[Webkit-unassigned] [Bug 98985] New: REGRESSION (r130772-r130836): Crash in WebCore::ScrollingStateScrollingNode::setNonFastScrollableRegion
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Wed Oct 10 20:33:59 PDT 2012
https://bugs.webkit.org/show_bug.cgi?id=98985
Summary: REGRESSION (r130772-r130836): Crash in
WebCore::ScrollingStateScrollingNode::setNonFastScroll
ableRegion
Product: WebKit
Version: 528+ (Nightly build)
Platform: Macintosh Intel
OS/Version: Mac OS X 10.8
Status: UNCONFIRMED
Severity: Critical
Priority: P1
Component: WebCore Misc.
AssignedTo: webkit-unassigned at lists.webkit.org
ReportedBy: kevin at rhubarbproductions.com
I've triggered this bug in 2 different ways, but I've only been able to catch what I'm doing on one of them for repeatable testing. Unfortunately my test case is within my cPanel server's phpmyadmin interface, where I do a search within a table and as soon as the results appear, it crashes:
Process: WebProcess [13558]
Path: /Applications/WebKit.app/Contents/Frameworks/10.8/WebKit2.framework/WebProcess.app/Contents/MacOS/WebProcess
Identifier: com.apple.WebProcess
Version: 537+ (537.14+)
Code Type: X86-64 (Native)
Parent Process: ??? [1]
User ID: 501
Date/Time: 2012-10-10 18:54:04.921 -0400
OS Version: Mac OS X 10.8.2 (12C60)
Report Version: 10
Crashed Thread: 0 Dispatch queue: com.apple.main-thread
Exception Type: EXC_BAD_ACCESS (SIGSEGV)
Exception Codes: KERN_INVALID_ADDRESS at 0x0000000000000050
VM Regions Near 0x50:
-->
__TEXT 0000000108d32000-0000000108d33000 [ 4K] r-x/rwx SM=COW /Applications/WebKit.app/Contents/Frameworks/10.8/WebKit2.framework/WebProcess.app/Contents/MacOS/WebProcess
Application Specific Information:
Bundle controller class:
BrowserBundleController
Thread 0 Crashed:: Dispatch queue: com.apple.main-thread
0 com.apple.WebCore 0x000000010a1f09fd WebCore::ScrollingStateScrollingNode::setNonFastScrollableRegion(WebCore::Region const&) + 13
1 com.apple.WebCore 0x0000000109f9c317 WebCore::ScrollingCoordinator::frameViewLayoutUpdated(WebCore::FrameView*) + 87
2 com.apple.WebCore 0x000000010985a683 WebCore::FrameView::performPostLayoutTasks() + 435
3 com.apple.WebCore 0x000000010985a0f9 WebCore::FrameView::layout(bool) + 2489
4 com.apple.WebCore 0x000000010969195b WebCore::Document::updateLayout() + 43
5 com.apple.WebCore 0x0000000109691a3f WebCore::Document::updateLayoutIgnorePendingStylesheets() + 127
6 com.apple.WebCore 0x000000010a155000 WebCore::VisiblePosition::canonicalPosition(WebCore::Position const&) + 144
7 com.apple.WebCore 0x000000010a154e52 WebCore::VisiblePosition::init(WebCore::Position const&, WebCore::EAffinity) + 34
8 com.apple.WebCore 0x00000001098541a9 WebCore::FrameSelection::localCaretRect() + 265
9 com.apple.WebCore 0x000000010985446b WebCore::FrameSelection::recomputeCaretRect() + 107
10 com.apple.WebCore 0x000000010984c4cd WebCore::FrameSelection::updateAppearance() + 29
11 com.apple.WebCore 0x000000010985a50f WebCore::FrameView::performPostLayoutTasks() + 63
12 com.apple.WebCore 0x000000010985a0f9 WebCore::FrameView::layout(bool) + 2489
13 com.apple.WebCore 0x000000010985f903 WebCore::FrameView::updateLayoutAndStyleIfNeededRecursive() + 131
14 com.apple.WebCore 0x000000010985faed WebCore::FrameView::updateLayoutAndStyleIfNeededRecursive() + 621
15 com.apple.WebKit2 0x0000000108e21cf4 WebKit::WebPage::layoutIfNeeded() + 34
16 com.apple.WebKit2 0x0000000108ddb1fd WebKit::TiledCoreAnimationDrawingArea::flushLayers() + 61
17 com.apple.WebKit2 0x0000000108ddb27d non-virtual thunk to WebKit::TiledCoreAnimationDrawingArea::flushLayers() + 13
18 com.apple.WebCore 0x0000000109d54b44 WebCore::LayerFlushScheduler::runLoopObserverCallback() + 36
19 com.apple.CoreFoundation 0x00007fff8ae139b7 __CFRUNLOOP_IS_CALLING_OUT_TO_AN_OBSERVER_CALLBACK_FUNCTION__ + 23
20 com.apple.CoreFoundation 0x00007fff8ae13921 __CFRunLoopDoObservers + 369
21 com.apple.CoreFoundation 0x00007fff8adee6d4 CFRunLoopRunSpecific + 324
