20493 – Crash after OK in dialog box and reloading page in secure mode

Bug 20493 - Crash after OK in dialog box and reloading page in secure mode

Summary: Crash after OK in dialog box and reloading page in secure mode

Status:	RESOLVED FIXED

Alias:	None

Product:	WebKit
Classification:	Unclassified
Component:	Page Loading (show other bugs)
Version:	528+ (Nightly build)
Hardware:	Mac (PowerPC) Windows XP

Importance:	P1 Normal
Assignee:	Nobody

URL:	https://bankieren.rabobank.nl/
Keywords:	HasReduction, InRadar

Duplicates (1):	20492 (view as bug list)
Depends on:
Blocks:

Reported:	2008-08-23 02:26 PDT by Frank Eetgerink
Modified:	2008-09-06 16:33 PDT (History)
CC List:	4 users (show)

See Also:

Attachments
Reduction (274 bytes, text/html) 2008-08-25 19:58 PDT, Sam Weinig	no flags	Details
defer webcore timer when modal dialogs are up (1.67 KB, patch) 2008-08-27 11:54 PDT, Antti Koivisto	eric: review+	Details \| Formatted Diff \| Diff
lame limited loader only fix (4.46 KB, patch) 2008-09-06 16:14 PDT, Antti Koivisto	mitz: review+	Details \| Formatted Diff \| Diff
Show Obsolete (1) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Frank Eetgerink 2008-08-23 02:26:15 PDT

Process:         Safari [313]
Path:            /Applications/WebKit.app/Contents/MacOS/WebKit
Identifier:      org.webkit.nightly.WebKit
Version:         r35895 (35895)
Code Type:       PPC (Native)
Parent Process:  launchd [165]

Date/Time:       2008-08-23 11:18:43.821 +0200
OS Version:      Mac OS X 10.5.4 (9E17)
Report Version:  6

Exception Type:  EXC_BAD_ACCESS (SIGBUS)
Exception Codes: KERN_PROTECTION_FAILURE at 0x0000000000000028
Crashed Thread:  0

Thread 0 Crashed:
0   com.apple.WebCore             	0x0139f08c WebCore::Loader::Host::servePendingRequests(WTF::Deque<WebCore::Request*>&, bool&) + 60
1   com.apple.WebCore             	0x0139f824 WebCore::Loader::Host::servePendingRequests(WebCore::Loader::Priority) + 68
2   com.apple.WebCore             	0x013a03ec WebCore::Loader::Host::didFinishLoading(WebCore::SubresourceLoader*) + 396
3   com.apple.WebCore             	0x01333f9c WebCore::SubresourceLoader::didFinishLoading() + 92
4   com.apple.Foundation          	0x9219e748 _NSURLConnectionDidFinishLoading + 120
5   com.apple.CFNetwork           	0x94f56db4 sendDidFinishLoadingCallback + 196
6   com.apple.CFNetwork           	0x94f71d7c handleCacheResponseIsValid + 192
7   com.apple.CFNetwork           	0x94f53c44 _CFURLConnectionSendCallbacks + 1392
8   com.apple.CFNetwork           	0x94f53660 muxerSourcePerform + 188
9   com.apple.CoreFoundation      	0x90bdb370 CFRunLoopRunSpecific + 1308
10  com.apple.HIToolbox           	0x902ec72c RunCurrentEventLoopInMode + 264
11  com.apple.HIToolbox           	0x902ec550 ReceiveNextEventCommon + 412
12  com.apple.HIToolbox           	0x902ec390 BlockUntilNextEventMatchingListInMode + 84
13  com.apple.AppKit              	0x92b73058 _DPSNextEvent + 596
14  com.apple.AppKit              	0x92b72a10 -[NSApplication nextEventMatchingMask:untilDate:inMode:dequeue:] + 112
15  com.apple.Safari              	0x0000878c 0x1000 + 30604
16  com.apple.AppKit              	0x92b6c6cc -[NSApplication run] + 736
17  com.apple.AppKit              	0x92b3d0d0 NSApplicationMain + 440
18  com.apple.Safari              	0x000bdd30 0x1000 + 773424

Thread 1:
0   libSystem.B.dylib             	0x95ba2e4c __semwait_signal + 12
1   libSystem.B.dylib             	0x95bdfa00 _pthread_cond_wait + 1580
2   com.apple.WebCore             	0x0102937c WebCore::IconDatabase::syncThreadMainLoop() + 316
3   com.apple.WebCore             	0x01029564 WebCore::IconDatabase::iconDatabaseSyncThread() + 420
4   libSystem.B.dylib             	0x95bde658 _pthread_start + 316

Thread 2:
0   libSystem.B.dylib             	0x95b9c438 mach_msg_trap + 8
1   libSystem.B.dylib             	0x95ba335c mach_msg + 56
2   com.apple.CoreFoundation      	0x90bdb568 CFRunLoopRunSpecific + 1812
3   com.apple.CFNetwork           	0x94f4e988 CFURLCacheWorkerThread(void*) + 292
4   libSystem.B.dylib             	0x95bde658 _pthread_start + 316

Thread 3:
0   libSystem.B.dylib             	0x95b9c438 mach_msg_trap + 8
1   libSystem.B.dylib             	0x95ba335c mach_msg + 56
2   com.apple.CoreFoundation      	0x90bdb568 CFRunLoopRunSpecific + 1812
3   com.apple.Foundation          	0x9219cc6c +[NSURLConnection(NSURLConnectionReallyInternal) _resourceLoadLoop:] + 280
4   com.apple.Foundation          	0x92145dec __NSThread__main__ + 1004
5   libSystem.B.dylib             	0x95bde658 _pthread_start + 316

