WebKit Bugzilla
New
Browse
Log In
×
Sign in with GitHub
or
Remember my login
Create Account
·
Forgot Password
Forgotten password account recovery
RESOLVED FIXED
12585
PAC file: after closing a window that contains macworld.com, new window crashes (KJS::PropertyMap::mark())
https://bugs.webkit.org/show_bug.cgi?id=12585
Summary
PAC file: after closing a window that contains macworld.com, new window crash...
Maciej Stachowiak
Reported
2007-02-04 10:59:37 PST
2006-05-27 17:15:11 Geoff Garen: Reason for clone: Cloning to Leopard because we need to fix this in TOT, too. <original text: begin> 5/25/06 11:01 AM Chris Petersen: * SUMMARY After loading macworld.com an closing the window, attempting to open a new window results in a crash. This crash only occurs when I have a proxy set using the attached file. * STEPS TO REPRODUCE 1. Download the attached test.pac file 2. Go to System Prefs - Network -Built in Ethernet. Click Proxies tab and check "Automatic Proxy Configuration". Click Choose file button and select the test.pac file. Click Apply Now. 3. Under 8J117, launch Safari and go to macworld.com. 4. After page loads, close this window. 5. Pressing command -N creates a new window then crashes. * RESULTS No crash should occur after opening a new window but does. * REGRESSION This does occur with 8J117 /8JJ16 but not sure if this occurs under 10.4.6. Going to take a look. Date/Time: 2006-05-25 10:41:12.130 -0700 OS Version: 10.4.7 (Build 8J117) Report Version: 4 Command: Safari Path: /Applications/Safari.app/Contents/MacOS/Safari Parent: WindowServer [209] Version: 2.0.4 (419.1) Build Version: 2 Project Name: WebBrowser Source Version: 4190100 PID: 242 Thread: 0 Exception: EXC_BAD_ACCESS (0x0001) Codes: KERN_PROTECTION_FAILURE (0x0002) at 0x00000008 Thread 0 Crashed: 0 com.apple.JavaScriptCore 0x95bd0b48 KJS::PropertyMap::mark() const + 164 1 com.apple.JavaScriptCore 0x95bd0a58 KJS::ObjectImp::mark() + 84 2 com.apple.WebCore 0x95dfd174 KJS::ScriptInterpreter::mark(bool) + 172 3 com.apple.JavaScriptCore 0x95bed910 KJS::InterpreterImp::mark(bool) + 348 4 com.apple.JavaScriptCore 0x95bd072c KJS::Collector::collect() + 96 5 com.apple.JavaScriptCore 0x95bac308 KJS::Collector::allocate(unsigned long) + 64 6 com.apple.JavaScriptCore 0x95bf25f4 KJS::Value::Value[unified](KJS::UString const&) + 44 7 com.apple.JavaScriptCore 0x95bc6b04 KJS::StringNode::evaluate(KJS::ExecState*) + 28 8 com.apple.JavaScriptCore 0x95bc9154 KJS::AddNode::evaluate(KJS::ExecState*) + 156 9 com.apple.JavaScriptCore 0x95bc612c KJS::AssignNode::evaluate(KJS::ExecState*) + 448 10 com.apple.JavaScriptCore 0x95bc5eac KJS::ExprStatementNode::execute(KJS::ExecState*) + 120 11 com.apple.JavaScriptCore 0x95bc09ac KJS::SourceElementsNode::execute(KJS::ExecState*) + 544 12 com.apple.JavaScriptCore 0x95bc071c KJS::BlockNode::execute(KJS::ExecState*) + 140 13 com.apple.JavaScriptCore 0x95bd0214 KJS::ForNode::execute(KJS::ExecState*) + 592 14 com.apple.JavaScriptCore 0x95bc09ac KJS::SourceElementsNode::execute(KJS::ExecState*) + 544 15 com.apple.JavaScriptCore 0x95bc071c KJS::BlockNode::execute(KJS::ExecState*) + 140 16 com.apple.JavaScriptCore 0x95bcd60c KJS::DeclaredFunctionImp::execute(KJS::ExecState*) + 44 17 com.apple.JavaScriptCore 0x95bcce88 KJS::FunctionImp::call(KJS::ExecState*, KJS::Object&, KJS::List const&) + 408 18 com.apple.JavaScriptCore 0x95bc2988 KJS::Object::call(KJS::ExecState*, KJS::Object&, KJS::List const&) + 136 19 com.apple.JavaScriptCore 0x95bc12a8 KJS::FunctionCallNode::evaluate(KJS::ExecState*) + 1040 20 com.apple.JavaScriptCore 0x95bc9154 