Bug 14207

Summary: REGRESSION: Crash after closing a tab with Google Maps Street View
Product: WebKit Reporter: Richard Mlynarik <Mly>
Component: JavaScriptCoreAssignee: Nobody <webkit-unassigned>
Status: RESOLVED FIXED    
Severity: Major CC: mbritto, mitz, rachael, sroret, troyb
Priority: P1 Keywords: GoogleBug, HasReduction, Regression
Version: 523.x (Safari 3)   
Hardware: Mac (PowerPC)   
OS: OS X 10.4   
Attachments:
Description Flags
proposed fix
mjs: review-
mitz test case & mbritto fix darin: review+

Description Richard Mlynarik 2007-06-17 22:30:16 PDT 
I very very much doubt I can reproduce this.

I had numerous windows with numerous open.

In the front window, I had two or three tabs open.
The last one was maps.google.com, and I was looking at some "Street View" data,
which if I recall correctly involves the (hateful, loathesome, evil) Flash plugin.

I closed the tab (mouse-click, not command-W), then ka-boom.
Good luck extracting anything from this.

Latest nightly Webkit (23558)/



Date/Time:      2007-06-17 22:24:35.121 -0700
OS Version:     10.4.9 (Build 8P135)
Report Version: 4

Command: Safari
Path:    /Applications/Safari.app/Contents/MacOS/Safari
Parent:  WindowServer [102]

Version: r23558 (23558)

PID:    5104
Thread: 0

Exception:  EXC_BAD_ACCESS (0x0001)
Codes:      KERN_PROTECTION_FAILURE (0x0002) at 0x00000024

