[Webkit-unassigned] [Bug 16155] REGRESSION: Webkit nightly r28069 crashes on wikipedia.org

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Tue Nov 27 23:05:21 PST 2007


http://bugs.webkit.org/show_bug.cgi?id=16155





------- Comment #6 from ddkilzer at webkit.org  2007-11-27 23:05 PDT -------
With a local debug build of WebKit r28072 with Safari 3.0.4 (523.12) on Mac OS
X 10.4.11 (8S165), this is printed to the console:

ASSERTION FAILED: !HashTranslator::equal(KeyTraits::emptyValue(), key)
(./wtf/HashTable.h:433 Value* WTF::HashTable<Key, Value, Extractor,
HashFunctions, Traits, KeyTraits>::lookup(const T&) [with T = unsigned int,
HashTranslator = WTF::IdentityHashTranslator<unsigned int, std::pair<unsigned
int, int>, WTF::IntHash<unsigned int> >, Key = unsigned int, Value =
std::pair<unsigned int, int>, Extractor =
WTF::PairFirstExtractor<std::pair<unsigned int, int> >, HashFunctions =
WTF::IntHash<unsigned int>, Traits =
WTF::PairHashTraits<WTF::HashTraits<unsigned int>, WTF::HashTraits<int32_t> >,
KeyTraits = WTF::HashTraits<unsigned int>])

The stack trace looks like this:

Exception:  EXC_BAD_ACCESS (0x0001)
Codes:      KERN_INVALID_ADDRESS (0x0001) at 0xbbadbeef

