[Webkit-unassigned] [Bug 40953] New: Reproducible crash in com.apple.WebCore 0x01ed3784 WebCore::RenderLineBoxList::appendLineBox(WebCore::InlineFlowBox*) + 36

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Mon Jun 21 16:15:33 PDT 2010 

https://bugs.webkit.org/show_bug.cgi?id=40953

           Summary: Reproducible crash in com.apple.WebCore 0x01ed3784
                    WebCore::RenderLineBoxList::appendLineBox(WebCore::Inl
                    ineFlowBox*) + 36
           Product: WebKit
           Version: 528+ (Nightly build)
          Platform: Macintosh PowerPC
               URL: http://dev.w3.org/SVG/profiles/1.1F2/test/harness/html
                    Object/text-tref-02-b.html
        OS/Version: Mac OS X 10.4
            Status: NEW
          Severity: Critical
          Priority: P2
         Component: WebCore Misc.
        AssignedTo: webkit-unassigned at lists.webkit.org
        ReportedBy: lars.sonchocky-helldorf at hamburg.de


I get a reproducible crash when visiting http://dev.w3.org/SVG/profiles/1.1F2/test/harness/htmlObject/text-tref-02-b.html with the current WebKit Nightly (Safari Version 4.1 (4533.16, r61502) on Mac OS X 10.4.11 PowerPC G4)

Date/Time:      2010-06-22 01:02:15.067 +0200
OS Version:     10.4.11 (Build 8S165)
Report Version: 4

Command: Safari
Path:    /Applications/Safari.app/Contents/MacOS/Safari
Parent:  WindowServer [60]

Version: r61502 (61502)

PID:    5474
Thread: 0

Exception:  EXC_BAD_ACCESS (0x0001)
Codes:      KERN_PROTECTION_FAILURE (0x0002) at 0x00000034

Thread 0 Crashed:
0   com.apple.WebCore            0x01ed3784 WebCore::RenderLineBoxList::appendLineBox(WebCore::InlineFlowBox*) + 36
1   com.apple.WebCore            0x01ebcecc WebCore::RenderInline::createAndAppendInlineFlowBox() + 60
2   com.apple.WebCore            0x01e7f108 WebCore::RenderBlock::createLineBoxes(WebCore::RenderObject*, bool) + 328
3   com.apple.WebCore            0x01e7f340 WebCore::RenderBlock::constructLine(unsigned, WebCore::BidiRun*, WebCore::BidiRun*, bool, bool, WebCore::RenderObject*) + 432
4   com.apple.WebCore            0x01e85390 WebCore::RenderBlock::layoutInlineChildren(bool, int&, int&) + 3952
5   com.apple.WebCore            0x01e75b40 WebCore::RenderBlock::layoutBlock(bool) + 1472
6   com.apple.WebCore            0x01e61d6c WebCore::RenderBlock::layout() + 76
7   com.apple.WebCore            0x01eb3c40 WebCore::RenderForeignObject::layout() + 528
8   com.apple.WebCore            0x02092548 WebCore::SVGRenderBase::layoutChildren(WebCore::RenderObject*, bool) + 328
9   com.apple.WebCore            0x01f082c8 WebCore::RenderSVGHiddenContainer::layout() + 40
10  com.apple.WebCore            0x02092548 WebCore::SVGRenderBase::layoutChildren(WebCore::RenderObject*, bool) + 328
11  com.apple.WebCore            0x01f07c48 WebCore::RenderSVGContainer::layout() + 360
12  com.apple.WebCore            0x02092548 WebCore::SVGRenderBase::layoutChildren(WebCore::RenderObject*, bool) + 328
13  com.apple.WebCore            0x01f196f8 WebCore::RenderSVGRoot::layout() + 504
14  com.apple.WebCore            0x01e711ac WebCore::RenderBlock::layoutBlockChild(WebCore::RenderBox*, WebCore::RenderBlock::MarginInfo&, int&, int&) + 812

see attached crash log

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

More information about the webkit-unassigned mailing list