RESOLVED FIXED 5163
RealPlayer.GetTitle() Crashes Safari/Dashboard
https://bugs.webkit.org/show_bug.cgi?id=5163
Summary RealPlayer.GetTitle() Crashes Safari/Dashboard
mathias meyer
Reported 2005-09-28 05:21:33 PDT
Using the GetTitle() method in an embedded RealPlayer on the .rm stream (using it for a widget) crashes Safari/Dashboard. Satement: debug((document.getElementById("player").GetTitle) ? document.getElementById("player").GetTitle() : "not available"); crash log pasted: ********** Host Name: darwin Date/Time: 2005-09-28 14:17:15.413 +0200 OS Version: 10.4.2 (Build 8C46) Report Version: 3 Command: Safari Path: /Applications/Safari.app/Contents/MacOS/Safari Parent: bash [208] Version: 2.0.1 (412.5) Build Version: 7 Project Name: WebBrowser Source Version: 4120500 PID: 11706 Thread: 0 Exception: EXC_BAD_ACCESS (0x0001) Codes: KERN_PROTECTION_FAILURE (0x0002) at 0x00000000 Thread 0 Crashed: 0 com.apple.CoreFoundation 0x9072c888 CFStringGetLength + 52 1 com.apple.JavaScriptCore 0x0104498c KJS::Bindings::convertUTF8ToUTF16(char const*, int, unsigned short**, unsigned*) + 84 (c_utility.cpp:51) 2 com.apple.JavaScriptCore 0x01044d80 KJS::Bindings::convertNPVariantToValue (KJS::ExecState*, _NPVariant const*) + 236 (c_utility.cpp:160) 3 com.apple.JavaScriptCore 0x01044828 KJS::Bindings::CInstance::invokeMethod (KJS::ExecState*, KJS::Bindings::MethodList const&, KJS::List const&) + 328 (c_instance.cpp:138) 4 com.apple.JavaScriptCore 0x0103ede4 KJS::RuntimeMethodImp::callAsFunction (KJS::ExecState*, KJS::ObjectImp*, KJS::List const&) + 224 (runtime_method.cpp:92) 5 com.apple.JavaScriptCore 0x010275b0 KJS::ObjectImp::call(KJS::ExecState*, KJS::ObjectImp*, KJS::List const&) + 96 (object.cpp:98) 6 com.apple.JavaScriptCore 0x0101f8bc KJS::FunctionCallDotNode::evaluate(KJS::ExecState*) + 416 (nodes.cpp:701) 7 com.apple.JavaScriptCore 0x0101e1f4 KJS::ConditionalNode::evaluate(KJS::ExecState*) + 140 (nodes.cpp:1026) 8 com.apple.JavaScriptCore 0x0101eef4 KJS::ArgumentListNode::evaluateList(KJS::ExecState*) + 80 (nodes.cpp:492) 9 com.apple.JavaScriptCore 0x0101efa0 KJS::ArgumentsNode::evaluateList(KJS::ExecState*) + 44 (nodes.cpp:514) 10 com.apple.JavaScriptCore 0x01022a3c KJS::FunctionCallResolveNode::evaluate (KJS::ExecState*) + 340 (nodes.cpp:596) 11 com.apple.JavaScriptCore 0x0101dc24 KJS::ExprStatementNode::execute(KJS::ExecState*) + 104 (nodes.cpp:1436) 12 com.apple.JavaScriptCore 0x01022368 KJS::StatListNode::execute(KJS::ExecState*) + 248 (nodes.cpp:1266) 13 com.apple.JavaScriptCore 0x01023418 KJS::CaseClauseNode::evalStatements(KJS::ExecState*) + 60 (nodes.cpp:1779) 14 com.apple.JavaScriptCore 0x01023524 KJS::CaseBlockNode::evalBlock(KJS::ExecState*, KJS::ValueImp*) + 212 (nodes.cpp:1851) 15 com.apple.JavaScriptCore 0x010238e8 KJS::SwitchNode::execute(KJS::ExecState*) + 308 (nodes.cpp:1921) 16 com.apple.JavaScriptCore 0x01021290 KJS::SourceElementsNode::execute(KJS::ExecState*) + 344 (nodes.cpp:2178) 17 com.apple.JavaScriptCore 0x01020f20 KJS::BlockNode::execute(KJS::ExecState*) + 132 (nodes.cpp:1412) 18 com.apple.JavaScriptCore 0x0101401c KJS::DeclaredFunctionImp::execute(KJS::ExecState*) + 56 (completion.h:53) 19 com.apple.JavaScriptCore 0x01014334 KJS::FunctionImp::callAsFunction(KJS::ExecState*, KJS::ObjectImp*, KJS::List const&) + 424 (interpreter.h:475) 20 com.apple.JavaScriptCore 0x010275b0 KJS::ObjectImp::call(KJS::ExecState*, KJS::ObjectImp*, KJS::List const&) + 96 (object.cpp:98) 21 com.apple.JavaScriptCore 0x01022ab4 KJS::FunctionCallResolveNode::evaluate (KJS::ExecState*) + 460 (nodes.cpp:608) 22 com.apple.JavaScriptCore 0x0101dc24 KJS::ExprStatementNode::execute(KJS::ExecState*) + 104 (nodes.cpp:1436) 23 com.apple.JavaScriptCore 0x010211ec KJS::SourceElementsNode::execute(KJS::ExecState*) + 180 (nodes.cpp:2172) 24 com.apple.JavaScriptCore 0x01020f20 KJS::BlockNode::execute(KJS::ExecState*) + 132 (nodes.cpp:1412) 25 com.apple.JavaScriptCore 0x0101823c KJS::InterpreterImp::evaluate(KJS::UString const&, KJS::ValueImp*, KJS::UString const&, int) + 660 (internal.cpp:720) 26 com.apple.JavaScriptCore 0x0101a308 KJS::Interpreter::evaluate(KJS::UString const&, int, KJS::UString const&, KJS::ValueImp*) + 64 (interpreter.cpp:136) 27 com.apple.WebCore 0x01612bc8 KJSProxyImpl::evaluate(QString, int, QString const&, DOM::NodeImpl*) + 184 (kjs_proxy.cpp:118) 28 com.apple.WebCore 0x015d0100 KHTMLPart::executeScript(DOM::NodeImpl*, QString const&, bool) + 176 (khtml_part.cpp:838) 29 com.apple.WebCore 0x015d027c KHTMLPart::executeScript(QString