[Webkit-unassigned] [Bug 13462] New: REPRODUCIBLE ASSERT: KJS::GCLock::GCLock[in-charge]() + 96 (collector.cpp:130)
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Mon Apr 23 16:20:07 PDT 2007
http://bugs.webkit.org/show_bug.cgi?id=13462
Summary: REPRODUCIBLE ASSERT: KJS::GCLock::GCLock[in-charge]() +
96 (collector.cpp:130)
Product: WebKit
Version: 522+ (nightly)
Platform: Macintosh
OS/Version: Mac OS X 10.4
Status: NEW
Keywords: NeedsRadar
Severity: Normal
Priority: P1
Component: JavaScriptCore
AssignedTo: webkit-unassigned at lists.webkit.org
ReportedBy: ddkilzer at webkit.org
CC: mjs at apple.com, timothy at hatcher.name, ggaren at apple.com
* SUMMARY
Reproducible assert tripped opening Web Inspector, closing Web Inspector, then
opening Web Inspector again.
* STEPS TO REPRODUCE
1. Open Safari/WebKit.
2. Open a page (any page): http://www.google.com/
3. Right-click on the page and select "Inspect Element".
4. Close the Web Inspector.
5. Right-click on the page a second time and select "Inspect Element".
* EXPECTED RESULTS
The Web Inspector should come up a second time.
* ACTUAL RESULTS
Safari/WebKit crashes with an assertion failure.
* REGRESSION
Only tested with a local debug build of WebKit r21046 with Safari 2.0.4 (419.3)
on Mac OS X 10.4.9 (8P135).
* NOTES
Console:
ASSERTION FAILED: !isLocked
(/path/to/WebKit/JavaScriptCore/kjs/collector.cpp:130 KJS::GCLock::GCLock())
Segmentation fault
Stack:
Exception: EXC_BAD_ACCESS (0x0001)
Codes: KERN_INVALID_ADDRESS (0x0001) at 0xbbadbeef
Thread 0 Crashed:
0 com.apple.JavaScriptCore 0x005bf344 KJS::GCLock::GCLock[in-charge]() +
96 (collector.cpp:130)
1 com.apple.JavaScriptCore 0x00525664 KJS::Collector::collect() + 200
(collector.cpp:754)
2 com.apple.WebCore 0x012fa28c WebCore::KJSProxy::~KJSProxy
[in-charge]() + 208 (kjs_proxy.cpp:56)
3 com.apple.WebCore 0x010f4be4 WebCore::FramePrivate::~FramePrivate
[in-charge]() + 56 (Frame.cpp:1886)
4 com.apple.WebCore 0x010f50dc WebCore::Frame::~Frame [in-charge
deleting]() + 916 (Frame.cpp:251)
5 com.apple.WebCore 0x015c3e18
WebCore::Shared<WebCore::Frame>::deref() + 228 (Shared.h:52)
6 com.apple.WebCore 0x015c3e6c WTF::RefPtr<WebCore::Frame>::~RefPtr
[in-charge]() + 64 (RefPtr.h:41)
7 com.apple.WebCore 0x011f89d0 WebCore::Page::~Page [in-charge]() +
356 (Page.cpp:94)
8 com.apple.WebKit 0x0037d3ec -[WebView(WebPrivate) _close] + 556
(WebView.mm:665)
9 com.apple.WebKit 0x003840c4 -[WebView dealloc] + 60
(WebView.mm:1808)
10 com.apple.AppKit 0x937af4b4 -[NSView release] + 200
11 com.apple.Foundation 0x92bbd908 NSPopAutoreleasePool + 536
12 com.apple.JavaScriptCore 0x0057b470 KJS::Bindings::ObjcInstance::end() +
152 (objc_instance.mm:76)
13 com.apple.JavaScriptCore 0x0057b73c
KJS::Bindings::ObjcInstance::~ObjcInstance [in-charge deleting]() + 220
(objc_instance.mm:61)
14 com.apple.JavaScriptCore 0x005e4c20 KJS::Bindings::Instance::deref() +
116 (runtime.h:153)
15 com.apple.JavaScriptCore 0x005e4cf4
WTF::RefPtr<KJS::Bindings::Instance>::~RefPtr [in-charge]() + 56 (RefPtr.h:41)
16 com.apple.JavaScriptCore 0x005e4d74
KJS::RuntimeObjectImp::~RuntimeObjectImp [in-charge]() + 68
(runtime_object.h:34)
17 com.apple.JavaScriptCore 0x00525878 KJS::Collector::collect() + 732
