I found this crash with iExploder 1.3.0: <body> <applet code> <param> </body> </html> Thread 0 Crashed: 0 com.apple.WebCore 0x01323184 KXMLCore::HashMap<WebCore::String, WebCore::String, KXMLCore::StrHash<WebCore::String>, KXMLCore::HashTraits<WebCore::String>, KXMLCore::HashTraits<WebCore::String> >::set(WebCore::String const&, WebCore::String const&) + 68 1 com.apple.WebCore 0x011a5be0 WebCore::RenderApplet::createWidgetIfNecessary() + 560 2 com.apple.WebCore 0x011a5d28 WebCore::RenderApplet::layout() + 72 3 com.apple.WebCore 0x011a20f8 WebCore::RenderBlock::layoutInlineChildren(bool) + 984 4 com.apple.WebCore 0x011b2934 WebCore::RenderBlock::layoutBlock(bool) + 740 5 com.apple.WebCore 0x011b2288 WebCore::RenderBlock::layoutBlockChildren(bool) + 856
Created attachment 7816 [details] Testcase: applet code + param
Forgot to mention. Crash was with Safari Nightly 420+ r13911 2006-04-18
Were you using the run-iexploder-tests script which ap just landed? I worry that you and he may be duplicating effort here.
Ahha! It looks like you're the original author. Great tool! You should be aware that ap recently added this script to our svn repository: http://trac.webkit.org/dev/browser/trunk/WebKitTools/Scripts/run-iexploder-tests?rev=13967 Alexey has been filing bugs using iExploder as well: http://bugzilla.opendarwin.org/show_bug.cgi?id=8438 is the only one left open as far as I can tell.
Looks like a duplicate of bug 8437. So far, I've tried tests 1 through 10204 - but I was using iExploder 1.2, which generates different tests for the same seeds.
*** This bug has been marked as a duplicate of 8437 ***