Bug 7428 - TOT REGRESSION: crash in QString::operator= when getting an element from an empty iframe
Summary: TOT REGRESSION: crash in QString::operator= when getting an element from an e...
Status: RESOLVED DUPLICATE of bug 7293
Alias: None
Product: WebKit
Classification: Unclassified
Component: Frames (show other bugs)
Version: 420+
Hardware: Mac OS X 10.4
: P1 Major
Assignee: Nobody
URL:
Keywords: HasReduction
Depends on:
Blocks:
 
Reported: 2006-02-23 09:51 PST by Geoffrey Garen
Modified: 2006-02-25 11:50 PST (History)
1 user (show)

See Also:

Attachments
reduction (304 bytes, text/html)
2006-02-23 09:51 PST, Geoffrey Garen 		no flags Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Geoffrey Garen 2006-02-23 09:51:25 PST 
Date/Time:      2006-02-23 09:48:59.924 -0800
OS Version:     10.4.5 (Build 8H14)
Report Version: 4

Command: Safari
Path:    /Volumes/Home/Users/ggaren/symroots-TOT/Debug/Safari.app/Contents/MacOS/Safari
Parent:  WindowServer [77]

Version: 2.0.1 (420+)

PID:    1484
Thread: 0

Exception:  EXC_BAD_ACCESS (0x0001)
Codes:      KERN_PROTECTION_FAILURE (0x0002) at 0x000000b0

