[Webkit-unassigned] [Bug 30492] New: WebKit crashes 100% when switching waves in Google Wave

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Sun Oct 18 08:55:40 PDT 2009 

https://bugs.webkit.org/show_bug.cgi?id=30492

           Summary: WebKit crashes 100% when switching waves in Google
                    Wave
           Product: WebKit
           Version: 528+ (Nightly build)
          Platform: Macintosh Intel
               URL: https://wave.google.com/wave/
        OS/Version: Mac OS X 10.6
            Status: UNCONFIRMED
          Severity: Critical
          Priority: P2
         Component: New Bugs
        AssignedTo: webkit-unassigned at lists.webkit.org
        ReportedBy: rex_4539 at yahoo.com


WebKit Version 4.0.3 (6531.9, r49748)

Reproducibility: always

Pre-steps:
Have a Google Wave account.

Steps:
1. Go to https://wave.google.com/wave/
2. Navigation -> All.
3. Select wave "Welcome to Google Wave".
4. Select wave "Getting started with Google Wave".
5. Repeat steps 2-3 a few times.

What happened:
5. WebKit crashes.

Thread 0 Crashed:  Dispatch queue: com.apple.main-thread
0   com.apple.WebKit                  0x00000001002efc16
WebKit::NetscapePluginInstanceProxy::loadRequest(NSURLRequest*, char const*,
bool, unsigned int&) + 134
1   com.apple.WebKit                  0x00000001002f0208
WebKit::NetscapePluginInstanceProxy::loadURL(char const*, char const*, char
const*, unsigned int, LoadURLFlags, unsigned int&) + 280
2   com.apple.WebKit                  0x00000001002e8e29 WKPCLoadURL + 153
3   com.apple.WebKit                  0x0000000100356e52 _XPCLoadURL + 242
4   com.apple.WebKit                  0x0000000100355551
WebKitPluginClient_server + 81
5   com.apple.WebKit                  0x00000001002e9652
WebKit::NetscapePluginHostProxy::processRequests() + 274
6   com.apple.WebKit                  0x00000001002ebb8c
WebKit::NetscapePluginInstanceProxy::processRequestsAndWaitForReply(unsigned
int) + 60
7   com.apple.WebKit                  0x00000001002ef4c8
WebKit::NetscapePluginInstanceProxy::destroy() + 72
8   com.apple.WebKit                  0x000000010033782c
-[WebHostedNetscapePluginView destroyPlugin] + 76
9   com.apple.WebKit                  0x0000000100301ccc
-[WebBaseNetscapePluginView viewWillMoveToSuperview:] + 44
10  com.apple.AppKit                  0x00007fff841fb427 -[NSView
_setSuperview:] + 283
11  com.apple.AppKit                  0x00007fff8423e8d0 -[NSView
removeFromSuperview] + 342
12  com.apple.WebCore                 0x0000000100fe99ef
WebCore::safeRemoveFromSuperview(NSView*) + 159
13  com.apple.WebCore                 0x0000000100fe9a81
WebCore::Widget::removeFromSuperview() + 49
14  com.apple.WebCore                 0x0000000100eb21d8
WebCore::ScrollView::removeChild(WebCore::Widget*) + 152
15  com.apple.WebCore                 0x0000000100e7d6d0
WebCore::RenderWidget::destroy() + 144
16  com.apple.WebCore                 0x0000000100d79fe6
WebCore::Node::detach() + 38
17  com.apple.WebCore                 0x000000010097189e
WebCore::Element::detach() + 110
18  com.apple.WebCore                 0x0000000100799f3c
WebCore::ContainerNode::detach() + 44
19  com.apple.WebCore                 0x000000010097189e
WebCore::Element::detach() + 110
20  com.apple.WebCore                 0x0000000100799f3c
WebCore::ContainerNode::detach() + 44
21  com.apple.WebCore                 0x000000010097189e
WebCore::Element::detach() + 110
22  com.apple.WebCore                 0x0000000100799f3c
WebCore::ContainerNode::detach() + 44
23  com.apple.WebCore                 0x000000010085f225
WebCore::Document::detach() + 213
24  com.apple.WebCore                 0x000000010099e746
