Launch gdb-safari, run svg/custom/use-instanceRoot-as-event-target.xhtml and open svg/custom/use-instanceRoot-event-bubbling.xhtml afterwards in Safari. Close the window. Crash unrelated to SVG, appears: Program received signal EXC_BAD_ACCESS, Could not access memory. Reason: KERN_PROTECTION_FAILURE at address: 0x00000000 0x00000000 in ?? () (gdb) bt #0 0x00000000 in ?? () #1 0x035db943 in WebCore::toEventTargetNode (node=0x1b8711f0) at EventTargetNode.h:201 #2 0x035db9a1 in WebCore::EventTargetNodeCast (node=0x1b8711f0) at EventTargetNode.h:217 #3 0x036c737d in WebCore::Document::removeAllDisconnectedNodeEventListeners (this=0x70d8800) at /Users/nikolaszimmermann/Coding/WebKit/WebCore/dom/Document.cpp:1361 #4 0x036c958e in WebCore::Document::removeAllEventListenersFromAllNodes (this=0x70d8800) at /Users/nikolaszimmermann/Coding/WebKit/WebCore/dom/Document.cpp:1341 #5 0x035a7915 in WebCore::CachedFrame::clear (this=0x1bfe80c0) at /Users/nikolaszimmermann/Coding/WebKit/WebCore/history/CachedFrame.cpp:122 #6 0x035a7a92 in WebCore::CachedFrame::~CachedFrame (this=0x1bfe80c0) at /Users/nikolaszimmermann/Coding/WebKit/WebCore/history/CachedFrame.cpp:86 #7 0x035a8ba9 in WTF::RefCounted<WebCore::CachedFrame>::deref (this=0x1bfe80c0) at RefCounted.h:91 #8 0x035ab20b in WTF::RefPtr<WebCore::CachedFrame>::clear (this=0x1d35e510) at RefPtr.h:56 #9 0x035aafae in WebCore::CachedPage::clear (this=0x1d35e500) at /Users/nikolaszimmermann/Coding/WebKit/WebCore/history/CachedPage.cpp:83 #10 0x03a9dd03 in WebCore::PageCache::releaseAutoreleasedPagesNow (this=0xaa8b00) at /Users/nikolaszimmermann/Coding/WebKit/WebCore/history/PageCache.cpp:168 #11 0x00288f83 in -[WebWindowWatcher windowWillClose:] (self=0xa51dc0, _cmd=0x972042c0, notification=0xa1c800) at /Users/nikolaszimmermann/Coding/WebKit/WebKit/mac/History/WebHistoryItem.mm:594 I don't see the crash on buildbot at the moment though.