[Webkit-unassigned] [Bug 90209] New: Webkit crashes in DFG on Google Docs when creating a new document
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Thu Jun 28 14:33:23 PDT 2012
https://bugs.webkit.org/show_bug.cgi?id=90209
Summary: Webkit crashes in DFG on Google Docs when creating a
new document
Product: WebKit
Version: 528+ (Nightly build)
Platform: Macintosh
OS/Version: Mac OS X 10.6
Status: NEW
Severity: Critical
Priority: P2
Component: JavaScriptCore
AssignedTo: webkit-unassigned at lists.webkit.org
ReportedBy: esprehn at gmail.com
Process: WebProcess [18394]
Path: /Applications/WebKit.app/Contents/Frameworks/10.6/WebKit2.framework/WebProcess.app/Contents/MacOS/WebProcess
Identifier: com.apple.WebProcess
Version: 537+ (537.1+)
Code Type: X86-64 (Native)
Parent Process: Safari [18389]
Date/Time: 2012-06-28 14:31:45.456 -0700
OS Version: Mac OS X 10.6.8 (10K549)
Report Version: 6
Interval Since Last Report: 110230 sec
Crashes Since Last Report: 7
Per-App Interval Since Last Report: 191672 sec
Per-App Crashes Since Last Report: 7
Anonymous UUID: ACBC7F66-38E8-4DED-AF6F-3F742A121163
Exception Type: EXC_BAD_ACCESS (SIGSEGV)
Exception Codes: KERN_INVALID_ADDRESS at 0x0000003922d26fe4
Crashed Thread: 0 Dispatch queue: com.apple.main-thread
Thread 0 Crashed: Dispatch queue: com.apple.main-thread
0 com.apple.JavaScriptCore 0x000000010123d5f5 JSC::DFG::CFGSimplificationPhase::mergeBlocks(unsigned int, unsigned int, unsigned int) + 1365
1 com.apple.JavaScriptCore 0x000000010123c9e5 JSC::DFG::CFGSimplificationPhase::run() + 389
2 com.apple.JavaScriptCore 0x000000010123c850 JSC::DFG::performCFGSimplification(JSC::DFG::Graph&) + 32
3 com.apple.JavaScriptCore 0x000000010105fb75 JSC::DFG::compile(JSC::DFG::CompileMode, JSC::ExecState*, JSC::CodeBlock*, JSC::JITCode&, JSC::MacroAssemblerCodePtr*) + 853
4 com.apple.JavaScriptCore 0x000000010105f81a JSC::DFG::tryCompileFunction(JSC::ExecState*, JSC::CodeBlock*, JSC::JITCode&, JSC::MacroAssemblerCodePtr&) + 26
5 com.apple.JavaScriptCore 0x00000001010c5e94 JSC::jitCompileFunctionIfAppropriate(JSC::ExecState*, WTF::OwnPtr<JSC::FunctionCodeBlock>&, JSC::JITCode&, JSC::MacroAssemblerCodePtr&, JSC::SharedSymbolTable*&, JSC::JITCode::JITType, JSC::JITCompilationEffort) + 308
6 com.apple.JavaScriptCore 0x00000001010c4916 JSC::FunctionExecutable::compileForCallInternal(JSC::ExecState*, JSC::ScopeChainNode*, JSC::JITCode::JITType) + 294
7 com.apple.JavaScriptCore 0x00000001011126b2 cti_optimize + 258
8 ??? 0x000037947cfa2edf 0 + 61110891458271
9 com.apple.JavaScriptCore 0x00000001010d0826 JSC::Interpreter::execute(JSC::EvalExecutable*, JSC::ExecState*, JSC::JSValue, JSC::ScopeChainNode*, int) + 1190
10 com.apple.JavaScriptCore 0x000000010113842f JSC::globalFuncEval(JSC::ExecState*) + 1231
11 ??? 0x000037947ca01265 0 + 61110885552741
12 com.apple.JavaScriptCore 0x00000001010d3701 JSC::Interpreter::executeCall(JSC::ExecState*, JSC::JSObject*, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) + 913
13 com.apple.JavaScriptCore 0x0000000101028d44 JSC::call(JSC::ExecState*, JSC::JSValue, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) + 52
14 com.apple.JavaScriptCore 0x0000000101122600 JSC::boundFunctionCall(JSC::ExecState*) + 400
15 ??? 0x000037947ca01265 0 + 61110885552741
16 com.apple.JavaScriptCore 0x00000001010d3701 JSC::Interpreter::executeCall(JSC::ExecState*, JSC::JSObject*, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) + 913
17 com.apple.JavaScriptCore 0x0000000101028d44 JSC::call(JSC::ExecState*, JSC::JSValue, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) + 52
18 com.apple.JavaScriptCore 0x0000000101122600 JSC::boundFunctionCall(JSC::ExecState*) + 400
19 ??? 0x000037947ca01265 0 + 61110885552741
20 com.apple.JavaScriptCore 0x00000001010d3701 JSC::Interpreter::executeCall(JSC::ExecState*, JSC::JSObject*, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) + 913
