Created attachment 21597 [details] test case (crashes Safari)

This crashes Debug mode for me, but might not crash release mode. A way to make it crash release mode would be to probably force a GC between the two navigations. I'm not sure I remember how to force a GC (probably allocate 1000 objects).

Yup. Crashes every time in debug mode. Not sure how to make release mode crash here.

This is the crashing stack trace, btw: Process: Safari [16736] Path: /Applications/Safari.app/Contents/MacOS/Safari Identifier: com.apple.Safari Version: 3.1.1 (5525.18) Build Info: WebBrowser-55251800~2 Code Type: X86 (Native) Parent Process: perl [16730] Date/Time: 2008-06-09 14:40:31.842 -0700 OS Version: Mac OS X 10.5.2 (9C7010) Report Version: 6 Exception Type: EXC_BAD_ACCESS (SIGSEGV) Exception Codes: KERN_INVALID_ADDRESS at 0x0000000065523031 Crashed Thread: 0 Thread 0 Crashed: 0 ??? 0x65523031 0 + 1699885105 1 com.apple.WebCore 0x028618bf WebCore::Document::removeAllDisconnectedNodeEventListeners() + 81 (Document.cpp:1323) 2 com.apple.WebCore 0x02861931 WebCore::Document::removeAllEventListenersFromAllNodes() + 33 (Document.cpp:1302) 3 com.apple.WebCore 0x0290ceb7 WebCore::FrameLoader::stopLoading(bool) + 541 (FrameLoader.cpp:599) 4 com.apple.WebCore 0x0290d4d6 WebCore::FrameLoader::closeURL() + 36 (FrameLoader.cpp:661) 5 com.apple.WebCore 0x0290f7b8 WebCore::FrameLoader::transitionToCommitted(WTF::PassRefPtr<WebCore::CachedPage>) + 262 (FrameLoader.cpp:2697) 6 com.apple.WebCore 0x0290fd6b WebCore::FrameLoader::commitProvisionalLoad(WTF::PassRefPtr<WebCore::CachedPage>) + 335 (FrameLoader.cpp:2654) 7 com.apple.WebCore 0x0288af92 WebCore::DocumentLoader::commitIfReady() + 94 (DocumentLoader.cpp:334) 8 com.apple.WebCore 0x0288b221 WebCore::DocumentLoader::finishedLoading() + 27 (DocumentLoader.cpp:342) 9 com.apple.WebCore 0x029053c2 WebCore::FrameLoader::finishedLoading() + 72 (FrameLoader.cpp:2908) 10 com.apple.WebCore 0x02afe11b WebCore::MainResourceLoader::didFinishLoading() + 207 (MainResourceLoader.cpp:321) 11 com.apple.WebCore 0x02afe725 WebCore::MainResourceLoader::continueAfterContentPolicy(WebCore::PolicyAction, WebCore::ResourceResponse const&) + 1283 (MainResourceLoader.cpp:252) 12 com.apple.WebCore 0x02afe7fb WebCore::MainResourceLoader::continueAfterContentPolicy(WebCore::PolicyAction) + 183 (MainResourceLoader.cpp:266) 13 com.apple.WebCore 0x02afe828 WebCore::MainResourceLoader::callContinueAfterContentPolicy(void*, WebCore::PolicyAction) + 24 (MainResourceLoader.cpp:258) 14 com.apple.WebCore 0x028fee55 WebCore::PolicyCheck::call(WebCore::PolicyAction) + 241 (FrameLoader.cpp:4726) 15 com.apple.WebCore 0x0290478a WebCore::FrameLoader::continueAfterContentPolicy(WebCore::PolicyAction) + 68 (FrameLoader.cpp:3137) 16 com.apple.WebKit 0x001bd37e WebFrameLoaderClient::receivedPolicyDecison(WebCore::PolicyAction) + 296 (WebFrameLoaderClient.mm:992) 17 com.apple.WebKit 0x001bd630 -[WebFramePolicyListener receivedPolicyDecision:] + 134 (WebFrameLoaderClient.mm:1534) 18 com.apple.WebKit 0x001bd21e -[WebFramePolicyListener use] + 44 (WebFrameLoaderClient.mm:1550) 19 com.apple.Safari 0x0002441f 0x1000 + 144415 20 com.apple.CoreFoundation 0x9043cb7d __invoking___ + 29 21 com.apple.CoreFoundation 0x9043c568 -[NSInvocation invoke] + 136 22 com.apple.CoreFoundation 0x9043c638 -[NSInvocation invokeWithTarget:] + 72 23 com.apple.WebKit 0x0021b7a5 -[_WebSafeForwarder forwardInvocation:] + 273 (WebView.mm:1694) 24 com.apple.CoreFoundation 0x9043caaa ___forwarding___ + 986 25 com.apple.CoreFoundation 0x9043cb12 _CF_forwarding_prep_0 + 50 26 com.apple.WebKit 0x001bd596 WebFrameLoaderClient::dispatchDecidePolicyForMIMEType(void (WebCore::FrameLoader::*)(WebCore::PolicyAction), WebCore::String const&, WebCore::ResourceRequest const&) + 206 (WebFrameLoaderClient.mm:584) 27 com.apple.WebCore 0x0290571b WebCore::FrameLoader::checkContentPolicy(WebCore::String const&, void (*)(void*, WebCore::PolicyAction), void*) + 371 (FrameLoader.cpp:2363) 28 com.apple.WebCore 0x02aff748 