrg=<optimized out>) at /usr/include/c++/4.6.2/bits/stl_pair.h:87
#19 WTF::HashTable<WTF::RefPtr<WebCore::Widget>, std::pair<WTF::RefPtr<WebCore::Widget>, WebCore::FrameView*>, WTF::PairFirstExtractor<std::pair<WTF::RefPtr<WebCore::Widget>, WebCore::FrameView*> >, WTF::PtrHash<WTF::RefPtr<WebCore::Widget> >, WTF::PairHashTraits<WTF::HashTraits<WTF::RefPtr<WebCore::Widget> >, WTF::HashTraits<WebCore::FrameView*> >, WTF::HashTraits<WTF::RefPtr<WebCore::Widget> > >::deallocateTable (table=0x7fc079f20000, size=<optimized out>) at ../../../Source/JavaScriptCore/wtf/HashTable.h:893
#20 0x0000003f1a0629ee in ~HashTable (this=0x7fffe7ee8170, __in_chrg=<optimized out>) at ../../../Source/JavaScriptCore/wtf/HashTable.h:300
#21 ~HashMap (this=0x7fffe7ee8170, __in_chrg=<optimized out>) at ../../../Source/JavaScriptCore/wtf/RefPtrHashMap.h:48
#22 WebCore::RenderWidget::resumeWidgetHierarchyUpdates () at ../../../Source/WebCore/rendering/RenderWidget.cpp:68
#23 0x0000003f19c40d44 in WebCore::ContainerNode::detach (this=0x7fc07a00e000) at ../../../Source/WebCore/dom/ContainerNode.cpp:761
#24 0x0000003f19c5d01a in WebCore::Document::detach (this=0x7fc07a00e000) at ../../../Source/WebCore/dom/Document.cpp:1776
#25 0x0000003f19ed4990 in WebCore::Frame::setView (this=0x7fc0e4ded400, view=...) at ../../../Source/WebCore/page/Frame.cpp:272
#26 0x0000003f19ed682f in WebCore::Frame::createView (this=0x7fc0e4ded400, viewportSize=..., backgroundColor=..., transparent=false, fixedLayoutSize=..., useFixedLayout=false, horizontalScrollbarMode=(anonymous namespace)::ScrollbarAuto, horizontalLock=false, verticalScrollbarMode=(anonymous namespace)::ScrollbarAuto, verticalLock=false) at ../../../Source/WebCore/page/Frame.cpp:907
#27 0x0000003f19b00c35 in WebCore::FrameLoaderClientQt::transitionToCommittedForNewPage (this=0x25c4e40) at ../../../../Source/WebKit/qt/WebCoreSupport/FrameLoaderClientQt.cpp:286
#28 0x0000003f19e6bf35 in WebCore::FrameLoader::transitionToCommitted (this=0x7fc0e4ded478, cachedPage=...) at ../../../Source/WebCore/loader/FrameLoader.cpp:2136
#29 0x0000003f19e6ed2f in WebCore::FrameLoader::commitProvisionalLoad (this=0x7fc0e4ded478) at ../../../Source/WebCore/loader/FrameLoader.cpp:1979
#30 0x0000003f19e5a18a in WebCore::DocumentLoader::commitLoad (this=0x7fc07a0eb000, data=0x52f8498 "<!DOCTYPE html>\n  <html lang=\"en\" dir=\"ltr\" >\n\n<!-- machid: yMUhkTmUtOVZ2SXdxNTNJdHQtcU9fWS16djdlc0pqT1d1Z1NCOWZXXzZKQ3h0Q25hREN2OUdB -->\n<head>\n  \n        <script>\nvar yt = yt || {};yt.timing = yt.ti"..., length=1888) at ../../../Source/WebCore/loader/DocumentLoader.cpp:299
#31 0x0000003f19e91af1 in WebCore::ResourceLoader::didReceiveData (this=0x7fc079ea6200, data=0x52f8498 "<!DOCTYPE html>\n  <html lang=\"en\" dir=\"ltr\" >\n\n<!-- machid: yMUhkTmUtOVZ2SXdxNTNJdHQtcU9fWS16djdlc0pqT1d1Z1NCOWZXXzZKQ3h0Q25hREN2OUdB -->\n<head>\n  \n        <script>\nvar yt = yt || {};yt.timing = yt.ti"..., length=1888, encodedDataLength=-1, allAtOnce=<optimized out>) at ../../../Source/WebCore/loader/ResourceLoader.cpp:279
#32 0x0000003f19e7ebc5 in WebCore::MainResourceLoader::didReceiveData (this=0x7fc079ea6200, data=0x52f8498 "<!DOCTYPE html>\n  <html lang=\"en\" dir=\"ltr\" >\n\n<!-- machid: yMUhkTmUtOVZ2SXdxNTNJdHQtcU9fWS16djdlc0pqT1d1Z1NCOWZXXzZKQ3h0Q25hREN2OUdB -->\n<head>\n  \n        <script>\nvar yt = yt || {};yt.timing = yt.ti"..., length=1888, encodedDataLength=-1, allAtOnce=false) at ../../../Source/WebCore/loader/MainResourceLoader.cpp:463
#33 0x0000003f19e90542 in WebCore::ResourceLoader::didReceiveData (this=0x7fc079ea6200, data=0x52f8498 "<!DOCTYPE html>\n  <html lang=\"en\" dir=\"ltr\" >\n\n<!-- machid: yMUhkTmUtOVZ2SXdxNTNJdHQtcU9fWS16djdlc0pqT1d1Z1NCOWZXXzZKQ3h0Q25hREN2OUdB -->\n<head>\n  \n        <script>\nvar yt = yt || {};yt.timing = yt.ti"..., length=1888, encodedDataLength=-1) at ../../../Source/WebCore/loader/ResourceLoader.cpp:430
#34 0x0000003f1a091e8d in WebCore::QNetworkReplyHandler::forwardData (this=0x5471d90) at ../../../Source/WebCore/platform/network/qt/QNetworkReplyHandler.cpp:598
#35 0x0000003f1a09401a in flush (this=0x5471dc8) at ../../../Source/WebCore/platform/network/qt/QNetworkReplyHandler.cpp:195
#36 WebCore::QNetworkReplyHandlerCallQueue::flush (this=0x5471dc8) at ../../../Source/WebCore/platform/network/qt/QNetworkReplyHandler.cpp:187
#37 0x0000003f1a094bea in ~QueueLocker (this=<synthetic pointer>, __in_chrg=<optimized out>) at ../../../Source/WebCore/platform/network/qt/QNetworkReplyHandler.cpp:203
#38 WebCore::QNetworkReplyWrapper::emitMetaDataChanged (this=0x2eb2de0) at ../../../Source/WebCore/platform/network/qt/QNetworkReplyHandler.cpp:320