Thread 0 Crashed:
0   com.apple.JavaScriptCore       	0x0044e3bc WTF::HashSet<KJS::RuntimeObjectImp*, WTF::PtrHash<KJS::RuntimeObjectImp*>, WTF::HashTraits<KJS::RuntimeObjectImp*> >::add(KJS::RuntimeObjectImp* const&) + 28
1   <<00000000>> 	0xbfffb0e0 0 + -1073762080
2   com.apple.JavaScriptCore       	0x0044cf54 KJS::Bindings::RootObject::addRuntimeObject(KJS::RuntimeObjectImp*) + 36
3   com.apple.WebCore              	0x0129c030 WebCore::getRuntimeObject(KJS::ExecState*, WebCore::Node*) + 240
4   com.apple.WebCore              	0x012a10c0 WebCore::runtimeObjectCustomGetOwnPropertySlot(KJS::ExecState*, KJS::Identifier const&, KJS::PropertySlot&, WebCore::JSHTMLElement*, WebCore::HTMLElement*) + 48
5   com.apple.WebCore              	0x014db294 WebCore::JSHTMLObjectElement::getOwnPropertySlot(KJS::ExecState*, KJS::Identifier const&, KJS::PropertySlot&) + 116
6   com.apple.JavaScriptCore       	0x004ba1e8 KJS::DotAccessorNode::evaluate(KJS::ExecState*) + 216
7   com.apple.JavaScriptCore       	0x004b2ed8 KJS::EqualNode::evaluate(KJS::ExecState*) + 56
8   com.apple.JavaScriptCore       	0x004c8094 KJS::IfNode::execute(KJS::ExecState*) + 100
9   com.apple.JavaScriptCore       	0x004c522c KJS::SourceElementsNode::execute(KJS::ExecState*) + 188
10  com.apple.JavaScriptCore       	0x004c8428 KJS::BlockNode::execute(KJS::ExecState*) + 136
11  com.apple.JavaScriptCore       	0x004c6c70 KJS::ForNode::execute(KJS::ExecState*) + 560
12  com.apple.JavaScriptCore       	0x004c52e0 KJS::SourceElementsNode::execute(KJS::ExecState*) + 368
13  com.apple.JavaScriptCore       	0x004c8428 KJS::BlockNode::execute(KJS::ExecState*) + 136
14  com.apple.JavaScriptCore       	0x004c8e88 KJS::DeclaredFunctionImp::execute(KJS::ExecState*) + 56
15  com.apple.JavaScriptCore       	0x004c91f0 KJS::FunctionImp::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List const&) + 608
16  com.apple.JavaScriptCore       	0x004badd0 KJS::FunctionCallDotNode::evaluate(KJS::ExecState*) + 832
17  com.apple.JavaScriptCore       	0x004c8264 KJS::ExprStatementNode::execute(KJS::ExecState*) + 100
18  com.apple.JavaScriptCore       	0x004c522c KJS::SourceElementsNode::execute(KJS::ExecState*) + 188
19  com.apple.JavaScriptCore       	0x004c8428 KJS::BlockNode::execute(KJS::ExecState*) + 136
20  com.apple.JavaScriptCore       	0x004c7374 KJS::WhileNode::execute(KJS::ExecState*) + 500
21  com.apple.JavaScriptCore       	0x004c52e0 KJS::SourceElementsNode::execute(KJS::ExecState*) + 368
22  com.apple.JavaScriptCore       	0x004c8428 KJS::BlockNode::execute(KJS::ExecState*) + 136
23  com.apple.JavaScriptCore       	0x004c8e88 KJS::DeclaredFunctionImp::execute(KJS::ExecState*) + 56
24  com.apple.JavaScriptCore       	0x004c91f0 KJS::FunctionImp::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List const&) + 608
25  com.apple.JavaScriptCore       	0x004badd0 KJS::FunctionCallDotNode::evaluate(KJS::ExecState*) + 832
26  com.apple.JavaScriptCore       	0x004c8264 KJS::ExprStatementNode::execute(KJS::ExecState*) + 100
27  com.apple.JavaScriptCore       	0x004c52e0 KJS::SourceElementsNode::execute(KJS::ExecState*) + 368
28  com.apple.JavaScriptCore       	0x004c8428 KJS::BlockNode::execute(KJS::ExecState*) + 136
29  com.apple.JavaScriptCore       	0x004c8e88 KJS::DeclaredFunctionImp::execute(KJS::ExecState*) + 56
30  com.apple.JavaScriptCore       	0x004c91f0 KJS::FunctionImp::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List const&) + 608
31  com.apple.JavaScriptCore       	0x004a5388 KJS::FunctionCallResolveNode::evaluate(KJS::ExecState*) + 792
32  com.apple.JavaScriptCore       	0x004c8264 KJS::ExprStatementNode::execute(KJS::ExecState*) + 100
33  com.apple.JavaScriptCore       	0x004c522c KJS::SourceElementsNode::execute(KJS::ExecState*) + 188
34  com.apple.JavaScriptCore       	0x004c8428 KJS::BlockNode::execute(KJS::ExecState*) + 136
35  com.apple.JavaScriptCore       	0x004c8e88 KJS::DeclaredFunctionImp::execute(KJS::ExecState*) + 56
36  com.apple.JavaScriptCore       	0x004c91f0 KJS::FunctionImp::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List const&) + 608
37  com.apple.JavaScriptCore       	0x004c4e18 KJS::FunctionProtoFunc::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List const&) + 3464
38  com.apple.JavaScriptCore       	0x004badd0 KJS::FunctionCallDotNode::evaluate(KJS::ExecState*) + 832
39  com.apple.JavaScriptCore       	0x004c8ae8 KJS::ReturnNode::execute(KJS::ExecState*) + 232
40  com.apple.JavaScriptCore       	0x004c522c KJS::SourceElementsNode::execute(KJS::ExecState*) + 188
41  com.apple.JavaScriptCore       	0x004c8428 KJS::BlockNode::execute(KJS::ExecState*) + 136
42  com.apple.JavaScriptCore       	0x004c8188 KJS::IfNode::execute(KJS::ExecState*) + 344
43  com.apple.JavaScriptCore       	0x004c522c KJS::SourceElementsNode::execute(KJS::ExecState*) + 188
44  com.apple.JavaScriptCore       	0x004c8428 KJS::BlockNode::execute(KJS::ExecState*) + 136
45  com.apple.JavaScriptCore       	0x004c8e88 KJS::DeclaredFunctionImp::execute(KJS::ExecState*) + 56
46  com.apple.JavaScriptCore       	0x004c91f0 KJS::FunctionImp::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List const&) + 608
47  com.apple.JavaScriptCore       	0x004badd0 KJS::FunctionCallDotNode::evaluate(KJS::ExecState*) + 832
48  com.apple.JavaScriptCore       	0x004c8264 KJS::ExprStatementNode::execute(KJS::ExecState*) + 100
49  com.apple.JavaScriptCore       	0x004c522c KJS::SourceElementsNode::execute(KJS::ExecState*) + 188
50  com.apple.JavaScriptCore       	0x004c8428 KJS::BlockNode::execute(KJS::ExecState*) + 136
51  com.apple.JavaScriptCore       	0x004c55c8 KJS::TryNode::execute(KJS::ExecState*) + 104
52  com.apple.JavaScriptCore       	0x004c522c KJS::SourceElementsNode::execute(KJS::ExecState*) + 188
53  com.apple.JavaScriptCore       	0x004c8428 KJS::BlockNode::execute(KJS::ExecState*) + 136
54  com.apple.JavaScriptCore       	0x004c81dc KJS::IfNode::execute(KJS::ExecState*) + 428
55  com.apple.JavaScriptCore       	0x004c522c KJS::SourceElementsNode::execute(KJS::ExecState*) + 188
56  com.apple.JavaScriptCore       	0x004c8428 KJS::BlockNode::execute(KJS::ExecState*) + 136
57  com.apple.JavaScriptCore       	0x004c8e88 KJS::DeclaredFunctionImp::execute(KJS::ExecState*) + 56
58  com.apple.JavaScriptCore       	0x004c91f0 KJS::FunctionImp::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List const&) + 608
59  com.apple.JavaScriptCore       	0x004a5388 KJS::FunctionCallResolveNode::evaluate(KJS::ExecState*) + 792
60  com.apple.JavaScriptCore       	0x004c8264 KJS::ExprStatementNode::execute(KJS::ExecState*) + 100
61  com.apple.JavaScriptCore       	0x004c522c KJS::SourceElementsNode::execute(KJS::ExecState*) + 188
62  com.apple.JavaScriptCore       	0x004c8428 KJS::BlockNode::execute(KJS::ExecState*) + 136
63  com.apple.JavaScriptCore       	0x004c6c70 KJS::ForNode::execute(KJS::ExecState*) + 560
64  com.apple.JavaScriptCore       	0x004c52e0 KJS::SourceElementsNode::execute(KJS::ExecState*) + 368
65  com.apple.JavaScriptCore       	0x004c8428 KJS::BlockNode::execute(KJS::ExecState*) + 136
66  com.apple.JavaScriptCore       	0x004c8e88 KJS::DeclaredFunctionImp::execute(KJS::ExecState*) + 56
67  com.apple.JavaScriptCore       	0x004c91f0 KJS::FunctionImp::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List const&) + 608
68  com.apple.JavaScriptCore       	0x004a5388 KJS::FunctionCallResolveNode::evaluate(KJS::ExecState*) + 792
69  com.apple.JavaScriptCore       	0x004c8264 KJS::ExprStatementNode::execute(KJS::ExecState*) + 100
70  com.apple.JavaScriptCore       	0x004c52e0 KJS::SourceElementsNode::execute(KJS::ExecState*) + 368
71  com.apple.JavaScriptCore       	0x004c8428 KJS::BlockNode::execute(KJS::ExecState*) + 136
72  com.apple.JavaScriptCore       	0x004c8e88 KJS::DeclaredFunctionImp::execute(KJS::ExecState*) + 56
73  com.apple.JavaScriptCore       	0x004c91f0 KJS::FunctionImp::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List const&) + 608
74  com.apple.JavaScriptCore       	0x004a5388 KJS::FunctionCallResolveNode::evaluate(KJS::ExecState*) + 792
75  com.apple.JavaScriptCore       	0x004c8264 KJS::ExprStatementNode::execute(KJS::ExecState*) + 100
76  com.apple.JavaScriptCore       	0x004c52e0 KJS::SourceElementsNode::execute(KJS::ExecState*) + 368
77  com.apple.JavaScriptCore       	0x004c8428 KJS::BlockNode::execute(KJS::ExecState*) + 136
78  com.apple.JavaScriptCore       	0x004c8188 KJS::IfNode::execute(KJS::ExecState*) + 344
79  com.apple.JavaScriptCore       	0x004c52e0 KJS::SourceElementsNode::execute(KJS::ExecState*) + 368
80  com.apple.JavaScriptCore       	0x004c8428 KJS::BlockNode::execute(KJS::ExecState*) + 136
81  com.apple.JavaScriptCore       	0x004c6c70 KJS::ForNode::execute(KJS::ExecState*) + 560
82  com.apple.JavaScriptCore       	0x004c52e0 KJS::SourceElementsNode::execute(KJS::ExecState*) + 368
83  com.apple.JavaScriptCore       	0x004c8428 KJS::BlockNode::execute(KJS::ExecState*) + 136
84  com.apple.JavaScriptCore       	0x004c8e88 KJS::DeclaredFunctionImp::execute(KJS::ExecState*) + 56
85  com.apple.JavaScriptCore       	0x004c91f0 KJS::FunctionImp::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List const&) + 608
86  com.apple.JavaScriptCore       	0x004a5388 KJS::FunctionCallResolveNode::evaluate(KJS::ExecState*) + 792
87  com.apple.JavaScriptCore       	0x004c8264 KJS::ExprStatementNode::execute(KJS::ExecState*) + 100
88  com.apple.JavaScriptCore       	0x004c522c KJS::SourceElementsNode::execute(KJS::ExecState*) + 188
89  com.apple.JavaScriptCore       	0x004c8428 KJS::BlockNode::execute(KJS::ExecState*) + 136
90  com.apple.JavaScriptCore       	0x004c8e88 KJS::DeclaredFunctionImp::execute(KJS::ExecState*) + 56
91  com.apple.JavaScriptCore       	0x004c91f0 KJS::FunctionImp::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List const&) + 608
92  com.apple.JavaScriptCore       	0x004a5388 KJS::FunctionCallResolveNode::evaluate(KJS::ExecState*) + 792
93  com.apple.JavaScriptCore       	0x004c8264 KJS::ExprStatementNode::execute(KJS::ExecState*) + 100
94  com.apple.JavaScriptCore       	0x004c522c KJS::SourceElementsNode::execute(KJS::ExecState*) + 188
95  com.apple.JavaScriptCore       	0x004c8428 KJS::BlockNode::execute(KJS::ExecState*) + 136
96  com.apple.JavaScriptCore       	0x004c8188 KJS::IfNode::execute(KJS::ExecState*) + 344
97  com.apple.JavaScriptCore       	0x004c522c KJS::SourceElementsNode::execute(KJS::ExecState*) + 188
98  com.apple.JavaScriptCore       	0x004c8428 KJS::BlockNode::execute(KJS::ExecState*) + 136
99  com.apple.JavaScriptCore       	0x004c8e88 KJS::DeclaredFunctionImp::execute(KJS::ExecState*) + 56
100 com.apple.JavaScriptCore       	0x004c91f0 KJS::FunctionImp::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List const&) + 608
101 com.apple.JavaScriptCore       	0x004a5388 KJS::FunctionCallResolveNode::evaluate(KJS::ExecState*) + 792
102 com.apple.JavaScriptCore       	0x004c8264 KJS::ExprStatementNode::execute(KJS::ExecState*) + 100
103 com.apple.JavaScriptCore       	0x004c522c KJS::SourceElementsNode::execute(KJS::ExecState*) + 188
104 com.apple.JavaScriptCore       	0x004c8428 KJS::BlockNode::execute(KJS::ExecState*) + 136
105 com.apple.JavaScriptCore       	0x004c8e88 KJS::DeclaredFunctionImp::execute(KJS::ExecState*) + 56
106 com.apple.JavaScriptCore       	0x004c91f0 KJS::FunctionImp::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List const&) + 608
107 com.apple.JavaScriptCore       	0x0049c594 KJS::JSObject::call(KJS::ExecState*, KJS::JSObject*, KJS::List const&) + 116
108 com.apple.WebCore              	0x0129e0dc KJS::JSAbstractEventListener::handleEvent(WebCore::Event*, bool) + 540
109 com.apple.WebCore              	0x010eab5c WebCore::Document::handleWindowEvent(WebCore::Event*, bool) + 156
110 com.apple.WebCore              	0x01260d5c WebCore::EventTargetNode::dispatchWindowEvent(WebCore::AtomicString const&, bool, bool) + 252
111 com.apple.WebCore              	0x0146b368 WebCore::FrameLoader::stopLoading(bool) + 216
112 com.apple.WebCore              	0x0146b6a4 WebCore::FrameLoader::closeURL() + 36
113 com.apple.WebCore              	0x0146b710 WebCore::FrameLoader::detachFromParent() + 64
114 com.apple.WebKit               	0x0035af68 -[WebView(WebPrivate) _close] + 312
115 com.apple.Safari               	0x00047858 0x1000 + 288856
116 com.apple.Safari               	0x000476fc 0x1000 + 288508
117 com.apple.Safari               	0x00047690 0x1000 + 288400
118 com.apple.AppKit               	0x93842c4c -[NSApplication sendAction:to:from:] + 108
119 com.apple.Safari               	0x0002956c 0x1000 + 165228
120 com.apple.AppKit               	0x93842b80 -[NSControl sendAction:to:] + 96
121 com.apple.AppKit               	0x93842a60 -[NSCell _sendActionFrom:] + 156
122 com.apple.AppKit               	0x9385ca88 -[NSCell trackMouse:inRect:ofView:untilMouseUp:] + 1020
123 com.apple.AppKit               	0x9385c670 -[NSButtonCell trackMouse:inRect:ofView:untilMouseUp:] + 564
124 com.apple.AppKit               	0x9385c094 -[NSControl mouseDown:] + 536
125 com.apple.Safari               	0x0003dde0 0x1000 + 249312
126 com.apple.AppKit               	0x937fd890 -[NSWindow sendEvent:] + 4616
127 com.apple.Safari               	0x00021734 0x1000 + 132916
128 com.apple.AppKit               	0x937a68d4 -[NSApplication sendEvent:] + 4172
129 com.apple.Safari               	0x00021238 0x1000 + 131640
130 com.apple.AppKit               	0x9379dd10 -[NSApplication run] + 508
131 com.apple.AppKit               	0x9388e87c NSApplicationMain + 452
132 com.apple.Safari               	0x0005c77c 0x1000 + 374652
133 com.apple.Safari               	0x0005c624 0x1000 + 374308

