[Webkit-unassigned] [Bug 71045] New: Crash in JSC::Structure::materializePropertyMap when viewing Garden-O-Matic
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Thu Oct 27 11:58:05 PDT 2011
https://bugs.webkit.org/show_bug.cgi?id=71045
Summary: Crash in JSC::Structure::materializePropertyMap when
viewing Garden-O-Matic
Product: WebKit
Version: 528+ (Nightly build)
Platform: Macintosh Intel
URL: http://build.webkit.org/TestFailures/garden-o-matic.ht
ml
OS/Version: Mac OS X 10.7
Status: NEW
Severity: Normal
Priority: P2
Component: JavaScriptCore
AssignedTo: webkit-unassigned at lists.webkit.org
ReportedBy: aroben at apple.com
CC: ggaren at apple.com, oliver at apple.com,
barraclough at apple.com,
webkit-bug-importer at group.apple.com, fpizlo at apple.com,
mhahnenberg at apple.com
To reproduce:
1. Go to http://build.webkit.org/TestFailures/garden-o-matic.html
You'll crash! Here's the backtrace:
Thread 0 Crashed:: Dispatch queue: com.apple.main-thread
0 com.apple.JavaScriptCore 0x000000010a2fb587 JSC::Structure::materializePropertyMap(JSC::JSGlobalData&) + 343
1 com.apple.JavaScriptCore 0x000000010a3c0adb JSC::DFG::ByteCodeParser::parseBlock(unsigned int) + 12971
2 com.apple.JavaScriptCore 0x000000010a3bd5d3 JSC::DFG::ByteCodeParser::parseCodeBlock() + 1203
3 com.apple.JavaScriptCore 0x000000010a3c22bf JSC::DFG::ByteCodeParser::parse() + 79
4 com.apple.JavaScriptCore 0x000000010a3c2499 JSC::DFG::parse(JSC::DFG::Graph&, JSC::JSGlobalData*, JSC::CodeBlock*) + 41
5 com.apple.JavaScriptCore 0x000000010a3a70de JSC::DFG::compile(JSC::DFG::CompileMode, JSC::ExecState*, JSC::CodeBlock*, JSC::JITCode&, JSC::MacroAssemblerCodePtr*) + 750
6 com.apple.JavaScriptCore 0x000000010a3a6de7 JSC::DFG::tryCompileFunction(JSC::ExecState*, JSC::CodeBlock*, JSC::JITCode&, JSC::MacroAssemblerCodePtr&) + 23
7 com.apple.JavaScriptCore 0x000000010a3dbf31 JSC::FunctionExecutable::compileForCallInternal(JSC::ExecState*, JSC::ScopeChainNode*, JSC::JITCode::JITType) + 385
8 com.apple.JavaScriptCore 0x000000010a3efb7d cti_optimize_from_ret + 253
9 ??? 0x000037cc8c4ed70e 0 + 61351666833166
10 com.apple.JavaScriptCore 0x000000010a2e383d JSC::Interpreter::executeCall(JSC::ExecState*, JSC::JSObject*, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) + 1421
11 com.apple.JavaScriptCore 0x000000010a2e32ad JSC::call(JSC::ExecState*, JSC::JSValue, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) + 45
12 com.apple.WebCore 0x000000010a63d6d1 WebCore::JSEventListener::handleEvent(WebCore::ScriptExecutionContext*, WebCore::Event*) + 1153
13 com.apple.WebCore 0x000000010a63d184 WebCore::EventTarget::fireEventListeners(WebCore::Event*, WebCore::EventTargetData*, WTF::Vector<WebCore::RegisteredEventListener, 1ul>&) + 356
14 com.apple.WebCore 0x000000010a5f4bfd WebCore::EventTarget::dispatchEvent(WTF::PassRefPtr<WebCore::Event>) + 141
15 com.apple.WebCore 0x000000010a83b28d WebCore::XMLHttpRequestProgressEventThrottle::dispatchEvent(WTF::PassRefPtr<WebCore::Event>, WebCore::ProgressEventAction) + 61
16 com.apple.WebCore 0x000000010a83b043 WebCore::XMLHttpRequest::callReadyStateChangeListener() + 339
17 com.apple.WebCore 0x000000010a83e847 WebCore::XMLHttpRequest::didFinishLoading(unsigned long, double) + 407
18 com.apple.WebCore 0x000000010ac5aafa WebCore::DocumentThreadableLoader::notifyFinished(WebCore::CachedResource*) + 426
19 com.apple.WebCore 0x000000010a661d37 WebCore::CachedResource::checkNotify() + 151
20 com.apple.WebCore 0x000000010ac0aa05 WebCore::CachedRawResource::data(WTF::PassRefPtr<WebCore::SharedBuffer>, bool) + 453
21 com.apple.WebCore 0x000000010a65e64a WebCore::CachedResourceRequest::didFinishLoading(WebCore::SubresourceLoader*, double) + 202
22 com.apple.WebCore 0x000000010a65e4f8 WebCore::SubresourceLoader::didFinishLoading(double) + 56
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list