[Webkit-unassigned] [Bug 106412] New: Assertion failure in WebCore::HTMLConstructionSite::HTMLConstructionSite

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Tue Jan 8 20:52:49 PST 2013 

https://bugs.webkit.org/show_bug.cgi?id=106412

           Summary: Assertion failure in
                    WebCore::HTMLConstructionSite::HTMLConstructionSite
           Product: WebKit
           Version: 528+ (Nightly build)
          Platform: Macintosh
        OS/Version: Unspecified
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: HTML Editing
        AssignedTo: webkit-unassigned at lists.webkit.org
        ReportedBy: slewis at apple.com
                CC: tonyg at chromium.org


Created an attachment (id=181836)
 --> (https://bugs.webkit.org/attachment.cgi?id=181836&action=review)
crash log

Occurs on Mac Debug WK1 and WK2 Mountain Lion and Lion

Failing tests:
[540/1529] editing/style/justify-without-enclosing-block.xhtml failed unexpectedly (DumpRenderTree crashed [pid=8563])
[1134/1529] editing/execCommand/insert-list-xml.xhtml failed unexpectedly (DumpRenderTree crashed [pid=8566])
[1173/1529] editing/pasteboard/paste-noscript-xhtml.xhtml failed unexpectedly (DumpRenderTree crashed [pid=8572])
[1287/1529] editing/pasteboard/paste-xml.xhtml failed unexpectedly (DumpRenderTree crashed [pid=8598])

Exception Codes: KERN_INVALID_ADDRESS at 0x00000000bbadbeef

VM Regions Near 0xbbadbeef:
--> 
    __TEXT                 000000010089a000-000000010089b000 [    4K] r-x/rwx SM=COW  /Volumes/VOLUME/*/WebKit2.framework/WebProcess.app/Contents/MacOS/WebProcess

Application Specific Information:
objc[40866]: garbage collection is OFF
CRASHING TEST: editing/pasteboard/paste-noscript-xhtml.xhtml

