[Webkit-unassigned] [Bug 18389] New: REGRESSION (r31746?): Crash in JSDOMWindowWrapper::mark loading digg.com

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Wed Apr 9 10:27:51 PDT 2008 

http://bugs.webkit.org/show_bug.cgi?id=18389

           Summary: REGRESSION (r31746?): Crash in JSDOMWindowWrapper::mark
                    loading digg.com
           Product: WebKit
           Version: 526+ (Nightly build)
          Platform: Macintosh
               URL: http://digg.com
        OS/Version: Mac OS X 10.5
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: HTML DOM
        AssignedTo: webkit-unassigned at lists.webkit.org
        ReportedBy: aroben at apple.com
                CC: sam at webkit.org


I'm seeing a crash in JSDOMWindowWrapper::mark when loading digg.com.
Presumably this is a regression caused by r31746
<http://trac.webkit.org/projects/webkit/changeset/31746>

Backtrace:

#0      0x023aba32 in WebCore::JSDOMWindowWrapper::mark at
JSDOMWindowWrapper.cpp:63
#1      0x005ce4c4 in KJS::Collector::markStackObjectsConservatively at
collector.cpp:520
#2      0x005ce517 in KJS::Collector::markCurrentThreadConservatively at
collector.cpp:548
#3      0x005ce66a in KJS::Collector::markStackObjectsConservatively at
collector.cpp:693
#4      0x005dc3e7 in KJS::Collector::collect at collector.cpp:936
#5      0x0062c5d5 in KJS::Collector::heapAllocate<(KJS::Collector::HeapType)0>
at collector.cpp:245
#6      0x005dc491 in KJS::Collector::allocate at collector.cpp:292
#7      0x005dc4a5 in KJS::JSCell::operator new at value.cpp:85
#8      0x0065342f in KJS::JSGlobalObject::reset at JSGlobalObject.cpp:253
#9      0x0065543c in KJS::JSGlobalObject::init at JSGlobalObject.cpp:146
#10     0x02384edd in KJS::JSGlobalObject::JSGlobalObject at
JSGlobalObject.h:153
#11     0x0237efdb in WebCore::JSDOMWindowBase::JSDOMWindowBase at
JSDOMWindowBase.cpp:197
#12     0x01fec810 in WebCore::JSDOMWindow::JSDOMWindow at JSDOMWindow.cpp:428
#13     0x01fec83c in WebCore::JSDOMWindow::JSDOMWindow at JSDOMWindow.cpp:430
#14     0x023342cc in WebCore::KJSProxy::initScript at kjs_proxy.cpp:148
#15     0x01fbacc8 in WebCore::KJSProxy::initScriptIfNeeded at kjs_proxy.h:86
#16     0x01ee2a81 in WebCore::KJSProxy::windowWrapper at kjs_proxy.h:51
#17     0x0237d872 in WebCore::toJSDOMWindow at JSDOMWindowBase.cpp:1432
#18     0x0232e222 in WebCore::allowsAccessFromFrame at kjs_binding.cpp:347
#19     0x0232e288 in WebCore::checkNodeSecurity at kjs_binding.cpp:340
#20     0x02019059 in WebCore::JSHTMLIFrameElement::getValueProperty at
JSHTMLIFrameElement.cpp:180
#21     0x02019852 in KJS::staticValueGetter<WebCore::JSHTMLIFrameElement> at
lookup.h:109
#22     0x00619d62 in KJS::PropertySlot::getValue at property_slot.h:49
#23     0x005cd952 in KJS::JSObject::get at object.cpp:164
#24     0x00647f07 in KJS::DotAccessorNode::inlineEvaluate at nodes.cpp:961
#25     0x005f9bdc in KJS::DotAccessorNode::evaluate at nodes.cpp:966
#26     0x005f71e2 in KJS::AssignLocalVarNode::evaluate at nodes.cpp:3554
#27     0x005f668d in KJS::ExprStatementNode::execute at nodes.cpp:3993
#28     0x005d9af9 in statementListExecute at nodes.cpp:3946
#29     0x005d9b86 in KJS::BlockNode::execute at nodes.cpp:3971
#30     0x005f65db in KJS::IfNode::execute at nodes.cpp:4030