Thread 4:
0   libSystem.B.dylib             	0x95c00ae4 select$DARWIN_EXTSN + 12
1   com.apple.CoreFoundation      	0x90be69b0 __CFSocketManager + 764

Thread 5:
0   libSystem.B.dylib             	0x95ba2e48 __semwait_signal + 8
1   libSystem.B.dylib             	0x95ba2c5c nanosleep$UNIX2003 + 188
2   libSystem.B.dylib             	0x95ba2b8c usleep$UNIX2003 + 68
3   com.apple.AppKit              	0x92bcec04 -[NSUIHeartBeat _heartBeatThread:] + 1840
4   com.apple.Foundation          	0x92145dec __NSThread__main__ + 1004
5   libSystem.B.dylib             	0x95bde658 _pthread_start + 316

Thread 6:
0   libSystem.B.dylib             	0x95b9c438 mach_msg_trap + 8
1   libSystem.B.dylib             	0x95ba335c mach_msg + 56
2   com.apple.CoreFoundation      	0x90bdb568 CFRunLoopRunSpecific + 1812
3   com.apple.Foundation          	0x92173a44 -[NSRunLoop(NSRunLoop) runMode:beforeDate:] + 168
4   com.apple.Foundation          	0x9217e338 -[NSRunLoop(NSRunLoop) run] + 72
5   com.apple.Safari              	0x0005eba8 0x1000 + 383912
6   com.apple.Foundation          	0x92145dec __NSThread__main__ + 1004
7   libSystem.B.dylib             	0x95bde658 _pthread_start + 316

Thread 7:
0   libSystem.B.dylib             	0x95b9c438 mach_msg_trap + 8
1   libSystem.B.dylib             	0x95ba335c mach_msg + 56
2   ...romedia.Flash Player.plugin	0x09ca4440 native_ShockwaveFlash_TCallFrame + 2292768
3   libSystem.B.dylib             	0x95bde658 _pthread_start + 316

Thread 8:
0   libSystem.B.dylib             	0x95b9c4a8 semaphore_timedwait_trap + 8
1   ...ple.CoreServices.CarbonCore	0x91888be4 MPWaitOnSemaphore + 104
2   ...romedia.Flash Player.plugin	0x09a27768 Flash_EnforceLocalSecurity + 1192668
3   ...romedia.Flash Player.plugin	0x09b60a24 native_ShockwaveFlash_TCallFrame + 967172
4   ...romedia.Flash Player.plugin	0x09a275d8 Flash_EnforceLocalSecurity + 1192268
5   ...romedia.Flash Player.plugin	0x09a275a0 Flash_EnforceLocalSecurity + 1192212
6   ...ple.CoreServices.CarbonCore	0x918747d8 PrivateMPEntryPoint + 76
7   libSystem.B.dylib             	0x95bde658 _pthread_start + 316

Thread 0 crashed with PPC Thread State 32:
  srr0: 0x0139f08c  srr1: 0x0200f030   dar: 0x00000028 dsisr: 0x40000000
    r0: 0x00000000    r1: 0xbfffdb80    r2: 0x00000036    r3: 0x08a37460
    r4: 0x08a37474    r5: 0xbfffdd68    r6: 0x0000000c    r7: 0x00000018
    r8: 0x08a3747c    r9: 0x00000028   r10: 0x0000000a   r11: 0x00000000
   r12: 0x95b9d7d0   r13: 0x00000000   r14: 0xa01a8478   r15: 0x7fffffff
   r16: 0xffffffff   r17: 0x00000001   r18: 0x00000000   r19: 0xa0492e0c
   r20: 0xbfffed84   r21: 0xbfffe068   r22: 0x00000000   r23: 0xbfffdd68
   r24: 0x08a37460   r25: 0x08a37474   r26: 0x06d30200   r27: 0x00000000
   r28: 0x08a37460   r29: 0x00000000   r30: 0x08a37464   r31: 0x0139f060
    cr: 0x44044204   xer: 0x20000000    lr: 0x0139f060   ctr: 0x95b9d7d0
vrsave: 0xfff00fff

