Bug 12670

2006-12-06 13:00:21 CrashTracer System: PLEASE NOTE: This crash was automatically generated based on user crash reports. Go here to learn how to deal with it: http://howto.apple.com/db.cgi?CrashTracer * APPLICATION: Safari * CRASH: com.apple.WebCore: WebCore::DocumentLoader::frameLoader const + 6 * MORE INFORMATION: http://crashtracer.apple.com/detail.php?crash_id=5906767&app=Safari&build=9A300 (may not immediately have data) This crash was escalated to Radar by the CrashTracer System because an internal user (mweiher@apple.com) explicitly requested it. The user provided the following comments: Browsing new.bbc.co.uk, closing a tab while other background tabs were loading Possible third-party binary images occurring in over 75% in processes that crashed here: 100.00% (2 of 2) com.yourcompany.yourcocoaframework 1 occurrences of version ??? (1.0) /Volumes/Data/jul/Library/Frameworks/iMatorKit.framework/iMatorKit 1 occurrences of version ??? (1.0) /Volumes/Data/jul/Library/Frameworks/iMatorUI.framework/iMatorUI Summary of a selection of backtraces attributed to this bug. The stack frame considered to be the unique "crash point" is highlighted ==> like this <==. This frame is used for aggregation when filing these bugs and does not necessarily imply fault. ==> 2 com.apple.WebCore: WebCore::DocumentLoader::frameLoader const + 6 <== 1 com.apple.WebKit: WebFrameLoaderClient::dispatchDidFinishLoading + 28 +-1 com.apple.WebCore: WebCore::FrameLoader::didFinishLoad + 79 +---1 com.apple.WebCore: WebCore::ResourceLoader::didFinishLoadingOnePart + 52 +-----1 com.apple.WebCore: WebCore::ResourceLoader::didFinishLoading + 30 +-------1 com.apple.WebCore: WebCore::SubresourceLoader::didFinishLoading + 149 +---------1 com.apple.WebCore: -[WebCoreResourceLoaderAsDelegate connectionDidFinishLoading:] + 37 +-----------1 com.apple.Foundation: -[NSURLConnection(NSURLConnectionInternal) _sendDidFinishLoadingCallback] + 176 +-------------1 com.apple.Foundation: -[NSURLConnection(NSURLConnectionInternal) _sendCallbacks] + 748 +---------------1 com.apple.Foundation: _sendCallbacks + 201 +-----------------1 com.apple.CoreFoundation: CFRunLoopRunSpecific + 1213 +-------------------1 com.apple.CoreFoundation: CFRunLoopRunInMode + 61 +---------------------1 com.apple.HIToolbox: RunCurrentEventLoopInMode + 285 +-----------------------1 com.apple.HIToolbox: ReceiveNextEventCommon + 385 +-------------------------1 com.apple.HIToolbox: BlockUntilNextEventMatchingListInMode + 81 +---------------------------1 com.apple.AppKit: _DPSNextEvent + 572 +-----------------------------1 com.apple.AppKit: -[NSApplication nextEventMatchingMask:untilDate:inMode:dequeue:] + 137 +-------------------------------1 com.apple.Safari: 0x6f96 +---------------------------------1 com.apple.AppKit: -[NSApplication run] + 512 +-----------------------------------1 com.apple.AppKit: NSApplicationMain + 573 +-------------------------------------1 com.apple.Safari: 0x5f7de +---------------------------------------1 com.apple.Safari: 0x5f6f9 +-----------------------------------------1 Main thread pruning: 1 com.apple.WebKit: WebFrameLoaderClient::dispatchDidFinishLoading + 29 Overall this crash was reported 2 times in OS builds 8L2127 to 9A300, Safari versions 521.30 to 17930. Of these crashes, 1 was in the latest OS build, 9A300, and 1 was in the latest Safari version, 17930. 