Thread 0 Crashed:: Dispatch queue: com.apple.main-thread
0   com.apple.WebCore                 0x000000010342b0d4 WebCore::HTMLConstructionSite::HTMLConstructionSite(WebCore::DocumentFragment*, WebCore::FragmentScriptingPermission, unsigned int) + 276 (HTMLConstructionSite.cpp:161)
1   com.apple.WebCore                 0x000000010342afb9 WebCore::HTMLConstructionSite::HTMLConstructionSite(WebCore::DocumentFragment*, WebCore::FragmentScriptingPermission, unsigned int) + 41 (HTMLConstructionSite.cpp:162)
2   com.apple.WebCore                 0x000000010350db69 WebCore::HTMLTreeBuilder::HTMLTreeBuilder(WebCore::HTMLDocumentParser*, WebCore::DocumentFragment*, WebCore::Element*, WebCore::FragmentScriptingPermission, WebCore::HTMLParserOptions const&) + 121 (HTMLTreeBuilder.cpp:301)
3   com.apple.WebCore                 0x000000010350dadd WebCore::HTMLTreeBuilder::HTMLTreeBuilder(WebCore::HTMLDocumentParser*, WebCore::DocumentFragment*, WebCore::Element*, WebCore::FragmentScriptingPermission, WebCore::HTMLParserOptions const&) + 61 (HTMLTreeBuilder.cpp:320)
4   com.apple.WebCore                 0x000000010344ad99 WebCore::HTMLTreeBuilder::create(WebCore::HTMLDocumentParser*, WebCore::DocumentFragment*, WebCore::Element*, WebCore::FragmentScriptingPermission, WebCore::HTMLParserOptions const&) + 89 (HTMLTreeBuilder.h:67)
5   com.apple.WebCore                 0x0000000103448560 WebCore::HTMLDocumentParser::HTMLDocumentParser(WebCore::DocumentFragment*, WebCore::Element*, WebCore::FragmentScriptingPermission) + 352 (HTMLDocumentParser.cpp:92)
6   com.apple.WebCore                 0x00000001034483eb WebCore::HTMLDocumentParser::HTMLDocumentParser(WebCore::DocumentFragment*, WebCore::Element*, WebCore::FragmentScriptingPermission) + 43 (HTMLDocumentParser.cpp:99)
7   com.apple.WebCore                 0x000000010344bb37 WebCore::HTMLDocumentParser::create(WebCore::DocumentFragment*, WebCore::Element*, WebCore::FragmentScriptingPermission) + 71 (HTMLDocumentParser.h:93)
8   com.apple.WebCore                 0x000000010344a801 WebCore::HTMLDocumentParser::parseDocumentFragment(WTF::String const&, WebCore::DocumentFragment*, WebCore::Element*, WebCore::FragmentScriptingPermission) + 49 (HTMLDocumentParser.cpp:547)
9   com.apple.WebCore                 0x00000001030463cb WebCore::DocumentFragment::parseHTML(WTF::String const&, WebCore::Element*, WebCore::FragmentScriptingPermission) + 43 (DocumentFragment.cpp:82)
10  com.apple.WebCore                 0x0000000103ceefa7 WebCore::createFragmentFromMarkup(WebCore::Document*, WTF::String const&, WTF::String const&, WebCore::FragmentScriptingPermission) + 231 (markup.cpp:673)
11  com.apple.WebCore                 0x0000000103e1cdcc WebCore::Pasteboard::documentFragment(WebCore::Frame*, WTF::PassRefPtr<WebCore::Range>, bool, bool&) + 1660 (PasteboardMac.mm:470)
12  com.apple.WebCore                 0x00000001031f6824 WebCore::Editor::pasteWithPasteboard(WebCore::Pasteboard*, bool) + 308 (EditorMac.mm:87)
13  com.apple.WebCore                 0x00000001031de6d9 WebCore::Editor::paste() + 265 (Editor.cpp:1031)
14  com.apple.WebCore                 0x00000001031f0da1 _ZN7WebCoreL12executePasteEPNS_5FrameEPNS_5EventENS_19EditorCommandSourceERKN3WTF6StringE + 97 (EditorCommand.cpp:915)
15  com.apple.WebCore                 0x00000001031ed2f0 WebCore::Editor::Command::execute(WTF::String const&, WebCore::Event*) const + 208 (EditorCommand.cpp:1704)
16  com.apple.WebCore                 0x0000000102ffe54e WebCore::Document::execCommand(WTF::String const&, bool, WTF::String const&) + 78 (Document.cpp:4177)
17  com.apple.WebCore                 0x00000001037c82c2 WebCore::jsDocumentPrototypeFunctionExecCommand(JSC::ExecState*) + 978 (JSDocument.cpp:2602)
18  ???                               0x0000397ec9201045 0 + 63216702984261
19  com.apple.JavaScriptCore          0x0000000101e2ca04 JSC::JITCode::execute(JSC::JSStack*, JSC::ExecState*, JSC::JSGlobalData*) + 84 (JITCode.h:134)
20  com.apple.JavaScriptCore          0x0000000101e29c7f JSC::Interpreter::executeCall(JSC::ExecState*, JSC::JSObject*, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) + 1519 (Interpreter.cpp:1055)
21  com.apple.JavaScriptCore          0x0000000101c476f2 JSC::call(JSC::ExecState*, JSC::JSValue, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) + 306 (CallData.cpp:39)
22  com.apple.WebCore                 0x0000000103739c12 WebCore::JSMainThreadExecState::call(JSC::ExecState*, JSC::JSValue, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) + 146 (JSMainThreadExecState.h:56)