Thread 1:
0   libSystem.B.dylib              	0x9000b4c8 mach_msg_trap + 8
1   libSystem.B.dylib              	0x9000b41c mach_msg + 60
2   com.apple.CoreFoundation       	0x907deba8 __CFRunLoopRun + 832
3   com.apple.CoreFoundation       	0x907de4ac CFRunLoopRunSpecific + 268
4   com.apple.Foundation           	0x92c0a6a8 +[NSURLConnection(NSURLConnectionInternal) _resourceLoadLoop:] + 264
5   com.apple.Foundation           	0x92be31a0 forkThreadForFunction + 108
6   libSystem.B.dylib              	0x9002be88 _pthread_body + 96

Thread 2:
0   libSystem.B.dylib              	0x9000b4c8 mach_msg_trap + 8
1   libSystem.B.dylib              	0x9000b41c mach_msg + 60
2   com.apple.CoreFoundation       	0x907deba8 __CFRunLoopRun + 832
3   com.apple.CoreFoundation       	0x907de4ac CFRunLoopRunSpecific + 268
4   com.apple.Foundation           	0x92c0b7e8 +[NSURLCache _diskCacheSyncLoop:] + 152
5   com.apple.Foundation           	0x92be31a0 forkThreadForFunction + 108
6   libSystem.B.dylib              	0x9002be88 _pthread_body + 96

Thread 3:
0   libSystem.B.dylib              	0x9002c548 semaphore_wait_signal_trap + 8
1   libSystem.B.dylib              	0x9003102c pthread_cond_wait + 480
2   com.apple.Foundation           	0x92bea30c -[NSConditionLock lockWhenCondition:] + 68
3   com.apple.Syndication          	0x9b51442c -[AsyncDB _run:] + 192
4   com.apple.Foundation           	0x92be31a0 forkThreadForFunction + 108
5   libSystem.B.dylib              	0x9002be88 _pthread_body + 96

Thread 4:
0   libSystem.B.dylib              	0x9001fa0c select + 12
1   com.apple.CoreFoundation       	0x907f1434 __CFSocketManager + 472
2   libSystem.B.dylib              	0x9002be88 _pthread_body + 96

Thread 5:
0   libSystem.B.dylib              	0x9002c548 semaphore_wait_signal_trap + 8
1   libSystem.B.dylib              	0x9003102c pthread_cond_wait + 480
2   com.apple.Foundation           	0x92bea30c -[NSConditionLock lockWhenCondition:] + 68
3   com.apple.AppKit               	0x9383e708 -[NSUIHeartBeat _heartBeatThread:] + 324
4   com.apple.Foundation           	0x92be31a0 forkThreadForFunction + 108
5   libSystem.B.dylib              	0x9002be88 _pthread_body + 96

