[Webkit-unassigned] [Bug 81453] New: Actual crash (not assertion failure) underneath WebFrameProxy::removeChild on Lion Intel Debug WebKit2 testers

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Sat Mar 17 12:04:47 PDT 2012 

https://bugs.webkit.org/show_bug.cgi?id=81453

           Summary: Actual crash (not assertion failure) underneath
                    WebFrameProxy::removeChild on Lion Intel Debug WebKit2
                    testers
           Product: WebKit
           Version: 528+ (Nightly build)
          Platform: Unspecified
               URL: http://build.webkit.org/results/Lion%20Intel%20Debug%2
                    0(WebKit2%20Tests)/r111114%20(5002)/fast/frames/iframe
                    -reparenting-crash-log.txt
        OS/Version: Unspecified
            Status: NEW
          Keywords: LayoutTestFailure, MakingBotsRed, NeedsRadar,
                    Regression
          Severity: Normal
          Priority: P2
         Component: WebKit2
        AssignedTo: webkit-unassigned at lists.webkit.org
        ReportedBy: jberlin at webkit.org
                CC: ap at webkit.org, andersca at apple.com, sam at webkit.org,
                    webkit-bug-importer at group.apple.com


http://build.webkit.org/results/Lion%20Intel%20Debug%20(WebKit2%20Tests)/r111114%20(5002)/fast/frames/iframe-reparenting-crash-log.txt
http://build.webkit.org/results/Lion%20Intel%20Debug%20(WebKit2%20Tests)/r111114%20(5002)/fast/events/before-unload-adopt-within-subframes-crash-log.txt

Unfortunately, due to the state of our tests, I am not sure when this started.

I do suspect fast/frames/iframe-reparenting.html and fast/events/before-unload-adopt-withing-subframes.html, but I have yet to verify that locally (don't have updated source but wanted to document this).

Process:         WebKitTestRunner [71009]
Path:            /Volumes/VOLUME/*/WebKitTestRunner
Identifier:      WebKitTestRunner
Version:         ??? (???)
Code Type:       X86-64 (Native)
Parent Process:  Python [70835]

Date/Time:       2012-03-17 00:16:47.550 -0700
OS Version:      Mac OS X 10.7.3 (11D50)
Report Version:  9

Crashed Thread:  0  Dispatch queue: com.apple.main-thread

Exception Type:  EXC_BAD_ACCESS (SIGSEGV)
Exception Codes: KERN_INVALID_ADDRESS at 0x0000000000000040

VM Regions Near 0x40:
--> 
    __TEXT                 000000010503f000-0000000105056000 [   92K] r-x/rwx SM=COW  /Volumes/VOLUME/*

