Bug 4194 - Reproducible Poof Crash when using search field at mathworks.com
Summary: Reproducible Poof Crash when using search field at mathworks.com
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: New Bugs (show other bugs)
Version: 412
Hardware: Mac OS X 10.4
: P2 Normal
Assignee: Anders Carlsson
URL: http://www.mathworks.com/support/
Keywords:
: 9263 (view as bug list)
Depends on:
Blocks: 9610
  Show dependency treegraph
 
Reported: 2005-07-29 02:24 PDT by Benjamin Olswang
Modified: 2006-06-26 14:05 PDT (History)
3 users (show)

See Also:


Attachments
A minimal page that exhibts the crash. (521 bytes, text/html)
2005-07-31 11:36 PDT, Mark Rowe (bdash)
no flags Details
Don't call onblur when the focus node is being removed. (4.15 KB, patch)
2005-12-04 10:47 PST, Anders Carlsson
ggaren: review-
Details | Formatted Diff | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Benjamin Olswang 2005-07-29 02:24:09 PDT
1. Go to http://www.mathworks.com/support/
2. Enter something into the search field in the middle of the page (e.g "anything")
3. Press Enter
4. Poof Crash

Console:
Jul 29 10:04:33 BenoPBook crashdump[467]: Safari crashed
Jul 29 10:04:34 BenoPBook crashdump[467]: crash report written to: /Users/beno/Library/Logs/
CrashReporter/Safari.crash.log

Safari.crash.log:
**********

Host Name:      BenoPBook
Date/Time:      2005-07-29 10:04:33.287 +0100
OS Version:     10.4.2 (Build 8C46)
Report Version: 3

Command: Safari
Path:    /Applications/Safari.app/Contents/MacOS/Safari
Parent:  WindowServer [72]

Version:        2.0 (412.2)
Build Version:  1
Project Name:   WebBrowser
Source Version: 4120200

PID:    466
Thread: 0

Exception:  EXC_BAD_ACCESS (0x0001)
Codes:      KERN_INVALID_ADDRESS (0x0001) at 0xa1b1c21f