Thread 6:
0   libSystem.B.dylib              	0x9000b4c8 mach_msg_trap + 8
1   libSystem.B.dylib              	0x9000b41c mach_msg + 60
2   ...romedia.Flash Player.plugin 	0x080d6688 native_ShockwaveFlash_TCallFrame + 1368296
3   libSystem.B.dylib              	0x9002be88 _pthread_body + 96

Thread 7:
0   libSystem.B.dylib              	0x90055468 semaphore_timedwait_signal_trap + 8
1   libSystem.B.dylib              	0x90071be8 pthread_cond_timedwait_relative_np + 556
2   ...ple.CoreServices.CarbonCore 	0x90bf748c TSWaitOnSemaphoreCommon + 176
3   ...ickTimeComponents.component 	0x998c4224 ReadSchedulerThreadEntryPoint + 5300
4   libSystem.B.dylib              	0x9002be88 _pthread_body + 96

Thread 8:
0   libSystem.B.dylib              	0x9000b4c8 mach_msg_trap + 8
1   libSystem.B.dylib              	0x9000b41c mach_msg + 60
2   com.apple.CoreFoundation       	0x907deba8 __CFRunLoopRun + 832
3   com.apple.CoreFoundation       	0x907de4ac CFRunLoopRunSpecific + 268
4   com.apple.CoreFoundation       	0x907ed90c CFRunLoopRun + 52
5   com.apple.QuickTime            	0x948a2040 QTSNetworkThread_RunThread + 128
6   libSystem.B.dylib              	0x9002be88 _pthread_body + 96

Thread 9:
0   libSystem.B.dylib              	0x9000b4c8 mach_msg_trap + 8
1   libSystem.B.dylib              	0x9000b41c mach_msg + 60
2   com.apple.CoreFoundation       	0x907deba8 __CFRunLoopRun + 832
3   com.apple.CoreFoundation       	0x907de4ac CFRunLoopRunSpecific + 268
4   com.apple.audio.CoreAudio      	0x9145763c HALRunLoop::OwnThread(void*) + 264
5   com.apple.audio.CoreAudio      	0x914573dc CAPThread::Entry(CAPThread*) + 96
6   libSystem.B.dylib              	0x9002be88 _pthread_body + 96

Thread 0 crashed with PPC Thread State 64:
  srr0: 0x000000000044e3bc srr1: 0x000000000000f030                        vrsave: 0x00000000fff00000
    cr: 0x44044242          xer: 0x0000000000000004   lr: 0x000000000044cf54  ctr: 0x0000000000442c00
    r0: 0x000000000044cf54   r1: 0x00000000bfffaad0   r2: 0x0000000000441400   r3: 0x00000000bfffab80
    r4: 0x0000000000000024   r5: 0x00000000bfffabbc   r6: 0x0000000009086c40   r7: 0x0000000000000545
    r8: 0x00000000114f0000   r9: 0x0000000000505d80  r10: 0x0000000000441a3c  r11: 0x00000000114e5684
   r12: 0x0000000000442c00  r13: 0x00000000a37cc688  r14: 0x0000000000000100  r15: 0x0000000000000000
   r16: 0x000000000050508c  r17: 0x000000000051508c  r18: 0x000000000051508c  r19: 0x000000000051508c
   r20: 0x000000000051508c  r21: 0x00000000bfffb0f0  r22: 0x00000000bfffb530  r23: 0x0000000000506a58
   r24: 0x00000000bfffaf9c  r25: 0x00000000bfffaef0  r26: 0x0000000000505180  r27: 0x00000000bfffab80
   r28: 0x00000000087fbae0  r29: 0x00000000bfffabbc  r30: 0x0000000000000024  r31: 0x000000000129bf50

