Bug 19763

Safari 3.1.2 with nightly r34752 (Windows Vista SP1) To reproduce: 1. Start Safari with a blank page. 2. Enter www.yahoo.com in the location bar. 3. Experience a crash during loading (blue bar around 40% of max). I tried to follow the instructions for getting a crash log, but this failed - most of the files were not generated. When I open a debugging session with Visual Studio I get the following: 1. VS asks for htmlcollection.cpp (I don't have the sources). 2. Unhandled exception at 0x6582fb00 (WebKit.dll) in Safari.exe: 0xC0000005: Access violation reading location 0x00000194. 3. Call stack: > WebKit.dll!WebCore::HTMLCollection::resetCollectionInfo() Line 131 + 0x6 bytes C++ WebKit.dll!WebCore::HTMLCollection::namedItems(const WebCore::AtomicString & name={...}, WTF::Vector<WTF::RefPtr<WebCore::Node>,0> & result={...}) Line 432 C++ WebKit.dll!WebCore::HTMLFormElement::getNamedElements(const WebCore::AtomicString & name={...}, WTF::Vector<WTF::RefPtr<WebCore::Node>,0> & namedItems={...}) Line 697 + 0x1a bytes C++ WebKit.dll!WebCore::JSHTMLFormElement::canGetItemsForName(KJS::ExecState * exec=0x001cf300, WebCore::HTMLFormElement * form=0x7fe29240, const KJS::Identifier & propertyName={...}) Line 40 + 0x3d bytes C++ WebKit.dll!WebCore::JSHTMLFormElement::getOwnPropertySlot(KJS::ExecState * exec=0x001cf300, const KJS::Identifier & propertyName={...}, KJS::PropertySlot & slot={...}) Line 127 + 0x17 bytes C++ WebKit.dll!KJS::JSValue::get(KJS::ExecState * exec=0x00000000, const KJS::Identifier & propertyName={...}) Line 661 + 0xb bytes C++ WebKit.dll!KJS::Machine::privateExecute(KJS::Machine::ExecutionFlag flag=Normal, KJS::ExecState * exec=0x001cf300, KJS::RegisterFile * registerFile=0x7fe255c0, KJS::Register * r=0x7fb96aa8, KJS::ScopeChainNode * scopeChain=0x7ff7dd10, KJS::CodeBlock * codeBlock=0x7fb9d870, KJS::JSValue * * exception=0x001cf360) Line 1694 C++ WebKit.dll!KJS::Machine::execute(KJS::ProgramNode * programNode=0x7fbdb360, KJS::ExecState * exec=0x00000000, KJS::ScopeChainNode * scopeChain=0x7ff7dd10, KJS::JSObject * thisObj=0x04100000, KJS::RegisterFileStack * registerFileStack=0x7fe0d6d8, KJS::JSValue * * exception=0x001cf360) Line 670 C++ WebKit.dll!KJS::Interpreter::evaluate(KJS::ExecState * exec=0x7fe255e0, KJS::ScopeChain & scopeChain={...}, const KJS::UString & sourceURL={...}, int startingLineNumber=0x00000b1d, WTF::PassRefPtr<KJS::SourceProvider> source={...}, KJS::JSValue * thisValue=0x04100000) Line 84 C++ WebKit.dll!WebCore::ScriptController::evaluate(const WebCore::String & filename={...}, int baseLine=0x00000b1d, const WebCore::String & str={...}) Line 90 + 0x62 bytes C++ WebKit.dll!WebCore::FrameLoader::executeScript(const WebCore::String & url={...}, int baseLine=0x00000b1d, const WebCore::String & script={...}) Line 785 C++ WebKit.dll!WebCore::HTMLTokenizer::scriptExecution(const WebCore::String & str={...}, WebCore::HTMLTokenizer::State state={...}, const WebCore::String & scriptURL={...}, int baseLine=0x00000b1d) Line 546 C++ WebKit.dll!WebCore::HTMLTokenizer::scriptHandler(WebCore::HTMLTokenizer::State state={...}) Line 483 + 0x1e bytes C++ WebKit.dll!WebCore::HTMLTokenizer::parseSpecial(WebCore::SegmentedString & src={...}, WebCore::HTMLTokenizer::State state={...}) Line 331 + 0xf bytes C++ WebKit.dll!WebCore::HTMLTokenizer::parseTag(WebCore::SegmentedString & src={...}, WebCore::HTMLTokenizer::State state={...}) Line 1497 + 0x26 bytes C++ WebKit.dll!WebCore::HTMLTokenizer::write(const WebCore::SegmentedString & str=, bool appendData=) Line 1732 + 0x1b bytes C++ WebKit.dll!WTF::TCMalloc_ThreadCache::GetCacheIfPresent() Line 2399 C++ WebKit.dll!WTF::fastFree(void * ptr=0x65c44e2a) Line 3114 + 0x2d bytes C++ WebKit.dll!WebCore::EventTarget::dispatchGenericEvent(WebCore::EventTargetNode * referenceNode=, WTF::PassRefPtr<WebCore::Event> e={...}, int & __formal=, bool tempEvent=) Line 281 + 0x3d bytes C++ WebKit.dll!WTF::Deque<WebCore::SegmentedSubstring>::Deque<WebCore::SegmentedSubstring>(const WTF::Deque<WebCore::SegmentedSubstring> & other={...}) Line 308 + 0x17 bytes C++ WebKit.dll!WebCore::SegmentedString::clear() Line 87 + 0x10 bytes C++ WebKit.dll!WebCore::CachedScript::checkNotify() Line 95 + 0xa bytes C++ WebKit.dll!WebCore::CachedScript::data(WTF::PassRefPtr<WebCore::SharedBuffer> data={...}, bool allDataReceived=true) Line 85 + 0xe bytes C++ WebKit.dll!WebCore::Loader::Host::didFinishLoading(WebCore::SubresourceLoader * loader=0x7fce5000) Line 269 C++ WebKit.dll!WebCore::SubresourceLoader::didFinishLoading() Line 193 + 0xe bytes C++ WebKit.dll!WebCore::ResourceLoader::didFinishLoading(WebCore::ResourceHandle * __formal=0x7fce8820) Line 390 C++ WebKit.dll!WebCore::didFinishLoading(_CFURLConnection * conn=0x05853d78, const void * clientInfo=0x7fce8820) Line 118 + 0x11 bytes C++ CFNetwork.dll!6a535f00() [Frames below may be incorrect and/or missing, no symbols loaded for CFNetwork.dll] CFNetwork.dll!6a535fab() CFNetwork.dll!6a536197() CFNetwork.dll!6a5362eb() CFNetwork.dll!6a5364f6() user32.dll!771ff8d2() user32.dll!771ff794() user32.dll!771ff73d() user32.dll!77200008() user32.dll!77200060() Safari.exe!00f6721f() user32.dll!77200a65() user32.dll!77200a75() ntdll.dll!774899ce() user32.dll!771f8871() user32.dll!77220b70() kyjtyafp.dll!00d21cbe() user32.dll!771e8cff() user32.dll!77227b92() user32.dll!77200a65() user32.dll!77200a75() ntdll.dll!774899ce() user32.dll!771fa11f() Safari.exe!00f87e33() Safari.exe!00f88779() Safari.exe!00f92dc0() Safari.exe!00f673dd() Safari.exe!00f6798b() Safari.exe!00fc9e05() kernel32.dll!76234911() ntdll.dll!7746e4b6() ntdll.dll!7746e489()