KJS::AddNode::evaluate(KJS::ExecState*) + 156 21 com.apple.JavaScriptCore 0x95bc6070 KJS::AssignNode::evaluate(KJS::ExecState*) + 260 22 com.apple.JavaScriptCore 0x95bc5eac KJS::ExprStatementNode::execute(KJS::ExecState*) + 120 23 com.apple.JavaScriptCore 0x95bc09ac KJS::SourceElementsNode::execute(KJS::ExecState*) + 544 24 com.apple.JavaScriptCore 0x95bc071c KJS::BlockNode::execute(KJS::ExecState*) + 140 25 com.apple.JavaScriptCore 0x95bcbbf4 KJS::IfNode::execute(KJS::ExecState*) + 440 26 com.apple.JavaScriptCore 0x95bc09ac KJS::SourceElementsNode::execute(KJS::ExecState*) + 544 27 com.apple.JavaScriptCore 0x95bc071c KJS::BlockNode::execute(KJS::ExecState*) + 140 28 com.apple.JavaScriptCore 0x95bef2b4 KJS::WithNode::execute(KJS::ExecState*) + 456 29 com.apple.JavaScriptCore 0x95bc085c KJS::SourceElementsNode::execute(KJS::ExecState*) + 208 30 com.apple.JavaScriptCore 0x95bc071c KJS::BlockNode::execute(KJS::ExecState*) + 140 31 com.apple.JavaScriptCore 0x95bcd60c KJS::DeclaredFunctionImp::execute(KJS::ExecState*) + 44 32 com.apple.JavaScriptCore 0x95bcce88 KJS::FunctionImp::call(KJS::ExecState*, KJS::Object&, KJS::List const&) + 408 33 com.apple.JavaScriptCore 0x95bc2988 KJS::Object::call(KJS::ExecState*, KJS::Object&, KJS::List const&) + 136 34 com.apple.JavaScriptCore 0x95bc12a8 KJS::FunctionCallNode::evaluate(KJS::ExecState*) + 1040 35 com.apple.JavaScriptCore 0x95bc6070 KJS::AssignNode::evaluate(KJS::ExecState*) + 260 36 com.apple.JavaScriptCore 0x95bc5eac KJS::ExprStatementNode::execute(KJS::ExecState*) + 120 37 com.apple.JavaScriptCore 0x95bc09ac KJS::SourceElementsNode::execute(KJS::ExecState*) + 544 38 com.apple.JavaScriptCore 0x95bc071c KJS::BlockNode::execute(KJS::ExecState*) + 140 39 com.apple.JavaScriptCore 0x95bcd60c KJS::DeclaredFunctionImp::execute(KJS::ExecState*) + 44 40 com.apple.JavaScriptCore 0x95bcce88 KJS::FunctionImp::call(KJS::ExecState*, KJS::Object&, KJS::List const&) + 408 41 com.apple.JavaScriptCore 0x95bc2988 KJS::Object::call(KJS::ExecState*, KJS::Object&, KJS::List const&) + 136 42 com.apple.JavaScriptCore 0x95bdc494 KJS::DeclaredFunctionImp::construct(KJS::ExecState*, KJS::List const&) + 244 43 com.apple.JavaScriptCore 0x95bc8880 KJS::NewExprNode::evaluate(KJS::ExecState*) + 652 44 com.apple.JavaScriptCore 0x95bc6070 KJS::AssignNode::evaluate(KJS::ExecState*) + 260 45 com.apple.JavaScriptCore 0x95bc6650 KJS::GroupNode::evaluate(KJS::ExecState*) + 40 46 com.apple.JavaScriptCore 0x95bce3bc KJS::ConditionalNode::evaluate(KJS::ExecState*) + 200 47 com.apple.JavaScriptCore 0x95bc5eac KJS::ExprStatementNode::execute(KJS::ExecState*) + 120 48 com.apple.JavaScriptCore 0x95bc09ac KJS::SourceElementsNode::execute(KJS::ExecState*) + 544 49 com.apple.JavaScriptCore 0x95bc071c KJS::BlockNode::execute(KJS::ExecState*) + 140 50 com.apple.JavaScriptCore 0x95bb9554 KJS::InterpreterImp::evaluate(KJS::UString const&, KJS::Value const&, KJS::UString const&, int) + 1156 51 com.apple.JavaScriptCore 0x95bb8f60 KJS::Interpreter::evaluate(KJS::UString const&, int, KJS::UString const&, KJS::Value const&) + 64 52 com.apple.WebCore 0x95cd8528 KJSProxyImpl::evaluate(QString, int, QString const&, DOM::Node const&) + 192 53 com.apple.WebCore 0x95cd83fc KHTMLPart::executeScript(QString, int, DOM::Node const&, QString const&) + 144 54 com.apple.WebCore 0x95cd8200 khtml::HTMLTokenizer::scriptExecution(QString const&, QString, int) + 448 55 com.apple.WebCore 0x95d0dbd8 khtml::HTMLTokenizer::notifyFinished(khtml::CachedObject*) + 312 56 com.apple.WebCore 0x95cd7bd4 khtml::HTMLTokenizer::scriptHandler() + 916 57 com.apple.WebCore 