Application Specific Information:
objc[71009]: garbage collection is OFF

Thread 0 Crashed:: Dispatch queue: com.apple.main-thread
0   com.apple.WebKit2                 0x0000000105268737 WebKit::WebFrameProxy::removeChild(WebKit::WebFrameProxy*) + 231 (type_traits:3028)
1   com.apple.WebKit2                 0x00000001052688b2 WebKit::WebFrameProxy::didRemoveFromHierarchy() + 50 (WebFrameProxy.cpp:264)
2   com.apple.WebKit2                 0x00000001052f0abc WebKit::WebPageProxy::didRemoveFrameFromHierarchy(unsigned long long, CoreIPC::ArgumentDecoder*) + 316 (WebPageProxy.cpp:1967)
3   com.apple.WebKit2                 0x0000000105347a22 void CoreIPC::callMemberFunction<WebKit::WebPageProxy, void (WebKit::WebPageProxy::*)(unsigned long long, CoreIPC::ArgumentDecoder*), unsigned long long>(CoreIPC::Arguments1<unsigned long long> const&, CoreIPC::ArgumentDecoder*, WebKit::WebPageProxy*, void (WebKit::WebPageProxy::*)(unsigned long long, CoreIPC::ArgumentDecoder*)) + 146 (HandleMessage.h:230)
4   com.apple.WebKit2                 0x00000001053396f7 void CoreIPC::handleMessageVariadic<Messages::WebPageProxy::DidRemoveFrameFromHierarchy, WebKit::WebPageProxy, void (WebKit::WebPageProxy::*)(unsigned long long, CoreIPC::ArgumentDecoder*)>(CoreIPC::ArgumentDecoder*, WebKit::WebPageProxy*, void (WebKit::WebPageProxy::*)(unsigned long long, CoreIPC::ArgumentDecoder*)) + 119 (HandleMessage.h:327)
5   com.apple.WebKit2                 0x0000000105335b08 WebKit::WebPageProxy::didReceiveWebPageProxyMessage(CoreIPC::Connection*, CoreIPC::MessageID, CoreIPC::ArgumentDecoder*) + 3016 (WebPageProxyMessageReceiver.cpp:258)
6   com.apple.WebKit2                 0x00000001052ee23f WebKit::WebPageProxy::didReceiveMessage(CoreIPC::Connection*, CoreIPC::MessageID, CoreIPC::ArgumentDecoder*) + 271 (WebPageProxy.cpp:1615)
7   com.apple.WebKit2                 0x0000000105389be6 WebKit::WebProcessProxy::didReceiveMessage(CoreIPC::Connection*, CoreIPC::MessageID, CoreIPC::ArgumentDecoder*) + 438 (WebProcessProxy.cpp:332)
8   com.apple.WebKit2                 0x0000000105203735 WebKit::WebConnectionToWebProcess::didReceiveMessage(CoreIPC::Connection*, CoreIPC::MessageID, CoreIPC::ArgumentDecoder*) + 405 (WebConnectionToWebProcess.cpp:93)
9   com.apple.WebKit2                 0x000000010520377d non-virtual thunk to WebKit::WebConnectionToWebProcess::didReceiveMessage(CoreIPC::Connection*, CoreIPC::MessageID, CoreIPC::ArgumentDecoder*) + 61
10  com.apple.WebKit2                 0x000000010509ed2c CoreIPC::Connection::dispatchMessage(CoreIPC::Connection::Message<CoreIPC::ArgumentDecoder>&) + 428 (Connection.cpp:692)
11  com.apple.WebKit2                 0x00000001050a1883 CoreIPC::Connection::dispatchMessages() + 211 (Connection.cpp:720)
12  com.apple.WebKit2                 0x00000001050a8990 WTF::FunctionWrapper<void (CoreIPC::Connection::*)()>::operator()(CoreIPC::Connection*) + 112 (Functional.h:173)
13  com.apple.WebKit2                 0x00000001050a8915 WTF::BoundFunctionImpl<WTF::FunctionWrapper<void (CoreIPC::Connection::*)()>, void ()(CoreIPC::Connection*)>::operator()() + 53 (Functional.h:373)
14  com.apple.WebCore                 0x00000001087139cd WTF::Function<void ()()>::operator()() const + 141 (Functional.h:581)
15  com.apple.WebCore                 0x0000000108713753 WebCore::RunLoop::performWork() + 147 (RunLoop.cpp:66)
16  com.apple.WebCore                 0x0000000108714b70 WebCore::RunLoop::performWork(void*) + 96 (RunLoopMac.mm:65)
17  com.apple.CoreFoundation          0x00007fff8b9856e1 __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ + 17
18  com.apple.CoreFoundation          0x00007fff8b984f4d __CFRunLoopDoSources0 + 253
19  com.apple.CoreFoundation          0x00007fff8b9abd39 __CFRunLoopRun + 905
20  com.apple.CoreFoundation          0x00007fff8b9ab676 CFRunLoopRunSpecific + 230
21  com.apple.Foundation              0x00007fff8a8cdf9f -[NSRunLoop(NSRunLoop) runMode:beforeDate:] + 267
22  WebKitTestRunner                  0x0000000105049ccc WTR::TestController::platformRunUntil(bool&, double) + 204 (TestControllerMac.mm:60)
23  WebKitTestRunner                  0x00000001050455e5 WTR::TestController::runUntil(bool&, WTR::TestController::TimeoutDuration) + 149 (TestController.cpp:564)
24  WebKitTestRunner                  0x000000010504547c WTR::TestController::resetStateToConsistentValues() + 1564 (TestController.cpp:487)
25  WebKitTestRunner                  0x0000000105045626 WTR::TestController::runTest(char const*) + 54 (TestController.cpp:492)
26  WebKitTestRunner                  0x0000000105045d72 WTR::TestController::runTestingServerLoop() + 178 (TestController.cpp:530)
27  WebKitTestRunner                  0x00000001050443e0 WTR::TestController::run() + 48 (TestController.cpp:538)
28  WebKitTestRunner                  0x00000001050430a6 WTR::TestController::TestController(int, char const**) + 614 (TestController.cpp:88)
29  WebKitTestRunner                  0x0000000105042e33 WTR::TestController::TestController(int, char const**) + 35 (TestController.cpp:89)
30  WebKitTestRunner                  0x0000000105040d8f main + 143 (main.mm:36)
31  WebKitTestRunner                  0x0000000105040cf4 start + 52

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

More information about the webkit-unassigned mailing list