Thread 0 Crashed:
0   com.apple.JavaScriptCore            0x00637e90 std::pair<unsigned, int>*
WTF::HashTable<unsigned, std::pair<unsigned, int>,
WTF::PairFirstExtractor<std::pair<unsigned, int> >, WTF::IntHash<unsigned>,
WTF::PairHashTraits<WTF::HashTraits<unsigned>, WTF::HashTraits<int> >,
WTF::HashTraits<unsigned> >::lookup<unsigned,
WTF::IdentityHashTranslator<unsigned, std::pair<unsigned, int>,
WTF::IntHash<unsigned> > >(unsigned const&) + 184 (HashTable.h:433)
1   com.apple.JavaScriptCore            0x0063845c
WTF::HashTableIterator<unsigned, std::pair<unsigned, int>,
WTF::PairFirstExtractor<std::pair<unsigned, int> >, WTF::IntHash<unsigned>,
WTF::PairHashTraits<WTF::HashTraits<unsigned>, WTF::HashTraits<int> >,
WTF::HashTraits<unsigned> > WTF::HashTable<unsigned, std::pair<unsigned, int>,
WTF::PairFirstExtractor<std::pair<unsigned, int> >, WTF::IntHash<unsigned>,
WTF::PairHashTraits<WTF::HashTraits<unsigned>, WTF::HashTraits<int> >,
WTF::HashTraits<unsigned> >::find<unsigned,
WTF::IdentityHashTranslator<unsigned, std::pair<unsigned, int>,
WTF::IntHash<unsigned> > >(unsigned const&) + 80 (HashTable.h:736)
2   com.apple.JavaScriptCore            0x006384e4 WTF::HashTable<unsigned,
std::pair<unsigned, int>, WTF::PairFirstExtractor<std::pair<unsigned, int> >,
WTF::IntHash<unsigned>, WTF::PairHashTraits<WTF::HashTraits<unsigned>,
WTF::HashTraits<int> >, WTF::HashTraits<unsigned> >::find(unsigned const&) + 52
(HashTable.h:314)
3   com.apple.JavaScriptCore            0x00638534 WTF::HashMap<unsigned,
KJS::JSValue*, WTF::IntHash<unsigned>, WTF::HashTraits<unsigned>,
WTF::HashTraits<KJS::JSValue*> >::find(unsigned const&) + 56 (HashMap.h:251)
4   com.apple.JavaScriptCore            0x00665214
KJS::ArrayInstance::inlineGetOwnPropertySlot(KJS::ExecState*, unsigned,
KJS::PropertySlot&) + 328 (array_instance.cpp:155)
5   com.apple.JavaScriptCore            0x00598728
KJS::ArrayInstance::getOwnPropertySlot(KJS::ExecState*, unsigned,
KJS::PropertySlot&) + 56 (array_instance.cpp:181)
6   com.apple.JavaScriptCore            0x00571354
KJS::JSObject::getPropertySlot(KJS::ExecState*, unsigned, KJS::PropertySlot&) +
88 (object.cpp:182)
7   com.apple.JavaScriptCore            0x00597c9c
KJS::JSObject::get(KJS::ExecState*, unsigned) const + 52 (object.cpp:171)
8   com.apple.JavaScriptCore            0x0067124c
KJS::BracketAccessorNode::inlineEvaluate(KJS::ExecState*) + 328 (nodes.cpp:744)
9   com.apple.JavaScriptCore            0x005b3018
KJS::BracketAccessorNode::evaluate(KJS::ExecState*) + 40 (nodes.cpp:750)
10  com.apple.JavaScriptCore            0x005b1bd8
KJS::TypeOfValueNode::evaluate(KJS::ExecState*) + 84 (nodes.cpp:1700)
11  com.apple.JavaScriptCore            0x0066ff88
KJS::EqualNode::inlineEvaluateToBoolean(KJS::ExecState*) + 84 (nodes.cpp:2774)
12  com.apple.JavaScriptCore            0x005b015c
KJS::EqualNode::evaluateToBoolean(KJS::ExecState*) + 40 (nodes.cpp:2789)
13  com.apple.JavaScriptCore            0x005ad754
KJS::IfNode::execute(KJS::ExecState*) + 204 (nodes.cpp:3743)
14  com.apple.JavaScriptCore            0x00583bac
KJS::statementListExecute(WTF::Vector<WTF::RefPtr<KJS::StatementNode>,
(unsigned long)0>&, KJS::ExecState*) + 148 (nodes.cpp:3662)
15  com.apple.JavaScriptCore            0x00583d8c
KJS::BlockNode::execute(KJS::ExecState*) + 72 (nodes.cpp:3696)
16  com.apple.JavaScriptCore            0x005ad894
KJS::IfNode::execute(KJS::ExecState*) + 524 (nodes.cpp:3755)
17  com.apple.JavaScriptCore            0x00583bac
KJS::statementListExecute(WTF::Vector<WTF::RefPtr<KJS::StatementNode>,
(unsigned long)0>&, KJS::ExecState*) + 148 (nodes.cpp:3662)
18  com.apple.JavaScriptCore            0x00583d8c
KJS::BlockNode::execute(KJS::ExecState*) + 72 (nodes.cpp:3696)
19  com.apple.JavaScriptCore            0x005a9c34
KJS::FunctionBodyNode::execute(KJS::ExecState*) + 68 (nodes.cpp:4582)
