Bug 11859
Summary: | REGRESSION: Gmail>Compose with signature: reproducible crash with right click | ||
---|---|---|---|
Product: | WebKit | Reporter: | Stephen Harbage <s_harbage> |
Component: | Forms | Assignee: | Nobody <webkit-unassigned> |
Status: | RESOLVED FIXED | ||
Severity: | Critical | CC: | ddkilzer, harrison |
Priority: | P1 | Keywords: | GoogleBug, InRadar, Regression |
Version: | 420+ | ||
Hardware: | Mac | ||
OS: | OS X 10.4 | ||
URL: | http://mail.google.com/mail/ |
Stephen Harbage
Go to www.gmail.com > settings, add a signature
Go to compose and right click/ctrl click above the signature, Safari crashes
Crash log:
**********
Host Name: Stephen-Harbages-Computer
Date/Time: 2006-12-17 17:39:29.835 +0000
OS Version: 10.4.8 (Build 8L127)
Report Version: 4
Command: Safari
Path: /Applications/Safari.app/Contents/MacOS/Safari
Parent: WindowServer [219]
Version: ??? (18260)
PID: 2316
Thread: 0
Exception: EXC_BAD_ACCESS (0x0001)
Codes: KERN_PROTECTION_FAILURE (0x0002) at 0x00000014
Thread 0 Crashed:
0 com.apple.WebCore 0x011062b8 -[WebCoreFrameBridge fontForSelection:] + 56
1 com.apple.WebKit 0x003382cc -[WebHTMLView(WebInternal) _updateFontPanel] + 156
2 com.apple.WebKit 0x00333820 -[WebHTMLView becomeFirstResponder] + 304
3 com.apple.AppKit 0x937b5e48 -[NSWindow makeFirstResponder:] + 200
4 com.apple.Safari 0x000128e8 0x1000 + 71912
5 libobjc.A.dylib 0x90a441f4 objc_msgSendv + 180
6 com.apple.Foundation 0x9295cc88 -[NSInvocation invoke] + 944
7 com.apple.Foundation 0x9295d238 -[NSInvocation invokeWithTarget:] + 64
8 com.apple.Foundation 0x92955034 -[NSObject(NSForwardInvocation) forward::] + 408
9 libobjc.A.dylib 0x90a440b0 _objc_msgForward + 176
10 com.apple.WebKit 0x0031e6c8 -[WebFrameBridge makeFirstResponder:] + 88
11 com.apple.WebCore 0x01224674 WebCore::Widget::setFocus() + 372
12 com.apple.WebCore 0x010f96cc WebCore::Document::setFocusedNode(WTF::PassRefPtr<WebCore::Node>) + 1756
13 com.apple.WebCore 0x0140b610 WebCore::EventHandler::dispatchMouseEvent(WebCore::AtomicString const&, WebCore::Node*, bool, int, WebCore::PlatformMouseEvent const&, bool) + 880
14 com.apple.WebCore 0x0140e040 WebCore::EventHandler::handleMousePressEvent(WebCore::PlatformMouseEvent const&) + 640
15 com.apple.WebCore 0x01408d6c WebCore::EventHandler::mouseDown(NSEvent*) + 620
16 com.apple.WebKit 0x00332e78 -[WebHTMLView mouseDown:] + 280
17 com.apple.WebCore 0x01406f48 WebCore::EventHandler::passMouseDownEventToWidget(WebCore::Widget*) + 856
18 com.apple.WebCore 0x01407364 WebCore::EventHandler::passSubframeEventToSubframe(WebCore::MouseEventWithHitTestResults&, WebCore::Frame*) + 452
19 com.apple.WebCore 0x0140df14 WebCore::EventHandler::handleMousePressEvent(WebCore::PlatformMouseEvent const&) + 340
20 com.apple.WebCore 0x01408d6c WebCore::EventHandler::mouseDown(NSEvent*) + 620
21 com.apple.WebKit 0x00332e78 -[WebHTMLView mouseDown:] + 280
22 com.apple.WebCore 0x01406f48 WebCore::EventHandler::passMouseDownEventToWidget(WebCore::Widget*) + 856
23 com.apple.WebCore 0x01407364 WebCore::EventHandler::passSubframeEventToSubframe(WebCore::MouseEventWithHitTestResults&, WebCore::Frame*) + 452
24 com.apple.WebCore 0x0140df14 WebCore::EventHandler::handleMousePressEvent(WebCore::PlatformMouseEvent const&) + 340
25 com.apple.WebCore 0x01408d6c WebCore::EventHandler::mouseDown(NSEvent*) + 620
26 com.apple.WebKit 0x00332e78 -[WebHTMLView mouseDown:] + 280
27 com.apple.WebCore 0x01406f48 WebCore::EventHandler::passMouseDownEventToWidget(WebCore::Widget*) + 856
