[Webkit-unassigned] [Bug 41948] New: JSC crash visiting page. Regression introduced between r60376-r60462

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Fri Jul 9 03:26:43 PDT 2010 

https://bugs.webkit.org/show_bug.cgi?id=41948

           Summary: JSC crash visiting page. Regression introduced between
                    r60376-r60462
           Product: WebKit
           Version: 528+ (Nightly build)
          Platform: Macintosh Intel
               URL: http://jp.dk/udland/europa/article2121366.ece
        OS/Version: Mac OS X 10.6
            Status: UNCONFIRMED
          Severity: Critical
          Priority: P1
         Component: JavaScriptCore
        AssignedTo: webkit-unassigned at lists.webkit.org
        ReportedBy: speck at vitality.dk


JSC crashes when visiting the page:  http://jp.dk/udland/europa/article2121366.ece

Works in Safari 5, r58209 + r59902

Crashes r60462 + r61502 + r60820 + r61979 + r62096 + r62241 + r62632


Process:         Safari [95225]
Path:            /Applications/Safari.app/Contents/MacOS/Safari
Identifier:      org.webkit.nightly.WebKit
Version:         r62632 (62632)
Code Type:       X86-64 (Native)
Parent Process:  launchd [169]

Date/Time:       2010-07-09 12:02:13.908 +0200
OS Version:      Mac OS X 10.6.4 (10F569)

Exception Type:  EXC_BAD_ACCESS (SIGSEGV)
Exception Codes: 0x000000000000000d, 0x0000000000000000
Crashed Thread:  0  Dispatch queue: com.apple.main-thread

Thread 0 Crashed:  Dispatch queue: com.apple.main-thread
0   com.apple.JavaScriptCore          0x0000000100840977 JSC::JSObject::defaultValue(JSC::ExecState*, JSC::PreferredPrimitiveType) const + 4039
1   com.apple.JavaScriptCore          0x000000010076138d JSC::JSObject::toPrimitive(JSC::ExecState*, JSC::PreferredPrimitiveType) const + 13
2   com.apple.JavaScriptCore          0x000000010083ea09 JSC::JSObject::toString(JSC::ExecState*) const + 57
3   com.apple.JavaScriptCore          0x00000001008c4bfe JSC::stringProtoFuncSubstring(JSC::ExecState*) + 526
4   ???                               0x00004c94dd2001aa 0 + 84202248733098
5   com.apple.JavaScriptCore          0x00000001007cfab0 JSC::Interpreter::execute(JSC::ProgramExecutable*, JSC::ExecState*, JSC::ScopeChainNode*, JSC::JSObject*, JSC::JSValue*) + 528
6   ???                               0x0000000117e5ea00 0 + 4695910912

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

More information about the webkit-unassigned mailing list