#39 0x0000003f1a094cbc in WebCore::QNetworkReplyWrapper::receiveSniffedMIMEType (this=0x2eb2de0) at ../../../Source/WebCore/platform/network/qt/QNetworkReplyHandler.cpp:305
#40 0x0000003f1a094f1b in WebCore::QNetworkReplyWrapper::receiveMetaData (this=0x2eb2de0) at ../../../Source/WebCore/platform/network/qt/QNetworkReplyHandler.cpp:291
#41 0x0000003f09d8ccd1 in QMetaObject::activate (sender=0x2d4c4a0, m=<optimized out>, local_signal_index=<optimized out>, argv=0x0) at kernel/qobject.cpp:3547
#42 0x0000003f09d8ccd1 in QMetaObject::activate (sender=0x545aa60, m=<optimized out>, local_signal_index=<optimized out>, argv=0x7fffe7ee8b20) at kernel/qobject.cpp:3547
#43 0x0000003f0fefdc04 in KIO::TransferJob::data (this=<optimized out>, _t1=0x545aa60, _t2=<optimized out>) at /usr/src/debug/kdelibs-4.7.97/x86_64-redhat-linux-gnu/kio/jobclasses.moc:447
#44 0x0000003f0fefdc68 in KIO::TransferJob::slotData (this=0x545aa60, _data=...) at /usr/src/debug/kdelibs-4.7.97/kio/kio/job.cpp:981
#45 0x0000003f09d8ccd1 in QMetaObject::activate (sender=0x244e5d0, m=<optimized out>, local_signal_index=<optimized out>, argv=0x7fffe7ee8cf0) at kernel/qobject.cpp:3547
#46 0x0000003f0ffa64e2 in KIO::SlaveInterface::data (this=<optimized out>, _t1=<optimized out>) at /usr/src/debug/kdelibs-4.7.97/x86_64-redhat-linux-gnu/kio/slaveinterface.moc:160
#47 0x0000003f0ffa9730 in KIO::SlaveInterface::dispatch (this=<optimized out>, _cmd=100, rawdata=...) at /usr/src/debug/kdelibs-4.7.97/kio/kio/slaveinterface.cpp:160
#48 0x0000003f0ffa5ef5 in KIO::SlaveInterface::dispatch (this=0x244e5d0) at /usr/src/debug/kdelibs-4.7.97/kio/kio/slaveinterface.cpp:88
#49 0x0000003f0ff98fde in KIO::Slave::gotInput (this=0x244e5d0) at /usr/src/debug/kdelibs-4.7.97/kio/kio/slave.cpp:344
#50 0x0000003f09d8ccd1 in QMetaObject::activate (sender=0x2d4fb10, m=<optimized out>, local_signal_index=<optimized out>, argv=0x0) at kernel/qobject.cpp:3547
#51 0x0000003f0fecd2f7 in dequeue (this=<optimized out>) at /usr/src/debug/kdelibs-4.7.97/kio/kio/connection.cpp:82
#52 KIO::ConnectionPrivate::dequeue (this=0x270abe0) at /usr/src/debug/kdelibs-4.7.97/kio/kio/connection.cpp:71
#53 0x0000003f09d91f06 in QObject::event (this=0x2d4fb10, e=<optimized out>) at kernel/qobject.cpp:1195
#54 0x0000003f0a7c9994 in notify_helper (e=0x4de3c00, receiver=0x2d4fb10, this=0x22e38c0) at kernel/qapplication.cpp:4550
#55 QApplicationPrivate::notify_helper (this=0x22e38c0, receiver=0x2d4fb10, e=0x4de3c00) at kernel/qapplication.cpp:4522
#56 0x0000003f0a7ce813 in QApplication::notify (this=0x7fffe7ee9b30, receiver=0x2d4fb10, e=0x4de3c00) at kernel/qapplication.cpp:4411
#57 0x0000003f0e050eb6 in KApplication::notify (this=0x7fffe7ee9b30, receiver=0x2d4fb10, event=0x4de3c00) at /usr/src/debug/kdelibs-4.7.97/kdeui/kernel/kapplication.cpp:311
#58 0x0000003f09d7903c in QCoreApplication::notifyInternal (this=0x7fffe7ee9b30, receiver=0x2d4fb10, event=0x4de3c00) at kernel/qcoreapplication.cpp:876
#59 0x0000003f09d7caca in sendEvent (event=0x4de3c00, receiver=0x2d4fb10) at kernel/qcoreapplication.h:231
#60 QCoreApplicationPrivate::sendPostedEvents (receiver=0x0, event_type=0, data=0x22a94d0) at kernel/qcoreapplication.cpp:1500
#61 0x0000003f09da7923 in sendPostedEvents () at kernel/qcoreapplication.h:236
#62 postEventSourceDispatch (s=0x22e0400) at kernel/qeventdispatcher_glib.cpp:279
#63 0x0000003f08c44acd in g_main_dispatch (context=0x22e0a30) at gmain.c:2441
#64 g_main_context_dispatch (context=0x22e0a30) at gmain.c:3011
#65 0x0000003f08c452c8 in g_main_context_iterate (context=0x22e0a30, block=<optimized out>, dispatch=1, self=<optimized out>) at gmain.c:3089
#66 0x0000003f08c4549c in g_main_context_iteration (context=0x22e0a30, may_block=1) at gmain.c:3152
#67 0x0000003f09da7d4f in QEventDispatcherGlib::processEvents (this=0x22aa990, flags=<optimized out>) at kernel/qeventdispatcher_glib.cpp:424
#68 0x0000003f0a86c61e in QGuiEventDispatcherGlib::processEvents (this=<optimized out>, flags=<optimized out>) at kernel/qguieventdispatcher_glib.cpp:207
#69 0x0000003f09d78172 in QEventLoop::processEvents (this=<optimized out>, flags=...) at kernel/qeventloop.cpp:149
#70 0x0000003f09d783c7 in QEventLoop::exec (this=0x7fffe7ee9ac0, flags=...) at kernel/qeventloop.cpp:204
#71 0x0000003f09d7cdc5 in QCoreApplication::exec () at kernel/qcoreapplication.cpp:1148
#72 0x0000003f11ce6397 in kdemain (argc=1, argv=<optimized out>) at /usr/src/debug/rekonq-0.7.0/src/main.cpp:215
#73 0x0000003b01e2169d in __libc_start_main (main=0x4007c0 <main(int, char**)>, argc=1, ubp_av=0x7fffe7eea4b8, init=<optimized out>, fini=<optimized out>, rtld_fini=<optimized out>, stack_end=0x7fffe7eea4a8) at libc-start.c:226
#74 0x00000000004007f1 in _start ()

