RESOLVED FIXED7818
REGRESSION: Crash in document.open() called from external script during load 
https://bugs.webkit.org/show_bug.cgi?id=7818
Summary REGRESSION: Crash in document.open() called from external script during load
Justin
Reported 2006-03-16 23:54:49 PST
When site is loaded, Safari Quits. Using 10.4.5, Safari Nightly build r13336. yourmovies.com.au is currently fine on latest official release (2.0.3). My first bug report.. is it ok?
Attachments
Add attachment proposed patch, testcase, etc.
David Kilzer (:ddkilzer)
Comment 1 2006-03-17 05:16:06 PST
(In reply to comment #0) > My first bug report.. is it ok? Yes, but please post the crash log (as an attachment or in a comment here). Thanks!
mitz
Comment 2 2006-03-17 06:24:40 PST
On a debug build I get ASSERTION FAILED: m_executingScript == 0 (WebCore/khtml/html/htmltokenizer.cpp:166 void WebCore::HTMLTokenizer::reset()) Perhaps the isLoadingMainResource() check isn't the right one for DocumentImpl::open().
Alice Liu
Comment 3 2006-03-20 08:00:34 PST
Date/Time: 2006-03-20 07:59:32.429 -0800 OS Version: 10.4.5 (Build 8H14) Report Version: 4 Command: Safari Path: /Build/symroots/Debug/Safari.app/Contents/MacOS/Safari Parent: WindowServer [64] Version: 2.0.1 (420+) PID: 28282 Thread: 0 Exception: EXC_BAD_ACCESS (0x0001) Codes: KERN_INVALID_ADDRESS (0x0001) at 0xbbadbeef Thread 0 Crashed: 0 com.apple.WebCore 0x01de0e00 WebCore::HTMLTokenizer::reset() + 92 (HTMLTokenizer.cpp:166) 1 com.apple.WebCore 0x01de105c WebCore::HTMLTokenizer::~HTMLTokenizer [in-charge deleting]() + 144 (HTMLTokenizer.cpp:1669) 2 com.apple.WebCore 0x01f06c0c WebCore::Document::cancelParsing() + 100 (Document.cpp:1090) 3 com.apple.WebCore 0x01f06c54 WebCore::Document::implicitOpen() + 32 (Document.cpp:1099) 4 com.apple.WebCore 0x01f06d20 WebCore::Document::open() + 120 (Document.cpp:1072) 5 com.apple.WebCore 0x01d8cc30 KJS::HTMLDocFunction::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List const&) + 580 (kjs_html.cpp:110) 6 com.apple.JavaScriptCore 0x01623540 KJS::JSObject::call(KJS::ExecState*, KJS::JSObject*, KJS::List const&) + 288 (object.cpp:94) 7 com.apple.JavaScriptCore 0x01618608 KJS::FunctionCallDotNode::evaluate(KJS::ExecState*) + 908 (nodes.cpp:761) 8 com.apple.JavaScriptCore 0x01614fc8 KJS::ExprStatementNode::execute(KJS::ExecState*) + 220 (nodes.cpp:1716) 9 com.apple.JavaScriptCore 0x016115a4 KJS::SourceElementsNode::execute(KJS::ExecState*) + 280 (nodes.cpp:2459) 10 com.apple.JavaScriptCore 0x0160f2bc KJS::BlockNode::execute(KJS::ExecState*) + 216 (nodes.cpp:1693) 11 com.apple.JavaScriptCore 0x01605b98 KJS::InterpreterImp::evaluate(KJS::UChar const*, int, KJS::JSValue*, KJS::UString const&, int) + 1088 (internal.cpp:509) 12 com.apple.JavaScriptCore 0x01607d04 KJS::Interpreter::evaluate(KJS::UString const&, int, KJS::UChar const*, int, KJS::JSValue*) + 100 (interpreter.cpp:122) 13 com.apple.WebCore 0x01d96598 WebCore::KJSProxy::evaluate(WebCore::String const&, int, WebCore::String