Bug 14207

Summary:

REGRESSION: Crash after closing a tab with Google Maps Street View

Product:

WebKit

Reporter:

Richard Mlynarik <Mly>

Component:

JavaScriptCore

Assignee:

Nobody <webkit-unassigned>

Status:

RESOLVED FIXED

Severity:

Major

CC:

mbritto, mitz, rachael, sroret, troyb

Priority:

Keywords:

GoogleBug, HasReduction, Regression

Version:

523.x (Safari 3)

Hardware:

Mac (PowerPC)

OS:

OS X 10.4

Attachments:

Description	Flags
proposed fix	mjs: review-
mitz test case & mbritto fix	darin: review+

Richard Mlynarik

Reported 2007-06-17 22:30:16 PDT

I very very much doubt I can reproduce this. I had numerous windows with numerous open. In the front window, I had two or three tabs open. The last one was maps.google.com, and I was looking at some "Street View" data, which if I recall correctly involves the (hateful, loathesome, evil) Flash plugin. I closed the tab (mouse-click, not command-W), then ka-boom. Good luck extracting anything from this. Latest nightly Webkit (23558)/ Date/Time: 2007-06-17 22:24:35.121 -0700 OS Version: 10.4.9 (Build 8P135) Report Version: 4 Command: Safari Path: /Applications/Safari.app/Contents/MacOS/Safari Parent: WindowServer [102] Version: r23558 (23558) PID: 5104 Thread: 0 Exception: EXC_BAD_ACCESS (0x0001) Codes: KERN_PROTECTION_FAILURE (0x0002) at 0x00000024 Thread 0 Crashed: 0 com.apple.JavaScriptCore 0x0044e3bc WTF::HashSet<KJS::RuntimeObjectImp*, WTF::PtrHash<KJS::RuntimeObjectImp*>, WTF::HashTraits<KJS::RuntimeObjectImp*> >::add(KJS::RuntimeObjectImp* const&) + 28 1 <<00000000>> 0xbfffb0e0 0 + -1073762080 2 com.apple.JavaScriptCore 0x0044cf54 KJS::Bindings::RootObject::addRuntimeObject(KJS::RuntimeObjectImp*) + 36 3 com.apple.WebCore 0x0129c030 WebCore::getRuntimeObject(KJS::ExecState*, WebCore::Node*) + 240 4 com.apple.WebCore 0x012a10c0 WebCore::runtimeObjectCustomGetOwnPropertySlot(KJS::ExecState*, KJS::Identifier const&, KJS::PropertySlot&, WebCore::JSHTMLElement*, WebCore::HTMLElement*) + 48 5 com.apple.WebCore 0x014db294 WebCore::JSHTMLObjectElement::getOwnPropertySlot(KJS::ExecState*, KJS::Identifier const&, KJS::PropertySlot&) + 116 6 com.apple.JavaScriptCore 0x004ba1e8 KJS::DotAccessorNode::evaluate(KJS::ExecState*) + 216 7 com.apple.JavaScriptCore 0x004b2ed8 KJS::EqualNode::evaluate(KJS::ExecState*) + 56 8 com.apple.JavaScriptCore 0x004c8094 KJS::IfNode::execute(KJS::ExecState*) + 100 9 com.apple.JavaScriptCore 0x004c522c KJS::SourceElementsNode::execute(KJS::ExecState*) + 188 10 com.apple.JavaScriptCore 0x004c8428 KJS::BlockNode::execute(KJS::ExecState*) + 136 11 com.apple.JavaScriptCore 0x004c6c70 KJS::ForNode::execute(KJS::ExecState*) + 560 12 com.apple.JavaScriptCore 0x004c52e0 KJS::SourceElementsNode::execute(KJS::ExecState*) + 368 13 com.apple.JavaScriptCore 0x004c8428 KJS::BlockNode::execute(KJS::ExecState*) + 136 14 com.apple.JavaScriptCore 0x004c8e88 KJS::DeclaredFunctionImp::execute(KJS::ExecState*) + 56 15 com.apple.JavaScriptCore 0x004c91f0 KJS::FunctionImp::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List const&) + 608 16 com.apple.JavaScriptCore 0x004badd0 KJS::FunctionCallDotNode::evaluate(KJS::ExecState*) + 832 17 com.apple.JavaScriptCore 0x004c8264 KJS::ExprStatementNode::execute(KJS::ExecState*) + 100 18 com.apple.JavaScriptCore 0x004c522c KJS::SourceElementsNode::execute(KJS::ExecState*) + 188 19 com.apple.JavaScriptCore 0x004c8428 KJS::BlockNode::execute(KJS::ExecState*) + 136 20 com.apple.JavaScriptCore 0x004c7374 KJS::WhileNode::execute(KJS::ExecState*) + 500 21 com.apple.JavaScriptCore 0x004c52e0 KJS::SourceElementsNode::execute(KJS::ExecState*) + 368 22 com.apple.JavaScriptCore 0x004c8428 KJS::BlockNode::execute(KJS::ExecState*) + 136 23 com.apple.JavaScriptCore 0x004c8e88 KJS::DeclaredFunctionImp::execute(KJS::ExecState*) + 56 24 com.apple.JavaScriptCore 0x004c91f0 KJS::FunctionImp::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List const&) + 608 25 com.apple.JavaScriptCore 0x004badd0 KJS::FunctionCallDotNode::evaluate(KJS::ExecState*) + 832 26 com.apple.JavaScriptCore 0x004c8264 KJS::ExprStatementNode::execute(KJS::ExecState*) + 100 27 com.apple.JavaScriptCore 0x004c52e0 KJS::SourceElementsNode::execute(KJS::ExecState*) + 368 28 com.apple.JavaScriptCore 0x004c8428 KJS::BlockNode::execute(KJS::ExecState*) + 136 29 com.apple.JavaScriptCore 0x004c8e88 KJS::DeclaredFunctionImp::execute(KJS::ExecState*) + 56 30 com.apple.JavaScriptCore 0x004c91f0 KJS::FunctionImp::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List const&) + 608 31 com.apple.JavaScriptCore 0x004a5388 KJS::FunctionCallResolveNode::evaluate(KJS::ExecState*) + 792 32 com.apple.JavaScriptCore 0x004c8264 KJS::ExprStatementNode::execute(KJS::ExecState*) + 100 33 com.apple.JavaScriptCore 0x004c522c KJS::SourceElementsNode::execute(KJS::ExecState*) + 188 34 com.apple.JavaScriptCore 0x004c8428 KJS::BlockNode::execute(KJS::ExecState*) + 136 35 com.apple.JavaScriptCore 0x004c8e88 KJS::DeclaredFunctionImp::execute(KJS::ExecState*) + 56 36 com.apple.JavaScriptCore 0x004c91f0 KJS::FunctionImp::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List const&) + 608 37 com.apple.JavaScriptCore 0x004c4e18 KJS::FunctionProtoFunc::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List const&) + 3464 38 com.apple.JavaScriptCore 0x004badd0 KJS::FunctionCallDotNode::evaluate(KJS::ExecState*) + 832 39 com.apple.JavaScriptCore 0x004c8ae8 KJS::ReturnNode::execute(KJS::ExecState*) + 232 40 com.apple.JavaScriptCore 0x004c522c KJS::SourceElementsNode::execute(KJS::ExecState*) + 188 41 com.apple.JavaScriptCore 0x004c8428 KJS::BlockNode::execute(KJS::ExecState*) + 136 42 com.apple.JavaScriptCore 0x004c8188 