0x95cccf4c khtml::HTMLTokenizer::parseSpecial(khtml::TokenizerString&) + 548 58 com.apple.WebCore 0x95ca9784 khtml::HTMLTokenizer::parseTag(khtml::TokenizerString&) + 6660 59 com.apple.WebCore 0x95ca753c khtml::HTMLTokenizer::write(khtml::TokenizerString const&, bool) + 928 60 com.apple.WebCore 0x95ca2ba8 KHTMLPart::write(char const*, int) + 852 61 com.apple.WebKit 0x95b0766c -[WebDataSource(WebPrivate) _commitLoadWithData:] + 92 62 com.apple.WebKit 0x95ad2e28 -[WebMainResourceClient addData:] + 84 63 com.apple.WebKit 0x95ad2d54 -[WebBaseResourceHandleDelegate didReceiveData:lengthReceived:] + 68 64 com.apple.WebKit 0x95b2e62c -[WebMainResourceClient didReceiveData:lengthReceived:] + 136 65 com.apple.WebKit 0x95ad2cf0 -[WebBaseResourceHandleDelegate connection:didReceiveData:lengthReceived:] + 60 66 com.apple.Foundation 0x929725d4 -[NSURLConnection(NSURLConnectionInternal) _sendDidReceiveDataCallback] + 564 67 com.apple.Foundation 0x92970a74 -[NSURLConnection(NSURLConnectionInternal) _sendCallbacks] + 488 68 com.apple.Foundation 0x92970810 _sendCallbacks + 156 69 com.apple.CoreFoundation 0x907dc4cc __CFRunLoopDoSources0 + 384 70 com.apple.CoreFoundation 0x907db9fc __CFRunLoopRun + 452 71 com.apple.CoreFoundation 0x907db47c CFRunLoopRunSpecific + 268 72 com.apple.HIToolbox 0x931e6740 RunCurrentEventLoopInMode + 264 73 com.apple.HIToolbox 0x931e5dd4 ReceiveNextEventCommon + 380 74 com.apple.HIToolbox 0x931e5c40 BlockUntilNextEventMatchingListInMode + 96 75 com.apple.AppKit 0x93710ae4 _DPSNextEvent + 384 76 com.apple.AppKit 0x937107a8 -[NSApplication nextEventMatchingMask:untilDate:inMode:dequeue:] + 116 77 com.apple.Safari 0x00006700 0x1000 + 22272 78 com.apple.AppKit 0x9370ccec -[NSApplication run] + 472 79 com.apple.AppKit 0x937fd87c NSApplicationMain + 452 80 com.apple.Safari 0x0005c73c 0x1000 + 374588 81 com.apple.Safari 0x0005c5e4 0x1000 + 374244 Thread 1: 0 libSystem.B.dylib 0x9000b268 mach_msg_trap + 8 1 libSystem.B.dylib 0x9000b1bc mach_msg + 60 2 com.apple.CoreFoundation 0x907dbb78 __CFRunLoopRun + 832 3 com.apple.CoreFoundation 0x907db47c CFRunLoopRunSpecific + 268 4 com.apple.Foundation 0x9294f164 -[NSRunLoop runMode:beforeDate:] + 172 5 com.apple.Foundation 0x9294f09c -[NSRunLoop run] + 76 6 com.apple.WebKit 0x95ac3f70 +[WebFileDatabase _syncLoop:] + 176 7 com.apple.Foundation 0x92940194 forkThreadForFunction + 108 8 libSystem.B.dylib 0x9002bc28 _pthread_body + 96 Thread 2: 0 libSystem.B.dylib 0x9000b268 mach_msg_trap + 8 1 libSystem.B.dylib 0x9000b1bc mach_msg + 60 2 com.apple.CoreFoundation 0x907dbb78 __CFRunLoopRun + 832 3 com.apple.CoreFoundation 0x907db47c CFRunLoopRunSpecific + 268 4 com.apple.Foundation 0x9296769c +[NSURLConnection(NSURLConnectionInternal) _resourceLoadLoop:] + 264 5 com.apple.Foundation 0x92940194 forkThreadForFunction + 108 6 libSystem.B.dylib 0x9002bc28 _pthread_body + 96 Thread 3: 0 libSystem.B.dylib 0x9000b268 mach_msg_trap + 8 1 libSystem.B.dylib 0x9000b1bc mach_msg + 60 2 com.apple.CoreFoundation 0x907dbb78 __CFRunLoopRun + 832 3 com.apple.CoreFoundation 0x907db47c CFRunLoopRunSpecific + 268 4 com.apple.Foundation 0x929687dc +[NSURLCache _diskCacheSyncLoop:] + 152 5 com.apple.Foundation 0x92940194 forkThreadForFunction + 108 6 libSystem.B.dylib 0x9002bc28 _pthread_body + 96 Thread 4: 0 libSystem.B.dylib 0x9001f7ac select + 12 1 com.apple.CoreFoundation 0x907ee40c __CFSocketManager + 472 2 libSystem.B.dylib 0x9002bc28 _pthread_body + 96 Thread 5: 0 libSystem.B.dylib 0x9002c2e8 semaphore_wait_signal_trap + 8 1 libSystem.B.dylib 0x90030dcc pthread_cond_wait + 480 2 com.apple.Foundation 