[Webkit-unassigned] [Bug 93651] New: One-click, reproducible webkit crash

Thu Aug 9 13:44:35 PDT 2012

https://bugs.webkit.org/show_bug.cgi?id=93651

           Summary: One-click, reproducible webkit crash
           Product: WebKit
           Version: 528+ (Nightly build)
          Platform: Macintosh
        OS/Version: Mac OS X 10.7
            Status: UNCONFIRMED
          Severity: Critical
          Priority: P1
         Component: JavaScriptCore
        AssignedTo: webkit-unassigned at lists.webkit.org
        ReportedBy: fabian at mailinator.com

Webkit will crash reproducibly when opening a specific url in a new tab.

To do:

1. Place the following code on any web page anywhere:
     <html>
     <head> <title>crash webkit</title> </head>
     <body> <a href="http://mashable.com/2012/08/09/mars-rover-landing-stats/">crash</a> </body>
     </html>

2. Visit that page (the one you have just created) in your browser.

3. Holding down the command/splat/clover key to "open page in new tab", click on the link.

Observed behaviour:
  Webkit crashes and crash reporter pops up with a crash report.

Expected behaviour:
 Webkit would not crash.

This appears to be related to bug 92397:
  https://bugs.webkit.org/show_bug.cgi?id=92397
however, the mechanism for triggering it is new.  Bug 92397 is
triggered by *closing* windows. This is triggered by opening a new tab.

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.