KJS::IfNode::execute(KJS::ExecState*) + 344 43 com.apple.JavaScriptCore 0x004c522c KJS::SourceElementsNode::execute(KJS::ExecState*) + 188 44 com.apple.JavaScriptCore 0x004c8428 KJS::BlockNode::execute(KJS::ExecState*) + 136 45 com.apple.JavaScriptCore 0x004c8e88 KJS::DeclaredFunctionImp::execute(KJS::ExecState*) + 56 46 com.apple.JavaScriptCore 0x004c91f0 KJS::FunctionImp::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List const&) + 608 47 com.apple.JavaScriptCore 0x004badd0 KJS::FunctionCallDotNode::evaluate(KJS::ExecState*) + 832 48 com.apple.JavaScriptCore 0x004c8264 KJS::ExprStatementNode::execute(KJS::ExecState*) + 100 49 com.apple.JavaScriptCore 0x004c522c KJS::SourceElementsNode::execute(KJS::ExecState*) + 188 50 com.apple.JavaScriptCore 0x004c8428 KJS::BlockNode::execute(KJS::ExecState*) + 136 51 com.apple.JavaScriptCore 0x004c55c8 KJS::TryNode::execute(KJS::ExecState*) + 104 52 com.apple.JavaScriptCore 0x004c522c KJS::SourceElementsNode::execute(KJS::ExecState*) + 188 53 com.apple.JavaScriptCore 0x004c8428 KJS::BlockNode::execute(KJS::ExecState*) + 136 54 com.apple.JavaScriptCore 0x004c81dc KJS::IfNode::execute(KJS::ExecState*) + 428 55 com.apple.JavaScriptCore 0x004c522c KJS::SourceElementsNode::execute(KJS::ExecState*) + 188 56 com.apple.JavaScriptCore 0x004c8428 KJS::BlockNode::execute(KJS::ExecState*) + 136 57 com.apple.JavaScriptCore 0x004c8e88 KJS::DeclaredFunctionImp::execute(KJS::ExecState*) + 56 58 com.apple.JavaScriptCore 0x004c91f0 KJS::FunctionImp::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List const&) + 608 59 com.apple.JavaScriptCore 0x004a5388 KJS::FunctionCallResolveNode::evaluate(KJS::ExecState*) + 792 60 com.apple.JavaScriptCore 0x004c8264 KJS::ExprStatementNode::execute(KJS::ExecState*) + 100 61 com.apple.JavaScriptCore 0x004c522c KJS::SourceElementsNode::execute(KJS::ExecState*) + 188 62 com.apple.JavaScriptCore 0x004c8428 KJS::BlockNode::execute(KJS::ExecState*) + 136 63 com.apple.JavaScriptCore 0x004c6c70 KJS::ForNode::execute(KJS::ExecState*) + 560 64 com.apple.JavaScriptCore 0x004c52e0 KJS::SourceElementsNode::execute(KJS::ExecState*) + 368 65 com.apple.JavaScriptCore 0x004c8428 KJS::BlockNode::execute(KJS::ExecState*) + 136 66 com.apple.JavaScriptCore 0x004c8e88 KJS::DeclaredFunctionImp::execute(KJS::ExecState*) + 56 67 com.apple.JavaScriptCore 0x004c91f0 KJS::FunctionImp::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List const&) + 608 68 com.apple.JavaScriptCore 0x004a5388 KJS::FunctionCallResolveNode::evaluate(KJS::ExecState*) + 792 69 com.apple.JavaScriptCore 0x004c8264 KJS::ExprStatementNode::execute(KJS::ExecState*) + 100 70 com.apple.JavaScriptCore 0x004c52e0 KJS::SourceElementsNode::execute(KJS::ExecState*) + 368 71 com.apple.JavaScriptCore 0x004c8428 KJS::BlockNode::execute(KJS::ExecState*) + 136 72 com.apple.JavaScriptCore 0x004c8e88 KJS::DeclaredFunctionImp::execute(KJS::ExecState*) + 56 73 com.apple.JavaScriptCore 0x004c91f0 KJS::FunctionImp::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List const&) + 608 74 com.apple.JavaScriptCore 0x004a5388 KJS::FunctionCallResolveNode::evaluate(KJS::ExecState*) + 792 75 com.apple.JavaScriptCore 0x004c8264 KJS::ExprStatementNode::execute(KJS::ExecState*) + 100 76 com.apple.JavaScriptCore 0x004c52e0 KJS::SourceElementsNode::execute(KJS::ExecState*) + 368 77 com.apple.JavaScriptCore 0x004c8428 KJS::BlockNode::execute(KJS::ExecState*) + 136 78 com.apple.JavaScriptCore 0x004c8188 KJS::IfNode::execute(KJS::ExecState*) + 344 79 com.apple.JavaScriptCore 0x004c52e0 KJS::SourceElementsNode::execute(KJS::ExecState*) + 368 80 com.apple.JavaScriptCore 0x004c8428 KJS::BlockNode::execute(KJS::ExecState*) + 136 81 com.apple.JavaScriptCore 0x004c6c70 KJS::ForNode::execute(KJS::ExecState*) + 560 82 com.apple.JavaScriptCore 0x004c52e0 KJS::SourceElementsNode::execute(KJS::ExecState*) + 368 83 com.apple.JavaScriptCore 0x004c8428 KJS::BlockNode::execute(KJS::ExecState*) + 136 84 com.apple.JavaScriptCore 0x004c8e88 KJS::DeclaredFunctionImp::execute(KJS::ExecState*) + 56 85 com.apple.JavaScriptCore 0x004c91f0 KJS::FunctionImp::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List const&) + 608 86 com.apple.JavaScriptCore 0x004a5388 KJS::FunctionCallResolveNode::evaluate(KJS::ExecState*) + 792 87 com.apple.JavaScriptCore 0x004c8264 KJS::ExprStatementNode::execute(KJS::ExecState*) + 100 88 com.apple.JavaScriptCore 0x004c522c KJS::SourceElementsNode::execute(KJS::ExecState*) + 188 89 com.apple.JavaScriptCore 0x004c8428 KJS::BlockNode::execute(KJS::ExecState*) + 136 90 com.apple.JavaScriptCore 0x004c8e88 KJS::DeclaredFunctionImp::execute(KJS::ExecState*) + 56 91 com.apple.JavaScriptCore 0x004c91f0 KJS::FunctionImp::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List const&) + 608 92 com.apple.JavaScriptCore 0x004a5388 KJS::FunctionCallResolveNode::evaluate(KJS::ExecState*) + 792 93 com.apple.JavaScriptCore 0x004c8264 KJS::ExprStatementNode::execute(KJS::ExecState*) + 100 94 com.apple.JavaScriptCore 0x004c522c KJS::SourceElementsNode::execute(KJS::ExecState*) + 188 95 com.apple.JavaScriptCore 0x004c8428 KJS::BlockNode::execute(KJS::ExecState*) + 136 96 com.apple.JavaScriptCore 0x004c8188 KJS::IfNode::execute(KJS::ExecState*) + 344 97 com.apple.JavaScriptCore 0x004c522c KJS::SourceElementsNode::execute(KJS::ExecState*) + 188 98 com.apple.JavaScriptCore 0x004c8428 KJS::BlockNode::execute(KJS::ExecState*) + 136 99 com.apple.JavaScriptCore 0x004c8e88 KJS::DeclaredFunctionImp::execute(KJS::ExecState*) + 56 100 com.apple.JavaScriptCore 0x004c91f0 KJS::FunctionImp::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List const&) + 608 101 com.apple.JavaScriptCore 0x004a5388 