Thread 0 Crashed:
0   com.apple.WebCore        	0x02079730 QString::operator=(QString const&) + 68 (QString.cpp:697)
1   com.apple.WebCore        	0x0215c394 WebCore::DocumentImpl::setBaseURL(QString const&) + 48 (Timer.h:273)
2   com.apple.WebCore        	0x01ef2a9c WebCore::Frame::updateBaseURLForEmptyDocument() + 348 (Frame.cpp:3352)
3   com.apple.WebCore        	0x01f03228 WebCore::MacFrame::createEmptyDocument() + 364 (MacFrame.mm:1373)
4   com.apple.WebCore        	0x01dbcd50 KJS::Window::getValueProperty(KJS::ExecState*, int) const + 5436 (kjs_window.cpp:832)
5   com.apple.WebCore        	0x02162558 KJS::JSValue* KJS::staticValueGetter<KJS::Window>(KJS::ExecState*, KJS::JSObject*, KJS::Identifier const&, KJS::PropertySlot const&) + 92 (lookup.h:151)
6   com.apple.JavaScriptCore 	0x0169161c KJS::PropertySlot::getValue(KJS::ExecState*, KJS::JSObject*, KJS::Identifier const&) const + 108 (property_slot.h:46)
7   com.apple.JavaScriptCore 	0x0161f3e4 KJS::JSObject::get(KJS::ExecState*, KJS::Identifier const&) const + 84 (object.cpp:156)
8   com.apple.JavaScriptCore 	0x01615dcc KJS::DotAccessorNode::evaluate(KJS::ExecState*) + 216 (nodes.cpp:462)
9   com.apple.JavaScriptCore 	0x0160c5ec KJS::AssignExprNode::evaluate(KJS::ExecState*) + 84 (nodes.cpp:1504)
10  com.apple.JavaScriptCore 	0x01611c78 KJS::VarDeclNode::evaluate(KJS::ExecState*) + 212 (nodes.cpp:1522)
11  com.apple.JavaScriptCore 	0x01611b04 KJS::VarDeclListNode::evaluate(KJS::ExecState*) + 96 (nodes.cpp:1570)
12  com.apple.JavaScriptCore 	0x016119bc KJS::VarStatementNode::execute(KJS::ExecState*) + 220 (nodes.cpp:1594)
13  com.apple.JavaScriptCore 	0x0160e088 KJS::SourceElementsNode::execute(KJS::ExecState*) + 280 (nodes.cpp:2390)
14  com.apple.JavaScriptCore 	0x0160c934 KJS::BlockNode::execute(KJS::ExecState*) + 216 (nodes.cpp:1627)
15  com.apple.JavaScriptCore 	0x015f4584 KJS::DeclaredFunctionImp::execute(KJS::ExecState*) + 92 (function.cpp:331)
16  com.apple.JavaScriptCore 	0x015f3cb8 KJS::FunctionImp::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List const&) + 700 (function.cpp:102)
17  com.apple.JavaScriptCore 	0x01620498 KJS::JSObject::call(KJS::ExecState*, KJS::JSObject*, KJS::List const&) + 288 (object.cpp:96)
18  com.apple.JavaScriptCore 	0x01615724 KJS::FunctionCallResolveNode::evaluate(KJS::ExecState*) + 820 (nodes.cpp:602)
19  com.apple.JavaScriptCore 	0x016117f0 KJS::ExprStatementNode::execute(KJS::ExecState*) + 220 (nodes.cpp:1650)
20  com.apple.JavaScriptCore 	0x0160e088 KJS::SourceElementsNode::execute(KJS::ExecState*) + 280 (nodes.cpp:2390)
21  com.apple.JavaScriptCore 	0x0160c934 KJS::BlockNode::execute(KJS::ExecState*) + 216 (nodes.cpp:1627)
22  com.apple.JavaScriptCore 	0x015f4584 KJS::DeclaredFunctionImp::execute(KJS::ExecState*) + 92 (function.cpp:331)
23  com.apple.JavaScriptCore 	0x015f3cb8 KJS::FunctionImp::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List const&) + 700 (function.cpp:102)
24  com.apple.JavaScriptCore 	0x01620498 KJS::JSObject::call(KJS::ExecState*, KJS::JSObject*, KJS::List const&) + 288 (object.cpp:96)
25  com.apple.WebCore        	0x01d89974 KJS::JSAbstractEventListener::handleEvent(WebCore::EventImpl*, bool) + 780 (kjs_events.cpp:106)
26  com.apple.WebCore        	0x01d73510 WebCore::EventListener::handleEventImpl(WebCore::EventImpl*, bool) + 72 (dom2_events.cpp:48)
27  com.apple.WebCore        	0x01f32b70 WebCore::NodeImpl::handleLocalEvents(WebCore::EventImpl*, bool) + 392 (NodeImpl.cpp:899)
28  com.apple.WebCore        	0x01f32ff0 WebCore::NodeImpl::dispatchGenericEvent(KXMLCore::PassRefPtr<WebCore::EventImpl>, int&, bool) + 1064 (NodeImpl.cpp:548)
29  com.apple.WebCore        	0x01f339d0 WebCore::NodeImpl::dispatchEvent(KXMLCore::PassRefPtr<WebCore::EventImpl>, int&, bool) + 340 (NodeImpl.cpp:500)
30  com.apple.WebCore        	0x01f341d0 WebCore::NodeImpl::dispatchMouseEvent(WebCore::AtomicString const&, int, int, int, int, int, int, bool, bool, bool, bool, bool, WebCore::NodeImpl*) + 492 (NodeImpl.cpp:737)
31  com.apple.WebCore        	0x01f379a0 WebCore::NodeImpl::dispatchMouseEvent(QMouseEvent*, WebCore::AtomicString const&, int, WebCore::NodeImpl*) + 792 (NodeImpl.cpp:699)
32  com.apple.WebCore        	0x01f19c44 WebCore::FrameView::dispatchMouseEvent(WebCore::AtomicString const&, WebCore::NodeImpl*, bool, int, QMouseEvent*, bool, int) + 1072 (FrameView.cpp:1008)
33  com.apple.WebCore        	0x01f1a4ac WebCore::FrameView::viewportMouseReleaseEvent(QMouseEvent*) + 712 (FrameView.cpp:667)
34  com.apple.WebCore        	0x01f0c20c WebCore::MacFrame::mouseUp(NSEvent*) + 584 (MacFrame.mm:2066)
35  com.apple.WebCore        	0x01f40d10 -[WebCoreFrameBridge mouseUp:] + 52 (WebCoreFrameBridge.mm:1157)
36  com.apple.WebKit         	0x0127f19c -[WebHTMLView mouseUp:] + 292 (WebHTMLView.m:2908)
37  com.apple.AppKit         	0x936d6f20 -[NSWindow sendEvent:] + 4728
38  com.apple.Safari         	0x00101184 -[Window sendEvent:] + 320 (Window.m:76)
39  com.apple.AppKit         	0x9367fef4 -[NSApplication sendEvent:] + 4172
40  com.apple.Safari         	0x000309e8 -[BrowserApplication sendEvent:] + 736 (BrowserApplication.m:139)
41  com.apple.AppKit         	0x93677330 -[NSApplication run] + 508
42  com.apple.AppKit         	0x93767e68 NSApplicationMain + 452
43  com.apple.Safari         	0x000f9588 main + 160 (main.m:23)
44  com.apple.Safari         	0x000028d0 _start + 340 (crt.c:272)
45  com.apple.Safari         	0x00002778 start + 60