0x92947300 -[NSConditionLock lockWhenCondition:] + 68 3 com.apple.Syndication 0x9b53442c -[AsyncDB _run:] + 192 4 com.apple.Foundation 0x92940194 forkThreadForFunction + 108 5 libSystem.B.dylib 0x9002bc28 _pthread_body + 96 Thread 0 crashed with PPC Thread State 64: srr0: 0x0000000095bd0b48 srr1: 0x100000000200f030 vrsave: 0x0000000000000000 cr: 0x24022488 xer: 0x0000000020000000 lr: 0x0000000095bd0a58 ctr: 0x0000000095bd0a04 r0: 0x0000000000006858 r1: 0x00000000bfffbfc0 r2: 0x0000000000000000 r3: 0x0000000004568cc8 r4: 0x0000000000000002 r5: 0x0000000001965400 r6: 0xffffffffffffffff r7: 0x0000000000000002 r8: 0x0000000000000001 r9: 0x0000000000000000 r10: 0x0000000095cecdec r11: 0x00000000a5c7f568 r12: 0x0000000095bd0a04 r13: 0x0000000000000000 r14: 0x0000000000000001 r15: 0x0000000000000001 r16: 0x0000000000000000 r17: 0x0000000000000000 r18: 0x0000000000006157 r19: 0x0000000000000000 r20: 0x0000000000000001 r21: 0x0000000000000000 r22: 0x00000000bfffc950 r23: 0x00000000bfffc880 r24: 0x00000000a5bc5f80 r25: 0x00000000bfffc4a0 r26: 0x0000000000000001 r27: 0x00000000bfffc0a0 r28: 0x0000000000000010 r29: 0x000000000000000c r30: 0x0000000005e66118 r31: 0x0000000095bed7c0 Binary Images Description: 0x1000 - 0xdcfff com.apple.Safari 2.0.4 (419.1) /Applications/Safari.app/Contents/MacOS/Safari 0x4a94000 - 0x4a96fff com.apple.textencoding.unicode 2.0 /System/Library/TextEncodings/Unicode Encodings.bundle/Contents/MacOS/Unicode Encodings 0x8fe00000 - 0x8fe52fff dyld 45.1 /usr/lib/dyld 0x90000000 - 0x901bbfff libSystem.B.dylib /usr/lib/libSystem.B.dylib 0x90213000 - 0x90218fff libmathCommon.A.dylib /usr/lib/system/libmathCommon.A.dylib 0x9021a000 - 0x90267fff com.apple.CoreText 1.0.2 (???) /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/CoreText.framework/Versions/A/CoreText 0x90292000 - 0x90343fff ATS /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ATS.framework/Versions/A/ATS 0x90372000 - 0x9072cfff com.apple.CoreGraphics 1.258.32 (???) /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/CoreGraphics.framework/Versions/A/CoreGraphics 0x907b9000 - 0x90892fff com.apple.CoreFoundation 6.4.6 (368.27) /System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation 0x908db000 - 0x908dbfff com.apple.CoreServices 10.4 (???) /System/Library/Frameworks/CoreServices.framework/Versions/A/CoreServices 0x908dd000 - 0x909dffff libicucore.A.dylib /usr/lib/libicucore.A.dylib 0x90a39000 - 0x90abdfff libobjc.A.dylib /usr/lib/libobjc.A.dylib 0x90ae7000 - 0x90b57fff IOKit /System/Library/Frameworks/IOKit.framework/Versions/A/IOKit 0x90b6d000 - 0x90b7ffff libauto.dylib /usr/lib/libauto.dylib 0x90b86000 - 0x90e5dfff com.apple.CoreServices.CarbonCore 681.4 /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/CarbonCore.framework/Versions/A/CarbonCore 0x90ec3000 - 0x90f43fff com.apple.CoreServices.OSServices 4.1 /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/OSServices.framework/Versions/A/OSServices 0x90f8d000 - 0x90fcefff com.apple.CFNetwork 129.16 /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/CFNetwork.framework/Versions/A/CFNetwork 0x90fe3000 - 0x90ffbfff com.apple.WebServices 1.1.2 (1.1.0) /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/WebServicesCore.framework/Versions/A/WebServicesCore 0x9100b000 - 0x9108cfff com.apple.SearchKit 1.0.5 /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/SearchKit.framework/Versions/A/SearchKit 0x910d2000 - 0x910fbfff com.apple.Metadata 10.4.4 (121.36) /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/Metadata.framework/Versions/A/Metadata 0x9110c000 - 0x9111afff