12949 – WebKit crash in DOM::NodeImpl::setChanged(bool)

Bug 12949 - WebKit crash in DOM::NodeImpl::setChanged(bool)

Summary: WebKit crash in DOM::NodeImpl::setChanged(bool)

Status:	RESOLVED WORKSFORME

Alias:	None

Product:	WebKit
Classification:	Unclassified
Component:	WebKit Misc. (show other bugs)
Version:	418.x
Hardware:	Mac (Intel) OS X 10.4

Importance:	P2 Normal
Assignee:	Nobody

URL:	http://www.sightspeed.com
Keywords:

Depends on:
Blocks:

Reported:	2007-03-02 14:29 PST by Aron Rosenberg
Modified:	2008-03-16 11:59 PDT (History)
CC List:	1 user (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Aron Rosenberg 2007-03-02 14:29:08 PST

We have a application which embeds the WebKit inside our Carbon / HIView based application. We have received this randommly occuring crash dump several times from our users but have never been able to reproduce it in house. Hopefully you can make some sense of whats going on here.

The WebKit version is the default for 10.4.8 on Intel Mac which I believe is 419.x - Since this is a randomly occuring customer crash we don't have anyway of using the CVS or nightly webkits on their end.

Apple Crash report below:

Date/Time:      2007-02-27 16:40:49.129 -0800
OS Version:     10.4.8 (Build 8L2127)
Report Version: 4

Command: SightSpeed
Path:   
//Applications/SightSpeed.app/Contents/MacOS/SightSpeed
Parent:  WindowServer [59]

Version: 6.0.6042 (6.0.6042)

PID:    295
Thread: 0

Exception:  EXC_BAD_ACCESS (0x0001)
Codes:      KERN_PROTECTION_FAILURE (0x0002) at
0x00000027

Thread 0 Crashed:
0   com.apple.WebCore              	0x9530329c
DOM::NodeImpl::setChanged(bool) + 30
1   com.apple.WebCore              	0x953d7612
DOM::DocumentImpl::setCSSTarget(DOM::NodeImpl*) + 40
2   com.apple.WebCore              	0x953d740e
KHTMLPart::gotoAnchor(QString const&) + 426
3   com.apple.WebCore              	0x95379146
KHTMLPart::gotoAnchor() + 66
4   com.apple.WebCore              	0x953ff485
KWQKHTMLPart::scrollToAnchor(KURL const&) + 125
5   com.apple.WebCore              	0x954154f7
-[WebCoreBridge scrollToAnchorWithURL:] + 119
6   com.apple.WebKit               	0x95192fac
-[WebFrame(WebPrivate)
_continueFragmentScrollAfterNavigationPolicy:formState:]
+ 188
7   com.apple.WebKit               	0x951510cd
-[WebFrame(WebPrivate)
_checkNavigationPolicyForRequest:dataSource:formState:andCall:withSelector:]
+ 323
8   com.apple.WebKit               	0x95168966
-[WebFrame(WebPrivate)
_loadURL:referrer:loadType:target:triggeringEvent:form:formValues:]
+ 867
9   com.apple.WebKit               	0x9516a569
-[WebBridge
loadURL:referrer:reload:userGesture:target:triggeringEvent:form:formValues:]
+ 271
10  com.apple.WebCore              	0x953945f8
KWQKHTMLPart::urlSelected(KURL const&, int, int, KParts::URLArgs const&) + 314
11  com.apple.WebCore              	0x95394469
KHTMLPart::urlSelected(QString const&, int, int, QString const&, KParts::URLArgs) + 755
12  com.apple.WebCore              	0x95372c07
DOM::HTMLAnchorElementImpl::defaultEventHandler(DOM::EventImpl*)
+ 1371
13  com.apple.WebCore              	0x95361a82
DOM::NodeImpl::dispatchGenericEvent(DOM::EventImpl*,
int&) + 684
14  com.apple.WebCore              	0x953616c6
DOM::NodeImpl::dispatchEvent(DOM::EventImpl*, int&,
bool) + 114
15  com.apple.WebCore              	0x95365145
KHTMLView::dispatchMouseEvent(int, DOM::NodeImpl*, bool, int, QMouseEvent*, bool, int) + 1347
16  com.apple.WebCore              	0x95383fbb
KHTMLView::viewportMouseReleaseEvent(QMouseEvent*) +
467
17  com.apple.WebCore              	0x95383d4d
KWQKHTMLPart::mouseUp(NSEvent*) + 275
18  com.apple.WebKit               	0x9516a42f
-[WebHTMLView mouseUp:] + 96
19  com.apple.WebCore              	0x95364bb9
KWQKHTMLPart::passSubframeEventToSubframe(DOM::NodeImpl::MouseEvent&)
+ 483
20  com.apple.WebCore              	0x95383f1f
KHTMLView::viewportMouseReleaseEvent(QMouseEvent*) +
311
21  com.apple.WebCore              	0x95383d4d
KWQKHTMLPart::mouseUp(NSEvent*) + 275
22  com.apple.WebKit               	0x9516a42f
-[WebHTMLView mouseUp:] + 96
23  com.apple.AppKit               	0x9334c42b
-[NSWindow sendEvent:] + 5403
24  com.apple.WebKit               	0x951a85c9
HIWebViewEventHandler + 1016
25  com.apple.HIToolbox            	0x92dcc7eb
DispatchEventToHandlers(EventTargetRec*,
OpaqueEventRef*, HandlerCallRec*) + 1093
26  com.apple.HIToolbox            	0x92dcbe90
SendEventToEventTargetInternal(OpaqueEventRef*,
OpaqueEventTargetRef*, HandlerCallRec*) + 304
27  com.apple.HIToolbox            	0x92dcbd55
SendEventToEventTargetWithOptions + 55
28  com.apple.WebKit               	0x951a7cec
WindowHandler + 947
29  com.apple.HIToolbox            	0x92dcc7eb
DispatchEventToHandlers(EventTargetRec*,
OpaqueEventRef*, HandlerCallRec*) + 1093
30  com.apple.HIToolbox            	0x92dcbe90
SendEventToEventTargetInternal(OpaqueEventRef*,
OpaqueEventTargetRef*, HandlerCallRec*) + 304
31  com.apple.HIToolbox            	0x92dd30f0
SendEventToEventTarget + 56
32  com.apple.HIToolbox            	0x92dd3589
ToolboxEventDispatcherHandler(OpaqueEventHandlerCallRef*,
OpaqueEventRef*, void*) + 1169
33  com.apple.HIToolbox            	0x92dccba2
DispatchEventToHandlers(EventTargetRec*,
OpaqueEventRef*, HandlerCallRec*) + 2044
34  com.apple.HIToolbox            	0x92dcbe90
SendEventToEventTargetInternal(OpaqueEventRef*,
OpaqueEventTargetRef*, HandlerCallRec*) + 304
35  com.apple.HIToolbox            	0x92dd30f0
SendEventToEventTarget + 56
36  QtGui                          	0x017132bc
qt_mac_send_event(QFlags<QEventLoop::ProcessEventsFlag>,
OpaqueEventRef*, OpaqueWindowPtr*) + 122
37  QtGui                          	0x0171fa58
QEventDispatcherMac::processEvents(QFlags<QEventLoop::ProcessEventsFlag>)
+ 594
38  QtCore                         	0x0159c494
QEventLoop::processEvents(QFlags<QEventLoop::ProcessEventsFlag>)
+ 54
39  QtCore                         	0x0159c672
QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>)
+ 132
40  QtCore                         	0x0159f371
QCoreApplication::exec() + 179
41  com.SightSpeed                 	0x0006ae98 main +
3944
42  com.SightSpeed                 	0x000084d2 _start
+ 216
43  com.SightSpeed                 	0x000083f9 start +
41

