[Webkit-unassigned] [Bug 6693] New: Safari hangs then crashes at http://cnx.rice.edu/content/m11268/latest/ (crash in __memcpy)
bugzilla-daemon at opendarwin.org
bugzilla-daemon at opendarwin.org
Fri Jan 20 18:35:48 PST 2006
http://bugzilla.opendarwin.org/show_bug.cgi?id=6693
Summary: Safari hangs then crashes at
http://cnx.rice.edu/content/m11268/latest/ (crash in
__memcpy)
Product: WebKit
Version: 420+ (nightly)
Platform: Macintosh
URL: http://cnx.rice.edu/content/m11268/latest/
OS/Version: Mac OS X 10.0
Status: NEW
Keywords: NeedsReduction, InRadar
Severity: major
Priority: P1
Component: JavaScript
AssignedTo: webkit-unassigned at opendarwin.org
ReportedBy: alice.liu at apple.com
This bug is also in Radar as <rdar://4415273>
Summary:
Safari hangs when visiting http://cnx.rice.edu/content/m11268/latest/
Steps to Reproduce:
0. MacOS 10.4.4 (8G32)
1. Launch Safari
2. Type "http://cnx.rice.edu/content/m11268/latest/" into address bar and press
return
Expected Results:
Safari should show the page (or at least make an effort)
Actual Results:
Safari hangs -- must force quit.
Regression:
Didn't regress.
Notes:
Firefox 1.5 does not hang on this page, though it does report some missing
fonts.
'pwp-pb15.spx' was successfully uploaded
-------------------------------------------
<GMT19-Jan-2006 21:54:53GMT> Paul Placeway:
Please assign to Developer ADCBugs for further communications with the
developer.
<GMT21-Jan-2006 02:20:07GMT> Alice Liu:
Denver and Glendale hang for long periods. TOT hangs (see attached sample)
with
KJS::Collector::markStackObjectsConservatively(void*, void*)
KJS::SimpleNumber::is(KJS::JSValue const*)
at the top when viewed with HotSpotFinder, and then after a while crashes with
this trace:
Thread 0 Crashed:
0 <<00000000>> 0xffff87c4 __memcpy + 36 (cpu_capabilities.h:189)
1 com.apple.JavaScriptCore 0x015f6dc4
KJS::UString::UString[in-charge](KJS::UString const&, KJS::UString const&) +
948 (ustring.cpp:474)
2 com.apple.JavaScriptCore 0x0163e7ac KJS::operator+(KJS::UString const&,
KJS::UString const&) + 52 (ustring.h:500)
3 com.apple.JavaScriptCore 0x015e8fdc KJS::add(KJS::ExecState*,
KJS::JSValue*, KJS::JSValue*, char) + 292 (operations.cpp:225)
4 com.apple.JavaScriptCore 0x015d7b28
KJS::AddNode::evaluate(KJS::ExecState*) + 356 (nodes.cpp:1056)
5 com.apple.JavaScriptCore 0x015e10e0
KJS::AssignResolveNode::evaluate(KJS::ExecState*) + 640 (nodes.cpp:1317)
6 com.apple.JavaScriptCore 0x015d6b3c
KJS::ExprStatementNode::execute(KJS::ExecState*) + 220 (nodes.cpp:1605)
7 com.apple.JavaScriptCore 0x015dbd14
KJS::ForNode::execute(KJS::ExecState*) + 1036 (nodes.cpp:1745)
8 com.apple.JavaScriptCore 0x015d59f4
KJS::SourceElementsNode::execute(KJS::ExecState*) + 616 (nodes.cpp:2335)
9 com.apple.JavaScriptCore 0x015d424c
KJS::BlockNode::execute(KJS::ExecState*) + 216 (nodes.cpp:1582)
10 com.apple.JavaScriptCore 0x015dcd8c
KJS::IfNode::execute(KJS::ExecState*) + 500 (nodes.cpp:1624)
11 com.apple.JavaScriptCore 0x015d59f4
KJS::SourceElementsNode::execute(KJS::ExecState*) + 616 (nodes.cpp:2335)
12 com.apple.JavaScriptCore 0x015d424c
KJS::BlockNode::execute(KJS::ExecState*) + 216 (nodes.cpp:1582)
13 com.apple.JavaScriptCore 0x015bc218
KJS::DeclaredFunctionImp::execute(KJS::ExecState*) + 92 (function.cpp:339)
14 com.apple.JavaScriptCore 0x015bb914
KJS::FunctionImp::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List
const&) + 700 (function.cpp:110)
15 com.apple.JavaScriptCore 0x015e7df0 KJS::JSObject::call(KJS::ExecState*,
KJS::JSObject*, KJS::List const&) + 288 (object.cpp:96)
16 com.apple.JavaScriptCore 0x015df7c4
KJS::FunctionCallResolveNode::evaluate(KJS::ExecState*) + 820 (nodes.cpp:570)
17 com.apple.JavaScriptCore 0x015d6b3c
KJS::ExprStatementNode::execute(KJS::ExecState*) + 220 (nodes.cpp:1605)
18 com.apple.JavaScriptCore 0x015d59f4
KJS::SourceElementsNode::execute(KJS::ExecState*) + 616 (nodes.cpp:2335)
19 com.apple.JavaScriptCore 0x015d424c