Binary Images:
    0x1000 -   0x13dfff  com.apple.Safari 3.1.2 (5525.20.1) <17f263c76ef2d5167ef6d7067261d2f5> /Applications/Safari.app/Contents/MacOS/Safari
  0x182000 -   0x183fff +WebKitNightlyEnabler.dylib ??? (???) <ac14d80070d217aa3977201305579e8d> /Applications/WebKit.app/Contents/Resources/WebKitNightlyEnabler.dylib
  0x187000 -   0x258ff7  com.apple.WebKit r35895 (528.2+) <ad99242ca9382e86ef6e046bf8cbba21> /Applications/WebKit.app/Contents/Frameworks/10.5/WebKit.framework/Versions/A/WebKit
  0x2e2000 -   0x2f1ffc  SyndicationUI ??? (???) <fc04edfeb23291b9da72e772514e418f> /System/Library/PrivateFrameworks/SyndicationUI.framework/Versions/A/SyndicationUI
  0x301000 -   0x3f6fff  com.apple.JavaScriptCore 528+ (528.2+) <cf4594d4587891ebfbaed9cdace455b9> /Applications/WebKit.app/Contents/Frameworks/10.5/JavaScriptCore.framework/Versions/A/JavaScriptCore
  0xd5a000 -  0x15d8ffb  com.apple.WebCore 528+ (528.2+) <5c2826664ae1f6bf1233c6b80f10eba0> /Applications/WebKit.app/Contents/Frameworks/10.5/WebCore.framework/Versions/A/WebCore
 0x1ab4000 -  0x1baeff3  com.apple.RawCamera.bundle 2.0.8 (2.0.8) <301197bb19c83780749805b978095825> /System/Library/CoreServices/RawCamera.bundle/Contents/MacOS/RawCamera
 0x1be4000 -  0x1beafff  libCGXCoreImage.A.dylib ??? (???) <f0ef1c03fbcd8f529485bbebe5fb5ea7> /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/CoreGraphics.framework/Versions/A/Resources/libCGXCoreImage.A.dylib
 0x4e1d000 -  0x4e1effb  ATSHI.dylib ??? (???) /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ATS.framework/Versions/A/Resources/ATSHI.dylib
 0x53e0000 -  0x53e1ffc  com.apple.JavaPluginCocoa 12.0.0 (12.0.0) <0118f511530fa8d4fa6a0ee7ed9ca6f9> /Library/Internet Plug-Ins/JavaPluginCocoa.bundle/Contents/MacOS/JavaPluginCocoa
 0x53e6000 -  0x53edfff  com.apple.JavaVM 12.0.2 (12.0.2) <7a7d795d9c93b302a8a2b838bcb6a914> /System/Library/Frameworks/JavaVM.framework/Versions/A/JavaVM
 0x9900000 -  0x9d1ffef +com.macromedia.Flash Player.plugin 9.0.124 (1.0.4f60) /Library/Internet Plug-Ins/Flash Player.plugin/Contents/MacOS/Flash Player
0x8fe00000 - 0x8fe30b23  dyld 96.2 (???) <39109181acbf30fed542e6c9abcf1798> /usr/lib/dyld
0x90003000 - 0x90049ff9  com.apple.securityinterface 3.0 (32532) <82a438eff282dd1dc1f803dfd91b5f38> /System/Library/Frameworks/SecurityInterface.framework/Versions/A/SecurityInterface
0x9004a000 - 0x900a6ffb  com.apple.HIServices 1.7.0 (???) <48d200891cc9dd795ee547d526c6a45b> /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/HIServices.framework/Versions/A/HIServices
0x900a7000 - 0x90131fff  libvMisc.dylib ??? (???) /System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vecLib.framework/Versions/A/libvMisc.dylib
0x90132000 - 0x901c6ff7  com.apple.framework.IOKit 1.5.1 (???) <c1d6fa5eb7372b90ca4fea8910170152> /System/Library/Frameworks/IOKit.framework/Versions/A/IOKit
0x901c7000 - 0x901d2ffb  libgcc_s.1.dylib ??? (???) <ea47fd375407f162c76d14d64ba246cd> /usr/lib/libgcc_s.1.dylib
0x902a1000 - 0x902a2ff8  com.apple.ApplicationServices 34 (34) <6aa5ee485bb2e656531b3505932b845f> /System/Library/Frameworks/ApplicationServices.framework/Versions/A/ApplicationServices
0x902a3000 - 0x902baffb  com.apple.ImageCapture 4.0 (5.0.0) /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/ImageCapture.framework/Versions/A/ImageCapture
0x902bb000 - 0x905f4feb  com.apple.HIToolbox 1.5.3 (???) <1f08f0263f6037c253e6cfbe69cfc5a0> /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/HIToolbox.framework/Versions/A/HIToolbox
0x9063a000 - 0x90641ffb  com.apple.print.framework.Print 218.0.2 (220.1) <c7e0e618d5867ae227403ae385aacd82> /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/Print.framework/Versions/A/Print
0x90642000 - 0x90651fff  com.apple.DSObjCWrappers.Framework 1.2.1 (1.2.1) <651e2b4d7e19d43f520829f76216f2c2> /System/Library/PrivateFrameworks/DSObjCWrappers.framework/Versions/A/DSObjCWrappers
0x90678000 - 0x906a2ff7  libssl.0.9.7.dylib ??? (???) <96a900022cb333091411b0e42eeeb2d6> /usr/lib/libssl.0.9.7.dylib
0x906a3000 - 0x907ebffb  libicucore.A.dylib ??? (???) <dd2fd169aa328f6e97a1d700e5846866> /usr/lib/libicucore.A.dylib
0x90851000 - 0x9096fff7  com.apple.audio.toolbox.AudioToolbox 1.5.1 (1.5.1) /System/Library/Frameworks/AudioToolbox.framework/Versions/A/AudioToolbox
0x90970000 - 0x909a1fff  com.apple.coreui 1.1 (61) /System/Library/PrivateFrameworks/CoreUI.framework/Versions/A/CoreUI
0x909a2000 - 0x909bdffb  libPng.dylib ??? (???) <a0a5ce98fa9fe98fe190c99a3dbbdfa0> /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ImageIO.framework/Versions/A/Resources/libPng.dylib
0x909be000 - 0x909e7ffb  com.apple.shortcut 1 (1.0) <032016a45147a2f3f191ce70187587c9> /System/Library/PrivateFrameworks/Shortcut.framework/Versions/A/Shortcut
0x909e8000 - 0x909ebffb  com.apple.securityhi 3.0 (30817) <e50c0cac9048f8923b95797753d50b5c> /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/SecurityHI.framework/Versions/A/SecurityHI
