[Webkit-unassigned] [Bug 20396] Abort caused by failed allocation due to invalid counter/attr

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Fri Aug 15 08:14:06 PDT 2008 

https://bugs.webkit.org/show_bug.cgi?id=20396


mrowe at apple.com changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |mrowe at apple.com
             Status|UNCONFIRMED                 |NEW
     Ever Confirmed|0                           |1
           Keywords|                            |HasReduction, NeedsRadar,
                   |                            |ReviewedForRadar
            Summary|access violation caused by  |Abort caused by failed
                   |invalid counter/attr        |allocation due to invalid
                   |                            |counter/attr




------- Comment #1 from mrowe at apple.com  2008-08-15 08:14 PDT -------
Safari(77064,0xa0314d00) malloc: *** mmap(size=2276515840) failed (error
code=12)
*** error: can't allocate region
*** set a breakpoint in malloc_error_break to debug

Program received signal SIGABRT, Aborted.
0x934e970a in __kill ()
(gdb) bt
#0  0x934e970a in __kill ()
#1  0x934e96fd in kill$UNIX2003 ()
#2  0x9355d75f in raise ()
#3  0x9356f205 in abort ()
#4  0x00444080 in WTF::fastMalloc (n=2276512446) at FastMalloc.cpp:192
#5  0x0288a47f in WebCore::newUCharVector (n=3285739871) at
WebCore/platform/text/StringImpl.cpp:52
#6  0x0288d3b2 in WebCore::StringImpl::StringImpl (this=0x1b2c0e70,
characters=0x4745d548, length=3285739871) at
WebCore/platform/text/StringImpl.cpp:79
#7  0x0288cb19 in WebCore::StringImpl::create (characters=0x4745d548,
length=3285739871) at WebCore/platform/text/StringImpl.cpp:1019
#8  0x02887874 in WebCore::String::String (this=0xbfff9b5c, str=0x4745d548,
len=3285739871) at WebCore/platform/text/String.cpp:50
#9  0x022b76ab in WebCore::CSSParserString::operator WebCore::String
(this=0x45e32b4) at CSSParserValues.h:36
#10 0x022c8f9e in WebCore::CSSParser::parseCounterContent (this=0xbfffb2ec,
args=0x45e32a0, counters=false) at WebCore/css/CSSParser.cpp:2658
#11 0x022ccd6e in WebCore::CSSParser::parseContent (this=0xbfffb2ec,
propId=1036, important=false) at WebCore/css/CSSParser.cpp:1972
#12 0x022ce7fe in WebCore::CSSParser::parseValue (this=0xbfffb2ec, propId=1036,
important=false) at WebCore/css/CSSParser.cpp:618
#13 0x022b63a0 in cssyyparse (parser=0xbfffb2ec) at CSSGrammar.y:1211

Confirmed with TOT WebKit.


-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

More information about the webkit-unassigned mailing list