[Webkit-unassigned] [Bug 12672] New: CrashTracer: 46 crashes in Safari at com.apple.JavaScriptCore: KJS::Context::mark + 52

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Tue Feb 6 23:36:44 PST 2007 

http://bugs.webkit.org/show_bug.cgi?id=12672

           Summary: CrashTracer: 46 crashes in Safari at
                    com.apple.JavaScriptCore: KJS::Context::mark + 52
           Product: WebKit
           Version: 420+ (nightly)
          Platform: Macintosh
        OS/Version: Mac OS X 10.4
            Status: NEW
          Keywords: InRadar
          Severity: Normal
          Priority: P1
         Component: WebCore JavaScript
        AssignedTo: webkit-unassigned at lists.webkit.org
        ReportedBy: mjs at apple.com


2006-12-11 14:00:07 CrashTracer System:
PLEASE NOTE: This crash was automatically generated based on user crash
reports. Go here to learn how to deal with it:
http://howto.apple.com/db.cgi?CrashTracer

* APPLICATION: Safari
* CRASH: com.apple.JavaScriptCore:  KJS::Context::mark + 52
* MORE INFORMATION:
http://crashtracer.apple.com/detail.php?crash_id=5086010&app=Safari&build=9A312
(may not immediately have data)

This crash was escalated to Radar by the CrashTracer System because an internal
user explicitly requested it. The user provided the following comments:

I don't remember.


Note: This issue *may* be a duplicate of this radar which has the same crashing
stack frame but different offset, rdar://4850576 . Please consider this when
screening, but make no assumptions.


Possible third-party binary images occurring in over 75% in processes that
crashed here:
    84.44% (38 of 45)  WebKitNightlyEnabler.dylib   
                  36 occurrences of version <unknown>  
Empower.app/Contents/Resources/WebKitNightlyEnabler.dylib
                   2 occurrences of version <unknown>  
WebKit.app/Contents/Resources/WebKitNightlyEnabler.dylib


Summary of a selection of backtraces attributed to this bug. The stack frame
considered to be the unique "crash point" is highlighted ==> like this <==.
This frame is used for aggregation when filing these bugs and does not
necessarily imply fault.

   ==> 45  com.apple.JavaScriptCore:  KJS::Context::mark + 52 <==
            41  com.apple.JavaScriptCore:  KJS::Interpreter::mark + 44
            +-41  com.apple.JavaScriptCore:  KJS::Collector::collect + 116
            +---33  com.apple.WebCore:  WebCore::KJSProxy::~KJSProxy
[in-charge] + 28
            +---+-33  com.apple.WebCore:  WebCore::FramePrivate::~FramePrivate
[in-charge] + 80
            +---+---33  com.apple.WebCore:  WebCore::Frame::~Frame
[not-in-charge] + 492
            +---+-----33  com.apple.WebCore:  WebCore::FrameMac::~FrameMac
[in-charge deleting] + 344
            +---+-------33  com.apple.WebCore:  WebCore::Page::~Page
[in-charge] + 640
            +---+---------33  com.apple.WebCore:  -[WebCorePageBridge close] +
48
            +---+-----------33  com.apple.WebKit:  -[WebView(WebPrivate)
_close] + 148
            +---+-------------33  com.apple.Safari:  0x47858
            +---+---------------33  com.apple.Foundation:  -[NSArray
makeObjectsPerformSelector:withObject:] + 264
            +---+-----------------33  com.apple.Safari:  0x5c1ec
            +---+-------------------33  com.apple.Safari:  0x5a4f4
            +---+---------------------33  com.apple.Foundation: 
_nsnote_callback + 180
            +---+-----------------------33  com.apple.CoreFoundation: 
__CFXNotificationPost + 368
            +---+-------------------------33  com.apple.CoreFoundation: 
_CFXNotificationPostNotification + 684
            +---+---------------------------33  com.apple.Foundation: 
-[NSNotificationCenter postNotificationName:object:userInfo:] + 92
            +---+-----------------------------33  com.apple.AppKit:  -[NSWindow
_close] + 100
            +---+-------------------------------33  com.apple.AppKit: 
-[NSWindow close] + 36
            +---+---------------------------------33  com.apple.Safari: 
0x5a498
            +---+-----------------------------------33  com.apple.Safari: 
0x5c07c
            +---+-------------------------------------32  com.apple.AppKit: 
-[NSApplication sendAction:to:from:] + 108
            +---+-------------------------------------+-32  com.apple.Safari: 
0x2956c
            +---+-------------------------------------+---32  com.apple.AppKit:
 -[NSControl sendAction:to:] + 96
            +---+-------------------------------------+-----32 
com.apple.AppKit:  -[NSCell _sendActionFrom:] + 156
            +---+-------------------------------------+-------32 
com.apple.AppKit:  -[NSCell trackMouse:inRect:ofView:untilMouseUp:] + 1020
            +---+-------------------------------------+---------32 
com.apple.AppKit:  -[NSButtonCell trackMouse:inRect:ofView:untilMouseUp:] + 564
            +---+-------------------------------------+-----------32 
com.apple.AppKit:  -[NSControl mouseDown:] + 536
            +---+-------------------------------------+-------------32 
com.apple.AppKit:  -[_NSThemeWidget mouseDown:] + 100
            +---+-------------------------------------+---------------32 
com.apple.AppKit:  -[NSWindow sendEvent:] + 4616
            +---+-------------------------------------+-----------------32 
com.apple.Safari:  0x21734
            +---+-------------------------------------+-------------------32 
com.apple.AppKit:  -[NSApplication sendEvent:] + 4172
            +---+-------------------------------------+---------------------32 
com.apple.Safari:  0x21238
           
