[Webkit-unassigned] [Bug 6236] New: Crash in DOMString::replace() in ToT (12/25/05)

bugzilla-daemon at opendarwin.org bugzilla-daemon at opendarwin.org
Sat Dec 24 14:08:29 PST 2005 

http://bugzilla.opendarwin.org/show_bug.cgi?id=6236

           Summary: Crash in DOMString::replace() in ToT (12/25/05)
           Product: WebKit
           Version: 412+
          Platform: Macintosh
               URL: http://ishi.blog2.fc2.com/blog-entry-158.html
        OS/Version: Mac OS X 10.4
            Status: UNCONFIRMED
          Severity: normal
          Priority: P2
         Component: Layout and Rendering
        AssignedTo: webkit-unassigned at opendarwin.org
        ReportedBy: rosyna at unsanity.com


Crashes when connecting to the aforementioned URL. Special because said URL was on fark.com today.

Exception:  EXC_BAD_ACCESS (0x0001)
Codes:      KERN_PROTECTION_FAILURE (0x0002) at 0x00000004

Thread 0 Crashed:
0   com.apple.WebCore              	0x018b710c DOM::DOMStringImpl::replace(QChar, QChar) + 156 
(dom_stringimpl.cpp:456)
1   com.apple.WebCore              	0x01a95408 DOM::DOMString::replace(QChar, QChar) + 76 
(dom_string.h:76)
2   com.apple.WebCore              	0x0184ddc4 khtml::RenderLineEdit::updateFromElement() + 296 
(render_form.cpp:298)
3   com.apple.WebCore              	0x017d9c04 DOM::HTMLGenericFormElementImpl::attach() + 160 
(html_formimpl.cpp:798)
4   com.apple.WebCore              	0x017eb340 DOM::HTMLInputElementImpl::attach() + 796 
(html_formimpl.cpp:1753)
5   com.apple.WebCore              	0x01814240 HTMLParser::insertNode(DOM::NodeImpl*, bool) + 
636 (htmlparser.cpp:286)
6   com.apple.WebCore              	0x01814c5c HTMLParser::parseToken(khtml::Token*) + 1216 
(htmlparser.cpp:231)
7   com.apple.WebCore              	0x018178e0 khtml::HTMLTokenizer::processToken() + 564 
(htmltokenizer.cpp:1724)
8   com.apple.WebCore              	0x0181b698 khtml::HTMLTokenizer::parseTag
(khtml::TokenizerString&, khtml::HTMLTokenizer::State) + 7424 (htmltokenizer.cpp:1282)
9   com.apple.WebCore              	0x0181c158 khtml::HTMLTokenizer::write(khtml::TokenizerString 
const&, bool) + 1784 (htmltokenizer.cpp:1497)
10  com.apple.WebCore              	0x01737da8 KHTMLPart::write(char const*, int) + 860 
(khtml_part.cpp:966)
11  com.apple.WebCore              	0x016b4984 KWQKHTMLPart::addData(char const*, int) + 320 
(KWQKHTMLPart.mm:683)
12  com.apple.WebCore              	0x01724554 -[WebCoreBridge addData:] + 220 
(WebCoreBridge.mm:389)
13  com.apple.WebKit               	0x00333e7c -[WebBridge receivedData:textEncodingName:] + 236 
(WebBridge.m:494)
14  com.apple.WebKit               	0x0036eb08 -[WebHTMLRepresentation 
receivedData:withDataSource:] + 248 (WebHTMLRepresentation.m:122)
15  com.apple.WebKit               	0x0035812c -[WebDataSource(WebPrivate) _commitLoadWithData:] 
+ 164 (WebDataSource.m:1033)
16  com.apple.WebKit               	0x00356780 -[WebDataSource(WebPrivate) _receivedData:] + 196 
(WebDataSource.m:773)
17  com.apple.WebKit               	0x00393450 -[WebMainResourceLoader addData:] + 136 
(WebMainResourceLoader.m:163)
18  com.apple.WebKit               	0x003502b8 -[WebLoader didReceiveData:lengthReceived:] + 108 
(WebLoader.m:535)
19  com.apple.WebKit               	0x00394a54 -[WebMainResourceLoader 
didReceiveData:lengthReceived:] + 724 (WebMainResourceLoader.m:378)
20  com.apple.WebKit               	0x00350e1c -[WebLoader 
connection:didReceiveData:lengthReceived:] + 188 (WebLoader.m:645)
21  com.apple.Foundation           	0x92918a64 -[NSURLConnection(NSURLConnectionInternal) 
_sendDidReceiveDataCallback] + 564
22  com.apple.Foundation           	0x92916f04 -[NSURLConnection(NSURLConnectionInternal) 
_sendCallbacks] + 488
23  com.apple.Foundation           	0x92916ca0 _sendCallbacks + 156
24  com.apple.CoreFoundation       	0x9075da68 __CFRunLoopDoSources0 + 384
25  com.apple.CoreFoundation       	0x9075cf98 __CFRunLoopRun + 452
26  com.apple.CoreFoundation       	0x9075ca18 CFRunLoopRunSpecific + 268
27  com.apple.HIToolbox            	0x9318e1e0 RunCurrentEventLoopInMode + 264
28  com.apple.HIToolbox            	0x9318d874 ReceiveNextEventCommon + 380
29  com.apple.HIToolbox            	0x9318d6e0 BlockUntilNextEventMatchingListInMode + 96
30  com.apple.AppKit               	0x9368c104 _DPSNextEvent + 384
31  com.apple.AppKit               	0x9368bdc8 -[NSApplication 
nextEventMatchingMask:untilDate:inMode:dequeue:] + 116
32  com.apple.Safari               	0x000072f4 0x1000 + 25332
33  com.apple.AppKit               	0x9368830c -[NSApplication run] + 472
34  com.apple.AppKit               	0x93778e60 NSApplicationMain + 452
35  com.apple.Safari               	0x0005d028 0x1000 + 376872
36  com.apple.Safari               	0x0005cecc 0x1000 + 376524

-- 
Configure bugmail: http://bugzilla.opendarwin.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

More information about the webkit-unassigned mailing list