2006-12-08 19:33:24 Stephanie Lewis: Couldn't reproduce 2006-12-13 12:53:35 Brady Eidson: This code path can't exist any longer - this was likely a null deref introduced in loader refactoring. 9A300 is eons behind in WebKit loader-land. Closing 2007-01-05 09:56:57 Reese Schreiber: The following application: http://mekentosj.com/papers/ crashes on launch under 9A334 and CrashReporter links me to this bug (it happens ever time): Process: Papers [1444] Path: /Volumes/Papers Public Preview/Papers.app/Contents/MacOS/Papers Version: 1.0b1 (1.0b1) Code Type: X86 (Native) Parent Process: launchd [156] Date/Time: 2007-01-05 09:56:35.093 -0800 OS Version: Mac OS X 10.5 (9A334) Report Version: 6 Exception Type: EXC_RPC_ALERT Exception Codes: 0xff000001, 0x000005a4 Crashed Thread: 0 Thread 0 Crashed: 0 com.apple.WebCore 0x948edc36 WebCore::DocumentLoader::frameLoader() const + 6 1 com.apple.WebKit 0x9d900080 WebFrameLoaderClient::dispatchWillSendRequest(WebCore::DocumentLoader*, objc_object*, NSURLRequest*, NSURLResponse*) + 32 2 com.apple.WebCore 0x948f29a5 WebCore::FrameLoader::willSendRequest(WebCore::ResourceLoader*, NSMutableURLRequest*, NSURLResponse*) + 85 3 com.apple.WebCore 0x948f8365 WebCore::ResourceLoader::willSendRequest(NSURLRequest*, NSURLResponse*) + 165 4 com.apple.WebCore 0x948f96eb WebCore::MainResourceLoader::willSendRequest(NSURLRequest*, NSURLResponse*) + 155 5 com.apple.WebCore 0x948f7415 -[WebCoreResourceLoaderAsDelegate connection:willSendRequest:redirectResponse:] + 53 6 com.apple.Foundation 0x9133c0b2 -[NSURLConnection(NSURLConnectionInternal_ClientThread) _sendWillSendRequestCallback:] + 978 7 com.apple.Foundation 0x9133b9bf -[NSURLConnection(NSURLConnectionInternal_ClientThread) _sendCallbacks] + 655 8 com.apple.Foundation 0x9121b729 _sendCallbacks + 297 9 com.apple.CoreFoundation 0x9efa3c0d CFRunLoopRunSpecific + 3229 10 com.apple.CoreFoundation 0x9efa2f5d CFRunLoopRunInMode + 61 11 com.apple.HIToolbox 0x917f1c87 RunCurrentEventLoopInMode + 305 12 com.apple.HIToolbox 0x917f1320 ReceiveNextEventCommon + 175 13 com.apple.HIToolbox 0x917f1253 BlockUntilNextEventMatchingListInMode + 106 14 com.apple.AppKit 0x91dbbe23 _DPSNextEvent + 657 15 com.apple.AppKit 0x91dbb776 -[NSApplication nextEventMatchingMask:untilDate:inMode:dequeue:] + 128 16 com.apple.AppKit 0x91db5178 -[NSApplication run] + 795 17 com.apple.AppKit 0x91da8d30 NSApplicationMain + 663 18 com.mekentosj.papers 0x00002402 _start + 216 19 com.mekentosj.papers 0x00002329 start + 41 20 ??? 0x00000001 0 + 1 Thread 1: 0 libSystem.B.dylib 0x900057a7 mach_msg_trap + 7 1 com.apple.CoreFoundation 0x9efa34fe CFRunLoopRunSpecific + 1422 2 com.apple.CoreFoundation 0x9efa2f5d CFRunLoopRunInMode + 61 3 com.apple.Foundation 0x9133d850 +[NSURLConnection(NSURLConnectionInternal_LoaderThread) _resourceLoadLoop:] + 272 4 com.apple.Foundation 0x9133397d -[NSThread main] + 45 5 com.apple.Foundation 0x91333634 __main__ + 308 6 libSystem.B.dylib 0x900170e7 _pthread_body + 27 Thread 2: 0 libSystem.B.dylib 0x90029c7f syscall_thread_switch + 7 1 com.apple.AppKit 0x91e8a869 -[NSUIHeartBeat _heartBeatThread:] + 1552 2 com.apple.Foundation 0x9133397d -[NSThread main] + 45 3 com.apple.Foundation 0x91333634 __main__ + 308 4 libSystem.B.dylib 0x900170e7 _pthread_body + 27 Thread 0 crashed with X86 Thread State (32-bit): eax: 0x00000000 ebx: 0x9d90006b ecx: 0x006089b0 edx: 0x00418ef0 