[Webkit-unassigned] [Bug 48049] New: REGRESSION: Crash in http/tests/xmlhttprequest/origin-whitelisting-removal.html
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Thu Oct 21 01:58:38 PDT 2010
https://bugs.webkit.org/show_bug.cgi?id=48049
Summary: REGRESSION: Crash in
http/tests/xmlhttprequest/origin-whitelisting-removal.
html
Product: WebKit
Version: 528+ (Nightly build)
Platform: Macintosh
OS/Version: Mac OS X 10.5
Status: NEW
Keywords: NeedsReduction, Regression
Severity: Normal
Priority: P2
Component: JavaScriptCore
AssignedTo: webkit-unassigned at lists.webkit.org
ReportedBy: ddkilzer at webkit.org
CC: ggaren at apple.com, oliver at apple.com,
barraclough at apple.com
* SUMMARY
LayoutTests/http/tests/xmlhttprequest/origin-whitelisting-removal.html crashes every time it's run.
* STEPS TO REPRODUCE
1. $ ./WebKitTools/Scripts/build-webkit --debug
2. $ ./WebKitTools/Scripts/run-webkit-tests --debug LayoutTests/http/tests/xmlhttprequest/origin-whitelisting-removal.html
* RESULTS
Crash.
* REGRESSION
This is a recent regression.
* NOTES
Stack trace:
Exception Type: EXC_BAD_ACCESS (SIGSEGV)
Exception Codes: KERN_INVALID_ADDRESS at 0x0000000000000026
Crashed Thread: 0 Dispatch queue: com.apple.main-thread
Thread 0 Crashed: Dispatch queue: com.apple.main-thread
0 com.apple.JavaScriptCore 0x00000001001adeac JSC::Interpreter::throwException(JSC::ExecState*&, JSC::JSValue&, unsigned int, bool) + 1070 (Interpreter.cpp:684)
1 com.apple.JavaScriptCore 0x00000001001d3452 cti_vm_throw + 234 (JITStubs.cpp:3634)
2 com.apple.JavaScriptCore 0x00000001001d21cd jscGeneratedNativeCode + 0 (JITStubs.cpp:1007)
3 com.apple.JavaScriptCore 0x00000001001b0c5c JSC::JITCode::execute(JSC::RegisterFile*, JSC::ExecState*, JSC::JSGlobalData*, JSC::JSValue*) + 76 (JITCode.h:77)
4 com.apple.JavaScriptCore 0x00000001001ab5df JSC::Interpreter::execute(JSC::CallFrameClosure&, JSC::JSValue*) + 213 (Interpreter.cpp:1034)
5 com.apple.JavaScriptCore 0x0000000100131780 JSC::CachedCall::call() + 104 (CachedCall.h:52)
6 com.apple.JavaScriptCore 0x000000010012a8d6 JSC::arrayProtoFuncForEach(JSC::ExecState*) + 631 (ArrayPrototype.cpp:822)
7 ??? 0x0000223892a001aa 0 + 37626373472682
8 com.apple.JavaScriptCore 0x00000001001b0c5c JSC::JITCode::execute(JSC::RegisterFile*, JSC::ExecState*, JSC::JSGlobalData*, JSC::JSValue*) + 76 (JITCode.h:77)
9 com.apple.JavaScriptCore 0x00000001001accd1 JSC::Interpreter::execute(JSC::ProgramExecutable*, JSC::ExecState*, JSC::ScopeChainNode*, JSC::JSObject*, JSC::JSValue*) + 995 (Interpreter.cpp:754)
10 com.apple.JavaScriptCore 0x000000010017c7a7 JSC::evaluate(JSC::ExecState*, JSC::ScopeChain&, JSC::SourceCode const&, JSC::JSValue) + 484 (Completion.cpp:63)
11 com.apple.WebCore 0x00000001015ae368 WebCore::JSMainThreadExecState::evaluate(JSC::ExecState*, JSC::ScopeChain&, JSC::SourceCode const&, JSC::JSValue) + 58 (JSMainThreadExecState.h:54)
12 com.apple.WebCore 0x000000010196ef52 WebCore::ScriptController::evaluateInWorld(WebCore::ScriptSourceCode const&, WebCore::DOMWrapperWorld*, WebCore::ShouldAllowXSS) + 478 (ScriptController.cpp:148)
13 com.apple.WebCore 0x000000010196f10c WebCore::ScriptController::evaluate(WebCore::ScriptSourceCode const&, WebCore::ShouldAllowXSS) + 58 (ScriptController.cpp:172)
14 com.apple.WebCore 0x0000000101974a8a WebCore::ScriptController::executeScript(WebCore::ScriptSourceCode const&, WebCore::ShouldAllowXSS) + 142 (ScriptControllerBase.cpp:62)
15 com.apple.WebCore 0x000000010134e899 WebCore::HTMLScriptRunner::executeScript(WebCore::ScriptSourceCode const&) const + 205 (HTMLScriptRunner.cpp:154)
[...]
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list