* SUMMARY Loading a specific image in a background tab causes an assertion. * STEPS TO REPRODUCE 1. Open Safari/WebKit (with a debug build of WebKit). 2. Open Bug 15188 (or this bug). 3. Command-click on the "screenshot" attachment of Bug 15188 (or the URL field link on this bug). * EXPECTED RESULTS The image should load in the background tab without asserting. * ACTUAL RESULTS The image loading in a background tab causes an assertion. * REGRESSION Haven't tested earlier debug builds, so it's hard to say when this was introduced. Reproduced with a local debug build of WebKit r25505 with Safari 3 Public Beta v. 3.0.3 (522.12.1) on Mac OS X 10.4.10 (8R218).
Created attachment 16266 [details] Crash log * CONSOLE ASSERTION FAILED: size == 0 || size >= m_encodedSize (/path/to/WebKit/WebCore/loader/CachedResource.cpp:159 void WebCore::CachedResource::setEncodedSize(unsigned int)) * CRASH LOG Exception: EXC_BAD_ACCESS (0x0001) Codes: KERN_INVALID_ADDRESS (0x0001) at 0xbbadbeef Thread 0 Crashed: 0 com.apple.WebCore 0x0112d95c WebCore::CachedResource::setEncodedSize(unsigned) + 132 (CachedResource.cpp:159) 1 com.apple.WebCore 0x0112d0b0 WebCore::CachedImage::data(WTF::PassRefPtr<WebCore::SharedBuffer>, bool) + 396 (CachedImage.cpp:197) 2 com.apple.WebCore 0x01130a38 WebCore::Loader::didReceiveData(WebCore::SubresourceLoader*, char const*, int) + 372 (loader.cpp:208) 3 com.apple.WebCore 0x0149aef8 WebCore::SubresourceLoader::didReceiveData(char const*, int, long long, bool) + 180 (SubresourceLoader.cpp:180) 4 com.apple.WebCore 0x01498eac WebCore::ResourceLoader::didReceiveData(WebCore::ResourceHandle*, char const*, int, int) + 108 5 com.apple.WebCore 0x0146c168 -[WebCoreResourceHandleAsDelegate connection:didReceiveData:lengthReceived:] + 300 (ResourceHandleMac.mm:435) 6 com.apple.Foundation 0x92c15624 -[NSURLConnection(NSURLConnectionInternal) _sendDidReceiveDataCallback] + 564 7 com.apple.Foundation 0x92c13ac4 -[NSURLConnection(NSURLConnectionInternal) _sendCallbacks] + 488 8 com.apple.Foundation 0x92c13860 _sendCallbacks + 156 9 com.apple.CoreFoundation 0x907de4fc __CFRunLoopDoSources0 + 384 10 com.apple.CoreFoundation 0x907dda2c __CFRunLoopRun + 452 11 com.apple.CoreFoundation 0x907dd4ac CFRunLoopRunSpecific + 268 12 com.apple.HIToolbox 0x9329bb20 RunCurrentEventLoopInMode + 264 13 com.apple.HIToolbox 0x9329b1b4 ReceiveNextEventCommon + 380 14 com.apple.HIToolbox 0x9329b020 BlockUntilNextEventMatchingListInMode + 96 15 com.apple.AppKit 0x937a1ae4 _DPSNextEvent + 384 16 com.apple.AppKit 0x937a17a8 -[NSApplication nextEventMatchingMask:untilDate:inMode:dequeue:] + 116 17 com.apple.Safari 0x00006770 0x1000 + 22384 18 com.apple.AppKit 0x9379dcec -[NSApplication run] + 472 19 com.apple.AppKit 0x9388e87c NSApplicationMain + 452 20 com.apple.Safari 0x0000244c 0x1000 + 5196 21 com.apple.Safari 0x0004f1b0 0x1000 + 319920
This is already in Radar - <rdar://problem/5453743> - You're seeing this on Tiger...?
(In reply to comment #2) > This is already in Radar - <rdar://problem/5453743> - You're seeing this on > Tiger...? Yes.
*** Bug 15017 has been marked as a duplicate of this bug. ***
*** Bug 15472 has been marked as a duplicate of this bug. ***
Fixed with r26702.