WebCore::MainResourceLoader::didReceiveResponse(WebCore::ResourceResponse const&) + 434 (MainResourceLoader.cpp:292) 29 com.apple.WebCore 0x02afecc6 WebCore::MainResourceLoader::handleEmptyLoad(WebCore::KURL const&, bool) + 326 (MainResourceLoader.cpp:349) 30 com.apple.WebCore 0x02afef98 WebCore::MainResourceLoader::loadNow(WebCore::ResourceRequest&) + 692 (MainResourceLoader.cpp:400) 31 com.apple.WebCore 0x02aff505 WebCore::MainResourceLoader::load(WebCore::ResourceRequest const&, WebCore::SubstituteData const&) + 897 (MainResourceLoader.cpp:445) 32 com.apple.WebCore 0x028896f0 WebCore::DocumentLoader::startLoadingMainResource(unsigned long) + 276 (DocumentLoader.cpp:797) 33 com.apple.WebCore 0x028ff9e9 WebCore::FrameLoader::continueLoadAfterWillSubmitForm(WebCore::PolicyAction) + 287 (FrameLoader.cpp:3160) 34 com.apple.WebCore 0x02904bf2 WebCore::FrameLoader::continueLoadAfterNavigationPolicy(WebCore::ResourceRequest const&, WTF::PassRefPtr<WebCore::FormState>, bool) + 806 (FrameLoader.cpp:3771) 35 com.apple.WebCore 0x02904c40 WebCore::FrameLoader::callContinueLoadAfterNavigationPolicy(void*, WebCore::ResourceRequest const&, WTF::PassRefPtr<WebCore::FormState>, bool) + 70 (FrameLoader.cpp:3717) 36 com.apple.WebCore 0x02901800 WebCore::PolicyCheck::call(bool) + 110 (FrameLoader.cpp:4714) 37 com.apple.WebCore 0x02904667 WebCore::FrameLoader::continueAfterNavigationPolicy(WebCore::PolicyAction) + 397 (FrameLoader.cpp:3710) 38 com.apple.WebKit 0x001bd37e WebFrameLoaderClient::receivedPolicyDecison(WebCore::PolicyAction) + 296 (WebFrameLoaderClient.mm:992) 39 com.apple.WebKit 0x001bd630 -[WebFramePolicyListener receivedPolicyDecision:] + 134 (WebFrameLoaderClient.mm:1534) 40 com.apple.WebKit 0x001bd21e -[WebFramePolicyListener use] + 44 (WebFrameLoaderClient.mm:1550) 41 com.apple.CoreFoundation 0x9043cb7d __invoking___ + 29 42 com.apple.CoreFoundation 0x9043c568 -[NSInvocation invoke] + 136 43 com.apple.CoreFoundation 0x9043c638 -[NSInvocation invokeWithTarget:] + 72 44 com.apple.WebKit 0x0021b7a5 -[_WebSafeForwarder forwardInvocation:] + 273 (WebView.mm:1694) 45 com.apple.CoreFoundation 0x9043caaa ___forwarding___ + 986 46 com.apple.CoreFoundation 0x9043cb12 _CF_forwarding_prep_0 + 50 47 com.apple.WebKit 0x001bf7bd WebFrameLoaderClient::dispatchDecidePolicyForNavigationAction(void (WebCore::FrameLoader::*)(WebCore::PolicyAction), WebCore::NavigationAction const&, WebCore::ResourceRequest const&) + 213 (WebFrameLoaderClient.mm:606) 48 com.apple.WebCore 0x02905bab WebCore::FrameLoader::checkNavigationPolicy(WebCore::ResourceRequest const&, WebCore::DocumentLoader*, WTF::PassRefPtr<WebCore::FormState>, void (*)(void*, WebCore::ResourceRequest const&, WTF::PassRefPtr<WebCore::FormState>, bool), void*) + 709 (FrameLoader.cpp:3680) 49 com.apple.WebCore 0x0290679c WebCore::FrameLoader::load(WebCore::DocumentLoader*, WebCore::FrameLoadType, WTF::PassRefPtr<WebCore::FormState>) + 368 (FrameLoader.cpp:2256) 50 com.apple.WebCore 0x0290721c WebCore::FrameLoader::load(WebCore::ResourceRequest const&, WebCore::NavigationAction const&, WebCore::FrameLoadType, WTF::PassRefPtr<WebCore::FormState>) + 270 (FrameLoader.cpp:2209) 51 com.apple.WebCore 0x0290880d WebCore::FrameLoader::load(WebCore::KURL const&, WebCore::String const&, WebCore::FrameLoadType, WebCore::String const&, WebCore::Event*, WTF::PassRefPtr<WebCore::FormState>) + 963 (FrameLoader.cpp:2157) 52 com.apple.WebCore 0x02908634 WebCore::FrameLoader::load(WebCore::KURL const&, WebCore::String const&, WebCore::FrameLoadType, WebCore::String const&, WebCore::Event*, WTF::PassRefPtr<WebCore::FormState>) + 490 (FrameLoader.cpp:2121) 53 com.apple.WebCore 0x02908f5a WebCore::FrameLoader::load(WebCore::FrameLoadRequest const&, bool, bool, WebCore::Event*, WebCore::HTMLFormElement*, WTF::HashMap<WebCore::String, WebCore::String, WebCore::StringHash, WTF::HashTraits<WebCore::String>, WTF::HashTraits<WebCore::String> > const&) + 936 (FrameLoader.cpp:2093) 54 com.apple.WebCore 0x0290917c