Thread 1:
0   libSystem.B.dylib              	0x90019d3c select
+ 12
1   SDL                            	0x30008c58
RunTimer + 76
2   SDL                            	0x3002d649
SDL_RunThread + 57
3   SDL                            	0x3002f1e8
RunThread + 17
4   libSystem.B.dylib              	0x90023d87
_pthread_body + 84

Thread 2:
0   libSystem.B.dylib              	0x90009857
mach_msg_trap + 7
1   com.apple.CoreFoundation       	0x9082969a
CFRunLoopRunSpecific + 2014
2   com.apple.CoreFoundation       	0x90828eb5
CFRunLoopRunInMode + 61
3   com.apple.audio.CoreAudio      	0x9145c8da
HALRunLoop::OwnThread(void*) + 158
4   com.apple.audio.CoreAudio      	0x9145c6f5
CAPThread::Entry(CAPThread*) + 93
5   libSystem.B.dylib              	0x90023d87
_pthread_body + 84

Thread 3:
0   libSystem.B.dylib              	0x9001db4c
recvfrom + 12
1   com.SightSpeed                 	0x000cf483
UDPtransport::UDPReceiveWrapper(void*) + 17
2   SDL                            	0x3002d649
SDL_RunThread + 57
3   SDL                            	0x3002f1e8
RunThread + 17
4   libSystem.B.dylib              	0x90023d87
_pthread_body + 84

Thread 4:
0   libSystem.B.dylib              	0x90019d3c select
+ 12
1   com.SightSpeed                 	0x000de451
SipEP::staticSDLThread(void*) + 27
2   SDL                            	0x3002d649
SDL_RunThread + 57
3   SDL                            	0x3002f1e8
RunThread + 17
4   libSystem.B.dylib              	0x90023d87
_pthread_body + 84

Thread 5:
0   libSystem.B.dylib              	0x90009857
mach_msg_trap + 7
1   com.apple.CoreFoundation       	0x9082969a
CFRunLoopRunSpecific + 2014
2   com.apple.CoreFoundation       	0x90828eb5
CFRunLoopRunInMode + 61
3   com.apple.Foundation           	0x9262aa9b
+[NSURLConnection(NSURLConnectionInternal)
_resourceLoadLoop:] + 259
4   com.apple.Foundation           	0x925f536c
forkThreadForFunction + 123
5   libSystem.B.dylib              	0x90023d87
_pthread_body + 84

