[Webkit-unassigned] [Bug 65060] New: REGRESSION: cnn.com continually crashes WebProcess

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Fri Jul 22 20:10:24 PDT 2011 

https://bugs.webkit.org/show_bug.cgi?id=65060

           Summary: REGRESSION: cnn.com continually crashes WebProcess
           Product: WebKit
           Version: 528+ (Nightly build)
          Platform: Macintosh Intel
               URL: http://cnn.com
        OS/Version: Mac OS X 10.7
            Status: UNCONFIRMED
          Severity: Critical
          Priority: P1
         Component: New Bugs
        AssignedTo: webkit-unassigned at lists.webkit.org
        ReportedBy: jon at jonshier.com


In ToT r91628 running in Safari on 10.7, cnn.com crashes at the end of its load, causing the WebProcess to respawn and crash again until Safari shows an error. This doesn't not occur in Safari 5.1 as it shipped on Lion. Nice demo of WebKit2's crash resilience though!

Here's the log:

Process:         WebProcess [60282]
Path:            /Users/USER/*/WebKit2.framework/WebProcess.app/Contents/MacOS/WebProcess
Identifier:      com.apple.WebProcess
Version:         535+ (535.1+)
Code Type:       X86-64 (Native)
Parent Process:  Safari [60274]

Date/Time:       2011-07-22 23:05:52.733 -0400
OS Version:      Mac OS X 10.7 (11A511)
Report Version:  9

Crashed Thread:  0  Dispatch queue: com.apple.main-thread

Exception Type:  EXC_BAD_ACCESS (SIGSEGV)
Exception Codes: KERN_INVALID_ADDRESS at 0x000000000538fc06

VM Regions Near 0x538fc06:
--> 
    __TEXT                 000000010196f000-0000000101970000 [    4K] r-x/rwx SM=COW  /Users/USER/*/WebKit2.framework/WebProcess.app/Contents/MacOS/WebProcess

Application Specific Information:
objc[60282]: garbage collection is OFF

Thread 0 Crashed:: Dispatch queue: com.apple.main-thread
0   com.apple.JavaScriptCore          0x0000000101f246cb JSC::JSValue::toString(JSC::ExecState*) const + 251 (JSString.h:636)
1   com.apple.JavaScriptCore          0x0000000101ff1836 _ZN3JSCL6encodeEPNS_9ExecStateEPKc + 86 (JSGlobalObjectFunctions.cpp:54)
2   com.apple.JavaScriptCore          0x0000000101ff1b1d JSC::globalFuncEncodeURIComponent(JSC::ExecState*) + 13 (JSGlobalObjectFunctions.cpp:529)
3   ???                               0x00002446bda011e8 0 + 39886247694824
4   com.apple.JavaScriptCore          0x0000000101f9a266 JSC::Interpreter::execute(JSC::CallFrameClosure&) + 166 (JSValueInlineMethods.h:402)
5   com.apple.JavaScriptCore          0x0000000101f20cc8 _ZN3JSCL21arrayProtoFuncForEachEPNS_9ExecStateE + 952 (CachedCall.h:51)
6   ???                               0x00002446bda011e8 0 + 39886247694824
7   com.apple.JavaScriptCore          0x0000000101f9a266 JSC::Interpreter::execute(JSC::CallFrameClosure&) + 166 (JSValueInlineMethods.h:402)
8   com.apple.JavaScriptCore          0x0000000101f20cc8 _ZN3JSCL21arrayProtoFuncForEachEPNS_9ExecStateE + 952 (CachedCall.h:51)
9   ???                               0x00002446bda011e8 0 + 39886247694824
10  com.apple.JavaScriptCore          0x0000000101f994ba JSC::Interpreter::executeCall(JSC::ExecState*, JSC::JSObject*, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) + 1306 (JSValueInlineMethods.h:402)
11  com.apple.JavaScriptCore          0x0000000101f38d4a JSC::call(JSC::ExecState*, JSC::JSValue, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) + 42 (CallData.cpp:40)
12  com.apple.WebCore                 0x00000001026fd996 WebCore::JSEventListener::handleEvent(WebCore::ScriptExecutionContext*, WebCore::Event*) + 1190 (JSMainThreadExecState.h:51)
13  com.apple.WebCore                 0x000000010247b205 WebCore::EventTarget::fireEventListeners(WebCore::Event*, WebCore::EventTargetData*, WTF::Vector<WebCore::RegisteredEventListener, 1ul>&) + 149 (EventTarget.cpp:365)
14  com.apple.WebCore                 0x000000010247b0c4 WebCore::EventTarget::dispatchEvent(WTF::PassRefPtr<WebCore::Event>) + 164 (Event.h:156)
15  com.apple.WebCore                 0x000000010243a420 WebCore::DOMWindow::postMessageTimerFired(WTF::PassOwnPtr<WebCore::PostMessageTimer>) + 256 (DOMWindow.cpp:857)
16  com.apple.WebCore                 0x000000010243ddbc WebCore::PostMessageTimer::fired() + 28 (DOMWindow.cpp:143)
17  com.apple.WebCore                 0x0000000102bad7a4 WebCore::ThreadTimers::sharedTimerFiredInternal() + 148 (ThreadTimers.cpp:117)
18  com.apple.WebCore                 0x0000000102ac0df3 _ZN7WebCoreL10timerFiredEP16__CFRunLoopTimerPv + 51 (SharedTimerMac.mm:167)
19  com.apple.CoreFoundation          0x00007fff91797694 __CFRUNLOOP_IS_CALLING_OUT_TO_A_TIMER_CALLBACK_FUNCTION__ + 20
20  com.apple.CoreFoundation          0x00007fff917971e6 __CFRunLoopDoTimer + 534
21  com.apple.CoreFoundation          0x00007fff91777ba1 __CFRunLoopRun + 1617
22  com.apple.CoreFoundation          0x00007fff91777216 CFRunLoopRunSpecific + 230
23  com.apple.HIToolbox               0x00007fff92a294ff RunCurrentEventLoopInMode + 277
24  com.apple.HIToolbox               0x00007fff92a30c21 ReceiveNextEventCommon + 355
25  com.apple.HIToolbox               0x00007fff92a30aae BlockUntilNextEventMatchingListInMode + 62
26  com.apple.AppKit                  0x00007fff960b8191 _DPSNextEvent + 659
27  com.apple.AppKit                  0x00007fff960b7a95 -[NSApplication nextEventMatchingMask:untilDate:inMode:dequeue:] + 135
28  com.apple.AppKit                  0x00007fff960b43d6 -[NSApplication run] + 463
29  com.apple.WebKit2                 0x0000000101b5e9bc WebKit::WebProcessMain(WebKit::CommandLine const&) + 710 (WebProcessMainMac.mm:118)
30  com.apple.WebKit2                 0x0000000101b366b3 WebKitMain + 291 (WebKitMain.cpp:50)
31  com.apple.WebProcess              0x000000010196fdb8 start + 52

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

More information about the webkit-unassigned mailing list