Bug 16031
| Summary: | Webkit crashes on digg.com comment page | ||
|---|---|---|---|
| Product: | WebKit | Reporter: | Brad <brkemper> |
| Component: | JavaScriptCore | Assignee: | Nobody <webkit-unassigned> |
| Status: | RESOLVED DUPLICATE | ||
| Severity: | Normal | ||
| Priority: | P2 | ||
| Version: | 528+ (Nightly build) | ||
| Hardware: | Mac | ||
| OS: | OS X 10.4 | ||
| URL: | http://digg.com | ||
Brad
Only occurs when JavaScript is turned on, so it could have something to due with their extensive JavaScript, or could be something in their Flash-based ads (which don't load without JavaScript).
Date/Time: 2007-11-17 13:17:28.208 -0800
OS Version: 10.4.10 (Build 8R218)
Report Version: 4
Command: Safari
Path: /Applications/Safari.app/Contents/MacOS/Safari
Parent: WindowServer [78]
Version: r27683 (27683)
PID: 4917
Thread: 0
Exception: EXC_BAD_ACCESS (0x0001)
Codes: KERN_PROTECTION_FAILURE (0x0002) at 0x00000000
Thread 0 Crashed:
0 com.apple.JavaScriptCore 0x004943f0 KJS::typeStringForValue(KJS::JSValue*) + 80
1 com.apple.JavaScriptCore 0x004a1c54 KJS::EqualNode::evaluateToBoolean(KJS::ExecState*) + 52
2 com.apple.JavaScriptCore 0x00498054 KJS::IfNode::execute(KJS::ExecState*) + 100
3 com.apple.JavaScriptCore 0x00455dc0 KJS::BlockNode::execute(KJS::ExecState*) + 160
4 com.apple.JavaScriptCore 0x004980f8 KJS::IfNode::execute(KJS::ExecState*) + 264
5 com.apple.JavaScriptCore 0x004cdcb0 KJS::FunctionBodyNode::execute(KJS::ExecState*) + 1920
6 com.apple.JavaScriptCore 0x00453088 KJS::FunctionImp::execute(KJS::ExecState*) + 56
7 com.apple.JavaScriptCore 0x004cabf0 KJS::FunctionImp::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List const&) + 208
8 com.apple.JavaScriptCore 0x004ae290 KJS::FunctionCallResolveNode::evaluate(KJS::ExecState*) + 608
9 com.apple.JavaScriptCore 0x00497f84 KJS::ExprStatementNode::execute(KJS::ExecState*) + 100
10 com.apple.JavaScriptCore 0x004cdcb0 KJS::FunctionBodyNode::execute(KJS::ExecState*) + 1920
11 com.apple.JavaScriptCore 0x004d78f0 KJS::Interpreter::evaluate(KJS::UString const&, int, KJS::UChar const*, int, KJS::JSValue*) + 848
12 com.apple.WebCore 0x0165deac WebCore::KJSProxy::evaluate(WebCore::String const&, int, WebCore::String const&) + 172
13 com.apple.WebCore 0x011a34b8 WebCore::FrameLoader::executeScript(WebCore::String const&, int, WebCore::String const&) + 88
14 com.apple.WebCore 0x011a3554 WebCore::FrameLoader::executeScript(WebCore::String const&, bool) + 100
15 com.apple.WebCore 0x0166760c KJS::ScheduledAction::execute(KJS::Window*) + 1212
16 com.apple.WebCore 0x01667768 KJS::Window::timerFired(KJS::DOMWindowTimer*) + 72
17 com.apple.WebCore 0x01667930 KJS::DOMWindowTimer::fired() + 48