WebCore::FrameLoader::urlSelected(WebCore::FrameLoadRequest const&, WebCore::Event*, bool, bool) + 222 (FrameLoader.cpp:3276) 55 com.apple.WebCore 0x0290b238 WebCore::FrameLoader::urlSelected(WebCore::ResourceRequest const&, WebCore::String const&, WebCore::Event*, bool, bool) + 372 (FrameLoader.cpp:410) 56 com.apple.WebCore 0x0290b35d WebCore::FrameLoader::changeLocation(WebCore::KURL const&, WebCore::String const&, bool, bool) + 263 (FrameLoader.cpp:393) 57 com.apple.WebCore 0x0290b3db WebCore::FrameLoader::changeLocation(WebCore::String const&, WebCore::String const&, bool, bool) + 89 (FrameLoader.cpp:381) 58 com.apple.WebCore 0x0290b51d WebCore::FrameLoader::redirectionTimerFired(WebCore::Timer<WebCore::FrameLoader>*) + 303 (FrameLoader.cpp:1506) 59 com.apple.WebCore 0x0291205d WebCore::Timer<WebCore::FrameLoader>::fired() + 89 (Timer.h:99) 60 com.apple.WebCore 0x02d557fe WebCore::TimerBase::fireTimers(double, WTF::Vector<WebCore::TimerBase*, 0ul> const&) + 198 (Timer.cpp:350) 61 com.apple.WebCore 0x02d558a6 WebCore::TimerBase::sharedTimerFired() + 110 (Timer.cpp:370) 62 com.apple.WebCore 0x02d30032 WebCore::timerFired(__CFRunLoopTimer*, void*) + 78 (SharedTimerMac.mm:85) 63 com.apple.CoreFoundation 0x903bdb5e CFRunLoopRunSpecific + 4494 64 com.apple.CoreFoundation 0x903bdd18 CFRunLoopRunInMode + 88 65 com.apple.HIToolbox 0x915e36a0 RunCurrentEventLoopInMode + 283 66 com.apple.HIToolbox 0x915e34b9 ReceiveNextEventCommon + 374 67 com.apple.HIToolbox 0x915e332d BlockUntilNextEventMatchingListInMode + 106 68 com.apple.AppKit 0x904f87d9 _DPSNextEvent + 657 69 com.apple.AppKit 0x904f808e -[NSApplication nextEventMatchingMask:untilDate:inMode:dequeue:] + 128 70 com.apple.Safari 0x00007f2e 0x1000 + 28462 71 com.apple.AppKit 0x904f10c5 -[NSApplication run] + 795 72 com.apple.AppKit 0x904be30a NSApplicationMain + 574 73 com.apple.Safari 0x000b9906 0x1000 + 755974 Thread 1: 0 libSystem.B.dylib 0x94de2bce __semwait_signal + 10 1 libSystem.B.dylib 0x94e0d8cd pthread_cond_wait$UNIX2003 + 73 2 com.apple.JavaScriptCore 0x00512b7f WTF::ThreadCondition::wait(WTF::Mutex&) + 39 (ThreadingPthreads.cpp:207) 3 com.apple.WebCore 0x029b19a9 WebCore::IconDatabase::syncThreadMainLoop() + 641 (IconDatabase.cpp:1313) 4 com.apple.WebCore 0x029b1e8c WebCore::IconDatabase::iconDatabaseSyncThread() + 1198 (IconDatabase.cpp:1015) 5 com.apple.WebCore 0x029b1ebb WebCore::IconDatabase::iconDatabaseSyncThreadStart(void*) + 23 (IconDatabase.cpp:919) 6 libSystem.B.dylib 0x94e0cc55 _pthread_start + 321 7 libSystem.B.dylib 0x94e0cb12 thread_start + 34 Thread 2: 0 libSystem.B.dylib 0x94ddb9e6 mach_msg_trap + 10 1 libSystem.B.dylib 0x94de31dc mach_msg + 72 2 com.apple.CoreFoundation 0x903bd0de CFRunLoopRunSpecific + 1806 3 com.apple.CoreFoundation 0x903bdd18 CFRunLoopRunInMode + 88 4 com.apple.CFNetwork 0x94ad16cc CFURLCacheWorkerThread(void*) + 396 5 libSystem.B.dylib 0x94e0cc55 _pthread_start + 321 6 libSystem.B.dylib 0x94e0cb12 thread_start + 34 Thread 3: 0 libSystem.B.dylib 0x94ddb9e6 mach_msg_trap + 10 1 libSystem.B.dylib 0x94de31dc mach_msg + 72 2 com.apple.CoreFoundation 0x903bd0de CFRunLoopRunSpecific + 1806 3 com.apple.CoreFoundation 0x903bdd18 CFRunLoopRunInMode + 88 4 com.apple.Foundation 0x950faac0 +[NSURLConnection(NSURLConnectionReallyInternal) _resourceLoadLoop:] + 320 5 com.apple.Foundation 0x950975ad -[NSThread main] + 45 6 com.apple.Foundation 0x95097154 __NSThread__main__ + 308 7 libSystem.B.dylib 0x94e0cc55 _pthread_start + 321 8 libSystem.B.dylib 0x94e0cb12 thread_start + 34 Thread 0 crashed with X86 Thread State (32-bit): eax: 0x1624e230 ebx: 0x027d4958 ecx: 0xbfffc85c edx: 0x65523031 edi: 0x1624e9b0 esi: 0x001b9a8c ebp: 0xbfffc878 esp: 0xbfffc85c ss: 0x0000001f efl: 0x00010216 eip: 0x65523031 cs: 0x00000017 ds: 0x0000001f es: 0x0000001f fs: 0x00000000 gs: 0x00000037 cr2: 0x65523031 Binary Images: 0x1000 - 0x132fef com.apple.Safari 3.1.1 (5525.18) <7b337979f11e6e15dd50072420a92680> /Applications/Safari.app/Contents/MacOS/Safari 0x17a000 - 0x292fef com.apple.WebKit 527+ (527+) <81261c18a11f11f12ea237702d8b8f24> /Users/eseidel/Projects/build/Debug/WebKit.framework/Versions/A/WebKit 0x43d000 - 0x44cff8 SyndicationUI ??? (???) <d148012be42c8a6e21f9cc58739c8dc7> /System/Library/PrivateFrameworks/SyndicationUI.framework/Versions/A/SyndicationUI 0x45c000 - 0x54ffe4 com.apple.JavaScriptCore 527+ (527+) <faa504ea8546601384b28a44464d2776> /Users/eseidel/Projects/build/Debug/JavaScriptCore.framework/Versions/A/JavaScriptCore 0x900000 - 0x905ff3 libCGXCoreImage.A.dylib ??? (???) <978986709159e5fe9e094df5efddac1d> /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/CoreGraphics.framework/Versions/A/Resources/libCGXCoreImage.A.dylib 0xaee000 - 0xbdcfef com.apple.RawCamera.bundle 2.0.3 (2.0.3) /System/Library/CoreServices/RawCamera.bundle/Contents/MacOS/RawCamera 0x2702000 - 0x338aff2 com.apple.WebCore 527+ (527+) <b9fb2ba27a5867102ae6b2ddcd6f1356> /Users/eseidel/Projects/build/Debug/WebCore.framework/Versions/A/WebCore 0x8fe00000 - 0x8fe2da53 dyld 96.2 (???) <7af47d3b00b2268947563c7fa8c59a07> /usr/lib/dyld 0x90003000 - 0x90007fff libmathCommon.A.dylib ??? (???) /usr/lib/system/libmathCommon.A.dylib 0x90009000 - 0x90095ff7 com.apple.LaunchServices 286.5 (286.5) <33c3ae54abb276b61a99d4c764d883e2> /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/LaunchServices.framework/Versions/A/LaunchServices 0x90096000 - 0x90161fff com.apple.ColorSync 4.5.0 (4.5.0) /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ColorSync.framework/Versions/A/ColorSync 0x90205000 - 0x9034aff7 com.apple.ImageIO.framework 2.0.1 (2.0.1) <68ba11e689a9ca30f8310935cd1e02d6> /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ImageIO.framework/Versions/A/ImageIO 0x9034b000 - 0x9047dfef com.apple.CoreFoundation 6.5.1 (476.10) <d5bed2688a5eea11a6dc3a3c5c17030e> /System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation 0x9047e000 - 0x9049dffa libJPEG.dylib ??? (???) <0cfb80109d624beb9ceb3c43b6c5ec10> /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ImageIO.framework/Versions/A/Resources/libJPEG.dylib 0x9049e000 - 0x904a5fe9 libgcc_s.1.dylib ??? (???) <f53c808e87d1184c0f9df63aef53ce0b> /usr/lib/libgcc_s.1.dylib 0x904a6000 - 0x904a8ff5 libRadiance.dylib ??? (???) <20eadb285da83df96c795c2c5fa20590> /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ImageIO.framework/Versions/A/Resources/libRadiance.dylib 0x904a9000 - 0x904b7ffd libz.1.dylib ??? (???) <5ddd8539ae2ebfd8e7cc1c57525385c7> /usr/lib/libz.1.dylib 0x904b8000 - 0x90cb5fef com.apple.AppKit 6.5.2 (949.26) <bc4593edd8a224409fb6953a354505a0> /System/Library/Frameworks/AppKit.framework/Versions/C/AppKit 0x90cfe000 - 0x90fd7ff3 com.apple.CoreServices.CarbonCore 785.8 (785.8) <827c228e7d717b397cdb4941eba69553> /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/CarbonCore.framework/Versions/A/CarbonCore 0x91045000 - 0x91045fff com.apple.Carbon 136 (136) <98a5e3bc0c4fa44bbb09713bb88707fe> /System/Library/Frameworks/Carbon.framework/Versions/A/Carbon 0x912af000 - 0x912befff libsasl2.2.dylib ??? (???) <b9e1ca0b6612e280b6cbea6df0eec5f6> /usr/lib/libsasl2.2.dylib 0x912bf000 - 0x91319ff7 com.apple.CoreText 2.0.1 (???) <07494945ad1e3f5395599f42748457cc> /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/CoreText.framework/Versions/A/CoreText 0x9131a000 - 0x91364fe1 com.apple.securityinterface 3.0 (32532) <f521dae416ce7a3bdd594b0d4e2fb517> /System/Library/Frameworks/SecurityInterface.framework/Versions/A/SecurityInterface 0x91383000 - 0x91383ffb com.apple.installserver.framework 1.0 (8) /System/Library/PrivateFrameworks/InstallServer.framework/Versions/A/InstallServer 0x91384000 - 0x913bbfff com.apple.SystemConfiguration 1.9.1 (1.9.1) <8a76e429301afe4eba1330bfeaabd9f2> /System/Library/Frameworks/SystemConfiguration.framework/Versions/A/SystemConfiguration 0x913c2000 - 0x913c6fff libGIF.dylib ??? (???) <d4234e6f5e5f530bdafb969157f1f17b> /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ImageIO.framework/Versions/A/Resources/libGIF.dylib 0x913c7000 - 0x91479ffb libcrypto.0.9.7.dylib ??? (???) <330b0e48e67faffc8c22dfc069ca7a47> /usr/lib/libcrypto.0.9.7.dylib 0x914ac000 - 0x914acffc com.apple.audio.units.AudioUnit 1.5 (1.5) /System/Library/Frameworks/AudioUnit.framework/Versions/A/AudioUnit 0x914ad000 - 0x9152afef libvMisc.dylib ??? (???) /System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vecLib.framework/Versions/A/libvMisc.dylib 0x9159e000 - 0x915a9fe7 libCSync.A.dylib ??? (???) <df82fc093e498a9eb5490761cb292218> /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/CoreGraphics.framework/Versions/A/Resources/libCSync.A.dylib 0x915aa000 - 0x915b2fff com.apple.DiskArbitration 2.2.1 (2.2.1) <75b0c8d8940a8a27816961dddcac8e0f> /System/Library/Frameworks/DiskArbitration.framework/Versions/A/DiskArbitration 0x915b3000 - 0x918bbfff com.apple.HIToolbox 1.5.2 (???) <7449d6f2da33ded6936243a92e307459> /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/HIToolbox.framework/Versions/A/HIToolbox 0x918bc000 - 0x918ccffc com.apple.LangAnalysis 1.6.4 (1.6.4) <cbeb17ab39f28351fe2ab5b82bf465bc> /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/LangAnalysis.framework/Versions/A/LangAnalysis 0x918cd000 - 0x918e5fff com.apple.openscripting 1.2.6 (???) <b8e553df643f2aec68fa968b3b459b2b> /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/OpenScripting.framework/Versions/A/OpenScripting 0x918e6000 - 0x9196dff7 libsqlite3.0.dylib ??? (???) <6978bbcca4277d6ae9f042beff643f7d> /usr/lib/libsqlite3.0.dylib 0x9196e000 - 0x91979ff9 com.apple.helpdata 1.0 (14) /System/Library/PrivateFrameworks/HelpData.framework/Versions/A/HelpData 0x9197a000 - 0x91a5fff3 com.apple.CoreData 100.1 (186) <8e28162ef2288692615b52acc01f8b54> /System/Library/Frameworks/CoreData.framework/Versions/A/CoreData 0x91a60000 - 0x91ab0feb com.apple.framework.familycontrols 1.0.2 (1.0.2) <41191d08725b27c8480cd7e90fd73ee8> /System/Library/PrivateFrameworks/FamilyControls.framework/Versions/A/FamilyControls 0x91afe000 - 0x91c7cfff com.apple.AddressBook.framework 4.1 (687.1) <b2f2f2c925eb080e53b841014e4f9a7c> /System/Library/Frameworks/AddressBook.framework/Versions/A/AddressBook 0x91eaa000 - 0x91ecefff libxslt.1.dylib ??? (???) <4933ddc7f6618743197aadc85b33b5ab> /usr/lib/libxslt.1.dylib 0x91ecf000 - 0x91ecfffd com.apple.Accelerate 1.4.2 (Accelerate 1.4.2) /System/Library/Frameworks/Accelerate.framework/Versions/A/Accelerate 0x91ed0000 - 0x922e0fef libBLAS.dylib ??? (???) /System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vecLib.framework/Versions/A/libBLAS.dylib 0x922e1000 - 0x92313fff com.apple.LDAPFramework 1.4.3 (106) <3a5c9df6032143cd6bc2658a9d328d8e> /System/Library/Frameworks/LDAP.framework/Versions/A/LDAP 0x92314000 - 0x9233cfff libcups.2.dylib ??? (???) <2f0a710a9128882efb2ed92ad139b58c> /usr/lib/libcups.2.dylib 0x9233d000 - 0x9241cfff libobjc.A.dylib ??? (???) <a53206274b6c2d42691f677863f379ae> /usr/lib/libobjc.A.dylib 0x9241d000 - 0x92541fe3 com.apple.audio.toolbox.AudioToolbox 1.5.1 (1.5.1) /System/Library/Frameworks/AudioToolbox.framework/Versions/A/AudioToolbox 0x92542000 - 0x92552fff com.apple.speech.synthesis.framework 3.6.59 (3.6.59) <4ffef145fad3d4d787e0c33eab26b336> /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/SpeechSynthesis.framework/Versions/A/SpeechSynthesis 0x93604000 - 0x93660ff7 com.apple.htmlrendering 68 (1.1.3) <fe87a9dede38db00e6c8949942c6bd4f> /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/HTMLRendering.framework/Versions/A/HTMLRendering 0x93661000 - 0x936a3fef com.apple.NavigationServices 3.5.1 (161) <cc6bd78eabf1e2e7166914e9f12f5850> /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/NavigationServices.framework/Versions/A/NavigationServices 0x936a4000 - 0x936e9fef com.apple.Metadata 10.5.2 (398.7) <73a6424c06effc474e699cde6883de99> /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/Metadata.framework/Versions/A/Metadata 0x936ea000 - 0x936feff3 com.apple.ImageCapture 4.0 (5.0.0) /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/ImageCapture.framework/Versions/A/ImageCapture 0x936ff000 - 0x93727ff7 com.apple.shortcut 1 (1.0) <057783867138902b52bc0941fedb74d1> /System/Library/PrivateFrameworks/Shortcut.framework/Versions/A/Shortcut 0x93728000 - 0x93766ff7 libGLImage.dylib ??? (???) <090de775838db03ddc710f57abbf6218> /System/Library/Frameworks/OpenGL.framework/Versions/A/Libraries/libGLImage.dylib 0x93768000 - 0x93c3bfde libGLProgrammability.dylib ??? (???) <a3d68f17f37ff55a3e61aca1e3aee522> /System/Library/Frameworks/OpenGL.framework/Versions/A/Libraries/libGLProgrammability.dylib 0x93c8b000 - 0x93d1efff com.apple.ink.framework 101.3 (86) <bf3fa8927b4b8baae92381a976fd2079> /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/Ink.framework/Versions/A/Ink 0x93d2d000 - 0x93d92ffb com.apple.ISSupport 1.6 (34) /System/Library/PrivateFrameworks/ISSupport.framework/Versions/A/ISSupport 0x940ba000 - 0x940f4fff com.apple.coreui 1.1 (61) /System/Library/PrivateFrameworks/CoreUI.framework/Versions/A/CoreUI 0x940f5000 - 0x940f7fff com.apple.securityhi 3.0 (30817) <2b2854123fed609d1820d2779e2e0963> /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/SecurityHI.framework/Versions/A/SecurityHI 0x940f8000 - 0x94172ff8 com.apple.print.framework.PrintCore 5.5.2 (245.1) <3c9de512e95fbd838694ee5008d56a28> /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/PrintCore.framework/Versions/A/PrintCore 0x94173000 - 0x941f2ff5 com.apple.SearchKit 1.2.0 (1.2.0) <277b460da86bc222785159fe77e2e2ed> /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/SearchKit.framework/Versions/A/SearchKit 0x941f3000 - 0x945b1fea libLAPACK.dylib ??? (???) /System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vecLib.framework/Versions/A/libLAPACK.dylib 0x945b2000 - 0x945b2ffa com.apple.CoreServices 32 (32) <2fcc8f3bd5bbfc000b476cad8e6a3dd2> /System/Library/Frameworks/CoreServices.framework/Versions/A/CoreServices 0x945b3000 - 0x945ecffe com.apple.securityfoundation 3.0 (32989) <e9171eda22c69c884a04a001aeb526e0> /System/Library/Frameworks/SecurityFoundation.framework/Versions/A/SecurityFoundation 0x945ed000 - 0x94694feb com.apple.QD 3.11.52 (???) <c72bd7bd2ce12694c3640a731d1ad878> /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/QD.framework/Versions/A/QD 0x94695000 - 0x946cbfef libtidy.A.dylib ??? (???) <e4d3e7399fb83d7f145f9b4ec8196242> /usr/lib/libtidy.A.dylib 0x946cc000 - 0x946ccffd com.apple.Accelerate.vecLib 3.4.2 (vecLib 3.4.2) /System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vecLib.framework/Versions/A/vecLib 0x946cd000 - 0x94749feb com.apple.audio.CoreAudio 3.1.0 (3.1) <70bb7c657061631491029a61babe0b26> /System/Library/Frameworks/CoreAudio.framework/Versions/A/CoreAudio 0x94752000 - 0x9491dff7 com.apple.security 5.0.2 (33001) <0788969ffe7961153219be10786da436> /System/Library/Frameworks/Security.framework/Versions/A/Security 0x9491e000 - 0x9491fffc libffi.dylib ??? (???) <a3b573eb950ca583290f7b2b4c486d09> /usr/lib/libffi.dylib 0x94920000 - 0x9494dfeb libvDSP.dylib ??? (???) <b232c018ddd040ec4e2c2af632dd497f> /System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vecLib.framework/Versions/A/libvDSP.dylib 0x9494e000 - 0x9494eff8 com.apple.ApplicationServices 34 (34) <8f910fa65f01d401ad8d04cc933cf887> /System/Library/Frameworks/ApplicationServices.framework/Versions/A/ApplicationServices 0x9494f000 - 0x9494fffd com.apple.vecLib 3.4.2 (vecLib 3.4.2) /System/Library/Frameworks/vecLib.framework/Versions/A/vecLib 0x94985000 - 0x94a86fef com.apple.PubSub 1.0.3 (65.1) /System/Library/Frameworks/PubSub.framework/Versions/A/PubSub 0x94ac6000 - 0x94b3dfe3 com.apple.CFNetwork 221.5 (221.5) <5474cdd7d2a8b2e8059de249c702df9e> /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/CFNetwork.framework/Versions/A/CFNetwork 0x94b3e000 - 0x94b41fff com.apple.help 1.1 (36) <b507b08e484cb89033e9cf23062d77de> /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/Help.framework/Versions/A/Help 0x94b42000 - 0x94b49ffe libbsm.dylib ??? (???) <d25c63378a5029648ffd4b4669be31bf> /usr/lib/libbsm.dylib 0x94b4a000 - 0x94b50fff com.apple.print.framework.Print 218.0.2 (220.1) <8bf7ef71216376d12fcd5ec17e43742c> /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/Print.framework/Versions/A/Print 0x94b5e000 - 0x94b8dfe3 com.apple.AE 402.2 (402.2) <e01596187e91af5d48653920017b8c8e> /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/AE.framework/Versions/A/AE 0x94b8e000 - 0x94b92fff com.apple.OpenDirectory 10.5 (10.5) <e7e4507f5ecd8c8cdcdb2fc0675da0b4> /System/Library/PrivateFrameworks/OpenDirectory.framework/Versions/A/OpenDirectory 0x94b93000 - 0x94b98fff com.apple.backup.framework 1.0 (1.0) /System/Library/PrivateFrameworks/Backup.framework/Versions/A/Backup 0x94b99000 - 0x94bbdfeb libssl.0.9.7.dylib ??? (???) <acee7fc534674498dcac211318aa23e8> /usr/lib/libssl.0.9.7.dylib 0x94bbe000 - 0x94bdeff2 libGL.dylib ??? (???) /System/Library/Frameworks/OpenGL.framework/Versions/A/Libraries/libGL.dylib 0x94bdf000 - 0x94bfaffb libPng.dylib ??? (???) <b6abcac36ec7654ff3e1cfa786b0117b> /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ImageIO.framework/Versions/A/Resources/libPng.dylib 0x94bfb000 - 0x94cdcff7 libxml2.2.dylib ??? (???) <3cd4cccd4ca35dffa4688436aa0cd908> /usr/lib/libxml2.2.dylib 0x94d9b000 - 0x94ddafef libTIFF.dylib ??? (???) <6d0f80e9d4d81f3f64c876aca005bd53> /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ImageIO.framework/Versions/A/Resources/libTIFF.dylib 0x94ddb000 - 0x94f3aff3 libSystem.B.dylib ??? (???) <4899376234e55593b22fc370935f8cdf> /usr/lib/libSystem.B.dylib 0x94f3b000 - 0x94f40fff com.apple.CommonPanels 1.2.4 (85) <ea0665f57cd267609466ed8b2b20e893> /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/CommonPanels.framework/Versions/A/CommonPanels 0x95036000 - 0x9507afeb com.apple.DirectoryService.PasswordServerFramework 3.0.2 (3.0.2) <cded450287baf9b5de8856b540653322> /System/Library/PrivateFrameworks/PasswordServer.framework/Versions/A/PasswordServer 0x9507b000 - 0x9508cffe com.apple.CFOpenDirectory 10.5 (10.5) <6a7f55108d77db7384d0e2219d07e9f8> /System/Library/PrivateFrameworks/OpenDirectory.framework/Versions/A/Frameworks/CFOpenDirectory.framework/Versions/A/CFOpenDirectory 0x9508d000 - 0x95307fe7 com.apple.Foundation 6.5.4 (677.15) <6216196287f98a65ddb654d04d773e7b> /System/Library/Frameworks/Foundation.framework/Versions/C/Foundation 0x95308000 - 0x95365ffb libstdc++.6.dylib ??? (???) <04b812dcec670daa8b7d2852ab14be60> /usr/lib/libstdc++.6.dylib 0x95366000 - 0x953f9ff3 com.apple.ApplicationServices.ATS 3.2 (???) <cdf31bd0ac7de54a35ee2d27cf86b6be> /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ATS.framework/Versions/A/ATS 0x953fa000 - 0x95418fff libresolv.9.dylib ??? (???) <0629b6dcd71f4aac6a891cbe26253e85> /usr/lib/libresolv.9.dylib 0x95419000 - 0x95437ff3 com.apple.DirectoryService.Framework 3.5.1 (3.5.1) <96407dca4d6b1d10ae5ca1881e31b27a> /System/Library/Frameworks/DirectoryService.framework/Versions/A/DirectoryService 0x95438000 - 0x9544efe7 com.apple.CoreVideo 1.5.0 (1.5.0) <bad2d3a9a92fdecd02e64f0b73a76f27> /System/Library/Frameworks/CoreVideo.framework/Versions/A/CoreVideo 0x954f0000 - 0x95506fff com.apple.DictionaryServices 1.0.0 (1.0.0) <ad0aa0252e3323d182e17f50defe56fc> /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/DictionaryServices.framework/Versions/A/DictionaryServices 0x955d6000 - 0x95617fe7 libRIP.A.dylib ??? (???) <9d42e83d860433f9126c4871d1fe0ce8> /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/CoreGraphics.framework/Versions/A/Resources/libRIP.A.dylib 0x95618000 - 0x95750ff7 libicucore.A.dylib ??? (???) <afcea652ff2ec36885b2c81c57d06d4c> /usr/lib/libicucore.A.dylib 0x95925000 - 0x959b0fff com.apple.framework.IOKit 1.5.1 (???) <a17f9f5ea7e8016a467e67349f4d3d03> /System/Library/Frameworks/IOKit.framework/Versions/A/IOKit 0x95ae9000 - 0x95e7fff7 com.apple.QuartzCore 1.5.1 (1.5.1) <665c80f6e28555b303020c8007c36b8b> /System/Library/Frameworks/QuartzCore.framework/Versions/A/QuartzCore 0x95e80000 - 0x95f30fff edu.mit.Kerberos 6.0.12 (6.0.12) <3dd13466876a8fe4549cfc1354233ec3> /System/Library/Frameworks/Kerberos.framework/Versions/A/Kerberos 0x95f31000 - 0x95f38ff7 