28 com.apple.WebCore 0x01407364 WebCore::EventHandler::passSubframeEventToSubframe(WebCore::MouseEventWithHitTestResults&, WebCore::Frame*) + 452
29 com.apple.WebCore 0x0140df14 WebCore::EventHandler::handleMousePressEvent(WebCore::PlatformMouseEvent const&) + 340
30 com.apple.WebCore 0x01408d6c WebCore::EventHandler::mouseDown(NSEvent*) + 620
31 com.apple.WebKit 0x00332e78 -[WebHTMLView mouseDown:] + 280
32 com.apple.AppKit 0x93767890 -[NSWindow sendEvent:] + 4616
33 com.apple.Safari 0x00021734 0x1000 + 132916
34 com.apple.AppKit 0x937108d4 -[NSApplication sendEvent:] + 4172
35 com.apple.Safari 0x00021238 0x1000 + 131640
36 com.apple.AppKit 0x93707d10 -[NSApplication run] + 508
37 com.apple.AppKit 0x937f887c NSApplicationMain + 452
38 com.apple.Safari 0x0005c77c 0x1000 + 374652
39 com.apple.Safari 0x0005c624 0x1000 + 374308
Thread 1:
0 libSystem.B.dylib 0x9002bbc8 semaphore_wait_signal_trap + 8
1 libSystem.B.dylib 0x900306ac pthread_cond_wait + 480
2 com.apple.Foundation 0x92968300 -[NSConditionLock lockWhenCondition:] + 68
3 com.apple.AppKit 0x937a8708 -[NSUIHeartBeat _heartBeatThread:] + 324
4 com.apple.Foundation 0x92961194 forkThreadForFunction + 108
5 libSystem.B.dylib 0x9002b508 _pthread_body + 96
Thread 2:
0 libSystem.B.dylib 0x9000ab48 mach_msg_trap + 8
1 libSystem.B.dylib 0x9000aa9c mach_msg + 60
2 com.apple.CoreFoundation 0x907dcb78 __CFRunLoopRun + 832
3 com.apple.CoreFoundation 0x907dc47c CFRunLoopRunSpecific + 268
4 com.apple.Foundation 0x9298869c +[NSURLConnection(NSURLConnectionInternal) _resourceLoadLoop:] + 264
5 com.apple.Foundation 0x92961194 forkThreadForFunction + 108
6 libSystem.B.dylib 0x9002b508 _pthread_body + 96
Thread 3:
0 libSystem.B.dylib 0x9000ab48 mach_msg_trap + 8
1 libSystem.B.dylib 0x9000aa9c mach_msg + 60
2 com.apple.CoreFoundation 0x907dcb78 __CFRunLoopRun + 832
3 com.apple.CoreFoundation 0x907dc47c CFRunLoopRunSpecific + 268
4 com.apple.Foundation 0x929897dc +[NSURLCache _diskCacheSyncLoop:] + 152
5 com.apple.Foundation 0x92961194 forkThreadForFunction + 108
6 libSystem.B.dylib 0x9002b508 _pthread_body + 96
Thread 4:
0 libSystem.B.dylib 0x9002bbc8 semaphore_wait_signal_trap + 8
1 libSystem.B.dylib 0x900306ac pthread_cond_wait + 480
2 com.apple.Foundation 0x92968300 -[NSConditionLock lockWhenCondition:] + 68
3 com.apple.Syndication 0x9b23642c -[AsyncDB _run:] + 192
4 com.apple.Foundation 0x92961194 forkThreadForFunction + 108
5 libSystem.B.dylib 0x9002b508 _pthread_body + 96
Thread 5:
0 libSystem.B.dylib 0x9001f08c select + 12
1 com.apple.CoreFoundation 0x907ef40c __CFSocketManager + 472
2 libSystem.B.dylib 0x9002b508 _pthread_body + 96
Thread 0 crashed with PPC Thread State 64:
srr0: 0x00000000011062b8 srr1: 0x000000000200f030 vrsave: 0x0000000000000000
cr: 0x44002248 xer: 0x0000000000000004 lr: 0x00000000011062b8 ctr: 0x0000000000174ee0
r0: 0x00000000011062b8 r1: 0x00000000bfffb710 r2: 0x0000000000200000 r3: 0x0000000000000000
r4: 0x0000000006b51960 r5: 0x0000000000000004 r6: 0x0000000000000000 r7: 0x0000000000000001
r8: 0x0000000006098a48 r9: 0x0000000000444020 r10: 0x0000000000173a5c r11: 0x000000000044402c
r12: 0x0000000000174ee0 r13: 0x00000000a3736688 r14: 0x0000000000000100 r15: 0x0000000000000000
r16: 0x00000000a3736688 r17: 0x00000000a3746688 r18: 0x00000000a3736688 r19: 0x00000000a3736688
r20: 0x0000000000000000 r21: 0x00000000a3706688 r22: 0x00000000a373ea0c r23: 0x00000000a3706688
r24: 0x00000000059c0100 r25: 0x00000000bfffbeb8 r26: 0x00000000059c0100 r27: 0x0000000000000000
r28: 0x00000000a3745d80 r29: 0x00000000097fa6f0 r30: 0x00000000bfffb7a8 r31: 0x0000000000338230
Binary Images Description:
0x1000 - 0xdcfff com.apple.Safari 2.0.4 (419.3) /Applications/Safari.app/Contents/MacOS/Safari
0x109000 - 0x10afff WebKitNightlyEnabler.dylib /Applications/WebKit.app/Contents/Resources/WebKitNightlyEnabler.dylib
0x10e000 - 0x19cfff com.apple.JavaScriptCore 420+ /Applications/WebKit.app/Contents/Resources/JavaScriptCore.framework/Versions/A/JavaScriptCore
0x305000 - 0x3aefff com.apple.WebKit 420+ /Applications/WebKit.app/Contents/Resources/WebKit.framework/Versions/A/WebKit
0x7fb000 - 0x7fbfff com.aladdinsys.mmenabler 7.1.0 (129) /Library/InputManagers/MagicMenuEnabler/MagicMenuEnabler.bundle/Contents/MacOS/MagicMenuEnabler
0x1008000 - 0x1533fff com.apple.WebCore 420+ /Applications/WebKit.app/Contents/Resources/WebCore.framework/Versions/A/WebCore
0x520d000 - 0x520dfff com.apple.SpotLightCM 1.0 (121.20.2) /System/Library/Contextual Menu Items/SpotlightCM.plugin/Contents/MacOS/SpotlightCM
0x52ca000 - 0x52ccfff com.apple.AutomatorCMM 1.0 (48) /System/Library/Contextual Menu Items/AutomatorCMM.plugin/Contents/MacOS/AutomatorCMM
0x52e6000 - 0x52eafff com.apple.FolderActionsMenu 1.3 /System/Library/Contextual Menu Items/FolderActionsMenu.plugin/Contents/MacOS/FolderActionsMenu
0x8fe00000 - 0x8fe51fff dyld 45.3 /usr/lib/dyld
0x90000000 - 0x901bcfff libSystem.B.dylib /usr/lib/libSystem.B.dylib
0x90214000 - 0x90219fff libmathCommon.A.dylib /usr/lib/system/libmathCommon.A.dylib
0x9021b000 - 0x90268fff com.apple.CoreText 1.0.2 (???) /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/CoreText.framework/Versions/A/CoreText
0x90293000 - 0x90344fff ATS /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ATS.framework/Versions/A/ATS
0x90373000 - 0x9072dfff com.apple.CoreGraphics 1.258.38 (???) /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/CoreGraphics.framework/Versions/A/CoreGraphics
0x907ba000 - 0x90893fff com.apple.CoreFoundation 6.4.6 (368.27) /System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation
0x908dc000 - 0x908dcfff com.apple.CoreServices 10.4 (???) /System/Library/Frameworks/CoreServices.framework/Versions/A/CoreServices
0x908de000 - 0x909e0fff libicucore.A.dylib /usr/lib/libicucore.A.dylib
0x90a3a000 - 0x90abefff libobjc.A.dylib /usr/lib/libobjc.A.dylib
0x90ae8000 - 0x90b58fff com.apple.framework.IOKit 1.4 (???) /System/Library/Frameworks/IOKit.framework/Versions/A/IOKit
0x90b6e000 - 0x90b80fff libauto.dylib /usr/lib/libauto.dylib
0x90b87000 - 0x90e5efff com.apple.CoreServices.CarbonCore 681.7 /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/CarbonCore.framework/Versions/A/CarbonCore
0x90ec4000 - 0x90f44fff com.apple.CoreServices.OSServices 4.1 /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/OSServices.framework/Versions/A/OSServices
0x90f8e000 - 0x90fcffff com.apple.CFNetwork 129.19 /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/CFNetwork.framework/Versions/A/CFNetwork
0x90fe4000 - 0x90ffcfff com.apple.WebServices 1.1.2 (1.1.0) /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/WebServicesCore.framework/Versions/A/WebServicesCore
0x9100c000 - 0x9108dfff com.apple.SearchKit 1.0.5 /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/SearchKit.framework/Versions/A/SearchKit
0x910d3000 - 0x910fdfff com.apple.Metadata 10.4.4 (121.36) /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/Metadata.framework/Versions/A/Metadata
0x9110e000 - 0x9111cfff libz.1.dylib /usr/lib/libz.1.dylib
0x9111f000 - 0x912dafff com.apple.security 4.6 (29770) /System/Library/Frameworks/Security.framework/Versions/A/Security
0x913d9000 - 0x913e2fff com.apple.DiskArbitration 2.1 /System/Library/Frameworks/DiskArbitration.framework/Versions/A/DiskArbitration