while we're at it, some terminal output prior to the crash may be relevant:

QFont::setPixelSize: Pixel size <= 0 (0)

(rekonq:25865): Gdk-CRITICAL **: IA__gdk_window_set_back_pixmap: assertion `GDK_IS_WINDOW (window)' failed

(rekonq:25865): Gdk-CRITICAL **: IA__gdk_window_get_origin: assertion `GDK_IS_WINDOW (window)' failed
void NotificationBar::destroy() deleting the bar MessageBar(0x191d390) 

(rekonq:25865): GLib-GObject-WARNING **: invalid unclassed pointer in cast to `GtkObject'

(rekonq:25865): GLib-GObject-WARNING **: instance with invalid (NULL) class pointer

(rekonq:25865): GLib-GObject-CRITICAL **: g_signal_handlers_destroy: assertion `G_TYPE_CHECK_INSTANCE (instance)' failed

(rekonq:25865): GLib-GObject-WARNING **: instance with invalid (NULL) class pointer

(rekonq:25865): GLib-GObject-CRITICAL **: g_signal_handlers_destroy: assertion `G_TYPE_CHECK_INSTANCE (instance)' failed
KCrash: Application 'rekonq' crashing...

Filed bug upstream, https://bugs.webkit.org/show_bug.cgi?id=76472

Found reference @ adobe bug tracker too,
https://bugbase.adobe.com/index.cfm?event=bug&id=3075423

Dug around on adobe site and found flash-plugin-11.2 beta to test.  Crash is gone.  Will consider this a flash-plugin bug (and something we cantfix)