[Webkit-unassigned] [Bug 55671] New: REGRESSION (r80210): Crash in JSWeakObjectMapClear
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Thu Mar 3 07:12:28 PST 2011
https://bugs.webkit.org/show_bug.cgi?id=55671
Summary: REGRESSION (r80210): Crash in JSWeakObjectMapClear
Product: WebKit
Version: 528+ (Nightly build)
Platform: Macintosh PowerPC
URL: http://www.avsforum.com/
OS/Version: Mac OS X 10.5
Status: UNCONFIRMED
Severity: Critical
Priority: P1
Component: JavaScriptCore
AssignedTo: webkit-unassigned at lists.webkit.org
ReportedBy: kevin at rhubarbproductions.com
While browsing around the AVS forums with r80210, I'm getting random crashes, possibly due to an ad using javascript.
Seems to crash a little different each time:
Process: Safari [4711]
Path: /Applications/WebKit.app/Contents/MacOS/WebKit
Identifier: org.webkit.nightly.WebKit
Version: r80210 (80210)
Code Type: PPC (Native)
Parent Process: launchd [136]
Date/Time: 2011-03-03 09:57:14.810 -0500
OS Version: Mac OS X 10.5.8 (9L30)
Report Version: 6
Anonymous UUID: F41C1802-6457-4B49-A738-107FEBA3B7F7
Exception Type: EXC_BAD_ACCESS (SIGBUS)
Exception Codes: KERN_PROTECTION_FAILURE at 0x0000000000000064
Crashed Thread: 0
Thread 0 Crashed:
0 com.apple.JavaScriptCore 0x008469a0 JSWeakObjectMapClear + 240
1 com.apple.Safari 0x001b28b4 0x1000 + 1775796
2 com.apple.JavaScriptCore 0x007e2558 JSC::JSCallbackObject<JSC::JSObjectWithGlobalObject>::~JSCallbackObject() + 88
3 com.apple.JavaScriptCore 0x00851f20 JSC::MarkedSpace::allocateFromSizeClass(JSC::MarkedSpace::SizeClass&) + 384
4 com.apple.JavaScriptCore 0x007f9c7c JSC::JSGlobalObject::reset(JSC::JSValue) + 16540
5 com.apple.WebCore 0x01c6e1cc WebCore::JSDOMGlobalObject::JSDOMGlobalObject(WTF::NonNullPassRefPtr<JSC::Structure>, WebCore::JSDOMGlobalObject::JSDOMGlobalObjectData*, JSC::JSObject*) + 172
6 com.apple.WebCore 0x01ccf6e4 WebCore::JSDOMWindowBase::JSDOMWindowBase(WTF::NonNullPassRefPtr<JSC::Structure>, WTF::PassRefPtr<WebCore::DOMWindow>, WebCore::JSDOMWindowShell*) + 100
7 com.apple.WebCore 0x01ca0bc4 WebCore::JSDOMWindow::JSDOMWindow(WTF::NonNullPassRefPtr<JSC::Structure>, WTF::PassRefPtr<WebCore::DOMWindow>, WebCore::JSDOMWindowShell*) + 68
8 com.apple.WebCore 0x01cd8e28 WebCore::JSDOMWindowShell::setWindow(WTF::PassRefPtr<WebCore::DOMWindow>) + 584
9 com.apple.WebCore 0x022ccadc WebCore::ScriptController::clearWindowShell(bool) + 220
10 com.apple.WebCore 0x019b98fc WebCore::Frame::~Frame() + 156
11 com.apple.WebCore 0x019ba250 WebCore::Frame::lifeSupportTimerFired(WebCore::Timer<WebCore::Frame>*) + 64
12 com.apple.WebCore 0x0244e080 WebCore::ThreadTimers::sharedTimerFiredInternal() + 128
13 com.apple.WebCore 0x02319c08 __ZN7WebCoreL10timerFiredEP16__CFRunLoopTimerPv + 72
14 com.apple.CoreFoundation 0x97108818 CFRunLoopRunSpecific + 2968
15 com.apple.HIToolbox 0x904d5b14 RunCurrentEventLoopInMode + 264
16 com.apple.HIToolbox 0x904d5938 ReceiveNextEventCommon + 412
17 com.apple.HIToolbox 0x904d5778 BlockUntilNextEventMatchingListInMode + 84
18 com.apple.AppKit 0x925c0244 _DPSNextEvent + 596