Thread 0 Crashed:
0   com.apple.WebCore        	0x95bfebc0 khtml::CSSStyleSelector::locateSharedStyle() + 112
1   com.apple.WebCore        	0x95bfe6f4 khtml::CSSStyleSelector::styleForElement
(DOM::ElementImpl*, khtml::RenderStyle*, bool) + 220
2   com.apple.WebCore        	0x95c31eec DOM::ElementImpl::recalcStyle
(DOM::NodeImpl::StyleChange) + 116
3   com.apple.WebCore        	0x95cba7bc DOM::HTMLGenericFormElementImpl::recalcStyle
(DOM::NodeImpl::StyleChange) + 24
4   com.apple.WebCore        	0x95c320d8 DOM::ElementImpl::recalcStyle
(DOM::NodeImpl::StyleChange) + 608
5   com.apple.WebCore        	0x95c320d8 DOM::ElementImpl::recalcStyle
(DOM::NodeImpl::StyleChange) + 608
6   com.apple.WebCore        	0x95c320d8 DOM::ElementImpl::recalcStyle
(DOM::NodeImpl::StyleChange) + 608
7   com.apple.WebCore        	0x95c320d8 DOM::ElementImpl::recalcStyle
(DOM::NodeImpl::StyleChange) + 608
8   com.apple.WebCore        	0x95c320d8 DOM::ElementImpl::recalcStyle
(DOM::NodeImpl::StyleChange) + 608
9   com.apple.WebCore        	0x95c320d8 DOM::ElementImpl::recalcStyle
(DOM::NodeImpl::StyleChange) + 608
10  com.apple.WebCore        	0x95c320d8 DOM::ElementImpl::recalcStyle
(DOM::NodeImpl::StyleChange) + 608
11  com.apple.WebCore        	0x95c320d8 DOM::ElementImpl::recalcStyle
(DOM::NodeImpl::StyleChange) + 608
12  com.apple.WebCore        	0x95c320d8 DOM::ElementImpl::recalcStyle
(DOM::NodeImpl::StyleChange) + 608
13  com.apple.WebCore        	0x95c320d8 DOM::ElementImpl::recalcStyle
(DOM::NodeImpl::StyleChange) + 608
14  com.apple.WebCore        	0x95c320d8 DOM::ElementImpl::recalcStyle
(DOM::NodeImpl::StyleChange) + 608
15  com.apple.WebCore        	0x95c320d8 DOM::ElementImpl::recalcStyle
(DOM::NodeImpl::StyleChange) + 608
16  com.apple.WebCore        	0x95c320d8 DOM::ElementImpl::recalcStyle
(DOM::NodeImpl::StyleChange) + 608
17  com.apple.WebCore        	0x95c320d8 DOM::ElementImpl::recalcStyle
(DOM::NodeImpl::StyleChange) + 608
18  com.apple.WebCore        	0x95c320d8 DOM::ElementImpl::recalcStyle
(DOM::NodeImpl::StyleChange) + 608
19  com.apple.WebCore        	0x95c320d8 DOM::ElementImpl::recalcStyle
(DOM::NodeImpl::StyleChange) + 608
20  com.apple.WebCore        	0x95bed86c DOM::DocumentImpl::recalcStyle
(DOM::NodeImpl::StyleChange) + 2476
21  com.apple.WebCore        	0x95c2d998 DOM::DocumentImpl::updateDocumentsRendering() + 84
22  com.apple.WebCore        	0x95c72f40 DOM::NodeImpl::dispatchGenericEvent(DOM::EventImpl*, 
int&) + 780
23  com.apple.WebCore        	0x95c72aa0 DOM::NodeImpl::dispatchEvent(DOM::EventImpl*, int&, 
bool) + 144
24  com.apple.WebCore        	0x95c727a0 DOM::NodeImpl::dispatchHTMLEvent(int, bool, bool) + 112
25  com.apple.WebCore        	0x95c98388 DOM::DocumentImpl::setFocusNode(DOM::NodeImpl*) + 
268
26  com.apple.WebCore        	0x95cc2d9c khtml::RenderWidget::eventFilter(QObject*, QEvent*) + 232
27  com.apple.WebCore        	0x95cc275c -[KWQTextFieldController setHasFocus:] + 544
28  com.apple.WebCore        	0x95cc37b0 -[KWQTextFieldController controlTextDidEndEditing:] + 80
29  com.apple.Foundation     	0x9287c878 _nsnote_callback + 180
30  com.apple.CoreFoundation 	0x90772740 __CFXNotificationPost + 368
31  com.apple.CoreFoundation 	0x9076a864 _CFXNotificationPostNotification + 684
32  com.apple.Foundation     	0x92866c80 -[NSNotificationCenter 
postNotificationName:object:userInfo:] + 92
33  com.apple.AppKit         	0x9370a944 -[NSTextField textDidEndEditing:] + 316
34  com.apple.Foundation     	0x9287c878 _nsnote_callback + 180
35  com.apple.CoreFoundation 	0x90772740 __CFXNotificationPost + 368
36  com.apple.CoreFoundation 	0x9076a864 _CFXNotificationPostNotification + 684
37  com.apple.Foundation     	0x92866c80 -[NSNotificationCenter 
postNotificationName:object:userInfo:] + 92
38  com.apple.AppKit         	0x9370a724 -[NSTextView(NSSharing) resignFirstResponder] + 764
39  com.apple.AppKit         	0x936d6228 -[NSWindow makeFirstResponder:] + 104
40  com.apple.Safari         	0x00012d14 0x1000 + 72980
41  com.apple.AppKit         	0x936f4f4c -[NSWindow endEditingFor:] + 316
42  com.apple.AppKit         	0x9364652c -[NSView removeFromSuperview] + 60
43  com.apple.WebCore        	0x95cb1094 QWidget::removeFromSuperview() + 108
44  com.apple.WebCore        	0x95cb0f9c khtml::RenderWidget::detach() + 60
45  com.apple.WebCore        	0x95c8e698 DOM::NodeImpl::detach() + 48
46  com.apple.WebCore        	0x95d88c64 DOM::HTMLInputElementImpl::detach() + 24
47  com.apple.WebCore        	0x95bf21fc DOM::NodeBaseImpl::removeChildren() + 100
48  com.apple.WebCore        	0x95cec8e0 DOM::HTMLElementImpl::setInnerHTML(DOM::DOMString 
