Bug 21182 - REGRESSION(r36982): Reproducible crash running fast/loader/frame-creation-removal.html
Summary: REGRESSION(r36982): Reproducible crash running fast/loader/frame-creation-rem...
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: New Bugs (show other bugs)
Version: 528+ (Nightly build)
Hardware: Mac OS X 10.5
: P1 Normal
Assignee: Nobody
URL:
Keywords: NeedsReduction, Regression
Depends on:
Blocks:
 
Reported: 2008-09-27 15:04 PDT by Mark Rowe (bdash)
Modified: 2008-09-27 15:18 PDT (History)
1 user (show)

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Mark Rowe (bdash) 2008-09-27 15:04:41 PDT
This was introduced by <http://trac.webkit.org/changeset/36982>.  See the second crash log entry in <http://build.webkit.org/results/trunk-mac-ppc-release/14838/DumpRenderTree.crash.log>:

Exception:  EXC_BAD_ACCESS (0x0001)
Codes:      KERN_PROTECTION_FAILURE (0x0002) at 0x00000000

Thread 0 Crashed:
0   com.apple.WebKit         	0x003d8db4 WebFrameLoaderClient::createFrame(WebCore::KURL const&, WebCore::String const&, WebCore::HTMLFrameOwnerElement*, WebCore::String const&, bool, int, int) + 372 (WebFrameLoaderClient.mm:1090)
1   com.apple.WebCore        	0x0119a97c WebCore::FrameLoader::loadSubframe(WebCore::HTMLFrameOwnerElement*, WebCore::KURL const&, WebCore::String const&, WebCore::String const&) + 396 (RefPtr.h:50)
2   com.apple.WebCore        	0x0119c31c WebCore::FrameLoader::requestFrame(WebCore::HTMLFrameOwnerElement*, WebCore::String const&, WebCore::AtomicString const&) + 876 (FrameLoader.cpp:445)
3   com.apple.WebCore        	0x011c7a54 WebCore::HTMLFrameElementBase::openURL() + 260 (HTMLFrameElementBase.cpp:106)
4   com.apple.WebCore        	0x011c7c48 WebCore::HTMLFrameElementBase::setNameAndOpenURL() + 440 (HTMLFrameElementBase.cpp:162)
5   com.apple.WebCore        	0x010a8374 WebCore::ContainerNode::dispatchPostAttachCallbacks() + 84 (ContainerNode.cpp:568)
6   com.apple.WebCore        	0x010a845c WebCore::ContainerNode::attach() + 140 (ContainerNode.cpp:588)
7   com.apple.WebCore        	0x01156a48 WebCore::Element::attach() + 40 (Element.cpp:662)
8   com.apple.WebCore        	0x011c7138 WebCore::HTMLFrameElementBase::attach() + 72 (Node.h:367)
9   com.apple.WebCore        	0x011cb948 WebCore::HTMLIFrameElement::attach() + 24 (Node.h:367)
10  com.apple.WebCore        	0x010a76c4 WebCore::ContainerNode::appendChild(WTF::PassRefPtr<WebCore::Node>, int&, bool) + 564 (ContainerNode.cpp:506)
11  com.apple.WebCore        	0x013038d0 WebCore::JSNode::appendChild(JSC::ExecState*, JSC::ArgList const&) + 128 (JSNodeCustom.cpp:102)
12  com.apple.JavaScriptCore 	0x002b7074 JSC::Machine::privateExecute(JSC::Machine::ExecutionFlag, JSC::ExecState*, JSC::RegisterFile*, JSC::Register*, JSC::ScopeChainNode*, JSC::JSValue**) + 39732 (Machine.cpp:3326)
Comment 1 Dave Hyatt 2008-09-27 15:18:30 PDT
Fixed in r37011.