19 com.apple.AppKit 0x925bfbfc -[NSApplication nextEventMatchingMask:untilDate:inMode:dequeue:] + 112
20 com.apple.Safari 0x00018d74 0x1000 + 97652
21 com.apple.AppKit 0x925b989c -[NSApplication run] + 744
22 com.apple.AppKit 0x9258a298 NSApplicationMain + 440
23 com.apple.Safari 0x0000b378 0x1000 + 41848
Process: Safari [4891]
Path: /Applications/WebKit.app/Contents/MacOS/WebKit
Identifier: org.webkit.nightly.WebKit
Version: r80210 (80210)
Code Type: PPC (Native)
Parent Process: launchd [136]
Date/Time: 2011-03-03 10:01:15.649 -0500
OS Version: Mac OS X 10.5.8 (9L30)
Report Version: 6
Anonymous UUID: F41C1802-6457-4B49-A738-107FEBA3B7F7
Exception Type: EXC_BAD_ACCESS (SIGBUS)
Exception Codes: KERN_PROTECTION_FAILURE at 0x0000000000000060
Crashed Thread: 0
Thread 0 Crashed:
0 com.apple.JavaScriptCore 0x008469a0 JSWeakObjectMapClear + 240
1 com.apple.Safari 0x001b28b4 0x1000 + 1775796
2 com.apple.JavaScriptCore 0x007e2558 JSC::JSCallbackObject<JSC::JSObjectWithGlobalObject>::~JSCallbackObject() + 88
3 com.apple.JavaScriptCore 0x00851f20 JSC::MarkedSpace::allocateFromSizeClass(JSC::MarkedSpace::SizeClass&) + 384
4 com.apple.JavaScriptCore 0x007bb760 JSC::Interpreter::privateExecute(JSC::Interpreter::ExecutionFlag, JSC::RegisterFile*, JSC::ExecState*) + 1072
5 com.apple.JavaScriptCore 0x007d0094 JSC::Interpreter::execute(JSC::ProgramExecutable*, JSC::ExecState*, JSC::ScopeChainNode*, JSC::JSObject*) + 756
6 com.apple.JavaScriptCore 0x0077a1c0 JSC::evaluate(JSC::ExecState*, JSC::ScopeChainNode*, JSC::SourceCode const&, JSC::JSValue) + 352
7 com.apple.WebCore 0x022cd634 WebCore::ScriptController::evaluateInWorld(WebCore::ScriptSourceCode const&, WebCore::DOMWrapperWorld*) + 660
8 com.apple.WebCore 0x019b9128 WebCore::Frame::injectUserScriptsForWorld(WebCore::DOMWrapperWorld*, WTF::Vector<WTF::OwnPtr<WebCore::UserScript>, 0ul> const&, WebCore::UserScriptInjectionTime) + 856
9 com.apple.WebCore 0x019b934c WebCore::Frame::injectUserScripts(WebCore::UserScriptInjectionTime) + 188
10 com.apple.WebCore 0x019c3d64 WebCore::FrameLoader::finishedParsing() + 52
11 com.apple.WebCore 0x01878978 WebCore::Document::finishedParsing() + 456
12 com.apple.WebCore 0x01a34830 WebCore::HTMLDocumentParser::prepareToStopParsing() + 112
13 com.apple.WebCore 0x01a32aec WebCore::HTMLDocumentParser::finish() + 668
14 com.apple.WebCore 0x01892564 WebCore::DocumentWriter::endIfNotLoadingMainResource() + 100
15 com.apple.WebCore 0x019c3308 WebCore::FrameLoader::finishedLoading() + 104
16 com.apple.WebCore 0x020beb7c WebCore::MainResourceLoader::didFinishLoading(double) + 188
17 com.apple.Foundation 0x94467814 _NSURLConnectionDidFinishLoading + 120
18 com.apple.CFNetwork 0x94b29d8c URLConnectionClient::_clientDidFinishLoading(URLConnectionClient::ClientConnectionEventQueue*) + 236
19 com.apple.CFNetwork 0x94b2aa08 URLConnectionClient::ClientConnectionEventQueue::processAllEventsAndConsumePayload(XConnectionEventInfo<XClientEvent, XClientEventParams>*, long) + 172