const&, bool) + 36 (khtml_part.cpp:811) 30 com.apple.WebCore 0x01619110 KJS::ScheduledAction::execute(KJS::Window*) + 512 (kjs_window.cpp:2075) 31 com.apple.WebCore 0x01619220 KJS::WindowQObject::timerEvent(QTimerEvent*) + 196 (kjs_window.cpp:2192) 32 com.apple.WebCore 0x015a70a8 -[KWQObjectTimerTarget sendTimerEvent] + 56 (KWQObject.mm:326) 33 com.apple.Foundation 0x92885cfc __NSFireTimer + 116 34 com.apple.CoreFoundation 0x9075ed10 __CFRunLoopDoTimer + 184 35 com.apple.CoreFoundation 0x9074b688 __CFRunLoopRun + 1680 36 com.apple.CoreFoundation 0x9074ac3c CFRunLoopRunSpecific + 268 37 com.apple.HIToolbox 0x93129ac0 RunCurrentEventLoopInMode + 264 38 com.apple.HIToolbox 0x93129154 ReceiveNextEventCommon + 380 39 com.apple.HIToolbox 0x93128fc0 BlockUntilNextEventMatchingListInMode + 96 40 com.apple.AppKit 0x93631e44 _DPSNextEvent + 384 41 com.apple.AppKit 0x93631b08 -[NSApplication nextEventMatchingMask:untilDate:inMode:dequeue:] + 116 42 com.apple.Safari 0x00006bbc 0x1000 + 23484 43 com.apple.AppKit 0x9362e06c -[NSApplication run] + 472 44 com.apple.AppKit 0x9371e8bc NSApplicationMain + 452 45 com.apple.Safari 0x000021e8 0x1000 + 4584 46 com.apple.Safari 0x00056e28 0x1000 + 351784 Thread 1: 0 libSystem.B.dylib 0x9000a738 mach_msg_trap + 8 1 libSystem.B.dylib 0x9000a67c mach_msg + 60 2 com.apple.CoreFoundation 0x9074b338 __CFRunLoopRun + 832 3 com.apple.CoreFoundation 0x9074ac3c CFRunLoopRunSpecific + 268 4 com.apple.Foundation 0x92891ec4 -[NSRunLoop runMode:beforeDate:] + 172 5 com.apple.Foundation 0x92891dfc -[NSRunLoop run] + 76 6 com.apple.WebKit 0x00368f38 +[WebFileDatabase _syncLoop:] + 176 (WebFileDatabase.m:291) 7 com.apple.Foundation 0x92882f34 forkThreadForFunction + 108 8 libSystem.B.dylib 0x9002c3b4 _pthread_body + 96 Thread 2: 0 libSystem.B.dylib 0x9001efcc select + 12 1 com.apple.CoreFoundation 0x9075dbcc __CFSocketManager + 472 2 libSystem.B.dylib 0x9002c3b4 _pthread_body + 96 Thread 3: 0 libSystem.B.dylib 0x9000a738 mach_msg_trap + 8 1 libSystem.B.dylib 0x9000a67c mach_msg + 60 2 com.apple.CoreFoundation 0x9074b338 __CFRunLoopRun + 832 3 com.apple.CoreFoundation 0x9074ac3c CFRunLoopRunSpecific + 268 4 com.apple.Foundation 0x928aa3e0 +[NSURLConnection(NSURLConnectionInternal) _resourceLoadLoop:] + 264 5 com.apple.Foundation 0x92882f34 forkThreadForFunction + 108 6 libSystem.B.dylib 0x9002c3b4 _pthread_body + 96 Thread 4: 0 libSystem.B.dylib 0x9000a738 mach_msg_trap + 8 1 libSystem.B.dylib 0x9000a67c mach_msg + 60 2 com.apple.CoreFoundation 0x9074b338 __CFRunLoopRun + 832 3 com.apple.CoreFoundation 0x9074ac3c CFRunLoopRunSpecific + 268 4 com.apple.Foundation 0x928ab520 +[NSURLCache _diskCacheSyncLoop:] + 152 5 com.apple.Foundation 0x92882f34 forkThreadForFunction + 108 6 libSystem.B.dylib 0x9002c3b4 _pthread_body + 96 Thread 5: 0 libSystem.B.dylib 0x9002ca78 semaphore_wait_signal_trap + 8 1 libSystem.B.dylib 0x9003125c pthread_cond_wait + 508 2 com.apple.Foundation 0x9288a0a0 -[NSConditionLock lockWhenCondition:] + 68 3 com.apple.Syndication 0x9aeafab0 -[AsyncDB _run:] + 192 4 com.apple.Foundation 0x92882f34 forkThreadForFunction + 108 5 libSystem.B.dylib 0x9002c3b4 _pthread_body + 96 Thread 6: 0 libSystem.B.dylib 0x9002ca78 semaphore_wait_signal_trap + 8 1 libSystem.B.dylib 0x9003125c pthread_cond_wait + 508 2 org.HelixCommunity.clntcore 0x0b1bc4ec CloseEngine + 1295312 3 org.HelixCommunity.clntcore 0x0b17d2e8 CloseEngine + 1036748 4 org.HelixCommunity.clntcore 0x0b12a760 CloseEngine + 697924 5 libSystem.B.dylib 0x9002c3b4 _pthread_body + 96 Thread 7: 0 libSystem.B.dylib 0x9002ca78 semaphore_wait_signal_trap + 8 1 libSystem.B.dylib 0x9003125c pthread_cond_wait + 508 2 org.HelixCommunity.clntcore 0x0b1bc4ec CloseEngine + 1295312 3 org.HelixCommunity.clntcore 0x0b17db68 CloseEngine + 1038924 4 org.HelixCommunity.clntcore 0x0b149360 CloseEngine + 823876 5 libSystem.B.dylib 0x9002c3b4 _pthread_body + 96 Thread 8: 0 libSystem.B.dylib 0x9002ca78 semaphore_wait_signal_trap + 8 1 libSystem.B.dylib 0x9003125c pthread_cond_wait + 508 2 org.HelixCommunity.clntcore 0x0b1bc4ec CloseEngine + 1295312 3 org.HelixCommunity.clntcore 0x0b17d2e8 CloseEngine + 1036748 4 org.HelixCommunity.clntcore 0x0b188674 CloseEngine + 1082712 5 libSystem.B.dylib 0x9002c3b4 _pthread_body + 96 Thread 9: 0 libSystem.B.dylib 0x90042ae8 mach_wait_until + 8 1 libSystem.B.dylib 0x900428a0 nanosleep + 384 2 libSystem.B.dylib 0x9004677c usleep + 60 3 org.HelixCommunity.clntcore 0x0b17df80 CloseEngine + 1039972 4 libSystem.B.dylib 0x9002c3b4 _pthread_body + 96 Thread 10: 0 libSystem.B.dylib 0x90042ae8 mach_wait_until + 8 1 libSystem.B.dylib 0x900428a0 nanosleep + 384 2 libSystem.B.dylib 0x9004677c usleep + 60 3 org.HelixCommunity.clntcore 0x0b17df80 CloseEngine + 1039972 4 libSystem.B.dylib 0x9002c3b4 _pthread_body + 96 Thread 11: 0 libSystem.B.dylib 0x90056418 semaphore_timedwait_signal_trap + 8 1 libSystem.B.dylib 0x900723b0 pthread_cond_timedwait_relative_np + 592 2 ...ple.CoreServices.CarbonCore 0x90b6c728 TSWaitOnSemaphoreCommon + 176 3 ...ickTimeComponents.component 0x99527340 ReadSchedulerThreadEntryPoint + 436 4 libSystem.B.dylib 0x9002c3b4 _pthread_body + 96 Thread 12: 0 libSystem.B.dylib 0x90056418 semaphore_timedwait_signal_trap + 8 1 libSystem.B.dylib 0x900723b0 pthread_cond_timedwait_relative_np + 592 2 ...ple.CoreServices.CarbonCore 0x90b6c728 TSWaitOnSemaphoreCommon + 176 3 ...ple.CoreServices.CarbonCore 0x90b771d0 AIOFileThread(void*) + 520 4 libSystem.B.dylib 0x9002c3b4 _pthread_body + 96 Thread 13: 0 libSystem.B.dylib 0x9000a738 mach_msg_trap + 8 1 libSystem.B.dylib 0x9000a67c mach_msg + 60 2 com.apple.CoreFoundation 0x9074b338 __CFRunLoopRun + 832 3 com.apple.CoreFoundation 0x9074ac3c CFRunLoopRunSpecific + 268 4 com.apple.audio.CoreAudio 0x913a61dc HALRunLoop::OwnThread(void*) + 264 5 com.apple.audio.CoreAudio 0x913a5f7c CAPThread::Entry(CAPThread*) + 96 6 libSystem.B.dylib 0x9002c3b4 _pthread_body + 96 Thread 14: 0 libSystem.B.dylib 0x90056418 semaphore_timedwait_signal_trap + 8 1 libSystem.B.dylib 0x900723b0 pthread_cond_timedwait_relative_np + 592 2 com.apple.audio.CoreAudio 0x913b6f80 CAGuard::WaitFor(unsigned long long) + 204 3 com.apple.audio.CoreAudio 0x913b6e90 CAGuard::WaitUntil(unsigned long long) + 304 4 com.apple.audio.CoreAudio 0x913b5100 HP_IOThread::WorkLoop() + 852 5 com.apple.audio.CoreAudio 0x913b4d98 HP_IOThread::ThreadEntry(HP_IOThread*) + 16 6 com.apple.audio.CoreAudio 0x913a5f7c CAPThread::Entry(CAPThread*) + 96 7 libSystem.B.dylib 0x9002c3b4 _pthread_body + 96 Thread 15: 0 libSystem.B.dylib 0x90056418 semaphore_timedwait_signal_trap + 8 1 libSystem.B.dylib 0x900723b0 pthread_cond_timedwait_relative_np + 592 2 ...ple.CoreServices.CarbonCore 0x90b6c728 TSWaitOnSemaphoreCommon + 176 3 ...ple.CoreServices.CarbonCore 0x90b781f8 DeferredTaskThread + 56 4 libSystem.B.dylib 0x9002c3b4 _pthread_body + 96 Thread 0 crashed with PPC Thread State 64: srr0: 0x000000009072c888 srr1: 0x000000000200f030 vrsave: 0x0000000000000000 cr: 0x82024242 xer: 0x0000000000000004 lr: 0x000000009072c85c ctr: 0x000000009072c854 r0: 0x00000000a0728674 r1: 0x00000000bfffc5e0 r2: 0x00000000a0728274 r3: 0x0000000000000000 r4: 0x000000000b41730e r5: 0x0000000000000014 r6: 0x00000000bfffc1ac r7: 0x0000000000000014 r8: 0x00000000bfffc104 r9: 0x000000000000001c r10: 0x0000000000000000 r11: 0x000000008fe519e0 r12: 0x000000009072c854 r13: 0x0000000000000000 r14: 0x0000000000000001 r15: 0x0000000000000001 r16: 0x0000000000000000 r17: 0x0000000000000000 r18: 0x0000000000009783 r19: 0x0000000000000000 r20: 0x0000000015d10499 r21: 0x00000000bfffd948 r22: 0x000000000000000d r23: 0x00000000bfffd424 r24: 0x000000000b41df50 r25: 0x00000000bfffce78 r26: 0x000000000b403990 r27: 0x00000000bfffc744 r28: 0x00000000bfffc6c8 r29: 0x0000000000000000 r30: 0x0000000000000000 r31: 0x000000009072c85c Binary Images Description: 0x1000 - 0xd8fff com.apple.Safari 2.0.1 (412.5) /Applications/Safari.app/Contents/MacOS/ Safari 0x305000 - 0x3a0fff com.apple.WebKit 420+ /Users/mathmeye/Computer/WebKitBuild/ Deployment/WebKit.framework/Versions/A/WebKit 0x1008000 - 0x1064fff com.apple.JavaScriptCore 420+ /Users/mathmeye/Computer/WebKitBuild/ Deployment/JavaScriptCore.framework/Versions/A/JavaScriptCore 0x157a000 - 0x179cfff com.apple.WebCore 420+ /Users/mathmeye/Computer/WebKitBuild/ Deployment/WebCore.framework/Versions/A/WebCore 0x6ea7000 - 0x6ea7e03 <Unknown disk fragment> PEF binary: <Unknown disk fragment> 0x98a6000 - 0x98a7fff com.apple.aoa.halplugin 2.5.0 /System/Library/Extensions/ IOAudioFamily.kext/Contents/PlugIns/AOAHALPlugin.bundle/Contents/MacOS/AOAHALPlugin 0x997c490 - 0x997c563 CFMPriv_CommonPanels PEF binary: CFMPriv_CommonPanels 0x997c570 - 0x997c62b CFMPriv_Help PEF binary: CFMPriv_Help 0x997c630 - 0x997c6fa CFMPriv_HIToolbox PEF binary: CFMPriv_HIToolbox 0x997c700 - 0x997c7d6 CFMPriv_HTMLRendering PEF binary: CFMPriv_HTMLRendering 0x997c7e0 - 0x997c8b3 CFMPriv_ImageCapture PEF binary: CFMPriv_ImageCapture 0x997c8c0 - 0x997c9a5 CFMPriv_NavigationServices PEF binary: CFMPriv_NavigationServices 0x9981eb0 - 0x9981f86 CFMPriv_OpenScripting PEF binary: CFMPriv_OpenScripting 0x9981f90 - 0x998204e CFMPriv_Print PEF binary: CFMPriv_Print 0x9982330 - 0x99823a7 CFMPriv_System PEF binary: CFMPriv_System 0x9982470 - 0x9982540 CFMPriv_CarbonSound PEF binary: CFMPriv_CarbonSound 0x999bed0 - 0x999bf82 CFMPriv_CoreFoundation PEF binary: CFMPriv_CoreFoundation 0x99e10a0 - 0x99e116d CFMPriv_SecurityHI PEF binary: CFMPriv_SecurityHI 0x99e1170 - 0x99e1252 CFMPriv_SpeechRecognition PEF binary: CFMPriv_SpeechRecognition 0x99e1260 - 0x99e1333 CFMPriv_CarbonCore PEF binary: CFMPriv_CarbonCore 0x99e13a0 - 0x99e1473 CFMPriv_OSServices PEF binary: CFMPriv_OSServices 0x99e1540 - 0x99e1602 CFMPriv_AE PEF binary: CFMPriv_AE 0x99e1610 - 0x99e16d5 CFMPriv_ATS PEF binary: CFMPriv_ATS 0x99e1740 - 0x99e1817 CFMPriv_ColorSync PEF binary: CFMPriv_ColorSync 0x99e1890 - 0x99e1973 CFMPriv_FindByContent PEF binary: CFMPriv_FindByContent 0x99e19e0 - 0x99e1aba CFMPriv_HIServices PEF binary: CFMPriv_HIServices 0x99e1b20 - 0x99e1c00 CFMPriv_LangAnalysis PEF binary: CFMPriv_LangAnalysis 0x99e1c80 - 0x99e1d66 CFMPriv_LaunchServices PEF binary: CFMPriv_LaunchServices 0x99e1e30 - 0x99e1f07 CFMPriv_PrintCore PEF binary: CFMPriv_PrintCore 0x99e1f10 - 0x99e1fd2 CFMPriv_QD PEF binary: CFMPriv_QD 0x99e20c0 - 0x99e21a9 CFMPriv_SpeechSynthesis PEF binary: CFMPriv_SpeechSynthesis 0xad3a000 - 0xad8ffff com.DivXInc.DivXDecoder 6.0.0 /Library/QuickTime/DivX 6 Decoder.component/Contents/MacOS/DivX 6 Decoder 0xaf8a000 - 0xafd93c7 CarbonLibpwpc PEF binary: CarbonLibpwpc 0xaff5000 - 0xb01dfff com.RealNetworks.RealPlayerPlugin ??? (0.0.1d1) /Applications/RealPlayer.app/Contents/MacOS/RealPlayer Plugin.plugin/Contents/MacOS/ RealPlayer Plugin 0xb026000 - 0xb052fff org.HelixCommunity.HXClientKit HXClientKit version 0.0.1d1 (10.0.0) /Applications/RealPlayer.app/Contents/Frameworks/HXClientKit.framework/HXClientKit 0xb07e000 - 0xb223fff org.HelixCommunity.clntcore Version 10.0.0.742 (10.0.0) /Applications/RealPlayer.app/Contents/Frameworks/HXClientKit.framework/HelixPlugins/ Common/clntcore.bundle/Contents/MacOS/clntcore 0xb25c000 - 0xb292fff org.HelixCommunity.vsrlocal Version 10.1.0.666 (10.1.0) /Applications/RealPlayer.app/Contents/Frameworks/HXClientKit.framework/HelixPlugins/Plugins/ vsrlocal.bundle/Contents/MacOS/vsrlocal 0xb29c000 - 0xb2b4fff org.HelixCommunity.clntxres Version 10.0.0.2416 (10.0.0) /Applications/RealPlayer.app/Contents/Frameworks/HXClientKit.framework/HelixPlugins/Plugins/ clntxres.bundle/Contents/MacOS/clntxres 0xb2c6000 - 0xb32bfff org.HelixCommunity.vidsite Version 10.0.0.423 (10.0.0) /Applications/RealPlayer.app/Contents/Frameworks/HXClientKit.framework/HelixPlugins/Plugins/ vidsite.bundle/Contents/MacOS/vidsite 0xb33e000 - 0xb36efff org.HelixCommunity.authmgr Version 10.0.0.1142 (10.0.0) /Applications/RealPlayer.app/Contents/Frameworks/HXClientKit.framework/HelixPlugins/Plugins/ authmgr.bundle/Contents/MacOS/authmgr 0xb376000 - 0xb391fff org.HelixCommunity.hxxml Version 10.0.0.2691 (10.0.0) /Applications/RealPlayer.app/Contents/Frameworks/HXClientKit.framework/HelixPlugins/Plugins/ hxxml.bundle/Contents/MacOS/hxxml 0xb50d000 - 0xb54ffff com.apple.QuickTimeFireWireDV.component 7.0.2 /System/Library/QuickTime/QuickTimeFireWireDV.component/Contents/MacOS/ QuickTimeFireWireDV 0xb560000 - 0xb5d9fff com.apple.applepixletvideo 1.2.5 (1.2d5) /System/Library/QuickTime/ApplePixletVideo.component/Contents/MacOS/ApplePixletVideo 0xb611000 - 0xb629fff org.HelixCommunity.hxsdp Version 10.0.0.513 (10.0.0) /Applications/RealPlayer.app/Contents/Frameworks/HXClientKit.framework/HelixPlugins/Plugins/ hxsdp.bundle/Contents/MacOS/hxsdp 0xb62f000 - 0xb67efff org.HelixCommunity.rarender Version 10.0.0.743 (10.0.0) /Applications/RealPlayer.app/Contents/Frameworks/HXClientKit.framework/HelixPlugins/Plugins/ rarender.bundle/Contents/MacOS/rarender 0xb68a000 - 0xb699fff org.HelixCommunity.cook Version 10.0.0.1151 (10.0.0) /Applications/RealPlayer.app/Contents/Frameworks/HXClientKit.framework/HelixPlugins/Codecs/ cook.bundle/Contents/MacOS/cook 0xb745000 - 0xb75cfff org.HelixCommunity.dnet Version 6.0.7.4365 (6.0.7) /Applications/RealPlayer.app/Contents/Frameworks/HXClientKit.framework/HelixPlugins/Codecs/ dnet.bundle/Contents/MacOS/dnet 0xb763000 - 0xb76c84b ddnt.shlb PEF binary: ddnt.shlb 0xb76d000 - 0xb79940a pncrt.Shlb PEF binary: pncrt.Shlb 0xb7aa000 - 0xb7e3fff com.apple.audio.SoundManager.Components 3.9.1 /System/Library/Components/SoundManagerComponents.component/Contents/MacOS/ SoundManagerComponents 0x8fe00000 - 0x8fe51fff dyld 43.1 /usr/lib/dyld 0x90000000 - 0x901a6fff libSystem.B.dylib /usr/lib/libSystem.B.dylib 0x901fe000 - 0x90202fff libmathCommon.A.dylib /usr/lib/system/libmathCommon.A.dylib 0x90204000 - 0x90257fff com.apple.CoreText 1.0.0 (???) /System/Library/Frameworks/ ApplicationServices.framework/Versions/A/Frameworks/CoreText.framework/Versions/A/CoreText 0x90284000 - 0x90335fff ATS /System/Library/Frameworks/ApplicationServices.framework/ Versions/A/Frameworks/ATS.framework/Versions/A/ATS 0x90364000 - 0x9069dfff com.apple.CoreGraphics 1.256.14 (???) /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ CoreGraphics.framework/Versions/A/CoreGraphics 0x90728000 - 0x90801fff com.apple.CoreFoundation 6.4.3 (368.12) /System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation 0x9084a000 - 0x9084afff com.apple.CoreServices 10.4 (???) /System/Library/Frameworks/ CoreServices.framework/Versions/A/CoreServices 0x9084c000 - 0x9094efff libicucore.A.dylib /usr/lib/libicucore.A.dylib 0x909a8000 - 0x90a2cfff libobjc.A.dylib /usr/lib/libobjc.A.dylib 0x90a56000 - 0x90acafff com.apple.framework.IOKit 1.4 (???) /System/Library/Frameworks/ IOKit.framework/Versions/A/IOKit 0x90ae4000 - 0x90af6fff libauto.dylib /usr/lib/libauto.dylib 0x90afd000 - 0x90dc2fff com.apple.CoreServices.CarbonCore 10.4.1 (611.1) /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/ CarbonCore.framework/Versions/A/CarbonCore 0x90e25000 - 0x90ea5fff com.apple.CoreServices.OSServices 4.0 (4.0.0) /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/ OSServices.framework/Versions/A/OSServices 0x90eef000 - 0x90f2ffff com.apple.CFNetwork 10.4.2 (80) /System/Library/Frameworks/ CoreServices.framework/Versions/A/Frameworks/CFNetwork.framework/Versions/A/CFNetwork 0x90f44000 - 0x90f5cfff com.apple.WebServices 1.1.2 (1.1.0) /System/Library/Frameworks/ CoreServices.framework/Versions/A/Frameworks/WebServicesCore.framework/Versions/A/ WebServicesCore 0x90f6c000 - 0x90feafff com.apple.SearchKit 1.0.3 /System/Library/Frameworks/ CoreServices.framework/Versions/A/Frameworks/SearchKit.framework/Versions/A/SearchKit 0x9102f000 - 0x91056fff com.apple.Metadata 1.1 (121.6) /System/Library/Frameworks/ CoreServices.framework/Versions/A/Frameworks/Metadata.framework/Versions/A/Metadata 0x91066000 - 0x91074fff libz.1.dylib /usr/lib/libz.1.dylib 0x91077000 - 0x91239fff com.apple.security 4.0.1 (223) /System/Library/Frameworks/ Security.framework/Versions/A/Security 0x9133b000 - 0x91344fff com.apple.DiskArbitration 2.1 /System/Library/Frameworks/ DiskArbitration.framework/Versions/A/DiskArbitration 0x9134b000 - 0x91372fff com.apple.SystemConfiguration 1.8.0 /System/Library/Frameworks/SystemConfiguration.framework/Versions/A/SystemConfiguration 0x91385000 - 0x9138dfff libbsm.dylib /usr/lib/libbsm.dylib 0x91391000 - 0x9140ffff com.apple.audio.CoreAudio 3.0.1 /System/Library/Frameworks/ CoreAudio.framework/Versions/A/CoreAudio 0x9144d000 - 0x9144dfff com.apple.ApplicationServices 10.4 (???) /System/Library/Frameworks/ApplicationServices.framework/Versions/A/ApplicationServices 0x9144f000 - 0x91487fff com.apple.AE 1.5 (297) /System/Library/Frameworks/ ApplicationServices.framework/Versions/A/Frameworks/AE.framework/Versions/A/AE 0x914a2000 - 0x9156dfff com.apple.ColorSync 4.4 /System/Library/Frameworks/ ApplicationServices.framework/Versions/A/Frameworks/ColorSync.framework/Versions/A/ColorSync 0x915c2000 - 0x91655fff com.apple.print.framework.PrintCore 4.0 (172.1) /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ PrintCore.framework/Versions/A/PrintCore 0x9169b000 - 0x91758fff com.apple.QD 3.8.16 (???) /System/Library/Frameworks/ ApplicationServices.framework/Versions/A/Frameworks/QD.framework/Versions/A/QD 0x91796000 - 0x917f4fff com.apple.HIServices 1.5.0 (???) /System/Library/Frameworks/ ApplicationServices.framework/Versions/A/Frameworks/HIServices.framework/Versions/A/HIServices 0x91822000 - 0x91845fff com.apple.LangAnalysis 1.6 /System/Library/Frameworks/ ApplicationServices.framework/Versions/A/Frameworks/LangAnalysis.framework/Versions/A/ LangAnalysis 0x91859000 - 0x9187efff com.apple.FindByContent 1.5 /System/Library/Frameworks/ ApplicationServices.framework/Versions/A/Frameworks/FindByContent.framework/Versions/A/ FindByContent 0x91891000 - 0x918d2fff com.apple.LaunchServices 10.4.3 (157) /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ LaunchServices.framework/Versions/A/LaunchServices 0x918ed000 - 0x91901fff