0x90a2f000 - 0x90a37fff  libbsm.dylib ??? (???) <c1fca3cbe3b1c21e9b31bc89b920f34c> /usr/lib/libbsm.dylib
0x90a38000 - 0x90ae8fff  com.apple.QD 3.11.52 (???) <f33191c288897dd4d2e2c4b87bcc09b4> /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/QD.framework/Versions/A/QD
0x90b72000 - 0x90c97ffb  com.apple.CoreFoundation 6.5.3 (476.14) <56add4656a227fa699f8aa1427b369d9> /System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation
0x90cd9000 - 0x90ce6ffb  com.apple.opengl 1.5.6 (1.5.6) <9f2c6a226837dae46ced8b28e195210c> /System/Library/Frameworks/OpenGL.framework/Versions/A/OpenGL
0x90ce7000 - 0x90d2efff  com.apple.NavigationServices 3.5.2 (163) <cb063c95a55ba12994a64c7e47f5706a> /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/NavigationServices.framework/Versions/A/NavigationServices
0x90d2f000 - 0x90d35ffb  com.apple.backup.framework 1.0 (1.0) /System/Library/PrivateFrameworks/Backup.framework/Versions/A/Backup
0x90d55000 - 0x90deefc3  libvDSP.dylib ??? (???) /System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vecLib.framework/Versions/A/libvDSP.dylib
0x90def000 - 0x90e28fff  com.apple.SystemConfiguration 1.9.2 (1.9.2) <1a39075165bf7447fe8be1e93db49346> /System/Library/Frameworks/SystemConfiguration.framework/Versions/A/SystemConfiguration
0x90e29000 - 0x90e6affb  libTIFF.dylib ??? (???) <0d0a3107d26786c3708e6a511d5acec9> /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ImageIO.framework/Versions/A/Resources/libTIFF.dylib
0x90e6b000 - 0x90f01fff  com.apple.LaunchServices 289.2 (289.2) <67191ba4de2d3d14be9b4bbddd4fe0a6> /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/LaunchServices.framework/Versions/A/LaunchServices
0x90f48000 - 0x90f54ff3  com.apple.audio.SoundManager 3.9.2 (3.9.2) <79588842bcaf6c747a95b2120304397a> /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/CarbonSound.framework/Versions/A/CarbonSound
0x90f55000 - 0x90f74fff  libresolv.9.dylib ??? (???) <181fb3defd2942f00201507cfa4efdb5> /usr/lib/libresolv.9.dylib
0x91657000 - 0x9165afff  com.apple.help 1.1 (36) <7106d6e074a3b9835ebf1e6cc6c822ce> /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/Help.framework/Versions/A/Help
0x9165b000 - 0x916aaff7  libGLImage.dylib ??? (???) <dba44404ea3684df4f23df5e8e5430c3> /System/Library/Frameworks/OpenGL.framework/Versions/A/Libraries/libGLImage.dylib
0x916ab000 - 0x91770ffb  com.apple.CoreData 100.1 (186) <9cf54cb19b18e53ee22edb7ababa6e6c> /System/Library/Frameworks/CoreData.framework/Versions/A/CoreData
0x91771000 - 0x9182bfff  libcrypto.0.9.7.dylib ??? (???) <29883b10f7a6ac2dd91addabf60e0ff8> /usr/lib/libcrypto.0.9.7.dylib
0x9182c000 - 0x91b2dffb  com.apple.CoreServices.CarbonCore 786.6 (786.6) <d2ae460a0de15ca950ac723616666507> /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/CarbonCore.framework/Versions/A/CarbonCore
0x91b2e000 - 0x91b4dfff  com.apple.vecLib 3.4.2 (vecLib 3.4.2) /System/Library/Frameworks/vecLib.framework/Versions/A/vecLib
0x91b80000 - 0x91b80ff8  com.apple.Cocoa 6.5 (???) <e9a4f1c636d00893db0494c4040176ba> /System/Library/Frameworks/Cocoa.framework/Versions/A/Cocoa
0x91b81000 - 0x9213bfff  libBLAS.dylib ??? (???) /System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vecLib.framework/Versions/A/libBLAS.dylib
0x9213c000 - 0x92381ffb  com.apple.Foundation 6.5.5 (677.19) <1667218c075b6e69728c5c2dd9ff6065> /System/Library/Frameworks/Foundation.framework/Versions/C/Foundation
0x92382000 - 0x924eeff9  com.apple.AddressBook.framework 4.1.1 (695) <c2da7479f17eecd7a1efd7250afb0aef> /System/Library/Frameworks/AddressBook.framework/Versions/A/AddressBook
0x924ef000 - 0x92a66ff3  com.apple.CoreGraphics 1.351.32 (???) <9f74f6f37d389945b10af033ae035ee5> /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/CoreGraphics.framework/Versions/A/CoreGraphics
0x92a67000 - 0x92a67fff  com.apple.Accelerate 1.4.2 (Accelerate 1.4.2) /System/Library/Frameworks/Accelerate.framework/Versions/A/Accelerate
0x92b37000 - 0x932acfff  com.apple.AppKit 6.5.3 (949.33) <1144a07dd55895f89e44adf80cc151d9> /System/Library/Frameworks/AppKit.framework/Versions/C/AppKit
0x933a4000 - 0x933b2fff  libz.1.dylib ??? (???) <1a70dd3594a8c5ad39d785af5da23237> /usr/lib/libz.1.dylib
0x933b3000 - 0x933f0fff  libRIP.A.dylib ??? (???) <5f21492caab359881ef01076fee5f016> /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/CoreGraphics.framework/Versions/A/Resources/libRIP.A.dylib
0x9349f000 - 0x93588fff  libxml2.2.dylib ??? (???) <6bf1a24e68615e0edf843988f5a0a1f4> /usr/lib/libxml2.2.dylib
0x93589000 - 0x93589ffa  com.apple.CoreServices 32 (32) <42b6dda539f7411606187335d9eae0c5> /System/Library/Frameworks/CoreServices.framework/Versions/A/CoreServices
0x93672000 - 0x936a7fff  com.apple.AE 402.2 (402.2) <0b15a08da8ec38b74fb9dd6e579ed25f> /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/AE.framework/Versions/A/AE