libCGATS.A.dylib ??? (???) <9b29a5500efe01cc3adea67bbc42568e> /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/CoreGraphics.framework/Versions/A/Resources/libCGATS.A.dylib 0x95f39000 - 0x95f45fe7 com.apple.opengl 1.5.6 (1.5.6) <d599b1bb0f8a8da6fd125e2587b27776> /System/Library/Frameworks/OpenGL.framework/Versions/A/OpenGL 0x95f46000 - 0x965dffff com.apple.CoreGraphics 1.351.21 (???) <6c93fd21149f389129fe47fa6ef71880> /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/CoreGraphics.framework/Versions/A/CoreGraphics 0x965e0000 - 0x965eafeb com.apple.audio.SoundManager 3.9.2 (3.9.2) <0f2ba6e891d3761212cf5a5e6134d683> /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/CarbonSound.framework/Versions/A/CarbonSound 0x966cb000 - 0x96785fe3 com.apple.CoreServices.OSServices 224.4 (224.4) <ff5007ab220908ac54b6c661e447d593> /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/OSServices.framework/Versions/A/OSServices 0x96786000 - 0x967d6ff7 com.apple.HIServices 1.7.0 (???) <f7e78891a6d08265c83dca8e378be1ea> /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/HIServices.framework/Versions/A/HIServices 0x967d7000 - 0x967d9fff com.apple.CrashReporterSupport 10.5.0 (156) <3088b785b10d03504ed02f3fee5d3aab> /System/Library/PrivateFrameworks/CrashReporterSupport.framework/Versions/A/CrashReporterSupport 0x967da000 - 0x967e9ffe com.apple.DSObjCWrappers.Framework 1.2.1 (1.2.1) <eac1c7b7c07ed3148c85934b6f656308> /System/Library/PrivateFrameworks/DSObjCWrappers.framework/Versions/A/DSObjCWrappers 0x967ea000 - 0x967eaff8 com.apple.Cocoa 6.5 (???) <e064f94d969ce25cb7de3cfb980c3249> /System/Library/Frameworks/Cocoa.framework/Versions/A/Cocoa 0x967eb000 - 0x96844ff7 libGLU.dylib ??? (???) /System/Library/Frameworks/OpenGL.framework/Versions/A/Libraries/libGLU.dylib 0x96ff1000 - 0x96ffafff com.apple.speech.recognition.framework 3.7.24 (3.7.24) <d3180f9edbd9a5e6f283d6156aa3c602> /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/SpeechRecognition.framework/Versions/A/SpeechRecognition 0x96ffb000 - 0x97026fe7 libauto.dylib ??? (???) <42d8422dc23a18071869fdf7b5d8fab5> /usr/lib/libauto.dylib 0x97027000 - 0x970eeff2 com.apple.vImage 3.0 (3.0) /System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vImage.framework/Versions/A/vImage 0x9711a000 - 0x971a3fe3 com.apple.DesktopServices 1.4.5 (1.4.5) <8b264cd6abbbd750928c637e1247269d> /System/Library/PrivateFrameworks/DesktopServicesPriv.framework/Versions/A/DesktopServicesPriv 0xfffe8000 - 0xfffebfff libobjc.A.dylib ??? (???) /usr/lib/libobjc.A.dylib 0xffff0000 - 0xffff1780 libSystem.B.dylib ??? (???) /usr/lib/libSystem.B.dylib

(In reply to comment #4) > This is the crashing stack trace, btw: I can see the value in including the backtrace in a comment rather than as an attachment (it facilitates searches), but please do not paste all threads and the Binary Images section (I am sure you are not using unsupported extensions :-) ). Thanks!

(In reply to comment #5) > (In reply to comment #4) > > This is the crashing stack trace, btw: > > I can see the value in including the backtrace in a comment rather than as an > attachment (it facilitates searches), but please do not paste all threads and > the Binary Images section (I am sure you are not using unsupported extensions > :-) ). Thanks! I'm still in favor of this approach (the whole backtrace). I find them easy to skip over (and most useful when pasted in their entirety). But I'll try not to paste more than 1 in future bugs.

Created attachment 21608 [details] Fix disconneted event listener crasher WebCore/ChangeLog | 19 +++++++++++++++++++ WebCore/dom/EventTarget.cpp | 12 ++++++++++++ WebCore/dom/EventTarget.h | 2 ++ WebCore/dom/EventTargetNode.cpp | 12 ++++++++++++ WebCore/dom/EventTargetNode.h | 2 ++ 5 files changed, 47 insertions(+), 0 deletions(-)

Comment on attachment 21608 [details] Fix disconneted event listener crasher r=me I'm not a fan of the pattern where EventTarget has methods that are really EventTargetNode-specific, but I guess it could be worse.