Thread 6:
0   libSystem.B.dylib              	0x90009857
mach_msg_trap + 7
1   com.apple.CoreFoundation       	0x9082969a
CFRunLoopRunSpecific + 2014
2   com.apple.CoreFoundation       	0x90828eb5
CFRunLoopRunInMode + 61
3   com.apple.Foundation           	0x92651c4e
+[NSURLCache _diskCacheSyncLoop:] + 206
4   com.apple.Foundation           	0x925f536c
forkThreadForFunction + 123
5   libSystem.B.dylib              	0x90023d87
_pthread_body + 84

Thread 7:
0   libSystem.B.dylib              	0x90019d3c select
+ 12
1   libSystem.B.dylib              	0x90023d87
_pthread_body + 84

Thread 8:
0   libSystem.B.dylib              	0x90009857
mach_msg_trap + 7
1   com.apple.CoreFoundation       	0x9082969a
CFRunLoopRunSpecific + 2014
2   com.apple.CoreFoundation       	0x90828eb5
CFRunLoopRunInMode + 61
3   com.apple.Foundation           	0x9262adc6
-[NSRunLoop runMode:beforeDate:] + 182
4   com.apple.Foundation           	0x9262acc2
-[NSRunLoop run] + 75
5   com.apple.WebKit               	0x9514764d
+[WebFileDatabase _syncLoop:] + 198
6   com.apple.Foundation           	0x925f536c
forkThreadForFunction + 123
7   libSystem.B.dylib              	0x90023d87
_pthread_body + 84

Thread 9:
0   libSystem.B.dylib              	0x90009857
mach_msg_trap + 7
1   com.apple.CoreFoundation       	0x9082969a
CFRunLoopRunSpecific + 2014
2   com.apple.CoreFoundation       	0x9083a577
CFRunLoopRun + 60
3   ...pple.QuickTimeIIDCDigitizer 	0x162e9d5b
0x162e8000 + 7515
4   libSystem.B.dylib              	0x90023d87
_pthread_body + 84

Thread 10:
0   libSystem.B.dylib              	0x90037697
mach_wait_until + 7
1   libSystem.B.dylib              	0x90039d62 usleep
+ 82
2   com.SightSpeed                 	0x000d9785
VideoCapture_Darwin::SG_IdleThread() + 79
3   com.SightSpeed                 	0x000d9849
VideoCapture_Darwin::SG_ThreadCallbackStatic(void*) +
17
4   SDL                            	0x3002d649
SDL_RunThread + 57
5   SDL                            	0x3002f1e8
RunThread + 17
6   libSystem.B.dylib              	0x90023d87
_pthread_body + 84

Thread 11:
0   libSystem.B.dylib              	0x90024427
semaphore_wait_signal_trap + 7
1   QtCore                         	0x01530212
QWaitCondition::wait(QMutex*, unsigned long) + 306
2   QtNetwork                      	0x007541e1
QHostInfoAgent::run() + 91
3   QtCore                         	0x0152f4b0
QThreadPrivate::start(void*) + 190
4   libSystem.B.dylib              	0x90023d87
_pthread_body + 84

Thread 12:
0   libSystem.B.dylib              	0x90048a47
semaphore_timedwait_signal_trap + 7
1   ...ple.CoreServices.CarbonCore 	0x90cdd09f
TSWaitOnSemaphoreCommon + 163
2   ...ickTimeComponents.component 	0x98b41992
ReadSchedulerThreadEntryPoint + 4895
3   libSystem.B.dylib              	0x90023d87
_pthread_body + 84

Thread 13:
0   libSystem.B.dylib              	0x90048a47
semaphore_timedwait_signal_trap + 7
1   ...ple.CoreServices.CarbonCore 	0x90cdd09f
TSWaitOnSemaphoreCommon + 163
2   ...ple.CoreServices.CarbonCore 	0x90ce6fe0
AIOFileThread(void*) + 1068
3   libSystem.B.dylib              	0x90023d87
_pthread_body + 84

Thread 14:
0   libSystem.B.dylib              	0x90048a47
semaphore_timedwait_signal_trap + 7
1   ...ple.CoreServices.CarbonCore 	0x90cdd09f
TSWaitOnSemaphoreCommon + 163
2   ...ple.CoreServices.CarbonCore 	0x90ce408d
TimerThread + 87
3   libSystem.B.dylib              	0x90023d87
_pthread_body + 84

Thread 0 crashed with X86 Thread State (32-bit):
  eax: 0x00000001    ebx: 0x953d7275 ecx: 0x00000001
edx: 0x00000010
  edi: 0x152ee898    esi: 0x1527f098 ebp: 0xbfffd6d8
esp: 0xbfffd6d4
   ss: 0x0000001f    efl: 0x00210202 eip: 0x9530329c 
cs: 0x00000017
   ds: 0x0000001f     es: 0x0000001f  fs: 0x00000000 
gs: 0x00000037

