[Webkit-unassigned] [Bug 19580] New: <untitled>r34578 crashes with JS enabled, source contained

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Mon Jun 16 08:24:25 PDT 2008 

https://bugs.webkit.org/show_bug.cgi?id=19580

           Summary: <untitled>r34578 crashes with JS enabled, source
                    contained
           Product: WebKit
           Version: 526+ (Nightly build)
          Platform: PC
        OS/Version: Windows XP
            Status: UNCONFIRMED
          Severity: Major
          Priority: P2
         Component: JavaScriptCore
        AssignedTo: webkit-unassigned at lists.webkit.org
        ReportedBy: 808caaa4.8ce9.9cd6c799e9f6 at gmail.com


source:

---
<form name=myForm>
        <textarea name=myText></textarea>
</form>

<script>window.myForm.myText.value='test';</script>
---

debugger outout:
---
Access violation - code c0000005 (!!! second chance !!!)
eax=00000000 ebx=0012f250 ecx=7fd1e3a0 edx=00000020 esi=7fd1e3a0 edi=0012f248
eip=100ad160 esp=0012f1dc ebp=0012f1fc iopl=0         nv up ei pl nz na po nc
cs=001b  ss=0023  ds=0023  es=0023  fs=003b  gs=0000             efl=00000206
WebKit!WebCore__HTMLCollection__resetCollectionInfo+10:
100ad160 8b9800010000     mov     ebx,[eax+0x100]   ds:0023:00000100=????????
0:000> k
ChildEBP RetAddr
0012f1fc 100b592e WebKit!WebCore__HTMLCollection__resetCollectionInfo+0x10
0012f210 100ba061 WebKit!WebCore__HTMLCollection__namedItems+0x1e
0012f230 102cb8c0 WebKit!WebCore__HTMLFormElement__getNamedElements+0x21
0012f258 102669a8 WebKit!WebCore__JSHTMLFormElement__canGetItemsForName+0x40
0012f274 103dc15b WebKit!WebCore__JSHTMLFormElement__getOwnPropertySlot+0x18
0012f2ac 10071956 WebKit!KJS__JSValue__get+0x51
0012f49c 1009dc5f WebKit!KJS__Machine__privateExecute+0x2e86
0012f4f4 1009dad7 WebKit!KJS__Machine__execute+0xcf
0012f53c 1013dfc1 WebKit!KJS__Interpreter__evaluate+0xd7
0012f578 1012ac99 WebKit!WebCore__ScriptController__evaluate+0xb1
0012f594 10023a6e WebKit!WebCore__FrameLoader__executeScript+0x49
0012f758 100326d7 WebKit!WebCore__HTMLTokenizer__scriptExecution+0x10e
0012f7f8 1005e9d9 WebKit!WebCore__HTMLTokenizer__scriptHandler+0x257
0012f830 1005e108 WebKit!WebCore__HTMLTokenizer__parseSpecial+0x369
0012f96c 1005ee32 WebKit!WebCore__HTMLTokenizer__parseTag+0x11a8
7fef7410 00000000 WebKit!WebCore__HTMLTokenizer__write+0x2b2
---

host is safari 4DP(4.526.12.2).


-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

More information about the webkit-unassigned mailing list