com.apple.speech.synthesis.framework 3.3 /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ SpeechSynthesis.framework/Versions/A/SpeechSynthesis 0x9190f000 - 0x91945fff com.apple.ImageIO.framework 1.0.2 /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ ImageIO.framework/Versions/A/ImageIO 0x91959000 - 0x91a1ffff libcrypto.0.9.7.dylib /usr/lib/libcrypto.0.9.7.dylib 0x91a6c000 - 0x91a81fff libcups.2.dylib /usr/lib/libcups.2.dylib 0x91a86000 - 0x91aa2fff libJPEG.dylib /System/Library/Frameworks/ApplicationServices.framework/ Versions/A/Frameworks/ImageIO.framework/Versions/A/Resources/libJPEG.dylib 0x91aa7000 - 0x91b16fff libJP2.dylib /System/Library/Frameworks/ApplicationServices.framework/ Versions/A/Frameworks/ImageIO.framework/Versions/A/Resources/libJP2.dylib 0x91b2d000 - 0x91b31fff libGIF.dylib /System/Library/Frameworks/ApplicationServices.framework/ Versions/A/Frameworks/ImageIO.framework/Versions/A/Resources/libGIF.dylib 0x91b33000 - 0x91b4bfff libRaw.dylib /System/Library/Frameworks/ApplicationServices.framework/ Versions/A/Frameworks/ImageIO.framework/Versions/A/Resources/libRaw.dylib 0x91b4e000 - 0x91b91fff libTIFF.dylib /System/Library/Frameworks/ApplicationServices.framework/ Versions/A/Frameworks/ImageIO.framework/Versions/A/Resources/libTIFF.dylib 0x91b98000 - 0x91bb1fff libPng.dylib /System/Library/Frameworks/ApplicationServices.framework/ Versions/A/Frameworks/ImageIO.framework/Versions/A/Resources/libPng.dylib 0x91bb6000 - 0x91bb9fff libRadiance.dylib /System/Library/Frameworks/ ApplicationServices.framework/Versions/A/Frameworks/ImageIO.framework/Versions/A/Resources/ libRadiance.dylib 0x91bbb000 - 0x91bbbfff com.apple.Accelerate 1.1.1 (Accelerate 1.1.1) /System/Library/Frameworks/Accelerate.framework/Versions/A/Accelerate 0x91bbd000 - 0x91ca7fff com.apple.vImage 2.0 /System/Library/Frameworks/ Accelerate.framework/Versions/A/Frameworks/vImage.framework/Versions/A/vImage 0x91caf000 - 0x91ccefff com.apple.Accelerate.vecLib 3.1.1 (vecLib 3.1.1) /System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vecLib.framework/ Versions/A/vecLib 0x91d3a000 - 0x91d5afff libmx.A.dylib /usr/lib/libmx.A.dylib 0x91d60000 - 0x91dc5fff libvMisc.dylib /System/Library/Frameworks/Accelerate.framework/ Versions/A/Frameworks/vecLib.framework/Versions/A/libvMisc.dylib 0x91dcf000 - 0x91e61fff libvDSP.dylib /System/Library/Frameworks/Accelerate.framework/ Versions/A/Frameworks/vecLib.framework/Versions/A/libvDSP.dylib 0x91e7b000 - 0x9240bfff libBLAS.dylib /System/Library/Frameworks/Accelerate.framework/ Versions/A/Frameworks/vecLib.framework/Versions/A/libBLAS.dylib 0x92453000 - 0x92763fff libLAPACK.dylib /System/Library/Frameworks/Accelerate.framework/ Versions/A/Frameworks/vecLib.framework/Versions/A/libLAPACK.dylib 0x92790000 - 0x9281bfff com.apple.DesktopServices 1.3 /System/Library/PrivateFrameworks/ DesktopServicesPriv.framework/Versions/A/DesktopServicesPriv 0x9285d000 - 0x92a86fff com.apple.Foundation 6.4.1 (567.12) /System/Library/Frameworks/Foundation.framework/Versions/C/Foundation 0x92ba4000 - 0x92c82fff libxml2.2.dylib /usr/lib/libxml2.2.dylib 0x92ca2000 - 0x92d90fff libiconv.2.dylib /usr/lib/libiconv.2.dylib 0x92da2000 - 0x92dc0fff libGL.dylib /System/Library/Frameworks/OpenGL.framework/Versions/ A/Libraries/libGL.dylib 0x92dcb000 - 0x92e25fff libGLU.dylib /System/Library/Frameworks/OpenGL.framework/Versions/ A/Libraries/libGLU.dylib 0x92e43000 - 0x92e43fff com.apple.Carbon 10.4 (???) /System/Library/Frameworks/ Carbon.framework/Versions/A/Carbon 0x92e45000 - 0x92e59fff com.apple.ImageCapture 3.0 /System/Library/Frameworks/ Carbon.framework/Versions/A/Frameworks/ImageCapture.framework/Versions/A/ImageCapture 0x92e71000 - 0x92e81fff com.apple.speech.recognition.framework 3.4 /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/ SpeechRecognition.framework/Versions/A/SpeechRecognition 0x92e8d000 - 0x92ea2fff com.apple.securityhi 2.0 (203) /System/Library/Frameworks/ Carbon.framework/Versions/A/Frameworks/SecurityHI.framework/Versions/A/SecurityHI 0x92eb4000 - 0x92f3bfff com.apple.ink.framework 101.2 (69) /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/Ink.framework/ Versions/A/Ink 0x92f4f000 - 0x92f5afff com.apple.help 1.0.3 (32) /System/Library/Frameworks/Carbon.framework/ Versions/A/Frameworks/Help.framework/Versions/A/Help 0x92f64000 - 0x92f91fff com.apple.openscripting 1.2.2 (???) /System/Library/Frameworks/ Carbon.framework/Versions/A/Frameworks/OpenScripting.framework/Versions/A/OpenScripting 