20 com.apple.CFNetwork 0x94b2acd8 URLConnectionClient::ClientConnectionEventQueue::processAllEventsAndConsumePayload(XConnectionEventInfo<XClientEvent, XClientEventParams>*, long) + 892
21 com.apple.CFNetwork 0x94b29500 URLConnectionClient::processEvents() + 132
22 com.apple.CFNetwork 0x94ad3000 MultiplexerSource::perform() + 168
23 com.apple.CoreFoundation 0x971080d0 CFRunLoopRunSpecific + 1104
24 com.apple.HIToolbox 0x904d5b14 RunCurrentEventLoopInMode + 264
25 com.apple.HIToolbox 0x904d5938 ReceiveNextEventCommon + 412
26 com.apple.HIToolbox 0x904d5778 BlockUntilNextEventMatchingListInMode + 84
27 com.apple.AppKit 0x925c0244 _DPSNextEvent + 596
28 com.apple.AppKit 0x925bfbfc -[NSApplication nextEventMatchingMask:untilDate:inMode:dequeue:] + 112
29 com.apple.Safari 0x00018d74 0x1000 + 97652
30 com.apple.AppKit 0x925b989c -[NSApplication run] + 744
31 com.apple.AppKit 0x9258a298 NSApplicationMain + 440
32 com.apple.Safari 0x0000b378 0x1000 + 41848
Process: Safari [4918]
Path: /Applications/WebKit.app/Contents/MacOS/WebKit
Identifier: org.webkit.nightly.WebKit
Version: r80210 (80210)
Code Type: PPC (Native)
Parent Process: launchd [136]
Date/Time: 2011-03-03 10:03:56.229 -0500
OS Version: Mac OS X 10.5.8 (9L30)
Report Version: 6
Anonymous UUID: F41C1802-6457-4B49-A738-107FEBA3B7F7
Exception Type: EXC_BAD_ACCESS (SIGBUS)
Exception Codes: KERN_PROTECTION_FAILURE at 0x000000000000006a
Crashed Thread: 0
Thread 0 Crashed:
0 com.apple.JavaScriptCore 0x008469a0 JSWeakObjectMapClear + 240
1 com.apple.Safari 0x001b28b4 0x1000 + 1775796
2 com.apple.JavaScriptCore 0x007e2558 JSC::JSCallbackObject<JSC::JSObjectWithGlobalObject>::~JSCallbackObject() + 88
3 com.apple.JavaScriptCore 0x00851f20 JSC::MarkedSpace::allocateFromSizeClass(JSC::MarkedSpace::SizeClass&) + 384
4 com.apple.JavaScriptCore 0x0077d28c JSC::DateConstructor::DateConstructor(JSC::ExecState*, JSC::JSGlobalObject*, WTF::NonNullPassRefPtr<JSC::Structure>, JSC::Structure*, JSC::DatePrototype*) + 844
5 com.apple.JavaScriptCore 0x007f7404 JSC::JSGlobalObject::reset(JSC::JSValue) + 6180
6 com.apple.WebCore 0x01c6e1cc WebCore::JSDOMGlobalObject::JSDOMGlobalObject(WTF::NonNullPassRefPtr<JSC::Structure>, WebCore::JSDOMGlobalObject::JSDOMGlobalObjectData*, JSC::JSObject*) + 172
7 com.apple.WebCore 0x01ccf6e4 WebCore::JSDOMWindowBase::JSDOMWindowBase(WTF::NonNullPassRefPtr<JSC::Structure>, WTF::PassRefPtr<WebCore::DOMWindow>, WebCore::JSDOMWindowShell*) + 100
8 com.apple.WebCore 0x01ca0bc4 WebCore::JSDOMWindow::JSDOMWindow(WTF::NonNullPassRefPtr<JSC::Structure>, WTF::PassRefPtr<WebCore::DOMWindow>, WebCore::JSDOMWindowShell*) + 68
9 com.apple.WebCore 0x01cd8e28 WebCore::JSDOMWindowShell::setWindow(WTF::PassRefPtr<WebCore::DOMWindow>) + 584
10 com.apple.WebCore 0x01cd90d0 WebCore::JSDOMWindowShell::JSDOMWindowShell(WTF::PassRefPtr<WebCore::DOMWindow>, WebCore::DOMWrapperWorld*) + 208
11 com.apple.WebCore 0x022ccdc4 WebCore::ScriptController::createWindowShell(WebCore::DOMWrapperWorld*) + 84
12 com.apple.WebCore 0x022cd1c8 WebCore::ScriptController::initScript(WebCore::DOMWrapperWorld*) + 24
