Bug 18722 - Webkit Nightly Build crashes when visiting i has a hotdog.
Summary: Webkit Nightly Build crashes when visiting i has a hotdog.
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: Layout and Rendering (show other bugs)
Version: 528+ (Nightly build)
Hardware: Mac OS X 10.5
: P1 Major
Assignee: mitz
URL: http://ihasahotdog.com
Keywords: InRadar, NeedsReduction, Regression
: 18639 (view as bug list)
Depends on:
Blocks:
 
Reported: 2008-04-24 15:58 PDT by Mattias Stahre
Modified: 2008-05-29 15:02 PDT (History)
3 users (show)

See Also:

Attachments
Patch with regression test (5.11 KB, patch)
2008-04-24 20:55 PDT, mitz 		hyatt: review+
Details | Formatted Diff | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Mattias Stahre 2008-04-24 15:58:10 PDT 
When visiting ihasahotdog.com there is an instant crash of the webbrowser when using nightly builds, however, the "stable" Safari 3.1 do not crash when visiting this site.
Comment 1 Mark Rowe (bdash) 2008-04-24 16:03:05 PDT 
Exception Type:  EXC_BAD_ACCESS (SIGBUS)
Exception Codes: KERN_PROTECTION_FAILURE at 0x00000000000001d4
Crashed Thread:  0

Thread 0 Crashed:
0   com.apple.WebCore             	0x0107bf6b WebCore::RenderBlock::determineStartPosition(bool&, WebCore::BidiResolver<WebCore::BidiIterator, WebCore::BidiRun>&, WTF::Vector<WebCore::RenderBlock::FloatWithRect, 0ul>&, unsigned int&) + 283
1   com.apple.WebCore             	0x0107f7af WebCore::RenderBlock::layoutInlineChildren(bool, int&, int&) + 1039
2   com.apple.WebCore             	0x00eb3e8c WebCore::RenderBlock::layoutBlock(bool) + 716
3   com.apple.WebCore             	0x00ea5f28 WebCore::RenderBlock::layout() + 40
4   com.apple.WebCore             	0x00eb023f WebCore::RenderBlock::layoutBlockChildren(bool, int&) + 1935
5   com.apple.WebCore             	0x00eb43b9 WebCore::RenderBlock::layoutBlock(bool) + 2041
6   com.apple.WebCore             	0x00ea5f28 WebCore::RenderBlock::layout() + 40
7   com.apple.WebCore             	0x00eb023f WebCore::RenderBlock::layoutBlockChildren(bool, int&) + 1935
8   com.apple.WebCore             	0x00eb43b9 WebCore::RenderBlock::layoutBlock(bool) + 2041
9   com.apple.WebCore             	0x00ea5f28 WebCore::RenderBlock::layout() + 40
10  com.apple.WebCore             	0x00eb023f WebCore::RenderBlock::layoutBlockChildren(bool, int&) + 1935
11  com.apple.WebCore             	0x00eb43b9 WebCore::RenderBlock::layoutBlock(bool) + 2041
12  com.apple.WebCore             	0x00ea5f28 WebCore::RenderBlock::layout() + 40
13  com.apple.WebCore             	0x00ea7ca4 WebCore::RenderBlock::insertFloatingObject(WebCore::RenderObject*) + 116
14  com.apple.WebCore             	0x00eaf637 WebCore::RenderBlock::handleFloatingChild(WebCore::RenderObject*, WebCore::RenderBlock::MarginInfo const&, bool&) + 39
15  com.apple.WebCore             	0x00eaf6ca WebCore::RenderBlock::handleSpecialChild(WebCore::RenderObject*, WebCore::RenderBlock::MarginInfo const&, WebCore::RenderBlock::CompactInfo&, bool&) + 106
16  com.apple.WebCore             	0x00eafc11 WebCore::RenderBlock::layoutBlockChildren(bool, int&) + 353
17  com.apple.WebCore             	0x00eb43b9 WebCore::RenderBlock::layoutBlock(bool) + 2041
Comment 2 Mark Rowe (bdash) 2008-04-24 16:03:45 PDT 
<rdar://problem/5888360>
Comment 3 Mark Rowe (bdash) 2008-04-24 16:04:12 PDT 
Crash log was from r32516.
Comment 4 mitz 2008-04-24 20:55:21 PDT 
Created attachment 20806 [details]
Patch with regression test
Comment 5 Dave Hyatt 2008-04-24 21:03:07 PDT 
Comment on attachment 20806 [details]
Patch with regression test

r=me, but I'm taking off points for you not saying "I can haz review?" when you posted the patch.
Comment 6 mitz 2008-04-24 21:08:22 PDT 
Fixed in <http://trac.webkit.org/projects/webkit/changeset/32532>.
Comment 7 mitz 2008-05-29 15:02:44 PDT 
*** Bug 18639 has been marked as a duplicate of this bug. ***