Bug 18389
Summary: | REGRESSION (r31746?): Crash in JSDOMWindowWrapper::mark loading digg.com | ||
---|---|---|---|
Product: | WebKit | Reporter: | Adam Roben (:aroben) <aroben> |
Component: | DOM | Assignee: | Nobody <webkit-unassigned> |
Status: | RESOLVED FIXED | ||
Severity: | Normal | CC: | opendarwin, sam |
Priority: | P2 | ||
Version: | 528+ (Nightly build) | ||
Hardware: | Mac | ||
OS: | OS X 10.5 | ||
URL: | http://digg.com |
Adam Roben (:aroben)
I'm seeing a crash in JSDOMWindowWrapper::mark when loading digg.com. Presumably this is a regression caused by r31746 <http://trac.webkit.org/projects/webkit/changeset/31746>
Backtrace:
#0 0x023aba32 in WebCore::JSDOMWindowWrapper::mark at JSDOMWindowWrapper.cpp:63
#1 0x005ce4c4 in KJS::Collector::markStackObjectsConservatively at collector.cpp:520
#2 0x005ce517 in KJS::Collector::markCurrentThreadConservatively at collector.cpp:548
#3 0x005ce66a in KJS::Collector::markStackObjectsConservatively at collector.cpp:693
#4 0x005dc3e7 in KJS::Collector::collect at collector.cpp:936
#5 0x0062c5d5 in KJS::Collector::heapAllocate<(KJS::Collector::HeapType)0> at collector.cpp:245
#6 0x005dc491 in KJS::Collector::allocate at collector.cpp:292
#7 0x005dc4a5 in KJS::JSCell::operator new at value.cpp:85
#8 0x0065342f in KJS::JSGlobalObject::reset at JSGlobalObject.cpp:253
#9 0x0065543c in KJS::JSGlobalObject::init at JSGlobalObject.cpp:146
#10 0x02384edd in KJS::JSGlobalObject::JSGlobalObject at JSGlobalObject.h:153
#11 0x0237efdb in WebCore::JSDOMWindowBase::JSDOMWindowBase at JSDOMWindowBase.cpp:197
#12 0x01fec810 in WebCore::JSDOMWindow::JSDOMWindow at JSDOMWindow.cpp:428
#13 0x01fec83c in WebCore::JSDOMWindow::JSDOMWindow at JSDOMWindow.cpp:430
#14 0x023342cc in WebCore::KJSProxy::initScript at kjs_proxy.cpp:148
#15 0x01fbacc8 in WebCore::KJSProxy::initScriptIfNeeded at kjs_proxy.h:86
#16 0x01ee2a81 in WebCore::KJSProxy::windowWrapper at kjs_proxy.h:51
#17 0x0237d872 in WebCore::toJSDOMWindow at JSDOMWindowBase.cpp:1432
#18 0x0232e222 in WebCore::allowsAccessFromFrame at kjs_binding.cpp:347
#19 0x0232e288 in WebCore::checkNodeSecurity at kjs_binding.cpp:340
#20 0x02019059 in WebCore::JSHTMLIFrameElement::getValueProperty at JSHTMLIFrameElement.cpp:180
#21 0x02019852 in KJS::staticValueGetter<WebCore::JSHTMLIFrameElement> at lookup.h:109
#22 0x00619d62 in KJS::PropertySlot::getValue at property_slot.h:49
#23 0x005cd952 in KJS::JSObject::get at object.cpp:164
#24 0x00647f07 in KJS::DotAccessorNode::inlineEvaluate at nodes.cpp:961
#25 0x005f9bdc in KJS::DotAccessorNode::evaluate at nodes.cpp:966
#26 0x005f71e2 in KJS::AssignLocalVarNode::evaluate at nodes.cpp:3554
#27 0x005f668d in KJS::ExprStatementNode::execute at nodes.cpp:3993
#28 0x005d9af9 in statementListExecute at nodes.cpp:3946
#29 0x005d9b86 in KJS::BlockNode::execute at nodes.cpp:3971
#30 0x005f65db in KJS::IfNode::execute at nodes.cpp:4030
#31 0x005d9af9 in statementListExecute at nodes.cpp:3946
#32 0x005d9b86 in KJS::BlockNode::execute at nodes.cpp:3971
