Created attachment 14939 [details] File contains two crash reports from movie window close crashes from Apple Leopard demo site

Reproducible: 1) open URL 2) click "Watch the demo" 3) click the (X) button at the top left on the movie view pane during playback or after 4) crash

Added REGRESSION to summary because the crash does not occur in Safari.app, just in the nightly build WebKit.app.

Thanks for the bug reports, Gibbons! However, it appears that you have some haxies, APEs or Input Managers installed, which may cause these types of crashes. Please remove/disable them, then try to reproduce this bug again. Thanks! 0x824e000 - 0x8251fff com.lemkesoft.GraphicConverterCMI 1.1 /Users/gibbonsb/Library/Contextual Menu Items/GraphicConverterCMI.plugin/Contents/MacOS/GraphicConverterCMI 0x8605000 - 0x891afff com.macromedia.Flash Player.plugin 9.0.45.0 (1.0.1f41) /Library/Internet Plug-Ins/Flash Player.plugin/Contents/MacOS/Flash Player 0xa705000 - 0xa7fafff com.elgato.mpegsupport EyeTV MPEG Support 1.0.4 (build 35) (1.0.4) /Library/QuickTime/EyeTV MPEG Support.component/Contents/MacOS/EyeTV MPEG Support 0xae1f000 - 0xae21fff com.chronosnet.StickyBrainMenu ??? (2.1) /Users/gibbonsb/Library/Contextual Menu Items/StickyBrainMenu.plugin/Contents/MacOS/StickyBrainMenu

Thanks for the suggestion, David, thought it should be noted that these haxies, APEs or Input Managers don't seem to cause the problem in Safari 3 beta. The crash only occurs in the nightly build of Webkit.app.

(In reply to comment #5) > Thanks for the suggestion, David, thought it should be noted that these haxies, > APEs or Input Managers don't seem to cause the problem in Safari 3 beta. The > crash only occurs in the nightly build of Webkit.app. WebKit.app does some tricks where it uses a different library path to start up Safari.app on your Mac. You're saying that you've installed the Safari 3 beta, and then you're trying to run a WebKit nightly? That's very interesting, but I'm not sure if it's a supported configuration or not. :)

(In reply to comment #6) > WebKit.app does some tricks where it uses a different library path to start up > Safari.app on your Mac. You're saying that you've installed the Safari 3 beta, > and then you're trying to run a WebKit nightly? In theory, this should work! I was able to reproduce this bug using a local debug build of WebKit r22089 with shipping Safari 2.0.4 (419.3) on Mac OS X 10.4.9 following the steps in Comment #2. Thanks again Gibbons!

(In reply to comment #7) > I was able to reproduce this bug using a local debug build of WebKit r22089 > with shipping Safari 2.0.4 (419.3) on Mac OS X 10.4.9 following the steps in > Comment #2. Gibbons, if you'd like to research further, it would be helpful to know which WebKit nightly caused the crash by doing a "binary search" of the nightly builds. Basically find one build that doesn't crash, one that does crash, then check the build half-way in between and repeat until you find two builds next to each other that crash and don't crash. (Actually, this would be helpful to know on nearly every bug filed.) Thanks! Below is more info from my crash. Console output: Segmentation fault Stack trace: Exception: EXC_BAD_ACCESS (0x0001) Codes: KERN_INVALID_ADDRESS (0x0001) at 0x43300008 Thread 0 Crashed: 0 libobjc.A.dylib 0x90a447d4 object_getClassName + 40 1 libobjc.A.dylib 0x90a4ac00 _objc_error + 56 2 libobjc.A.dylib 0x90a4aba4 __objc_error + 64 3 com.apple.WebKit 0x003d1f7c -[WebKitPluginContainerView visibleRect] + 96 4 com.apple.AppKit 0x937d5b9c -[NSView visibleRect] + 208 5 com.apple.AppKit 0x937d5b9c -[NSView visibleRect] + 208 6 com.apple.AppKit 0x938c2464 -[NSView(NSSurface) _surfaceBounds] + 32 7 com.apple.AppKit 0x938c23fc -[NSSurface syncToViewUnconditionally] + 56 8 com.apple.AppKit 0x937ba714 -[NSView _invalidateGStatesForTree] + 376 9 com.apple.QTKit 0x9656fd68 -[QTMovieContentView _invalidateGStatesForTree] + 88 10 com.apple.CoreFoundation 0x907ee3ec CFArrayApplyFunction + 416 11 com.apple.AppKit 0x937ba6f4 -[NSView _invalidateGStatesForTree] + 344 12 com.apple.AppKit 0x937ba554 -[NSView _invalidateFocus] + 36 13 com.apple.AppKit 0x937bc4dc -[NSView _removeSubview:] + 72 14 com.apple.AppKit 0x937bc3ac -[NSView _setSuperview:] + 284 15 com.apple.AppKit 0x937bc0dc -[NSView removeFromSuperview] + 272 16 com.apple.AppKit 0x9383d69c -[NSView removeFromSuperviewWithoutNeedingDisplay] + 44 17 com.apple.CoreFoundation 0x907ee3ec CFArrayApplyFunction + 416 18 com.apple.AppKit 0x937d3724 -[NSView _finalize] + 292 19 com.apple.AppKit 0x937d35c8 -[NSView dealloc] + 48 20 com.apple.WebKit 0x003d1f08 -[WebKitPluginContainerView dealloc] + 120 21 com.apple.AppKit 0x937b24b4 -[NSView release] + 200 22 com.apple.Foundation 0x92bbf908 NSPopAutoreleasePool + 536 23 com.apple.AppKit 0x9379dd34 -[NSApplication run] + 544 24 com.apple.AppKit 0x9388e87c NSApplicationMain + 452 25 com.apple.Safari 0x0005c77c 0x1000 + 374652 26 com.apple.Safari 0x0005c624 0x1000 + 374308