0x92fab000 - 0x92fbbfff com.apple.print.framework.Print 4.0 (187) /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/Print.framework/ Versions/A/Print 0x92fc7000 - 0x9302dfff com.apple.htmlrendering 1.1.2 /System/Library/Frameworks/ Carbon.framework/Versions/A/Frameworks/HTMLRendering.framework/Versions/A/HTMLRendering 0x9305e000 - 0x930b0fff com.apple.NavigationServices 3.4.1 (3.4) /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/ NavigationServices.framework/Versions/A/NavigationServices 0x930dc000 - 0x930f9fff com.apple.audio.SoundManager 3.9 /System/Library/Frameworks/ Carbon.framework/Versions/A/Frameworks/CarbonSound.framework/Versions/A/CarbonSound 0x9310b000 - 0x93118fff com.apple.CommonPanels 1.2.2 (73) /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/ CommonPanels.framework/Versions/A/CommonPanels 0x93121000 - 0x93431fff com.apple.HIToolbox 1.4.3 (???) /System/Library/Frameworks/ Carbon.framework/Versions/A/Frameworks/HIToolbox.framework/Versions/A/HIToolbox 0x9357c000 - 0x93588fff com.apple.opengl 1.4.0 /System/Library/Frameworks/OpenGL.framework/ Versions/A/OpenGL 0x9358d000 - 0x935affff com.apple.DirectoryService.Framework 2.0 /System/Library/Frameworks/DirectoryService.framework/Versions/A/DirectoryService 0x9361b000 - 0x93623fff libgcc_s.1.dylib /usr/lib/libgcc_s.1.dylib 0x93628000 - 0x93628fff com.apple.Cocoa 6.4 (???) /System/Library/Frameworks/ Cocoa.framework/Versions/A/Cocoa 0x9362a000 - 0x93c5bfff com.apple.AppKit 6.4.2 (824.11) /System/Library/Frameworks/ AppKit.framework/Versions/C/AppKit 0x93fe7000 - 0x94051fff com.apple.CoreData 1.0 (46) /System/Library/Frameworks/ CoreData.framework/Versions/A/CoreData 0x94089000 - 0x94153fff com.apple.audio.toolbox.AudioToolbox 1.4.1 /System/Library/Frameworks/AudioToolbox.framework/Versions/A/AudioToolbox 0x941a7000 - 0x941a7fff com.apple.audio.units.AudioUnit 1.4 /System/Library/Frameworks/AudioUnit.framework/Versions/A/AudioUnit 0x941a9000 - 0x94308fff com.apple.QuartzCore 1.4.1 /System/Library/Frameworks/ QuartzCore.framework/Versions/A/QuartzCore 0x94350000 - 0x9438dfff libsqlite3.0.dylib /usr/lib/libsqlite3.0.dylib 0x94395000 - 0x943e0fff libGLImage.dylib /System/Library/Frameworks/OpenGL.framework/ Versions/A/Libraries/libGLImage.dylib 0x9446e000 - 0x944a6fff com.apple.vmutils 4.0.0 (85) /System/Library/PrivateFrameworks/ vmutils.framework/Versions/A/vmutils 0x944e9000 - 0x94505fff com.apple.securityfoundation 2.0 (262) /System/Library/Frameworks/SecurityFoundation.framework/Versions/A/SecurityFoundation 0x94519000 - 0x9455dfff com.apple.securityinterface 2.0 (257) /System/Library/Frameworks/SecurityInterface.framework/Versions/A/SecurityInterface 0x94581000 - 0x94590fff libCGATS.A.dylib /System/Library/Frameworks/ ApplicationServices.framework/Versions/A/Frameworks/CoreGraphics.framework/Versions/A/ Resources/libCGATS.A.dylib 0x94598000 - 0x945a4fff libCSync.A.dylib /System/Library/Frameworks/ ApplicationServices.framework/Versions/A/Frameworks/CoreGraphics.framework/Versions/A/ Resources/libCSync.A.dylib 0x945e9000 - 0x945fdfff libRIP.A.dylib /System/Library/Frameworks/ApplicationServices.framework/ Versions/A/Frameworks/CoreGraphics.framework/Versions/A/Resources/libRIP.A.dylib 0x94603000 - 0x9486dfff com.apple.QuickTime 7.0.2 /System/Library/Frameworks/ QuickTime.framework/Versions/A/QuickTime 0x94a44000 - 0x94b71fff com.apple.AddressBook.framework 4.0.2 (475) /System/Library/Frameworks/AddressBook.framework/Versions/A/AddressBook 0x94c02000 - 0x94c11fff com.apple.DSObjCWrappers.Framework 1.1 /System/Library/PrivateFrameworks/DSObjCWrappers.framework/Versions/A/DSObjCWrappers 0x94c19000 - 0x94c40fff com.apple.LDAPFramework 1.4 (68) /System/Library/Frameworks/ LDAP.framework/Versions/A/LDAP 0x94c46000 - 0x94c56fff libsasl2.2.dylib /usr/lib/libsasl2.2.dylib 0x94c5a000 - 0x94c88fff libssl.0.9.7.dylib /usr/lib/libssl.0.9.7.dylib 0x94c98000 - 0x94cb5fff libresolv.9.dylib /usr/lib/libresolv.9.dylib 0x95419000 - 0x9549cfff libstdc++.6.dylib /usr/lib/libstdc++.6.dylib 0x95fca000 - 0x95ff3fff libxslt.1.dylib /usr/lib/libxslt.1.dylib 0x97309000 - 0x97328fff com.apple.vecLib 3.1.1 (vecLib 3.1.1) /System/Library/Frameworks/vecLib.framework/Versions/A/vecLib 0x97af4000 - 0x97b01fff com.apple.agl 2.5.6 (AGL-2.5.6) /System/Library/Frameworks/ AGL.framework/Versions/A/AGL 0x99515000 - 0x99dcdfff com.apple.QuickTimeComponents.component 7.0.2 /System/Library/QuickTime/QuickTimeComponents.component/Contents/MacOS/ QuickTimeComponents 0x9a03f000 - 0x9a042fff