0x936a8000 - 0x936c0ffb  com.apple.DictionaryServices 1.0.0 (1.0.0) <fe37191e732eeb66189185cd000a210b> /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/DictionaryServices.framework/Versions/A/DictionaryServices
0x936c1000 - 0x936ffff7  libtidy.A.dylib ??? (???) <aec2c15110f29e8461160b4fa0a1fbbe> /usr/lib/libtidy.A.dylib
0x93700000 - 0x93760fff  com.apple.CoreText 2.0.2 (???) <e5940fddbca517f29b8865c9b02ddff0> /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/CoreText.framework/Versions/A/CoreText
0x93761000 - 0x93768fff  com.apple.CommonPanels 1.2.4 (85) <0d1256175c5512c911ede094d767acfe> /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/CommonPanels.framework/Versions/A/CommonPanels
0x93769000 - 0x9376afff  libffi.dylib ??? (???) <11b77dbce4aa0f0b66d40014230abd1d> /usr/lib/libffi.dylib
0x94621000 - 0x9463dffb  com.apple.openscripting 1.2.8 (???) <cc6a91ad44b9d013d03b9977a1459bd5> /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/OpenScripting.framework/Versions/A/OpenScripting
0x9465b000 - 0x946b1fff  libGLU.dylib ??? (???) /System/Library/Frameworks/OpenGL.framework/Versions/A/Libraries/libGLU.dylib
0x946b2000 - 0x94719ffb  libstdc++.6.dylib ??? (???) <a4e9b10268b3ffac26d0296499b24e8e> /usr/lib/libstdc++.6.dylib
0x9471a000 - 0x9471effe  libGIF.dylib ??? (???) <d6e2a570359313a39c6783c2ecfee608> /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ImageIO.framework/Versions/A/Resources/libGIF.dylib
0x9471f000 - 0x9475cffe  com.apple.securityfoundation 3.0 (32989) <ad2dd4c797fa2ba4c656f82936f9fb83> /System/Library/Frameworks/SecurityFoundation.framework/Versions/A/SecurityFoundation
0x9475d000 - 0x94776ffb  com.apple.CoreVideo 1.5.1 (1.5.1) <9b726d9ba75efbaccaed1d34e2f71ea0> /System/Library/Frameworks/CoreVideo.framework/Versions/A/CoreVideo
0x94777000 - 0x94782fff  com.apple.speech.recognition.framework 3.7.24 (3.7.24) <ae3dc890a43a9269388301f6b59d3091> /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/SpeechRecognition.framework/Versions/A/SpeechRecognition
0x94783000 - 0x94ae1ff2  com.apple.QuartzCore 1.5.3 (1.5.3) <c410b1f89e67d41c3d06eac1790b500c> /System/Library/Frameworks/QuartzCore.framework/Versions/A/QuartzCore
0x94ae2000 - 0x94b08fff  libcups.2.dylib ??? (???) <faed280b72f625b591ae0506cb142367> /usr/lib/libcups.2.dylib
0x94b09000 - 0x94b91fff  com.apple.ink.framework 101.3 (86) <66a99ad6bc695390a66dd24789e23dcc> /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/Ink.framework/Versions/A/Ink
0x94b92000 - 0x94d78ffb  com.apple.security 5.0.4 (34102) <9a5739b5b522f963b320fd71581b9cf5> /System/Library/Frameworks/Security.framework/Versions/A/Security
0x94d79000 - 0x94d7bfff  com.apple.CrashReporterSupport 10.5.0 (156) <906c8d99acdeb122551a99cd930bf32f> /System/Library/PrivateFrameworks/CrashReporterSupport.framework/Versions/A/CrashReporterSupport
0x94ea8000 - 0x94f0dffb  com.apple.ISSupport 1.7 (38) /System/Library/PrivateFrameworks/ISSupport.framework/Versions/A/ISSupport
0x94f0e000 - 0x94f43ffb  com.apple.LDAPFramework 1.4.3 (106) <d9a3a16b2d468683b68f714d11196d7b> /System/Library/Frameworks/LDAP.framework/Versions/A/LDAP
0x94f44000 - 0x94fc8ffd  com.apple.CFNetwork 330.4 (330.4) <6e1a01b50c14cf720e067ea018c4e4ad> /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/CFNetwork.framework/Versions/A/CFNetwork
0x94fc9000 - 0x95098fff  com.apple.ColorSync 4.5.0 (4.5.0) /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ColorSync.framework/Versions/A/ColorSync
0x95099000 - 0x950c4ff7  libauto.dylib ??? (???) <b3a3a4b0f09653bd6d58f1847922b533> /usr/lib/libauto.dylib
0x950c5000 - 0x95140fff  com.apple.SearchKit 1.2.0 (1.2.0) <1b448fbae02460eae76ee1c6883f45d6> /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/SearchKit.framework/Versions/A/SearchKit
0x953be000 - 0x953cbfff  libCSync.A.dylib ??? (???) <78f215768036cfce737f00116252c626> /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/CoreGraphics.framework/Versions/A/Resources/libCSync.A.dylib
0x953d8000 - 0x95488fff  edu.mit.Kerberos 6.0.12 (6.0.12) <5cf1a9c1d7e526bb9b084013a1722d08> /System/Library/Frameworks/Kerberos.framework/Versions/A/Kerberos
0x95631000 - 0x95651ff7  libJPEG.dylib ??? (???) <92341083256fbcd28888a179ebf941ef> /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ImageIO.framework/Versions/A/Resources/libJPEG.dylib
0x95652000 - 0x95665fff  com.apple.LangAnalysis 1.6.4 (1.6.4) <f12db38b92cbf96b024206698434d14d> /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/LangAnalysis.framework/Versions/A/LangAnalysis
0x95666000 - 0x956ebfff  libsqlite3.0.dylib ??? (???) <f2a33fe2663eab9c7f4806d2cf05b4ee> /usr/lib/libsqlite3.0.dylib
0x956ec000 - 0x95800ffa  com.apple.vImage 3.0 (3.0) /System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vImage.framework/Versions/A/vImage
0x95801000 - 0x9581cff3  com.apple.DirectoryService.Framework 3.5.4 (3.5.4) <d69161954145cf745b51ae31e0961077> /System/Library/Frameworks/DirectoryService.framework/Versions/A/DirectoryService