edi: 0x00418ef0 esi: 0x0060dd00 ebp: 0xbfffeb98 esp: 0xbfffeb98 ss: 0x0000001f efl: 0x00010286 eip: 0x948edc36 cs: 0x00000017 ds: 0x0000001f es: 0x0000001f fs: 0x00000000 gs: 0x00000037 Binary Images: 0x1000 - 0xebfe5 +com.mekentosj.papers ??? (1.0b1) /Volumes/Papers Public Preview/Papers.app/Contents/MacOS/Papers 0x742000 - 0x7c7fef com.apple.RawCamera.bundle 2.0 (2.0) /System/Library/CoreServices/RawCamera.bundle/Contents/MacOS/RawCamera 0x8fe00000 - 0x8fe4d521 dyld 0.0 (???) /usr/lib/dyld 0x90000000 - 0x9013cfec libSystem.B.dylib ??? (???) /usr/lib/libSystem.B.dylib 0x901a0000 - 0x901a2fe3 libmathCommon.A.dylib ??? (???) /usr/lib/system/libmathCommon.A.dylib 0x901f7000 - 0x90246fea com.apple.CoreText 2.0.0 (???) /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/CoreText.framework/Versions/A/CoreText 0x90395000 - 0x904d3fc3 libicucore.A.dylib ??? (???) /usr/lib/libicucore.A.dylib 0x90516000 - 0x9059cff9 libobjc.A.dylib ??? (???) /usr/lib/libobjc.A.dylib 0x905c7000 - 0x905e7ff1 libauto.dylib ??? (???) /usr/lib/libauto.dylib 0x905f0000 - 0x905f7fed libgcc_s.1.dylib ??? (???) /usr/lib/libgcc_s.1.dylib 0x905fa000 - 0x90660fdb libstdc++.6.dylib ??? (???) /usr/lib/libstdc++.6.dylib 0x90862000 - 0x90862fff com.apple.ApplicationServices 30 (30) /System/Library/Frameworks/ApplicationServices.framework/Versions/A/ApplicationServices 0x90919000 - 0x909b7003 com.apple.DesktopServices 1.4 (1.4) /System/Library/PrivateFrameworks/DesktopServicesPriv.framework/Versions/A/DesktopServicesPriv 0x90a74000 - 0x90a7cfff com.apple.DiskArbitration 2.2 (2.2) /System/Library/Frameworks/DiskArbitration.framework/Versions/A/DiskArbitration 0x90a83000 - 0x90a8afff libbsm.dylib ??? (???) /usr/lib/libbsm.dylib 0x90a8e000 - 0x90a9cffd libz.1.dylib ??? (???) /usr/lib/libz.1.dylib 0x90a9f000 - 0x90c78fc3 com.apple.security 5.0 (29968) /System/Library/Frameworks/Security.framework/Versions/A/Security 0x90d92000 - 0x90d92fff com.apple.CoreServices 26 (26) /System/Library/Frameworks/CoreServices.framework/Versions/A/CoreServices 0x90d94000 - 0x90df8fd7 com.apple.CFNetwork 166 (166) /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/CFNetwork.framework/Versions/A/CFNetwork 0x90e1e000 - 0x90e5a047 com.apple.Metadata 10.5.0 (310) /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/Metadata.framework/Versions/A/Metadata 0x90eac000 - 0x90eacff3 com.apple.Carbon 135 (135) /System/Library/Frameworks/Carbon.framework/Versions/A/Carbon 0x90eba000 - 0x90ec6fe7 com.apple.opengl 1.5.0 (1.5.0) /System/Library/Frameworks/OpenGL.framework/Versions/A/OpenGL 0x90f5b000 - 0x90f5bffb com.apple.Cocoa 6.5 (???) /System/Library/Frameworks/Cocoa.framework/Versions/A/Cocoa 0x90f5f000 - 0x90fe5ff5 com.apple.SearchKit 1.2.0 (1.2.0) /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/SearchKit.framework/Versions/A/SearchKit 0x91040000 - 0x9104ffff com.apple.LangAnalysis 1.6.4 (1.6.4) /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/LangAnalysis.framework/Versions/A/LangAnalysis 0x91061000 - 0x9106dfef com.apple.speech.synthesis.framework 3.6.18 (3.6.18) /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/SpeechSynthesis.framework/Versions/A/SpeechSynthesis 0x910ef000 - 0x91122fff com.apple.SystemConfiguration 1.9.0 (1.9.0) /System/Library/Frameworks/SystemConfiguration.framework/Versions/A/SystemConfiguration 0x91137000 - 0x91197fff libsqlite3.0.dylib ??? (???) /usr/lib/libsqlite3.0.dylib 0x911a3000 - 0x91432fff com.apple.Foundation 6.5 (624.2) /System/Library/Frameworks/Foundation.framework/Versions/C/Foundation 0x91550000 - 0x91632fd7 libxml2.2.dylib ??? (???) /usr/lib/libxml2.2.dylib 0x9164f000 - 0x9173cfc4 libiconv.2.dylib ??? (???) /usr/lib/libiconv.2.dylib 0x9174c000 - 0x9176aff2 libGL.dylib ??? (???) /System/Library/Frameworks/OpenGL.framework/Versions/A/Libraries/libGL.dylib 0x91775000 - 0x917d1fc7 libGLU.dylib ??? (???) /System/Library/Frameworks/OpenGL.framework/Versions/A/Libraries/libGLU.dylib 0x917e8000 - 0x91ae6fe6 com.apple.HIToolbox 1.5.0 (???) /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/HIToolbox.framework/Versions/A/HIToolbox 0x91c5f000 - 0x91cb6fd7 com.apple.HIServices 1.6.0 (???) /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/HIServices.framework/Versions/A/HIServices 0x91da4000 - 0x92514fe7 com.apple.AppKit 6.5 (888.2) /System/Library/Frameworks/AppKit.framework/Versions/C/AppKit 0x92c61000 - 0x92cbdff3 libvMisc.dylib ??? (???) /System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vecLib.framework/Versions/A/libvMisc.dylib 0x92cc6000 - 0x93084fe7 libLAPACK.dylib ??? (???) /System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vecLib.framework/Versions/A/libLAPACK.dylib 0x933c3000 - 0x933e7fff libxslt.1.dylib ??? (???) /usr/lib/libxslt.1.dylib 0x933ee000 - 0x933fefff com.apple.DSObjCWrappers.Framework 1.2 (1.2) /System/Library/PrivateFrameworks/DSObjCWrappers.framework/Versions/A/DSObjCWrappers 0x93406000 - 0x93410fff com.apple.audio.SoundManager 3.9.2 (3.9.2) /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/CarbonSound.framework/Versions/A/CarbonSound 0x93423000 - 0x93423ffd com.apple.Accelerate 1.4 (Accelerate 1.4) /System/Library/Frameworks/Accelerate.framework/Versions/A/Accelerate 0x93425000 - 0x934d3fe2 com.apple.vImage 3.0 (3.0) /System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vImage.framework/Versions/A/vImage 0x934dd000 - 0x934ddffd com.apple.Accelerate.vecLib 3.4 (vecLib 3.4) /System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vecLib.framework/Versions/A/vecLib 0x934df000 - 0x93506fff libvDSP.dylib ??? (???) /System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vecLib.framework/Versions/A/libvDSP.dylib 0x93618000 - 0x936abfdf com.apple.ink.framework 101.3 (80) /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/Ink.framework/Versions/A/Ink 0x939dd000 - 0x93a62ff2 com.apple.JavaScriptCore 521.32 (521.32) /System/Library/Frameworks/JavaScriptCore.framework/Versions/A/JavaScriptCore 0x93cd2000 - 0x93cd6fff libGIF.dylib ??? (???) /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ImageIO.framework/Versions/A/Resources/libGIF.dylib 0x93cd8000 - 0x93cf5fd7 libJPEG.dylib ??? (???) /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ImageIO.framework/Versions/A/Resources/libJPEG.dylib 0x93dc1000 - 0x93ddbff3 libPng.dylib ??? (???) /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ImageIO.framework/Versions/A/Resources/libPng.dylib 0x93de0000 - 0x93de2ffb libRadiance.dylib ??? (???) /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ImageIO.framework/Versions/A/Resources/libRadiance.dylib 0x93de4000 - 0x93e21fef libTIFF.dylib ??? (???) /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ImageIO.framework/Versions/A/Resources/libTIFF.dylib 0x93e27000 - 0x93e6fff3 libGLImage.dylib ??? (???) /System/Library/Frameworks/OpenGL.framework/Versions/A/Libraries/libGLImage.dylib 0x93e73000 - 0x942b0f7d libGLProgrammability.dylib ??? (???) /System/Library/Frameworks/OpenGL.framework/Versions/A/Libraries/libGLProgrammability.dylib 0x94585000 - 0x94a3ffff com.apple.WebCore 521.32.1 (521.32.1) /System/Library/Frameworks/WebKit.framework/Versions/A/Frameworks/WebCore.framework/Versions/A/WebCore 0x954d6000 - 0x95536fef com.apple.PDFKit 1.1 (1.1) /System/Library/Frameworks/Quartz.framework/Versions/A/Frameworks/PDFKit.framework/Versions/A/PDFKit 0x95721000 - 0x957e0fe3 com.apple.CoreData 100 (145) /System/Library/Frameworks/CoreData.framework/Versions/A/CoreData 0x95a2b000 - 0x95afbfdf com.apple.ColorSync 4.5.0 (4.5.0) /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ColorSync.framework/Versions/A/ColorSync 0x95bdb000 - 0x95bdffef com.apple.IMUtils 4.0 (533) /System/Library/Frameworks/InstantMessage.framework/Frameworks/IMUtils.framework/Versions/A/IMUtils 0x95db5000 - 0x95e3ffe7 com.apple.ApplicationServices.ATS 3.0 (???) /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ATS.framework/Versions/A/ATS 0x96801000 - 0x9693afef com.apple.ImageIO.framework 2.0.0 (2.0.0) /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ImageIO.framework/Versions/A/ImageIO 0x97089000 - 0x97090ff7 com.apple.agl 2.6.1 (AGL-2.6.1) /System/Library/Frameworks/AGL.framework/Versions/A/AGL 0x9710d000 - 0x97411fef com.apple.QuartzCore 1.5.0 (1.5.0) /System/Library/Frameworks/QuartzCore.framework/Versions/A/QuartzCore 0x976b0000 - 0x976b1079 com.apple.MonitorPanelFramework 1.2.0 (1.2.0) /System/Library/PrivateFrameworks/MonitorPanel.framework/Versions/A/MonitorPanel 0x98051000 - 0x981adfcf com.apple.QuartzComposer 2.0 (53.1) /System/Library/Frameworks/Quartz.framework/Versions/A/Frameworks/QuartzComposer.framework/Versions/A/QuartzComposer 0x983a0000 - 0x983a0ff3 com.apple.quartzframework 1.5 (1.5) /System/Library/Frameworks/Quartz.framework/Versions/A/Quartz 0x996da000 - 0x996f3fff com.apple.IMFramework 4.0 (533) /System/Library/Frameworks/InstantMessage.framework/Versions/A/InstantMessage 0x9b391000 - 0x9b3f5fe7 com.apple.htmlrendering 66.1 (1.1.3) /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/HTMLRendering.framework/Versions/A/HTMLRendering 0x9b9be000 - 0x9b9d9fdf com.apple.coreui 0.1 (30) /System/Library/PrivateFrameworks/CoreUI.framework/Versions/A/CoreUI 0x9b9ed000 - 0x9ba1effb com.apple.quartzfilters 1.5.0 (1.5.0) /System/Library/Frameworks/Quartz.framework/Versions/A/Frameworks/QuartzFilters.framework/Versions/A/QuartzFilters 0x9bbb6000 - 0x9bbc7ff7 com.apple.CoreVideo 1.4 (1.4) /System/Library/Frameworks/CoreVideo.framework/Versions/A/CoreVideo 0x9c041000 - 0x9c12dff9 com.apple.imageKit 1.0 (1.0) /System/Library/Frameworks/Quartz.framework/Versions/A/Frameworks/ImageKit.framework/Versions/A/ImageKit 0x9c1e3000 - 0x9c1f0073 com.apple.backup.framework 1.0 (1.0) /System/Library/PrivateFrameworks/Backup.framework/Versions/A/Backup 0x9c241000 - 0x9c2b3fef com.apple.QTKit 7.2 (7.2) /System/Library/Frameworks/QTKit.framework/Versions/A/QTKit 0x9c681000 - 0x9c6a7fff com.apple.shortcut 1 (1.0) /System/Library/PrivateFrameworks/Shortcut.framework/Versions/A/Shortcut 0x9c909000 - 0x9c94efef com.apple.TundraServices 1.0 (1.0) /System/Library/PrivateFrameworks/TundraServices.framework/Versions/A/TundraServices 0x9d068000 - 0x9d070ff9 