18 com.apple.WebCore 0x015f8644 WebCore::TimerBase::fireTimers(double, WTF::Vector<WebCore::TimerBase*, (unsigned long)0> const&) + 180
19 com.apple.WebCore 0x015f86f0 WebCore::TimerBase::sharedTimerFired() + 112
20 com.apple.WebCore 0x015dc26c WebCore::timerFired(__CFRunLoopTimer*, void*) + 76
21 com.apple.CoreFoundation 0x907f1578 __CFRunLoopDoTimer + 184
22 com.apple.CoreFoundation 0x907ddef8 __CFRunLoopRun + 1680
23 com.apple.CoreFoundation 0x907dd4ac CFRunLoopRunSpecific + 268
24 com.apple.HIToolbox 0x9329bb20 RunCurrentEventLoopInMode + 264
25 com.apple.HIToolbox 0x9329b1b4 ReceiveNextEventCommon + 380
26 com.apple.HIToolbox 0x9329b020 BlockUntilNextEventMatchingListInMode + 96
27 com.apple.AppKit 0x937a1ae4 _DPSNextEvent + 384
28 com.apple.AppKit 0x937a17a8 -[NSApplication nextEventMatchingMask:untilDate:inMode:dequeue:] + 116
29 com.apple.Safari 0x00006770 0x1000 + 22384
30 com.apple.AppKit 0x9379dcec -[NSApplication run] + 472
31 com.apple.AppKit 0x9388e87c NSApplicationMain + 452
32 com.apple.Safari 0x0000244c 0x1000 + 5196
33 com.apple.Safari 0x0004f1b0 0x1000 + 319920
Thread 1:
0 libSystem.B.dylib 0x9000b348 mach_msg_trap + 8
1 libSystem.B.dylib 0x9000b29c mach_msg + 60
2 com.unsanity.ape 0xc0001bf4 __ape_agent + 296
3 libSystem.B.dylib 0x9002bd08 _pthread_body + 96
Thread 2:
0 libSystem.B.dylib 0x9001f88c select + 12
1 com.apple.CoreFoundation 0x907f0434 __CFSocketManager + 472
2 libSystem.B.dylib 0x9002bd08 _pthread_body + 96
Thread 3:
0 libSystem.B.dylib 0x9002c3c8 semaphore_wait_signal_trap + 8
1 libSystem.B.dylib 0x90030eac pthread_cond_wait + 480
2 com.apple.WebCore 0x01221390 WebCore::IconDatabase::syncThreadMainLoop() + 320
3 com.apple.WebCore 0x01221578 WebCore::IconDatabase::iconDatabaseSyncThread() + 424
4 libSystem.B.dylib 0x9002bd08 _pthread_body + 96
Thread 4:
0 libSystem.B.dylib 0x9002c3c8 semaphore_wait_signal_trap + 8
1 libSystem.B.dylib 0x90030eac pthread_cond_wait + 480
2 com.apple.Foundation 0x92bea30c -[NSConditionLock lockWhenCondition:] + 68
3 com.apple.AppKit 0x9383e708 -[NSUIHeartBeat _heartBeatThread:] + 324
4 com.apple.Foundation 0x92be31a0 forkThreadForFunction + 108
5 libSystem.B.dylib 0x9002bd08 _pthread_body + 96
Thread 5:
0 libSystem.B.dylib 0x9000b348 mach_msg_trap + 8
1 libSystem.B.dylib 0x9000b29c mach_msg + 60
2 com.apple.CoreFoundation 0x907ddba8 __CFRunLoopRun + 832
3 com.apple.CoreFoundation 0x907dd4ac CFRunLoopRunSpecific + 268
4 com.apple.Foundation 0x92c0b7e8 +[NSURLCache _diskCacheSyncLoop:] + 152
5 com.apple.Foundation 0x92be31a0 forkThreadForFunction + 108
6 libSystem.B.dylib 0x9002bd08 _pthread_body + 96
Thread 6:
0 libSystem.B.dylib 0x9000b348 mach_msg_trap + 8
1 libSystem.B.dylib 0x9000b29c mach_msg + 60