KJS::FunctionCallResolveNode::evaluate(KJS::ExecState*) + 792 102 com.apple.JavaScriptCore 0x004c8264 KJS::ExprStatementNode::execute(KJS::ExecState*) + 100 103 com.apple.JavaScriptCore 0x004c522c KJS::SourceElementsNode::execute(KJS::ExecState*) + 188 104 com.apple.JavaScriptCore 0x004c8428 KJS::BlockNode::execute(KJS::ExecState*) + 136 105 com.apple.JavaScriptCore 0x004c8e88 KJS::DeclaredFunctionImp::execute(KJS::ExecState*) + 56 106 com.apple.JavaScriptCore 0x004c91f0 KJS::FunctionImp::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List const&) + 608 107 com.apple.JavaScriptCore 0x0049c594 KJS::JSObject::call(KJS::ExecState*, KJS::JSObject*, KJS::List const&) + 116 108 com.apple.WebCore 0x0129e0dc KJS::JSAbstractEventListener::handleEvent(WebCore::Event*, bool) + 540 109 com.apple.WebCore 0x010eab5c WebCore::Document::handleWindowEvent(WebCore::Event*, bool) + 156 110 com.apple.WebCore 0x01260d5c WebCore::EventTargetNode::dispatchWindowEvent(WebCore::AtomicString const&, bool, bool) + 252 111 com.apple.WebCore 0x0146b368 WebCore::FrameLoader::stopLoading(bool) + 216 112 com.apple.WebCore 0x0146b6a4 WebCore::FrameLoader::closeURL() + 36 113 com.apple.WebCore 0x0146b710 WebCore::FrameLoader::detachFromParent() + 64 114 com.apple.WebKit 0x0035af68 -[WebView(WebPrivate) _close] + 312 115 com.apple.Safari 0x00047858 0x1000 + 288856 116 com.apple.Safari 0x000476fc 0x1000 + 288508 117 com.apple.Safari 0x00047690 0x1000 + 288400 118 com.apple.AppKit 0x93842c4c -[NSApplication sendAction:to:from:] + 108 119 com.apple.Safari 0x0002956c 0x1000 + 165228 120 com.apple.AppKit 0x93842b80 -[NSControl sendAction:to:] + 96 121 com.apple.AppKit 0x93842a60 -[NSCell _sendActionFrom:] + 156 122 com.apple.AppKit 0x9385ca88 -[NSCell trackMouse:inRect:ofView:untilMouseUp:] + 1020 123 com.apple.AppKit 0x9385c670 -[NSButtonCell trackMouse:inRect:ofView:untilMouseUp:] + 564 124 com.apple.AppKit 0x9385c094 -[NSControl mouseDown:] + 536 125 com.apple.Safari 0x0003dde0 0x1000 + 249312 126 com.apple.AppKit 0x937fd890 -[NSWindow sendEvent:] + 4616 127 com.apple.Safari 0x00021734 0x1000 + 132916 128 com.apple.AppKit 0x937a68d4 -[NSApplication sendEvent:] + 4172 129 com.apple.Safari 0x00021238 0x1000 + 131640 130 com.apple.AppKit 0x9379dd10 -[NSApplication run] + 508 131 com.apple.AppKit 0x9388e87c NSApplicationMain + 452 132 com.apple.Safari 0x0005c77c 0x1000 + 374652 133 com.apple.Safari 0x0005c624 0x1000 + 374308 Thread 1: 0 libSystem.B.dylib 0x9000b4c8 mach_msg_trap + 8 1 libSystem.B.dylib 0x9000b41c mach_msg + 60 2 com.apple.CoreFoundation 0x907deba8 __CFRunLoopRun + 832 3 com.apple.CoreFoundation 0x907de4ac CFRunLoopRunSpecific + 268 4 com.apple.Foundation 0x92c0a6a8 +[NSURLConnection(NSURLConnectionInternal) _resourceLoadLoop:] + 264 5 com.apple.Foundation 0x92be31a0 forkThreadForFunction + 108 6 libSystem.B.dylib 0x9002be88 _pthread_body + 96 Thread 2: 0 libSystem.B.dylib 0x9000b4c8 mach_msg_trap + 8 1 libSystem.B.dylib 0x9000b41c mach_msg + 60 2 com.apple.CoreFoundation 0x907deba8 __CFRunLoopRun + 832 3 com.apple.CoreFoundation 0x907de4ac CFRunLoopRunSpecific + 268 4 com.apple.Foundation 0x92c0b7e8 +[NSURLCache _diskCacheSyncLoop:] + 152 5 com.apple.Foundation 0x92be31a0 forkThreadForFunction + 108 6 libSystem.B.dylib 0x9002be88 _pthread_body + 96 Thread 3: 0 libSystem.B.dylib 0x9002c548 semaphore_wait_signal_trap + 8 1 libSystem.B.dylib 0x9003102c pthread_cond_wait + 480 2 com.apple.Foundation 0x92bea30c -[NSConditionLock lockWhenCondition:] + 68 3 com.apple.Syndication 0x9b51442c -[AsyncDB _run:] + 192 4 com.apple.Foundation 0x92be31a0 forkThreadForFunction + 108 5 libSystem.B.dylib 0x9002be88 _pthread_body + 96 Thread 4: 0 libSystem.B.dylib 0x9001fa0c select + 12 1 com.apple.CoreFoundation 0x907f1434 __CFSocketManager + 472 2 libSystem.B.dylib 0x9002be88 _pthread_body + 96 Thread 5: 0 libSystem.B.dylib 0x9002c548 semaphore_wait_signal_trap + 8 1 libSystem.B.dylib 0x9003102c pthread_cond_wait + 480 2 com.apple.Foundation 0x92bea30c -[NSConditionLock lockWhenCondition:] + 68 3 com.apple.AppKit 0x9383e708 -[NSUIHeartBeat _heartBeatThread:] + 324 4 com.apple.Foundation 0x92be31a0 forkThreadForFunction + 108 5 libSystem.B.dylib 0x9002be88 _pthread_body + 96 Thread 6: 0 libSystem.B.dylib 0x9000b4c8 mach_msg_trap + 8 1 libSystem.B.dylib 0x9000b41c mach_msg + 60 2 ...romedia.Flash Player.plugin 0x080d6688 native_ShockwaveFlash_TCallFrame + 1368296 3 libSystem.B.dylib 0x9002be88 _pthread_body + 96 Thread 7: 0 libSystem.B.dylib 0x90055468 semaphore_timedwait_signal_trap + 8 1 libSystem.B.dylib 0x90071be8 pthread_cond_timedwait_relative_np + 556 2 ...ple.CoreServices.CarbonCore 0x90bf748c TSWaitOnSemaphoreCommon + 176 3 ...ickTimeComponents.component 0x998c4224 ReadSchedulerThreadEntryPoint + 5300 4 libSystem.B.dylib 0x9002be88 _pthread_body + 96 Thread 8: 0 libSystem.B.dylib 0x9000b4c8 mach_msg_trap + 8 1 libSystem.B.dylib 0x9000b41c mach_msg + 60 2 com.apple.CoreFoundation 0x907deba8 __CFRunLoopRun + 832 3 com.apple.CoreFoundation 0x907de4ac CFRunLoopRunSpecific + 268 4 com.apple.CoreFoundation 0x907ed90c CFRunLoopRun + 52 5 com.apple.QuickTime 0x948a2040 QTSNetworkThread_RunThread + 128 6 libSystem.B.dylib 0x9002be88 _pthread_body + 96 Thread 9: 0 libSystem.B.dylib 0x9000b4c8 mach_msg_trap + 8 1 libSystem.B.dylib 0x9000b41c mach_msg + 60 2 com.apple.CoreFoundation 0x907deba8 __CFRunLoopRun + 832 3 com.apple.CoreFoundation 0x907de4ac CFRunLoopRunSpecific + 268 4 com.apple.audio.CoreAudio 0x9145763c HALRunLoop::OwnThread(void*) + 264 5 com.apple.audio.CoreAudio 0x914573dc CAPThread::Entry(CAPThread*) + 96 6 libSystem.B.dylib 0x9002be88 _pthread_body + 96 Thread 0 crashed with PPC Thread State 64: srr0: 