0x913e9000 - 0x91411fff com.apple.SystemConfiguration 1.8.3 /System/Library/Frameworks/SystemConfiguration.framework/Versions/A/SystemConfiguration
0x91424000 - 0x9142ffff libgcc_s.1.dylib /usr/lib/libgcc_s.1.dylib
0x91434000 - 0x9143cfff libbsm.dylib /usr/lib/libbsm.dylib
0x91440000 - 0x914bbfff com.apple.audio.CoreAudio 3.0.4 /System/Library/Frameworks/CoreAudio.framework/Versions/A/CoreAudio
0x914f8000 - 0x914f8fff com.apple.ApplicationServices 10.4 (???) /System/Library/Frameworks/ApplicationServices.framework/Versions/A/ApplicationServices
0x914fa000 - 0x91532fff com.apple.AE 1.5 (297) /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/AE.framework/Versions/A/AE
0x9154d000 - 0x9161afff com.apple.ColorSync 4.4.4 /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ColorSync.framework/Versions/A/ColorSync
0x9166f000 - 0x91700fff com.apple.print.framework.PrintCore 4.6 (177.13) /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/PrintCore.framework/Versions/A/PrintCore
0x91747000 - 0x917fefff com.apple.QD 3.10.21 (???) /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/QD.framework/Versions/A/QD
0x9183b000 - 0x91899fff com.apple.HIServices 1.5.3 (???) /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/HIServices.framework/Versions/A/HIServices
0x918c8000 - 0x918ecfff com.apple.LangAnalysis 1.6.1 /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/LangAnalysis.framework/Versions/A/LangAnalysis
0x91900000 - 0x91925fff com.apple.FindByContent 1.5 /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/FindByContent.framework/Versions/A/FindByContent
0x91938000 - 0x9197afff com.apple.LaunchServices 181 /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/LaunchServices.framework/Versions/A/LaunchServices
0x91996000 - 0x919aafff com.apple.speech.synthesis.framework 3.3 /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/SpeechSynthesis.framework/Versions/A/SpeechSynthesis
0x919b8000 - 0x919fafff com.apple.ImageIO.framework 1.5.0 /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ImageIO.framework/Versions/A/ImageIO
0x91a10000 - 0x91ad7fff libcrypto.0.9.7.dylib /usr/lib/libcrypto.0.9.7.dylib
0x91b25000 - 0x91b3afff libcups.2.dylib /usr/lib/libcups.2.dylib
0x91b3f000 - 0x91b5dfff libJPEG.dylib /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ImageIO.framework/Versions/A/Resources/libJPEG.dylib
0x91b63000 - 0x91bd2fff libJP2.dylib /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ImageIO.framework/Versions/A/Resources/libJP2.dylib
0x91be9000 - 0x91bedfff libGIF.dylib /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ImageIO.framework/Versions/A/Resources/libGIF.dylib
0x91bef000 - 0x91c4efff libRaw.dylib /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ImageIO.framework/Versions/A/Resources/libRaw.dylib
0x91c53000 - 0x91c90fff libTIFF.dylib /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ImageIO.framework/Versions/A/Resources/libTIFF.dylib
0x91c97000 - 0x91cb0fff libPng.dylib /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ImageIO.framework/Versions/A/Resources/libPng.dylib
0x91cb5000 - 0x91cb8fff libRadiance.dylib /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ImageIO.framework/Versions/A/Resources/libRadiance.dylib
0x91cba000 - 0x91cbafff com.apple.Accelerate 1.2.2 (Accelerate 1.2.2) /System/Library/Frameworks/Accelerate.framework/Versions/A/Accelerate
0x91cbc000 - 0x91da1fff com.apple.vImage 2.4 /System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vImage.framework/Versions/A/vImage