Binary Images Description:
    0x1000 -    0xdcfff com.apple.Safari 2.0.4 (419.3)	/Applications/Safari.app/Contents/MacOS/Safari
  0x109000 -   0x10afff WebKitNightlyEnabler.dylib 	/Applications/WebKit.app/Contents/Resources/WebKitNightlyEnabler.dylib
  0x305000 -   0x3b9fff com.apple.WebKit 522+	/Applications/WebKit.app/Contents/Resources/WebKit.framework/Versions/A/WebKit
  0x43a000 -   0x4eefff com.apple.JavaScriptCore 522+	/Applications/WebKit.app/Contents/Resources/JavaScriptCore.framework/Versions/A/JavaScriptCore
 0x1008000 -  0x1564fff com.apple.WebCore 522+	/Applications/WebKit.app/Contents/Resources/WebCore.framework/Versions/A/WebCore
 0x19a0000 -  0x19a7fff com.unsanity.smartcrashreports Smart Crash Reports version 1.0.3 (1.0.3b1)	/Users/mly/Library/InputManagers/Smart Crash Reports/Smart Crash Reports.bundle/Contents/MacOS/Smart Crash Reports
 0x1c09000 -  0x1c09fff com.apple.SpotLightCM 1.0 (121.20.2)	/System/Library/Contextual Menu Items/SpotlightCM.plugin/Contents/MacOS/SpotlightCM
 0x1fc3000 -  0x1fc5fff com.apple.AutomatorCMM 1.0 (48)	/System/Library/Contextual Menu Items/AutomatorCMM.plugin/Contents/MacOS/AutomatorCMM
 0x1fc8000 -  0x1fccfff com.apple.FolderActionsMenu 1.3	/System/Library/Contextual Menu Items/FolderActionsMenu.plugin/Contents/MacOS/FolderActionsMenu
 0x5ad21e0 -  0x5ad22b6 CFMPriv_HTMLRendering 	PEF binary: CFMPriv_HTMLRendering
 0x5ad2390 -  0x5ad2452 CFMPriv_AE 	PEF binary: CFMPriv_AE
 0x5ad2760 -  0x5ad282a CFMPriv_HIToolbox 	PEF binary: CFMPriv_HIToolbox
 0x5ad28b0 -  0x5ad296b CFMPriv_Help 	PEF binary: CFMPriv_Help
 0x5ad4850 -  0x5ad4923 CFMPriv_CommonPanels 	PEF binary: CFMPriv_CommonPanels
 0x5ad56c0 -  0x5ad5790 CFMPriv_CarbonSound 	PEF binary: CFMPriv_CarbonSound
 0x5ad71d0 -  0x5ad7247 CFMPriv_System 	PEF binary: CFMPriv_System
 0x5adeb90 -  0x5adec79 CFMPriv_SpeechSynthesis 	PEF binary: CFMPriv_SpeechSynthesis
 0x5adee70 -  0x5adef32 CFMPriv_QD 	PEF binary: CFMPriv_QD
 0x5adefc0 -  0x5adf097 CFMPriv_PrintCore 	PEF binary: CFMPriv_PrintCore
 0x5adf160 -  0x5adf246 CFMPriv_LaunchServices 	PEF binary: CFMPriv_LaunchServices
 0x5adfce0 -  0x5adfdc0 CFMPriv_LangAnalysis 	PEF binary: CFMPriv_LangAnalysis
 0x5adfe60 -  0x5adff3a CFMPriv_HIServices 	PEF binary: CFMPriv_HIServices
 0x5adffb0 -  0x5ae0093 CFMPriv_FindByContent 	PEF binary: CFMPriv_FindByContent
 0x5ae0270 -  0x5ae0347 CFMPriv_ColorSync 	PEF binary: CFMPriv_ColorSync
 0x5ae0430 -  0x5ae04f5 CFMPriv_ATS 	PEF binary: CFMPriv_ATS
 0x5ae0930 -  0x5ae0a03 CFMPriv_OSServices 	PEF binary: CFMPriv_OSServices
 0x5ae13e0 -  0x5ae14b3 CFMPriv_CarbonCore 	PEF binary: CFMPriv_CarbonCore
 0x5ae55b0 -  0x5ae5683 CFMPriv_ImageCapture 	PEF binary: CFMPriv_ImageCapture
 0x5ae85c0 -  0x5ae867e CFMPriv_Print 	PEF binary: CFMPriv_Print
 0x5aec6c0 -  0x5aec7a5 CFMPriv_NavigationServices 	PEF binary: CFMPriv_NavigationServices
 0x5aed810 -  0x5aed8dd CFMPriv_SecurityHI 	PEF binary: CFMPriv_SecurityHI
 0x5aee520 -  0x5aee5d2 CFMPriv_CoreFoundation 	PEF binary: CFMPriv_CoreFoundation
 0x5aeed50 -  0x5aeee26 CFMPriv_OpenScripting 	PEF binary: CFMPriv_OpenScripting
 0x5af1290 -  0x5af1345 CFMPriv_DVComponentGlue 	PEF binary: CFMPriv_DVComponentGlue
 0x5af4180 -  0x5af4262 CFMPriv_SpeechRecognition 	PEF binary: CFMPriv_SpeechRecognition
 0x5af45d0 -  0x5af4673 CFMPriv_QuickTime 	PEF binary: CFMPriv_QuickTime
 0x7e20000 -  0x8134fff com.macromedia.Flash Player.plugin 9.0.28 (1.0.4f22)	/Library/Internet Plug-Ins/Flash Player.plugin/Contents/MacOS/Flash Player
 0x8c69000 -  0x8cd1fff com.DivXInc.DivXDecoder 6.4.0	/Library/QuickTime/DivX Decoder.component/Contents/MacOS/DivX Decoder
 0xd822000 -  0xd823fff com.apple.aoa.halplugin 2.5.6 (2.5.6b5)	/System/Library/Extensions/IOAudioFamily.kext/Contents/PlugIns/AOAHALPlugin.bundle/Contents/MacOS/AOAHALPlugin
 0xf110000 -  0xf166523 PDF Browser Plugin 	PEF binary: PDF Browser Plugin
 0xf167000 -  0xf1b63c7 CarbonLibpwpc 	PEF binary: CarbonLibpwpc
 0xf1b63d0 -  0xf1ce6bd Apple;Carbon;Multimedia 	PEF binary: Apple;Carbon;Multimedia
 0xf672000 -  0xf6b1fff com.apple.QuickTimeFireWireDV.component 7.1.5	/System/Library/QuickTime/QuickTimeFireWireDV.component/Contents/MacOS/QuickTimeFireWireDV
 0xf6f0000 -  0xf759fff com.apple.AppleIntermediateCodec 1.0.1 (124)	/Library/QuickTime/AppleIntermediateCodec.component/Contents/MacOS/AppleIntermediateCodec
0x1059d000 - 0x1059ffff com.apple.PDFImporter 1.6 (???)	/System/Library/Components/PDFImporter.component/Contents/MacOS/PDFImporter
0x11046000 - 0x110bffff com.apple.applepixletvideo 1.2.5 (1.2d5)	/System/Library/QuickTime/ApplePixletVideo.component/Contents/MacOS/ApplePixletVideo
0x11ca1000 - 0x11cabfff net.telestream.wmv.webplugin 2.1.0.33	/Library/Internet Plug-Ins/Flip4Mac WMV Plugin.webplugin/Contents/MacOS/Flip4Mac WMV Plugin
0x11d23000 - 0x11d3cfff GLDriver 	/System/Library/Frameworks/OpenGL.framework/Versions/A/Resources/GLDriver.bundle/GLDriver
0x11d42000 - 0x11d5dfff GLRendererFloat 	/System/Library/Frameworks/OpenGL.framework/Versions/A/Resources/GLRendererFloat.bundle/GLRendererFloat
0x12614000 - 0x1280dfff net.telestream.wmv.import 2.1.0.33	/Library/QuickTime/Flip4Mac WMV Import.component/Contents/MacOS/Flip4Mac WMV Import
0x1ba89000 - 0x1bb98fff GLEngine 	/System/Library/Frameworks/OpenGL.framework/Resources/GLEngine.bundle/GLEngine
0x1bbc7000 - 0x1bcb7fff com.apple.ATIRadeon9700GLDriver 1.4.18 (4.1.8)	/System/Library/Extensions/ATIRadeon9700GLDriver.bundle/Contents/MacOS/ATIRadeon9700GLDriver
0x1c670000 - 0x1c6a9fff com.apple.audio.SoundManager.Components 3.9.1	/System/Library/Components/SoundManagerComponents.component/Contents/MacOS/SoundManagerComponents
0x70000000 - 0x700fcfff com.apple.audio.units.Components 1.4.5	/System/Library/Components/CoreAudio.component/Contents/MacOS/CoreAudio
0x8fe00000 - 0x8fe52fff dyld 46.12	/usr/lib/dyld
0x90000000 - 0x901bdfff libSystem.B.dylib 	/usr/lib/libSystem.B.dylib
0x90215000 - 0x9021afff libmathCommon.A.dylib 	/usr/lib/system/libmathCommon.A.dylib
0x9021c000 - 0x90269fff com.apple.CoreText 1.0.3 (???)	/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/CoreText.framework/Versions/A/CoreText
0x90294000 - 0x90345fff ATS 	/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ATS.framework/Versions/A/ATS
0x90374000 - 0x9072ffff com.apple.CoreGraphics 1.258.61 (???)	/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/CoreGraphics.framework/Versions/A/CoreGraphics
0x907bc000 - 0x90895fff com.apple.CoreFoundation 6.4.7 (368.28)	/System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation
0x908de000 - 0x908defff com.apple.CoreServices 10.4 (???)	/System/Library/Frameworks/CoreServices.framework/Versions/A/CoreServices
0x908e0000 - 0x909e2fff libicucore.A.dylib 	/usr/lib/libicucore.A.dylib
0x90a3c000 - 0x90ac0fff libobjc.A.dylib 	/usr/lib/libobjc.A.dylib
0x90aea000 - 0x90b5afff com.apple.framework.IOKit 1.4 (???)	/System/Library/Frameworks/IOKit.framework/Versions/A/IOKit
0x90b70000 - 0x90b82fff libauto.dylib 	/usr/lib/libauto.dylib
0x90b89000 - 0x90e60fff com.apple.CoreServices.CarbonCore 681.9	/System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/CarbonCore.framework/Versions/A/CarbonCore
0x90ec6000 - 0x90f46fff com.apple.CoreServices.OSServices 4.1	/System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/OSServices.framework/Versions/A/OSServices
0x90f90000 - 0x90fd1fff com.apple.CFNetwork 129.20	/System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/CFNetwork.framework/Versions/A/CFNetwork
0x90fe6000 - 0x90ffefff com.apple.WebServices 1.1.2 (1.1.0)	/System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/WebServicesCore.framework/Versions/A/WebServicesCore
0x9100e000 - 0x9108ffff com.apple.SearchKit 1.0.5	/System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/SearchKit.framework/Versions/A/SearchKit
0x910d5000 - 0x910fffff com.apple.Metadata 10.4.4 (121.36)	/System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/Metadata.framework/Versions/A/Metadata
0x91110000 - 0x9111efff libz.1.dylib 	/usr/lib/libz.1.dylib
0x91121000 - 0x912dcfff com.apple.security 4.6 (29770)	/System/Library/Frameworks/Security.framework/Versions/A/Security
0x913db000 - 0x913e4fff com.apple.DiskArbitration 2.1	/System/Library/Frameworks/DiskArbitration.framework/Versions/A/DiskArbitration
0x913eb000 - 0x91413fff com.apple.SystemConfiguration 1.8.3	/System/Library/Frameworks/SystemConfiguration.framework/Versions/A/SystemConfiguration
0x91426000 - 0x91431fff libgcc_s.1.dylib 	/usr/lib/libgcc_s.1.dylib
0x91436000 - 0x9143efff libbsm.dylib 	/usr/lib/libbsm.dylib
0x91442000 - 0x914bdfff com.apple.audio.CoreAudio 3.0.4	/System/Library/Frameworks/CoreAudio.framework/Versions/A/CoreAudio
0x914fa000 - 0x914fafff com.apple.ApplicationServices 10.4 (???)	/System/Library/Frameworks/ApplicationServices.framework/Versions/A/ApplicationServices
0x914fc000 - 0x91534fff com.apple.AE 1.5 (297)	/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/AE.framework/Versions/A/AE
0x9154f000 - 0x91621fff com.apple.ColorSync 4.4.9	/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ColorSync.framework/Versions/A/ColorSync
0x91674000 - 0x91705fff com.apple.print.framework.PrintCore 4.6 (177.13)	/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/PrintCore.framework/Versions/A/PrintCore
0x9174c000 - 0x91803fff com.apple.QD 3.10.24 (???)	/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/QD.framework/Versions/A/QD
0x91840000 - 0x9189efff com.apple.HIServices 1.5.3 (???)	/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/HIServices.framework/Versions/A/HIServices
0x918cd000 - 0x918f1fff com.apple.LangAnalysis 1.6.1	/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/LangAnalysis.framework/Versions/A/LangAnalysis
0x91905000 - 0x9192afff com.apple.FindByContent 1.5	/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/FindByContent.framework/Versions/A/FindByContent
0x9193d000 - 0x9197ffff com.apple.LaunchServices 182	/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/LaunchServices.framework/Versions/A/LaunchServices
0x9199b000 - 0x919affff com.apple.speech.synthesis.framework 3.3	/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/SpeechSynthesis.framework/Versions/A/SpeechSynthesis
0x919bd000 - 0x91a03fff com.apple.ImageIO.framework 1.5.4	/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ImageIO.framework/Versions/A/ImageIO
0x91a1a000 - 0x91ae1fff libcrypto.0.9.7.dylib 	/usr/lib/libcrypto.0.9.7.dylib
0x91b2f000 - 0x91b44fff libcups.2.dylib 	/usr/lib/libcups.2.dylib
0x91b49000 - 0x91b67fff libJPEG.dylib 	/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ImageIO.framework/Versions/A/Resources/libJPEG.dylib