Thread 1:
0   libSystem.B.dylib        	0x9000b1e8 mach_msg_trap + 8
1   libSystem.B.dylib        	0x9000b13c mach_msg + 60
2   com.apple.CoreFoundation 	0x9075e114 __CFRunLoopRun + 832
3   com.apple.CoreFoundation 	0x9075da18 CFRunLoopRunSpecific + 268
4   com.apple.Foundation     	0x928e4384 -[NSRunLoop runMode:beforeDate:] + 172
5   com.apple.Foundation     	0x928e42bc -[NSRunLoop run] + 76
6   com.apple.WebKit         	0x012c3d88 +[WebFileDatabase _syncLoop:] + 420 (WebFileDatabase.m:291)
7   com.apple.Foundation     	0x928d53b4 forkThreadForFunction + 108
8   libSystem.B.dylib        	0x9002b1e0 _pthread_body + 96

Thread 2:
0   libSystem.B.dylib        	0x9000b1e8 mach_msg_trap + 8
1   libSystem.B.dylib        	0x9000b13c mach_msg + 60
2   com.apple.CoreFoundation 	0x9075e114 __CFRunLoopRun + 832
3   com.apple.CoreFoundation 	0x9075da18 CFRunLoopRunSpecific + 268
4   com.apple.Foundation     	0x928fc8bc +[NSURLConnection(NSURLConnectionInternal) _resourceLoadLoop:] + 264
5   com.apple.Foundation     	0x928d53b4 forkThreadForFunction + 108
6   libSystem.B.dylib        	0x9002b1e0 _pthread_body + 96

Thread 3:
0   libSystem.B.dylib        	0x9000b1e8 mach_msg_trap + 8
1   libSystem.B.dylib        	0x9000b13c mach_msg + 60
2   com.apple.CoreFoundation 	0x9075e114 __CFRunLoopRun + 832
3   com.apple.CoreFoundation 	0x9075da18 CFRunLoopRunSpecific + 268
4   com.apple.Foundation     	0x928fd9fc +[NSURLCache _diskCacheSyncLoop:] + 152
5   com.apple.Foundation     	0x928d53b4 forkThreadForFunction + 108
6   libSystem.B.dylib        	0x9002b1e0 _pthread_body + 96

Thread 4:
0   libSystem.B.dylib        	0x9002b888 semaphore_wait_signal_trap + 8
1   libSystem.B.dylib        	0x9002fffc pthread_cond_wait + 488
2   com.apple.Foundation     	0x928dc520 -[NSConditionLock lockWhenCondition:] + 68
3   com.apple.Syndication    	0x99c9e50c -[AsyncDB _run:] + 192
4   com.apple.Foundation     	0x928d53b4 forkThreadForFunction + 108
5   libSystem.B.dylib        	0x9002b1e0 _pthread_body + 96

Thread 0 crashed with PPC Thread State 64:
  srr0: 0x0000000002079730 srr1: 0x000000000200f030                        vrsave: 0x0000000000000000
    cr: 0x24000244          xer: 0x0000000020000004   lr: 0x0000000002079704  ctr: 0x00000000021642e0
    r0: 0x00000000000000b0   r1: 0x00000000bfffd590   r2: 0x00000000000000b0   r3: 0x00000000000000b0
    r4: 0x00000000bfffd67c   r5: 0x0000000090a0b930   r6: 0x00000000ffffffff   r7: 0x00000000138f7000
    r8: 0x00000000000001ac   r9: 0x00000000bfffd680  r10: 0x000000000000006b  r11: 0x00000000a28c8ad4
   r12: 0x00000000021642e0  r13: 0x0000000000000000  r14: 0x0000000000000100  r15: 0x0000000000000000
   r16: 0x0000000000000000  r17: 0x0000000000000000  r18: 0x0000000000000000  r19: 0x0000000000000000
   r20: 0x0000000000000000  r21: 0x0000000000000000  r22: 0x0000000000000000  r23: 0x0000000000000000
   r24: 0x0000000000000000  r25: 0x0000000013902b10  r26: 0x0000000000000000  r27: 0x0000000000000000
   r28: 0x0000000000000002  r29: 0x0000000000000000  r30: 0x00000000bfffd590  r31: 0x0000000002079704