0x958e0000 - 0x959c3feb  libobjc.A.dylib ??? (???) <23a407d7dac6090562827e97bac3cb86> /usr/lib/libobjc.A.dylib
0x959c4000 - 0x959d4fff  libsasl2.2.dylib ??? (???) <18935d5e775962f4728b91189b092d45> /usr/lib/libsasl2.2.dylib
0x95a40000 - 0x95b4efff  com.apple.PubSub 1.0.3 (65.1.1) /System/Library/Frameworks/PubSub.framework/Versions/A/PubSub
0x95b4f000 - 0x95b9affb  com.apple.Metadata 10.5.2 (398.18) <787e741e6b0c0b59f9b9c42a016672cb> /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/Metadata.framework/Versions/A/Metadata
0x95b9b000 - 0x95d34fe3  libSystem.B.dylib ??? (???) <787ea59c19201d04a507b13d2bb3f9ac> /usr/lib/libSystem.B.dylib
0x95d35000 - 0x95d48ffb  com.apple.speech.synthesis.framework 3.7.1 (3.7.1) <dc8dac074f4d19175c5613b35aa529b3> /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/SpeechSynthesis.framework/Versions/A/SpeechSynthesis
0x95d49000 - 0x95de3ffb  com.apple.ApplicationServices.ATS 3.3 (???) <5c97f539ba68e1143929cd89db390d20> /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ATS.framework/Versions/A/ATS
0x95de4000 - 0x95f2effb  com.apple.ImageIO.framework 2.0.2 (2.0.2) <20c50c4b4d09a4cf69fb8732e3d79081> /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ImageIO.framework/Versions/A/ImageIO
0x95f2f000 - 0x95fb6ffb  com.apple.audio.CoreAudio 3.1.0 (3.1) <880a5a35ef1c5158271ee4b305b35626> /System/Library/Frameworks/CoreAudio.framework/Versions/A/CoreAudio
0x95fb7000 - 0x95fb9ffd  libRadiance.dylib ??? (???) <3d70fcb7557347829c96c9753074b3f1> /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ImageIO.framework/Versions/A/Resources/libRadiance.dylib
0x95fba000 - 0x95fbafff  com.apple.audio.units.AudioUnit 1.5 (1.5) /System/Library/Frameworks/AudioUnit.framework/Versions/A/AudioUnit
0x95fbb000 - 0x963f0ffa  libGLProgrammability.dylib ??? (???) <f032e07d587794af4d4ba1b7dc7b4fd2> /System/Library/Frameworks/OpenGL.framework/Versions/A/Libraries/libGLProgrammability.dylib
0x963f1000 - 0x963f6ff6  libmathCommon.A.dylib ??? (???) /usr/lib/system/libmathCommon.A.dylib
0x963f7000 - 0x9641bffb  libGL.dylib ??? (???) /System/Library/Frameworks/OpenGL.framework/Versions/A/Libraries/libGL.dylib
0x9641c000 - 0x96425fff  com.apple.DiskArbitration 2.2.1 (2.2.1) <a389b4c2badce39540f24402f7df35e7> /System/Library/Frameworks/DiskArbitration.framework/Versions/A/DiskArbitration
0x96426000 - 0x9644dfff  libxslt.1.dylib ??? (???) <3700d04090629deddb436aa2d516c56d> /usr/lib/libxslt.1.dylib
0x9644e000 - 0x96456ffb  libCGATS.A.dylib ??? (???) <367c4beab293fb4e93202bd1d3339fe6> /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/CoreGraphics.framework/Versions/A/Resources/libCGATS.A.dylib
0x96457000 - 0x96467ffb  com.apple.agl 3.0.9 (AGL-3.0.9) <ab2f91cfb4e503d2516df44852c35e81> /System/Library/Frameworks/AGL.framework/Versions/A/AGL
0x964b9000 - 0x967e6ffb  com.apple.QuickTime 7.5.0 (861) <62b9ecae4fb583bf9e989f526f6f8014> /System/Library/Frameworks/QuickTime.framework/Versions/A/QuickTime
0x96816000 - 0x96878ffb  com.apple.htmlrendering 68 (1.1.3) <e852db1c007de975fae2f0c2769c88ef> /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/HTMLRendering.framework/Versions/A/HTMLRendering
0x96879000 - 0x96884ff9  com.apple.helpdata 1.0 (14) /System/Library/PrivateFrameworks/HelpData.framework/Versions/A/HelpData
0x96885000 - 0x96958fff  com.apple.CoreServices.OSServices 226.5 (226.5) <50a4f7fe2d6078971f9ef6fc88cc5d2b> /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/OSServices.framework/Versions/A/OSServices
0x96959000 - 0x96c82fe7  libLAPACK.dylib ??? (???) /System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vecLib.framework/Versions/A/libLAPACK.dylib
0x96c83000 - 0x96d12ffb  com.apple.DesktopServices 1.4.6 (1.4.6) <58211b14d8d8dd52cb249711dc42c52d> /System/Library/PrivateFrameworks/DesktopServicesPriv.framework/Versions/A/DesktopServicesPriv
0x96dcb000 - 0x96dcbfff  com.apple.Carbon 136 (136) <6a6a209ec9179368db7ead8382b8ee63> /System/Library/Frameworks/Carbon.framework/Versions/A/Carbon
0x96dcc000 - 0x96e4dfff  com.apple.print.framework.PrintCore 5.5.3 (245.3) <032f772f8169945c1d1b524d96edcef6> /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/PrintCore.framework/Versions/A/PrintCore
0x96e4e000 - 0x96e6dfff  com.apple.Accelerate.vecLib 3.4.2 (vecLib 3.4.2) /System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vecLib.framework/Versions/A/vecLib
0x96fba000 - 0x96fbaffb  com.apple.installserver.framework 1.0 (8) /System/Library/PrivateFrameworks/InstallServer.framework/Versions/A/InstallServer
0xba900000 - 0xba917ffe  libJapaneseConverter.dylib ??? (???) <dc8f48ea3439e971b6ec6b51c5b7160a> /System/Library/CoreServices/Encodings/libJapaneseConverter.dylib
0xfffec000 - 0xfffeffff  libobjc.A.dylib ??? (???) /usr/lib/libobjc.A.dylib
0xffff8000 - 0xffff9703  libSystem.B.dylib ??? (???) /usr/lib/libSystem.B.dylib

