[Webkit-unassigned] [Bug 18934] New: SQUIRRELFISH: ASSERT @ nytimes.com due to invalid exception table entry
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Wed May 7 21:48:20 PDT 2008
http://bugs.webkit.org/show_bug.cgi?id=18934
Summary: SQUIRRELFISH: ASSERT @ nytimes.com due to invalid
exception table entry
Product: WebKit
Version: 526+ (Nightly build)
Platform: Macintosh
URL: http://nytimes.com
OS/Version: Mac OS X 10.5
Status: NEW
Keywords: SquirrelFishBlocker
Severity: Normal
Priority: P2
Component: JavaScriptCore
AssignedTo: webkit-unassigned at lists.webkit.org
ReportedBy: ggaren at apple.com
TO REPRODUCE:
1. navigate to nytimes.com
-> crash
ASSERTION FAILED: addressOffset < instructions.size()
(/Volumes/Big/ggaren/Labyrinth/OpenSource/JavaScriptCore/VM/CodeBlock.cpp:541
bool KJS::CodeBlock::getHandlerForVPC(const KJS::Instruction*,
KJS::Instruction*&, int&))
Program received signal: EXC_BAD_ACCESS.
Script URL:
http://pagead2.googlesyndication.com/pagead/show_ads.js
Script:
m_buffer = 0x1a0d1000 "(function(){?var
f=document,j=navigator,l=window;function da(){var b=f.cookie,a=Math.round((new
Date).getTime()/1000),c=b.indexOf(\"__utma=\")>-1,e=b.indexOf(\"__utmb=\")>-1,d=b.indexOf(\"__utmc=\")>-1,g,i="...,
m_capacity = 19864
Top of Backtrace:
#0 0x00651cfe in KJS::CodeBlock::getHandlerForVPC (this=0x19d40000,
vPC=0x19d48280, target=@0xbfffccb0, scopeDepth=@0xbfffccb4) at
/Volumes/Big/ggaren/Labyrinth/OpenSource/JavaScriptCore/VM/CodeBlock.cpp:541
#1 0x0063bd43 in KJS::Machine::throwException (this=0x682760, exec=0xbfffdab4,
exceptionValue=0x19d4b260, registerBase=0x18037680, vPC=0x19d48280,
codeBlock=@0xbfffda98, k=@0xbfffce08, scopeChain=@0xbfffda94, r=@0xbfffda90) at
/Volumes/Big/ggaren/Labyrinth/OpenSource/JavaScriptCore/VM/Machine.cpp:539
#2 0x00641a92 in KJS::Machine::privateExecute (this=0x682760,
flag=KJS::Machine::Normal, exec=0xbfffdab4, registerFile=0x18037670,
r=0x6c26bef0, scopeChain=0x19fe7270, codeBlock=0x19d40000,
exception=0xbfffdb4c) at
/Volumes/Big/ggaren/Labyrinth/OpenSource/JavaScriptCore/VM/Machine.cpp:2008
#3 0x00642303 in KJS::Machine::execute (this=0x682760, programNode=0x19fb8760,
exec=0x19bc9c8c, scopeChain=0x18037660, thisObj=0x19d40000,
registerFileStack=0x19bc9c68, exception=0xbfffdb4c) at
/Volumes/Big/ggaren/Labyrinth/OpenSource/JavaScriptCore/VM/Machine.cpp:577
#4 0x005e2e5b in KJS::Interpreter::evaluate (exec=0x19bc9c8c,
scopeChain=@0x19bc9c88, sourceURL=@0xbfffdbd4, startingLineNumber=0,
code=0x19ed5000, codeLength=19863, thisValue=0x19d40000) at interpreter.cpp:84
#5 0x024282e7 in WebCore::KJSProxy::evaluate (this=0x152c2dc0,
filename=@0xbfffde08, baseLine=0, str=@0xbfffde8c) at
/Volumes/Big/ggaren/Labyrinth/OpenSource/WebCore/bindings/js/kjs_proxy.cpp:87
#6 0x01fea437 in WebCore::FrameLoader::executeScript (this=0x409b800,
url=@0xbfffde08, baseLine=0, script=@0xbfffde8c) at
/Volumes/Big/ggaren/Labyrinth/OpenSource/WebCore/loader/FrameLoader.cpp:771
#7 0x0206e53e in WebCore::HTMLTokenizer::scriptExecution (this=0x418d200,
str=@0xbfffde8c, state={static EntityShift = 4, m_bits = 0},
scriptURL=@0xbfffde88, baseLine=0) at
/Volumes/Big/ggaren/Labyrinth/OpenSource/WebCore/html/HTMLTokenizer.cpp:540
--
Configure bugmail: http://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
More information about the webkit-unassigned
mailing list