+---+-------------------------------------+-----------------------32 
com.apple.AppKit:  -[NSApplication run] + 508
           
+---+-------------------------------------+-------------------------32 
com.apple.AppKit:  NSApplicationMain + 452
           
+---+-------------------------------------+---------------------------32 
com.apple.Safari:  0x5c77c
           
+---+-------------------------------------+-----------------------------32 
com.apple.Safari:  0x5c624
           
+---+-------------------------------------+-------------------------------32 
Main thread
            +---+-------------------------------------pruning:  1 
com.apple.Foundation:  -[NSArray makeObjectsPerformSelector:withObject:] + 264
            +---pruning:  2  com.apple.WebCore:  KJS::Window::clear + 184
            +---pruning:  2  com.apple.WebCore:  WebCore::KJSProxy::~KJSProxy
[in-charge] + 60
            +---pruning:  2  com.apple.WebCore:  WebCore::PageState::clear +
620
            +---pruning:  1  com.apple.WebCore:  -[KWQPageState clear] + 272
            +---pruning:  1  com.apple.WebCore:  -[WebCorePageState clear] +
272
            pruning:  4  com.apple.JavaScriptCore:  KJS::Interpreter::mark + 40


Some of the most recent comments:
* 10147339: Crash for no reason!

Overall this crash was reported 45 times in OS builds 8J135 to 9A312, Safari
versions 521.13.1 to 17878. Of these crashes, 4 were in the latest OS build,
9A312, and 1 was in the latest Safari version, 17878.

2006-12-12 20:17:30 Stephanie Lewis:
Duplicate of 4850576, which was closed.  Looks like 4596096 is back.  No useful
repro steps

2006-12-15 07:57:36 Julien Robert:
I had this too, loading a bunch of pages.. This was using 9A325.

2006-12-19 21:30:56 Stephanie Lewis:
duplicate crashtracer adds another 12 crashes

2007-01-11 05:27:36 Alexandre Carlhian:
Following disccusion from duplicate <rdar://problem/4915325>. I have attached
my bookmarks as Bookmarks-AC.zip. To reproduce the crash:
- Open all these bookmarks as tabs
- Wait 2 minutes to make sure all the pages are loaded (optional step)
- Read the and close the active page
=> Crash

2007-01-11 05:28:17 Alexandre Carlhian:
(Problem still exists on 9A341)

2007-01-11 21:15:16 Geoff Garen:
Leopard/P1 because <rdar://problem/4915325> has repro steps.

2007-01-15 14:11:37 Alice Liu:
Safari blocker reviewed

<rdar://problem/4876466>


-- 
Configure bugmail: http://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

More information about the webkit-unassigned mailing list