const&) + 44
49  com.apple.WebCore        	0x95cec864 DOM::HTMLElement::setInnerHTML(DOM::DOMString 
const&) + 40
50  com.apple.WebCore        	0x95c70ff8 KJS::HTMLElement::putValue(KJS::ExecState*, int, KJS::Value 
const&, int) + 30312
51  com.apple.WebCore        	0x95c6995c KJS::HTMLElement::tryPut(KJS::ExecState*, KJS::Identifier 
const&, KJS::Value const&, int) + 712
52  com.apple.WebCore        	0x95c64f7c KJS::DOMObject::put(KJS::ExecState*, KJS::Identifier const&, 
KJS::Value const&, int) + 44
53  com.apple.JavaScriptCore 	0x95ab2bd0 KJS::Reference::putValue(KJS::ExecState*, KJS::Value const&) 
+ 240
54  com.apple.JavaScriptCore 	0x95ab196c KJS::AssignNode::evaluate(KJS::ExecState*) + 964
55  com.apple.JavaScriptCore 	0x95ab14c8 KJS::ExprStatementNode::execute(KJS::ExecState*) + 128
56  com.apple.JavaScriptCore 	0x95aacdbc KJS::SourceElementsNode::execute(KJS::ExecState*) + 500
57  com.apple.JavaScriptCore 	0x95aacb58 KJS::BlockNode::execute(KJS::ExecState*) + 136
58  com.apple.JavaScriptCore 	0x95ab9254 KJS::DeclaredFunctionImp::execute(KJS::ExecState*) + 44
59  com.apple.JavaScriptCore 	0x95ab8b54 KJS::FunctionImp::call(KJS::ExecState*, KJS::Object&, KJS::List 
const&) + 428
60  com.apple.JavaScriptCore 	0x95aaed64 KJS::Object::call(KJS::ExecState*, KJS::Object&, KJS::List 
const&) + 172
61  com.apple.JavaScriptCore 	0x95aad664 KJS::FunctionCallNode::evaluate(KJS::ExecState*) + 932
62  com.apple.JavaScriptCore 	0x95ab14c8 KJS::ExprStatementNode::execute(KJS::ExecState*) + 128
63  com.apple.JavaScriptCore 	0x95aacca0 KJS::SourceElementsNode::execute(KJS::ExecState*) + 216
64  com.apple.JavaScriptCore 	0x95aacb58 KJS::BlockNode::execute(KJS::ExecState*) + 136
65  com.apple.JavaScriptCore 	0x95ab9254 KJS::DeclaredFunctionImp::execute(KJS::ExecState*) + 44
66  com.apple.JavaScriptCore 	0x95ab8b54 KJS::FunctionImp::call(KJS::ExecState*, KJS::Object&, KJS::List 
const&) + 428
67  com.apple.JavaScriptCore 	0x95aaed64 KJS::Object::call(KJS::ExecState*, KJS::Object&, KJS::List 
const&) + 172
68  com.apple.WebCore        	0x95d70564 KJS::JSAbstractEventListener::handleEvent(DOM::Event&, 
bool) + 496
69  com.apple.WebCore        	0x95c73170 DOM::NodeImpl::handleLocalEvents(DOM::EventImpl*, 
bool) + 268
70  com.apple.WebCore        	0x95c72db0 DOM::NodeImpl::dispatchGenericEvent(DOM::EventImpl*, 
int&) + 380
71  com.apple.WebCore        	0x95c72aa0 DOM::NodeImpl::dispatchEvent(DOM::EventImpl*, int&, 
bool) + 144
72  com.apple.WebCore        	0x95c727a0 DOM::NodeImpl::dispatchHTMLEvent(int, bool, bool) + 112
73  com.apple.WebCore        	0x95cc7390 DOM::HTMLFormElementImpl::prepareSubmit() + 112
74  com.apple.WebCore        	0x95cc19f4 DOM::HTMLInputElementImpl::defaultEventHandler
(DOM::EventImpl*) + 264
75  com.apple.WebCore        	0x95c72e84 DOM::NodeImpl::dispatchGenericEvent(DOM::EventImpl*, 
int&) + 592
76  com.apple.WebCore        	0x95c72aa0 DOM::NodeImpl::dispatchEvent(DOM::EventImpl*, int&, 
bool) + 144
77  com.apple.WebCore        	0x95caea4c DOM::NodeImpl::dispatchUIEvent(int, int) + 140
78  com.apple.WebCore        	0x95cc466c DOM::NodeImpl::dispatchMouseEvent(QMouseEvent*, int, 
int) + 1184
79  com.apple.WebCore        	0x95d87d0c DOM::HTMLElementImpl::click(bool) + 380
80  com.apple.WebCore        	0x95cc71dc DOM::HTMLFormElementImpl::submitClick() + 200
81  com.apple.WebCore        	0x95cc1b18 DOM::HTMLInputElementImpl::defaultEventHandler
(DOM::EventImpl*) + 556
82  com.apple.WebCore        	0x95c72e84 DOM::NodeImpl::dispatchGenericEvent(DOM::EventImpl*, 
int&) + 592
83  com.apple.WebCore        	0x95c72aa0 DOM::NodeImpl::dispatchEvent(DOM::EventImpl*, int&, 
bool) + 144
84  com.apple.WebCore        	0x95cc6064 DOM::NodeImpl::dispatchKeyEvent(QKeyEvent*) + 128
85  com.apple.WebCore        	0x95cc4be0 KWQKHTMLPart::keyEvent(NSEvent*) + 300
86  com.apple.WebCore        	0x95cc3eb8 -[KWQTextFieldController textView:shouldHandleEvent:] + 
200
87  com.apple.WebCore        	0x95cc3ddc -[KWQTextField textView:shouldHandleEvent:] + 32
88  com.apple.AppKit         	0x9370c8dc -[NSTextView keyDown:] + 316
89  com.apple.AppKit         	0x93688438 -[NSWindow sendEvent:] + 6424
90  com.apple.Safari         	0x0001d6bc 0x1000 + 116412
91  com.apple.AppKit         	0x93630f5c -[NSApplication sendEvent:] + 4172
92  com.apple.Safari         	0x0001a6a4 0x1000 + 104100
93  com.apple.AppKit         	0x936283f0 -[NSApplication run] + 508
94  com.apple.AppKit         	0x93718c1c NSApplicationMain + 452
95  com.apple.Safari         	0x00002700 0x1000 + 5888
96  com.apple.Safari         	0x00057190 0x1000 + 352656

