[Webkit-unassigned] [Bug 38928] New: Repro crash at http://www.sears.com

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Tue May 11 12:44:19 PDT 2010 

https://bugs.webkit.org/show_bug.cgi?id=38928

           Summary: Repro crash at http://www.sears.com
           Product: WebKit
           Version: 528+ (Nightly build)
          Platform: All
               URL: http://www.sears.com
        OS/Version: All
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: Page Loading
        AssignedTo: webkit-unassigned at lists.webkit.org
        ReportedBy: beidson at apple.com


1. Navigate to http://www.sears.com. 
2. Select a product category (ex. Health & Wellness > Air Treatments).
3. Press List View.
4. Select first and second product.
5. Press Compare Now.
6. Press back button.
7. Press Compare Now again.
--Observe: Nothing happens; product comparison not displayed (unexpected).
8. Select Sign In link.

Deref'ing a null DocumentLoader

#0    0x102720ba8 in WTF::OwnPtr<WebCore::ArchiveResourceCollection>::operator WebCore::ArchiveResourceCollection* WTF::OwnPtr<WebCore::ArchiveResourceCollection>::* at OwnPtr.h:69
#1    0x10271ea2e in WebCore::DocumentLoader::popArchiveForSubframe at DocumentLoader.cpp:441
#2    0x1028556ba in WebCore::FrameLoader::loadURLIntoChildFrame at FrameLoader.cpp:1082
#3    0x101fca3ab in WebFrameLoaderClient::createFrame at WebFrameLoaderClient.mm:1364
#4    0x1028559e6 in WebCore::FrameLoader::loadSubframe at FrameLoader.cpp:410
#5    0x102855cf0 in WebCore::FrameLoader::requestFrame at FrameLoader.cpp:381
#6    0x1028f1dc1 in WebCore::HTMLFrameElementBase::openURL at HTMLFrameElementBase.cpp:107
#7    0x1028f2399 in WebCore::HTMLFrameElementBase::setNameAndOpenURL at HTMLFrameElementBase.cpp:166
#8    0x1028f23b1 in WebCore::HTMLFrameElementBase::setNameAndOpenURLCallback at HTMLFrameElementBase.cpp:171
#9    0x1025cd61c in WebCore::ContainerNode::dispatchPostAttachCallbacks at ContainerNode.cpp:611
#10    0x1025cd764 in WebCore::ContainerNode::resumePostAttachCallbacks at ContainerNode.cpp:583
#11    0x1027eb223 in WebCore::Element::attach at Element.cpp:837
#12    0x1028f1964 in WebCore::HTMLFrameElementBase::attach at HTMLFrameElementBase.cpp:212
#13    0x102caa8ce in WebCore::Node::lazyAttach at Node.cpp:748
#14    0x1025cdcc1 in WebCore::ContainerNode::appendChild at ContainerNode.cpp:525
#15    0x102b03b37 in WebCore::JSNode::appendChild at JSNodeCustom.cpp:165
#16    0x102b023b6 in WebCore::jsNodePrototypeFunctionAppendChild at JSNode.cpp:471
...

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

More information about the webkit-unassigned mailing list