[Webkit-unassigned] [Bug 92397] Crash in JSWeakObjectMapGet called from Safari::JSWrapper::disconnectAllWrappers

Thu Aug 9 15:15:14 PDT 2012

https://bugs.webkit.org/show_bug.cgi?id=92397


--- Comment #19 from Kevin M. Dean <kevin at rhubarbproductions.com>  2012-08-09 15:15:38 PST ---
Here's a repeatable crash I just stumbled on. I don't think it matters which sites you have loaded, but for our purposes load amazon.com in multiple tabs. At least 3 tabs should be used, but I find the more you have (6+) the more likely for it to trigger a crash. Once you have the tabs open, press Command-W repeatedly as fast as you can to close all of the tabs until you likely hear the can't do it anymore beep. If it's like mine you'll crash with:

Process:         WebProcess [16196]
Path:            /Applications/WebKit.app/Contents/Frameworks/10.8/WebKit2.framework/WebProcess.app/Contents/MacOS/WebProcess
Identifier:      com.apple.WebProcess
Version:         537+ (537.4+)
Code Type:       X86-64 (Native)
Parent Process:  ??? [1]
User ID:         501

Date/Time:       2012-08-09 18:11:37.810 -0400
OS Version:      Mac OS X 10.8 (12A269)
Report Version:  10

Crashed Thread:  0  Dispatch queue: com.apple.main-thread

Exception Type:  EXC_BAD_ACCESS (SIGSEGV)
Exception Codes: KERN_INVALID_ADDRESS at 0x0000000000001218

VM Regions Near 0x1218:
--> 
    __TEXT                 00000001046ec000-00000001046ed000 [    4K] r-x/rwx SM=COW  /Applications/WebKit.app/Contents/Frameworks/10.8/WebKit2.framework/WebProcess.app/Contents/MacOS/WebProcess

Application Specific Information:
Bundle controller class:
BrowserBundleController


Thread 0 Crashed:: Dispatch queue: com.apple.main-thread
0   com.apple.JavaScriptCore          0x0000000104bd7de6 JSWeakObjectMapGet + 38
1   com.apple.Safari.framework        0x00007fff82ea6055 Safari::JSWrapper::disconnectAllWrappers(Safari::JSWrappable const*) + 85
2   com.apple.Safari.framework        0x00007fff82dd0f23 Safari::ContentExtension::invalidateContentExtensionPage(Safari::WK::BundlePage const&) + 161
3   com.apple.Safari.framework        0x00007fff82dd95fa Safari::ContentExtensionsController::invalidateContentWebPages(Safari::WK::BundlePage const&) + 100
4   com.apple.Safari.framework        0x00007fff82d36885 Safari::BrowserBundleController::willDestroyPage(Safari::WK::Bundle const&, Safari::WK::BundlePage const&) + 87
5   com.apple.Safari.framework        0x00007fff82dba89d Safari::WK::willDestroyPage(OpaqueWKBundle const*, OpaqueWKBundlePage const*, void const*) + 65
6   com.apple.WebKit2                 0x00000001047d4939 WebKit::WebPage::close() + 69
7   com.apple.WebKit2                 0x000000010479bf55 WebKit::WebConnectionToUIProcess::didReceiveMessage(CoreIPC::Connection*, CoreIPC::MessageID, CoreIPC::ArgumentDecoder*) + 179
8   com.apple.WebKit2                 0x0000000104738059 CoreIPC::Connection::dispatchMessage(CoreIPC::Connection::Message<CoreIPC::ArgumentDecoder>&) + 175
9   com.apple.WebKit2                 0x0000000104739577 CoreIPC::Connection::dispatchOneMessage() + 139
10  com.apple.WebCore                 0x0000000105880a88 WebCore::RunLoop::performWork() + 312
11  com.apple.WebCore                 0x0000000105881105 WebCore::RunLoop::performWork(void*) + 53
12  com.apple.CoreFoundation          0x00007fff8d87e841 __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ + 17
13  com.apple.CoreFoundation          0x00007fff8d87e165 __CFRunLoopDoSources0 + 245
14  com.apple.CoreFoundation          0x00007fff8d8a14e5 __CFRunLoopRun + 789
15  com.apple.CoreFoundation          0x00007fff8d8a0dd2 CFRunLoopRunSpecific + 290
16  com.apple.HIToolbox               0x00007fff86447774 RunCurrentEventLoopInMode + 209
17  com.apple.HIToolbox               0x00007fff86447512 ReceiveNextEventCommon + 356
18  com.apple.HIToolbox               0x00007fff864473a3 BlockUntilNextEventMatchingListInMode + 62
19  com.apple.AppKit                  0x00007fff855d8fa3 _DPSNextEvent + 685
20  com.apple.AppKit                  0x00007fff855d8862 -[NSApplication nextEventMatchingMask:untilDate:inMode:dequeue:] + 128
21  com.apple.AppKit                  0x00007fff855cfc03 -[NSApplication run] + 517
22  com.apple.WebCore                 0x00000001058816e3 WebCore::RunLoop::run() + 67
23  com.apple.WebKit2                 0x000000010481ba8a WebKit::WebProcessMain(WebKit::CommandLine const&) + 2586
24  com.apple.WebKit2                 0x00000001047ca65b WebKitMain + 285
25  com.apple.WebProcess              0x00000001046ece7b main + 214
26  libdyld.dylib                     0x00007fff8883a7e1 start + 1

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.