[Webkit-unassigned] [Bug 57902] New: Crash in RenderMathMLSubSup::stretchToHeight()
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Tue Apr 5 16:19:06 PDT 2011
https://bugs.webkit.org/show_bug.cgi?id=57902
Summary: Crash in RenderMathMLSubSup::stretchToHeight()
Product: WebKit
Version: 528+ (Nightly build)
Platform: PC
OS/Version: Mac OS X 10.5
Status: NEW
Keywords: InRadar
Severity: Normal
Priority: P2
Component: MathML
AssignedTo: webkit-unassigned at lists.webkit.org
ReportedBy: bdakin at apple.com
<rdar://problem/8913108>
Crashing test attached.
1 com.apple.WebCore 0x7fff943b52a9 WebCore::RenderMathMLSubSup::stretchToHeight(int) + 0x47
2 com.apple.WebCore 0x7fff943b43df WebCore::RenderMathMLRow::layout() + 0x1cf
3 com.apple.WebCore 0x7fff93bd49ad WebCore::RenderBlock::layoutInlineChildren(bool, int&, int&) + 0x423
4 com.apple.WebCore 0x7fff94388eee WebCore::RenderBlock::layoutBlock(bool, int) + 0x4dc
5 com.apple.WebCore 0x7fff93bd1dda WebCore::RenderBlock::layout() + 0x28
6 com.apple.WebCore 0x7fff93bd3b97 WebCore::RenderBlock::layoutBlockChild(WebCore::RenderBox*, WebCore::RenderBlock::MarginInfo&, int&, int&) + 0x2db
7 com.apple.WebCore 0x7fff93bd319b WebCore::RenderBlock::layoutBlockChildren(bool, int&) + 0x2b3
8 com.apple.WebCore 0x7fff94388f09 WebCore::RenderBlock::layoutBlock(bool, int) + 0x4f7
9 com.apple.WebCore 0x7fff93bd1dda WebCore::RenderBlock::layout() + 0x28
10 com.apple.WebCore 0x7fff93bd3b97 WebCore::RenderBlock::layoutBlockChild(WebCore::RenderBox*, WebCore::RenderBlock::MarginInfo&, int&, int&) + 0x2db
11 com.apple.WebCore 0x7fff93bd319b WebCore::RenderBlock::layoutBlockChildren(bool, int&) + 0x2b3
12 com.apple.WebCore 0x7fff94388f09 WebCore::RenderBlock::layoutBlock(bool, int) + 0x4f7
13 com.apple.WebCore 0x7fff93bd1dda WebCore::RenderBlock::layout() + 0x28
14 com.apple.WebCore 0x7fff93bd3b97 WebCore::RenderBlock::layoutBlockChild(WebCore::RenderBox*, WebCore::RenderBlock::MarginInfo&, int&, int&) + 0x2db
15 com.apple.WebCore 0x7fff93bd319b WebCore::RenderBlock::layoutBlockChildren(bool, int&) + 0x2b3
16 com.apple.WebCore 0x7fff94388f09 WebCore::RenderBlock::layoutBlock(bool, int) + 0x4f7
17 com.apple.WebCore 0x7fff93bd1dda WebCore::RenderBlock::layout() + 0x28
18 com.apple.WebCore 0x7fff93bd1cf5 WebCore::RenderView::layout() + 0x21f
19 com.apple.WebCore 0x7fff93bd0ef8 WebCore::FrameView::layout(bool) + 0x6c6
20 com.apple.WebCore 0x7fff93c15810 WebCore::Document::updateLayoutIgnorePendingStylesheets() + 0x6e
21 com.apple.WebCore 0x7fff9402fa43 WebCore::Editor::Command::execute(WTF::String const&, WebCore::Event*) const + 0x81
22 com.apple.WebCore 0x7fff93f8ae76 WebCore::Document::execCommand(WTF::String const&, bool, WTF::String const&) + 0x70
23 com.apple.WebCore 0x7fff941bc58b WebCore::jsDocumentPrototypeFunctionExecCommand(JSC::ExecState*) + 0x1eb
24 0x000024a8d52001b8 0 + 40307548750264
25 com.apple.JavaScriptCore 0x7fff910c9269 JSC::Interpreter::execute(JSC::ProgramExecutable*, JSC::ExecState*, JSC::ScopeChainNode*, JSC::JSObject*) + 0x22d
26 com.apple.JavaScriptCore 0x7fff9101595c JSC::evaluate(JSC::ExecState*, JSC::ScopeChain&, JSC::SourceCode const&, JSC::JSValue) + 0xfc
27 com.apple.WebCore 0x7fff943ee345 WebCore::ScriptController::evaluateInWorld(WebCore::ScriptSourceCode const&, WebCore::DOMWrapperWorld*, WebCore::ShouldAllowXSS) + 0x1b5
28 com.apple.WebCore 0x7fff943ee73f WebCore::ScriptController::evaluate(WebCore::ScriptSourceCode const&, WebCore::ShouldAllowXSS) + 0x2f
29 com.apple.WebCore 0x7fff943efbb1 WebCore::ScriptController::executeScript(WebCore::ScriptSourceCode const&, WebCore::ShouldAllowXSS) + 0x51
