[Webkit-unassigned] [Bug 15091] New: Crash during layout

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Mon Aug 27 05:48:49 PDT 2007 

http://bugs.webkit.org/show_bug.cgi?id=15091

           Summary: Crash during layout
           Product: WebKit
           Version: 522+ (nightly)
          Platform: Macintosh
               URL: http://www.wherethebloodyhellareyou.com/
        OS/Version: Mac OS X 10.5
            Status: NEW
          Keywords: NeedsRadar
          Severity: Major
          Priority: P1
         Component: New Bugs
        AssignedTo: webkit-unassigned at lists.webkit.org
        ReportedBy: mrowe at apple.com


Steps to reproduce:
1) Visit http://www.wherethebloodyhellareyou.com/
2) Click "View the TV Ad"
3) *crash*

Backtrace is as follows:
Exception Type:  EXC_BAD_ACCESS (SIGBUS)
Exception Codes: KERN_PROTECTION_FAILURE at 0x0000000000000090
Crashed Thread:  0

Thread 0 Crashed:
0   com.apple.WebCore                   0x017200b0
WebCore::RenderLayer::setStaticX(int) + 12 (RenderLayer.h:345)
1   com.apple.WebCore                   0x0171bba9
WebCore::RenderBox::setStaticX(int) + 147 (RenderBox.cpp:1516)
2   com.apple.WebCore                   0x016f36d7
WebCore::RenderBlock::skipWhitespace(WebCore::BidiIterator&,
WebCore::BidiResolver<WebCore::BidiIterator, WebCore::BidiRun>&) + 549
(bidi.cpp:1297)
3   com.apple.WebCore                   0x016f3833
WebCore::RenderBlock::findNextLineBreak(WebCore::BidiIterator&,
WebCore::BidiResolver<WebCore::BidiIterator, WebCore::BidiRun>&) + 43
(bidi.cpp:1317)
4   com.apple.WebCore                   0x016f76e8
WebCore::RenderBlock::layoutInlineChildren(bool, int&, int&) + 3010
(bidi.cpp:965)
5   com.apple.WebCore                   0x01711ff9
WebCore::RenderBlock::layoutBlock(bool) + 1307 (RenderBlock.cpp:579)
6   com.apple.WebCore                   0x01702770
WebCore::RenderBlock::layout() + 54 (RenderBlock.cpp:493)
7   com.apple.WebCore                   0x016f8751
WebCore::RenderObject::layoutIfNeeded() + 41 (RenderObject.h:476)
8   com.apple.WebCore                   0x01710800
WebCore::RenderBlock::layoutBlockChildren(bool) + 1466 (RenderBlock.cpp:1214)
9   com.apple.WebCore                   0x01712011
WebCore::RenderBlock::layoutBlock(bool) + 1331 (RenderBlock.cpp:584)
10  com.apple.WebCore                   0x01702770
WebCore::RenderBlock::layout() + 54 (RenderBlock.cpp:493)
11  com.apple.WebCore                   0x016f8751
WebCore::RenderObject::layoutIfNeeded() + 41 (RenderObject.h:476)
12  com.apple.WebCore                   0x01710800
WebCore::RenderBlock::layoutBlockChildren(bool) + 1466 (RenderBlock.cpp:1214)
13  com.apple.WebCore                   0x01712011
WebCore::RenderBlock::layoutBlock(bool) + 1331 (RenderBlock.cpp:584)
14  com.apple.WebCore                   0x01702770
WebCore::RenderBlock::layout() + 54 (RenderBlock.cpp:493)
15  com.apple.WebCore                   0x0172236e
WebCore::RenderView::layout() + 310 (RenderView.cpp:114)
16  com.apple.WebCore                   0x0169dc4f
WebCore::FrameView::layout(bool) + 1919 (FrameView.cpp:430)
17  com.apple.WebCore                   0x0169df21
WebCore::FrameView::layoutTimerFired(WebCore::Timer<WebCore::FrameView>*) + 25
(FrameView.cpp:646)
18  com.apple.WebCore                   0x0169f9ad
WebCore::Timer<WebCore::FrameView>::fired() + 89 (Timer.h:98)
19  com.apple.WebCore                   0x017e5558
WebCore::TimerBase::fireTimers(double, WTF::Vector<WebCore::TimerBase*, 0ul>
const&) + 198 (Timer.cpp:339)
20  com.apple.WebCore                   0x017e5600
WebCore::TimerBase::sharedTimerFired() + 110 (Timer.cpp:359)
21  com.apple.WebCore                   0x017e4b94
WebCore::timerFired(__CFRunLoopTimer*, void*) + 78 (SharedTimerMac.cpp:85)
22  com.apple.CoreFoundation            0x95c70fee CFRunLoopRunSpecific + 4494
23  com.apple.CoreFoundation            0x95c711a8 CFRunLoopRunInMode + 88
24  com.apple.HIToolbox                 0x95d70758 RunCurrentEventLoopInMode +
283
25  com.apple.HIToolbox                 0x95d70571 ReceiveNextEventCommon + 374
26  com.apple.HIToolbox                 0x95d703e5
BlockUntilNextEventMatchingListInMode + 106
27  com.apple.AppKit                    0x93aeb813 _DPSNextEvent + 657
28  com.apple.AppKit                    0x93aeb159 -[NSApplication
nextEventMatchingMask:untilDate:inMode:dequeue:] + 128
29  com.apple.Safari                    0x000231b1 -[BrowserApplication
nextEventMatchingMask:untilDate:inMode:dequeue:] + 171
30  com.apple.AppKit                    0x93ae430b -[NSApplication run] + 795
31  com.apple.AppKit                    0x93ab1758 NSApplicationMain + 663
32  com.apple.Safari                    0x000aafe1 main + 90
33  com.apple.Safari                    0x000023f2 start + 54


-- 
Configure bugmail: http://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

More information about the webkit-unassigned mailing list