[Webkit-unassigned] [Bug 10955] New: Reproducible crash when viewing a stock line graph on yahoo finance.

bugzilla-daemon at opendarwin.org bugzilla-daemon at opendarwin.org
Wed Sep 20 14:33:58 PDT 2006 

http://bugzilla.opendarwin.org/show_bug.cgi?id=10955

           Summary: Reproducible crash when viewing a stock line graph on
                    yahoo finance.
           Product: WebKit
           Version: 420+ (nightly)
          Platform: Macintosh
               URL: http://finance.yahoo.com/charts#symbol=NMEN.OB;range=1d
        OS/Version: Mac OS X 10.4
            Status: UNCONFIRMED
          Severity: normal
          Priority: P1
         Component: JavaScriptCore
        AssignedTo: webkit-unassigned at opendarwin.org
        ReportedBy: troyb at omnigroup.com


When loading this page:

<http://finance.yahoo.com/charts#symbol=NMEN.OB;range=1d>

WebKit crashes just after the page completes rendering. This is true in nightly
r16400. The page loads fine in Safari 2.0.4 (419.3). Here's the crashed thread:

Thread 0 Crashed:
0   com.apple.WebCore                   0x010fbe4c WebCore::Frame::jScript() +
28
1   com.apple.WebCore                   0x012b7804
KJS::Window::retrieve(WebCore::Frame*) + 20
2   com.apple.WebCore                   0x012b7964
KJS::Window::retrieveWindow(WebCore::Frame*) + 20
3   com.apple.WebCore                   0x012b1208
KJS::JSHTMLDocument::getValueProperty(KJS::ExecState*, int) const + 712
4   com.apple.JavaScriptCore            0x00139280
KJS::JSObject::get(KJS::ExecState*, KJS::Identifier const&) const + 176
5   com.apple.JavaScriptCore            0x0012c90c
KJS::FunctionCallDotNode::evaluate(KJS::ExecState*) + 60
6   com.apple.JavaScriptCore            0x00131568
KJS::ExprStatementNode::execute(KJS::ExecState*) + 104
7   com.apple.JavaScriptCore            0x0013493c
KJS::SourceElementsNode::execute(KJS::ExecState*) + 252
8   com.apple.JavaScriptCore            0x00131498
KJS::BlockNode::execute(KJS::ExecState*) + 152
9   com.apple.JavaScriptCore            0x001344ec
KJS::TryNode::execute(KJS::ExecState*) + 108
10  com.apple.JavaScriptCore            0x00134a18
KJS::SourceElementsNode::execute(KJS::ExecState*) + 472
11  com.apple.JavaScriptCore            0x00131498
KJS::BlockNode::execute(KJS::ExecState*) + 152
12  com.apple.JavaScriptCore            0x0011e278
KJS::DeclaredFunctionImp::execute(KJS::ExecState*) + 56
13  com.apple.JavaScriptCore            0x0011dc90
KJS::FunctionImp::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List
const&) + 448
14  com.apple.JavaScriptCore            0x0013a0c4
KJS::JSObject::call(KJS::ExecState*, KJS::JSObject*, KJS::List const&) + 116
15  com.apple.JavaScriptCore            0x0012cb58
KJS::FunctionCallDotNode::evaluate(KJS::ExecState*) + 648
16  com.apple.JavaScriptCore            0x00131568
KJS::ExprStatementNode::execute(KJS::ExecState*) + 104
17  com.apple.JavaScriptCore            0x00134a18
KJS::SourceElementsNode::execute(KJS::ExecState*) + 472
18  com.apple.JavaScriptCore            0x00131498
KJS::BlockNode::execute(KJS::ExecState*) + 152
19  com.apple.JavaScriptCore            0x0011e278
KJS::DeclaredFunctionImp::execute(KJS::ExecState*) + 56
20  com.apple.JavaScriptCore            0x0011dc90
KJS::FunctionImp::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List
const&) + 448
21  com.apple.JavaScriptCore            0x0013a0c4
KJS::JSObject::call(KJS::ExecState*, KJS::JSObject*, KJS::List const&) + 116
22  com.apple.JavaScriptCore            0x0012cb58
KJS::FunctionCallDotNode::evaluate(KJS::ExecState*) + 648
23  com.apple.JavaScriptCore            0x00131568
KJS::ExprStatementNode::execute(KJS::ExecState*) + 104
24  com.apple.JavaScriptCore            0x0013493c
KJS::SourceElementsNode::execute(KJS::ExecState*) + 252
25  com.apple.JavaScriptCore            0x00131498
KJS::BlockNode::execute(KJS::ExecState*) + 152
26  com.apple.JavaScriptCore            0x0011e278
KJS::DeclaredFunctionImp::execute(KJS::ExecState*) + 56
27  com.apple.JavaScriptCore            0x0011dc90
KJS::FunctionImp::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List
const&) + 448
28  com.apple.JavaScriptCore            0x0013a0c4
KJS::JSObject::call(KJS::ExecState*, KJS::JSObject*, KJS::List const&) + 116
29  com.apple.WebCore                   0x012bbd30
KJS::ScheduledAction::execute(KJS::Window*) + 224
30  com.apple.WebCore                   0x012bc03c
KJS::Window::timerFired(KJS::DOMWindowTimer*) + 108
31  com.apple.WebCore                   0x01250e8c
WebCore::TimerBase::fireTimers(double, WTF::Vector<WebCore::TimerBase*,
(unsigned long)0> const&) + 156
32  com.apple.WebCore                   0x01250f20
WebCore::TimerBase::sharedTimerFired() + 112
33  com.apple.CoreFoundation            0x907ef550 __CFRunLoopDoTimer + 184
34  com.apple.CoreFoundation            0x907dbec8 __CFRunLoopRun + 1680
35  com.apple.CoreFoundation            0x907db47c CFRunLoopRunSpecific + 268
36  com.apple.HIToolbox                 0x931eb740 RunCurrentEventLoopInMode +
264
37  com.apple.HIToolbox                 0x931eadd4 ReceiveNextEventCommon + 380
38  com.apple.HIToolbox                 0x931eac40
BlockUntilNextEventMatchingListInMode + 96
39  com.apple.AppKit                    0x93714ae4 _DPSNextEvent + 384
40  com.apple.AppKit                    0x937147a8 -[NSApplication
nextEventMatchingMask:untilDate:inMode:dequeue:] + 116
41  com.apple.Safari                    0x00006740 0x1000 + 22336
42  com.apple.AppKit                    0x93710cec -[NSApplication run] + 472
43  com.apple.AppKit                    0x9380187c NSApplicationMain + 452
44  com.apple.Safari                    0x0005c77c 0x1000 + 374652
45  com.apple.Safari                    0x0005c624 0x1000 + 374308

Full crash will be attached.


-- 
Configure bugmail: http://bugzilla.opendarwin.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

More information about the webkit-unassigned mailing list