Binary Images Description:
    0x1000 -   0x1dbfff com.apple.Safari 2.0.1 (420+)	/Volumes/Home/Users/ggaren/symroots-TOT/Debug/Safari.app/Contents/MacOS/Safari
 0x1205000 -  0x1327fff com.apple.WebKit 420+	/Users/ggaren/symroots/Debug/WebKit.framework/Versions/A/WebKit
 0x15e3000 -  0x16a8fff com.apple.JavaScriptCore 420+	/Users/ggaren/symroots/Debug/JavaScriptCore.framework/Versions/A/JavaScriptCore
 0x1d2b000 -  0x223efff com.apple.WebCore 420+	/Users/ggaren/symroots/Debug/WebCore.framework/Versions/A/WebCore
0x8fe00000 - 0x8fe54fff dyld 44.2	/usr/lib/dyld
0x90000000 - 0x901b3fff libSystem.B.dylib 	/usr/lib/libSystem.B.dylib
0x9020b000 - 0x90210fff libmathCommon.A.dylib 	/usr/lib/system/libmathCommon.A.dylib
0x90212000 - 0x90265fff com.apple.CoreText 1.0.1 (???)	/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/CoreText.framework/Versions/A/CoreText
0x90292000 - 0x90343fff ATS 	/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ATS.framework/Versions/A/ATS
0x90372000 - 0x906affff com.apple.CoreGraphics 1.256.33 (???)	/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/CoreGraphics.framework/Versions/A/CoreGraphics
0x9073b000 - 0x90814fff com.apple.CoreFoundation 6.4.4 (368.25)	/System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation
0x9085d000 - 0x9085dfff com.apple.CoreServices 10.4 (???)	/System/Library/Frameworks/CoreServices.framework/Versions/A/CoreServices
0x9085f000 - 0x90961fff libicucore.A.dylib 	/usr/lib/libicucore.A.dylib
0x909bb000 - 0x90a3ffff libobjc.A.dylib 	/usr/lib/libobjc.A.dylib
0x90a69000 - 0x90ad7fff IOKit 	/System/Library/Frameworks/IOKit.framework/Versions/A/IOKit
0x90aee000 - 0x90b00fff libauto.dylib 	/usr/lib/libauto.dylib
0x90b07000 - 0x90ddffff com.apple.CoreServices.CarbonCore 681.3 (671.2)	/System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/CarbonCore.framework/Versions/A/CarbonCore
0x90e45000 - 0x90ec5fff com.apple.CoreServices.OSServices 4.1	/System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/OSServices.framework/Versions/A/OSServices
0x90f0f000 - 0x90f50fff com.apple.CFNetwork 10.4.4 (129.9)	/System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/CFNetwork.framework/Versions/A/CFNetwork
0x90f65000 - 0x90f7dfff com.apple.WebServices 1.1.2 (1.1.0)	/System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/WebServicesCore.framework/Versions/A/WebServicesCore
0x90f8d000 - 0x9100efff com.apple.SearchKit 1.0.5	/System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/SearchKit.framework/Versions/A/SearchKit
0x91054000 - 0x9107efff com.apple.Metadata 10.4.4 (121.34)	/System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/Metadata.framework/Versions/A/Metadata
0x9108f000 - 0x9109dfff libz.1.dylib 	/usr/lib/libz.1.dylib
0x910a0000 - 0x91263fff com.apple.security 4.3 (25966)	/System/Library/Frameworks/Security.framework/Versions/A/Security
0x91366000 - 0x9136ffff com.apple.DiskArbitration 2.1	/System/Library/Frameworks/DiskArbitration.framework/Versions/A/DiskArbitration
0x91376000 - 0x9139dfff com.apple.SystemConfiguration 1.8.2	/System/Library/Frameworks/SystemConfiguration.framework/Versions/A/SystemConfiguration
0x913b0000 - 0x913b8fff libgcc_s.1.dylib 	/usr/lib/libgcc_s.1.dylib
0x913bd000 - 0x913defff libmx.A.dylib 	/usr/lib/libmx.A.dylib
0x913e4000 - 0x913ecfff libbsm.dylib 	/usr/lib/libbsm.dylib
0x913f0000 - 0x91470fff com.apple.audio.CoreAudio 3.0.2	/System/Library/Frameworks/CoreAudio.framework/Versions/A/CoreAudio
0x914af000 - 0x914affff com.apple.ApplicationServices 10.4 (???)	/System/Library/Frameworks/ApplicationServices.framework/Versions/A/ApplicationServices
0x914b1000 - 0x914e9fff com.apple.AE 1.5 (297)	/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/AE.framework/Versions/A/AE
0x91504000 - 0x915d1fff com.apple.ColorSync 4.4.4	/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ColorSync.framework/Versions/A/ColorSync
0x91626000 - 0x916b9fff com.apple.print.framework.PrintCore 4.3 (172.3)	/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/PrintCore.framework/Versions/A/PrintCore
0x91700000 - 0x917bdfff com.apple.QD 3.8.18 (???)	/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/QD.framework/Versions/A/QD
0x917fb000 - 0x91859fff com.apple.HIServices 1.5.1 (???)	/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/HIServices.framework/Versions/A/HIServices