13 com.apple.WebCore 0x022cd468 WebCore::ScriptController::evaluateInWorld(WebCore::ScriptSourceCode const&, WebCore::DOMWrapperWorld*) + 200
14 com.apple.WebCore 0x019b9128 WebCore::Frame::injectUserScriptsForWorld(WebCore::DOMWrapperWorld*, WTF::Vector<WTF::OwnPtr<WebCore::UserScript>, 0ul> const&, WebCore::UserScriptInjectionTime) + 856
15 com.apple.WebCore 0x019b934c WebCore::Frame::injectUserScripts(WebCore::UserScriptInjectionTime) + 188
16 com.apple.WebCore 0x019bcf8c WebCore::FrameLoader::dispatchDocumentElementAvailable() + 28
17 com.apple.WebCore 0x01a2bf0c WebCore::HTMLConstructionSite::insertHTMLHtmlStartTagBeforeHTML(WebCore::AtomicHTMLToken&) + 348
18 com.apple.WebCore 0x01ab20dc WebCore::HTMLTreeBuilder::processStartTag(WebCore::AtomicHTMLToken&) + 204
19 com.apple.WebCore 0x01ab7ddc WebCore::HTMLTreeBuilder::constructTreeFromAtomicToken(WebCore::AtomicHTMLToken&) + 28
20 com.apple.WebCore 0x01ab7e88 WebCore::HTMLTreeBuilder::constructTreeFromToken(WebCore::HTMLToken&) + 40
21 com.apple.WebCore 0x01a33a18 WebCore::HTMLDocumentParser::pumpTokenizer(WebCore::HTMLDocumentParser::SynchronousMode) + 360
22 com.apple.WebCore 0x01a344f0 WebCore::HTMLDocumentParser::append(WebCore::SegmentedString const&) + 96
23 com.apple.WebCore 0x018506e8 WebCore::DecodedDataDocumentParser::appendBytes(WebCore::DocumentWriter*, char const*, int, bool) + 344
24 com.apple.WebCore 0x01892558 WebCore::DocumentWriter::endIfNotLoadingMainResource() + 88
25 com.apple.WebCore 0x019c3308 WebCore::FrameLoader::finishedLoading() + 104
26 com.apple.WebCore 0x020beb7c WebCore::MainResourceLoader::didFinishLoading(double) + 188
27 com.apple.Foundation 0x94467814 _NSURLConnectionDidFinishLoading + 120
28 com.apple.CFNetwork 0x94b29d8c URLConnectionClient::_clientDidFinishLoading(URLConnectionClient::ClientConnectionEventQueue*) + 236
29 com.apple.CFNetwork 0x94b2aa08 URLConnectionClient::ClientConnectionEventQueue::processAllEventsAndConsumePayload(XConnectionEventInfo<XClientEvent, XClientEventParams>*, long) + 172
30 com.apple.CFNetwork 0x94b2acd8 URLConnectionClient::ClientConnectionEventQueue::processAllEventsAndConsumePayload(XConnectionEventInfo<XClientEvent, XClientEventParams>*, long) + 892
31 com.apple.CFNetwork 0x94b29500 URLConnectionClient::processEvents() + 132
32 com.apple.CFNetwork 0x94ad3000 MultiplexerSource::perform() + 168
33 com.apple.CoreFoundation 0x971080d0 CFRunLoopRunSpecific + 1104
34 com.apple.HIToolbox 0x904d5b14 RunCurrentEventLoopInMode + 264
35 com.apple.HIToolbox 0x904d5938 ReceiveNextEventCommon + 412
36 com.apple.HIToolbox 0x904d5778 BlockUntilNextEventMatchingListInMode + 84
37 com.apple.AppKit 0x925c0244 _DPSNextEvent + 596
38 com.apple.AppKit 0x925bfbfc -[NSApplication nextEventMatchingMask:untilDate:inMode:dequeue:] + 112
39 com.apple.Safari 0x00018d74 0x1000 + 97652
40 com.apple.AppKit 0x925b989c -[NSApplication run] + 744
41 com.apple.AppKit 0x9258a298 NSApplicationMain + 440
42 com.apple.Safari 0x0000b378 0x1000 + 41848
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list