Thread 1:
0   libSystem.B.dylib        	0x9001efec select + 12
1   com.apple.CoreFoundation 	0x9075dc6c __CFSocketManager + 472
2   libSystem.B.dylib        	0x9002c3d4 _pthread_body + 96

Thread 2:
0   libSystem.B.dylib        	0x9000a778 mach_msg_trap + 8
1   libSystem.B.dylib        	0x9000a6bc mach_msg + 60
2   com.apple.CoreFoundation 	0x9074b3d8 __CFRunLoopRun + 832
3   com.apple.CoreFoundation 	0x9074acdc CFRunLoopRunSpecific + 268
4   com.apple.Foundation     	0x9288bec4 -[NSRunLoop runMode:beforeDate:] + 172
5   com.apple.Foundation     	0x9288bdfc -[NSRunLoop run] + 76
6   com.apple.WebKit         	0x959b70a0 +[WebFileDatabase _syncLoop:] + 176
7   com.apple.Foundation     	0x9287cf34 forkThreadForFunction + 108
8   libSystem.B.dylib        	0x9002c3d4 _pthread_body + 96

Thread 3:
0   libSystem.B.dylib        	0x9000a778 mach_msg_trap + 8
1   libSystem.B.dylib        	0x9000a6bc mach_msg + 60
2   com.apple.CoreFoundation 	0x9074b3d8 __CFRunLoopRun + 832
3   com.apple.CoreFoundation 	0x9074acdc CFRunLoopRunSpecific + 268
4   com.apple.Foundation     	0x928a43e0 +[NSURLConnection(NSURLConnectionInternal) 
_resourceLoadLoop:] + 264
5   com.apple.Foundation     	0x9287cf34 forkThreadForFunction + 108
6   libSystem.B.dylib        	0x9002c3d4 _pthread_body + 96

Thread 4:
0   libSystem.B.dylib        	0x9000a778 mach_msg_trap + 8
1   libSystem.B.dylib        	0x9000a6bc mach_msg + 60
2   com.apple.CoreFoundation 	0x9074b3d8 __CFRunLoopRun + 832
3   com.apple.CoreFoundation 	0x9074acdc CFRunLoopRunSpecific + 268
4   com.apple.Foundation     	0x928a5520 +[NSURLCache _diskCacheSyncLoop:] + 152
5   com.apple.Foundation     	0x9287cf34 forkThreadForFunction + 108
6   libSystem.B.dylib        	0x9002c3d4 _pthread_body + 96

Thread 5:
0   libSystem.B.dylib        	0x9002ca98 semaphore_wait_signal_trap + 8
1   libSystem.B.dylib        	0x9003127c pthread_cond_wait + 508
2   com.apple.Foundation     	0x928840a0 -[NSConditionLock lockWhenCondition:] + 68
3   com.apple.Syndication    	0x9b04aab0 -[AsyncDB _run:] + 192
4   com.apple.Foundation     	0x9287cf34 forkThreadForFunction + 108
5   libSystem.B.dylib        	0x9002c3d4 _pthread_body + 96

Thread 0 crashed with PPC Thread State 64:
  srr0: 0x0000000095bfebc0 srr1: 0x000000000200f030                        vrsave: 
0x0000000000000000
    cr: 0x22008224          xer: 0x0000000000000006   lr: 0x0000000095bfe6f4  ctr: 
0x0000000095e4a050
    r0: 0x0000000000000000   r1: 0x00000000bfffb2f0   r2: 0x00000000a1b1c1d3   r3: 
0x0000000004ea54f0
    r4: 0x000000000484a040   r5: 0x0000000000000000   r6: 0x0000000000000001   r7: 
0x0000000000007548
    r8: 0x0000000000000001   r9: 0x0000000000000000  r10: 0x0000000000001243  r11: 
0x0000000004f02004
   r12: 0x0000000095e4a050  r13: 0x0000000000000001  r14: 0x0000000000000000  r15: 
0x0000000000000000
   r16: 0x0000000000000000  r17: 0x000000000506c1f0  r18: 0x000000000113ba00  r19: 
0x0000000004eab880
   r20: 0x0000000000000000  r21: 0x00000000a07225e0  r22: 0x0000000000000008  r23: 
0x0000000000000000
   r24: 0x00000000004058a0  r25: 0x00000000a5bd2c3c  r26: 0x0000000001971000  r27: 
0x000000000484a040
   r28: 0x0000000004eae900  r29: 0x0000000000000000  r30: 0x0000000004ea54f0  r31: 
0x0000000095bfe628