It's almost certainly related to Hyatt's WebKit plugin changes. Those changes were not in the beta which is why you are not seeing the crash in that configuration.

Bdash - this may confirm your suspicion. I just uninstalled Safari 3 beta from my machine and the crash in the nightly build persists as originally described: Date/Time: 2007-06-12 13:40:21.408 -0500 OS Version: 10.4.9 (Build 8P135) Report Version: 4 Command: Safari Path: /Applications/Safari.app/Contents/MacOS/Safari Parent: WindowServer [64] Version: r22084 (22084) PID: 224 Thread: 0 Exception: EXC_BAD_ACCESS (0x0001) Codes: KERN_INVALID_ADDRESS (0x0001) at 0x408ab008 Thread 0 Crashed: 0 libobjc.A.dylib 0x909207d4 object_getClassName + 40 1 libobjc.A.dylib 0x90926c00 _objc_error + 56 2 libobjc.A.dylib 0x90926ba4 __objc_error + 64 3 com.apple.WebKit 0x003851b0 -[WebKitPluginContainerView visibleRect] + 64 4 com.apple.AppKit 0x9253db9c -[NSView visibleRect] + 208 5 com.apple.AppKit 0x9253db9c -[NSView visibleRect] + 208 6 com.apple.AppKit 0x9262a464 -[NSView(NSSurface) _surfaceBounds] + 32 7 com.apple.AppKit 0x9262a3fc -[NSSurface syncToViewUnconditionally] + 56 8 com.apple.AppKit 0x92522714 -[NSView _invalidateGStatesForTree] + 376 9 com.apple.QTKit 0x9f28fd68 -[QTMovieContentView _invalidateGStatesForTree] + 88 10 com.apple.CoreFoundation 0x902c13ec CFArrayApplyFunction + 416 11 com.apple.AppKit 0x925226f4 -[NSView _invalidateGStatesForTree] + 344 12 com.apple.AppKit 0x92522554 -[NSView _invalidateFocus] + 36 13 com.apple.AppKit 0x925244dc -[NSView _removeSubview:] + 72 14 com.apple.AppKit 0x925243ac -[NSView _setSuperview:] + 284 15 com.apple.AppKit 0x925240dc -[NSView removeFromSuperview] + 272 16 com.apple.AppKit 0x925a569c -[NSView removeFromSuperviewWithoutNeedingDisplay] + 44 17 com.apple.CoreFoundation 0x902c13ec CFArrayApplyFunction + 416 18 com.apple.AppKit 0x9253b724 -[NSView _finalize] + 292 19 com.apple.AppKit 0x9253b5c8 -[NSView dealloc] + 48 20 com.apple.WebKit 0x00385150 -[WebKitPluginContainerView dealloc] + 80 21 com.apple.AppKit 0x9251a4b4 -[NSView release] + 200 22 com.apple.Foundation 0x90ae0908 NSPopAutoreleasePool + 536 23 com.apple.AppKit 0x92505d34 -[NSApplication run] + 544 24 com.apple.AppKit 0x925f687c NSApplicationMain + 452 25 com.apple.Safari 0x0005c77c 0x1000 + 374652 26 com.apple.Safari 0x0005c624 0x1000 + 374308

*** Bug 14076 has been marked as a duplicate of this bug. ***

I think Anders fixed this in <http://trac.webkit.org/projects/webkit/changeset/23552> and again in <http://trac.webkit.org/projects/webkit/changeset/23553>.