Binary Images Description:
    0x1000 -   0x3c9fff com.SightSpeed 6.0.6042
/Applications/SightSpeed.app/Contents/MacOS/SightSpeed
  0x6cf000 -   0x710fff libavformat.dylib 
/Applications/SightSpeed.app/Contents/MacOS/libavformat.dylib
  0x71c000 -   0x720fff libavutil.dylib 
/Applications/SightSpeed.app/Contents/MacOS/libavutil.dylib
  0x724000 -   0x72efff org.ietf.ilbc 1.0
/Applications/SightSpeed.app/Contents/Frameworks/ilbc.framework/Versions/A/ilbc
  0x733000 -   0x76ffff QtNetwork 
/Applications/SightSpeed.app/Contents/Frameworks/QtNetwork.framework/Versions/4/QtNetwork
  0x79d000 -   0x7bffff QtOpenGL 
/Applications/SightSpeed.app/Contents/Frameworks/QtOpenGL.framework/Versions/4/QtOpenGL
 0x1008000 -  0x1034fff QtXml
/Applications/SightSpeed.app/Contents/Frameworks/QtXml.framework/Versions/4/QtXml
 0x1205000 -  0x146afff libavcodec.dylib /Applications/SightSpeed.app/Contents/MacOS/libavcodec.dylib
 0x1528000 -  0x1635fff QtCore
/Applications/SightSpeed.app/Contents/Frameworks/QtCore.framework/Versions/4/QtCore
 0x16d1000 -  0x1b84fff QtGui
/Applications/SightSpeed.app/Contents/Frameworks/QtGui.framework/Versions/4/QtGui
0x15d00000 - 0x15d24fff com.apple.iSightAudio 7.1.3 /Library/Audio/Plug-Ins/HAL/iSightAudio.plugin/Contents/MacOS/iSightAudio
0x15ddc000 - 0x15e05fff
com.apple.audio.SoundManager.Components 3.9.2 /System/Library/Components/SoundManagerComponents.component/Contents/MacOS/SoundManagerComponents
0x15e0a000 - 0x15e0ffff
com.apple.audio.AppleHDAHALPlugIn 1.2.4 (1.2.4a21) /System/Library/Extensions/AppleHDA.kext/Contents/PlugIns/AppleHDAHALPlugIn.bundle/Contents/MacOS/AppleHDAHALPlugIn
0x1628e000 - 0x162cafff
com.apple.QuickTimeFireWireDV.component 7.1.3 /System/Library/QuickTime/QuickTimeFireWireDV.component/Contents/MacOS/QuickTimeFireWireDV
0x162d6000 - 0x162dffff com.apple.IOFWDVComponents 1.9.0 /System/Library/Components/IOFWDVComponents.component/Contents/MacOS/IOFWDVComponents
0x162e8000 - 0x16318fff
com.apple.QuickTimeIIDCDigitizer 7.1.3
/System/Library/QuickTime/QuickTimeIIDCDigitizer.component/Contents/MacOS/QuickTimeIIDCDigitizer
0x16384000 - 0x163c0fff
com.apple.QuickTimeUSBVDCDigitizer 1.6.6 /System/Library/QuickTime/QuickTimeUSBVDCDigitizer.component/Contents/MacOS/QuickTimeUSBVDCDigitizer
0x163e4000 - 0x1653dfff GLEngine
/System/Library/Frameworks/OpenGL.framework/Resources/GLEngine.bundle/GLEngine
0x16569000 - 0x165c0fff
com.apple.driver.AppleIntelGMA950GLDriver 1.4.40
(4.4.0)
/System/Library/Extensions/AppleIntelGMA950GLDriver.bundle/Contents/MacOS/AppleIntelGMA950GLDriver
0x165c7000 - 0x165e3fff GLDriver
/System/Library/Frameworks/OpenGL.framework/Versions/A/Resources/GLDriver.bundle/GLDriver
0x165ea000 - 0x1660efff GLRendererFloat /System/Library/Frameworks/OpenGL.framework/Versions/A/Resources/GLRendererFloat.bundle/GLRendererFloat
0x16793000 - 0x16794fff com.apple.textencoding.unicode
2.1	/System/Library/TextEncodings/Unicode
Encodings.bundle/Contents/MacOS/Unicode Encodings 0x16902000 - 0x16905fff com.apple.iokit.IOQTComponents
1.4
/System/Library/Components/IOQTComponents.component/Contents/MacOS/IOQTComponents
0x169d4000 - 0x169edfff
com.apple.AppleIntermediateCodec 1.1 (141) /Library/QuickTime/AppleIntermediateCodec.component/Contents/MacOS/AppleIntermediateCodec
0x169f2000 - 0x16a0bfff com.apple.applepixletvideo
1.2.9 (1.2d9)
/System/Library/QuickTime/ApplePixletVideo.component/Contents/MacOS/ApplePixletVideo
0x1742d000 - 0x17446fff com.apple.IOFireWireLib 2.5.1 /System/Library/Extensions/IOFireWireFamily.kext/Contents/PlugIns/IOFireWireLib.plugin/Contents/MacOS/IOFireWireLib
0x18905000 - 0x18e19fff com.macromedia.Flash
Player.plugin 9.0.0 (1.0.4f20)	/Library/Internet
Plug-Ins/Flash Player.plugin/Contents/MacOS/Flash
Player
0x30000000 - 0x30041fff SDL 1.2.9
/Applications/SightSpeed.app/Contents/Frameworks/SDL.framework/Versions/A/SDL
0x70000000 - 0x7010bfff
com.apple.audio.units.Components 1.4.3
/System/Library/Components/CoreAudio.component/Contents/MacOS/CoreAudio
0x80000000 - 0x80019fff org.xiph.speex 1.1.12svn
(1.1.12d1)
/Applications/SightSpeed.app/Contents/Frameworks/speex.framework/Versions/A/speex
0x8fe00000 - 0x8fe49fff dyld 46.9	/usr/lib/dyld
0x90000000 - 0x9016ffff libSystem.B.dylib /usr/lib/libSystem.B.dylib 0x901bf000 - 0x901c1fff libmathCommon.A.dylib /usr/lib/system/libmathCommon.A.dylib
