RESOLVED WORKSFORME 70201
REGRESSION: Crash when loading Twitter or performing Google search 
https://bugs.webkit.org/show_bug.cgi?id=70201
Summary REGRESSION: Crash when loading Twitter or performing Google search
Dimitris Apostolou
Reported 2011-10-16 10:05:58 PDT
Created attachment 111182 [details] Crash logs. 7534.51.22, r97573 Reproducibility: often Steps: Go to www.twitter.com or perform a search from www.google.com What happened: Crash. Expected result: WebKit does not crash.
Attachments
Crash logs. (40.72 KB, application/octet-stream)
2011-10-16 10:05 PDT, Dimitris Apostolou 		no flags
Details
One more crash log. (40.22 KB, text/plain)
2011-10-17 12:20 PDT, Dimitris Apostolou 		no flags
Details
Crash log with more detailed stack. (50.75 KB, text/plain)
2011-10-17 23:48 PDT, Dimitris Apostolou 		no flags
Details
One more. (50.83 KB, text/plain)
2011-10-19 10:42 PDT, Dimitris Apostolou 		no flags
Details
View All Add attachment proposed patch, testcase, etc.
Alexey Proskuryakov
Comment 1 2011-10-17 12:07:59 PDT
i cannot make it crash with the sane configuration, even with GuardMalloc.
Alexey Proskuryakov
Comment 2 2011-10-17 12:08:14 PDT
the _same_ configuration
Dimitris Apostolou
Comment 3 2011-10-17 12:20:29 PDT
Created attachment 111299 [details] One more crash log. Just reproduced it again just by visiting the main twitter page.
Dimitris Apostolou
Comment 4 2011-10-17 13:08:56 PDT
*** Bug 69222 has been marked as a duplicate of this bug. ***
Dimitris Apostolou
Comment 5 2011-10-17 13:11:16 PDT
ok, I'm downloading the source now and will compile a debug build. Will run in gdb and let's see if I can get some better info.
Dimitris Apostolou
Comment 6 2011-10-17 23:48:01 PDT
Created attachment 111392 [details] Crash log with more detailed stack. Attaching one more crash log with more detailed stack from debug build. Hope it helps :)
Dimitris Apostolou
Comment 7 2011-10-19 10:42:57 PDT
Created attachment 111645 [details] One more.
Gavin Barraclough
Comment 8 2011-10-20 15:24:17 PDT
Two of the crash logs show crashes in stringProtoFuncReplace, which hadn't changed in 5000 revisions prior to r97573. Could be a bad value passing in from JIT code, I guess. The other crash appears to be in the parer, which is a little odd.
Note You need to log in before you can comment on or make changes to this bug.