Binary Images Description:
    0x1000 -    0xd7fff com.apple.Safari 2.0 (412.2)	/Applications/Safari.app/Contents/MacOS/Safari
  0x3f9000 -   0x3f9fff org.xlife.InquisitorLoader 1.0	/Users/beno/Library/InputManagers/
Inquisitor/Inquisitor.bundle/Contents/MacOS/Inquisitor
  0x54e000 -   0x560fff org.xlife.InquisitorCore 1.0	/Users/beno/Library/InputManagers/Inquisitor/
Inquisitor.bundle/Contents/Resources/InquisitorCore.bundle/Contents/MacOS/InquisitorCore
 0x4b65000 -  0x4b6bfff com.apple.DictionaryServiceComponent 1.0.0
	/System/Library/Components/DictionaryService.component/Contents/MacOS/DictionaryService
0x8fe00000 - 0x8fe51fff dyld 43.1	/usr/lib/dyld
0x90000000 - 0x901a6fff libSystem.B.dylib 	/usr/lib/libSystem.B.dylib
0x901fe000 - 0x90202fff libmathCommon.A.dylib 	/usr/lib/system/libmathCommon.A.dylib
0x90204000 - 0x90257fff com.apple.CoreText 1.0.0 (???)	/System/Library/Frameworks/
ApplicationServices.framework/Versions/A/Frameworks/CoreText.framework/Versions/A/CoreText
0x90284000 - 0x90335fff ATS 	/System/Library/Frameworks/ApplicationServices.framework/
Versions/A/Frameworks/ATS.framework/Versions/A/ATS
0x90364000 - 0x9069dfff com.apple.CoreGraphics 1.256.14 (???)
	/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/
CoreGraphics.framework/Versions/A/CoreGraphics
0x90728000 - 0x90801fff com.apple.CoreFoundation 6.4.2 (368.11)
	/System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation
0x9084a000 - 0x9084afff com.apple.CoreServices 10.4 (???)	/System/Library/Frameworks/
CoreServices.framework/Versions/A/CoreServices
0x9084c000 - 0x9094efff libicucore.A.dylib 	/usr/lib/libicucore.A.dylib
0x909a8000 - 0x90a2cfff libobjc.A.dylib 	/usr/lib/libobjc.A.dylib
0x90a56000 - 0x90acafff com.apple.framework.IOKit 1.4 (???)	/System/Library/Frameworks/
IOKit.framework/Versions/A/IOKit
0x90ae4000 - 0x90af6fff libauto.dylib 	/usr/lib/libauto.dylib
0x90afd000 - 0x90dc2fff com.apple.CoreServices.CarbonCore 10.4.1 (611.1)
	/System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/
CarbonCore.framework/Versions/A/CarbonCore
0x90e25000 - 0x90ea5fff com.apple.CoreServices.OSServices 4.0 (4.0.0)
	/System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/
OSServices.framework/Versions/A/OSServices
0x90eef000 - 0x90f2ffff com.apple.CFNetwork 10.4.2 (80)	/System/Library/Frameworks/
CoreServices.framework/Versions/A/Frameworks/CFNetwork.framework/Versions/A/CFNetwork
0x90f44000 - 0x90f5cfff com.apple.WebServices 1.1.2 (1.1.0)	/System/Library/Frameworks/
CoreServices.framework/Versions/A/Frameworks/WebServicesCore.framework/Versions/A/
WebServicesCore
0x90f6c000 - 0x90feafff com.apple.SearchKit 1.0.3	/System/Library/Frameworks/
CoreServices.framework/Versions/A/Frameworks/SearchKit.framework/Versions/A/SearchKit
0x9102f000 - 0x91056fff com.apple.Metadata 1.1 (121.6)	/System/Library/Frameworks/
CoreServices.framework/Versions/A/Frameworks/Metadata.framework/Versions/A/Metadata
0x91066000 - 0x91073fff libz.1.dylib 	/usr/lib/libz.1.dylib
0x91076000 - 0x91238fff com.apple.security 4.0.1 (223)	/System/Library/Frameworks/
Security.framework/Versions/A/Security
0x9133a000 - 0x91343fff com.apple.DiskArbitration 2.1	/System/Library/Frameworks/
DiskArbitration.framework/Versions/A/DiskArbitration
0x9134a000 - 0x91371fff com.apple.SystemConfiguration 1.8.0
	/System/Library/Frameworks/SystemConfiguration.framework/Versions/A/SystemConfiguration
0x91384000 - 0x9138cfff libbsm.dylib 	/usr/lib/libbsm.dylib
0x91390000 - 0x9140efff com.apple.audio.CoreAudio 3.0.1	/System/Library/Frameworks/
CoreAudio.framework/Versions/A/CoreAudio
0x9144c000 - 0x9144cfff com.apple.ApplicationServices 10.4 (???)
	/System/Library/Frameworks/ApplicationServices.framework/Versions/A/ApplicationServices
0x9144e000 - 0x91486fff com.apple.AE 1.5 (297)	/System/Library/Frameworks/
ApplicationServices.framework/Versions/A/Frameworks/AE.framework/Versions/A/AE
0x914a1000 - 0x9156cfff com.apple.ColorSync 4.4	/System/Library/Frameworks/
ApplicationServices.framework/Versions/A/Frameworks/ColorSync.framework/Versions/A/ColorSync
0x915c1000 - 0x91654fff com.apple.print.framework.PrintCore 4.0 (172.1)
	/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/
PrintCore.framework/Versions/A/PrintCore
0x9169a000 - 0x91757fff com.apple.QD 3.8.6 (???)	/System/Library/Frameworks/
ApplicationServices.framework/Versions/A/Frameworks/QD.framework/Versions/A/QD
0x91795000 - 0x917f3fff com.apple.HIServices 1.5.0 (???)	/System/Library/Frameworks/
ApplicationServices.framework/Versions/A/Frameworks/HIServices.framework/Versions/A/HIServices
0x91821000 - 0x91844fff com.apple.LangAnalysis 1.6	/System/Library/Frameworks/
ApplicationServices.framework/Versions/A/Frameworks/LangAnalysis.framework/Versions/A/
LangAnalysis
0x91858000 - 0x9187dfff com.apple.FindByContent 1.5	/System/Library/Frameworks/
