[Webkit-unassigned] [Bug 26434] New: REGRESSION: SVG demo crashes Safari 4 (does not crash Safari 3.x)
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Tue Jun 16 00:06:26 PDT 2009
https://bugs.webkit.org/show_bug.cgi?id=26434
Summary: REGRESSION: SVG demo crashes Safari 4 (does not crash
Safari 3.x)
Product: WebKit
Version: 528+ (Nightly build)
Platform: Macintosh
URL: http://codinginparadise.org/projects/svgweb/samples/demo
.html
OS/Version: Mac OS X 10.5
Status: NEW
Severity: Normal
Priority: P1
Component: CSS
AssignedTo: webkit-unassigned at lists.webkit.org
ReportedBy: eric at webkit.org
REGRESSION: SVG demo crashes Safari 4 (does not crash Safari 3.x)
http://codinginparadise.org/projects/svgweb/samples/demo.html
Exception Type: EXC_BAD_ACCESS (SIGBUS)
Exception Codes: KERN_PROTECTION_FAILURE at 0x0000000000000288
Crashed Thread: 0
Thread 0 Crashed:
0 com.apple.WebCore 0x93739238
WebCore::CSSStyleSelector::initElementAndPseudoState(WebCore::Element*) + 24
1 com.apple.WebCore 0x9373890b
WebCore::CSSStyleSelector::styleForElement(WebCore::Element*,
WebCore::RenderStyle*, bool, bool) + 75
2 com.apple.WebCore 0x937388ae
WebCore::Node::styleForRenderer() + 126
3 com.apple.WebCore 0x93c2c8ec
WebCore::SVGClipPathElement::canvasResource() + 124
4 com.apple.WebCore 0x93a36bda
WebCore::SVGStyledElement::invalidateResourcesInAncestorChain() const + 58
5 com.apple.WebCore 0x93a36adb
WebCore::SVGStyledElement::svgAttributeChanged(WebCore::QualifiedName const&) +
75
6 com.apple.WebCore 0x93a38151
WebCore::SVGRectElement::svgAttributeChanged(WebCore::QualifiedName const&) +
33
7 com.apple.WebCore 0x937952a7
WebCore::NamedNodeMap::addAttribute(WTF::PassRefPtr<WebCore::Attribute>) + 119
8 com.apple.WebCore 0x938b57bd
WebCore::Element::setAttribute(WebCore::AtomicString const&,
WebCore::AtomicString const&, int&) + 589
9 com.apple.WebCore 0x938b53bd
WebCore::JSElement::setAttribute(JSC::ExecState*, JSC::ArgList const&) + 301
10 com.apple.WebCore 0x938b5263
WebCore::jsElementPrototypeFunctionSetAttribute(JSC::ExecState*,
JSC::JSObject*, JSC::JSValue, JSC::ArgList const&) + 115
11 ??? 0x00ff620f 0 + 16736783
12 com.apple.JavaScriptCore 0x916f25dc
JSC::Interpreter::execute(JSC::FunctionBodyNode*, JSC::ExecState*,
JSC::JSFunction*, JSC::JSObject*, JSC::ArgList const&, JSC::ScopeChainNode*,
JSC::JSValue*) + 524
13 com.apple.JavaScriptCore 0x91601115 JSC::call(JSC::ExecState*,
JSC::JSValue, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList
const&) + 149
14 com.apple.WebCore 0x9381a27a
WebCore::JSEventListener::handleEvent(WebCore::Event*, bool) + 2074
15 com.apple.WebCore 0x938c398d
WebCore::XMLHttpRequest::dispatchReadyStateChangeEvent() + 141
16 com.apple.WebCore 0x938c38ce
WebCore::XMLHttpRequest::callReadyStateChangeListener() + 30
17 com.apple.WebCore 0x938e9167
WebCore::XMLHttpRequest::didFinishLoading(unsigned long) + 455
18 com.apple.WebCore 0x937c98fd
WebCore::SubresourceLoader::didFinishLoading() + 45
19 com.apple.Foundation 0x90ee34a7
-[NSURLConnection(NSURLConnectionReallyInternal) sendDidFinishLoading] + 87
Full crash log attached.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
More information about the webkit-unassigned
mailing list