libz.1.dylib /usr/lib/libz.1.dylib 0x9111d000 - 0x912d7fff com.apple.security 4.4 (27566) /System/Library/Frameworks/Security.framework/Versions/A/Security 0x913d5000 - 0x913defff com.apple.DiskArbitration 2.1 /System/Library/Frameworks/DiskArbitration.framework/Versions/A/DiskArbitration 0x913e5000 - 0x9140dfff com.apple.SystemConfiguration 1.8.3 /System/Library/Frameworks/SystemConfiguration.framework/Versions/A/SystemConfiguration 0x91420000 - 0x9142bfff libgcc_s.1.dylib /usr/lib/libgcc_s.1.dylib 0x91430000 - 0x91438fff libbsm.dylib /usr/lib/libbsm.dylib 0x9143c000 - 0x914b7fff com.apple.audio.CoreAudio 3.0.4 /System/Library/Frameworks/CoreAudio.framework/Versions/A/CoreAudio 0x914f4000 - 0x914f4fff com.apple.ApplicationServices 10.4 (???) /System/Library/Frameworks/ApplicationServices.framework/Versions/A/ApplicationServices 0x914f6000 - 0x9152efff com.apple.AE 1.5 (297) /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/AE.framework/Versions/A/AE 0x91549000 - 0x91616fff com.apple.ColorSync 4.4.4 /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ColorSync.framework/Versions/A/ColorSync 0x9166b000 - 0x916fcfff com.apple.print.framework.PrintCore 4.6 (177.12) /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/PrintCore.framework/Versions/A/PrintCore 0x91743000 - 0x917fafff com.apple.QD 3.10.14 (???) /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/QD.framework/Versions/A/QD 0x91837000 - 0x91895fff com.apple.HIServices 1.5.3 (???) /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/HIServices.framework/Versions/A/HIServices 0x918c4000 - 0x918e5fff com.apple.LangAnalysis 1.6.1 /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/LangAnalysis.framework/Versions/A/LangAnalysis 0x918f9000 - 0x9191efff com.apple.FindByContent 1.5 /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/FindByContent.framework/Versions/A/FindByContent 0x91931000 - 0x91973fff com.apple.LaunchServices 179 /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/LaunchServices.framework/Versions/A/LaunchServices 0x9198f000 - 0x919a3fff com.apple.speech.synthesis.framework 3.3 /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/SpeechSynthesis.framework/Versions/A/SpeechSynthesis 0x919b1000 - 0x919f1fff com.apple.ImageIO.framework 1.4.7 /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ImageIO.framework/Versions/A/ImageIO 0x91a07000 - 0x91acffff libcrypto.0.9.7.dylib /usr/lib/libcrypto.0.9.7.dylib 0x91b1d000 - 0x91b32fff libcups.2.dylib /usr/lib/libcups.2.dylib 0x91b37000 - 0x91b54fff libJPEG.dylib /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ImageIO.framework/Versions/A/Resources/libJPEG.dylib 0x91b59000 - 0x91bc8fff libJP2.dylib /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ImageIO.framework/Versions/A/Resources/libJP2.dylib 0x91bdf000 - 0x91be3fff libGIF.dylib /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ImageIO.framework/Versions/A/Resources/libGIF.dylib 0x91be5000 - 0x91c2dfff libRaw.dylib /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ImageIO.framework/Versions/A/Resources/libRaw.dylib 0x91c32000 - 0x91c6ffff libTIFF.dylib /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ImageIO.framework/Versions/A/Resources/libTIFF.dylib 0x91c76000 - 0x91c8ffff libPng.dylib /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ImageIO.framework/Versions/A/Resources/libPng.dylib 0x91c94000 - 0x91c97fff libRadiance.dylib /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ImageIO.framework/Versions/A/Resources/libRadiance.dylib 0x91c99000 - 0x91c99fff com.apple.Accelerate 1.2.2 (Accelerate 