com.apple.helpdata 1.0 (6) /System/Library/PrivateFrameworks/HelpData.framework/Versions/A/HelpData 0x9d1d8000 - 0x9d217fff com.apple.QuickLookFramework 1.0 (50.0) /System/Library/Frameworks/QuickLook.framework/Versions/A/QuickLook 0x9d880000 - 0x9d923fd0 com.apple.WebKit 521.32 (521.32) /System/Library/Frameworks/WebKit.framework/Versions/A/WebKit 0x9dd25000 - 0x9dd27fff com.apple.securityhi 3.0 (30221) /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/SecurityHI.framework/Versions/A/SecurityHI 0x9dee1000 - 0x9defdfeb com.apple.openscripting 1.2.6 (???) /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/OpenScripting.framework/Versions/A/OpenScripting 0x9df1e000 - 0x9df20fff com.apple.DisplayServicesFW 1.8.4 (1.8.4) /System/Library/PrivateFrameworks/DisplayServices.framework/Versions/A/DisplayServices 0x9e0cf000 - 0x9e10afe7 libRIP.A.dylib ??? (???) /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/CoreGraphics.framework/Versions/A/Resources/libRIP.A.dylib 0x9e112000 - 0x9e118fef libCGATS.A.dylib ??? (???) /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/CoreGraphics.framework/Versions/A/Resources/libCGATS.A.dylib 0x9e11d000 - 0x9e129fcb libCSync.A.dylib ??? (???) /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/CoreGraphics.framework/Versions/A/Resources/libCSync.A.dylib 0x9e12f000 - 0x9e14dfff libresolv.9.dylib ??? (???) /usr/lib/libresolv.9.dylib 0x9e154000 - 0x9e179feb libssl.0.9.7.dylib ??? (???) /usr/lib/libssl.0.9.7.dylib 0x9e185000 - 0x9e194fff libsasl2.2.dylib ??? (???) /usr/lib/libsasl2.2.dylib 0x9e198000 - 0x9e1c4fdf com.apple.LDAPFramework 1.4.3 (78) /System/Library/Frameworks/LDAP.framework/Versions/A/LDAP 0x9e1ca000 - 0x9e1e7fcf com.apple.DirectoryService.Framework 3.5 (3.5) /System/Library/Frameworks/DirectoryService.framework/Versions/A/DirectoryService 0x9e1f1000 - 0x9e364fc3 com.apple.AddressBook.framework 4.1 (647.1) /System/Library/Frameworks/AddressBook.framework/Versions/A/AddressBook 0x9e3fe000 - 0x9e420fef com.apple.FigCore 1.0 (1.0) /System/Library/PrivateFrameworks/FigCore.framework/Versions/A/FigCore 0x9e42c000 - 0x9e6edfc3 com.apple.QuickTime 7.2.0 (7.2.0) /System/Library/Frameworks/QuickTime.framework/Versions/A/QuickTime 0x9e76a000 - 0x9e770fff com.apple.print.framework.Print 5.5 (207) /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/Print.framework/Versions/A/Print 0x9e776000 - 0x9e7b8fcf com.apple.NavigationServices 3.5 (147) /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/NavigationServices.framework/Versions/A/NavigationServices 0x9e7e5000 - 0x9e7fdfff com.apple.ImageCapture 4.0 (5.0.0) /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/ImageCapture.framework/Versions/A/ImageCapture 0x9e812000 - 0x9e815fff com.apple.help 1.1 (34) /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/Help.framework/Versions/A/Help 0x9e818000 - 0x9e81cff7 com.apple.CommonPanels 1.2.4 (81) /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/CommonPanels.framework/Versions/A/CommonPanels 0x9e820000 - 0x9e894fd7 com.apple.audio.CoreAudio 3.1.0 (3.1) /System/Library/Frameworks/CoreAudio.framework/Versions/A/CoreAudio 0x9e8e0000 - 0x9e904fdf libcups.2.dylib ??? (???) /usr/lib/libcups.2.dylib 0x9e90b000 - 0x9ed64ff7 libBLAS.dylib ??? (???) /System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vecLib.framework/Versions/A/libBLAS.dylib 0x9edb1000 - 0x9ee66fef