(collector.cpp:817)
18 com.apple.JavaScriptCore 0x00525df4 KJS::Collector::allocate(unsigned
long) + 332 (collector.cpp:210)
19 com.apple.JavaScriptCore 0x00561ae4 KJS::JSCell::operator new(unsigned
long) + 32 (value.cpp:41)
20 com.apple.JavaScriptCore 0x0054ec00
KJS::ObjectObjectImp::construct(KJS::ExecState*, KJS::List const&) + 252
(object_object.cpp:183)
21 com.apple.JavaScriptCore 0x0053fae8
KJS::FuncExprNode::evaluate(KJS::ExecState*) + 296 (nodes.cpp:2480)
22 com.apple.JavaScriptCore 0x0054ac1c
KJS::AssignDotNode::evaluate(KJS::ExecState*) + 276 (nodes.cpp:1480)
23 com.apple.JavaScriptCore 0x00542b38
KJS::ExprStatementNode::execute(KJS::ExecState*) + 220 (nodes.cpp:1716)
24 com.apple.JavaScriptCore 0x005402cc
KJS::SourceElementsNode::execute(KJS::ExecState*) + 624 (nodes.cpp:2522)
25 com.apple.JavaScriptCore 0x0053dc5c
KJS::BlockNode::execute(KJS::ExecState*) + 216 (nodes.cpp:1693)
26 com.apple.JavaScriptCore 0x00536960
KJS::Interpreter::evaluate(KJS::UString const&, int, KJS::UChar const*, int,
KJS::JSValue*) + 1116 (interpreter.cpp:365)
27 com.apple.WebCore 0x012faa10
WebCore::KJSProxy::evaluate(WebCore::String const&, int, WebCore::String
const&, WebCore::Node*) + 420 (kjs_proxy.cpp:78)
28 com.apple.WebCore 0x014a0c78
WebCore::FrameLoader::executeScript(WebCore::String const&, int,
WebCore::Node*, WebCore::String const&) + 136 (FrameLoader.cpp:711)
29 com.apple.WebCore 0x01025a3c
WebCore::HTMLTokenizer::scriptExecution(WebCore::DeprecatedString const&,
WebCore::HTMLTokenizer::State, WebCore::DeprecatedString, int) + 392
(HTMLTokenizer.cpp:511)
30 com.apple.WebCore 0x01027408
WebCore::HTMLTokenizer::notifyFinished(WebCore::CachedResource*) + 628
(HTMLTokenizer.cpp:1670)
31 com.apple.WebCore 0x01128dc4
WebCore::CachedScript::ref(WebCore::CachedResourceClient*) + 104
(CachedScript.cpp:64)
32 com.apple.WebCore 0x010288f0
WebCore::HTMLTokenizer::scriptHandler(WebCore::HTMLTokenizer::State) + 1364
(HTMLTokenizer.cpp:450)
33 com.apple.WebCore 0x01029080
WebCore::HTMLTokenizer::parseSpecial(WebCore::SegmentedString&,
WebCore::HTMLTokenizer::State) + 1212 (HTMLTokenizer.cpp:310)
34 com.apple.WebCore 0x0102b164
WebCore::HTMLTokenizer::parseTag(WebCore::SegmentedString&,
WebCore::HTMLTokenizer::State) + 6652 (HTMLTokenizer.cpp:1185)
35 com.apple.WebCore 0x0102ba8c
WebCore::HTMLTokenizer::write(WebCore::SegmentedString const&, bool) + 1444
(HTMLTokenizer.cpp:1398)
36 com.apple.WebCore 0x01492ee8 WebCore::FrameLoader::write(char
const*, int, bool) + 1200 (FrameLoader.cpp:928)
37 com.apple.WebCore 0x01493054 WebCore::FrameLoader::addData(char
const*, int) + 320 (FrameLoader.cpp:1607)
38 com.apple.WebCore 0x0111a734 -[WebCoreFrameBridge addData:] + 232
(WebCoreFrameBridge.mm:291)
39 com.apple.WebCore 0x0111f3e4 -[WebCoreFrameBridge
receivedData:textEncodingName:] + 316 (WebCoreFrameBridge.mm:1477)
40 com.apple.WebKit 0x00342d8c -[WebHTMLRepresentation
receivedData:withDataSource:] + 296 (WebHTMLRepresentation.mm:175)
41 com.apple.WebKit 0x0033c054 -[WebDataSource(WebInternal)
_receivedData:] + 116 (WebDataSource.mm:178)
42 com.apple.WebKit 0x003c6128
WebFrameLoaderClient::committedLoad(WebCore::DocumentLoader*, char const*, int)
