[Webkit-unassigned] [Bug 21182] New: REGRESSION(r36982): Reproducible crash running fast/loader/frame-creation-removal.html

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Sat Sep 27 15:04:41 PDT 2008 

https://bugs.webkit.org/show_bug.cgi?id=21182

           Summary: REGRESSION(r36982): Reproducible crash running
                    fast/loader/frame-creation-removal.html
           Product: WebKit
           Version: 528+ (Nightly build)
          Platform: Macintosh
        OS/Version: Mac OS X 10.5
            Status: NEW
          Keywords: NeedsReduction, Regression, NeedsRadar, ReviewedForRadar
          Severity: Normal
          Priority: P1
         Component: New Bugs
        AssignedTo: webkit-unassigned at lists.webkit.org
        ReportedBy: mrowe at apple.com
                CC: hyatt at apple.com


This was introduced by <http://trac.webkit.org/changeset/36982>.  See the
second crash log entry in
<http://build.webkit.org/results/trunk-mac-ppc-release/14838/DumpRenderTree.crash.log>:

Exception:  EXC_BAD_ACCESS (0x0001)
Codes:      KERN_PROTECTION_FAILURE (0x0002) at 0x00000000

Thread 0 Crashed:
0   com.apple.WebKit            0x003d8db4
WebFrameLoaderClient::createFrame(WebCore::KURL const&, WebCore::String const&,
WebCore::HTMLFrameOwnerElement*, WebCore::String const&, bool, int, int) + 372
(WebFrameLoaderClient.mm:1090)
1   com.apple.WebCore           0x0119a97c
WebCore::FrameLoader::loadSubframe(WebCore::HTMLFrameOwnerElement*,
WebCore::KURL const&, WebCore::String const&, WebCore::String const&) + 396
(RefPtr.h:50)
2   com.apple.WebCore           0x0119c31c
WebCore::FrameLoader::requestFrame(WebCore::HTMLFrameOwnerElement*,
WebCore::String const&, WebCore::AtomicString const&) + 876
(FrameLoader.cpp:445)
3   com.apple.WebCore           0x011c7a54
WebCore::HTMLFrameElementBase::openURL() + 260 (HTMLFrameElementBase.cpp:106)
4   com.apple.WebCore           0x011c7c48
WebCore::HTMLFrameElementBase::setNameAndOpenURL() + 440
(HTMLFrameElementBase.cpp:162)
5   com.apple.WebCore           0x010a8374
WebCore::ContainerNode::dispatchPostAttachCallbacks() + 84
(ContainerNode.cpp:568)
6   com.apple.WebCore           0x010a845c WebCore::ContainerNode::attach() +
140 (ContainerNode.cpp:588)
7   com.apple.WebCore           0x01156a48 WebCore::Element::attach() + 40
(Element.cpp:662)
8   com.apple.WebCore           0x011c7138
WebCore::HTMLFrameElementBase::attach() + 72 (Node.h:367)
9   com.apple.WebCore           0x011cb948 WebCore::HTMLIFrameElement::attach()
+ 24 (Node.h:367)
10  com.apple.WebCore           0x010a76c4
WebCore::ContainerNode::appendChild(WTF::PassRefPtr<WebCore::Node>, int&, bool)
+ 564 (ContainerNode.cpp:506)
11  com.apple.WebCore           0x013038d0
WebCore::JSNode::appendChild(JSC::ExecState*, JSC::ArgList const&) + 128
(JSNodeCustom.cpp:102)
12  com.apple.JavaScriptCore    0x002b7074
JSC::Machine::privateExecute(JSC::Machine::ExecutionFlag, JSC::ExecState*,
JSC::RegisterFile*, JSC::Register*, JSC::ScopeChainNode*, JSC::JSValue**) +
39732 (Machine.cpp:3326)


-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

More information about the webkit-unassigned mailing list