30 com.apple.WebCore 0x7fff943f3487 WebCore::ScriptElement::executeScript(WebCore::ScriptSourceCode const&) + 0x57
31 com.apple.WebCore 0x7fff940d60f4 WebCore::HTMLScriptRunner::runScript(WebCore::Element*, WTF::TextPosition<WTF::OneBasedNumber> const&) + 0x2aa
32 com.apple.WebCore 0x7fff940d68b7 WebCore::HTMLScriptRunner::execute(WTF::PassRefPtr<WebCore::Element>, WTF::TextPosition<WTF::OneBasedNumber> const&) + 0x17
33 com.apple.WebCore 0x7fff940b3e69 WebCore::HTMLDocumentParser::runScriptsForPausedTreeBuilder() + 0x57
34 com.apple.WebCore 0x7fff940b403c WebCore::HTMLDocumentParser::pumpTokenizer(WebCore::HTMLDocumentParser::SynchronousMode) + 0x16e
35 com.apple.WebCore 0x7fff940b44ce WebCore::HTMLDocumentParser::append(WebCore::SegmentedString const&) + 0x96
36 com.apple.WebCore 0x7fff93f849c9 WebCore::DecodedDataDocumentParser::appendBytes(WebCore::DocumentWriter*, char const*, int, bool) + 0x165
37 com.apple.WebCore 0x7fff93f95491 WebCore::DocumentLoader::commitData(char const*, int) + 0xa9
38 com.apple.WebKit 0x7fff8c43c9a2 -[WebHTMLRepresentation receivedData:withDataSource:] + 0x62
39 com.apple.WebKit 0x7fff8c43c8a0 -[WebDataSource(WebInternal) _receivedData:] + 0x50
40 com.apple.WebKit 0x7fff8c43c82b WebFrameLoaderClient::committedLoad(WebCore::DocumentLoader*, char const*, int) + 0x69
41 com.apple.WebCore 0x7fff93be82b5 WebCore::DocumentLoader::commitLoad(char const*, int) + 0x8b
42 com.apple.WebCore 0x7fff93be7ed2 WebCore::ResourceLoader::didReceiveData(char const*, int, long long, bool) + 0x36
43 com.apple.WebCore 0x7fff93be7e2d WebCore::MainResourceLoader::didReceiveData(char const*, int, long long, bool) + 0x26b
44 com.apple.WebCore 0x7fff93be7b95 WebCore::ResourceLoader::didReceiveData(WebCore::ResourceHandle*, char const*, int, int) + 0x95
45 com.apple.Foundation 0x7fff8a4a61c9 ___NSURLConnectionDidReceiveData_block_invoke_1 + 0x90
46 com.apple.Foundation 0x7fff8a3c8882 _NSURLConnectionDidReceiveData + 0x56
47 com.apple.CFNetwork 0x7fff90100e4c URLConnectionClient::_clientDidReceiveData(__CFData const*, URLConnectionClient::ClientConnectionEventQueue*) + 0x110
48 com.apple.CFNetwork 0x7fff901b6c14 URLConnectionClient::ClientConnectionEventQueue::processAllEventsAndConsumePayload(XConnectionEventInfo<XClientEvent, XClientEventParams>*, long) + 0x14e
49 com.apple.CFNetwork 0x7fff901b6e44 URLConnectionClient::ClientConnectionEventQueue::processAllEventsAndConsumePayload(XConnectionEventInfo<XClientEvent, XClientEventParams>*, long) + 0x37e
50 com.apple.CFNetwork 0x7fff900f336b URLConnectionClient::processEvents() + 0xc1
51 com.apple.CFNetwork 0x7fff900f3230 MultiplexerSource::perform() + 0xd4
52 com.apple.CoreFoundation 0x7fff8c6027ed __CFRunLoopDoSources0 + 0xfd
53 com.apple.CoreFoundation 0x7fff8c6021b9 __CFRunLoopRun + 0x389
54 com.apple.CoreFoundation 0x7fff8c601bf6 CFRunLoopRunSpecific + 0xe6
55 com.apple.HIToolbox 0x7fff8d298fef RunCurrentEventLoopInMode + 0x115
56 com.apple.HIToolbox 0x7fff8d298de9 ReceiveNextEventCommon + 0x163
57 com.apple.HIToolbox 0x7fff8d298c76 BlockUntilNextEventMatchingListInMode + 0x3e
58 com.apple.AppKit 0x7fff8ebca2b9 _DPSNextEvent + 0x293
59 com.apple.AppKit 0x7fff8ebc9bbe -[NSApplication nextEventMatchingMask:untilDate:inMode:dequeue:] + 0x87
60 com.apple.Safari.framework 0x7fff91c755fc -[BrowserApplication nextEventMatchingMask:untilDate:inMode:dequeue:] + 0xab
61 com.apple.AppKit 0x7fff8eb8ea7d -[NSApplication run] + 0x1c8
62 com.apple.AppKit 0x7fff8eb87861 NSApplicationMain + 0x35c
63 com.apple.Safari.framework 0x7fff91dd68ca SafariMain + 0xc5
64 com.apple.Safari 0x10b00ff24 start + 0x0
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list