[webkit-reviews] review denied: [Bug 18135] Crash in Frame::tree
appending iframe : [Attachment 20320] a patch and a layout test
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Wed Apr 23 15:07:07 PDT 2008
mitz at webkit.org has denied 's request for review:
Bug 18135: Crash in Frame::tree appending iframe
http://bugs.webkit.org/show_bug.cgi?id=18135
Attachment 20320: a patch and a layout test
http://bugs.webkit.org/attachment.cgi?id=20320&action=edit
------- Additional Comments from mitz at webkit.org
I applied the patch and then opened the test in the browser and got this crash:
#0 0x01fa2ed5 in WTF::RefPtr<WebCore::ApplicationCache>::get (this=0x4e0) at
RefPtr.h:49
#1 0x01fa2ef0 in WebCore::DocumentLoader::applicationCache (this=0x0) at
DocumentLoader.h:200
#2 0x024efa2c in WebCore::ApplicationCacheGroup::selectCacheWithoutManifestURL
(frame=0x18fe5100) at
/Volumes/Data/Safari/OpenSource/WebCore/loader/appcache/ApplicationCacheGroup.c
pp:219
#3 0x02054301 in WebCore::HTMLHtmlElement::insertedIntoDocument
(this=0x18f23740) at
/Volumes/Data/Safari/OpenSource/WebCore/html/HTMLHtmlElement.cpp:77
#4 0x01effbde in WebCore::ContainerNode::addChild (this=0x439d600,
newChild=@0xbfffd18c) at
/Volumes/Data/Safari/OpenSource/WebCore/dom/ContainerNode.cpp:599
#5 0x0207e20f in WebCore::HTMLParser::insertNode (this=0x18f236d0,
n=0x18f23740, flat=false) at
/Volumes/Data/Safari/OpenSource/WebCore/html/HTMLParser.cpp:316
#6 0x0207e529 in WebCore::HTMLParser::finished (this=0x18f236d0) at
/Volumes/Data/Safari/OpenSource/WebCore/html/HTMLParser.cpp:1441
#7 0x02095d7b in WebCore::HTMLTokenizer::end (this=0x43a5a00) at
/Volumes/Data/Safari/OpenSource/WebCore/html/HTMLTokenizer.cpp:1827
#8 0x02096123 in WebCore::HTMLTokenizer::finish (this=0x43a5a00) at
/Volumes/Data/Safari/OpenSource/WebCore/html/HTMLTokenizer.cpp:1867
#9 0x01f82d1e in WebCore::Document::finishParsing (this=0x439d600) at
/Volumes/Data/Safari/OpenSource/WebCore/dom/Document.cpp:1690
#10 0x020104a8 in WebCore::FrameLoader::endIfNotLoadingMainResource
(this=0x43a3424) at
/Volumes/Data/Safari/OpenSource/WebCore/loader/FrameLoader.cpp:1055
#11 0x020104dd in WebCore::FrameLoader::end (this=0x43a3424) at
/Volumes/Data/Safari/OpenSource/WebCore/loader/FrameLoader.cpp:1039
#12 0x02010728 in WebCore::FrameLoader::init (this=0x43a3424) at
/Volumes/Data/Safari/OpenSource/WebCore/loader/FrameLoader.cpp:294
#13 0x01ff995d in WebCore::Frame::init (this=0x18fe5100) at
/Volumes/Data/Safari/OpenSource/WebCore/page/Frame.cpp:203
warning: internal error: no C/C++ fundamental type 1
#14 0x0035f00a in WebFrameLoaderClient::createFrame (this=0x3f50b10,
url=@0xbfffd6ec, name=@0x18f201c4, ownerElement=0x18f20170,
referrer=@0xbfffd680, allowsScrolling=1, marginWidth=-1, marginHeight=-1) at
/Volumes/Data/Safari/OpenSource/WebKit/mac/WebCoreSupport/WebFrameLoaderClient.
mm:1063
#15 0x02010b0f in WebCore::FrameLoader::loadSubframe (this=0x4069e24,
ownerElement=0x18f20170, url=@0xbfffd6ec, name=@0x18f201c4,
referrer=@0x4069ef8) at
/Volumes/Data/Safari/OpenSource/WebCore/loader/FrameLoader.cpp:462
#16 0x02013407 in WebCore::FrameLoader::requestFrame (this=0x4069e24,
ownerElement=0x18f20170, urlString=@0x18f201c0, frameName=@0x18f201c4) at
/Volumes/Data/Safari/OpenSource/WebCore/loader/FrameLoader.cpp:432
#17 0x0204ef7c in WebCore::HTMLFrameElementBase::openURL (this=0x18f20170) at
/Volumes/Data/Safari/OpenSource/WebCore/html/HTMLFrameElementBase.cpp:105
#18 0x0204f562 in WebCore::HTMLFrameElementBase::setNameAndOpenURL
(this=0x18f20170) at
/Volumes/Data/Safari/OpenSource/WebCore/html/HTMLFrameElementBase.cpp:163
#19 0x0204f57b in WebCore::HTMLFrameElementBase::setNameAndOpenURLCallback
(n=0x18f20170) at
/Volumes/Data/Safari/OpenSource/WebCore/html/HTMLFrameElementBase.cpp:168
(More stack frames follow...)
This may be a separate bug but it's blocking this patch for now.
More information about the webkit-reviews
mailing list