The URL it redirects to is: http://www.versiontracker.com/macosx/ First then to http://download.cnet.com/mac/3151-20_4-0.html?tag=vtredir Navigating to that URL causes the same crash to occur with either instant crash or when clicking to dismiss the overlaid box.

I get the crash with r84622 nightly, bit not with a local debug build of r85060. Geoff, was this fixed already? Thread 0 Crashed: Dispatch queue: com.apple.main-thread 0 com.apple.WebCore 0x00000001011ec4b3 WebCore::JSCSSStyleDeclarationOwner::isReachableFromOpaqueRoots(JSC::Handle<JSC::Unknown>, void*, JSC::MarkStack&) + 35 1 com.apple.JavaScriptCore 0x00000001007fbdb8 JSC::HandleHeap::markWeakHandles(JSC::HeapRootVisitor&) + 120

(In reply to comment #2) > I get the crash with r84622 nightly, bit not with a local debug build of r85060. Geoff, was this fixed already? Hmmm... I don't recall a patch specifically targeted at JSCSSStyleDeclarationOwner::isReachableFromOpaqueRoots.

I cannot reproduce with a release build of r85222 either. There was a number of generic GC fixes too, so marking as WORKSFORME. Could you please try to reproduce when a new nightly is posted?

(FYI, this particular website was fixed by http://trac.webkit.org/changeset/84764.)

<rdar://problem/9370087>