+ 184
43 com.apple.WebCore 0x0148eaac
WebCore::FrameLoader::committedLoad(WebCore::DocumentLoader*, char const*, int)
+ 92 (FrameLoader.cpp:3020)
44 com.apple.WebCore 0x014a3b2c
WebCore::DocumentLoader::commitLoad(char const*, int) + 104
(DocumentLoader.cpp:347)
45 com.apple.WebCore 0x014a3bb4
WebCore::DocumentLoader::receivedData(char const*, int) + 104
(DocumentLoader.cpp:360)
46 com.apple.WebCore 0x0148d7fc
WebCore::FrameLoader::receivedData(char const*, int) + 60
(FrameLoader.cpp:2043)
47 com.apple.WebCore 0x014a5b88
WebCore::MainResourceLoader::addData(char const*, int, bool) + 92
(MainResourceLoader.cpp:134)
48 com.apple.WebCore 0x014a86a4
WebCore::ResourceLoader::didReceiveData(char const*, int, long long, bool) +
104
49 com.apple.WebCore 0x014a5f34
WebCore::MainResourceLoader::didReceiveData(char const*, int, long long, bool)
+ 288 (MainResourceLoader.cpp:289)
50 com.apple.WebCore 0x014a8018
WebCore::ResourceLoader::didReceiveData(WebCore::ResourceHandle*, char const*,
int, int) + 108
51 com.apple.WebCore 0x0147d364 -[WebCoreResourceHandleAsDelegate
connection:didReceiveData:lengthReceived:] + 240 (ResourceHandleMac.mm:352)
52 com.apple.Foundation 0x92c13624
-[NSURLConnection(NSURLConnectionInternal) _sendDidReceiveDataCallback] + 564
53 com.apple.Foundation 0x92c11ac4
-[NSURLConnection(NSURLConnectionInternal) _sendCallbacks] + 488
54 com.apple.Foundation 0x92c11860 _sendCallbacks + 156
55 com.apple.CoreFoundation 0x907df4fc __CFRunLoopDoSources0 + 384
56 com.apple.CoreFoundation 0x907dea2c __CFRunLoopRun + 452
57 com.apple.CoreFoundation 0x907de4ac CFRunLoopRunSpecific + 268
58 com.apple.Foundation 0x92bf0170 -[NSRunLoop runMode:beforeDate:] +
172
59 com.apple.WebKit 0x003b45e0 -[WebInspector init] + 1744
(WebInspector.m:108)
60 com.apple.WebKit 0x003b3ed4 +[WebInspector sharedWebInspector] +
116 (WebInspector.m:57)
61 com.apple.WebKit 0x003883ac -[WebView _inspectElement:] + 388
(WebView.mm:2471)
62 com.apple.AppKit 0x9383fc4c -[NSApplication sendAction:to:from:]
+ 108
63 com.apple.Safari 0x0002956c 0x1000 + 165228
64 com.apple.AppKit 0x9389a4b8 -[NSMenu
performActionForItemAtIndex:] + 392
65 com.apple.AppKit 0x9389a23c -[NSCarbonMenuImpl
performActionWithHighlightingForItemAtIndex:] + 104
66 com.apple.AppKit 0x938c2d6c _NSPopUpCarbonMenu2 + 2480
67 com.apple.AppKit 0x938c23ac _NSPopUpCarbonMenu1 + 44
68 com.apple.AppKit 0x93919be8 -[NSCarbonMenuImpl
_popUpContextMenu:withEvent:forView:withFont:] + 168
69 com.apple.AppKit 0x93919a68 -[NSMenu
_popUpContextMenu:withEvent:forView:withFont:] + 216
70 com.apple.AppKit 0x93ab6404 -[NSControl _rightMouseUpOrDown:] +
440
71 com.apple.AppKit 0x937fafa0 -[NSWindow sendEvent:] + 6424
72 com.apple.Safari 0x00021734 0x1000 + 132916
73 com.apple.AppKit 0x937a38d4 -[NSApplication sendEvent:] + 4172
74 com.apple.Safari 0x00021238 0x1000 + 131640
75 com.apple.AppKit 0x9379ad10 -[NSApplication run] + 508
76 com.apple.AppKit 0x9388b87c NSApplicationMain + 452
77 com.apple.Safari 0x0005c77c 0x1000 + 374652
78 com.apple.Safari 0x0005c624 0x1000 + 374308
--
Configure bugmail: http://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
More information about the webkit-unassigned
mailing list