0x91da9000 - 0x91dc8fff com.apple.Accelerate.vecLib 3.2.2 (vecLib 3.2.2) /System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vecLib.framework/Versions/A/vecLib
0x91e34000 - 0x91ea2fff libvMisc.dylib /System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vecLib.framework/Versions/A/libvMisc.dylib
0x91ead000 - 0x91f42fff libvDSP.dylib /System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vecLib.framework/Versions/A/libvDSP.dylib
0x91f5c000 - 0x924e4fff libBLAS.dylib /System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vecLib.framework/Versions/A/libBLAS.dylib
0x92517000 - 0x92842fff libLAPACK.dylib /System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vecLib.framework/Versions/A/libLAPACK.dylib
0x92872000 - 0x928fafff com.apple.DesktopServices 1.3.5 /System/Library/PrivateFrameworks/DesktopServicesPriv.framework/Versions/A/DesktopServicesPriv
0x9293b000 - 0x92b66fff com.apple.Foundation 6.4.6 (567.27) /System/Library/Frameworks/Foundation.framework/Versions/C/Foundation
0x92c84000 - 0x92d62fff libxml2.2.dylib /usr/lib/libxml2.2.dylib
0x92d82000 - 0x92e70fff libiconv.2.dylib /usr/lib/libiconv.2.dylib
0x92e82000 - 0x92ea0fff libGL.dylib /System/Library/Frameworks/OpenGL.framework/Versions/A/Libraries/libGL.dylib
0x92eab000 - 0x92f05fff libGLU.dylib /System/Library/Frameworks/OpenGL.framework/Versions/A/Libraries/libGLU.dylib
0x92f23000 - 0x92f23fff com.apple.Carbon 10.4 (???) /System/Library/Frameworks/Carbon.framework/Versions/A/Carbon
0x92f25000 - 0x92f39fff com.apple.ImageCapture 3.0 /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/ImageCapture.framework/Versions/A/ImageCapture
0x92f51000 - 0x92f61fff com.apple.speech.recognition.framework 3.4 /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/SpeechRecognition.framework/Versions/A/SpeechRecognition
0x92f6d000 - 0x92f82fff com.apple.securityhi 2.0 (203) /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/SecurityHI.framework/Versions/A/SecurityHI
0x92f94000 - 0x9301bfff com.apple.ink.framework 101.2 (69) /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/Ink.framework/Versions/A/Ink
0x9302f000 - 0x9303afff com.apple.help 1.0.3 (32) /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/Help.framework/Versions/A/Help
0x93044000 - 0x93071fff com.apple.openscripting 1.2.5 (???) /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/OpenScripting.framework/Versions/A/OpenScripting
0x9308b000 - 0x9309bfff com.apple.print.framework.Print 5.0 (190.1) /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/Print.framework/Versions/A/Print
0x930a7000 - 0x9310dfff com.apple.htmlrendering 1.1.2 /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/HTMLRendering.framework/Versions/A/HTMLRendering
0x9313e000 - 0x9318dfff com.apple.NavigationServices 3.4.4 (3.4.3) /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/NavigationServices.framework/Versions/A/NavigationServices
0x931bb000 - 0x931d8fff com.apple.audio.SoundManager 3.9 /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/CarbonSound.framework/Versions/A/CarbonSound
0x931ea000 - 0x931f7fff com.apple.CommonPanels 1.2.2 (73) /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/CommonPanels.framework/Versions/A/CommonPanels
0x93200000 - 0x9350dfff com.apple.HIToolbox 1.4.8 (???) /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/HIToolbox.framework/Versions/A/HIToolbox
0x9365c000 - 0x93668fff com.apple.opengl 1.4.7 /System/Library/Frameworks/OpenGL.framework/Versions/A/OpenGL
0x9366d000 - 0x9368dfff com.apple.DirectoryService.Framework 3.1 /System/Library/Frameworks/DirectoryService.framework/Versions/A/DirectoryService
