[Webkit-unassigned] [Bug 53376] r76727-r77034: REGRESSION: Crash on page load in JSC::JSValue::toString

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Sat Jan 29 10:01:06 PST 2011 

https://bugs.webkit.org/show_bug.cgi?id=53376


Oliver Hunt <oliver at apple.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |msaboff at apple.com




--- Comment #4 from Oliver Hunt <oliver at apple.com>  2011-01-29 10:01:06 PST ---
Based on this stack trace i blame r76969 -- Michael can you have a look?


(In reply to comment #3)
> I get the following crash with a debug build:
> 
> ASSERTION FAILED: m_runtimeObjects.get(object)
> (/Users/paroga/WebKit/Source/WebCore/bridge/runtime_root.cpp:189 void JSC::Bindings::RootObject::removeRuntimeObject(JSC::Bindings::RuntimeObject*))
> 
> 
> Thread 0 Crashed:  Dispatch queue: com.apple.main-thread
> 0   com.apple.WebCore                 0x000000010202d3ff JSC::Bindings::RootObject::removeRuntimeObject(JSC::Bindings::RuntimeObject*) + 143 (runtime_root.cpp:189)
> 1   com.apple.WebCore                 0x00000001015c037e JSC::Bindings::Instance::willDestroyRuntimeObject(JSC::Bindings::RuntimeObject*) + 184 (BridgeJSC.cpp:111)
> 2   com.apple.WebCore                 0x000000010202cfb9 JSC::Bindings::RuntimeObject::~RuntimeObject() + 75 (runtime_object.cpp:59)
> 3   com.apple.WebKit                  0x0000000100f5fac7 WebKit::ProxyRuntimeObject::~ProxyRuntimeObject() + 35 (ProxyRuntimeObject.mm:45)
> 4   com.apple.JavaScriptCore          0x000000010088f9d8 JSC::MarkedSpace::sweep() + 122 (MarkedSpace.cpp:285)
> 5   com.apple.JavaScriptCore          0x00000001007d3f3c JSC::Heap::collectAllGarbage() + 138 (Heap.cpp:403)
> 6   com.apple.JavaScriptCore          0x00000001007d19e3 JSC::DefaultGCActivityCallbackPlatformData::trigger(__CFRunLoopTimer*, void*) + 59 (GCActivityCallbackCF.cpp:61)
> 7   com.apple.CoreFoundation          0x00007fff80571be8 __CFRunLoopRun + 6488
> 8   com.apple.CoreFoundation          0x00007fff8056fdbf CFRunLoopRunSpecific + 575
> 9   com.apple.HIToolbox               0x00007fff8736c93a RunCurrentEventLoopInMode + 333
> 10  com.apple.HIToolbox               0x00007fff8736c73f ReceiveNextEventCommon + 310
> 11  com.apple.HIToolbox               0x00007fff8736c5f8 BlockUntilNextEventMatchingListInMode + 59
> 12  com.apple.AppKit                  0x00007fff81691e64 _DPSNextEvent + 718
> 13  com.apple.AppKit                  0x00007fff816917a9 -[NSApplication nextEventMatchingMask:untilDate:inMode:dequeue:] + 155
> 14  com.apple.Safari                  0x00000001000162f4 0x100000000 + 90868
> 15  com.apple.AppKit                  0x00007fff8165748b -[NSApplication run] + 395
> 16  com.apple.AppKit                  0x00007fff816501a8 NSApplicationMain + 364
> 17  com.apple.Safari                  0x000000010000a1c0 0x100000000 + 41408

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

More information about the webkit-unassigned mailing list