WebCore::Frame::setView(WTF::PassRefPtr<WebCore::FrameView>) + 166
25  com.apple.WebCore                 0x00000001009a7d35
WebCore::FrameLoader::closeAndRemoveChild(WebCore::Frame*) + 53
26  com.apple.WebCore                 0x00000001009abafa
WebCore::FrameLoader::detachFromParent() + 154
27  com.apple.WebCore                 0x0000000100a19274
WebCore::HTMLFrameOwnerElement::willRemove() + 52
28  com.apple.WebCore                 0x0000000100799fdc
WebCore::ContainerNode::willRemove() + 44
29  com.apple.WebCore                 0x0000000100799fdc
WebCore::ContainerNode::willRemove() + 44
30  com.apple.WebCore                 0x0000000100799fdc
WebCore::ContainerNode::willRemove() + 44
31  com.apple.WebCore                 0x0000000100799fdc
WebCore::ContainerNode::willRemove() + 44
32  com.apple.WebCore                 0x0000000100799fdc
WebCore::ContainerNode::willRemove() + 44
33  com.apple.WebCore                 0x0000000100799fdc
WebCore::ContainerNode::willRemove() + 44
34  com.apple.WebCore                 0x0000000100799fdc
WebCore::ContainerNode::willRemove() + 44
35  com.apple.WebCore                 0x0000000100799fdc
WebCore::ContainerNode::willRemove() + 44
36  com.apple.WebCore                 0x0000000100799fdc
WebCore::ContainerNode::willRemove() + 44
37  com.apple.WebCore                 0x0000000100799fdc
WebCore::ContainerNode::willRemove() + 44
38  com.apple.WebCore                 0x0000000100799fdc
WebCore::ContainerNode::willRemove() + 44
39  com.apple.WebCore                 0x0000000100799fdc
WebCore::ContainerNode::willRemove() + 44
40  com.apple.WebCore                 0x0000000100799fdc
WebCore::ContainerNode::willRemove() + 44
41  com.apple.WebCore                 0x0000000100799fdc
WebCore::ContainerNode::willRemove() + 44
42  com.apple.WebCore                 0x0000000100799fdc
WebCore::ContainerNode::willRemove() + 44
43  com.apple.WebCore                 0x0000000100799fdc
WebCore::ContainerNode::willRemove() + 44
44  com.apple.WebCore                 0x0000000100799fdc
WebCore::ContainerNode::willRemove() + 44
45  com.apple.WebCore                 0x0000000100799fdc
WebCore::ContainerNode::willRemove() + 44
46  com.apple.WebCore                 0x0000000100799fdc
WebCore::ContainerNode::willRemove() + 44
47  com.apple.WebCore                 0x0000000100799fdc
WebCore::ContainerNode::willRemove() + 44
48  com.apple.WebCore                 0x000000010079c2d6
WebCore::willRemoveChild(WebCore::Node*) + 918
49  com.apple.WebCore                 0x000000010079c6c5
WebCore::ContainerNode::removeChild(WebCore::Node*, int&) + 133
50  com.apple.WebCore                 0x0000000100c46807
WebCore::JSNode::removeChild(JSC::ExecState*, JSC::ArgList const&) + 87
51  com.apple.WebCore                 0x0000000100c44c29
WebCore::jsNodePrototypeFunctionRemoveChild(JSC::ExecState*, JSC::JSObject*,
JSC::JSValue, JSC::ArgList const&) + 137
52  ???                               0x00005d232e8001c4 0 + 102405685379524
53  com.apple.JavaScriptCore          0x0000000100567428
JSC::Interpreter::execute(JSC::FunctionExecutable*, JSC::ExecState*,
JSC::JSFunction*, JSC::JSObject*, JSC::ArgList const&, JSC::ScopeChainNode*,
JSC::JSValue*) + 584
54  ???                               0x000000011d3afd80 0 + 4785372544
55  ???                               0x0000000116ce8060 0 + 4677599328
56  com.apple.WebCore                 0x0000000100b76cf0
WebCore::JSDOMWindowShell::~JSDOMWindowShell() + 0
57  ???                               0x0000441f0f66ffff 0 + 74900193083391

Expected result:
5. WebKit does not crash.

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

More information about the webkit-unassigned mailing list