Bug 14460

Summary: REGRESSION: Crash viewing enlarged image on macrumors.com
Product: WebKit Reporter: Matt Lilek <dev+webkit>
Component: Page LoadingAssignee: Nobody <webkit-unassigned>
Status: RESOLVED DUPLICATE    
Severity: Normal Keywords: NeedsReduction, Regression
Priority: P1    
Version: 523.x (Safari 3)   
Hardware: All   
OS: All   

Matt Lilek
Reported 2007-06-29 10:06:15 PDT
Go to http://macrumors.com (ew) and scroll down to the post about iTunes 7.3 (currently 2nd but will likely be buried under a bajillion iPhone posts within minutes) and click the screenshot to enlarge it. It'll open a new window and crash. My local debug build of r23868 spits to the console: objc: FREED(id): message retain sent to freed object=0x73dd6b0. This does not crash on windows with the r23841 nightly but the contents does not load. Safari 3.0.2 Beta works fine on both platforms. Thread 0 Crashed: 0 libobjc.A.dylib 0x90a49ca0 _objc_trap + 0 1 libobjc.A.dylib 0x90a49c14 _objc_error + 76 2 libobjc.A.dylib 0x90a49ba4 __objc_error + 64 3 com.apple.WebKit 0x00421c04 WTF::RetainPtr<objc_object*>::RetainPtr[in-charge](objc_object*) + 64 (RetainPtr.h:66) 4 com.apple.WebKit 0x00392aa4 -[WebView(WebViewInternal) _addObject:forIdentifier:] + 192 (WebView.mm:3810) 5 com.apple.WebKit 0x003c16b8 WebFrameLoaderClient::assignIdentifierToInitialRequest(unsigned long, WebCore::DocumentLoader*, WebCore::ResourceRequest const&) + 372 6 com.apple.WebCore 0x01496e40 WebCore::FrameLoader::dispatchAssignIdentifierToInitialRequest(unsigned long, WebCore::DocumentLoader*, WebCore::ResourceRequest const&) + 92 (FrameLoader.cpp:4432) 7 com.apple.WebCore 0x01496ed8 WebCore::FrameLoader::assignIdentifierToInitialRequest(unsigned long, WebCore::ResourceRequest const&) + 64 (FrameLoader.cpp:3142) 8 com.apple.WebCore 0x014b0998 WebCore::ResourceLoader::willSendRequest(WebCore::ResourceRequest&, WebCore::ResourceResponse const&) + 248 9 com.apple.WebCore 0x014b1c40 WebCore::SubresourceLoader::willSendRequest(WebCore::ResourceRequest&, WebCore::ResourceResponse const&) + 52 (SubresourceLoader.cpp:131) 10 com.apple.WebCore 0x014b125c WebCore::ResourceLoader::load(WebCore::ResourceRequest const&) + 392 11 com.apple.WebCore 0x014b2424 WebCore::SubresourceLoader::load(WebCore::ResourceRequest const&) + 156 (SubresourceLoader.cpp:82) 12 com.apple.WebCore 0x014b27b0 WebCore::SubresourceLoader::create(WebCore::Frame*, WebCore::SubresourceLoaderClient*, WebCore::ResourceRequest const&, bool, bool) + 880 (SubresourceLoader.cpp:122) 13 com.apple.WebCore 0x01130634 WebCore::Loader::servePendingRequests() + 984 (loader.cpp:85) 14 com.apple.WebCore 0x011310b8 WebCore::Loader::load(WebCore::DocLoader*, WebCore::CachedResource*, bool, bool, bool) + 204 (loader.cpp:61) 15 com.apple.WebCore 0x0112cbf8 WebCore::CachedImage::CachedImage[in-charge](WebCore::DocLoader*, WebCore::String const&, bool) + 280 (CachedImage.cpp:56) 16 com.apple.WebCore 0x0112ac28 WebCore::createResource(WebCore::CachedResource::Type, WebCore::DocLoader*, WebCore::KURL