[Webkit-unassigned] [Bug 13203] REGRESSION: Problems playing embedded DIVX movie

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Tue Mar 27 09:46:54 PDT 2007 

http://bugs.webkit.org/show_bug.cgi?id=13203


bdash at webkit.org changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |bdash at webkit.org
             Status|UNCONFIRMED                 |NEW
     Ever Confirmed|0                           |1
           Keywords|                            |Regression
           Priority|P2                          |P1
            Summary|Problems playing embedded   |REGRESSION: Problems playing
                   |DIVX movie                  |embedded DIVX movie




------- Comment #4 from bdash at webkit.org  2007-03-27 09:46 PDT -------
I can reproduce this crash with ToT.  With r19968 I do not experience a crash,
but after reloading the page then closing the tab Safari starts using a *huge*
amount of memory.  I killed it after it reached 1.5GB, but reproduced the
behaviour a second time.

I'm seeing what looks to be user-controlled data being dereferenced which
triggers the crash.  Patricia's crash log shows several instances of crashing
while dereferencing 0x50504320 ("PPC ") and I have seen other values such as
0xf97223d1 or 0x56e58975.  The two most common address I am seeing dereferenced
causing the crash are 0xc0000000 and 0x00000020.

I have also seen a third failure mode that appears at random:

2007-03-28 02:27:29.057 Safari[39550:117] *** -[NSConcreteMutableData
errorForReason:]: selector not recognized [self = 0x187f6350]
ASSERTION FAILED: Uncaught exception - *** -[NSConcreteMutableData
errorForReason:]: selector not recognized [self = 0x187f6350]
0
(WebCore/platform/mac/BlockExceptions.mm:36 void
ReportBlockedObjCException(NSException*))

Program received signal EXC_BAD_ACCESS, Could not access memory.
Reason: KERN_INVALID_ADDRESS at address: 0xbbadbeef
0x0132a9b3 in ReportBlockedObjCException (localException=0x181a6a60) at
WebCore/platform/mac/BlockExceptions.mm:36
36          ASSERT_WITH_MESSAGE(0, "Uncaught exception - %@", localException);
(gdb) 


-- 
Configure bugmail: http://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

More information about the webkit-unassigned mailing list