0x91887000 - 0x918abfff com.apple.LangAnalysis 1.6.1	/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/LangAnalysis.framework/Versions/A/LangAnalysis
0x918bf000 - 0x918e4fff com.apple.FindByContent 1.5	/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/FindByContent.framework/Versions/A/FindByContent
0x918f7000 - 0x91939fff com.apple.LaunchServices 10.4.6 (168.3)	/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/LaunchServices.framework/Versions/A/LaunchServices
0x91955000 - 0x91969fff com.apple.speech.synthesis.framework 3.3	/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/SpeechSynthesis.framework/Versions/A/SpeechSynthesis
0x91977000 - 0x919b1fff com.apple.ImageIO.framework 1.4.4	/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ImageIO.framework/Versions/A/ImageIO
0x919c6000 - 0x91a8efff libcrypto.0.9.7.dylib 	/usr/lib/libcrypto.0.9.7.dylib
0x91adc000 - 0x91af1fff libcups.2.dylib 	/usr/lib/libcups.2.dylib
0x91af6000 - 0x91b13fff libJPEG.dylib 	/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ImageIO.framework/Versions/A/Resources/libJPEG.dylib
0x91b18000 - 0x91b87fff libJP2.dylib 	/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ImageIO.framework/Versions/A/Resources/libJP2.dylib
0x91b9e000 - 0x91ba2fff libGIF.dylib 	/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ImageIO.framework/Versions/A/Resources/libGIF.dylib
0x91ba4000 - 0x91bd5fff libRaw.dylib 	/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ImageIO.framework/Versions/A/Resources/libRaw.dylib
0x91bd9000 - 0x91c1cfff libTIFF.dylib 	/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ImageIO.framework/Versions/A/Resources/libTIFF.dylib
0x91c23000 - 0x91c3cfff libPng.dylib 	/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ImageIO.framework/Versions/A/Resources/libPng.dylib
0x91c41000 - 0x91c44fff libRadiance.dylib 	/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ImageIO.framework/Versions/A/Resources/libRadiance.dylib
0x91c46000 - 0x91c46fff com.apple.Accelerate 1.1.1 (Accelerate 1.1.1)	/System/Library/Frameworks/Accelerate.framework/Versions/A/Accelerate
0x91c48000 - 0x91d1efff com.apple.vImage 2.0	/System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vImage.framework/Versions/A/vImage
0x91d26000 - 0x91d45fff com.apple.Accelerate.vecLib 3.1.1 (vecLib 3.1.1)	/System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vecLib.framework/Versions/A/vecLib
0x91db1000 - 0x91e16fff libvMisc.dylib 	/System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vecLib.framework/Versions/A/libvMisc.dylib
0x91e20000 - 0x91eb2fff libvDSP.dylib 	/System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vecLib.framework/Versions/A/libvDSP.dylib
0x91ecc000 - 0x9245cfff libBLAS.dylib 	/System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vecLib.framework/Versions/A/libBLAS.dylib
0x924a4000 - 0x927b4fff libLAPACK.dylib 	/System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vecLib.framework/Versions/A/libLAPACK.dylib
0x927e1000 - 0x9286dfff com.apple.DesktopServices 1.3.1	/System/Library/PrivateFrameworks/DesktopServicesPriv.framework/Versions/A/DesktopServicesPriv
0x928af000 - 0x92adafff com.apple.Foundation 6.4.4 (567.25)	/System/Library/Frameworks/Foundation.framework/Versions/C/Foundation
0x92bf8000 - 0x92cd6fff libxml2.2.dylib 	/usr/lib/libxml2.2.dylib
0x92cf6000 - 0x92de4fff libiconv.2.dylib 	/usr/lib/libiconv.2.dylib
0x92df6000 - 0x92e14fff libGL.dylib 	/System/Library/Frameworks/OpenGL.framework/Versions/A/Libraries/libGL.dylib
0x92e1f000 - 0x92e79fff libGLU.dylib 	/System/Library/Frameworks/OpenGL.framework/Versions/A/Libraries/libGLU.dylib
0x92e97000 - 0x92e97fff com.apple.Carbon 10.4 (???)	/System/Library/Frameworks/Carbon.framework/Versions/A/Carbon
0x92e99000 - 0x92eadfff com.apple.ImageCapture 3.0	/System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/ImageCapture.framework/Versions/A/ImageCapture
0x92ec5000 - 0x92ed5fff com.apple.speech.recognition.framework 3.4	/System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/SpeechRecognition.framework/Versions/A/SpeechRecognition
0x92ee1000 - 0x92ef6fff com.apple.securityhi 2.0 (203)	/System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/SecurityHI.framework/Versions/A/SecurityHI
0x92f08000 - 0x92f8ffff com.apple.ink.framework 101.2 (69)	/System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/Ink.framework/Versions/A/Ink