0x000000000044e3bc srr1: 0x000000000000f030 vrsave: 0x00000000fff00000 cr: 0x44044242 xer: 0x0000000000000004 lr: 0x000000000044cf54 ctr: 0x0000000000442c00 r0: 0x000000000044cf54 r1: 0x00000000bfffaad0 r2: 0x0000000000441400 r3: 0x00000000bfffab80 r4: 0x0000000000000024 r5: 0x00000000bfffabbc r6: 0x0000000009086c40 r7: 0x0000000000000545 r8: 0x00000000114f0000 r9: 0x0000000000505d80 r10: 0x0000000000441a3c r11: 0x00000000114e5684 r12: 0x0000000000442c00 r13: 0x00000000a37cc688 r14: 0x0000000000000100 r15: 0x0000000000000000 r16: 0x000000000050508c r17: 0x000000000051508c r18: 0x000000000051508c r19: 0x000000000051508c r20: 0x000000000051508c r21: 0x00000000bfffb0f0 r22: 0x00000000bfffb530 r23: 0x0000000000506a58 r24: 0x00000000bfffaf9c r25: 0x00000000bfffaef0 r26: 0x0000000000505180 r27: 0x00000000bfffab80 r28: 0x00000000087fbae0 r29: 0x00000000bfffabbc r30: 0x0000000000000024 r31: 0x000000000129bf50 Binary Images Description: 0x1000 - 0xdcfff com.apple.Safari 2.0.4 (419.3) /Applications/Safari.app/Contents/MacOS/Safari 0x109000 - 0x10afff WebKitNightlyEnabler.dylib /Applications/WebKit.app/Contents/Resources/WebKitNightlyEnabler.dylib 0x305000 - 0x3b9fff com.apple.WebKit 522+ /Applications/WebKit.app/Contents/Resources/WebKit.framework/Versions/A/WebKit 0x43a000 - 0x4eefff com.apple.JavaScriptCore 522+ /Applications/WebKit.app/Contents/Resources/JavaScriptCore.framework/Versions/A/JavaScriptCore 0x1008000 - 0x1564fff com.apple.WebCore 522+ /Applications/WebKit.app/Contents/Resources/WebCore.framework/Versions/A/WebCore 0x19a0000 - 0x19a7fff com.unsanity.smartcrashreports Smart Crash Reports version 1.0.3 (1.0.3b1) /Users/mly/Library/InputManagers/Smart Crash Reports/Smart Crash Reports.bundle/Contents/MacOS/Smart Crash Reports 0x1c09000 - 0x1c09fff com.apple.SpotLightCM 1.0 (121.20.2) /System/Library/Contextual Menu Items/SpotlightCM.plugin/Contents/MacOS/SpotlightCM 0x1fc3000 - 0x1fc5fff com.apple.AutomatorCMM 1.0 (48) /System/Library/Contextual Menu Items/AutomatorCMM.plugin/Contents/MacOS/AutomatorCMM 0x1fc8000 - 0x1fccfff com.apple.FolderActionsMenu 1.3 /System/Library/Contextual Menu Items/FolderActionsMenu.plugin/Contents/MacOS/FolderActionsMenu 0x5ad21e0 - 0x5ad22b6 CFMPriv_HTMLRendering PEF binary: CFMPriv_HTMLRendering 0x5ad2390 - 0x5ad2452 CFMPriv_AE PEF binary: CFMPriv_AE 0x5ad2760 - 0x5ad282a CFMPriv_HIToolbox PEF binary: CFMPriv_HIToolbox 0x5ad28b0 - 0x5ad296b CFMPriv_Help PEF binary: CFMPriv_Help 0x5ad4850 - 0x5ad4923 CFMPriv_CommonPanels PEF binary: CFMPriv_CommonPanels 0x5ad56c0 - 0x5ad5790 CFMPriv_CarbonSound PEF binary: CFMPriv_CarbonSound 0x5ad71d0 - 0x5ad7247 CFMPriv_System PEF binary: CFMPriv_System 0x5adeb90 - 0x5adec79 CFMPriv_SpeechSynthesis PEF binary: CFMPriv_SpeechSynthesis 0x5adee70 - 0x5adef32 CFMPriv_QD PEF binary: CFMPriv_QD 0x5adefc0 - 0x5adf097 CFMPriv_PrintCore PEF binary: CFMPriv_PrintCore 0x5adf160 - 0x5adf246 CFMPriv_LaunchServices PEF binary: CFMPriv_LaunchServices 0x5adfce0 - 0x5adfdc0 CFMPriv_LangAnalysis PEF binary: CFMPriv_LangAnalysis 0x5adfe60 - 0x5adff3a CFMPriv_HIServices PEF binary: CFMPriv_HIServices 0x5adffb0 - 0x5ae0093 CFMPriv_FindByContent PEF binary: CFMPriv_FindByContent 0x5ae0270 - 0x5ae0347 CFMPriv_ColorSync PEF binary: CFMPriv_ColorSync 0x5ae0430 - 0x5ae04f5 CFMPriv_ATS PEF binary: CFMPriv_ATS 0x5ae0930 - 0x5ae0a03 CFMPriv_OSServices PEF binary: CFMPriv_OSServices 0x5ae13e0 - 0x5ae14b3 CFMPriv_CarbonCore PEF binary: CFMPriv_CarbonCore 0x5ae55b0 - 0x5ae5683 CFMPriv_ImageCapture PEF binary: CFMPriv_ImageCapture 0x5ae85c0 - 0x5ae867e CFMPriv_Print PEF binary: CFMPriv_Print 0x5aec6c0 - 0x5aec7a5 CFMPriv_NavigationServices PEF binary: CFMPriv_NavigationServices 0x5aed810 - 0x5aed8dd CFMPriv_SecurityHI PEF binary: CFMPriv_SecurityHI 0x5aee520 - 0x5aee5d2 CFMPriv_CoreFoundation PEF binary: CFMPriv_CoreFoundation 0x5aeed50 - 0x5aeee26 CFMPriv_OpenScripting PEF binary: CFMPriv_OpenScripting 0x5af1290 - 0x5af1345 CFMPriv_DVComponentGlue PEF binary: CFMPriv_DVComponentGlue 0x5af4180 - 0x5af4262 CFMPriv_SpeechRecognition PEF binary: CFMPriv_SpeechRecognition 0x5af45d0 - 0x5af4673 CFMPriv_QuickTime PEF binary: CFMPriv_QuickTime 0x7e20000 - 0x8134fff com.macromedia.Flash Player.plugin 9.0.28 (1.0.4f22) /Library/Internet Plug-Ins/Flash Player.plugin/Contents/MacOS/Flash Player 0x8c69000 - 0x8cd1fff com.DivXInc.DivXDecoder 6.4.0 /Library/QuickTime/DivX Decoder.component/Contents/MacOS/DivX Decoder 0xd822000 - 0xd823fff com.apple.aoa.halplugin 2.5.6 (2.5.6b5) /System/Library/Extensions/IOAudioFamily.kext/Contents/PlugIns/AOAHALPlugin.bundle/Contents/MacOS/AOAHALPlugin 0xf110000 - 0xf166523 PDF Browser Plugin PEF binary: PDF Browser Plugin 0xf167000 - 0xf1b63c7 CarbonLibpwpc PEF binary: CarbonLibpwpc 0xf1b63d0 - 0xf1ce6bd Apple;Carbon;Multimedia PEF binary: Apple;Carbon;Multimedia 0xf672000 - 0xf6b1fff com.apple.QuickTimeFireWireDV.component 7.1.5 /System/Library/QuickTime/QuickTimeFireWireDV.component/Contents/MacOS/QuickTimeFireWireDV 0xf6f0000 - 0xf759fff com.apple.AppleIntermediateCodec 1.0.1 (124) /Library/QuickTime/AppleIntermediateCodec.component/Contents/MacOS/AppleIntermediateCodec 0x1059d000 - 0x1059ffff com.apple.PDFImporter 1.6 (???) /System/Library/Components/PDFImporter.component/Contents/MacOS/PDFImporter 0x11046000 - 0x110bffff com.apple.applepixletvideo 1.2.5 (1.2d5) /System/Library/QuickTime/ApplePixletVideo.component/Contents/MacOS/ApplePixletVideo 0x11ca1000 - 0x11cabfff net.telestream.wmv.webplugin 2.1.0.33 /Library/Internet Plug-Ins/Flip4Mac WMV Plugin.webplugin/Contents/MacOS/Flip4Mac WMV Plugin 0x11d23000 - 0x11d3cfff GLDriver /System/Library/Frameworks/OpenGL.framework/Versions/A/Resources/GLDriver.bundle/GLDriver 