#31     0x005d9af9 in statementListExecute at nodes.cpp:3946
#32     0x005d9b86 in KJS::BlockNode::execute at nodes.cpp:3971
#33     0x005f6556 in KJS::IfElseNode::execute at nodes.cpp:4048
#34     0x005d9af9 in statementListExecute at nodes.cpp:3946
#35     0x005d9b86 in KJS::BlockNode::execute at nodes.cpp:3971
#36     0x005f65db in KJS::IfNode::execute at nodes.cpp:4030
#37     0x005d9af9 in statementListExecute at nodes.cpp:3946
#38     0x005d9b86 in KJS::BlockNode::execute at nodes.cpp:3971
#39     0x005f6556 in KJS::IfElseNode::execute at nodes.cpp:4048
#40     0x005d9af9 in statementListExecute at nodes.cpp:3946
#41     0x005d9b86 in KJS::BlockNode::execute at nodes.cpp:3971
#42     0x005e7940 in KJS::FunctionBodyNode::execute at nodes.cpp:4890
#43     0x005e8092 in KJS::FunctionImp::callAsFunction at function.cpp:77
#44     0x005efc86 in KJS::JSObject::call at object.cpp:96
#45     0x00649442 in KJS::FunctionCallDotNode::inlineEvaluate at
nodes.cpp:1495
#46     0x00606e66 in KJS::FunctionCallDotNode::evaluate at nodes.cpp:1500
#47     0x005f668d in KJS::ExprStatementNode::execute at nodes.cpp:3993
#48     0x005d9af9 in statementListExecute at nodes.cpp:3946
#49     0x005d9b86 in KJS::BlockNode::execute at nodes.cpp:3971
#50     0x005e7940 in KJS::FunctionBodyNode::execute at nodes.cpp:4890
#51     0x005e8092 in KJS::FunctionImp::callAsFunction at function.cpp:77
#52     0x005efc86 in KJS::JSObject::call at object.cpp:96
#53     0x00649442 in KJS::FunctionCallDotNode::inlineEvaluate at
nodes.cpp:1495
#54     0x00606e66 in KJS::FunctionCallDotNode::evaluate at nodes.cpp:1500
#55     0x005f668d in KJS::ExprStatementNode::execute at nodes.cpp:3993
#56     0x005d9af9 in statementListExecute at nodes.cpp:3946
#57     0x005d9b86 in KJS::BlockNode::execute at nodes.cpp:3971
#58     0x005e7aee in KJS::ProgramNode::execute at nodes.cpp:4878
#59     0x00615e6e in KJS::Interpreter::evaluate at interpreter.cpp:103
#60     0x02334652 in WebCore::KJSProxy::evaluate at kjs_proxy.cpp:86
#61     0x01ef223d in WebCore::FrameLoader::executeScript at
FrameLoader.cpp:783
#62     0x01f7720a in WebCore::HTMLTokenizer::scriptExecution at
HTMLTokenizer.cpp:540
#63     0x01f78919 in WebCore::HTMLTokenizer::scriptHandler at
HTMLTokenizer.cpp:480
#64     0x01f78f61 in WebCore::HTMLTokenizer::parseSpecial at
HTMLTokenizer.cpp:330
#65     0x01f7af3d in WebCore::HTMLTokenizer::parseTag at
HTMLTokenizer.cpp:1492
#66     0x01f7b8e9 in WebCore::HTMLTokenizer::write at HTMLTokenizer.cpp:1727
#67     0x01f77776 in WebCore::HTMLTokenizer::notifyFinished at
HTMLTokenizer.cpp:2008
#68     0x01dcb0f4 in WebCore::CachedScript::checkNotify at CachedScript.cpp:95
#69     0x01dcb255 in WebCore::CachedScript::data at CachedScript.cpp:85
#70     0x02336312 in WebCore::Loader::Host::didFinishLoading at loader.cpp:268
#71     0x022ce077 in WebCore::SubresourceLoader::didFinishLoading at
SubresourceLoader.cpp:193
#72     0x021c867e in WebCore::ResourceLoader::didFinishLoading at
ResourceLoader.cpp:370
#73     0x021c5dd3 in -[WebCoreResourceHandleAsDelegate
connectionDidFinishLoading:] at ResourceHandleMac.mm:521


-- 
Configure bugmail: http://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

More information about the webkit-unassigned mailing list