const&, WebCore::String const*, bool, bool) + 212 (Cache.cpp:64) 17 com.apple.WebCore 0x0112b03c WebCore::Cache::requestResource(WebCore::DocLoader*, WebCore::CachedResource::Type, WebCore::KURL const&, WebCore::String const*, bool, bool) + 632 (Cache.cpp:107) 18 com.apple.WebCore 0x0112f80c WebCore::DocLoader::requestResource(WebCore::CachedResource::Type, WebCore::String const&, WebCore::String const*, bool, bool) + 300 (DocLoader.cpp:134) 19 com.apple.WebCore 0x0112fa2c WebCore::DocLoader::requestImage(WebCore::String const&) + 56 (DocLoader.cpp:85) 20 com.apple.WebCore 0x0135be94 WebCore::HTMLImageLoader::updateFromElement() + 544 (HTMLImageLoader.cpp:101) 21 com.apple.WebCore 0x0135de48 WebCore::HTMLImageElement::parseMappedAttribute(WebCore::MappedAttribute*) + 276 (HTMLImageElement.cpp:95) 22 com.apple.WebCore 0x012cfb2c WebCore::StyledElement::attributeChanged(WebCore::Attribute*, bool) + 772 (StyledElement.cpp:180) 23 com.apple.WebCore 0x012df434 WebCore::Element::setAttributeMap(WebCore::NamedAttrMap*) + 756 (Element.cpp:506) 24 com.apple.WebCore 0x010254b4 WebCore::HTMLParser::parseToken(WebCore::Token*) + 1484 (HTMLParser.cpp:237) 25 com.apple.WebCore 0x01027ee0 WebCore::HTMLTokenizer::processToken() + 608 (HTMLTokenizer.cpp:1641) 26 com.apple.WebCore 0x0102bcc4 WebCore::HTMLTokenizer::parseTag(WebCore::SegmentedString&, WebCore::HTMLTokenizer::State) + 6936 (HTMLTokenizer.cpp:1206) 27 com.apple.WebCore 0x0102c87c WebCore::HTMLTokenizer::write(WebCore::SegmentedString const&, bool) + 1524 (HTMLTokenizer.cpp:1437) 28 com.apple.WebCore 0x0110ee2c WebCore::Document::write(WebCore::String const&) + 252 (Document.cpp:1489) 29 com.apple.WebCore 0x01529dfc WebCore::JSHTMLDocument::write(KJS::ExecState*, KJS::List const&) + 80 (JSHTMLDocumentCustom.cpp:159) 30 com.apple.WebCore 0x0131b7cc WebCore::JSHTMLDocumentPrototypeFunction::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List const&) + 308 (JSHTMLDocument.cpp:349) 31 com.apple.JavaScriptCore 0x0058f334 KJS::JSObject::call(KJS::ExecState*, KJS::JSObject*, KJS::List const&) + 288 (object.cpp:98) 32 com.apple.JavaScriptCore 0x005ae6f8 KJS::FunctionCallDotNode::evaluate(KJS::ExecState*) + 992 (nodes.cpp:790) 33 com.apple.JavaScriptCore 0x0059ac5c KJS::ExprStatementNode::execute(KJS::ExecState*) + 220 (nodes.cpp:1729) 34 com.apple.JavaScriptCore 0x00597384 KJS::SourceElementsNode::execute(KJS::ExecState*) + 624 (nodes.cpp:2535) 35 com.apple.JavaScriptCore 0x0059ae80 KJS::BlockNode::execute(KJS::ExecState*) + 216 (nodes.cpp:1706) 36 com.apple.JavaScriptCore 0x0059ba60 KJS::DeclaredFunctionImp::execute(KJS::ExecState*) + 92 (function.cpp:319) 37 com.apple.JavaScriptCore 0x0059c3e8 KJS::FunctionImp::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List const&) + 688 (function.cpp:107) 38 com.apple.JavaScriptCore 0x0058f334 KJS::JSObject::call(KJS::ExecState*, KJS::JSObject*, KJS::List const&) + 288 (object.cpp:98) 39 com.apple.JavaScriptCore 0x005af61c KJS::FunctionCallResolveNode::evaluate(KJS::ExecState*) + 792 (nodes.cpp:694) 40 