0x11d42000 - 0x11d5dfff GLRendererFloat /System/Library/Frameworks/OpenGL.framework/Versions/A/Resources/GLRendererFloat.bundle/GLRendererFloat 0x12614000 - 0x1280dfff net.telestream.wmv.import 2.1.0.33 /Library/QuickTime/Flip4Mac WMV Import.component/Contents/MacOS/Flip4Mac WMV Import 0x1ba89000 - 0x1bb98fff GLEngine /System/Library/Frameworks/OpenGL.framework/Resources/GLEngine.bundle/GLEngine 0x1bbc7000 - 0x1bcb7fff com.apple.ATIRadeon9700GLDriver 1.4.18 (4.1.8) /System/Library/Extensions/ATIRadeon9700GLDriver.bundle/Contents/MacOS/ATIRadeon9700GLDriver 0x1c670000 - 0x1c6a9fff com.apple.audio.SoundManager.Components 3.9.1 /System/Library/Components/SoundManagerComponents.component/Contents/MacOS/SoundManagerComponents 0x70000000 - 0x700fcfff com.apple.audio.units.Components 1.4.5 /System/Library/Components/CoreAudio.component/Contents/MacOS/CoreAudio 0x8fe00000 - 0x8fe52fff dyld 46.12 /usr/lib/dyld 0x90000000 - 0x901bdfff libSystem.B.dylib /usr/lib/libSystem.B.dylib 0x90215000 - 0x9021afff libmathCommon.A.dylib /usr/lib/system/libmathCommon.A.dylib 0x9021c000 - 0x90269fff com.apple.CoreText 1.0.3 (???) /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/CoreText.framework/Versions/A/CoreText 0x90294000 - 0x90345fff ATS /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ATS.framework/Versions/A/ATS 0x90374000 - 0x9072ffff com.apple.CoreGraphics 1.258.61 (???) /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/CoreGraphics.framework/Versions/A/CoreGraphics 0x907bc000 - 0x90895fff com.apple.CoreFoundation 6.4.7 (368.28) /System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation 0x908de000 - 0x908defff com.apple.CoreServices 10.4 (???) /System/Library/Frameworks/CoreServices.framework/Versions/A/CoreServices 0x908e0000 - 0x909e2fff libicucore.A.dylib /usr/lib/libicucore.A.dylib 0x90a3c000 - 0x90ac0fff libobjc.A.dylib /usr/lib/libobjc.A.dylib 0x90aea000 - 0x90b5afff com.apple.framework.IOKit 1.4 (???) /System/Library/Frameworks/IOKit.framework/Versions/A/IOKit 0x90b70000 - 0x90b82fff libauto.dylib /usr/lib/libauto.dylib 0x90b89000 - 0x90e60fff com.apple.CoreServices.CarbonCore 681.9 /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/CarbonCore.framework/Versions/A/CarbonCore 0x90ec6000 - 0x90f46fff com.apple.CoreServices.OSServices 4.1 /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/OSServices.framework/Versions/A/OSServices 0x90f90000 - 0x90fd1fff com.apple.CFNetwork 129.20 /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/CFNetwork.framework/Versions/A/CFNetwork 0x90fe6000 - 0x90ffefff com.apple.WebServices 1.1.2 (1.1.0) /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/WebServicesCore.framework/Versions/A/WebServicesCore 0x9100e000 - 0x9108ffff com.apple.SearchKit 1.0.5 /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/SearchKit.framework/Versions/A/SearchKit 0x910d5000 - 0x910fffff com.apple.Metadata 10.4.4 (121.36) /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/Metadata.framework/Versions/A/Metadata 0x91110000 - 0x9111efff libz.1.dylib /usr/lib/libz.1.dylib 0x91121000 - 0x912dcfff com.apple.security 4.6 (29770) /System/Library/Frameworks/Security.framework/Versions/A/Security 0x913db000 - 0x913e4fff com.apple.DiskArbitration 2.1 /System/Library/Frameworks/DiskArbitration.framework/Versions/A/DiskArbitration 0x913eb000 - 0x91413fff com.apple.SystemConfiguration 1.8.3 /System/Library/Frameworks/SystemConfiguration.framework/Versions/A/SystemConfiguration 0x91426000 - 0x91431fff libgcc_s.1.dylib /usr/lib/libgcc_s.1.dylib 0x91436000 - 0x9143efff libbsm.dylib /usr/lib/libbsm.dylib 0x91442000 - 0x914bdfff com.apple.audio.CoreAudio 3.0.4 /System/Library/Frameworks/CoreAudio.framework/Versions/A/CoreAudio 0x914fa000 - 0x914fafff com.apple.ApplicationServices 10.4 (???) /System/Library/Frameworks/ApplicationServices.framework/Versions/A/ApplicationServices 0x914fc000 - 0x91534fff com.apple.AE 1.5 (297) /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/AE.framework/Versions/A/AE 0x9154f000 - 0x91621fff com.apple.ColorSync 4.4.9 /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ColorSync.framework/Versions/A/ColorSync 0x91674000 - 0x91705fff com.apple.print.framework.PrintCore 4.6 (177.13) /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/PrintCore.framework/Versions/A/PrintCore 0x9174c000 - 0x91803fff com.apple.QD 3.10.24 (???) /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/QD.framework/Versions/A/QD 0x91840000 - 0x9189efff com.apple.HIServices 1.5.3 (???) /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/HIServices.framework/Versions/A/HIServices 0x918cd000 - 0x918f1fff com.apple.LangAnalysis 1.6.1 /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/LangAnalysis.framework/Versions/A/LangAnalysis 0x91905000 - 0x9192afff com.apple.FindByContent 1.5 /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/FindByContent.framework/Versions/A/FindByContent 0x9193d000 - 0x9197ffff com.apple.LaunchServices 182 /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/LaunchServices.framework/Versions/A/LaunchServices 0x9199b000 - 0x919affff com.apple.speech.synthesis.framework 3.3 /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/SpeechSynthesis.framework/Versions/A/SpeechSynthesis 0x919bd000 - 0x91a03fff com.apple.ImageIO.framework 1.5.4 /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ImageIO.framework/Versions/A/ImageIO 0x91a1a000 - 0x91ae1fff libcrypto.0.9.7.dylib /usr/lib/libcrypto.0.9.7.dylib 0x91b2f000 - 0x91b44fff libcups.2.dylib /usr/lib/libcups.2.dylib 0x91b49000 - 0x91b67fff libJPEG.dylib /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ImageIO.framework/Versions/A/Resources/libJPEG.dylib 