0x93701000 - 0x93701fff com.apple.Cocoa 6.4 (???) /System/Library/Frameworks/Cocoa.framework/Versions/A/Cocoa
0x93703000 - 0x93d36fff com.apple.AppKit 6.4.7 (824.41) /System/Library/Frameworks/AppKit.framework/Versions/C/AppKit
0x940c3000 - 0x94133fff com.apple.CoreData 80 /System/Library/Frameworks/CoreData.framework/Versions/A/CoreData
0x9416c000 - 0x9422ffff com.apple.audio.toolbox.AudioToolbox 1.4.3 /System/Library/Frameworks/AudioToolbox.framework/Versions/A/AudioToolbox
0x94281000 - 0x94281fff com.apple.audio.units.AudioUnit 1.4 /System/Library/Frameworks/AudioUnit.framework/Versions/A/AudioUnit
0x94283000 - 0x94456fff com.apple.QuartzCore 1.4.9 /System/Library/Frameworks/QuartzCore.framework/Versions/A/QuartzCore
0x944ac000 - 0x944e9fff libsqlite3.0.dylib /usr/lib/libsqlite3.0.dylib
0x944f1000 - 0x94541fff libGLImage.dylib /System/Library/Frameworks/OpenGL.framework/Versions/A/Libraries/libGLImage.dylib
0x945d2000 - 0x94614fff com.apple.vmutils 4.0.2 (93.1) /System/Library/PrivateFrameworks/vmutils.framework/Versions/A/vmutils
0x94658000 - 0x94674fff com.apple.securityfoundation 2.2 (27710) /System/Library/Frameworks/SecurityFoundation.framework/Versions/A/SecurityFoundation
0x94688000 - 0x946ccfff com.apple.securityinterface 2.2 (27692) /System/Library/Frameworks/SecurityInterface.framework/Versions/A/SecurityInterface
0x946f0000 - 0x946fffff libCGATS.A.dylib /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/CoreGraphics.framework/Versions/A/Resources/libCGATS.A.dylib
0x94707000 - 0x94713fff libCSync.A.dylib /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/CoreGraphics.framework/Versions/A/Resources/libCSync.A.dylib
0x94759000 - 0x94771fff libRIP.A.dylib /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/CoreGraphics.framework/Versions/A/Resources/libRIP.A.dylib
0x94b0a000 - 0x94b7bfff libstdc++.6.dylib /usr/lib/libstdc++.6.dylib
0x94d16000 - 0x94e46fff com.apple.AddressBook.framework 4.0.4 (485.1) /System/Library/Frameworks/AddressBook.framework/Versions/A/AddressBook
0x94ed8000 - 0x94ee7fff com.apple.DSObjCWrappers.Framework 1.1 /System/Library/PrivateFrameworks/DSObjCWrappers.framework/Versions/A/DSObjCWrappers
0x94eef000 - 0x94f1cfff com.apple.LDAPFramework 1.4.1 (69.0.1) /System/Library/Frameworks/LDAP.framework/Versions/A/LDAP
0x94f23000 - 0x94f33fff libsasl2.2.dylib /usr/lib/libsasl2.2.dylib
0x94f37000 - 0x94f66fff libssl.0.9.7.dylib /usr/lib/libssl.0.9.7.dylib
0x94f76000 - 0x94f93fff libresolv.9.dylib /usr/lib/libresolv.9.dylib
0x9616c000 - 0x96195fff libxslt.1.dylib /usr/lib/libxslt.1.dylib
0x97ce1000 - 0x97ceefff com.apple.agl 2.5.6 (AGL-2.5.6) /System/Library/Frameworks/AGL.framework/Versions/A/AGL
0x9b233000 - 0x9b269fff com.apple.Syndication 1.0.6 (54) /System/Library/PrivateFrameworks/Syndication.framework/Versions/A/Syndication
0x9b286000 - 0x9b298fff com.apple.SyndicationUI 1.0.6 (54) /System/Library/PrivateFrameworks/SyndicationUI.framework/Versions/A/SyndicationUI
Attachments | ||
---|---|---|
Add attachment proposed patch, testcase, etc. |
David Kilzer (:ddkilzer)
Confirmed with WebKit nightly r18260. Will post a debug stack trace when my r18269 debug build finishes. Note that I had to follow these steps to reproduce:
1. Log into GMail.
2. Create signature text.
3. Compose new message.
4. Left-click on top line (blank) of message body.
5. Right-click (or control-click) in the same place.
I was also able to reverse Steps 4 and 5 to reproduce the error. Note that only right-clicking or control-clicking doesn't cause a crash.