Comment 1 Matt Lilek 2008-08-23 18:52:46 PDT

*** Bug 20492 has been marked as a duplicate of this bug. ***

Comment 2 Matt Lilek 2008-08-23 18:53:48 PDT

From bug 20492:
Within a secure session with my bank (rabobank, netherlands) Webkit crashes
after a payment is done, and a popup apears saying the transaction was
succesful. When clicking OK the pop-up disapears. After a few seconds the
colourful wheel starts turning and the browser evetually crashes.

Comment 3 Matt Lilek 2008-08-23 18:54:45 PDT

Frank, does this crash on any other sites or can you provide steps to make this crash that don't require an account at Rabobank?

Comment 4 Frank Eetgerink 2008-08-24 23:54:10 PDT

I can not repeat the crash on other sites. It does occur always on the same moment in the payment proces. I contacted the bank and found out they have not received any problem with this. The webkit version is not supported.
When I use Firefox (3.01, scripts enabled) after the OK dialog I get the same page but it does not seem to be reloaded. Webkit wants to reload the page en gets stuck in this proces of reloading and then crashes.
Hope this helps.
Frank

Comment 5 Sam Weinig 2008-08-25 19:58:41 PDT

Created attachment 22989 [details]
Reduction

Comment 6 Antti Koivisto 2008-08-26 09:50:02 PDT

The problem is that the dialog popup causes a timer to run synchronously and that timer deletes the current host. Evil.