0x91b6d000 - 0x91c24fff libJP2.dylib /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ImageIO.framework/Versions/A/Resources/libJP2.dylib 0x91c73000 - 0x91c77fff libGIF.dylib /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ImageIO.framework/Versions/A/Resources/libGIF.dylib 0x91c79000 - 0x91ce1fff libRaw.dylib /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ImageIO.framework/Versions/A/Resources/libRaw.dylib 0x91ce6000 - 0x91d23fff libTIFF.dylib /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ImageIO.framework/Versions/A/Resources/libTIFF.dylib 0x91d2a000 - 0x91d43fff libPng.dylib /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ImageIO.framework/Versions/A/Resources/libPng.dylib 0x91d48000 - 0x91d4bfff libRadiance.dylib /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ImageIO.framework/Versions/A/Resources/libRadiance.dylib 0x91d4d000 - 0x91e2bfff libxml2.2.dylib /usr/lib/libxml2.2.dylib 0x91e4b000 - 0x91e4bfff com.apple.Accelerate 1.2.2 (Accelerate 1.2.2) /System/Library/Frameworks/Accelerate.framework/Versions/A/Accelerate 0x91e4d000 - 0x91f32fff com.apple.vImage 2.4 /System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vImage.framework/Versions/A/vImage 0x91f3a000 - 0x91f59fff com.apple.Accelerate.vecLib 3.2.2 (vecLib 3.2.2) /System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vecLib.framework/Versions/A/vecLib 0x91fc5000 - 0x92033fff libvMisc.dylib /System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vecLib.framework/Versions/A/libvMisc.dylib 0x9203e000 - 0x920d3fff libvDSP.dylib /System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vecLib.framework/Versions/A/libvDSP.dylib 0x920ed000 - 0x92675fff libBLAS.dylib /System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vecLib.framework/Versions/A/libBLAS.dylib 0x926a8000 - 0x929d3fff libLAPACK.dylib /System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vecLib.framework/Versions/A/libLAPACK.dylib 0x92a03000 - 0x92af1fff libiconv.2.dylib /usr/lib/libiconv.2.dylib 0x92af4000 - 0x92b7cfff com.apple.DesktopServices 1.3.6 /System/Library/PrivateFrameworks/DesktopServicesPriv.framework/Versions/A/DesktopServicesPriv 0x92bbd000 - 0x92de8fff com.apple.Foundation 6.4.8 (567.29) /System/Library/Frameworks/Foundation.framework/Versions/C/Foundation 0x92f15000 - 0x92f33fff libGL.dylib /System/Library/Frameworks/OpenGL.framework/Versions/A/Libraries/libGL.dylib 0x92f3e000 - 0x92f98fff libGLU.dylib /System/Library/Frameworks/OpenGL.framework/Versions/A/Libraries/libGLU.dylib 0x92fb6000 - 0x92fb6fff com.apple.Carbon 10.4 (???) /System/Library/Frameworks/Carbon.framework/Versions/A/Carbon 0x92fb8000 - 0x92fccfff com.apple.ImageCapture 3.0 /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/ImageCapture.framework/Versions/A/ImageCapture 0x92fe4000 - 0x92ff4fff com.apple.speech.recognition.framework 3.4 /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/SpeechRecognition.framework/Versions/A/SpeechRecognition 0x93000000 - 0x93015fff com.apple.securityhi 2.0 (203) /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/SecurityHI.framework/Versions/A/SecurityHI 0x93027000 - 0x930aefff com.apple.ink.framework 101.2 (69) /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/Ink.framework/Versions/A/Ink 0x930c2000 - 0x930cdfff com.apple.help 1.0.3 (32) /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/Help.framework/Versions/A/Help 0x930d7000 - 0x93104fff com.apple.openscripting 1.2.5 (???) /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/OpenScripting.framework/Versions/A/OpenScripting 0x9311e000 - 0x9312efff com.apple.print.framework.Print 5.0 (190.1) /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/Print.framework/Versions/A/Print 0x9313a000 - 0x931a0fff com.apple.htmlrendering 1.1.2 /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/HTMLRendering.framework/Versions/A/HTMLRendering 0x931d1000 - 0x93220fff com.apple.NavigationServices 3.4.4 (3.4.3) /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/NavigationServices.framework/Versions/A/NavigationServices 0x9324e000 - 0x9326bfff com.apple.audio.SoundManager 3.9 /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/CarbonSound.framework/Versions/A/CarbonSound 0x9327d000 - 0x9328afff com.apple.CommonPanels 1.2.2 (73) /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/CommonPanels.framework/Versions/A/CommonPanels 0x93293000 - 0x935a1fff com.apple.HIToolbox 1.4.9 (???) /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/HIToolbox.framework/Versions/A/HIToolbox 0x936f1000 - 0x936fdfff com.apple.opengl 1.4.7 /System/Library/Frameworks/OpenGL.framework/Versions/A/OpenGL 0x93702000 - 0x93722fff com.apple.DirectoryService.Framework 3.1 /System/Library/Frameworks/DirectoryService.framework/Versions/A/DirectoryService 0x93797000 - 0x93797fff com.apple.Cocoa 6.4 (???) /System/Library/Frameworks/Cocoa.framework/Versions/A/Cocoa 0x93799000 - 0x93dccfff com.apple.AppKit 6.4.7 (824.41) /System/Library/Frameworks/AppKit.framework/Versions/C/AppKit 0x94159000 - 0x941cbfff com.apple.CoreData 91 (92.1) /System/Library/Frameworks/CoreData.framework/Versions/A/CoreData 0x94204000 - 0x942c8fff com.apple.audio.toolbox.AudioToolbox 1.4.5 /System/Library/Frameworks/AudioToolbox.framework/Versions/A/AudioToolbox 0x9431a000 - 0x9431afff com.apple.audio.units.AudioUnit 1.4 /System/Library/Frameworks/AudioUnit.framework/Versions/A/AudioUnit 0x9431c000 - 0x944dcfff com.apple.QuartzCore 1.4.12 /System/Library/Frameworks/QuartzCore.framework/Versions/A/QuartzCore 0x94526000 - 0x94563fff libsqlite3.0.dylib /usr/lib/libsqlite3.0.dylib 0x9456b000 - 0x945bbfff libGLImage.dylib /System/Library/Frameworks/OpenGL.framework/Versions/A/Libraries/libGLImage.dylib 0x945c4000 - 0x945d8fff com.apple.CoreVideo 1.4 /System/Library/Frameworks/CoreVideo.framework/Versions/A/CoreVideo 0x9466e000 - 0x946b0fff com.apple.vmutils 4.0.2 (93.1) /System/Library/PrivateFrameworks/vmutils.framework/Versions/A/vmutils 0x946f4000 - 0x94710fff com.apple.securityfoundation 2.2 (27710) /System/Library/Frameworks/SecurityFoundation.framework/Versions/A/SecurityFoundation 0x94724000 - 0x94768fff com.apple.securityinterface 2.2 (27692) /System/Library/Frameworks/SecurityInterface.framework/Versions/A/SecurityInterface 0x9478c000 - 0x9479bfff libCGATS.A.dylib /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/CoreGraphics.framework/Versions/A/Resources/libCGATS.A.dylib 0x947a3000 - 0x947affff libCSync.A.dylib /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/CoreGraphics.framework/Versions/A/Resources/libCSync.A.dylib 0x947f5000 - 0x9480dfff libRIP.A.dylib /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/CoreGraphics.framework/Versions/A/Resources/libRIP.A.dylib 0x94814000 - 0x94ae9fff com.apple.QuickTime 7.1.5 /System/Library/Frameworks/QuickTime.framework/Versions/A/QuickTime 0x94bad000 - 0x94c1efff libstdc++.6.dylib /usr/lib/libstdc++.6.dylib 0x94c91000 - 0x94cb1fff libmx.A.dylib /usr/lib/libmx.A.dylib 0x94db9000 - 0x94ee9fff com.apple.AddressBook.framework 4.0.4 (485.1) /System/Library/Frameworks/AddressBook.framework/Versions/A/AddressBook 0x94f7b000 - 0x94f8afff com.apple.DSObjCWrappers.Framework 1.1 /System/Library/PrivateFrameworks/DSObjCWrappers.framework/Versions/A/DSObjCWrappers 0x94f92000 - 0x94fbffff com.apple.LDAPFramework 1.4.1 (69.0.1) /System/Library/Frameworks/LDAP.framework/Versions/A/LDAP 0x94fc6000 - 0x94fd6fff libsasl2.2.dylib /usr/lib/libsasl2.2.dylib 0x94fda000 - 0x95009fff libssl.0.9.7.dylib /usr/lib/libssl.0.9.7.dylib 0x95019000 - 0x95036fff libresolv.9.dylib /usr/lib/libresolv.9.dylib 0x96205000 - 0x9622efff libxslt.1.dylib /usr/lib/libxslt.1.dylib 0x964de000 - 0x9651dfff com.apple.QTKit 7.1.5 /System/Library/Frameworks/QTKit.framework/Versions/A/QTKit 0x96a3b000 - 0x96a7afff libtidy.A.dylib /usr/lib/libtidy.A.dylib 0x96af0000 - 0x96af1fff libCyrillicConverter.dylib /System/Library/CoreServices/Encodings/libCyrillicConverter.dylib 0x96af3000 - 0x96af4fff libGreekConverter.dylib /System/Library/CoreServices/Encodings/libGreekConverter.dylib 0x96af9000 - 0x96b0ffff libJapaneseConverter.dylib /System/Library/CoreServices/Encodings/libJapaneseConverter.dylib 0x96b11000 - 0x96b31fff libKoreanConverter.dylib /System/Library/CoreServices/Encodings/libKoreanConverter.dylib 0x96b3f000 - 0x96b4dfff libSimplifiedChineseConverter.dylib /System/Library/CoreServices/Encodings/libSimplifiedChineseConverter.dylib 0x96b52000 - 0x96b53fff libThaiConverter.dylib /System/Library/CoreServices/Encodings/libThaiConverter.dylib 0x96b55000 - 0x96b68fff libTraditionalChineseConverter.dylib /System/Library/CoreServices/Encodings/libTraditionalChineseConverter.dylib 0x973ef000 - 0x97464fff com.apple.xquery 1.1 /System/Library/PrivateFrameworks/XQuery.framework/XQuery 0x9752a000 - 0x97549fff com.apple.vecLib 3.2.2 (vecLib 3.2.2) /System/Library/Frameworks/vecLib.framework/Versions/A/vecLib 0x97c60000 - 0x97d21fff libGLProgrammability.dylib /System/Library/Frameworks/OpenGL.framework/Versions/A/Libraries/libGLProgrammability.dylib 0x97d4c000 - 0x97d4dfff libGLSystem.dylib /System/Library/Frameworks/OpenGL.framework/Versions/A/Libraries/libGLSystem.dylib 0x97d4f000 - 0x97d5cfff com.apple.agl 2.5.6 (AGL-2.5.6) /System/Library/Frameworks/AGL.framework/Versions/A/AGL 0x998ac000 - 0x9a459fff com.apple.QuickTimeComponents.component 7.1.5 /System/Library/QuickTime/QuickTimeComponents.component/Contents/MacOS/QuickTimeComponents 0x9a6c1000 - 0x9a6c5fff com.apple.QuickTimeH264.component 7.1.5 /System/Library/QuickTime/QuickTimeH264.component/Contents/MacOS/QuickTimeH264 0x9a6c7000 - 0x9a7adfff QuickTimeH264.altivec /System/Library/QuickTime/QuickTimeH264.component/Contents/Resources/QuickTimeH264.altivec 0x9a8fd000 - 0x9a9c6fff com.apple.QuickTimeMPEG4.component 7.1.5 /System/Library/QuickTime/QuickTimeMPEG4.component/Contents/MacOS/QuickTimeMPEG4 0x9a9e3000 - 0x9ab63fff com.apple.QuickTimeStreaming.component 7.1.5 /System/Library/QuickTime/QuickTimeStreaming.component/Contents/MacOS/QuickTimeStreaming 0x9b3a0000 - 0x9b3a1fff com.apple.iokit.dvcomponentglue 1.7.9 /System/Library/Frameworks/DVComponentGlue.framework/Versions/A/DVComponentGlue 0x9b511000 - 0x9b547fff com.apple.Syndication 1.0.6 (54) /System/Library/PrivateFrameworks/Syndication.framework/Versions/A/Syndication 0x9b564000 - 0x9b576fff com.apple.SyndicationUI 1.0.6 (54) /System/Library/PrivateFrameworks/SyndicationUI.framework/Versions/A/SyndicationUI 0x9b767000 - 0x9b8abfff libCMaps.A.dylib /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/CoreGraphics.framework/Versions/A/Resources/libCMaps.A.dylib Model: PowerBook5,6, BootROM 4.9.1f1, 1 processors, PowerPC G4 (1.2), 1.67 GHz, 2 GB Graphics: ATI Mobility Radeon 9700, ATY,RV360M11, AGP, 64 MB Memory Module: SODIMM0/J25LOWER, 1 GB, DDR SDRAM, PC2700U-25330 Memory Module: SODIMM1/J25UPPER, 1 GB, DDR SDRAM, PC2700U-25330 AirPort: AirPort Extreme, 405.1 (3.90.34.0.p18) Modem: Jump, V.92, Version 1.0 Bluetooth: Version 1.7.14f14, 2 service, 0 devices, 1 incoming serial ports Network Service: AirPort, AirPort, en1 PCI Card: TXN,PCIXXXX-00, cardbus, PC Card Parallel ATA Device: MATSHITADVD-R UJ-845E Parallel ATA Device: FUJITSU MHT2080AH, 74.53 GB USB Device: Bluetooth HCI, Up to 12 Mb/sec, 500 mA USB Device: Apple Internal Keyboard/Trackpad, Apple Computer, Up to 12 Mb/sec, 500 mA