0x91b6d000 - 0x91c24fff libJP2.dylib 	/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ImageIO.framework/Versions/A/Resources/libJP2.dylib
0x91c73000 - 0x91c77fff libGIF.dylib 	/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ImageIO.framework/Versions/A/Resources/libGIF.dylib
0x91c79000 - 0x91ce1fff libRaw.dylib 	/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ImageIO.framework/Versions/A/Resources/libRaw.dylib
0x91ce6000 - 0x91d23fff libTIFF.dylib 	/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ImageIO.framework/Versions/A/Resources/libTIFF.dylib
0x91d2a000 - 0x91d43fff libPng.dylib 	/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ImageIO.framework/Versions/A/Resources/libPng.dylib
0x91d48000 - 0x91d4bfff libRadiance.dylib 	/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ImageIO.framework/Versions/A/Resources/libRadiance.dylib
0x91d4d000 - 0x91e2bfff libxml2.2.dylib 	/usr/lib/libxml2.2.dylib
0x91e4b000 - 0x91e4bfff com.apple.Accelerate 1.2.2 (Accelerate 1.2.2)	/System/Library/Frameworks/Accelerate.framework/Versions/A/Accelerate
0x91e4d000 - 0x91f32fff com.apple.vImage 2.4	/System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vImage.framework/Versions/A/vImage
0x91f3a000 - 0x91f59fff com.apple.Accelerate.vecLib 3.2.2 (vecLib 3.2.2)	/System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vecLib.framework/Versions/A/vecLib
0x91fc5000 - 0x92033fff libvMisc.dylib 	/System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vecLib.framework/Versions/A/libvMisc.dylib
0x9203e000 - 0x920d3fff libvDSP.dylib 	/System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vecLib.framework/Versions/A/libvDSP.dylib
0x920ed000 - 0x92675fff libBLAS.dylib 	/System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vecLib.framework/Versions/A/libBLAS.dylib
0x926a8000 - 0x929d3fff libLAPACK.dylib 	/System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vecLib.framework/Versions/A/libLAPACK.dylib
0x92a03000 - 0x92af1fff libiconv.2.dylib 	/usr/lib/libiconv.2.dylib
0x92af4000 - 0x92b7cfff com.apple.DesktopServices 1.3.6	/System/Library/PrivateFrameworks/DesktopServicesPriv.framework/Versions/A/DesktopServicesPriv
0x92bbd000 - 0x92de8fff com.apple.Foundation 6.4.8 (567.29)	/System/Library/Frameworks/Foundation.framework/Versions/C/Foundation
0x92f15000 - 0x92f33fff libGL.dylib 	/System/Library/Frameworks/OpenGL.framework/Versions/A/Libraries/libGL.dylib
0x92f3e000 - 0x92f98fff libGLU.dylib 	/System/Library/Frameworks/OpenGL.framework/Versions/A/Libraries/libGLU.dylib
0x92fb6000 - 0x92fb6fff com.apple.Carbon 10.4 (???)	/System/Library/Frameworks/Carbon.framework/Versions/A/Carbon
0x92fb8000 - 0x92fccfff com.apple.ImageCapture 3.0	/System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/ImageCapture.framework/Versions/A/ImageCapture
0x92fe4000 - 0x92ff4fff com.apple.speech.recognition.framework 3.4	/System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/SpeechRecognition.framework/Versions/A/SpeechRecognition
0x93000000 - 0x93015fff com.apple.securityhi 2.0 (203)	/System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/SecurityHI.framework/Versions/A/SecurityHI
0x93027000 - 0x930aefff com.apple.ink.framework 101.2 (69)	/System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/Ink.framework/Versions/A/Ink
0x930c2000 - 0x930cdfff com.apple.help 1.0.3 (32)	/System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/Help.framework/Versions/A/Help
0x930d7000 - 0x93104fff com.apple.openscripting 1.2.5 (???)	/System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/OpenScripting.framework/Versions/A/OpenScripting
0x9311e000 - 0x9312efff com.apple.print.framework.Print 5.0 (190.1)	/System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/Print.framework/Versions/A/Print
0x9313a000 - 0x931a0fff com.apple.htmlrendering 1.1.2	/System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/HTMLRendering.framework/Versions/A/HTMLRendering
0x931d1000 - 0x93220fff com.apple.NavigationServices 3.4.4 (3.4.3)	/System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/NavigationServices.framework/Versions/A/NavigationServices
0x9324e000 - 0x9326bfff com.apple.audio.SoundManager 3.9	/System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/CarbonSound.framework/Versions/A/CarbonSound
0x9327d000 - 0x9328afff com.apple.CommonPanels 1.2.2 (73)	/System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/CommonPanels.framework/Versions/A/CommonPanels
0x93293000 - 0x935a1fff com.apple.HIToolbox 1.4.9 (???)	/System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/HIToolbox.framework/Versions/A/HIToolbox
0x936f1000 - 0x936fdfff com.apple.opengl 1.4.7	/System/Library/Frameworks/OpenGL.framework/Versions/A/OpenGL
0x93702000 - 0x93722fff com.apple.DirectoryService.Framework 3.1	/System/Library/Frameworks/DirectoryService.framework/Versions/A/DirectoryService
0x93797000 - 0x93797fff com.apple.Cocoa 6.4 (???)	/System/Library/Frameworks/Cocoa.framework/Versions/A/Cocoa
0x93799000 - 0x93dccfff com.apple.AppKit 6.4.7 (824.41)	/System/Library/Frameworks/AppKit.framework/Versions/C/AppKit
0x94159000 - 0x941cbfff com.apple.CoreData 91 (92.1)	/System/Library/Frameworks/CoreData.framework/Versions/A/CoreData
0x94204000 - 0x942c8fff com.apple.audio.toolbox.AudioToolbox 1.4.5	/System/Library/Frameworks/AudioToolbox.framework/Versions/A/AudioToolbox
0x9431a000 - 0x9431afff com.apple.audio.units.AudioUnit 1.4	/System/Library/Frameworks/AudioUnit.framework/Versions/A/AudioUnit
0x9431c000 - 0x944dcfff com.apple.QuartzCore 1.4.12	/System/Library/Frameworks/QuartzCore.framework/Versions/A/QuartzCore
0x94526000 - 0x94563fff libsqlite3.0.dylib 	/usr/lib/libsqlite3.0.dylib
0x9456b000 - 0x945bbfff libGLImage.dylib 	/System/Library/Frameworks/OpenGL.framework/Versions/A/Libraries/libGLImage.dylib
0x945c4000 - 0x945d8fff com.apple.CoreVideo 1.4	/System/Library/Frameworks/CoreVideo.framework/Versions/A/CoreVideo
0x9466e000 - 0x946b0fff com.apple.vmutils 4.0.2 (93.1)	/System/Library/PrivateFrameworks/vmutils.framework/Versions/A/vmutils
0x946f4000 - 0x94710fff com.apple.securityfoundation 2.2 (27710)	/System/Library/Frameworks/SecurityFoundation.framework/Versions/A/SecurityFoundation
0x94724000 - 0x94768fff com.apple.securityinterface 2.2 (27692)	/System/Library/Frameworks/SecurityInterface.framework/Versions/A/SecurityInterface
0x9478c000 - 0x9479bfff libCGATS.A.dylib 	/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/CoreGraphics.framework/Versions/A/Resources/libCGATS.A.dylib
0x947a3000 - 0x947affff libCSync.A.dylib 	/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/CoreGraphics.framework/Versions/A/Resources/libCSync.A.dylib
0x947f5000 - 0x9480dfff libRIP.A.dylib 	/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/CoreGraphics.framework/Versions/A/Resources/libRIP.A.dylib
0x94814000 - 0x94ae9fff com.apple.QuickTime 7.1.5	/System/Library/Frameworks/QuickTime.framework/Versions/A/QuickTime
0x94bad000 - 0x94c1efff libstdc++.6.dylib 	/usr/lib/libstdc++.6.dylib
0x94c91000 - 0x94cb1fff libmx.A.dylib 	/usr/lib/libmx.A.dylib
0x94db9000 - 0x94ee9fff com.apple.AddressBook.framework 4.0.4 (485.1)	/System/Library/Frameworks/AddressBook.framework/Versions/A/AddressBook
0x94f7b000 - 0x94f8afff com.apple.DSObjCWrappers.Framework 1.1	/System/Library/PrivateFrameworks/DSObjCWrappers.framework/Versions/A/DSObjCWrappers
0x94f92000 - 0x94fbffff com.apple.LDAPFramework 1.4.1 (69.0.1)	/System/Library/Frameworks/LDAP.framework/Versions/A/LDAP
0x94fc6000 - 0x94fd6fff libsasl2.2.dylib 	/usr/lib/libsasl2.2.dylib
0x94fda000 - 0x95009fff libssl.0.9.7.dylib 	/usr/lib/libssl.0.9.7.dylib
0x95019000 - 0x95036fff libresolv.9.dylib 	/usr/lib/libresolv.9.dylib
0x96205000 - 0x9622efff libxslt.1.dylib 	/usr/lib/libxslt.1.dylib
0x964de000 - 0x9651dfff com.apple.QTKit 7.1.5	/System/Library/Frameworks/QTKit.framework/Versions/A/QTKit
0x96a3b000 - 0x96a7afff libtidy.A.dylib 	/usr/lib/libtidy.A.dylib
0x96af0000 - 0x96af1fff libCyrillicConverter.dylib 	/System/Library/CoreServices/Encodings/libCyrillicConverter.dylib
0x96af3000 - 0x96af4fff libGreekConverter.dylib 	/System/Library/CoreServices/Encodings/libGreekConverter.dylib
0x96af9000 - 0x96b0ffff libJapaneseConverter.dylib 	/System/Library/CoreServices/Encodings/libJapaneseConverter.dylib
0x96b11000 - 0x96b31fff libKoreanConverter.dylib 	/System/Library/CoreServices/Encodings/libKoreanConverter.dylib
0x96b3f000 - 0x96b4dfff libSimplifiedChineseConverter.dylib 	/System/Library/CoreServices/Encodings/libSimplifiedChineseConverter.dylib
0x96b52000 - 0x96b53fff libThaiConverter.dylib 	/System/Library/CoreServices/Encodings/libThaiConverter.dylib
0x96b55000 - 0x96b68fff libTraditionalChineseConverter.dylib 	/System/Library/CoreServices/Encodings/libTraditionalChineseConverter.dylib
0x973ef000 - 0x97464fff com.apple.xquery 1.1	/System/Library/PrivateFrameworks/XQuery.framework/XQuery
0x9752a000 - 0x97549fff com.apple.vecLib 3.2.2 (vecLib 3.2.2)	/System/Library/Frameworks/vecLib.framework/Versions/A/vecLib
0x97c60000 - 0x97d21fff libGLProgrammability.dylib 	/System/Library/Frameworks/OpenGL.framework/Versions/A/Libraries/libGLProgrammability.dylib
0x97d4c000 - 0x97d4dfff libGLSystem.dylib 	/System/Library/Frameworks/OpenGL.framework/Versions/A/Libraries/libGLSystem.dylib
0x97d4f000 - 0x97d5cfff com.apple.agl 2.5.6 (AGL-2.5.6)	/System/Library/Frameworks/AGL.framework/Versions/A/AGL
0x998ac000 - 0x9a459fff com.apple.QuickTimeComponents.component 7.1.5	/System/Library/QuickTime/QuickTimeComponents.component/Contents/MacOS/QuickTimeComponents
0x9a6c1000 - 0x9a6c5fff com.apple.QuickTimeH264.component 7.1.5	/System/Library/QuickTime/QuickTimeH264.component/Contents/MacOS/QuickTimeH264
0x9a6c7000 - 0x9a7adfff QuickTimeH264.altivec 	/System/Library/QuickTime/QuickTimeH264.component/Contents/Resources/QuickTimeH264.altivec
0x9a8fd000 - 0x9a9c6fff com.apple.QuickTimeMPEG4.component 7.1.5	/System/Library/QuickTime/QuickTimeMPEG4.component/Contents/MacOS/QuickTimeMPEG4
0x9a9e3000 - 0x9ab63fff com.apple.QuickTimeStreaming.component 7.1.5	/System/Library/QuickTime/QuickTimeStreaming.component/Contents/MacOS/QuickTimeStreaming
0x9b3a0000 - 0x9b3a1fff com.apple.iokit.dvcomponentglue 1.7.9	/System/Library/Frameworks/DVComponentGlue.framework/Versions/A/DVComponentGlue
0x9b511000 - 0x9b547fff com.apple.Syndication 1.0.6 (54)	/System/Library/PrivateFrameworks/Syndication.framework/Versions/A/Syndication
0x9b564000 - 0x9b576fff com.apple.SyndicationUI 1.0.6 (54)	/System/Library/PrivateFrameworks/SyndicationUI.framework/Versions/A/SyndicationUI
0x9b767000 - 0x9b8abfff libCMaps.A.dylib 	/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/CoreGraphics.framework/Versions/A/Resources/libCMaps.A.dylib

