10955 – REGRESSION: Reproducible crash when viewing a stock line graph on yahoo finance.

Bug 10955 - REGRESSION: Reproducible crash when viewing a stock line graph on yahoo finance.

Summary: REGRESSION: Reproducible crash when viewing a stock line graph on yahoo finance.

Status:	RESOLVED DUPLICATE of bug 10837

Alias:	None

Product:	WebKit
Classification:	Unclassified
Component:	WebCore JavaScript (show other bugs)
Version:	420+
Hardware:	Mac OS X 10.4

Importance:	P1 Normal
Assignee:	Nobody

URL:	http://finance.yahoo.com/charts#symbo...
Keywords:	NeedsReduction, Regression

Duplicates (1):	18180 (view as bug list)
Depends on:
Blocks:

Reported:	2006-09-20 14:33 PDT by Troy Brandt
Modified:	2008-03-28 17:12 PDT (History)
CC List:	2 users (show)

See Also:

Attachments
Full crash log. (24.92 KB, text/plain) 2006-09-20 14:35 PDT, Troy Brandt	no flags	Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Troy Brandt 2006-09-20 14:33:46 PDT

When loading this page:

<http://finance.yahoo.com/charts#symbol=NMEN.OB;range=1d>

WebKit crashes just after the page completes rendering. This is true in nightly r16400. The page loads fine in Safari 2.0.4 (419.3). Here's the crashed thread:

Thread 0 Crashed:
0   com.apple.WebCore              	0x010fbe4c WebCore::Frame::jScript() + 28
1   com.apple.WebCore              	0x012b7804 KJS::Window::retrieve(WebCore::Frame*) + 20
2   com.apple.WebCore              	0x012b7964 KJS::Window::retrieveWindow(WebCore::Frame*) + 20
3   com.apple.WebCore              	0x012b1208 KJS::JSHTMLDocument::getValueProperty(KJS::ExecState*, int) const + 712
4   com.apple.JavaScriptCore       	0x00139280 KJS::JSObject::get(KJS::ExecState*, KJS::Identifier const&) const + 176
5   com.apple.JavaScriptCore       	0x0012c90c KJS::FunctionCallDotNode::evaluate(KJS::ExecState*) + 60
6   com.apple.JavaScriptCore       	0x00131568 KJS::ExprStatementNode::execute(KJS::ExecState*) + 104
7   com.apple.JavaScriptCore       	0x0013493c KJS::SourceElementsNode::execute(KJS::ExecState*) + 252
8   com.apple.JavaScriptCore       	0x00131498 KJS::BlockNode::execute(KJS::ExecState*) + 152
9   com.apple.JavaScriptCore       	0x001344ec KJS::TryNode::execute(KJS::ExecState*) + 108
10  com.apple.JavaScriptCore       	0x00134a18 KJS::SourceElementsNode::execute(KJS::ExecState*) + 472
11  com.apple.JavaScriptCore       	0x00131498 KJS::BlockNode::execute(KJS::ExecState*) + 152
12  com.apple.JavaScriptCore       	0x0011e278 KJS::DeclaredFunctionImp::execute(KJS::ExecState*) + 56
13  com.apple.JavaScriptCore       	0x0011dc90 KJS::FunctionImp::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List const&) + 448
14  com.apple.JavaScriptCore       	0x0013a0c4 KJS::JSObject::call(KJS::ExecState*, KJS::JSObject*, KJS::List const&) + 116
15  com.apple.JavaScriptCore       	0x0012cb58 KJS::FunctionCallDotNode::evaluate(KJS::ExecState*) + 648
16  com.apple.JavaScriptCore       	0x00131568 KJS::ExprStatementNode::execute(KJS::ExecState*) + 104
17  com.apple.JavaScriptCore       	0x00134a18 KJS::SourceElementsNode::execute(KJS::ExecState*) + 472
18  com.apple.JavaScriptCore       	0x00131498 KJS::BlockNode::execute(KJS::ExecState*) + 152
19  com.apple.JavaScriptCore       	0x0011e278 KJS::DeclaredFunctionImp::execute(KJS::ExecState*) + 56
20  com.apple.JavaScriptCore       	0x0011dc90 KJS::FunctionImp::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List const&) + 448
21  com.apple.JavaScriptCore       	0x0013a0c4 KJS::JSObject::call(KJS::ExecState*, KJS::JSObject*, KJS::List const&) + 116
22  com.apple.JavaScriptCore       	0x0012cb58 KJS::FunctionCallDotNode::evaluate(KJS::ExecState*) + 648
23  com.apple.JavaScriptCore       	0x00131568 KJS::ExprStatementNode::execute(KJS::ExecState*) + 104
24  com.apple.JavaScriptCore       	0x0013493c KJS::SourceElementsNode::execute(KJS::ExecState*) + 252
25  com.apple.JavaScriptCore       	0x00131498 KJS::BlockNode::execute(KJS::ExecState*) + 152
26  com.apple.JavaScriptCore       	0x0011e278 KJS::DeclaredFunctionImp::execute(KJS::ExecState*) + 56
27  com.apple.JavaScriptCore       	0x0011dc90 KJS::FunctionImp::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List const&) + 448
28  com.apple.JavaScriptCore       	0x0013a0c4 KJS::JSObject::call(KJS::ExecState*, KJS::JSObject*, KJS::List const&) + 116
29  com.apple.WebCore              	0x012bbd30 KJS::ScheduledAction::execute(KJS::Window*) + 224
30  com.apple.WebCore              	0x012bc03c KJS::Window::timerFired(KJS::DOMWindowTimer*) + 108
31  com.apple.WebCore              	0x01250e8c WebCore::TimerBase::fireTimers(double, WTF::Vector<WebCore::TimerBase*, (unsigned long)0> const&) + 156
32  com.apple.WebCore              	0x01250f20 WebCore::TimerBase::sharedTimerFired() + 112
33  com.apple.CoreFoundation       	0x907ef550 __CFRunLoopDoTimer + 184
34  com.apple.CoreFoundation       	0x907dbec8 __CFRunLoopRun + 1680
35  com.apple.CoreFoundation       	0x907db47c CFRunLoopRunSpecific + 268
36  com.apple.HIToolbox            	0x931eb740 RunCurrentEventLoopInMode + 264
37  com.apple.HIToolbox            	0x931eadd4 ReceiveNextEventCommon + 380
38  com.apple.HIToolbox            	0x931eac40 BlockUntilNextEventMatchingListInMode + 96
39  com.apple.AppKit               	0x93714ae4 _DPSNextEvent + 384
40  com.apple.AppKit               	0x937147a8 -[NSApplication nextEventMatchingMask:untilDate:inMode:dequeue:] + 116
41  com.apple.Safari               	0x00006740 0x1000 + 22336
42  com.apple.AppKit               	0x93710cec -[NSApplication run] + 472
43  com.apple.AppKit               	0x9380187c NSApplicationMain + 452
44  com.apple.Safari               	0x0005c77c 0x1000 + 374652
45  com.apple.Safari               	0x0005c624 0x1000 + 374308

Full crash will be attached.

Comment 1 Troy Brandt 2006-09-20 14:35:41 PDT

Created attachment 10674 [details]
Full crash log.

Comment 2 Alexey Proskuryakov 2006-09-20 21:22:14 PDT

=================
ASSERTION FAILED: p (/Users/ap/WebKit/WebCore/bindings/js/kjs_window.cpp:379 static KJS::JSValue* KJS::Window::retrieve(WebCore::Frame*))
=================

Comment 3 mitz 2006-09-20 22:27:21 PDT


*** This bug has been marked as a duplicate of 10837 ***

Comment 4 mitz 2008-03-28 17:12:53 PDT

*** Bug 18180 has been marked as a duplicate of this bug. ***