[Webkit-unassigned] [Bug 20214] New: Crash in profiler dereferencing null frame or page

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Tue Jul 29 14:23:18 PDT 2008 

https://bugs.webkit.org/show_bug.cgi?id=20214

           Summary: Crash in profiler dereferencing null frame or page
           Product: WebKit
           Version: 526+ (Nightly build)
          Platform: Macintosh
        OS/Version: Mac OS X 10.5
            Status: NEW
          Keywords: HasReduction, NeedsRadar
          Severity: Normal
          Priority: P2
         Component: Web Inspector
        AssignedTo: webkit-unassigned at lists.webkit.org
        ReportedBy: oliver at apple.com
                CC: kmccullough at apple.com


While profiler is running it's possible to trigger a crash through the
following steps:
1. Go to http://280slides.com/Editor
2. Open inspector, go to profile pane, start profile
3. hit cmd-w, cmd-n

You get the following crash (looks like the profiler is being terminated by the
gc sweep, rather than the window closing):

Thread 0 Crashed:
0   com.apple.WebCore                   0x01400376 WebCore::Frame::page() const
+ 6 (Frame.cpp:1740)
1   com.apple.WebCore                   0x012bf528
WebCore::Console::finishedProfiling(WTF::PassRefPtr<KJS::Profile>) + 24
(Console.cpp:308)
2   com.apple.JavaScriptCore            0x004346bb
KJS::Profiler::didFinishAllExecution(KJS::ExecState*) + 267 (PassRefPtr.h:44)
3   com.apple.JavaScriptCore            0x003ce3fe
KJS::JSGlobalObject::~JSGlobalObject() + 942 (JSGlobalObject.cpp:88)
4   com.apple.WebCore                   0x0180360c
WebCore::JSDOMWindowBase::~JSDOMWindowBase() + 796 (JSDOMWindowBase.cpp:242)
5   com.apple.JavaScriptCore            0x003fbbe5 unsigned long
KJS::Heap::sweep<(KJS::Heap::HeapType)0>() + 581 (collector.cpp:854)
6   com.apple.JavaScriptCore            0x0036898f KJS::Heap::collect() + 127
(collector.cpp:948)
7   com.apple.WebCore                   0x0142b442
WebCore::Timer<WebCore::GCController>::fired() + 82 (Timer.h:99)
8   com.apple.WebCore                   0x01771959
WebCore::TimerBase::fireTimers(double, WTF::Vector<WebCore::TimerBase*, 0ul>
const&) + 137 (Timer.cpp:350)
9   com.apple.WebCore                   0x01771a22
WebCore::TimerBase::sharedTimerFired() + 162 (Timer.cpp:370)
10  com.apple.WebCore                   0x01756ea4
WebCore::timerFired(__CFRunLoopTimer*, void*) + 68 (SharedTimerMac.mm:85)
11  com.apple.CoreFoundation            0x96cd4b45 CFRunLoopRunSpecific + 4469
12  com.apple.CoreFoundation            0x96cd4cf8 CFRunLoopRunInMode + 88
13  com.apple.HIToolbox                 0x93c8bda4 RunCurrentEventLoopInMode +
283
14  com.apple.HIToolbox                 0x93c8bbbd ReceiveNextEventCommon + 374
15  com.apple.HIToolbox                 0x93c8ba31
BlockUntilNextEventMatchingListInMode + 106
16  com.apple.AppKit                    0x9331a505 _DPSNextEvent + 657
17  com.apple.AppKit                    0x93319db8 -[NSApplication
nextEventMatchingMask:untilDate:inMode:dequeue:] + 128
18  com.apple.Safari                    0x000086be 0x1000 + 30398
19  com.apple.AppKit                    0x93312df3 -[NSApplication run] + 795
20  com.apple.AppKit                    0x932e0030 NSApplicationMain + 574
21  com.apple.Safari                    0x000ba4d6 0x1000 + 758998


-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

More information about the webkit-unassigned mailing list