Model: PowerBook5,6, BootROM 4.9.1f1, 1 processors, PowerPC G4  (1.2), 1.67 GHz, 2 GB
Graphics: ATI Mobility Radeon 9700, ATY,RV360M11, AGP, 64 MB
Memory Module: SODIMM0/J25LOWER, 1 GB, DDR SDRAM, PC2700U-25330
Memory Module: SODIMM1/J25UPPER, 1 GB, DDR SDRAM, PC2700U-25330
AirPort: AirPort Extreme, 405.1 (3.90.34.0.p18)
Modem: Jump, V.92, Version 1.0
Bluetooth: Version 1.7.14f14, 2 service, 0 devices, 1 incoming serial ports
Network Service: AirPort, AirPort, en1
PCI Card: TXN,PCIXXXX-00, cardbus, PC Card
Parallel ATA Device: MATSHITADVD-R   UJ-845E
Parallel ATA Device: FUJITSU MHT2080AH, 74.53 GB
USB Device: Bluetooth HCI, Up to 12 Mb/sec, 500 mA
USB Device: Apple Internal Keyboard/Trackpad, Apple Computer, Up to 12 Mb/sec, 500 mA
Comment 1 Alexey Proskuryakov 2007-06-22 06:05:42 PDT 
I could reproduce this on first attempt with the same nightly, and then with the latest one, r23682.