0x92fa3000 - 0x92faefff com.apple.help 1.0.3 (32)	/System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/Help.framework/Versions/A/Help
0x92fb8000 - 0x92fe5fff com.apple.openscripting 1.2.4 (???)	/System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/OpenScripting.framework/Versions/A/OpenScripting
0x92fff000 - 0x9300ffff com.apple.print.framework.Print 5.0 (190.1)	/System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/Print.framework/Versions/A/Print
0x9301b000 - 0x93081fff com.apple.htmlrendering 1.1.2	/System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/HTMLRendering.framework/Versions/A/HTMLRendering
0x930b2000 - 0x93104fff com.apple.NavigationServices 3.4.2	/System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/NavigationServices.framework/Versions/A/NavigationServices
0x93130000 - 0x9314dfff com.apple.audio.SoundManager 3.9	/System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/CarbonSound.framework/Versions/A/CarbonSound
0x9315f000 - 0x9316cfff com.apple.CommonPanels 1.2.2 (73)	/System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/CommonPanels.framework/Versions/A/CommonPanels
0x93175000 - 0x93487fff com.apple.HIToolbox 1.4.5 (???)	/System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/HIToolbox.framework/Versions/A/HIToolbox
0x935d3000 - 0x935dffff com.apple.opengl 1.4.7	/System/Library/Frameworks/OpenGL.framework/Versions/A/OpenGL
0x935e4000 - 0x93605fff com.apple.DirectoryService.Framework 3.0.1	/System/Library/Frameworks/DirectoryService.framework/Versions/A/DirectoryService
0x93671000 - 0x93671fff com.apple.Cocoa 6.4 (???)	/System/Library/Frameworks/Cocoa.framework/Versions/A/Cocoa
0x93673000 - 0x93ca6fff com.apple.AppKit 6.4.4 (824.33)	/System/Library/Frameworks/AppKit.framework/Versions/C/AppKit
0x94033000 - 0x940a3fff com.apple.CoreData 80	/System/Library/Frameworks/CoreData.framework/Versions/A/CoreData
0x940dc000 - 0x941a6fff com.apple.audio.toolbox.AudioToolbox 1.4.1	/System/Library/Frameworks/AudioToolbox.framework/Versions/A/AudioToolbox
0x941fa000 - 0x941fafff com.apple.audio.units.AudioUnit 1.4	/System/Library/Frameworks/AudioUnit.framework/Versions/A/AudioUnit
0x941fc000 - 0x94374fff com.apple.QuartzCore 1.4.5	/System/Library/Frameworks/QuartzCore.framework/Versions/A/QuartzCore
0x943be000 - 0x943fbfff libsqlite3.0.dylib 	/usr/lib/libsqlite3.0.dylib
0x94403000 - 0x94453fff libGLImage.dylib 	/System/Library/Frameworks/OpenGL.framework/Versions/A/Libraries/libGLImage.dylib
0x944e3000 - 0x9451bfff com.apple.vmutils 4.0.0 (85)	/System/Library/PrivateFrameworks/vmutils.framework/Versions/A/vmutils
0x9455e000 - 0x9457afff com.apple.securityfoundation 2.1 (24988)	/System/Library/Frameworks/SecurityFoundation.framework/Versions/A/SecurityFoundation
0x9458e000 - 0x945d2fff com.apple.securityinterface 2.1 (24981)	/System/Library/Frameworks/SecurityInterface.framework/Versions/A/SecurityInterface
0x945f6000 - 0x94605fff libCGATS.A.dylib 	/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/CoreGraphics.framework/Versions/A/Resources/libCGATS.A.dylib
0x9460d000 - 0x94619fff libCSync.A.dylib 	/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/CoreGraphics.framework/Versions/A/Resources/libCSync.A.dylib
0x9465f000 - 0x94677fff libRIP.A.dylib 	/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/CoreGraphics.framework/Versions/A/Resources/libRIP.A.dylib
0x9467e000 - 0x94701fff libstdc++.6.dylib 	/usr/lib/libstdc++.6.dylib
0x94881000 - 0x949affff com.apple.AddressBook.framework 4.0.3 (483)	/System/Library/Frameworks/AddressBook.framework/Versions/A/AddressBook
0x94a41000 - 0x94a50fff com.apple.DSObjCWrappers.Framework 1.1	/System/Library/PrivateFrameworks/DSObjCWrappers.framework/Versions/A/DSObjCWrappers
0x94a58000 - 0x94a85fff com.apple.LDAPFramework 1.4.1 (69.0.1)	/System/Library/Frameworks/LDAP.framework/Versions/A/LDAP
0x94a8c000 - 0x94a9cfff libsasl2.2.dylib 	/usr/lib/libsasl2.2.dylib
0x94aa0000 - 0x94acffff libssl.0.9.7.dylib 	/usr/lib/libssl.0.9.7.dylib
0x94adf000 - 0x94afcfff libresolv.9.dylib 	/usr/lib/libresolv.9.dylib
0x95cf6000 - 0x95d1ffff libxslt.1.dylib 	/usr/lib/libxslt.1.dylib
0x99c9b000 - 0x99cd1fff com.apple.Syndication 1.0.3 (49)	/System/Library/PrivateFrameworks/Syndication.framework/Versions/A/Syndication
0x99cee000 - 0x99d00fff com.apple.SyndicationUI 1.0.3 (49)	/System/Library/PrivateFrameworks/SyndicationUI.framework/Versions/A/SyndicationUI

