[Webkit-unassigned] [Bug 8440] New: iExploder(#3327): Crash in StringImpl::initWithQChar()

bugzilla-daemon at opendarwin.org bugzilla-daemon at opendarwin.org
Mon Apr 17 10:01:23 PDT 2006 

http://bugzilla.opendarwin.org/show_bug.cgi?id=8440

           Summary: iExploder(#3327): Crash in StringImpl::initWithQChar()
           Product: WebKit
           Version: 420+ (nightly)
          Platform: Macintosh
        OS/Version: Mac OS X 10.4
            Status: NEW
          Keywords: NeedsReduction, Regression
          Severity: normal
          Priority: P1
         Component: HTML DOM
        AssignedTo: webkit-unassigned at opendarwin.org
        ReportedBy: ap at nypop.com


run-iexploder-tests 3327 (or just open the attached test case).

Thread 0 Crashed:
0   <<00000000>>        0xffff8cc8 __memcpy + 1320 (cpu_capabilities.h:189)
1   com.apple.WebCore           0x019faf38
WebCore::StringImpl::initWithQChar(QChar const*, unsigned) + 168
(StringImpl.cpp:108)
2   com.apple.WebCore           0x019faf94
WebCore::StringImpl::StringImpl[in-charge](QChar const*, unsigned) + 72
(StringImpl.cpp:67)
3   com.apple.WebCore           0x01b7bca8 WebCore::StringImpl::copy() const +
72 (StringImpl.h:75)
4   com.apple.WebCore           0x019f8f40 WebCore::String::copy() const + 96
(String.cpp:306)
5   com.apple.WebCore           0x01780f60
WebCore::HTMLMapElement::parseMappedAttribute(WebCore::MappedAttribute*) + 372
(html_imageimpl.cpp:492)
6   com.apple.WebCore           0x01a9aab8
WebCore::StyledElement::attributeChanged(WebCore::Attribute*, bool) + 772
(StyledElement.cpp:179)
7   com.apple.WebCore           0x01aa8254
WebCore::Element::setAttributeMap(WebCore::NamedAttrMap*) + 756
(Element.cpp:363)
8   com.apple.WebCore           0x0179bd88
WebCore::HTMLParser::parseToken(WebCore::Token*) + 1236 (HTMLParser.cpp:200)
9   com.apple.WebCore           0x0179fd14
WebCore::HTMLTokenizer::processToken() + 564 (HTMLTokenizer.cpp:1628)
10  com.apple.WebCore           0x017a3468
WebCore::HTMLTokenizer::parseTag(WebCore::SegmentedString&,
WebCore::HTMLTokenizer::State) + 7376 (HTMLTokenizer.cpp:1206)
11  com.apple.WebCore           0x017a4094
WebCore::HTMLTokenizer::write(WebCore::SegmentedString const&, bool) + 1744
(HTMLTokenizer.cpp:1432)
12  com.apple.WebCore           0x01890d74 WebCore::Frame::write(char const*,
int) + 952 (Frame.cpp:654)
13  com.apple.WebCore           0x01883e64 WebCore::Frame::addData(char const*,
int) + 340 (Frame.cpp:2599)
14  com.apple.WebCore           0x018c7c20 -[WebCoreFrameBridge addData:] + 224
(WebCoreFrameBridge.mm:547)
15  com.apple.WebKit            0x00335008 -[WebFrameBridge
receivedData:textEncodingName:] + 236 (WebFrameBridge.m:458)
16  com.apple.WebKit            0x0036da8c -[WebHTMLRepresentation
receivedData:withDataSource:] + 248 (WebHTMLRepresentation.m:122)


-- 
Configure bugmail: http://bugzilla.opendarwin.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

More information about the webkit-unassigned mailing list