ApplicationServices.framework/Versions/A/Frameworks/FindByContent.framework/Versions/A/
FindByContent
0x91890000 - 0x918d1fff com.apple.LaunchServices 10.4.3 (157)
	/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/
LaunchServices.framework/Versions/A/LaunchServices
0x918ec000 - 0x91900fff com.apple.speech.synthesis.framework 3.3
	/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/
SpeechSynthesis.framework/Versions/A/SpeechSynthesis
0x9190e000 - 0x91944fff com.apple.ImageIO.framework 1.0.2
	/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/
ImageIO.framework/Versions/A/ImageIO
0x91958000 - 0x91a1afff libcrypto.0.9.7.dylib 	/usr/lib/libcrypto.0.9.7.dylib
0x91a66000 - 0x91a7bfff libcups.2.dylib 	/usr/lib/libcups.2.dylib
0x91a80000 - 0x91a9cfff libJPEG.dylib 	/System/Library/Frameworks/ApplicationServices.framework/
Versions/A/Frameworks/ImageIO.framework/Versions/A/Resources/libJPEG.dylib
0x91aa1000 - 0x91b10fff libJP2.dylib 	/System/Library/Frameworks/ApplicationServices.framework/
Versions/A/Frameworks/ImageIO.framework/Versions/A/Resources/libJP2.dylib
0x91b27000 - 0x91b2bfff libGIF.dylib 	/System/Library/Frameworks/ApplicationServices.framework/
Versions/A/Frameworks/ImageIO.framework/Versions/A/Resources/libGIF.dylib
0x91b2d000 - 0x91b45fff libRaw.dylib 	/System/Library/Frameworks/ApplicationServices.framework/
Versions/A/Frameworks/ImageIO.framework/Versions/A/Resources/libRaw.dylib
0x91b48000 - 0x91b8bfff libTIFF.dylib 	/System/Library/Frameworks/ApplicationServices.framework/
Versions/A/Frameworks/ImageIO.framework/Versions/A/Resources/libTIFF.dylib
0x91b92000 - 0x91babfff libPng.dylib 	/System/Library/Frameworks/ApplicationServices.framework/
Versions/A/Frameworks/ImageIO.framework/Versions/A/Resources/libPng.dylib
0x91bb0000 - 0x91bb3fff libRadiance.dylib 	/System/Library/Frameworks/
ApplicationServices.framework/Versions/A/Frameworks/ImageIO.framework/Versions/A/Resources/
libRadiance.dylib
0x91bb5000 - 0x91bb5fff com.apple.Accelerate 1.1.1 (Accelerate 1.1.1)
	/System/Library/Frameworks/Accelerate.framework/Versions/A/Accelerate
0x91bb7000 - 0x91ca1fff com.apple.vImage 2.0	/System/Library/Frameworks/
Accelerate.framework/Versions/A/Frameworks/vImage.framework/Versions/A/vImage
0x91ca9000 - 0x91cc8fff com.apple.Accelerate.vecLib 3.1.1 (vecLib 3.1.1)
	/System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vecLib.framework/
Versions/A/vecLib
0x91d34000 - 0x91d54fff libmx.A.dylib 	/usr/lib/libmx.A.dylib
0x91d5a000 - 0x91dbffff libvMisc.dylib 	/System/Library/Frameworks/Accelerate.framework/
Versions/A/Frameworks/vecLib.framework/Versions/A/libvMisc.dylib
0x91dc9000 - 0x91e5bfff libvDSP.dylib 	/System/Library/Frameworks/Accelerate.framework/
Versions/A/Frameworks/vecLib.framework/Versions/A/libvDSP.dylib
0x91e75000 - 0x92405fff libBLAS.dylib 	/System/Library/Frameworks/Accelerate.framework/
Versions/A/Frameworks/vecLib.framework/Versions/A/libBLAS.dylib
0x9244d000 - 0x9275dfff libLAPACK.dylib 	/System/Library/Frameworks/Accelerate.framework/
Versions/A/Frameworks/vecLib.framework/Versions/A/libLAPACK.dylib
0x9278a000 - 0x92815fff com.apple.DesktopServices 1.3	/System/Library/PrivateFrameworks/
DesktopServicesPriv.framework/Versions/A/DesktopServicesPriv
0x92857000 - 0x92a80fff com.apple.Foundation 6.4.1 (567.12)
	/System/Library/Frameworks/Foundation.framework/Versions/C/Foundation
0x92b9e000 - 0x92c7cfff libxml2.2.dylib 	/usr/lib/libxml2.2.dylib
0x92c9c000 - 0x92d8afff libiconv.2.dylib 	/usr/lib/libiconv.2.dylib
0x92d9c000 - 0x92dbafff libGL.dylib 	/System/Library/Frameworks/OpenGL.framework/Versions/
A/Libraries/libGL.dylib
0x92dc5000 - 0x92e1ffff libGLU.dylib 	/System/Library/Frameworks/OpenGL.framework/Versions/
A/Libraries/libGLU.dylib
0x92e3d000 - 0x92e3dfff com.apple.Carbon 10.4 (???)	/System/Library/Frameworks/
Carbon.framework/Versions/A/Carbon
0x92e3f000 - 0x92e53fff com.apple.ImageCapture 3.0	/System/Library/Frameworks/
Carbon.framework/Versions/A/Frameworks/ImageCapture.framework/Versions/A/ImageCapture
0x92e6b000 - 0x92e7bfff com.apple.speech.recognition.framework 3.4
	/System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/
SpeechRecognition.framework/Versions/A/SpeechRecognition
0x92e87000 - 0x92e9cfff com.apple.securityhi 2.0 (203)	/System/Library/Frameworks/
Carbon.framework/Versions/A/Frameworks/SecurityHI.framework/Versions/A/SecurityHI
0x92eae000 - 0x92f35fff com.apple.ink.framework 101.2 (69)
	/System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/Ink.framework/
Versions/A/Ink
0x92f49000 - 0x92f54fff com.apple.help 1.0.3 (32)	/System/Library/Frameworks/Carbon.framework/
Versions/A/Frameworks/Help.framework/Versions/A/Help
0x92f5e000 - 0x92f8bfff com.apple.openscripting 1.2.2 (???)	/System/Library/Frameworks/
Carbon.framework/Versions/A/Frameworks/OpenScripting.framework/Versions/A/OpenScripting
0x92fa5000 - 0x92fb5fff com.apple.print.framework.Print 4.0 (187)
