RESOLVED WORKSFORME 16919
Crash in FunctionCallDotNode::evaluate @ partlyhuman.com 
https://bugs.webkit.org/show_bug.cgi?id=16919
Summary Crash in FunctionCallDotNode::evaluate @ partlyhuman.com
Geoffrey Garen
Reported 2008-01-17 20:53:32 PST
<rdar://problem/5694080> Visit http://www.partlyhuman.com/blog/roger/aliased-text-mac-eclipse --> crash Regressed at r29425, the ActivationImp change. Thread 0 Crashed: 0 com.apple.JavaScriptCore 0x0030c0a9 KJS::FunctionCallDotNode::evaluate(KJS::ExecState*) + 281 1 com.apple.JavaScriptCore 0x00364639 KJS::AssignLocalVarNode::evaluate(KJS::ExecState*) + 25 2 com.apple.JavaScriptCore 0x0030e649 KJS::ExprStatementNode::execute(KJS::ExecState*) + 25 3 com.apple.JavaScriptCore 0x0030b870 KJS::BlockNode::execute(KJS::ExecState*) + 64 4 com.apple.JavaScriptCore 0x0035c65e KJS::IfElseNode::execute(KJS::ExecState*) + 78 5 com.apple.JavaScriptCore 0x0030b870 KJS::BlockNode::execute(KJS::ExecState*) + 64 6 com.apple.JavaScriptCore 0x003119e6 KJS::ForNode::execute(KJS::ExecState*) + 102 7 com.apple.JavaScriptCore 0x0035c92a KJS::CaseBlockNode::executeBlock(KJS::ExecState*, KJS::JSValue*) + 586 8 com.apple.JavaScriptCore 0x003257bf KJS::SwitchNode::execute(KJS::ExecState*) + 79 9 com.apple.JavaScriptCore 0x003815e1 KJS::FunctionBodyNode::execute(KJS::ExecState*) + 433 10 com.apple.JavaScriptCore 0x0030e7a9 KJS::FunctionImp::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List const&) + 73 11 com.apple.JavaScriptCore 0x00312b70 KJS::FunctionCallResolveNode::evaluate(KJS::ExecState*) + 896 12 com.apple.JavaScriptCore 0x0036071b KJS::ArgumentListNode::evaluateList(KJS::ExecState*, KJS::List&) + 43 13 com.apple.JavaScriptCore 0x0030c13b KJS::FunctionCallDotNode::evaluate(KJS::ExecState*) + 427 14 com.apple.JavaScriptCore 0x00364639 KJS::AssignLocalVarNode::evaluate(KJS::ExecState*) + 25 15 com.apple.JavaScriptCore 0x0030e649 KJS::ExprStatementNode::execute(KJS::ExecState*) + 25 16 com.apple.JavaScriptCore 0x0030b870 KJS::BlockNode::execute(KJS::ExecState*) + 64 17 com.apple.JavaScriptCore 0x003119e6 KJS::ForNode::execute(KJS::ExecState*) + 102 18 com.apple.JavaScriptCore 0x003815e1 KJS::FunctionBodyNode::execute(KJS::ExecState*) + 433 19 com.apple.JavaScriptCore 0x0030e7a9 KJS::FunctionImp::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List const&) + 73 20 com.apple.JavaScriptCore 0x00312b70 KJS::FunctionCallResolveNode::evaluate(KJS::ExecState*) + 896 21 com.apple.JavaScriptCore 0x00364639 KJS::AssignLocalVarNode::evaluate(KJS::ExecState*) + 25 22 com.apple.JavaScriptCore 0x0030ba29 KJS::VarStatementNode::execute(KJS::ExecState*) + 25 23 com.apple.JavaScriptCore 0x003815e1 KJS::FunctionBodyNode::execute(KJS::ExecState*) + 433 24 com.apple.JavaScriptCore 0x0030e7a9 KJS::FunctionImp::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List const&) + 73 25 com.apple.JavaScriptCore 0x0034b1dc KJS::functionProtoFuncApply(KJS::ExecState*, KJS::JSObject*, KJS::List