com.apple.QuickTimeH264.component 7.0.2 /System/Library/QuickTime/QuickTimeH264.component/Contents/MacOS/QuickTimeH264 0x9a231000 - 0x9a2d4fff com.apple.QuickTimeMPEG4.component 7.0.2 /System/Library/QuickTime/QuickTimeMPEG4.component/Contents/MacOS/QuickTimeMPEG4 0x9a2f3000 - 0x9a440fff com.apple.QuickTimeStreaming.component 7.0.2 /System/Library/QuickTime/QuickTimeStreaming.component/Contents/MacOS/ QuickTimeStreaming 0x9acae000 - 0x9acccfff com.apple.OpenTransport 2.0 /System/Library/PrivateFrameworks/ OpenTransport.framework/OpenTransport 0x9aead000 - 0x9aee0fff com.apple.Syndication 1.0.1 (38) /System/Library/PrivateFrameworks/ Syndication.framework/Versions/A/Syndication 0x9aefb000 - 0x9af0bfff com.apple.SyndicationUI 1.0.1 (38) /System/Library/PrivateFrameworks/ SyndicationUI.framework/Versions/A/SyndicationUI
Attachments
testcase that causes the crash (394 bytes, text/html)
2005-09-29 15:30 PDT, mathias meyer
no flags
proposed fix (988 bytes, patch)
2006-01-27 16:06 PST, Alexey Proskuryakov
no flags
use ISO Latin1 (1.11 KB, patch)
2006-02-09 21:44 PST, Alexey Proskuryakov
darin: review+
mathias meyer
Comment 1 2005-09-29 15:30:56 PDT
Created attachment 4098 [details] testcase that causes the crash attached a little test that causes the crash. note that this works for any property that is not set. in this rm stream you might call GetAuthor (as it returns a string) but not GetTitle. If author is not defined this will crash Safari as well... analog crash today with quicktime...
mathias meyer
Comment 2 2005-09-29 15:42:10 PDT
this might not belong here but anyway: replace the 'GetTitle' function above with the QT equivalent 'GetTrackName', adjust type of embedded stream and point to a quicktime stream. Using the 'GetTrackName' function without the required index, ie GetTrackName() instead of GetTrackName(int index) will crash safari...
Alexey Proskuryakov
Comment 3 2006-01-27 15:40:10 PST
The problem here is that the plugin returns an incorrectly encoded string - NPString should be UTF-8, but RealPlayer uses some other encoding. I have a partial workaround that stops crashes, but doesn't always decode the returned strings correctly. Please report this issue to Real, as well. The other issues mentioned here sound like separate ones.
Alexey Proskuryakov
Comment 4 2006-01-27 16:06:20 PST
Created attachment 6029 [details] proposed fix I have thought about a correct encoding to be used as a fallback a lot, but still have big reservations about it... I chose kCFStringEncodingWindowsLatin1 (AKA windows-1252), because: 1) I'm running a system with primary Russian, and "LATIN SMALL LETTER A WITH RING ABOVE" was still encoded as 0xE5, and not turned into a question mark or something. So. RealPlayer either treats its strings as dumb 8-bit buffers, or applies a Roman-only Mac<->Windows conversion. It's impossible to decide from this test case, because 0xe5 has the same meaning in both encodings. 2) CFStringGetSystemEncoding() is inappropriate - if we were to depend on the system primary language, we'd need the closest Windows encoding, not a Mac one. Firefox simply stops decoding the string when it sees an invalid byte (so, the name is displayed as "P1 - Fr" in the test case). Thoughts?
Darin Adler
Comment 5 2006-01-27 17:23:53 PST
Comment on attachment 6029 [details] proposed fix Looks good to me. r=me
Alexey Proskuryakov
Comment 6 2006-01-28 00:59:10 PST
I have found a few more RealAudio files to test - apparently, the plugin indeed passes Windows-encoded strings without any modification; and the standalone player uses the system (or maybe application) encoding, which also results in broken display. Anyway, the real fix should be in the plugin itself. Landed the patch.
Alexey Proskuryakov
Comment 7 2006-02-09 21:25:40 PST
I was wrong thinking that kCFStringEncodingWindowsLatin1 has no "holes". Will have to switch to kCFStringEncodingISOLatin1, although it's most certainly not the exact encoding of the strings coming from Flash.
Alexey Proskuryakov
Comment 8 2006-02-09 21:43:16 PST
Comment on attachment 6029 [details] proposed fix Clearing the review flag from an already landed patch, so that it doesn't appear in the "patches waiting to be landed" queue.
Alexey Proskuryakov
Comment 9 2006-02-09 21:44:03 PST
Created attachment 6379 [details] use ISO Latin1
Darin Adler
Comment 10 2006-02-10 08:43:54 PST
Comment on attachment 6379 [details] use ISO Latin1 r=me
Note You need to log in before you can comment on or make changes to this bug.