21 com.apple.JavaScriptCore 0x0000000101028d44 JSC::call(JSC::ExecState*, JSC::JSValue, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) + 52
22 com.apple.JavaScriptCore 0x0000000101122600 JSC::boundFunctionCall(JSC::ExecState*) + 400
23 com.apple.JavaScriptCore 0x00000001010d3821 JSC::Interpreter::executeCall(JSC::ExecState*, JSC::JSObject*, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) + 1201
24 com.apple.JavaScriptCore 0x0000000101028d44 JSC::call(JSC::ExecState*, JSC::JSValue, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) + 52
25 com.apple.WebCore 0x0000000101988ad5 WebCore::JSEventListener::handleEvent(WebCore::ScriptExecutionContext*, WebCore::Event*) + 901
26 com.apple.WebCore 0x0000000101690397 WebCore::EventTarget::fireEventListeners(WebCore::Event*, WebCore::EventTargetData*, WTF::Vector<WebCore::RegisteredEventListener, 1ul>&) + 215
27 com.apple.WebCore 0x000000010169022d WebCore::EventTarget::dispatchEvent(WTF::PassRefPtr<WebCore::Event>) + 141
28 com.apple.WebCore 0x0000000101fd1526 WebCore::XMLHttpRequestProgressEventThrottle::dispatchEvent(WTF::PassRefPtr<WebCore::Event>) + 342
29 com.apple.WebCore 0x0000000101fd1598 WebCore::XMLHttpRequestProgressEventThrottle::dispatchReadyStateChangeEvent(WTF::PassRefPtr<WebCore::Event>, WebCore::ProgressEventAction) + 56
30 com.apple.WebCore 0x0000000101fcc7d2 WebCore::XMLHttpRequest::callReadyStateChangeListener() + 354
31 com.apple.WebCore 0x0000000101fd0306 WebCore::XMLHttpRequest::didFinishLoading(unsigned long, double) + 358
32 com.apple.WebCore 0x0000000101552547 WebCore::DocumentThreadableLoader::notifyFinished(WebCore::CachedResource*) + 423
33 com.apple.WebCore 0x000000010142788d WebCore::CachedResource::checkNotify() + 93
34 com.apple.WebCore 0x00000001014267e0 WebCore::CachedRawResource::data(WTF::PassRefPtr<WebCore::SharedBuffer>, bool) + 448
35 com.apple.WebCore 0x0000000101e545df WebCore::SubresourceLoader::didFinishLoading(double) + 143
36 com.apple.Foundation 0x00007fff83d3786c _NSURLConnectionDidFinishLoading + 113
37 com.apple.CFNetwork 0x00007fff8117a0ea URLConnectionClient::_clientDidFinishLoading(URLConnectionClient::ClientConnectionEventQueue*) + 174
38 com.apple.CFNetwork 0x00007fff811e022c URLConnectionClient::ClientConnectionEventQueue::processAllEventsAndConsumePayload(XConnectionEventInfo<XClientEvent, XClientEventParams>*, long) + 254
39 com.apple.CFNetwork 0x00007fff811e0498 URLConnectionClient::ClientConnectionEventQueue::processAllEventsAndConsumePayload(XConnectionEventInfo<XClientEvent, XClientEventParams>*, long) + 874
40 com.apple.CFNetwork 0x00007fff811666d7 URLConnectionClient::processEvents() + 121
41 com.apple.CFNetwork 0x00007fff811664b2 MultiplexerSource::perform() + 160
42 com.apple.CoreFoundation 0x00007fff86c6327d __CFRunLoopDoSources0 + 1021
43 com.apple.CoreFoundation 0x00007fff86c615c9 __CFRunLoopRun + 873
44 com.apple.CoreFoundation 0x00007fff86c60d8f CFRunLoopRunSpecific + 575
45 com.apple.HIToolbox 0x00007fff81b7e7ee RunCurrentEventLoopInMode + 333
46 com.apple.HIToolbox 0x00007fff81b7e5f3 ReceiveNextEventCommon + 310
47 com.apple.HIToolbox 0x00007fff81b7e4ac BlockUntilNextEventMatchingListInMode + 59
48 com.apple.AppKit 0x00007fff89c86eb2 _DPSNextEvent + 708
49 com.apple.AppKit 0x00007fff89c86801 -[NSApplication nextEventMatchingMask:untilDate:inMode:dequeue:] + 155
50 com.apple.AppKit 0x00007fff89c4c68f -[NSApplication run] + 395
51 com.apple.WebCore 0x0000000101d8fd23 WebCore::RunLoop::run() + 67
52 com.apple.WebKit2 0x00000001002e1d4a WebKit::WebProcessMain(WebKit::CommandLine const&) + 700
53 com.apple.WebKit2 0x000000010029779b WebKitMain + 285
54 com.apple.WebProcess 0x0000000100000e5e main + 214
55 com.apple.WebProcess 0x0000000100000d80 start + 52
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list