[Webkit-unassigned] [Bug 60854] New: REGRESSION (r86499): Crash in JSC::slowValidateCell

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Sun May 15 08:38:02 PDT 2011 

https://bugs.webkit.org/show_bug.cgi?id=60854

           Summary: REGRESSION (r86499): Crash in JSC::slowValidateCell
           Product: WebKit
           Version: 528+ (Nightly build)
          Platform: Macintosh PowerPC
        OS/Version: Mac OS X 10.5
            Status: UNCONFIRMED
          Severity: Critical
          Priority: P2
         Component: JavaScriptCore
        AssignedTo: webkit-unassigned at lists.webkit.org
        ReportedBy: kevin at rhubarbproductions.com


Having trouble determing a consistent repeatable link, but I've crashed 3 times today with the current nightly. The crash is triggered when I close an existing tab with multiple tabs open.

Here's 2 crash log variations.

Process:         Safari [2373]
Path:            /Applications/WebKit.app/Contents/MacOS/WebKit
Identifier:      org.webkit.nightly.WebKit
Version:         r86499 (86499)
Code Type:       PPC (Native)
Parent Process:  launchd [118]

Date/Time:       2011-05-15 11:11:07.265 -0400
OS Version:      Mac OS X 10.5.8 (9L30)
Report Version:  6
Anonymous UUID:  F41C1802-6457-4B49-A738-107FEBA3B7F7

Exception Type:  EXC_BAD_ACCESS (SIGSEGV)
Exception Codes: KERN_INVALID_ADDRESS at 0x000000001f3443a4
Crashed Thread:  0

Thread 0 Crashed:
0   com.apple.JavaScriptCore          0x007f4b30 JSC::slowValidateCell(JSC::JSCell*) + 64
1   com.apple.JavaScriptCore          0x007c7dc0 JSC::Interpreter::tryCacheGetByID(JSC::ExecState*, JSC::CodeBlock*, JSC::Instruction*, JSC::JSValue, JSC::Identifier const&, JSC::PropertySlot const&) + 448
2   com.apple.JavaScriptCore          0x007d0bd0 JSC::Interpreter::privateExecute(JSC::Interpreter::ExecutionFlag, JSC::RegisterFile*, JSC::ExecState*) + 32128
3   com.apple.JavaScriptCore          0x007e45f8 JSC::Interpreter::executeCall(JSC::ExecState*, JSC::JSObject*, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) + 1816
4   com.apple.JavaScriptCore          0x0077a8b4 JSC::call(JSC::ExecState*, JSC::JSValue, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) + 84
5   com.apple.WebCore                 0x01f77ae0 WebCore::JSEventListener::handleEvent(WebCore::ScriptExecutionContext*, WebCore::Event*) + 2768
6   com.apple.WebCore                 0x01ba42e8 WebCore::EventTarget::fireEventListeners(WebCore::Event*, WebCore::EventTargetData*, WTF::Vector<WebCore::RegisteredEventListener, 1ul>&) + 376
7   com.apple.WebCore                 0x01ba43f4 WebCore::EventTarget::fireEventListeners(WebCore::Event*) + 116
8   com.apple.WebCore                 0x01b8c848 WebCore::EventContext::handleLocalEvents(WebCore::Event*) const + 136
9   com.apple.WebCore                 0x01b8d2ec WebCore::EventDispatcher::dispatchEvent(WTF::PassRefPtr<WebCore::Event>) + 956
10  com.apple.WebCore                 0x01b8c708 WebCore::EventDispatchMediator::dispatchEvent(WebCore::EventDispatcher*) const + 56
11  com.apple.WebCore                 0x01b8d61c WebCore::EventDispatcher::dispatchEvent(WebCore::Node*, WebCore::EventDispatchMediator const&) + 60
12  com.apple.WebCore                 0x0247935c WebCore::Node::dispatchEvent(WTF::PassRefPtr<WebCore::Event>) + 60
13  com.apple.WebCore                 0x01ba4108 WebCore::EventTarget::dispatchEvent(WTF::PassRefPtr<WebCore::Event>, int&) + 152
14  com.apple.WebCore                 0x01b92a98 WebCore::EventHandler::keyEvent(WebCore::PlatformKeyboardEvent const&) + 1016
15  com.apple.WebKit                  0x00a15154 -[WebHTMLView flagsChanged:] + 180
16  com.apple.AppKit                  0x96a36e3c -[NSWindow sendEvent:] + 7428
17  com.apple.Safari                  0x00045b9c 0x1000 + 281500
18  com.apple.Safari                  0x00045b28 0x1000 + 281384
19  com.apple.AppKit                  0x96a0967c -[NSApplication sendEvent:] + 3256
20  com.apple.Safari                  0x0003bc88 0x1000 + 240776
21  com.apple.AppKit                  0x969768d4 -[NSApplication run] + 800
22  com.apple.AppKit                  0x96947298 NSApplicationMain + 440
23  com.apple.Safari                  0x0000c068 0x1000 + 45160