David Kilzer (:ddkilzer)
The steps in Comment #1 do NOT work for WebKit nightly r18244, but the following still causes a crash (in both WebKit nightlies r18244 and r18260). Note that this may be a separate bug.
1. Start WebKit nightly r18244 or r18260.
2. Log into GMail.
3. Click "Compose Mail" link.
4. Click once in the message body textarea.
5. Close the window.
6. Wait about 5 seconds.
7. WebKit crashes.
David Kilzer (:ddkilzer)
Stack trace resulting from following steps in Comment #1 on a locally-built debug build of WebKit r18269 with Safari 2.0.4 (419.3) on Mac OS X 10.4.8 (8L127):
Date/Time: 2006-12-17 16:12:37.349 -0600
OS Version: 10.4.8 (Build 8L127)
Report Version: 4
Command: Safari
Path: /Applications/Safari.app/Contents/MacOS/Safari
Parent: bash [16966]
Version: 2.0.4 (419.3)
Build Version: 1
Project Name: WebBrowser
Source Version: 4190300
PID: 26878
Thread: 0
Exception: EXC_BAD_ACCESS (0x0001)
Codes: KERN_PROTECTION_FAILURE (0x0002) at 0x00000014
Thread 0 Crashed:
0 com.apple.WebCore 0x015d3eac WebCore::FontData::getNSFont() const + 20 (FontData.h:74)
1 com.apple.WebCore 0x011533cc -[WebCoreFrameBridge fontForSelection:] + 112 (WebCoreFrameBridge.mm:1428)
2 com.apple.WebKit 0x003630c4 -[WebHTMLView(WebInternal) _updateFontPanel] + 324 (WebHTMLView.m:5075)
3 com.apple.WebKit 0x00362e38 -[WebHTMLView(WebInternal) _selectionChanged] + 88 (WebHTMLView.m:5038)
4 com.apple.WebKit 0x0033896c -[WebFrameBridge respondToChangedSelection] + 236 (WebFrameBridge.mm:1001)
5 com.apple.WebCore 0x0112e478 WebCore::FrameMac::respondToChangedSelection(WebCore::Selection const&, bool) + 1040 (FrameMac.mm:868)
6 com.apple.WebCore 0x01296aac WebCore::SelectionController::setSelection(WebCore::Selection const&, bool, bool, bool) + 1612 (SelectionController.cpp:139)
7 com.apple.WebCore 0x014e4218 WebCore::EventHandler::selectClosestWordFromMouseEvent(WebCore::PlatformMouseEvent const&, WebCore::Node*) + 504 (EventHandler.cpp:147)
8 com.apple.WebCore 0x014e7c18 WebCore::EventHandler::sendContextMenuEvent(WebCore::PlatformMouseEvent) + 624 (EventHandler.cpp:1155)
9 com.apple.WebKit 0x00357fc4 -[WebHTMLView menuForEvent:] + 256 (WebHTMLView.m:2663)
10 com.apple.AppKit 0x93b51c5c -[NSView rightMouseDown:] + 68
11 com.apple.AppKit 0x93a23404 -[NSControl _rightMouseUpOrDown:] + 440
12 com.apple.AppKit 0x93767fa0 -[NSWindow sendEvent:] + 6424
13 com.apple.Safari 0x00021734 0x1000 + 132916
14 com.apple.AppKit 0x937108d4 -[NSApplication sendEvent:] + 4172
15 com.apple.Safari 0x00021238 0x1000 + 131640
16 com.apple.AppKit 0x93707d10 -[NSApplication run] + 508
17 com.apple.AppKit 0x937f887c NSApplicationMain + 452
18 com.apple.Safari 0x0005c77c 0x1000 + 374652
19 com.apple.Safari 0x0005c624 0x1000 + 374308
David Kilzer (:ddkilzer)
(In reply to comment #2)
> The steps in Comment #1 do NOT work for WebKit nightly r18244, but the
> following still causes a crash (in both WebKit nightlies r18244 and r18260).
> Note that this may be a separate bug.
>
> 1. Start WebKit nightly r18244 or r18260.