0x901c3000 - 0x901fffff com.apple.CoreText 1.1.1 (???) /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/CoreText.framework/Versions/A/CoreText
0x90226000 - 0x902fcfff ATS
/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ATS.framework/Versions/A/ATS
0x9031c000 - 0x90770fff com.apple.CoreGraphics
1.258.38 (???)
/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/CoreGraphics.framework/Versions/A/CoreGraphics
0x90807000 - 0x908cffff com.apple.CoreFoundation 6.4.6
(368.27)
/System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation
0x9090d000 - 0x9090dfff com.apple.CoreServices 10.4
(???)
/System/Library/Frameworks/CoreServices.framework/Versions/A/CoreServices
0x9090f000 - 0x90a02fff libicucore.A.dylib /usr/lib/libicucore.A.dylib 0x90a52000 - 0x90ad1fff libobjc.A.dylib /usr/lib/libobjc.A.dylib 0x90afa000 - 0x90b5efff libstdc++.6.dylib /usr/lib/libstdc++.6.dylib 0x90bcd000 - 0x90bd4fff libgcc_s.1.dylib /usr/lib/libgcc_s.1.dylib 0x90bd9000 - 0x90c4cfff com.apple.framework.IOKit
1.4.6 (???)
/System/Library/Frameworks/IOKit.framework/Versions/A/IOKit
0x90c61000 - 0x90c73fff libauto.dylib
/usr/lib/libauto.dylib
0x90c79000 - 0x90f1ffff
com.apple.CoreServices.CarbonCore 682.16 /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/CarbonCore.framework/Versions/A/CarbonCore
0x90f62000 - 0x90fcafff
com.apple.CoreServices.OSServices 4.1
/System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/OSServices.framework/Versions/A/OSServices
0x91002000 - 0x91040fff com.apple.CFNetwork 129.19 /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/CFNetwork.framework/Versions/A/CFNetwork
0x91053000 - 0x91063fff com.apple.WebServices 1.1.3
(1.1.0)
/System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/WebServicesCore.framework/Versions/A/WebServicesCore
0x9106e000 - 0x910ecfff com.apple.SearchKit 1.0.5 /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/SearchKit.framework/Versions/A/SearchKit
0x91121000 - 0x9113ffff com.apple.Metadata 10.4.4
(121.36)
/System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/Metadata.framework/Versions/A/Metadata
0x9114b000 - 0x91159fff libz.1.dylib
/usr/lib/libz.1.dylib
0x9115c000 - 0x912fbfff com.apple.security 4.5.2
(29774)
/System/Library/Frameworks/Security.framework/Versions/A/Security
0x913f9000 - 0x91401fff com.apple.DiskArbitration
2.1.1
/System/Library/Frameworks/DiskArbitration.framework/Versions/A/DiskArbitration
0x91408000 - 0x9142efff com.apple.SystemConfiguration
1.8.6
/System/Library/Frameworks/SystemConfiguration.framework/Versions/A/SystemConfiguration
0x91440000 - 0x91447fff libbsm.dylib
/usr/lib/libbsm.dylib
0x9144b000 - 0x914c4fff com.apple.audio.CoreAudio
3.0.4
/System/Library/Frameworks/CoreAudio.framework/Versions/A/CoreAudio
0x91512000 - 0x91512fff com.apple.ApplicationServices
10.4 (???)
/System/Library/Frameworks/ApplicationServices.framework/Versions/A/ApplicationServices
0x91514000 - 0x9153ffff com.apple.AE 314 (313) /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/AE.framework/Versions/A/AE
0x91552000 - 0x91626fff com.apple.ColorSync 4.4.8 /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ColorSync.framework/Versions/A/ColorSync
0x91661000 - 0x916defff
com.apple.print.framework.PrintCore 4.6 (177.13) /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/PrintCore.framework/Versions/A/PrintCore
0x9170b000 - 0x917b4fff com.apple.QD 3.10.21 (???) /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/QD.framework/Versions/A/QD
0x917da000 - 0x91825fff com.apple.HIServices 1.5.2
(???)
/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/HIServices.framework/Versions/A/HIServices
0x91844000 - 0x9185afff com.apple.LangAnalysis 1.6.3 /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/LangAnalysis.framework/Versions/A/LangAnalysis
0x91866000 - 0x91880fff com.apple.FindByContent 1.5 /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/FindByContent.framework/Versions/A/FindByContent
0x9188a000 - 0x918c7fff com.apple.LaunchServices 181 /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/LaunchServices.framework/Versions/A/LaunchServices
0x918db000 - 0x918e7fff
com.apple.speech.synthesis.framework 3.5 /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/SpeechSynthesis.framework/Versions/A/SpeechSynthesis
0x918ee000 - 0x91929fff com.apple.ImageIO.framework 1.5.0 /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ImageIO.framework/Versions/A/ImageIO
