[Webkit-unassigned] [Bug 21234] New: JavaScript crash for all pages in op_get_by_id_chain opcode

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Tue Sep 30 01:31:23 PDT 2008 

https://bugs.webkit.org/show_bug.cgi?id=21234

           Summary: JavaScript crash for all pages in op_get_by_id_chain
                    opcode
           Product: WebKit
           Version: 528+ (Nightly build)
          Platform: PC
        OS/Version: Windows XP
            Status: UNCONFIRMED
          Severity: Critical
          Priority: P2
         Component: JavaScriptCore
        AssignedTo: webkit-unassigned at lists.webkit.org
        ReportedBy: michael.goffioul at gmail.com


I have compiled WebKit/GTK (SVN from yesterday) on Windows XP with VC++ 2005.
WebKit is configured to use Pango rendering and cURL networking. I am using the
GtkLauncher test program and pre-defined http_proxy variable (as I am behind a
proxy server).

I try to load the page http://www.lesoir.be (but the problem occur for any page
containing javascript) and always a crash with the backtrace below. When the
crash occur, baseObject (in Machine::privateExecute) is always 0x00000002 (as
fas as I can tell, this seems to indicate the immediate jsNull value).

0 libwebkit-1.0-1.dll!JSC::JSCell::structureID()  Line 133 + 0x3 bytes
1 libwebkit-1.0-1.dll!JSC::Machine::privateExecute(JSC::Machine::ExecutionFlag
flag=Normal, JSC::ExecState * exec=0x0012d9f4, JSC::RegisterFile *
registerFile=0x7feb649c, JSC::Register * r=0x7fc6842c, JSC::ScopeChainNode *
scopeChain=0x7f659050, JSC::JSValue * * exception=0x0012e598)  Line 2564 + 0xb
bytes
2 libwebkit-1.0-1.dll!JSC::Machine::execute(JSC::FunctionBodyNode *
functionBodyNode=0x7f507a00, JSC::ExecState * exec=0x0012e590, JSC::JSFunction
* function=0x01b8afc0, JSC::JSObject * thisObj=0x01af2a00, const JSC::ArgList &
args={...}, JSC::ScopeChainNode * scopeChain=0x7ff442f0, JSC::JSValue * *
exception=0x0012e598)  Line 986 + 0x21 bytes
3 libwebkit-1.0-1.dll!JSC::JSFunction::call(JSC::ExecState * exec=0x0012e590,
JSC::JSValue * thisValue=0x01af2a00, const JSC::ArgList & args={...})  Line 71
4 libwebkit-1.0-1.dll!JSC::call(JSC::ExecState * exec=0x0012e590, JSC::JSValue
* functionObject=0x01b8afc0, JSC::CallType callType=CallTypeJS, const
JSC::CallData & callData={...}, JSC::JSValue * thisValue=0x01af2a00, const
JSC::ArgList & args={...})  Line 40
5 libwebkit-1.0-1.dll!JSC::functionProtoFuncApply(JSC::ExecState *
exec=0x0012e590, JSC::JSObject * __formal=0x01af18a0, JSC::JSValue *
thisValue=0x01b8afc0, const JSC::ArgList & args={...})  Line 114 + 0x1d bytes
6 libwebkit-1.0-1.dll!JSC::Machine::privateExecute(JSC::Machine::ExecutionFlag
flag=Normal, JSC::ExecState * exec=0x0012e590, JSC::RegisterFile *
registerFile=0x7feb649c, JSC::Register * r=0x7fc681a8, JSC::ScopeChainNode *
scopeChain=0x7f6dcef0, JSC::JSValue * * exception=0x0012f134)  Line 3327 + 0x1f
bytes
7 libwebkit-1.0-1.dll!JSC::Machine::execute(JSC::FunctionBodyNode *
functionBodyNode=0x7f635280, JSC::ExecState * exec=0x0012f12c, JSC::JSFunction
* function=0x01b8af40, JSC::JSObject * thisObj=0x01af2a00, const JSC::ArgList &
args={...}, JSC::ScopeChainNode * scopeChain=0x7f6dcef0, JSC::JSValue * *
exception=0x0012f134)  Line 986 + 0x21 bytes
8 libwebkit-1.0-1.dll!JSC::JSFunction::call(JSC::ExecState * exec=0x0012f12c,
JSC::JSValue * thisValue=0x01af2a00, const JSC::ArgList & args={...})  Line 71
9 libwebkit-1.0-1.dll!JSC::call(JSC::ExecState * exec=0x0012f12c, JSC::JSValue