const&, WebCore::Node*) + 380 (kjs_proxy.cpp:69) 14 com.apple.WebCore 0x01edadd4 WebCore::Frame::executeScript(DeprecatedString const&, int, WebCore::Node*, DeprecatedString const&) + 144 (Frame.cpp:2063) 15 com.apple.WebCore 0x01de0470 WebCore::HTMLTokenizer::scriptExecution(DeprecatedString const&, WebCore::HTMLTokenizer::State, DeprecatedString, int) + 376 (HTMLTokenizer.cpp:469) 16 com.apple.WebCore 0x01de0bfc WebCore::HTMLTokenizer::notifyFinished(WebCore::CachedObject*) + 612 (HTMLTokenizer.cpp:1728) 17 com.apple.WebCore 0x01f3174c WebCore::CachedScript::checkNotify() + 140 (CachedScript.cpp:106) 18 com.apple.WebCore 0x01f318a0 WebCore::CachedScript::data(WebCore::DeprecatedArray<char>&, bool) + 216 (CachedScript.cpp:99) 19 com.apple.WebCore 0x01f3442c WebCore::Loader::receivedAllData(WebCore::TransferJob*, NSData*) + 536 (loader.cpp:136) 20 com.apple.WebCore 0x01e0a638 -[KWQResourceLoader finishJobAndHandle:] + 180 (KWQResourceLoader.mm:98) 21 com.apple.WebCore 0x01e0a8e8 -[KWQResourceLoader finishWithData:] + 196 (KWQResourceLoader.mm:130) 22 com.apple.WebKit 0x01242c40 -[WebSubresourceLoader didFinishLoading] + 132 (WebSubresourceLoader.m:228) 23 com.apple.WebKit 0x01251b40 -[WebLoader connectionDidFinishLoading:] + 184 (WebLoader.m:667) 24 com.apple.Foundation 0x92907a6c -[NSURLConnection(NSURLConnectionInternal) _sendDidFinishLoadingCallback] + 188 25 com.apple.Foundation 0x92905cd8 -[NSURLConnection(NSURLConnectionInternal) _sendCallbacks] + 556 26 com.apple.Foundation 0x92905a30 _sendCallbacks + 156 27 com.apple.CoreFoundation 0x9075ea68 __CFRunLoopDoSources0 + 384 28 com.apple.CoreFoundation 0x9075df98 __CFRunLoopRun + 452 29 com.apple.CoreFoundation 0x9075da18 CFRunLoopRunSpecific + 268 30 com.apple.HIToolbox 0x9317d1e0 RunCurrentEventLoopInMode + 264 31 com.apple.HIToolbox 0x9317c874 ReceiveNextEventCommon + 380 32 com.apple.HIToolbox 0x9317c6e0 BlockUntilNextEventMatchingListInMode + 96 33 com.apple.AppKit 0x9367b104 _DPSNextEvent + 384 34 com.apple.AppKit 0x9367adc8 -[NSApplication nextEventMatchingMask:untilDate:inMode:dequeue:] + 116 35 com.apple.Safari 0x00030a1c -[BrowserApplication nextEventMatchingMask:untilDate:inMode:dequeue:] + 296 (BrowserApplication.m:152) 36 com.apple.AppKit 0x9367730c -[NSApplication run] + 472 37 com.apple.AppKit 0x93767e68 NSApplicationMain + 452 38 com.apple.Safari 0x000fc7f8 main + 160 (main.m:23) 39 com.apple.Safari 0x00002470 _start + 340 (crt.c:272) 40 com.apple.Safari 0x00002318 start + 60
Alice Liu
Comment 4 2006-03-20 08:05:06 PST
<rdar://problem/4483882>
Alice Liu
Comment 5 2006-03-20 08:26:48 PST
*** Bug 7859 has been marked as a duplicate of this bug. ***
Eric Seidel (no email)
Comment 6 2006-03-20 23:25:37 PST
*** Bug 7804 has been marked as a duplicate of this bug. ***
Eric Seidel (no email)
Comment 7 2006-03-20 23:25:57 PST
*** Bug 7848 has been marked as a duplicate of this bug. ***
Note You need to log in before you can comment on or make changes to this bug.