0x9193b000 - 0x919edfff libcrypto.0.9.7.dylib /usr/lib/libcrypto.0.9.7.dylib 0x91a33000 - 0x91a49fff libcups.2.dylib /usr/lib/libcups.2.dylib 0x91a4e000 - 0x91a6cfff libJPEG.dylib /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ImageIO.framework/Versions/A/Resources/libJPEG.dylib
0x91a71000 - 0x91acffff libJP2.dylib
/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ImageIO.framework/Versions/A/Resources/libJP2.dylib
0x91ae1000 - 0x91ae5fff libGIF.dylib
/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ImageIO.framework/Versions/A/Resources/libGIF.dylib
0x91ae7000 - 0x91b64fff libRaw.dylib
/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ImageIO.framework/Versions/A/Resources/libRaw.dylib
0x91b68000 - 0x91ba5fff libTIFF.dylib
/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ImageIO.framework/Versions/A/Resources/libTIFF.dylib
0x91bab000 - 0x91bc5fff libPng.dylib
/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ImageIO.framework/Versions/A/Resources/libPng.dylib
0x91bca000 - 0x91bccfff libRadiance.dylib /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ImageIO.framework/Versions/A/Resources/libRadiance.dylib
0x91bce000 - 0x91bcefff com.apple.Accelerate 1.3.1 (Accelerate 1.3.1) /System/Library/Frameworks/Accelerate.framework/Versions/A/Accelerate
0x91bd0000 - 0x91c5efff com.apple.vImage 2.5 /System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vImage.framework/Versions/A/vImage
0x91c65000 - 0x91c65fff com.apple.Accelerate.vecLib
3.3.1 (vecLib 3.3.1)
/System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vecLib.framework/Versions/A/vecLib
0x91c67000 - 0x91cc0fff libvMisc.dylib
/System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vecLib.framework/Versions/A/libvMisc.dylib
0x91cc9000 - 0x91cedfff libvDSP.dylib
/System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vecLib.framework/Versions/A/libvDSP.dylib
0x91cf5000 - 0x920fefff libBLAS.dylib
/System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vecLib.framework/Versions/A/libBLAS.dylib
0x92138000 - 0x924ecfff libLAPACK.dylib /System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vecLib.framework/Versions/A/libLAPACK.dylib
0x92519000 - 0x92597fff com.apple.DesktopServices
1.3.5
/System/Library/PrivateFrameworks/DesktopServicesPriv.framework/Versions/A/DesktopServicesPriv
0x925d8000 - 0x92808fff com.apple.Foundation 6.4.7
(567.28)
/System/Library/Frameworks/Foundation.framework/Versions/C/Foundation
0x92914000 - 0x929f2fff libxml2.2.dylib /usr/lib/libxml2.2.dylib 0x92a0f000 - 0x92afcfff libiconv.2.dylib /usr/lib/libiconv.2.dylib 0x92b0c000 - 0x92b23fff libGL.dylib /System/Library/Frameworks/OpenGL.framework/Versions/A/Libraries/libGL.dylib
0x92b2e000 - 0x92b86fff libGLU.dylib
/System/Library/Frameworks/OpenGL.framework/Versions/A/Libraries/libGLU.dylib
0x92b9a000 - 0x92b9afff com.apple.Carbon 10.4 (???) /System/Library/Frameworks/Carbon.framework/Versions/A/Carbon
0x92b9c000 - 0x92bacfff com.apple.ImageCapture 3.0.4 /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/ImageCapture.framework/Versions/A/ImageCapture
0x92bba000 - 0x92bc2fff
com.apple.speech.recognition.framework 3.6 /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/SpeechRecognition.framework/Versions/A/SpeechRecognition
0x92bc8000 - 0x92bcdfff com.apple.securityhi 2.0.1
(24742)
/System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/SecurityHI.framework/Versions/A/SecurityHI
0x92bd3000 - 0x92c64fff com.apple.ink.framework
101.2.1 (71)
/System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/Ink.framework/Versions/A/Ink
0x92c78000 - 0x92c7bfff com.apple.help 1.0.3 (32.1) /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/Help.framework/Versions/A/Help
0x92c7e000 - 0x92c9bfff com.apple.openscripting 1.2.5
(???)
/System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/OpenScripting.framework/Versions/A/OpenScripting
0x92cab000 - 0x92cb1fff
com.apple.print.framework.Print 5.1 (192.3) /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/Print.framework/Versions/A/Print
0x92cb7000 - 0x92d1afff com.apple.htmlrendering 66.1
(1.1.3)
/System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/HTMLRendering.framework/Versions/A/HTMLRendering
0x92d3e000 - 0x92d7ffff com.apple.NavigationServices
3.4.4 (3.4.3)
/System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/NavigationServices.framework/Versions/A/NavigationServices