KJS::BlockNode::execute(KJS::ExecState*) + 216 (nodes.cpp:1582)
20 com.apple.JavaScriptCore 0x015cbd68
KJS::InterpreterImp::evaluate(KJS::UChar const*, int, KJS::JSValue*,
KJS::UString const&, int) + 1028 (internal.cpp:682)
21 com.apple.JavaScriptCore 0x015cc5ec
KJS::Interpreter::evaluate(KJS::UString const&, int, KJS::UChar const*, int,
KJS::JSValue*) + 100 (interpreter.cpp:121)
22 com.apple.WebCore 0x01ca2aac
KJSProxyImpl::evaluate(WebCore::DOMString const&, int, WebCore::DOMString
const&, WebCore::NodeImpl*) + 296 (kjs_proxy.cpp:63)
23 com.apple.WebCore 0x01e381fc Frame::executeScript(QString, int,
WebCore::NodeImpl*, QString const&) + 160 (Frame.cpp:2521)
24 com.apple.WebCore 0x01cecd94
WebCore::HTMLTokenizer::scriptExecution(QString const&,
WebCore::HTMLTokenizer::State, QString, int) + 496 (htmltokenizer.cpp:485)
25 com.apple.WebCore 0x01cefc2c
WebCore::HTMLTokenizer::scriptHandler(WebCore::HTMLTokenizer::State) + 1568
(htmltokenizer.cpp:425)
26 com.apple.WebCore 0x01cf030c
WebCore::HTMLTokenizer::parseSpecial(WebCore::SegmentedString&,
WebCore::HTMLTokenizer::State) + 1292 (htmltokenizer.cpp:292)
27 com.apple.WebCore 0x01cf2810
WebCore::HTMLTokenizer::parseTag(WebCore::SegmentedString&,
WebCore::HTMLTokenizer::State) + 7732 (htmltokenizer.cpp:1262)
28 com.apple.WebCore 0x01cf3220
WebCore::HTMLTokenizer::write(WebCore::SegmentedString const&, bool) + 1776
(htmltokenizer.cpp:1467)
29 com.apple.WebCore 0x01ced2b0
WebCore::HTMLTokenizer::notifyFinished(WebCore::CachedObject*) + 816
(htmltokenizer.cpp:1784)
30 com.apple.WebCore 0x01e944e0 WebCore::CachedScript::checkNotify()
+ 140 (CachedScript.cpp:111)
31 com.apple.WebCore 0x01e94670
WebCore::CachedScript::data(QBuffer&, bool) + 276 (CachedScript.cpp:103)
32 com.apple.WebCore 0x01e97368
WebCore::Loader::slotFinished(KIO::Job*, NSData*) + 804 (loader.cpp:168)
33 com.apple.WebCore 0x01d1d368 KWQSlot::callWithData(KIO::Job*,
NSData*) const + 108 (KWQSlot.cpp:320)
34 com.apple.WebCore 0x01d1be74 KWQSignal::callWithData(KIO::Job*,
NSData*) const + 232 (KWQSignal.cpp:183)
35 com.apple.WebCore 0x01c14898
KIO::TransferJob::emitResult(NSData*) + 72 (KWQKJobClasses.mm:242)
36 com.apple.WebCore 0x01d20440 -[KWQResourceLoader
finishJobAndHandle:] + 128 (KWQResourceLoader.mm:95)
37 com.apple.WebCore 0x01d206ec -[KWQResourceLoader finishWithData:]
+ 200 (KWQResourceLoader.mm:126)
38 com.apple.WebKit 0x01242444 -[WebSubresourceLoader
didFinishLoading] + 132 (WebSubresourceLoader.m:218)
39 com.apple.WebKit 0x01251304 -[WebLoader
connectionDidFinishLoading:] + 184 (WebLoader.m:663)
40 com.apple.Foundation 0x90b4acdc
-[NSURLConnection(NSURLConnectionInternal) _sendDidFinishLoadingCallback] + 188
41 com.apple.Foundation 0x90b48f48
-[NSURLConnection(NSURLConnectionInternal) _sendCallbacks] + 556
42 com.apple.Foundation 0x90b48ca0 _sendCallbacks + 156
43 com.apple.CoreFoundation 0x902b0a68 __CFRunLoopDoSources0 + 384
44 com.apple.CoreFoundation 0x902aff98 __CFRunLoopRun + 452
45 com.apple.CoreFoundation 0x902afa18 CFRunLoopRunSpecific + 268
46 com.apple.HIToolbox 0x920531e0 RunCurrentEventLoopInMode + 264
47 com.apple.HIToolbox 0x92052874 ReceiveNextEventCommon + 380
48 com.apple.HIToolbox 0x920526e0
BlockUntilNextEventMatchingListInMode + 96
49 com.apple.AppKit 0x9253f104 _DPSNextEvent + 384
50 com.apple.AppKit 0x9253edc8 -[NSApplication
nextEventMatchingMask:untilDate:inMode:dequeue:] + 116
51 com.apple.Safari 0x00030ec4 -[BrowserApplication
nextEventMatchingMask:untilDate:inMode:dequeue:] + 292
(BrowserApplication.m:152)
52 com.apple.AppKit 0x9253b30c -[NSApplication run] + 472
53 com.apple.AppKit 0x9262be68 NSApplicationMain + 452
54 com.apple.Safari 0x000f7d90 main + 156 (main.m:23)
55 com.apple.Safari 0x00002814 _start + 344 (crt.c:272)
56 com.apple.Safari 0x000026b8 start + 60
--
Configure bugmail: http://bugzilla.opendarwin.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
More information about the webkit-unassigned
mailing list