WebKit Bugzilla
New
Browse
Log In
×
Sign in with GitHub
or
Remember my login
Create Account
·
Forgot Password
Forgotten password account recovery
RESOLVED FIXED
30987
Crash in SimpleFontData constructor when launching iTunes (and Safari)
https://bugs.webkit.org/show_bug.cgi?id=30987
Summary
Crash in SimpleFontData constructor when launching iTunes (and Safari)
Paul Ehresmann
Reported
2009-10-31 21:35:40 PDT
Created
attachment 42265
[details]
drwtsn dump file created while trying to launch iTunes Upon launching Safari or iTunes, this error is thrown in the Windows Event log: Faulting application safari.exe, version 4.531.9.1, faulting module webkit.dll, version 4.531.9.0, fault address 0x000835c1. Have tried the nightly build. Have tried uninstalling and reinstalling iTunes, Safari, quicktime. dump file attached.
Attachments
drwtsn dump file created while trying to launch iTunes
(77.95 KB, application/octet-stream)
2009-10-31 21:35 PDT
,
Paul Ehresmann
no flags
Details
View All
Add attachment
proposed patch, testcase, etc.
Adam Roben (:aroben)
Comment 1
2009-11-02 07:18:02 PST
Here's an (incomplete) backtrace:
> WebKit.dll!WebCore::SimpleFontData::SimpleFontData() + 0x21 bytes
WebKit.dll!WebCore::CSSFontFaceSource::getFontData() + 0x3f2 bytes WebKit.dll!WebCore::CSSFontFace::getFontData() + 0x71 bytes WebKit.dll!WebCore::CSSSegmentedFontFace::getFontData() + 0x13e bytes WebKit.dll!WebCore::CSSFontSelector::getFontData() + 0x431 bytes WebKit.dll!WebCore::RenderBlock::layoutInlineChildren() + 0x10d6 bytes WebKit.dll!WebCore::RenderBlock::layoutBlock() + 0x214 bytes WebKit.dll!WebCore::HTMLElement::isContentEditable() + 0x5a bytes WebKit.dll!WebCore::RenderBlock::layout() + 0x1b bytes WebKit.dll!WebCore::RenderBlock::layoutBlockChildren() + 0x4ca bytes WebKit.dll!WebCore::RenderBlock::layoutBlock() + 0x225 bytes WebKit.dll!WebCore::RenderBlock::layout() + 0x1b bytes WebKit.dll!WebCore::RenderBlock::layoutPositionedObjects() + 0x85 bytes WebKit.dll!WebCore::RenderBlock::layoutBlock() + 0x3b6 bytes WebKit.dll!WebCore::RenderBlock::positionNewFloats() + 0x3f0 bytes WebKit.dll!WebCore::RenderBlock::layoutBlockChildren() + 0x4ca bytes WebKit.dll!WebCore::RenderBlock::layoutBlock() + 0x225 bytes WebKit.dll!WebCore::RenderBlock::layout() + 0x1b bytes WebKit.dll!WebCore::RenderBlock::layoutBlockChildren() + 0x4ca bytes WebKit.dll!WebCore::RenderBlock::layoutBlock() + 0x225 bytes JavaScriptCore.dll!ctiTrampoline(void * code=0x00000000, JSC::RegisterFile * __formal=0x00000000, JSC::RegisterFile * __formal=0x00000000, JSC::JSValue * exception=0x000003be, JSC::RegisterFile * __formal=0x00000000, JSC::RegisterFile * __formal=0x00000000) Line 283 C++ WebKit.dll!WebCore::RenderBlock::layout() + 0x1b bytes WebKit.dll!WebCore::RenderBlock::layoutBlockChildren() + 0x4ca bytes WebKit.dll!WebCore::RenderBlock::layoutBlock() + 0x225 bytes WebKit.dll!WebCore::ScrollView::visibleContentRect() + 0xa0 bytes WebKit.dll!WebCore::RenderView::layout() + 0xf1 bytes WebKit.dll!WebCore::FrameView::layout() + 0x4c4 bytes WebKit.dll!WebCore::Timer<WebCore::HTMLMediaElement>::fired() + 0xe bytes WebKit.dll!WebCore::ThreadTimers::fireTimers() + 0x73 bytes WebKit.dll!WebCore::ThreadTimers::sharedTimerFiredInternal() + 0x50 bytes user32.dll!_NtUserCallNextHookEx@16() + 0xc bytes user32.dll!_CallNextHookEx@16() + 0x12dc4 bytes WebKit.dll!WTF::ThreadSpecific<WebCore::ThreadGlobalData>::operator WebCore::ThreadGlobalData *() + 0x12 bytes WebKit.dll!WebCore::ThreadTimers::sharedTimerFired() + 0xe bytes WebKit.dll!WebCore::TimerWindowWndProc() + 0x4e bytes user32.dll!_InternalCallWinProc@20() + 0x28 bytes WebKit.dll!WebCore::ThreadTimers::sharedTimerFired() + 0xe bytes WebKit.dll!WebCore::TimerWindowWndProc() + 0x4e bytes user32.dll!_InternalCallWinProc@20() + 0x28 bytes user32.dll!_UserCallWinProcCheckWow@32() + 0xb7 bytes user32.dll!_DispatchMessageWorker@8() + 0xdc bytes user32.dll!_DispatchMessageW@4() + 0xf bytes user32.dll!_DialogBox2@16() + 0x1a6 bytes user32.dll!_InternalDialogBox@24() + 0xb6 bytes user32.dll!_DialogBoxIndirectParamAorW@24() + 0x36 bytes user32.dll!_DialogBoxParamW@20() + 0x3f bytes iTunes.dll!1001cf57() [Frames below may be incorrect and/or missing, no symbols loaded for iTunes.dll] CoreFoundation.dll!___CFBasicHashFindBucket1(__CFBasicHash * ht=0x00000000, unsigned int stack_key=42993160, unsigned int key_hash=0, unsigned char rehashing=']') Line 27191 + 0x16 bytes C++ ntdll.dll!_RtlFreeHeap@12() + 0xa54 bytes ntdll.dll!_RtlFreeHeap@12() + 0x114 bytes 02902634() ntdll.dll!_RtlpFreeToHeapLookaside@8() + 0x26 bytes ntdll.dll!_RtlFreeHeap@12() + 0x114 bytes 02ee0000() ntdll.dll!_RtlFreeHeap@12() + 0x130 bytes ntdll.dll!_RtlFreeHeap@12() + 0x114 bytes 0012f604() ntdll.dll!_ZwSetEventBoostPriority@4() + 0xc bytes ntdll.dll!_RtlpUnWaitCriticalSection@4() + 0x22 bytes ntdll.dll!_RtlLeaveCriticalSection@4() + 0x1d bytes ntdll.dll!_LdrUnlockLoaderLock@8() + 0x58 bytes ntdll.dll!_LdrLoadDll@16() + 0x26f bytes ntdll.dll!_LdrLoadDll@16() + 0x14b bytes 90909090()
Adam Roben (:aroben)
Comment 2
2009-11-02 07:21:09 PST
I believe this was fixed in
r48848
. <
http://trac.webkit.org/changeset/48848
> Note that nightly builds aren't configured to work with iTunes. But if you can reproduce this crash in Safari, you should see that it is fixed in nightly builds since the above revision.
Note
You need to
log in
before you can comment on or make changes to this bug.
Top of Page
Format For Printing
XML
Clone This Bug