[Webkit-unassigned] [Bug 105561] New: media/track/track-webvtt-tc002-bom.html crashes in WebCore::removeAllChildrenInContainer()
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Thu Dec 20 11:51:24 PST 2012
https://bugs.webkit.org/show_bug.cgi?id=105561
Summary: media/track/track-webvtt-tc002-bom.html crashes in
WebCore::removeAllChildrenInContainer()
Product: WebKit
Version: 528+ (Nightly build)
Platform: Unspecified
URL: http://build.webkit.org/results/Apple%20Lion%20Release
%20WK1%20(Tests)/r138273%20(7531)/media/track/track-we
bvtt-tc002-bom-crash-log.txt
OS/Version: Unspecified
Status: NEW
Severity: Normal
Priority: P2
Component: Media Elements
AssignedTo: webkit-unassigned at lists.webkit.org
ReportedBy: simon.fraser at apple.com
CC: eric.carlson at apple.com, dino at apple.com
Crashed Thread: 0 Dispatch queue: com.apple.main-thread
Exception Type: EXC_BAD_ACCESS (SIGSEGV)
Exception Codes: KERN_INVALID_ADDRESS at 0x0000000100000007
VM Regions Near 0x100000007:
-->
__TEXT 0000000102240000-00000001022a0000 [ 384K] r-x/rwx SM=COW /Volumes/VOLUME/*
Application Specific Information:
CRASHING TEST: media/track/track-webvtt-tc002-bom.html
objc[82942]: garbage collection is OFF
Thread 0 Crashed:: Dispatch queue: com.apple.main-thread
0 ??? 0x0000000100000007 0 + 4294967303
1 com.apple.WebCore 0x0000000102cda018 void WebCore::removeAllChildrenInContainer<WebCore::Node, WebCore::ContainerNode>(WebCore::ContainerNode*) + 232
2 com.apple.WebCore 0x0000000102dc392b WebCore::Document::removedLastRef() + 539
3 com.apple.WebCore 0x000000010331f42b WebCore::JSNodeOwner::finalize(JSC::Handle<JSC::Unknown>, void*) + 59
4 com.apple.JavaScriptCore 0x000000010263b64c JSC::WeakBlock::sweep() + 108 (WeakImpl.h:84)
5 com.apple.JavaScriptCore 0x000000010263b9b8 JSC::WeakSet::sweep() + 40 (DoublyLinkedList.h:118)
6 com.apple.JavaScriptCore 0x0000000102571d18 JSC::MarkedBlock::sweep(JSC::MarkedBlock::SweepMode) + 24 (MarkedBlock.cpp:112)
7 com.apple.JavaScriptCore 0x000000010263a6a3 JSC::MarkedAllocator::allocateSlowCase(unsigned long) + 99 (MarkedAllocator.cpp:34)
8 com.apple.WebCore 0x000000010328d25c WebCore::JSHTMLTrackElement::create(JSC::Structure*, WebCore::JSDOMGlobalObject*, WTF::PassRefPtr<WebCore::HTMLTrackElement>) + 76
9 com.apple.WebCore 0x000000010328d1b8 WebCore::JSDOMWrapper* WebCore::createWrapper<WebCore::JSHTMLTrackElement, WebCore::HTMLTrackElement>(JSC::ExecState*, WebCore::JSDOMGlobalObject*, WebCore::HTMLTrackElement*) + 248
10 com.apple.WebCore 0x000000010328b7c3 WebCore::createJSHTMLWrapper(JSC::ExecState*, WebCore::JSDOMGlobalObject*, WTF::PassRefPtr<WebCore::HTMLElement>) + 12563
11 com.apple.WebCore 0x000000010331f86f WebCore::createWrapper(JSC::ExecState*, WebCore::JSDOMGlobalObject*, WebCore::Node*) + 95
12 com.apple.WebCore 0x0000000103300b2f WebCore::JSLazyEventListener::initializeJSFunction(WebCore::ScriptExecutionContext*) const + 879
13 com.apple.WebCore 0x0000000103174771 WebCore::JSEventListener::jsFunction(WebCore::ScriptExecutionContext*) const + 97
14 com.apple.WebCore 0x000000010324df8a WebCore::JSEventListener::handleEvent(WebCore::ScriptExecutionContext*, WebCore::Event*) + 90
15 com.apple.WebCore 0x0000000102f1b844 WebCore::EventTarget::fireEventListeners(WebCore::Event*, WebCore::EventTargetData*, WTF::Vector<WebCore::RegisteredEventListener, 1ul>&) + 324
16 com.apple.WebCore 0x0000000102f1b6d2 WebCore::EventTarget::fireEventListeners(WebCore::Event*) + 66
17 com.apple.WebCore 0x000000010351444b WebCore::Node::handleLocalEvents(WebCore::Event*) + 59
18 com.apple.WebCore 0x0000000102f03ed4 WebCore::EventContext::handleLocalEvents(WebCore::Event*) const + 148
19 com.apple.WebCore 0x0000000102f05d7b WebCore::EventDispatcher::dispatchEvent(WTF::PassRefPtr<WebCore::Event>) + 1019
20 com.apple.WebCore 0x0000000102f07005 WebCore::EventDispatchMediator::dispatchEvent(WebCore::EventDispatcher*) const + 37
21 com.apple.WebCore 0x0000000102f0446c WebCore::EventDispatcher::dispatchEvent(WebCore::Node*, WTF::PassRefPtr<WebCore::EventDispatchMediator>) + 156
22 com.apple.WebCore 0x0000000103514600 WebCore::Node::dispatchEvent(WTF::PassRefPtr<WebCore::Event>) + 240
23 com.apple.WebCore 0x0000000102f1b5a0 WebCore::EventTarget::dispatchEvent(WTF::PassRefPtr<WebCore::Event>, int&) + 112
24 com.apple.WebCore 0x0000000103074ee0 WebCore::HTMLTrackElement::didCompleteLoad(WebCore::LoadableTextTrack*, WebCore::HTMLTrackElement::LoadStatus) + 448
25 com.apple.WebCore 0x00000001038b0a3f WebCore::ThreadTimers::sharedTimerFiredInternal() + 159
26 com.apple.WebCore 0x000000010373bb43 _ZN7WebCoreL10timerFiredEP16__CFRunLoopTimerPv + 51
27 com.apple.CoreFoundation 0x00007fff86767934 __CFRUNLOOP_IS_CALLING_OUT_TO_A_TIMER_CALLBACK_FUNCTION__ + 20
28 com.apple.CoreFoundation 0x00007fff86767486 __CFRunLoopDoTimer + 534
29 com.apple.CoreFoundation 0x00007fff86747e11 __CFRunLoopRun + 1617
30 com.apple.CoreFoundation 0x00007fff86747486 CFRunLoopRunSpecific + 230
31 com.apple.Foundation 0x00007fff83611f7b -[NSRunLoop(NSRunLoop) runMode:beforeDate:] + 267
32 DumpRenderTree 0x000000010224d455 _ZL7runTestRKNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEEE + 1624 (DumpRenderTree.mm:1378)
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list