libcrypto.0.9.7.dylib ??? (???) /usr/lib/libcrypto.0.9.7.dylib 0x9eeac000 - 0x9ef0eff6 com.apple.LaunchServices 237 (237) /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/LaunchServices.framework/Versions/A/LaunchServices 0x9ef3f000 - 0x9ef6afff com.apple.AE 376 (376) /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/AE.framework/Versions/A/AE 0x9ef7e000 - 0x9f083fff com.apple.CoreFoundation 6.5 (424) /System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation 0x9f16f000 - 0x9f215ff3 com.apple.CoreServices.OSServices 154 (154) /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/OSServices.framework/Versions/A/OSServices 0x9f263000 - 0x9f525feb com.apple.CoreServices.CarbonCore 736 (736) /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/CarbonCore.framework/Versions/A/CarbonCore 0x9f572000 - 0x9f619fdc com.apple.QD 3.11.32 (???) /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/QD.framework/Versions/A/QD 0x9f63d000 - 0x9f6b5fe8 com.apple.print.framework.PrintCore 5.5 (207) /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/PrintCore.framework/Versions/A/PrintCore 0x9f6ed000 - 0x9fd6ffc3 com.apple.CoreGraphics 1.300.0 (???) /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/CoreGraphics.framework/Versions/A/CoreGraphics 0x9fe04000 - 0x9fe0dff9 com.apple.speech.recognition.framework 3.7.8 (3.7.8) /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/SpeechRecognition.framework/Versions/A/SpeechRecognition 0x9fe14000 - 0x9fe96fff com.apple.framework.IOKit 1.5.0 (???) /System/Library/Frameworks/IOKit.framework/Versions/A/IOKit 0x9feb0000 - 0x9feb0ffc com.apple.audio.units.AudioUnit 1.5 (1.5) /System/Library/Frameworks/AudioUnit.framework/Versions/A/AudioUnit 0x9feb2000 - 0x9ffa7fe2 com.apple.audio.toolbox.AudioToolbox 1.5 (1.5) /System/Library/Frameworks/AudioToolbox.framework/Versions/A/AudioToolbox 0xfffe8000 - 0xfffebfff libobjc.A.dylib ??? (???) /usr/lib/libobjc.A.dylib 0xffff0000 - 0xffff1780 libSystem.B.dylib ??? (???) /usr/lib/libSystem.B.dylib 2007-01-09 13:28:02 Frederik Seiffert: <rdar://problem/4915671> might be a duplicate. Should I try in anything newer than 9A321? 2007-01-10 17:29:58 Stephanie Lewis: The application mentioned above is reproducible in Leopard 9A334, moving back into Leopard. 2007-01-15 13:57:30 Alice Liu: Safari blocker reviewed 2007-01-16 18:19:49 Frederik Seiffert: Same thing with Papers (available at <http://mekentosj.com/papers/papers.dmg>): crashes on load. 2007-01-29 22:02:39 Stephanie Lewis: also iSale 4962983, this bug is blocking work 2007-02-01 00:07:25 Brady Eidson: I cannot reproduce with Papers iSale is protected against GDB with ptrace, which is just lameness. ugh 2007-02-01 00:11:34 Brady Eidson: Found the way around the ptrace crap - break ptrace if *(int *)($esp + 4) == 31 Lets you return early and actually launch! That said, I do indeed see a crash on launch with iSale! Top of the BT is - #1 0x00491e75 in WebFrameLoaderClient::dispatchDidFinishLoading (this=0x11f576a0, loader=0x0, identifier=1) at /Volumes/Data/Users/bradeeoh/local_svn/OpenSource/WebKit/WebCoreSupport/WebFrameLoaderClient.mm:348 #2 0x01535efb in WebCore::FrameLoader::didFinishLoad (this=0x2b40200, loader=0x2b49200) at /Volumes/Data/Users/bradeeoh/local_svn/OpenSource/WebCore/loader/FrameLoader.cpp:4124 #3 0x01548a31 in WebCore::ResourceLoader::didFinishLoadingOnePart (this=0x2b49200) at /Volumes/Data/Users/bradeeoh/local_svn/OpenSource/WebCore/loader/ResourceLoader.cpp:238 #4 0x01548aa0 in WebCore::ResourceLoader::didFinishLoading (this=0x2b49200) at /Volumes/Data/Users/bradeeoh/local_svn/OpenSource/WebCore/loader/ResourceLoader.cpp:225 #5 0x01547434 in WebCore::MainResourceLoader::didFinishLoading (this=0x2b49200) at /Volumes/Data/Users/bradeeoh/local_svn/OpenSource/WebCore/loader/MainResourceLoader.cpp:302 #6 0x01548ba6 in WebCore::ResourceLoader::didFinishLoading (this=0x2b49200) at /Volumes/Data/Users/bradeeoh/local_svn/OpenSource/WebCore/loader/ResourceLoader.cpp:323 #7 0x01527ac5 in -[WebCoreResourceHandleAsDelegate connectionDidFinishLoading:] (self=0x11f60a40, _cmd=0x90a9d160, con=0x11f60e70) at /Volumes/Data/Users/bradeeoh/local_svn/OpenSource/WebCore/platform/network/mac/ResourceHandleMac.mm:367 #8 0x9265be00 in -[NSURLConnection(NSURLConnectionInternal) _sendDidFinishLoadingCallback] () #9 0x92659ea5 in -[NSURLConnection(NSURLConnectionInternal) _sendCallbacks] () 2007-02-01 00:12:17 Brady Eidson: ACCK - left off frame 0 #0 0x0045cecd in WebViewGetResourceLoadDelegate (webView=0x0) at /Volumes/Data/Users/bradeeoh/local_svn/OpenSource/WebKit/WebView/WebView.mm:900 #1 0x00491e75 in WebFrameLoaderClient::dispatchDidFinishLoading (this=0x11f576a0, loader=0x0, identifier=1) at /Volumes/Data/Users/bradeeoh/local_svn/OpenSource/WebKit/WebCoreSupport/WebFrameLoaderClient.mm:348 #2 0x01535efb in WebCore::FrameLoader::didFinishLoad (this=0x2b40200, loader=0x2b49200) at /Volumes/Data/Users/bradeeoh/local_svn/OpenSource/WebCore/loader/FrameLoader.cpp:4124 #3 0x01548a31 in WebCore::ResourceLoader::didFinishLoadingOnePart (this=0x2b49200) at /Volumes/Data/Users/bradeeoh/local_svn/OpenSource/WebCore/loader/ResourceLoader.cpp:238 #4 0x01548aa0 in WebCore::ResourceLoader::didFinishLoading (this=0x2b49200) at /Volumes/Data/Users/bradeeoh/local_svn/OpenSource/WebCore/loader/ResourceLoader.cpp:225 #5 0x01547434 in WebCore::MainResourceLoader::didFinishLoading (this=0x2b49200) at /Volumes/Data/Users/bradeeoh/local_svn/OpenSource/WebCore/loader/MainResourceLoader.cpp:302 #6 0x01548ba6 in WebCore::ResourceLoader::didFinishLoading (this=0x2b49200) at /Volumes/Data/Users/bradeeoh/local_svn/OpenSource/WebCore/loader/ResourceLoader.cpp:323 2007-02-01 00:17:38 Brady Eidson: Found another app seeing this. WOW... Since it's easier than either Papers (not reproducible) and iSale (requires ptrace mangling), I'll be working with CSSEdit from here on out 2007-02-01 00:41:45 Brady Eidson: If I plug a short chain of potential null derefs exposed in this case, I stop this crash. But behavior is incorrect. For example in the CSSEdit case, while importing a page, it will no longer crash but the progress bar will freeze halfway as if its not getting any delegate callbacks (which it isn't) In the iSale case, I can successfully launch but just about any action I take after the launch causes another crash with some bizarre data loading anomalies (calling didReceiveData with valid data, but data length 0) So, I don't think plugging the potential null derefs is the right thing to do. The real problem here is that WebFrameLoaderClient::dispatchDidFinishLoading gets called with a null loader (which leads to the null derefs later while trying to find the webkit objects mapped to that loader) Will explore more tomorrow <rdar://problem/4868242>