[Webkit-unassigned] [Bug 17408] Reproducible crash below Node::querySelectorAll under guard malloc

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Sun Feb 17 07:52:22 PST 2008 

http://bugs.webkit.org/show_bug.cgi?id=17408





------- Comment #3 from mrowe at apple.com  2008-02-17 07:52 PDT -------
Created an attachment (id=19174)
 --> (http://bugs.webkit.org/attachment.cgi?id=19174&action=view)
Common crash log without Guard Malloc

Top of crash log:

Exception Type:  EXC_BAD_ACCESS (SIGBUS)
Exception Codes: KERN_PROTECTION_FAILURE at 0x0000000000000008
Crashed Thread:  0

Thread 0 Crashed:
0   com.apple.JavaScriptCore            0x002ba27f void
WTF::deleteAllValues<KJS::ParserRefCounted*, WTF::HashTable<int, int,
WTF::IdentityExtractor<int>, WTF::IntHash<int>, WTF::HashTraits<int>,
WTF::HashTraits<int> > const>(WTF::HashTable<int, int,
WTF::IdentityExtractor<int>, WTF::IntHash<int>, WTF::HashTraits<int>,
WTF::HashTraits<int> > const&) + 75 (HashSet.h:308)
1   com.apple.JavaScriptCore            0x002ba2d9 void
WTF::deleteAllValues<KJS::ParserRefCounted*,
WTF::PtrHash<KJS::ParserRefCounted*>, WTF::HashTraits<KJS::ParserRefCounted*>
>(WTF::HashSet<KJS::ParserRefCounted*, WTF::PtrHash<KJS::ParserRefCounted*>,
WTF::HashTraits<KJS::ParserRefCounted*> > const&) + 17 (HashSet.h:314)
2   com.apple.JavaScriptCore            0x0026f49d
KJS::ParserRefCounted::deleteNewObjects() + 273 (nodes.cpp:209)
3   com.apple.JavaScriptCore            0x002a51ef KJS::Parser::parse(int,
KJS::UChar const*, unsigned int, int*, int*, KJS::UString*) + 237
(Parser.cpp:65)
4   com.apple.JavaScriptCore            0x002d7b12
WTF::PassRefPtr<KJS::ProgramNode>
KJS::Parser::parse<KJS::ProgramNode>(KJS::UString const&, int, KJS::UChar
const*, unsigned int, int*, int*, KJS::UString*) + 78 (Parser.h:83)
5   com.apple.JavaScriptCore            0x002a531f
KJS::Interpreter::evaluate(KJS::ExecState*, KJS::UString const&, int,
KJS::UChar const*, int, KJS::JSValue*) + 221 (interpreter.cpp:95)
6   com.apple.WebCore                   0x02131da3
WebCore::KJSProxy::evaluate(WebCore::String const&, int, WebCore::String
const&) + 223 (kjs_proxy.cpp:87)
7   com.apple.WebCore                   0x01cfb784
WebCore::FrameLoader::executeScript(WebCore::String const&, int,
WebCore::String const&) + 110 (FrameLoader.cpp:759)
8   com.apple.WebCore                   0x01d78076
WebCore::HTMLTokenizer::scriptExecution(WebCore::String const&,
WebCore::HTMLTokenizer::State, WebCore::String const&, int) + 276
(HTMLTokenizer.cpp:521)
9   com.apple.WebCore                   0x01d78483
WebCore::HTMLTokenizer::notifyFinished(WebCore::CachedResource*) + 661
(HTMLTokenizer.cpp:1709)
10  com.apple.WebCore                   0x01bd3d40
WebCore::CachedScript::checkNotify() + 68 (CachedScript.cpp:97)
11  com.apple.WebCore                   0x01bd3ea1
WebCore::CachedScript::data(WTF::PassRefPtr<WebCore::SharedBuffer>, bool) + 279
(CachedScript.cpp:89)
12  com.apple.WebCore                   0x0213a4e4
WebCore::Loader::didFinishLoading(WebCore::SubresourceLoader*) + 308
(loader.cpp:113)
13  com.apple.WebCore                   0x020b2c43
WebCore::SubresourceLoader::didFinishLoading() + 169
(SubresourceLoader.cpp:195)
14  com.apple.WebCore                   0x01fb92a4
WebCore::ResourceLoader::didFinishLoading(WebCore::ResourceHandle*) + 24
(ResourceLoader.cpp:374)


-- 
Configure bugmail: http://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

More information about the webkit-unassigned mailing list