1.2.2) /System/Library/Frameworks/Accelerate.framework/Versions/A/Accelerate 0x91c9b000 - 0x91d80fff com.apple.vImage 2.4 /System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vImage.framework/Versions/A/vImage 0x91d88000 - 0x91da7fff com.apple.Accelerate.vecLib 3.2.2 (vecLib 3.2.2) /System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vecLib.framework/Versions/A/vecLib 0x91e13000 - 0x91e81fff libvMisc.dylib /System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vecLib.framework/Versions/A/libvMisc.dylib 0x91e8c000 - 0x91f21fff libvDSP.dylib /System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vecLib.framework/Versions/A/libvDSP.dylib 0x91f3b000 - 0x924c3fff libBLAS.dylib /System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vecLib.framework/Versions/A/libBLAS.dylib 0x924f6000 - 0x92821fff libLAPACK.dylib /System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vecLib.framework/Versions/A/libLAPACK.dylib 0x92851000 - 0x928d9fff com.apple.DesktopServices 1.3.4 /System/Library/PrivateFrameworks/DesktopServicesPriv.framework/Versions/A/DesktopServicesPriv 0x9291a000 - 0x92b45fff com.apple.Foundation 6.4.6 (567.27) /System/Library/Frameworks/Foundation.framework/Versions/C/Foundation 0x92c63000 - 0x92d41fff libxml2.2.dylib /usr/lib/libxml2.2.dylib 0x92d61000 - 0x92e4ffff libiconv.2.dylib /usr/lib/libiconv.2.dylib 0x92e61000 - 0x92e7ffff libGL.dylib /System/Library/Frameworks/OpenGL.framework/Versions/A/Libraries/libGL.dylib 0x92e8a000 - 0x92ee4fff libGLU.dylib /System/Library/Frameworks/OpenGL.framework/Versions/A/Libraries/libGLU.dylib 0x92f02000 - 0x92f02fff com.apple.Carbon 10.4 (???) /System/Library/Frameworks/Carbon.framework/Versions/A/Carbon 0x92f04000 - 0x92f18fff com.apple.ImageCapture 3.0 /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/ImageCapture.framework/Versions/A/ImageCapture 0x92f30000 - 0x92f40fff com.apple.speech.recognition.framework 3.4 /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/SpeechRecognition.framework/Versions/A/SpeechRecognition 0x92f4c000 - 0x92f61fff com.apple.securityhi 2.0 (203) /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/SecurityHI.framework/Versions/A/SecurityHI 0x92f73000 - 0x92ffafff com.apple.ink.framework 101.2 (69) /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/Ink.framework/Versions/A/Ink 0x9300e000 - 0x93019fff com.apple.help 1.0.3 (32) /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/Help.framework/Versions/A/Help 0x93023000 - 0x93050fff com.apple.openscripting 1.2.5 (???) /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/OpenScripting.framework/Versions/A/OpenScripting 0x9306a000 - 0x93079fff com.apple.print.framework.Print 5.2 (192.4) /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/Print.framework/Versions/A/Print 0x93085000 - 0x930ebfff com.apple.htmlrendering 1.1.2 /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/HTMLRendering.framework/Versions/A/HTMLRendering 0x9311c000 - 0x9316bfff com.apple.NavigationServices 3.4.4 (3.4.3) /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/NavigationServices.framework/Versions/A/NavigationServices 0x93199000 - 0x931b6fff com.apple.audio.SoundManager 3.9 /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/CarbonSound.framework/Versions/A/CarbonSound 0x931c8000 - 0x931d5fff com.apple.CommonPanels 1.2.2 (73) /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/CommonPanels.framework/Versions/A/CommonPanels 0x931de000 - 0x934ebfff com.apple.HIToolbox 1.4.8 (???) /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/HIToolbox.framework/Versions/A/HIToolbox 