* functionObject=0x01b8af40, JSC::CallType callType=CallTypeJS, const
JSC::CallData & callData={...}, JSC::JSValue * thisValue=0x01af2a00, const
JSC::ArgList & args={...})  Line 40
10 libwebkit-1.0-1.dll!JSC::functionProtoFuncApply(JSC::ExecState *
exec=0x0012f12c, JSC::JSObject * __formal=0x01af18a0, JSC::JSValue *
thisValue=0x01b8af40, const JSC::ArgList & args={...})  Line 114 + 0x1d bytes
11 libwebkit-1.0-1.dll!JSC::Machine::privateExecute(JSC::Machine::ExecutionFlag
flag=Normal, JSC::ExecState * exec=0x0012f12c, JSC::RegisterFile *
registerFile=0x7feb649c, JSC::Register * r=0x7fc6814c, JSC::ScopeChainNode *
scopeChain=0x7f613f00, JSC::JSValue * * exception=0x0012fcbc)  Line 3327 + 0x1f
bytes
12 libwebkit-1.0-1.dll!JSC::Machine::execute(JSC::FunctionBodyNode *
functionBodyNode=0x7f635000, JSC::ExecState * exec=0x0012fcb4, JSC::JSFunction
* function=0x01b89300, JSC::JSObject * thisObj=0x01b8af40, const JSC::ArgList &
args={...}, JSC::ScopeChainNode * scopeChain=0x7f613f00, JSC::JSValue * *
exception=0x0012fcbc)  Line 986 + 0x21 bytes
13 libwebkit-1.0-1.dll!JSC::JSFunction::call(JSC::ExecState * exec=0x0012fcb4,
JSC::JSValue * thisValue=0x01b8af40, const JSC::ArgList & args={...})  Line 71
14 libwebkit-1.0-1.dll!JSC::call(JSC::ExecState * exec=0x0012fcb4, JSC::JSValue
* functionObject=0x01b89300, JSC::CallType callType=CallTypeJS, const
JSC::CallData & callData={...}, JSC::JSValue * thisValue=0x01b8af40, const
JSC::ArgList & args={...})  Line 40
15 libwebkit-1.0-1.dll!JSC::functionProtoFuncCall(JSC::ExecState *
exec=0x0012fcb4, JSC::JSObject * __formal=0x01af18e0, JSC::JSValue *
thisValue=0x01b89300, const JSC::ArgList & args={...})  Line 134 + 0x1d bytes
16 libwebkit-1.0-1.dll!JSC::Machine::privateExecute(JSC::Machine::ExecutionFlag
flag=Normal, JSC::ExecState * exec=0x0012fcb4, JSC::RegisterFile *
registerFile=0x7feb649c, JSC::Register * r=0x7fc680b8, JSC::ScopeChainNode *
scopeChain=0x7f659050, JSC::JSValue * * exception=0x7ff460a8)  Line 3327 + 0x1f
bytes
17 libwebkit-1.0-1.dll!JSC::Machine::execute(JSC::FunctionBodyNode *
functionBodyNode=0x7f638780, JSC::ExecState * exec=0x7ff460a0, JSC::JSFunction
* function=0x01b8b400, JSC::JSObject * thisObj=0x01af0000, const JSC::ArgList &
args={...}, JSC::ScopeChainNode * scopeChain=0x7f613e80, JSC::JSValue * *
exception=0x7ff460a8)  Line 986 + 0x21 bytes
18 libwebkit-1.0-1.dll!JSC::JSFunction::call(JSC::ExecState * exec=0x7ff460a0,
JSC::JSValue * thisValue=0x01af0000, const JSC::ArgList & args={...})  Line 71
19 libwebkit-1.0-1.dll!JSC::call(JSC::ExecState * exec=0x7ff460a0, JSC::JSValue
* functionObject=0x01b8b400, JSC::CallType callType=CallTypeJS, const
JSC::CallData & callData={...}, JSC::JSValue * thisValue=0x01af0000, const
JSC::ArgList & args={...})  Line 40
20
libwebkit-1.0-1.dll!WebCore::ScheduledAction::execute(WebCore::JSDOMWindowShell
* windowShell=0x01af0000)  Line 74 + 0x21 bytes
21
libwebkit-1.0-1.dll!WebCore::JSDOMWindowBase::timerFired(WebCore::DOMWindowTimer
* timer=0x00000001)  Line 1648
22 libwebkit-1.0-1.dll!WebCore::DOMWindowTimer::fired()  Line 1699
23 libwebkit-1.0-1.dll!WebCore::TimerBase::fireTimers(double
fireTime=1222762294.6899381, const WTF::Vector<WebCore::TimerBase *,0> &
firingTimers={...})  Line 350
24 libwebkit-1.0-1.dll!WebCore::TimerBase::sharedTimerFired()  Line 368 + 0x17
bytes
25 libwebkit-1.0-1.dll!WebCore::timeout_cb(void * __formal=0x00000000)  Line 49


-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

More information about the webkit-unassigned mailing list