[Webkit-unassigned] [Bug 12458] New: Crash near W3C-SVG-1.1/animate-elem-08-t.svg running layout tests under guard malloc
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Mon Jan 29 05:25:19 PST 2007
http://bugs.webkit.org/show_bug.cgi?id=12458
Summary: Crash near W3C-SVG-1.1/animate-elem-08-t.svg running
layout tests under guard malloc
Product: WebKit
Version: 420+ (nightly)
Platform: Macintosh
OS/Version: Mac OS X 10.4
Status: NEW
Keywords: LayoutTestFailure
Severity: Major
Priority: P1
Component: SVG
AssignedTo: webkit-unassigned at lists.webkit.org
ReportedBy: bdash at webkit.org
During run-webkit-tests --svg --guard-malloc, DumpRenderTree crashes shortly
after W3C-SVG-1.1/animate-elem-08-t.svg. The buildbot appears to be seeing
this *without* guard malloc.
Exception: EXC_BAD_ACCESS (0x0001)
Codes: KERN_PROTECTION_FAILURE (0x0002) at 0xef4ff000
Thread 0 Crashed:
0 com.apple.WebCore 0x01050910 WebCore::isWhitespace(unsigned short
const&) + 12 (SVGParserUtilities.h:35)
1 com.apple.WebCore 0x01053e2f
WebCore::parseValues(WTF::Vector<WebCore::String, (unsigned long)0>&,
WebCore::String const&) + 145 (SVGAnimationElement.cpp:153)
2 com.apple.WebCore 0x010550eb
WebCore::SVGAnimationElement::parseMappedAttribute(WebCore::MappedAttribute*) +
1699 (SVGAnimationElement.cpp:303)
3 com.apple.WebCore 0x0124116d
WebCore::StyledElement::attributeChanged(WebCore::Attribute*, bool) + 489
(StyledElement.cpp:180)
4 com.apple.WebCore 0x012465d7
WebCore::NamedAttrMap::addAttribute(WebCore::Attribute*) + 289
(NamedAttrMap.cpp:289)
5 com.apple.WebCore 0x01249d5c
WebCore::Element::setAttribute(WebCore::QualifiedName const&,
WebCore::StringImpl*, int&) + 368 (Element.cpp:399)
6 com.apple.WebCore 0x01249e8e
WebCore::Element::setAttributeNS(WebCore::String const&, WebCore::String
const&, WebCore::String const&, int&) + 202 (Element.cpp:809)
7 com.apple.WebCore 0x0102b75d
WebCore::handleElementAttributes(WebCore::Element*, unsigned char const**, int,
int&) + 431 (XMLTokenizer.cpp:625)
8 com.apple.WebCore 0x0102e7f3
WebCore::XMLTokenizer::startElementNs(unsigned char const*, unsigned char
const*, unsigned char const*, int, unsigned char const**, int, int, unsigned
char const**) + 723 (XMLTokenizer.cpp:670)
9 com.apple.WebCore 0x0102ec45
WebCore::startElementNsHandler(void*, unsigned char const*, unsigned char
const*, unsigned char const*, int, unsigned char const**, int, int, unsigned
char const**) + 95 (XMLTokenizer.cpp:985)
10 libxml2.2.dylib 0x9293aad5 xmlParseStartTag + 8465
11 libxml2.2.dylib 0x9291a4df xmlParseChunk + 1912
12 com.apple.WebCore 0x0102b95e
WebCore::XMLTokenizer::write(WebCore::SegmentedString const&, bool) + 314
(XMLTokenizer.cpp:570)
13 com.apple.WebCore 0x013b7d49 WebCore::FrameLoader::write(char
const*, int, bool) + 923 (FrameLoader.cpp:898)
14 com.apple.WebCore 0x013b7e7b WebCore::FrameLoader::addData(char
const*, int) + 275 (FrameLoader.cpp:1519)
15 com.apple.WebCore 0x010fc445 -[WebCoreFrameBridge addData:] + 163
(WebCoreFrameBridge.mm:293)
16 com.apple.WebCore 0x010ff950 -[WebCoreFrameBridge
receivedData:textEncodingName:] + 250 (WebCoreFrameBridge.mm:1508)
17 com.apple.WebKit 0x002323c9 -[WebHTMLRepresentation
receivedData:withDataSource:] + 199 (WebHTMLRepresentation.mm:174)
18 com.apple.WebKit 0x0022db61 -[WebDataSource(WebInternal)
_receivedData:] + 89 (WebDataSource.mm:178)
19 com.apple.WebKit 0x0029361d
WebFrameLoaderClient::committedLoad(WebCore::DocumentLoader*, char const*, int)
+ 127 (WebFrameLoaderClient.mm:642)
20 com.apple.WebCore 0x013b476d
WebCore::FrameLoader::committedLoad(WebCore::DocumentLoader*, char const*, int)
+ 53 (FrameLoader.cpp:2945)
21 com.apple.WebCore 0x013c4d7f
WebCore::DocumentLoader::commitLoad(char const*, int) + 87
(DocumentLoader.cpp:327)
22 com.apple.WebCore 0x013c4dd8
WebCore::DocumentLoader::receivedData(char const*, int) + 76
(DocumentLoader.cpp:340)
23 com.apple.WebCore 0x013b3ba7
WebCore::FrameLoader::receivedData(char const*, int) + 41
(FrameLoader.cpp:1910)
24 com.apple.WebCore 0x013c5fc2
WebCore::MainResourceLoader::addData(char const*, int, bool) + 80
(MainResourceLoader.cpp:135)
25 com.apple.WebCore 0x013c7e87
WebCore::ResourceLoader::didReceiveData(char const*, int, long long, bool) + 83
26 com.apple.WebCore 0x013c62f7
WebCore::MainResourceLoader::didReceiveData(char const*, int, long long, bool)
+ 281 (MainResourceLoader.cpp:304)
27 com.apple.WebCore 0x013c7aee
WebCore::ResourceLoader::didReceiveData(WebCore::ResourceHandle*, char const*,
int, int) + 58
28 com.apple.WebCore 0x013a6b64 -[WebCoreResourceHandleAsDelegate
connection:didReceiveData:lengthReceived:] + 172 (ResourceHandleMac.mm:350)
29 com.apple.Foundation 0x9265bb86
-[NSURLConnection(NSURLConnectionInternal) _sendDidReceiveDataCallback] + 641
30 com.apple.Foundation 0x92659e67
-[NSURLConnection(NSURLConnectionInternal) _sendCallbacks] + 686
31 com.apple.Foundation 0x92659b41 _sendCallbacks + 201
32 com.apple.CoreFoundation 0x90829379 CFRunLoopRunSpecific + 1213
33 com.apple.CoreFoundation 0x90828eb5 CFRunLoopRunInMode + 61
34 com.apple.Foundation 0x9262adc6 -[NSRunLoop runMode:beforeDate:] +
182
35 DumpRenderTree 0x00009d72 runTest + 943
(DumpRenderTree.m:1078)
36 DumpRenderTree 0x00006d5b dumpRenderTree + 3355
(DumpRenderTree.m:403)
37 DumpRenderTree 0x00006f7a main + 70 (DumpRenderTree.m:454)
38 DumpRenderTree 0x00002dde _start + 216
39 DumpRenderTree 0x00002d05 start + 41
--
Configure bugmail: http://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
More information about the webkit-unassigned
mailing list