> 2. Log into GMail.
> 3. Click "Compose Mail" link.
> 4. Click once in the message body textarea.
> 5. Close the window.
> 6. Wait about 5 seconds.
> 7. WebKit crashes.
Filed Bug 11863 for this issue.
David Kilzer (:ddkilzer)
This may have been fixed in r18369:
http://trac.webkit.org/projects/webkit/changeset/18369
David Kilzer (:ddkilzer)
(In reply to comment #5)
> This may have been fixed in r18369:
> http://trac.webkit.org/projects/webkit/changeset/18369
Not so much, but the error stack is different now in a locally-built debug build of WebKit r18370 with Safari 2.0.4 (419.3) on Mac OS X 10.4.8 (8L127). Here's the error printed to the console:
[23734] http://mail.google.com/mail/ line 9: TypeError: Null value
(timer):Value undefined (result of expression GC) is not object.
Segmentation fault
And the stack trace:
Date/Time: 2006-12-20 21:49:30.945 -0600
OS Version: 10.4.8 (Build 8L127)
Report Version: 4
Command: Safari
Path: /Applications/Safari.app/Contents/MacOS/Safari
Parent: bash [412]
Version: 2.0.4 (419.3)
Build Version: 1
Project Name: WebBrowser
Source Version: 4190300
PID: 23734
Thread: 0
Exception: EXC_BAD_ACCESS (0x0001)
Codes: KERN_INVALID_ADDRESS (0x0001) at 0x742f8000
Thread 0 Crashed:
0 <<00000000>> 0x742f8000 0 + 1949270016
1 com.apple.WebCore 0x0132aca0 KJS::ScheduledAction::execute(KJS::Window*) + 892 (kjs_window.cpp:1845)
2 com.apple.WebCore 0x0132d700 KJS::Window::timerFired(KJS::DOMWindowTimer*) + 468 (kjs_window.cpp:1970)
3 com.apple.WebCore 0x0132d784 KJS::DOMWindowTimer::fired() + 72 (kjs_window.cpp:2528)
4 com.apple.WebCore 0x012ac894 WebCore::TimerBase::fireTimers(double, WTF::Vector<WebCore::TimerBase*, (unsigned long)0> const&) + 236 (Timer.cpp:322)
5 com.apple.WebCore 0x012ac960 WebCore::TimerBase::sharedTimerFired() + 132 (Timer.cpp:355)
6 com.apple.WebCore 0x012abd0c WebCore::timerFired(__CFRunLoopTimer*, void*) + 60 (SharedTimerMac.cpp:47)
7 com.apple.CoreFoundation 0x907f0550 __CFRunLoopDoTimer + 184
8 com.apple.CoreFoundation 0x907dcec8 __CFRunLoopRun + 1680
9 com.apple.CoreFoundation 0x907dc47c CFRunLoopRunSpecific + 268
10 com.apple.HIToolbox 0x93208740 RunCurrentEventLoopInMode + 264
11 com.apple.HIToolbox 0x93207d4c ReceiveNextEventCommon + 244
12 com.apple.HIToolbox 0x93207c40 BlockUntilNextEventMatchingListInMode + 96
13 com.apple.AppKit 0x9370bae4 _DPSNextEvent + 384
14 com.apple.AppKit 0x9370b7a8 -[NSApplication nextEventMatchingMask:untilDate:inMode:dequeue:] + 116
15 com.apple.Safari 0x00006740 0x1000 + 22336
16 com.apple.AppKit 0x93707cec -[NSApplication run] + 472
17 com.apple.AppKit 0x937f887c NSApplicationMain + 452
18 com.apple.Safari 0x0005c77c 0x1000 + 374652
19 com.apple.Safari 0x0005c624 0x1000 + 374308
David Kilzer (:ddkilzer)
(In reply to comment #6)
> (In reply to comment #5)
> > This may have been fixed in r18369:
> > http://trac.webkit.org/projects/webkit/changeset/18369
>
> Not so much, but the error stack is different now in a locally-built debug
> build of WebKit r18370 with Safari 2.0.4 (419.3) on Mac OS X 10.4.8 (8L127).
> Here's the error printed to the console:
Sorry, I followed the steps in Comment #4 instead of Comment #2. This issue has been fixed, and it was most likely r18369 that fixed it:
<rdar://problem/4893376> REGRESSION: Crash occurs at WebCoreFrameBridge fontForSelection: when drag selecting from a line break