	/System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/Print.framework/
Versions/A/Print
0x92fc1000 - 0x93027fff com.apple.htmlrendering 1.1.2	/System/Library/Frameworks/
Carbon.framework/Versions/A/Frameworks/HTMLRendering.framework/Versions/A/HTMLRendering
0x93058000 - 0x930aafff com.apple.NavigationServices 3.4.1 (3.4)
	/System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/
NavigationServices.framework/Versions/A/NavigationServices
0x930d6000 - 0x930f3fff com.apple.audio.SoundManager 3.9	/System/Library/Frameworks/
Carbon.framework/Versions/A/Frameworks/CarbonSound.framework/Versions/A/CarbonSound
0x93105000 - 0x93112fff com.apple.CommonPanels 1.2.2 (73)
	/System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/
CommonPanels.framework/Versions/A/CommonPanels
0x9311b000 - 0x9342bfff com.apple.HIToolbox 1.4.2 (???)	/System/Library/Frameworks/
Carbon.framework/Versions/A/Frameworks/HIToolbox.framework/Versions/A/HIToolbox
0x93576000 - 0x93582fff com.apple.opengl 1.4.0	/System/Library/Frameworks/OpenGL.framework/
Versions/A/OpenGL
0x93587000 - 0x935a9fff com.apple.DirectoryService.Framework 2.0
	/System/Library/Frameworks/DirectoryService.framework/Versions/A/DirectoryService
0x93622000 - 0x93622fff com.apple.Cocoa 6.4 (???)	/System/Library/Frameworks/
Cocoa.framework/Versions/A/Cocoa
0x93624000 - 0x93c55fff com.apple.AppKit 6.4.1 (824.1)	/System/Library/Frameworks/
AppKit.framework/Versions/C/AppKit
0x93fe1000 - 0x9404bfff com.apple.CoreData 1.0 (46)	/System/Library/Frameworks/
CoreData.framework/Versions/A/CoreData
0x94083000 - 0x9414dfff com.apple.audio.toolbox.AudioToolbox 1.4.1
	/System/Library/Frameworks/AudioToolbox.framework/Versions/A/AudioToolbox
0x941a1000 - 0x941a1fff com.apple.audio.units.AudioUnit 1.4
	/System/Library/Frameworks/AudioUnit.framework/Versions/A/AudioUnit
0x941a3000 - 0x94302fff com.apple.QuartzCore 1.4.1	/System/Library/Frameworks/
QuartzCore.framework/Versions/A/QuartzCore
0x9434a000 - 0x94387fff libsqlite3.0.dylib 	/usr/lib/libsqlite3.0.dylib
0x9438f000 - 0x943dafff libGLImage.dylib 	/System/Library/Frameworks/OpenGL.framework/
Versions/A/Libraries/libGLImage.dylib
0x94468000 - 0x944a0fff com.apple.vmutils 4.0.0 (85)	/System/Library/PrivateFrameworks/
vmutils.framework/Versions/A/vmutils
0x944e3000 - 0x944fffff com.apple.securityfoundation 2.0 (262)
	/System/Library/Frameworks/SecurityFoundation.framework/Versions/A/SecurityFoundation
0x94513000 - 0x94556fff com.apple.securityinterface 2.0 (256)
	/System/Library/Frameworks/SecurityInterface.framework/Versions/A/SecurityInterface
0x9457a000 - 0x94589fff libCGATS.A.dylib 	/System/Library/Frameworks/
ApplicationServices.framework/Versions/A/Frameworks/CoreGraphics.framework/Versions/A/
Resources/libCGATS.A.dylib
0x94591000 - 0x9459dfff libCSync.A.dylib 	/System/Library/Frameworks/
ApplicationServices.framework/Versions/A/Frameworks/CoreGraphics.framework/Versions/A/
Resources/libCSync.A.dylib
0x945e2000 - 0x945f6fff libRIP.A.dylib 	/System/Library/Frameworks/ApplicationServices.framework/
Versions/A/Frameworks/CoreGraphics.framework/Versions/A/Resources/libRIP.A.dylib
0x94abe000 - 0x94bebfff com.apple.AddressBook.framework 4.0.2 (475)
	/System/Library/Frameworks/AddressBook.framework/Versions/A/AddressBook
0x94c7c000 - 0x94c8bfff com.apple.DSObjCWrappers.Framework 1.1
	/System/Library/PrivateFrameworks/DSObjCWrappers.framework/Versions/A/DSObjCWrappers
0x94c93000 - 0x94cbafff com.apple.LDAPFramework 1.4 (68)	/System/Library/Frameworks/
LDAP.framework/Versions/A/LDAP
0x94cc0000 - 0x94cd0fff libsasl2.2.dylib 	/usr/lib/libsasl2.2.dylib
0x94cd4000 - 0x94d02fff libssl.0.9.7.dylib 	/usr/lib/libssl.0.9.7.dylib
0x94d12000 - 0x94d2ffff libresolv.9.dylib 	/usr/lib/libresolv.9.dylib
0x959b5000 - 0x95a3ffff com.apple.WebKit 412.6	/System/Library/Frameworks/WebKit.framework/
Versions/A/WebKit
0x95a99000 - 0x95b7bfff com.apple.JavaScriptCore 412.3	/System/Library/Frameworks/
WebKit.framework/Versions/A/Frameworks/JavaScriptCore.framework/Versions/A/JavaScriptCore
0x95bcf000 - 0x95ebdfff com.apple.WebCore 415.11	/System/Library/Frameworks/
WebKit.framework/Versions/A/Frameworks/WebCore.framework/Versions/A/WebCore
0x9603e000 - 0x96067fff libxslt.1.dylib 	/usr/lib/libxslt.1.dylib
0x9b048000 - 0x9b07bfff com.apple.Syndication 1.0.1 (38)	/System/Library/PrivateFrameworks/
Syndication.framework/Versions/A/Syndication
0x9b096000 - 0x9b0a6fff com.apple.SyndicationUI 1.0.1 (38)	/System/Library/PrivateFrameworks/
SyndicationUI.framework/Versions/A/SyndicationUI
Comment 1 Mark Rowe (bdash) 2005-07-30 00:28:16 PDT
Confirmed with ToT WebKit.
Comment 2 Mark Rowe (bdash) 2005-07-31 11:36:30 PDT
Created attachment 3179 [details]
A minimal page that exhibts the crash.
Comment 3 Anders Carlsson 2005-12-04 10:47:12 PST
Created attachment 4939 [details]
Don't call onblur when the focus node is being removed.