const&) + 588 26 com.apple.JavaScriptCore 0x0030c2b6 KJS::FunctionCallDotNode::evaluate(KJS::ExecState*) + 806 27 com.apple.JavaScriptCore 0x0030e649 KJS::ExprStatementNode::execute(KJS::ExecState*) + 25 28 com.apple.JavaScriptCore 0x0030b870 KJS::BlockNode::execute(KJS::ExecState*) + 64 29 com.apple.JavaScriptCore 0x003119e6 KJS::ForNode::execute(KJS::ExecState*) + 102 30 com.apple.JavaScriptCore 0x003815e1 KJS::FunctionBodyNode::execute(KJS::ExecState*) + 433 31 com.apple.JavaScriptCore 0x0030e7a9 KJS::FunctionImp::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List const&) + 73 32 com.apple.JavaScriptCore 0x00321237 KJS::JSObject::call(KJS::ExecState*, KJS::JSObject*, KJS::List const&) + 135 33 com.apple.WebCore 0x00a93eb9 WebCore::JSAbstractEventListener::handleEvent(WebCore::Event*, bool) + 1401 34 com.apple.WebCore 0x00a0a906 WebCore::Document::handleWindowEvent(WebCore::Event*, bool) + 166 35 com.apple.WebCore 0x00a0a670 WebCore::EventTargetNode::dispatchWindowEvent(WebCore::AtomicString const&, bool, bool) + 192 36 com.apple.WebCore 0x009fb236 WebCore::Document::implicitClose() + 262 37 com.apple.WebCore 0x009bcd9a WebCore::FrameLoader::checkCompleted() + 170 38 com.apple.WebCore 0x00a278c2 WebCore::Loader::didFinishLoading(WebCore::SubresourceLoader*) + 290 39 com.apple.WebCore 0x00a255a1 WebCore::SubresourceLoader::didFinishLoading() + 49 40 com.apple.WebCore 0x00a23888 -[WebCoreResourceHandleAsDelegate connectionDidFinishLoading:] + 72 41 com.apple.Foundation 0x94a9d907 -[NSURLConnection(NSURLConnectionReallyInternal) sendDidFinishLoading] + 87 42 com.apple.Foundation 0x94a9d894 _NSURLConnectionDidFinishLoading + 68 43 com.apple.CFNetwork 0x958c97eb sendDidFinishLoadingCallback + 148 44 com.apple.CFNetwork 0x958c6918 _CFURLConnectionSendCallbacks + 1994 45 com.apple.CFNetwork 0x958c60d1 muxerSourcePerform + 283 46 com.apple.CoreFoundation 0x9260f62e CFRunLoopRunSpecific + 3166 47 com.apple.CoreFoundation 0x9260fd18 CFRunLoopRunInMode + 88 48 com.apple.HIToolbox 0x94cd9780 RunCurrentEventLoopInMode + 283 49 com.apple.HIToolbox 0x94cd9599 ReceiveNextEventCommon + 374 50 com.apple.HIToolbox 0x94cd940d BlockUntilNextEventMatchingListInMode + 106 51 com.apple.AppKit 0x95c69771 _DPSNextEvent + 657 52 com.apple.AppKit 0x95c69026 -[NSApplication nextEventMatchingMask:untilDate:inMode:dequeue:] + 128 53 com.apple.Safari 0x0000e7ae 0x1000 + 55214 54 com.apple.AppKit 0x95c6205d -[NSApplication run] + 795 55 com.apple.AppKit 0x95c2f2a2 NSApplicationMain + 574 56 com.apple.Safari 0x00007b96 0x1000 + 27542
Attachments
Add attachment proposed patch, testcase, etc.
Cameron Zwarich (cpst)
Comment 1 2008-02-05 16:04:14 PST
I couldn't reproduce this myself, but does it still happen after r29997?
Cameron Zwarich (cpst)
Comment 2 2008-06-06 22:30:36 PDT
This no longer happens.
Note You need to log in before you can comment on or make changes to this bug.