22 com.apple.HIToolbox 0x00007fff8966b0a4 RunCurrentEventLoopInMode + 209
23 com.apple.HIToolbox 0x00007fff8966ae42 ReceiveNextEventCommon + 356
24 com.apple.HIToolbox 0x00007fff8966acd3 BlockUntilNextEventMatchingListInMode + 62
25 com.apple.AppKit 0x00007fff8877a613 _DPSNextEvent + 685
26 com.apple.AppKit 0x00007fff88779ed2 -[NSApplication nextEventMatchingMask:untilDate:inMode:dequeue:] + 128
27 com.apple.AppKit 0x00007fff88771283 -[NSApplication run] + 517
28 com.apple.WebCore 0x0000000109f78203 WebCore::RunLoop::run() + 67
29 com.apple.WebKit2 0x0000000108e68ebe WebKit::WebProcessMain(WebKit::CommandLine const&) + 3772
30 com.apple.WebKit2 0x0000000108e16302 WebKitMain + 286
31 com.apple.WebProcess 0x0000000108d32e7b main + 214
32 libdyld.dylib 0x00007fff90ec57e1 start + 1
The other crash I had, shows a slightly different trace:
Process: WebProcess [14587]
Path: /Applications/WebKit.app/Contents/Frameworks/10.8/WebKit2.framework/WebProcess.app/Contents/MacOS/WebProcess
Identifier: com.apple.WebProcess
Version: 537+ (537.14+)
Code Type: X86-64 (Native)
Parent Process: ??? [1]
User ID: 501
Date/Time: 2012-10-10 23:17:13.477 -0400
OS Version: Mac OS X 10.8.2 (12C60)
Report Version: 10
Crashed Thread: 0 Dispatch queue: com.apple.main-thread
Exception Type: EXC_BAD_ACCESS (SIGSEGV)
Exception Codes: KERN_INVALID_ADDRESS at 0x0000000000000050
VM Regions Near 0x50:
-->
__TEXT 0000000100611000-0000000100612000 [ 4K] r-x/rwx SM=COW /Applications/WebKit.app/Contents/Frameworks/10.8/WebKit2.framework/WebProcess.app/Contents/MacOS/WebProcess
Application Specific Information:
Bundle controller class:
BrowserBundleController
Thread 0 Crashed:: Dispatch queue: com.apple.main-thread
0 com.apple.WebCore 0x0000000101acc81d WebCore::ScrollingStateScrollingNode::setNonFastScrollableRegion(WebCore::Region const&) + 13
1 com.apple.WebCore 0x0000000101878297 WebCore::ScrollingCoordinator::frameViewLayoutUpdated(WebCore::FrameView*) + 87
2 com.apple.WebCore 0x0000000101135f63 WebCore::FrameView::performPostLayoutTasks() + 435
3 com.apple.WebCore 0x00000001011359d9 WebCore::FrameView::layout(bool) + 2489
4 com.apple.WebCore 0x000000010113b1e3 WebCore::FrameView::updateLayoutAndStyleIfNeededRecursive() + 131
5 com.apple.WebCore 0x000000010113b3cd WebCore::FrameView::updateLayoutAndStyleIfNeededRecursive() + 621
6 com.apple.WebKit2 0x00000001006fc950 WebKit::WebPage::layoutIfNeeded() + 34
7 com.apple.WebKit2 0x00000001006b596d WebKit::TiledCoreAnimationDrawingArea::flushLayers() + 61
8 com.apple.WebKit2 0x00000001006b59ed non-virtual thunk to WebKit::TiledCoreAnimationDrawingArea::flushLayers() + 13
9 com.apple.WebCore 0x00000001016307c4 WebCore::LayerFlushScheduler::runLoopObserverCallback() + 36
10 com.apple.CoreFoundation 0x00007fff8ae139b7 __CFRUNLOOP_IS_CALLING_OUT_TO_AN_OBSERVER_CALLBACK_FUNCTION__ + 23
11 com.apple.CoreFoundation 0x00007fff8ae13921 __CFRunLoopDoObservers + 369
12 com.apple.CoreFoundation 0x00007fff8adeee51 __CFRunLoopRun + 929
13 com.apple.CoreFoundation 0x00007fff8adee6b2 CFRunLoopRunSpecific + 290
14 com.apple.HIToolbox 0x00007fff8966b0a4 RunCurrentEventLoopInMode + 209
15 com.apple.HIToolbox 0x00007fff8966ae42 ReceiveNextEventCommon + 356
16 com.apple.HIToolbox 0x00007fff8966acd3 BlockUntilNextEventMatchingListInMode + 62
17 com.apple.AppKit 0x00007fff8877a613 _DPSNextEvent + 685
18 com.apple.AppKit 0x00007fff88779ed2 -[NSApplication nextEventMatchingMask:untilDate:inMode:dequeue:] + 128
19 com.apple.AppKit 0x00007fff88771283 -[NSApplication run] + 517
20 com.apple.WebCore 0x0000000101854183 WebCore::RunLoop::run() + 67
21 com.apple.WebKit2 0x0000000100743b1a WebKit::WebProcessMain(WebKit::CommandLine const&) + 3772
22 com.apple.WebKit2 0x00000001006f0e30 WebKitMain + 286
23 com.apple.WebProcess 0x0000000100611e7b main + 214
24 libdyld.dylib 0x00007fff90ec57e1 start + 1
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list