0x9363a000 - 0x93646fff com.apple.opengl 1.4.7 /System/Library/Frameworks/OpenGL.framework/Versions/A/OpenGL 0x9364b000 - 0x9366bfff com.apple.DirectoryService.Framework 3.1 /System/Library/Frameworks/DirectoryService.framework/Versions/A/DirectoryService 0x93706000 - 0x93706fff com.apple.Cocoa 6.4 (???) /System/Library/Frameworks/Cocoa.framework/Versions/A/Cocoa 0x93708000 - 0x93d3bfff com.apple.AppKit 6.4.7 (824.41) /System/Library/Frameworks/AppKit.framework/Versions/C/AppKit 0x940c8000 - 0x94138fff com.apple.CoreData 80 /System/Library/Frameworks/CoreData.framework/Versions/A/CoreData 0x94171000 - 0x94234fff com.apple.audio.toolbox.AudioToolbox 1.4.3 /System/Library/Frameworks/AudioToolbox.framework/Versions/A/AudioToolbox 0x94286000 - 0x94286fff com.apple.audio.units.AudioUnit 1.4 /System/Library/Frameworks/AudioUnit.framework/Versions/A/AudioUnit 0x94288000 - 0x9443bfff com.apple.QuartzCore 1.4.8 /System/Library/Frameworks/QuartzCore.framework/Versions/A/QuartzCore 0x9448e000 - 0x944cbfff libsqlite3.0.dylib /usr/lib/libsqlite3.0.dylib 0x944d3000 - 0x94523fff libGLImage.dylib /System/Library/Frameworks/OpenGL.framework/Versions/A/Libraries/libGLImage.dylib 0x945b3000 - 0x945ebfff com.apple.vmutils 4.0.0 (85) /System/Library/PrivateFrameworks/vmutils.framework/Versions/A/vmutils 0x9462e000 - 0x9464afff com.apple.securityfoundation 2.2 (27710) /System/Library/Frameworks/SecurityFoundation.framework/Versions/A/SecurityFoundation 0x9465e000 - 0x946a2fff com.apple.securityinterface 2.2 (27692) /System/Library/Frameworks/SecurityInterface.framework/Versions/A/SecurityInterface 0x946c6000 - 0x946d5fff libCGATS.A.dylib /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/CoreGraphics.framework/Versions/A/Resources/libCGATS.A.dylib 0x946dd000 - 0x946eafff libCSync.A.dylib /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/CoreGraphics.framework/Versions/A/Resources/libCSync.A.dylib 0x94730000 - 0x94749fff libRIP.A.dylib /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/CoreGraphics.framework/Versions/A/Resources/libRIP.A.dylib 0x94cae000 - 0x94ddefff com.apple.AddressBook.framework 4.0.4 (485.1) /System/Library/Frameworks/AddressBook.framework/Versions/A/AddressBook 0x94e70000 - 0x94e7ffff com.apple.DSObjCWrappers.Framework 1.1 /System/Library/PrivateFrameworks/DSObjCWrappers.framework/Versions/A/DSObjCWrappers 0x94e87000 - 0x94eb4fff com.apple.LDAPFramework 1.4.1 (69.0.1) /System/Library/Frameworks/LDAP.framework/Versions/A/LDAP 0x94ebb000 - 0x94ecbfff libsasl2.2.dylib /usr/lib/libsasl2.2.dylib 0x94ecf000 - 0x94efefff libssl.0.9.7.dylib /usr/lib/libssl.0.9.7.dylib 0x94f0e000 - 0x94f2bfff libresolv.9.dylib /usr/lib/libresolv.9.dylib 0x95ac1000 - 0x95b4ffff com.apple.WebKit 418.8 /System/Library/Frameworks/WebKit.framework/Versions/A/WebKit 0x95bab000 - 0x95c41fff com.apple.JavaScriptCore 418.2 /System/Library/Frameworks/WebKit.framework/Versions/A/Frameworks/JavaScriptCore.framework/Versions/A/JavaScriptCore 0x95c7e000 - 0x95f8afff com.apple.WebCore 418.9 /System/Library/Frameworks/WebKit.framework/Versions/A/Frameworks/WebCore.framework/Versions/A/WebCore 0x96113000 - 0x9613cfff libxslt.1.dylib /usr/lib/libxslt.1.dylib 0x97044000 - 0x97051fff com.apple.JavaScriptGlue 418 /System/Library/PrivateFrameworks/JavaScriptGlue.framework/Versions/A/JavaScriptGlue 0x9b531000 - 0x9b567fff com.apple.Syndication 1.0.6 (54) /System/Library/PrivateFrameworks/Syndication.framework/Versions/A/Syndication 0x9b584000 - 0x9b596fff com.apple.SyndicationUI 1.0.6 (54) /System/Library/PrivateFrameworks/SyndicationUI.framework/Versions/A/SyndicationUI