#0        0x03854e4a in WebCore::Loader::Host::~Host at loader.cpp:188
#1        0x038554bc in WebCore::Loader::servePendingRequests at loader.cpp:153
#2        0x0385552b in WebCore::Loader::requestTimerFired at loader.cpp:136
#3        0x0385b84d in WebCore::Timer<WebCore::Loader>::fired at Timer.h:99
#4        0x037e6692 in WebCore::TimerBase::fireTimers at Timer.cpp:347
#5        0x037e673a in WebCore::TimerBase::sharedTimerFired at Timer.cpp:368
#6        0x037bf8e2 in timerFired at SharedTimerMac.mm:84
#7        0x96e2eb45 in CFRunLoopRunSpecific
#8        0x96e2ecf8 in CFRunLoopRunInMode
#9        0x951ffda4 in RunCurrentEventLoopInMode
#10        0x951ffbbd in ReceiveNextEventCommon
#11        0x951ffa31 in BlockUntilNextEventMatchingListInMode
#12        0x91868505 in _DPSNextEvent
#13        0x91867db8 in -[NSApplication nextEventMatchingMask:untilDate:inMode:dequeue:]
#14        0x00024525 in -[BrowserApplication nextEventMatchingMask:untilDate:inMode:dequeue:] at BrowserApplication.m:188
#15        0x91aa4e77 in -[NSApplication _realDoModalLoop:peek:]
#16        0x91a9f5b5 in -[NSApplication runModalForWindow:]
#17        0x91bd46a8 in _NXDoLocalRunAlertPanel
#18        0x91bd42a5 in NSRunAlertPanel
#19        0x000fefef in -[BrowserWebView webView:runJavaScriptAlertPanelWithMessage:initiatedByFrame:] at BrowserWebView.m:1162
#20        0x00392790 in CallDelegate at WebView.mm:4547
#21        0x00392813 in CallUIDelegate at WebView.mm:4800
#22        0x0030a3f0 in WebChromeClient::runJavaScriptAlert at WebChromeClient.mm:331
#23        0x0322ea39 in WebCore::Chrome::runJavaScriptAlert at Chrome.cpp:236
#24        0x032fb493 in WebCore::DOMWindow::alert at DOMWindow.cpp:474
#25        0x034ee2c0 in WebCore::jsDOMWindowPrototypeFunctionAlert at JSDOMWindow.cpp:2718
#26        0x0065ee87 in KJS::Machine::privateExecute at Machine.cpp:2489
#27        0x00660f1c in KJS::Machine::execute at Machine.cpp:856
#28        0x005bf137 in KJS::JSFunction::call at JSFunction.cpp:67
#29        0x005bf1d3 in KJS::call at CallData.cpp:39
#30        0x0384b103 in WebCore::JSAbstractEventListener::handleEvent at JSEventListener.cpp:92
#31        0x0338fd79 in WebCore::EventTarget::handleLocalEvents at EventTarget.cpp:338
#32        0x03390eb2 in WebCore::EventTargetNode::handleLocalEvents at EventTargetNode.cpp:118
#33        0x0339039f in WebCore::EventTarget::dispatchGenericEvent at EventTarget.cpp:224
#34        0x0339308a in WebCore::EventTargetNode::dispatchWindowEvent at EventTargetNode.cpp:176
#35        0x03330723 in WebCore::Document::implicitClose at Document.cpp:1556
#36        0x033d21b4 in WebCore::FrameLoader::checkCallImplicitClose at FrameLoader.cpp:1336
#37        0x033de7da in WebCore::FrameLoader::checkCompleted at FrameLoader.cpp:1288
#38        0x033de92d in WebCore::FrameLoader::loadDone at FrameLoader.cpp:1255
#39        0x03324665 in WebCore::DocLoader::setLoadInProgress at DocLoader.cpp:261
#40        0x03855bf1 in WebCore::Loader::Host::didFinishLoading at loader.cpp:283
#41        0x037cf55b in WebCore::SubresourceLoader::didFinishLoading at SubresourceLoader.cpp:193

Comment 7 Antti Koivisto 2008-08-27 11:54:49 PDT

Created attachment 23034 [details]
defer webcore timer when modal dialogs are up

This seems like the correct general fix to whole class of problems. I just wonder if there is some reason why it has not been done before?

Comment 8 Eric Seidel (no email) 2008-08-27 15:39:22 PDT

Comment on attachment 23034 [details]
defer webcore timer when modal dialogs are up

Makes sense to me.  I can't claim to be an expert in this code though, so if you need a more detailed review, you should ask another reviewer for a second look.

Comment 9 Antti Koivisto 2008-08-27 17:00:41 PDT

Sending        WebCore/ChangeLog
Sending        WebCore/page/Chrome.cpp
Transmitting file data ..
Committed revision 35953.

Comment 10 Antti Koivisto 2008-08-27 18:04:49 PDT

This still crashes on Windows due to some timer magic. Reopening...

Comment 11 Antti Koivisto 2008-08-27 18:59:52 PDT

Correction, it actually fixes Windows too.

Comment 12 mitz 2008-08-27 22:52:21 PDT

Reopening. While the patch fixes the crash on Mac, it is still possible to reproduce it on Windows, because timers are not completely stopped. Moreover, stopping timers on Windows creates other problems, since Safari expects certain WebCore timers are expected to keep firing in during a modal session.

Comment 13 Darin Adler 2008-08-28 11:07:46 PDT

Why is it safe to call set setDeferringTimers(false)? Is there a guarantee we weren't already deferring timers when this code was called?

Comment 14 mitz 2008-08-28 11:10:55 PDT

(In reply to comment #13)
> Why is it safe to call set setDeferringTimers(false)? Is there a guarantee we
> weren't already deferring timers when this code was called?

This was fixed in the version of the patch that was checked in: <http://trac.webkit.org/changeset/35953>. However the patch was still wrong.

Comment 15 Frank Eetgerink 2008-09-01 23:10:55 PDT

Thanks, MY part of the problem has been solved. Great work.
Frank

Comment 16 Alice Liu 2008-09-05 17:08:25 PDT

I can confirm that this patch is causing other timer-related problems on Windows.  http://random.pavlov.net/membuster/index.html calls window.open every 3 seconds, and this patch causes the windows to stop opening, reproducibly.  Firing a JS alert and dismissing the alert causes timers to start working again, and the windows resume opening.  This was on Vista; I haven't tried any other platform.

Comment 17 mitz 2008-09-05 22:58:10 PDT

<rdar://problem/6201644>

Comment 18 Antti Koivisto 2008-09-06 16:14:50 PDT

Created attachment 23221 [details]
lame limited loader only fix

I will also revert the timer patch when this lands.

Comment 19 mitz 2008-09-06 16:19:01 PDT

Comment on attachment 23221 [details]
lame limited loader only fix

r=me

Please add the radar URL to the change log.

Comment 20 Antti Koivisto 2008-09-06 16:33:53 PDT

Sending        WebCore/ChangeLog
Sending        WebCore/loader/loader.cpp
Sending        WebCore/loader/loader.h
Transmitting file data ...
Committed revision 36132.

Previous patch reverted

Sending        WebCore/ChangeLog
Sending        WebCore/page/Chrome.cpp
Transmitting file data ..
Committed revision 36133.