This patch makes Safari follow Mozilla and not emit onblur when a node that has
focus is being removed from the document.
Comment 4 Geoffrey Garen 2005-12-04 11:47:37 PST
Would it work to set m_attached to false at the beginning of detach, and then test for that, isntead of 
adding an extra state variable?

Also, don't you want <b>&& !oldFocusNode->m_inDetach</b> rather than <b>&& oldFocusNode-
>m_inDetach</b>?
Comment 5 Darin Adler 2005-12-04 12:32:32 PST
Comment on attachment 4939 [details]
Don't call onblur when the focus node is being removed.

OK, looks like a good way to do this. Having m_inDetach could make some other
optimizations possible as well.

r=me
Comment 6 Anders Carlsson 2005-12-04 12:59:01 PST
(In reply to comment #4)
> Would it work to set m_attached to false at the beginning of detach, and then test for that, isntead of 
> adding an extra state variable?
> 
I didn't want to do that because it felt like it could break in a lot of subtle ways.

> Also, don't you want <b>&& !oldFocusNode->m_inDetach</b> rather than <b>&& oldFocusNode-
> >m_inDetach</b>?
Yeah. I removed it when I wanted to verify that another crash was fixed, and when I added it I forgot the 
!. Thanks for catching it!

Comment 7 Geoffrey Garen 2005-12-04 13:00:13 PST
Comment on attachment 4939 [details]
Don't call onblur when the focus node is being removed.

Anders and I talked about this on IRC. The test *is* backwards. He'll submit a
new patch.
Comment 8 Anders Carlsson 2005-12-04 13:00:51 PST
*** Bug 3683 has been marked as a duplicate of this bug. ***
Comment 9 Joost de Valk (AlthA) 2006-06-24 13:58:13 PDT
*** Bug 9263 has been marked as a duplicate of this bug. ***