Model: PowerMac7,3, BootROM 5.1.8f7, 2 processors, PowerPC G5 (3.0), 2.5 GHz, 512 MB Graphics: ATI Radeon 9600 XT, ATY,RV360, AGP, 128 MB Memory Module: DIMM0/J11, 256 MB, DDR SDRAM, PC3200U-30330 Memory Module: DIMM1/J12, 256 MB, DDR SDRAM, PC3200U-30330 Modem: Jump, , V.92, Version 1.0, Network Service: Built-in Ethernet, Ethernet, en0 Serial ATA Device: ST3160023AS, 149.05 GB Parallel ATA Device: PIONEER DVD-RW DVR-117D, USB Device: Hub in Apple Pro Keyboard, Mitsumi Electric, Up to 12 Mb/sec, 500 mA USB Device: Apple Optical USB Mouse, Logitech, Up to 1.5 Mb/sec, 100 mA USB Device: Apple Pro Keyboard, Mitsumi Electric, Up to 12 Mb/sec, 250 mA USB Device: Hub, , Up to 12 Mb/sec, 500 mA USB Device: Studio Display, , Up to 1.5 Mb/sec, 500 mA </original text: end> 2006-05-27 17:15:11 Cloned from problemID
rdar://problem/4562599
by: Geoff Garen. 2006-05-27 17:15:11 Geoff Garen: <original text: begin> 2006-05-25 11:19:04 Alice Liu: I have no been able to find any similar existing crashes 2006-05-25 11:30:35 Chris Petersen: This appears to be a regression since I can't reproduce with 10.4.6 with these same steps and PAC file. This also isn't occurring with TOT either. 2006-05-25 14:59:51 Geoff Garen: I was able to repro, but I'm blocked right now because macworld.com seems to be down. (!) 2006-05-25 15:40:08 Chris Petersen: Macworld.com is up and running once again :) 2006-05-25 17:08:13 Geoff Garen: Looks like we've got an object in the DOM node cache that didn't get an opportunity to mark its children during a previous collect. So, it's trying to mark children that have been destroyed already. I suspect the object should have been removed from the cache when its child was destroyed, but was protected from removal because it was marked as "not thread-safe." 2006-05-25 17:38:51 Chris Petersen: Another site I have seen this same crash is
http://www.businessweek.com/technology/index.html
. Clicking on each tab at the top of the page (Top News, BW Magazine, Investing, Asia, Europe, Technology, Autos, Innovation, Small Biz, B-Schools, Careers) has reproduced this crash. I will check against this site too when we have a fix. 2006-05-25 20:17:42 Geoff Garen: I have a patch awaiting review. 2006-05-26 13:55:52 Geoff Garen: The issue here was that we were relying on WebCore's ScriptInterpreter to mark certain objects, but, after the last window has been closed, there's no WebCore ScriptInterpreter around to do that collecting. 2006-05-26 19:17:40 Geoff Garen: Patch had some problems. Re-working now. 2006-05-27 17:13:52 Geoff Garen: Tim, 'patch-PAC.txt' is ready to land on the branch. Maciej reviewed it. </original text: end> Reason for clone: Cloning to Leopard because we need to fix this in TOT, too. 2006-05-27 17:16:15 Geoff Garen: On TOT, if we implement the rule that all DOM objects must be put in the cache, then we can eliminate the m_destructorIsThreadSafe bit on JS objects, and just mark the DOM object cache when on an alternate thread. 2006-05-30 11:34:36 Alice Liu: Safari BRB Reviewed 2006-06-20 11:07:28 Alice Liu: Safari WWDC BRB Reviewed 2006-12-24 18:45:13 Geoff Garen: <
rdar://problem/4900579
> may just require us to make WebCore destructors thread-safe. If so, this bug will just go away. <
rdar://problem/4565394
>
Attachments
Add attachment
proposed patch, testcase, etc.
Mark Rowe (bdash)
Comment 1
2007-03-06 20:46:31 PST
Geoff landed a fix for this in
r20004
.
Note
You need to
log in
before you can comment on or make changes to this bug.
Top of Page
Format For Printing
XML
Clone This Bug