20  com.apple.JavaScriptCore            0x00570778
KJS::FunctionImp::execute(KJS::ExecState*) + 96 (function.cpp:253)
21  com.apple.JavaScriptCore            0x005b6c08
KJS::FunctionImp::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List
const&) + 464 (function.cpp:94)
22  com.apple.JavaScriptCore            0x0059b4c4
KJS::JSObject::call(KJS::ExecState*, KJS::JSObject*, KJS::List const&) + 304
(object.cpp:95)
23  com.apple.JavaScriptCore            0x00672244
KJS::FunctionCallResolveNode::inlineEvaluate(KJS::ExecState*) + 824
(nodes.cpp:1005)
24  com.apple.JavaScriptCore            0x005c366c
KJS::FunctionCallResolveNode::evaluate(KJS::ExecState*) + 40 (nodes.cpp:1015)
25  com.apple.JavaScriptCore            0x005ad99c
KJS::ExprStatementNode::execute(KJS::ExecState*) + 204 (nodes.cpp:3720)
26  com.apple.JavaScriptCore            0x00583bac
KJS::statementListExecute(WTF::Vector<WTF::RefPtr<KJS::StatementNode>,
(unsigned long)0>&, KJS::ExecState*) + 148 (nodes.cpp:3662)
27  com.apple.JavaScriptCore            0x00583d8c
KJS::BlockNode::execute(KJS::ExecState*) + 72 (nodes.cpp:3696)
28  com.apple.JavaScriptCore            0x005a9c34
KJS::FunctionBodyNode::execute(KJS::ExecState*) + 68 (nodes.cpp:4582)
29  com.apple.JavaScriptCore            0x005d1ac0
KJS::Interpreter::evaluate(KJS::UString const&, int, KJS::UChar const*, int,
KJS::JSValue*) + 928 (interpreter.cpp:381)
30  com.apple.WebCore                   0x0160ddec
WebCore::KJSProxy::evaluate(WebCore::String const&, int, WebCore::String
const&) + 280 (kjs_proxy.cpp:87)
31  com.apple.WebCore                   0x011b44f8
WebCore::FrameLoader::executeScript(WebCore::String const&, int,
WebCore::String const&) + 128 (FrameLoader.cpp:759)
32  com.apple.WebCore                   0x011b45d4
WebCore::FrameLoader::executeScript(WebCore::String const&, bool) + 136
(FrameLoader.cpp:747)
33  com.apple.WebCore                   0x01612d7c
KJS::ScheduledAction::execute(KJS::Window*) + 1252 (kjs_window.cpp:1702)
34  com.apple.WebCore                   0x01612e78
KJS::Window::timerFired(KJS::DOMWindowTimer*) + 104 (kjs_window.cpp:1819)
35  com.apple.WebCore                   0x016130a8 KJS::DOMWindowTimer::fired()
+ 72 (kjs_window.cpp:2126)
36  com.apple.WebCore                   0x015a46b8
WebCore::TimerBase::fireTimers(double, WTF::Vector<WebCore::TimerBase*,
(unsigned long)0> const&) + 240 (Timer.cpp:339)
37  com.apple.WebCore                   0x015a4798
WebCore::TimerBase::sharedTimerFired() + 132 (Timer.cpp:359)
38  com.apple.WebCore                   0x0157ccdc
WebCore::timerFired(__CFRunLoopTimer*, void*) + 140 (SharedTimerMac.cpp:85)
39  com.apple.CoreFoundation            0x907f14b0 __CFRunLoopDoTimer + 184
40  com.apple.CoreFoundation            0x907dde28 __CFRunLoopRun + 1680
41  com.apple.CoreFoundation            0x907dd3dc CFRunLoopRunSpecific + 268
42  com.apple.HIToolbox                 0x9329eb20 RunCurrentEventLoopInMode +
264
43  com.apple.HIToolbox                 0x9329e1b4 ReceiveNextEventCommon + 380
44  com.apple.HIToolbox                 0x9329e020
BlockUntilNextEventMatchingListInMode + 96
45  com.apple.AppKit                    0x937a4bc4 _DPSNextEvent + 384
46  com.apple.AppKit                    0x937a4888 -[NSApplication
nextEventMatchingMask:untilDate:inMode:dequeue:] + 116
47  com.apple.Safari                    0x000095e0 0x1000 + 34272
48  com.apple.AppKit                    0x937a0dcc -[NSApplication run] + 472
49  com.apple.AppKit                    0x93891974 NSApplicationMain + 452
50  com.apple.Safari                    0x0009bad4 0x1000 + 633556
51  com.apple.Safari                    0x000022fc 0x1000 + 4860


-- 
Configure bugmail: http://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.



More information about the webkit-unassigned mailing list