2 com.apple.CoreFoundation 0x907ddba8 __CFRunLoopRun + 832
3 com.apple.CoreFoundation 0x907dd4ac CFRunLoopRunSpecific + 268
4 com.apple.Foundation 0x92c0a6a8 +[NSURLConnection(NSURLConnectionInternal) _resourceLoadLoop:] + 264
5 com.apple.Foundation 0x92be31a0 forkThreadForFunction + 108
6 libSystem.B.dylib 0x9002bd08 _pthread_body + 96
Thread 7:
0 libSystem.B.dylib 0x9000b348 mach_msg_trap + 8
1 libSystem.B.dylib 0x9000b29c mach_msg + 60
2 com.apple.CoreFoundation 0x907ddba8 __CFRunLoopRun + 832
3 com.apple.CoreFoundation 0x907dd4ac CFRunLoopRunSpecific + 268
4 com.apple.audio.CoreAudio 0x9145763c HALRunLoop::OwnThread(void*) + 264
5 com.apple.audio.CoreAudio 0x914573dc CAPThread::Entry(CAPThread*) + 96
6 libSystem.B.dylib 0x9002bd08 _pthread_body + 96
Thread 8:
0 libSystem.B.dylib 0x9002c3c8 semaphore_wait_signal_trap + 8
1 libSystem.B.dylib 0x90030eac pthread_cond_wait + 480
2 com.apple.Foundation 0x92bea30c -[NSConditionLock lockWhenCondition:] + 68
3 com.apple.Syndication 0x9ba8642c -[AsyncDB _run:] + 192
4 com.apple.Foundation 0x92be31a0 forkThreadForFunction + 108
5 libSystem.B.dylib 0x9002bd08 _pthread_body + 96
Thread 9:
0 libSystem.B.dylib 0x9003288c wait4 + 12
1 com.apple.Foundation 0x92bd1454 _waitForTermination + 40
2 libSystem.B.dylib 0x9002bd08 _pthread_body + 96
Thread 10:
0 libSystem.B.dylib 0x9000b348 mach_msg_trap + 8
1 libSystem.B.dylib 0x9000b29c mach_msg + 60
2 ...romedia.Flash Player.plugin 0x0a4d070c native_ShockwaveFlash_TCallFrame + 1368308
3 libSystem.B.dylib 0x9002bd08 _pthread_body + 96
Thread 0 crashed with PPC Thread State 64:
srr0: 0x00000000004943f0 srr1: 0x000000000200f030 vrsave: 0x00000000fff00000
cr: 0x44022242 xer: 0x0000000000000004 lr: 0x00000000004943b4 ctr: 0x0000000000478fc0
r0: 0x00000000004a1c54 r1: 0x00000000bfffdc60 r2: 0x0000000044024242 r3: 0x0000000000000000
r4: 0x00000000bfffe030 r5: 0x0000000000000000 r6: 0x000000000000003f r7: 0x000000000bc465b8
r8: 0x000000000bb66200 r9: 0x0000000000000000 r10: 0x000000009a069593 r11: 0x000000000000001c
r12: 0x0000000000478fc0 r13: 0x00000000bfffdfb0 r14: 0x0000000000000001 r15: 0x00000000004575b0
r16: 0x00000000005375b0 r17: 0x000000000b7023f4 r18: 0x00000000bfffe114 r19: 0x0000000000545148
r20: 0x000000000b702a14 r21: 0x000000000b7029a0 r22: 0x000000000053e04c r23: 0x0000000000000000
r24: 0x0000000000000008 r25: 0x00000000bfffe030 r26: 0x000000000b6c28e0 r27: 0x00000000bfffddc0
r28: 0x00000000bfffe030 r29: 0x00000000bfffe030 r30: 0x0000000000000000 r31: 0x00000000004943b4
| Attachments | ||
|---|---|---|
| Add attachment proposed patch, testcase, etc. |
David Kilzer (:ddkilzer)
*** This bug has been marked as a duplicate of 15848 ***