Attachments
proposed fix (1.43 KB, patch) 2007-07-03 06:47 PDT, Maxime BRITTO	mjs: review-	Details Formatted Diff Diff
mitz test case & mbritto fix (3.28 KB, patch) 2007-07-06 06:11 PDT, Maxime BRITTO	darin: review+	Details Formatted Diff Diff
Show Obsolete (1) View All Add attachment proposed patch, testcase, etc.

Alexey Proskuryakov

Comment 1 2007-06-22 06:05:42 PDT

I could reproduce this on first attempt with the same nightly, and then with the latest one, r23682. 1. Opened two tabs with www.google.com, and one with maps.google.com. 2. Searched for San Francisco in the map. 3. Clicked the Street View button. 3. When promised, zoomed in and opened street view. 4. Clicked around a little. 5. Closed the tab, got the same crash.

Maxime BRITTO

Comment 2 2007-07-03 06:47:41 PDT

Created attachment 15367 [details] proposed fix Comments about the fix : This fix is preventing the crash without any visible unexpected effects (on GoogleMaps and on the Layout Tests). The check for the instance on the constructor is not essential but I think it may be useful to prevent future bugs which can look like this one. If the reviewer don't like it he can remove it. Comments about the test : There is no test attached to this patch because we need to use tabs to reproduce it and the DumpRenderTree doesn't handle them. If there is another way to reproduce it I don't know it.

Maciej Stachowiak

Comment 3 2007-07-05 19:20:19 PDT

Comment on attachment 15367 [details] proposed fix Thanks for the patch. any chance you could add a manual test, that has the instructions on what tabs to open? r- to consider making a manual test but I'd appreove this without if it's too awkward to make one.

mitz

Comment 4 2007-07-06 00:42:51 PDT

While the patch fixes the crash, I think it would be better to figure out a way not to stop the plugin before dispatching the unload event, as the unload handler may want to pull state out of the plugin before going away (or tell the plugin to save state). It is inconsistent that it's allowed to do so when unload results from closing a window but not when it results from closing a background tab. Consider filing a follow-up bug about the root cause after the crasher is fixed.

Maxime BRITTO

Comment 5 2007-07-06 06:11:55 PDT

Created attachment 15418 [details] mitz test case & mbritto fix As we said on the IRC, I joined mitz test case to my fix in this patch. With this patch we avoid the crash but we need to keep on working to come with a more efficient solution regarding to mitz's comment.

Darin Adler

Comment 6 2007-07-08 05:03:19 PDT

(In reply to comment #5) > As we said on the IRC, I joined mitz test case to my fix in this patch. > With this patch we avoid the crash but we need to keep on working to come with > a more efficient solution regarding to mitz's comment. Mitz's comment is not asking for a "more efficient" fix. There's no problem here with efficiency. The problem is one of incorrect behavior. The unload handler will get incorrect results when it interacts the plug-in's objects when a background tab is closed.

Darin Adler

Comment 7 2007-07-08 05:04:34 PDT

Comment on attachment 15418 [details] mitz test case & mbritto fix The comment "more efficient" is misleading. There's no efficiency problem here, but rather inconsistent behavior. The code should put instance->rootObject() into a local variable -- it's not free and calling it twice is slower than calling it once. But r=me anyway.

mitz

Comment 8 2007-07-09 00:47:03 PDT

Looks like <http://trac.webkit.org/projects/webkit/changeset/24106> fixed this independently as <rdar://problem/5295734>.

Maciej Stachowiak

Comment 9 2007-07-09 00:57:50 PDT

I fixed this in a slightly different way; I avoid creating a RuntimeObjectImp at all if the root object is destroyed, as there is no point making one for a destroyed plugin.

Note You need to log in before you can comment on or make changes to this bug.