Process:         Safari [2393]
Path:            /Applications/WebKit.app/Contents/MacOS/WebKit
Identifier:      org.webkit.nightly.WebKit
Version:         r86499 (86499)
Code Type:       PPC (Native)
Parent Process:  launchd [118]

Date/Time:       2011-05-15 11:23:15.184 -0400
OS Version:      Mac OS X 10.5.8 (9L30)
Report Version:  6
Anonymous UUID:  F41C1802-6457-4B49-A738-107FEBA3B7F7

Exception Type:  EXC_BAD_ACCESS (SIGBUS)
Exception Codes: KERN_PROTECTION_FAILURE at 0x0000000000000005
Crashed Thread:  0

Thread 0 Crashed:
0   com.apple.JavaScriptCore          0x007f4b34 JSC::slowValidateCell(JSC::JSCell*) + 68
1   com.apple.JavaScriptCore          0x007c5334 JSC::Interpreter::tryCachePutByID(JSC::ExecState*, JSC::CodeBlock*, JSC::Instruction*, JSC::JSValue, JSC::PutPropertySlot const&) + 196
2   com.apple.JavaScriptCore          0x007d285c JSC::Interpreter::privateExecute(JSC::Interpreter::ExecutionFlag, JSC::RegisterFile*, JSC::ExecState*) + 39436
3   com.apple.JavaScriptCore          0x007e45f8 JSC::Interpreter::executeCall(JSC::ExecState*, JSC::JSObject*, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) + 1816
4   com.apple.JavaScriptCore          0x0077a8b4 JSC::call(JSC::ExecState*, JSC::JSValue, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) + 84
5   com.apple.WebCore                 0x01f77ae0 WebCore::JSEventListener::handleEvent(WebCore::ScriptExecutionContext*, WebCore::Event*) + 2768
6   com.apple.WebCore                 0x01ba42e8 WebCore::EventTarget::fireEventListeners(WebCore::Event*, WebCore::EventTargetData*, WTF::Vector<WebCore::RegisteredEventListener, 1ul>&) + 376
7   com.apple.WebCore                 0x01ba43f4 WebCore::EventTarget::fireEventListeners(WebCore::Event*) + 116
8   com.apple.WebCore                 0x01b4af74 WebCore::DOMWindow::dispatchEvent(WTF::PassRefPtr<WebCore::Event>, WTF::PassRefPtr<WebCore::EventTarget>) + 340
9   com.apple.WebCore                 0x01bec124 WebCore::FrameLoader::stopLoading(WebCore::UnloadEventPolicy) + 1060
10  com.apple.WebCore                 0x01bec4f4 WebCore::FrameLoader::closeURL() + 68
11  com.apple.WebCore                 0x01bec564 WebCore::FrameLoader::detachFromParent() + 68
12  com.apple.WebKit                  0x00a62bf4 -[WebView(WebPrivate) _close] + 148
13  com.apple.Safari                  0x0008bcb4 0x1000 + 568500
14  com.apple.Safari                  0x0008bc40 0x1000 + 568384
15  com.apple.Safari                  0x0008b1d4 0x1000 + 565716
16  com.apple.Safari                  0x000d44b4 0x1000 + 865460
17  com.apple.Safari                  0x000d5dcc 0x1000 + 871884
18  com.apple.AppKit                  0x96a39354 -[NSApplication sendAction:to:from:] + 104
19  com.apple.Safari                  0x0004e350 0x1000 + 316240
20  com.apple.AppKit                  0x96ad4d14 -[NSMenu performActionForItemAtIndex:] + 408
21  com.apple.AppKit                  0x96ad4a44 -[NSCarbonMenuImpl performActionWithHighlightingForItemAtIndex:] + 228
22  com.apple.AppKit                  0x96ad470c -[NSMenu performKeyEquivalent:] + 744
23  com.apple.AppKit                  0x96ad31f0 -[NSApplication _handleKeyEquivalent:] + 456
24  com.apple.AppKit                  0x96a09820 -[NSApplication sendEvent:] + 3676
25  com.apple.Safari                  0x0003bc88 0x1000 + 240776
26  com.apple.AppKit                  0x969768d4 -[NSApplication run] + 800
27  com.apple.AppKit                  0x96947298 NSApplicationMain + 440
28  com.apple.Safari                  0x0000c068 0x1000 + 45160

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

More information about the webkit-unassigned mailing list