Model: PowerBook5,5, BootROM 4.8.4f1, 1 processors, PowerPC G4  (1.1), 1.5 GHz, 1.5 GB
Graphics: ATI Mobility Radeon 9700, ATY,RV360M11, AGP, 64 MB
Memory Module: SODIMM0/J20STANDARD, 512 MB, DDR SDRAM, PC2700U-25330
Memory Module: SODIMM1/J23REVERSED, 1 GB, DDR SDRAM, PC2700U-25330
AirPort: AirPort Extreme, 404.2 (3.90.34.0.p16)
Modem: LastDash, UCJ, V.92, 4.0, APPLE VERSION 2.6.6
Bluetooth: Version 1.7.0f18, 2 service, 1 devices, 1 incoming serial ports
Network Service: AirPort, AirPort, en1
PCI Card: TXN,PCIXXXX-00, cardbus, PC Card
Parallel ATA Device: MATSHITADVD-R   UJ-825, 
Parallel ATA Device: Hitachi IC25N080ATMR04-0, 74.53 GB
USB Device: Bluetooth HCI, , Up to 12 Mb/sec, 500 mA
Comment 1 Geoffrey Garen 2006-02-23 09:51:53 PST 
Created attachment 6677 [details]
reduction
Comment 2 Darin Adler 2006-02-24 22:25:03 PST 
Test case does not crash for me.
Comment 3 Geoffrey Garen 2006-02-25 10:12:04 PST 
You'll need to download the testcase in order to run it. The Apache server replaces src="DoesNotExist" with a 404 error page, but what you really want is a source that doesn't exist.
Comment 4 Geoffrey Garen 2006-02-25 10:54:17 PST 
Regression from r12804 to r12813.
Comment 5 Geoffrey Garen 2006-02-25 11:48:18 PST 
Same underlying cause as bug 7403.

*** This bug has been marked as a duplicate of 7403 ***
Comment 6 Geoffrey Garen 2006-02-25 11:50:03 PST 
oops, bug 7293 is the master.

*** This bug has been marked as a duplicate of 7293 ***