0x92da6000 - 0x92db3fff com.apple.audio.SoundManager
3.9.1
/System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/CarbonSound.framework/Versions/A/CarbonSound
0x92dba000 - 0x92dbffff com.apple.CommonPanels 1.2.3
(73)
/System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/CommonPanels.framework/Versions/A/CommonPanels
0x92dc4000 - 0x930b6fff com.apple.HIToolbox 1.4.8
(???)
/System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/HIToolbox.framework/Versions/A/HIToolbox
0x931bb000 - 0x931c6fff com.apple.opengl 1.4.12 /System/Library/Frameworks/OpenGL.framework/Versions/A/OpenGL
0x93256000 - 0x93256fff com.apple.Cocoa 6.4 (???) /System/Library/Frameworks/Cocoa.framework/Versions/A/Cocoa
0x93258000 - 0x9390efff com.apple.AppKit 6.4.8
(824.42)
/System/Library/Frameworks/AppKit.framework/Versions/C/AppKit
0x93c8f000 - 0x93d09fff com.apple.CoreData 90 /System/Library/Frameworks/CoreData.framework/Versions/A/CoreData
0x93d42000 - 0x93e03fff
com.apple.audio.toolbox.AudioToolbox 1.4.3 /System/Library/Frameworks/AudioToolbox.framework/Versions/A/AudioToolbox
0x93e43000 - 0x93e43fff
com.apple.audio.units.AudioUnit 1.4.2
/System/Library/Frameworks/AudioUnit.framework/Versions/A/AudioUnit
0x93e45000 - 0x94017fff com.apple.QuartzCore 1.4.9 /System/Library/Frameworks/QuartzCore.framework/Versions/A/QuartzCore
0x94068000 - 0x940a9fff libsqlite3.0.dylib /usr/lib/libsqlite3.0.dylib 0x940b1000 - 0x940ebfff libGLImage.dylib /System/Library/Frameworks/OpenGL.framework/Versions/A/Libraries/libGLImage.dylib
0x94271000 - 0x94280fff libCGATS.A.dylib /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/CoreGraphics.framework/Versions/A/Resources/libCGATS.A.dylib
0x94287000 - 0x94292fff libCSync.A.dylib /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/CoreGraphics.framework/Versions/A/Resources/libCSync.A.dylib
0x942de000 - 0x942f8fff libRIP.A.dylib
/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/CoreGraphics.framework/Versions/A/Resources/libRIP.A.dylib
0x942fe000 - 0x945b7fff com.apple.QuickTime 7.1.3 /System/Library/Frameworks/QuickTime.framework/Versions/A/QuickTime
0x94947000 - 0x9496cfff libssl.0.9.7.dylib /usr/lib/libssl.0.9.7.dylib 0x95145000 - 0x951d7fff com.apple.WebKit 418.9.1 /System/Library/Frameworks/WebKit.framework/Versions/A/WebKit
0x95231000 - 0x952b3fff com.apple.JavaScriptCore 418.3 /System/Library/Frameworks/WebKit.framework/Versions/A/Frameworks/JavaScriptCore.framework/Versions/A/JavaScriptCore
0x952e6000 - 0x955c5fff com.apple.WebCore 418.21 /System/Library/Frameworks/WebKit.framework/Versions/A/Frameworks/WebCore.framework/Versions/A/WebCore
0x95744000 - 0x95767fff libxslt.1.dylib /usr/lib/libxslt.1.dylib 0x9600f000 - 0x96025fff libJapaneseConverter.dylib /System/Library/CoreServices/Encodings/libJapaneseConverter.dylib
0x96027000 - 0x96048fff libKoreanConverter.dylib /System/Library/CoreServices/Encodings/libKoreanConverter.dylib
0x96055000 - 0x96063fff
libSimplifiedChineseConverter.dylib
/System/Library/CoreServices/Encodings/libSimplifiedChineseConverter.dylib
0x9606b000 - 0x9607dfff
libTraditionalChineseConverter.dylib
/System/Library/CoreServices/Encodings/libTraditionalChineseConverter.dylib
0x96a23000 - 0x96a23fff com.apple.vecLib 3.3.1 (vecLib
3.3.1)
/System/Library/Frameworks/vecLib.framework/Versions/A/vecLib
0x96f99000 - 0x97067fff libGLProgrammability.dylib /System/Library/Frameworks/OpenGL.framework/Versions/A/Libraries/libGLProgrammability.dylib
0x97082000 - 0x97083fff libGLSystem.dylib /System/Library/Frameworks/OpenGL.framework/Versions/A/Libraries/libGLSystem.dylib
0x97085000 - 0x9708afff com.apple.agl 2.5.9
(AGL-2.5.9)
/System/Library/Frameworks/AGL.framework/Versions/A/AGL
0x97406000 - 0x9741afff com.apple.audio.CoreAudioKit
1.0.1
/System/Library/Frameworks/CoreAudioKit.framework/Versions/A/CoreAudioKit
0x98b2a000 - 0x99614fff
com.apple.QuickTimeComponents.component 7.1.3 /System/Library/QuickTime/QuickTimeComponents.component/Contents/MacOS/QuickTimeComponents
0x99823000 - 0x99825fff
com.apple.QuickTimeH264.component 7.1.3
/System/Library/QuickTime/QuickTimeH264.component/Contents/MacOS/QuickTimeH264
0x99827000 - 0x999cffff QuickTimeH264.scalar /System/Library/QuickTime/QuickTimeH264.component/Contents/Resources/QuickTimeH264.scalar
0x99a3f000 - 0x99afcfff
com.apple.QuickTimeMPEG4.component 7.1.3
/System/Library/QuickTime/QuickTimeMPEG4.component/Contents/MacOS/QuickTimeMPEG4

