Bug 13700

Summary: REGRESSION: Reproducible assertion failure in Page::goToItem()
Product: WebKit Reporter: David Kilzer (:ddkilzer) <ddkilzer>
Component: HistoryAssignee: Nobody <webkit-unassigned>
Status: RESOLVED DUPLICATE    
Severity: Normal CC: mjs
Priority: P1 Keywords: Regression
Version: 523.x (Safari 3)   
Hardware: Mac   
OS: OS X 10.4   

Description David Kilzer (:ddkilzer) 2007-05-12 15:41:46 PDT 
* SUMMARY
Unreproducible assertion failure in Page::goToItem() in a local debug build of WebKit r21333 with Safari 2.0.4 (419.3) on Mac OS X 10.4.9 (8P135).

* STEPS TO REPRODUCE
1. Opened Safari/WebKit.
2. Read Bugzilla bug mail in Yahoo! Mail.
3. Command-clicked on link to open bug in a second tab (Bug 13685).
4. Clicked on attachment to read patch (Attachment 14514 [details]).
5. Hit Command-Left-Arrow to go back to the previous page.

* EXPECTED RESULTS
Browser should have returned to the previous page.

* ACTUAL RESULTS
Browser crashed due to an assertion failure.

* NOTES
- Console output:

ASSERTION FAILED: item->target().isEmpty() || m_mainFrame->tree()->find(item->target()) == m_mainFrame
(/path/to/WebKit/WebCore/page/Page.cpp:132 void WebCore::Page::goToItem(WebCore::HistoryItem*, WebCore::FrameLoadType))
Segmentation fault

- Stack trace:

Exception:  EXC_BAD_ACCESS (0x0001)
Codes:      KERN_INVALID_ADDRESS (0x0001) at 0xbbadbeef

Thread 0 Crashed:
0   com.apple.WebCore        	0x011f78c0 WebCore::Page::goToItem(WebCore::HistoryItem*, WebCore::FrameLoadType) + 312 (Page.cpp:132)
1   com.apple.WebCore        	0x011f7a10 WebCore::Page::goBack() + 88 (Page.cpp:113)
2   com.apple.WebKit         	0x00385ee4 -[WebView goBack] + 80 (WebView.mm:2000)
3   com.apple.WebKit         	0x0037a834 -[WebFrameView _goBack] + 92 (WebFrameView.mm:485)
4   com.apple.WebKit         	0x0037c248 -[WebFrameView keyDown:] + 2948 (WebFrameView.mm:738)
5   com.apple.AppKit         	0x9386ff84 forwardMethod + 92
6   com.apple.AppKit         	0x9386ff84 forwardMethod + 92
7   com.apple.AppKit         	0x9386ff84 forwardMethod + 92
8   com.apple.AppKit         	0x939113f0 -[NSControl keyDown:] + 112
9   com.apple.WebKit         	0x0035488c -[WebHTMLView keyDown:] + 748 (WebHTMLView.mm:3429)
10  com.apple.AppKit         	0x937fdfa0 -[NSWindow sendEvent:] + 6424
11  com.apple.Safari         	0x00021734 0x1000 + 132916
12  com.apple.AppKit         	0x937a68d4 -[NSApplication sendEvent:] + 4172
13  com.apple.Safari         	0x00021238 0x1000 + 131640
14  com.apple.AppKit         	0x9379dd10 -[NSApplication run] + 508
15  com.apple.AppKit         	0x9388e87c NSApplicationMain + 452
16  com.apple.Safari         	0x0005c77c 0x1000 + 374652
17  com.apple.Safari         	0x0005c624 0x1000 + 374308
Comment 1 mitz 2007-05-12 16:08:19 PDT 
See also bug 13038.
Comment 2 David Kilzer (:ddkilzer) 2007-05-12 16:14:10 PDT 
I have steps to reproduce!



*** This bug has been marked as a duplicate of 13038 ***