1. Opened two tabs with www.google.com, and one with maps.google.com.
2. Searched for San Francisco in the map.
3. Clicked the Street View button.
3. When promised, zoomed in and opened street view.
4. Clicked around a little.
5. Closed the tab, got the same crash.
Comment 2 Maxime BRITTO 2007-07-03 06:47:41 PDT 
Created attachment 15367 [details]
proposed fix

Comments about the fix :
This fix is preventing the crash without any visible unexpected effects (on GoogleMaps and on the Layout Tests).
The check for the instance on the constructor is not essential but I think it may be useful to prevent  future bugs which can look like this one. If the reviewer don't like it he can remove it.

Comments about the test :
There is no test attached to this patch because we need to use tabs to reproduce it and the DumpRenderTree doesn't handle them. If there is another way to reproduce it I don't know it.
Comment 3 Maciej Stachowiak 2007-07-05 19:20:19 PDT 
Comment on attachment 15367 [details]
proposed fix

Thanks for the patch. any chance you could add a manual test, that has the instructions on what tabs to open? r- to consider making a manual test but I'd appreove this without if it's too awkward to make one.
Comment 4 mitz 2007-07-06 00:42:51 PDT 
While the patch fixes the crash, I think it would be better to figure out a way not to stop the plugin before dispatching the unload event, as the unload handler may want to pull state out of the plugin before going away (or tell the plugin to save state). It is inconsistent that it's allowed to do so when unload results from closing a window but not when it results from closing a background tab.

Consider filing a follow-up bug about the root cause after the crasher is fixed.
Comment 5 Maxime BRITTO 2007-07-06 06:11:55 PDT 
Created attachment 15418 [details]
mitz test case & mbritto fix

As we said on the IRC, I joined mitz test case to my fix in this patch.
With this patch we avoid the crash but we need to keep on working to come with a more efficient solution regarding to mitz's comment.
Comment 6 Darin Adler 2007-07-08 05:03:19 PDT 
(In reply to comment #5)
> As we said on the IRC, I joined mitz test case to my fix in this patch.
> With this patch we avoid the crash but we need to keep on working to come with
> a more efficient solution regarding to mitz's comment.

Mitz's comment is not asking for a "more efficient" fix. There's no problem here with efficiency. The problem is one of incorrect behavior. The unload handler will get incorrect results when it interacts the plug-in's objects when a background tab is closed.
Comment 7 Darin Adler 2007-07-08 05:04:34 PDT 
Comment on attachment 15418 [details]
mitz test case & mbritto fix

The comment "more efficient" is misleading. There's no efficiency problem here, but rather inconsistent behavior.

The code should put instance->rootObject() into a local variable -- it's not free and calling it twice is slower than calling it once.

But r=me anyway.
Comment 8 mitz 2007-07-09 00:47:03 PDT 
Looks like <http://trac.webkit.org/projects/webkit/changeset/24106> fixed this independently as <rdar://problem/5295734>.
Comment 9 Maciej Stachowiak 2007-07-09 00:57:50 PDT 
I fixed this in a slightly different way; I avoid creating a RuntimeObjectImp at all if the root object is destroyed, as there is no point making one for a destroyed plugin.