com.apple.JavaScriptCore 0x0059ac5c KJS::ExprStatementNode::execute(KJS::ExecState*) + 220 (nodes.cpp:1729) 41 com.apple.JavaScriptCore 0x00597230 KJS::SourceElementsNode::execute(KJS::ExecState*) + 284 (nodes.cpp:2529) 42 com.apple.JavaScriptCore 0x0059ae80 KJS::BlockNode::execute(KJS::ExecState*) + 216 (nodes.cpp:1706) 43 com.apple.JavaScriptCore 0x0059ba60 KJS::DeclaredFunctionImp::execute(KJS::ExecState*) + 92 (function.cpp:319) 44 com.apple.JavaScriptCore 0x0059c3e8 KJS::FunctionImp::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List const&) + 688 (function.cpp:107) 45 com.apple.JavaScriptCore 0x0058f334 KJS::JSObject::call(KJS::ExecState*, KJS::JSObject*, KJS::List const&) + 288 (object.cpp:98) 46 com.apple.WebCore 0x012eeda4 WebCore::JSAbstractEventListener::handleEvent(WebCore::Event*, bool) + 748 (kjs_events.cpp:115) 47 com.apple.WebCore 0x012b41c8 WebCore::EventTargetNode::handleLocalEvents(WebCore::Event*, bool) + 548 (EventTargetNode.cpp:166) 48 com.apple.WebCore 0x012b4de4 WebCore::EventTargetNode::dispatchGenericEvent(WTF::PassRefPtr<WebCore::Event>, int&, bool) + 1784 (EventTargetNode.cpp:240) 49 com.apple.WebCore 0x012b57b0 WebCore::EventTargetNode::dispatchEvent(WTF::PassRefPtr<WebCore::Event>, int&, bool, WebCore::EventTarget*) + 396 (EventTargetNode.cpp:308) 50 com.apple.WebCore 0x012b5844 WebCore::EventTargetNode::dispatchEvent(WTF::PassRefPtr<WebCore::Event>, int&, bool) + 80 (EventTargetNode.cpp:292) 51 com.apple.WebCore 0x012b6724 WebCore::EventTargetNode::dispatchMouseEvent(WebCore::AtomicString const&, int, int, int, int, int, int, bool, bool, bool, bool, bool, WebCore::Node*, WTF::PassRefPtr<WebCore::Event>) + 724 (EventTargetNode.cpp:470) 52 com.apple.WebCore 0x012b6f3c WebCore::EventTargetNode::dispatchMouseEvent(WebCore::PlatformMouseEvent const&, WebCore::AtomicString const&, int, WebCore::Node*) + 560 (EventTargetNode.cpp:397) 53 com.apple.WebCore 0x014e1244 WebCore::EventHandler::dispatchMouseEvent(WebCore::AtomicString const&, WebCore::Node*, bool, int, WebCore::PlatformMouseEvent const&, bool) + 212 (EventHandler.cpp:1190) 54 com.apple.WebCore 0x014e1d18 WebCore::EventHandler::handleMouseReleaseEvent(WebCore::PlatformMouseEvent const&) + 1028 (EventHandler.cpp:1024) 55 com.apple.WebCore 0x014d8af0 WebCore::EventHandler::mouseUp(NSEvent*) + 500 (EventHandlerMac.mm:520) 56 com.apple.WebKit 0x00352930 -[WebHTMLView mouseUp:] + 372 (WebHTMLView.mm:2967) 57 com.apple.AppKit 0x937f9900 -[NSWindow sendEvent:] + 4728 58 com.apple.Safari 0x000ab334 0x1000 + 697140 59 com.apple.AppKit 0x937a28d4 -[NSApplication sendEvent:] + 4172 60 com.apple.Safari 0x00016444 0x1000 + 87108 61 com.apple.AppKit 0x93799d10 -[NSApplication run] + 508 62 com.apple.AppKit 0x9388a87c NSApplicationMain + 452 63 com.apple.Safari 0x0000246c 0x1000 + 5228 64 com.apple.Safari 0x0004f1b0 0x1000 + 319920
Attachments
mitz
Comment 1 2007-06-29 11:32:08 PDT
*** This bug has been marked as a duplicate of 14425 ***
Note You need to log in before you can comment on or make changes to this bug.