Model: Macmini1,1, BootROM MM11.0055.B08, 1 processors, Intel Core Solo, 1.5 GHz, 512 MB
Graphics: Intel GMA 950, GMA 950, Built-In, spdisplays_integrated_vram Memory Module: BANK 0/DIMM0, 256 MB, DDR2 SDRAM, 667 MHz Memory Module: BANK 1/DIMM1, 256 MB, DDR2 SDRAM, 667 MHz
AirPort: spairport_wireless_card_type_airport_extreme
(0x168C, 0x86), 0.1.30
Bluetooth: Version 1.7.9f12, 2 service, 1 devices, 1 incoming serial ports Network Service: Built-in Ethernet, Ethernet, en0 Serial ATA Device: ST96812AS, 55.89 GB Parallel ATA Device: MATSHITACD-RW  CW-8124 USB Device: USBPS2, Up to 1.5 Mb/sec, 500 mA USB Device: Bluetooth HCI, Up to 12 Mb/sec, 500 mA USB Device: IR Receiver, Apple Computer, Inc., Up to
12 Mb/sec, 500 mA
FireWire Device: iSight, Apple Computer, Inc., Up to 400 Mb/sec

Comment 1 David Kilzer (:ddkilzer) 2007-03-02 16:13:20 PST

(In reply to comment #0)
> The WebKit version is the default for 10.4.8 on Intel Mac which I believe is
> 419.x - Since this is a randomly occuring customer crash we don't have anyway
> of using the CVS or nightly webkits on their end.

The 419.x version is the Safari build (as in "2.0.4 (419.3)").  This web page describes how to map the WebKit version with the Safari version:

http://developer.apple.com/internet/safari/uamatrix.html

If any of your users has found a way to reproduce this issue, a reproducible test case is going to be the fastest path to getting this issue fixed.

Comment 2 Aron Rosenberg 2007-03-02 16:59:07 PST

I would love to be able to get a reproducable scenario, it took us months to finally have somebody properly give us a crash report and then they didn't know exactly what they were doing.

I don't know the internals of the WebKit well, but reading the call stack, it seems that the user might have been trying to copy / paste text or something along those lines? Am I right with this guess?

Comment 3 David Kilzer (:ddkilzer) 2007-03-02 17:41:58 PST

(In reply to comment #2)
> I would love to be able to get a reproducable scenario, it took us months to
> finally have somebody properly give us a crash report and then they didn't know
> exactly what they were doing.

If any of your users sent a crash report to Apple, the Safari engineers may be able to review similar stacks and provide a count of how many times it was reported, but probably won't have much more information than that.

> I don't know the internals of the WebKit well, but reading the call stack, it
> seems that the user might have been trying to copy / paste text or something
> along those lines? Am I right with this guess?

My analysis of the stack trace was that the user clicked on a URL with a hash on it (foo.html#bar), but I'm not sure what the last two method calls do.  (I'm not as familiar with the "older" internal WebKit APIs from the Tiger era.)

Comment 4 Robert Blaut 2008-03-16 10:55:39 PDT

Aron, do the crashes still happen?

Comment 5 Aron Rosenberg 2008-03-16 11:36:30 PDT

We have not gotten a report of this in many months - my guess is that Safari 3 fixed the issue

Comment 6 Robert Blaut 2008-03-16 11:59:15 PDT

(In reply to comment #5)
> We have not gotten a report of this in many months - my guess is that Safari 3
> fixed the issue
> 

Aron, thank you for the info! So I resolve the bug as WORSKFORME.