#33 0x005f6556 in KJS::IfElseNode::execute at nodes.cpp:4048
#34 0x005d9af9 in statementListExecute at nodes.cpp:3946
#35 0x005d9b86 in KJS::BlockNode::execute at nodes.cpp:3971
#36 0x005f65db in KJS::IfNode::execute at nodes.cpp:4030
#37 0x005d9af9 in statementListExecute at nodes.cpp:3946
#38 0x005d9b86 in KJS::BlockNode::execute at nodes.cpp:3971
#39 0x005f6556 in KJS::IfElseNode::execute at nodes.cpp:4048
#40 0x005d9af9 in statementListExecute at nodes.cpp:3946
#41 0x005d9b86 in KJS::BlockNode::execute at nodes.cpp:3971
#42 0x005e7940 in KJS::FunctionBodyNode::execute at nodes.cpp:4890
#43 0x005e8092 in KJS::FunctionImp::callAsFunction at function.cpp:77
#44 0x005efc86 in KJS::JSObject::call at object.cpp:96
#45 0x00649442 in KJS::FunctionCallDotNode::inlineEvaluate at nodes.cpp:1495
#46 0x00606e66 in KJS::FunctionCallDotNode::evaluate at nodes.cpp:1500
#47 0x005f668d in KJS::ExprStatementNode::execute at nodes.cpp:3993
#48 0x005d9af9 in statementListExecute at nodes.cpp:3946
#49 0x005d9b86 in KJS::BlockNode::execute at nodes.cpp:3971
#50 0x005e7940 in KJS::FunctionBodyNode::execute at nodes.cpp:4890
#51 0x005e8092 in KJS::FunctionImp::callAsFunction at function.cpp:77
#52 0x005efc86 in KJS::JSObject::call at object.cpp:96
#53 0x00649442 in KJS::FunctionCallDotNode::inlineEvaluate at nodes.cpp:1495
#54 0x00606e66 in KJS::FunctionCallDotNode::evaluate at nodes.cpp:1500
#55 0x005f668d in KJS::ExprStatementNode::execute at nodes.cpp:3993
#56 0x005d9af9 in statementListExecute at nodes.cpp:3946
#57 0x005d9b86 in KJS::BlockNode::execute at nodes.cpp:3971
#58 0x005e7aee in KJS::ProgramNode::execute at nodes.cpp:4878
#59 0x00615e6e in KJS::Interpreter::evaluate at interpreter.cpp:103
#60 0x02334652 in WebCore::KJSProxy::evaluate at kjs_proxy.cpp:86
#61 0x01ef223d in WebCore::FrameLoader::executeScript at FrameLoader.cpp:783
#62 0x01f7720a in WebCore::HTMLTokenizer::scriptExecution at HTMLTokenizer.cpp:540
#63 0x01f78919 in WebCore::HTMLTokenizer::scriptHandler at HTMLTokenizer.cpp:480
#64 0x01f78f61 in WebCore::HTMLTokenizer::parseSpecial at HTMLTokenizer.cpp:330
#65 0x01f7af3d in WebCore::HTMLTokenizer::parseTag at HTMLTokenizer.cpp:1492
#66 0x01f7b8e9 in WebCore::HTMLTokenizer::write at HTMLTokenizer.cpp:1727
#67 0x01f77776 in WebCore::HTMLTokenizer::notifyFinished at HTMLTokenizer.cpp:2008
#68 0x01dcb0f4 in WebCore::CachedScript::checkNotify at CachedScript.cpp:95
#69 0x01dcb255 in WebCore::CachedScript::data at CachedScript.cpp:85
#70 0x02336312 in WebCore::Loader::Host::didFinishLoading at loader.cpp:268
#71 0x022ce077 in WebCore::SubresourceLoader::didFinishLoading at SubresourceLoader.cpp:193
#72 0x021c867e in WebCore::ResourceLoader::didFinishLoading at ResourceLoader.cpp:370
#73 0x021c5dd3 in -[WebCoreResourceHandleAsDelegate connectionDidFinishLoading:] at ResourceHandleMac.mm:521
Attachments | ||
---|---|---|
Add attachment proposed patch, testcase, etc. |
Jeff Johnson
*** Bug 18390 has been marked as a duplicate of this bug. ***
Sam Weinig
Fixed in r31766.