23  com.apple.WebCore                 0x000000010387b366 WebCore::JSEventListener::handleEvent(WebCore::ScriptExecutionContext*, WebCore::Event*) + 1238 (JSEventListener.cpp:129)
24  com.apple.WebCore                 0x00000001032520c3 WebCore::EventTarget::fireEventListeners(WebCore::Event*, WebCore::EventTargetData*, WTF::Vector<WebCore::RegisteredEventListener, 1ul>&) + 499 (EventTarget.cpp:211)
25  com.apple.WebCore                 0x0000000103251e95 WebCore::EventTarget::fireEventListeners(WebCore::Event*) + 325 (EventTarget.cpp:177)
26  com.apple.WebCore                 0x000000010319b4c0 WebCore::DOMWindow::dispatchEvent(WTF::PassRefPtr<WebCore::Event>, WTF::PassRefPtr<WebCore::EventTarget>) + 272 (DOMWindow.cpp:1686)
27  com.apple.WebCore                 0x00000001031a24d8 WebCore::DOMWindow::dispatchLoadEvent() + 296 (DOMWindow.cpp:1660)
28  com.apple.WebCore                 0x0000000102ff76ef WebCore::Document::dispatchWindowLoadEvent() + 143 (Document.cpp:3663)
29  com.apple.WebCore                 0x0000000102ff51ad WebCore::Document::implicitClose() + 493 (Document.cpp:2421)
30  com.apple.WebCore                 0x00000001033196fb WebCore::FrameLoader::checkCallImplicitClose() + 155 (FrameLoader.cpp:834)
31  com.apple.WebCore                 0x00000001033193c3 WebCore::FrameLoader::checkCompleted() + 323 (FrameLoader.cpp:778)
32  com.apple.WebCore                 0x00000001033197c9 WebCore::FrameLoader::completed() + 185 (FrameLoader.cpp:1084)
33  com.apple.WebCore                 0x00000001033193e0 WebCore::FrameLoader::checkCompleted() + 352 (FrameLoader.cpp:781)
34  com.apple.WebCore                 0x0000000103319565 WebCore::FrameLoader::loadDone() + 21 (FrameLoader.cpp:723)
35  com.apple.WebCore                 0x0000000102d3d652 WebCore::CachedResourceLoader::loadDone(WebCore::CachedResource*) + 114 (CachedResourceLoader.cpp:723)
36  com.apple.WebCore                 0x00000001043ae1ff WebCore::SubresourceLoader::releaseResources() + 191 (SubresourceLoader.cpp:320)
37  com.apple.WebCore                 0x00000001041826eb WebCore::ResourceLoader::didFail(WebCore::ResourceError const&) + 283 (ResourceLoader.cpp:356)
38  com.apple.WebCore                 0x00000001043adfc5 WebCore::SubresourceLoader::didFail(WebCore::ResourceError const&) + 453 (SubresourceLoader.cpp:296)
39  com.apple.WebCore                 0x0000000104182d35 WebCore::ResourceLoader::didFail(WebCore::ResourceHandle*, WebCore::ResourceError const&) + 101 (ResourceLoader.cpp:465)
40  com.apple.WebCore                 0x000000010417fa25 -[WebCoreResourceHandleAsDelegate connection:didFailWithError:] + 245 (ResourceHandleMac.mm:834)
41  com.apple.Foundation              0x00007fff83187b3b ___NSURLConnectionDidFail_block_invoke_1 + 125
42  com.apple.Foundation              0x00007fff83187ab8 _NSURLConnectionDidFail + 85
43  com.apple.CFNetwork               0x00007fff8a37f75d URLConnectionClient::_clientDidFailWithError(__CFError*, URLConnectionClient::ClientConnectionEventQueue*) + 667
44  com.apple.CFNetwork               0x00007fff8a37e915 URLConnectionClient::ClientConnectionEventQueue::processAllEventsAndConsumePayload(XConnectionEventInfo<XClientEvent, XClientEventParams>*, long) + 885
45  com.apple.CFNetwork               0x00007fff8a2a9231 URLConnectionClient::processEvents() + 185
46  com.apple.CFNetwork               0x00007fff8a2a90d6 MultiplexerSource::perform() + 212
47  com.apple.CoreFoundation          0x00007fff854734f1 __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ + 17
48  com.apple.CoreFoundation          0x00007fff85472d5d __CFRunLoopDoSources0 + 253
49  com.apple.CoreFoundation          0x00007fff85499b49 __CFRunLoopRun + 905
50  com.apple.CoreFoundation          0x00007fff85499486 CFRunLoopRunSpecific + 230
51  com.apple.HIToolbox               0x00007fff867f02bf RunCurrentEventLoopInMode + 277
52  com.apple.HIToolbox               0x00007fff867f756d ReceiveNextEventCommon + 355
53  com.apple.HIToolbox               0x00007fff867f73fa BlockUntilNextEventMatchingListInMode + 62
54  com.apple.AppKit                  0x00007fff84312779 _DPSNextEvent + 659
55  com.apple.AppKit                  0x00007fff8431207d -[NSApplication nextEventMatchingMask:untilDate:inMode:dequeue:] + 135
56  com.apple.AppKit                  0x00007fff8430e9b9 -[NSApplication run] + 470
57  com.apple.WebCore                 0x00000001041b939c WebCore::RunLoop::run() + 92 (RunLoopMac.mm:37)
58  com.apple.WebKit2                 0x0000000100c65eaf int WebKit::ChildProcessMain<WebKit::WebProcess, WebKit::WebProcessMainDelegate>(WebKit::CommandLine const&) + 815 (ChildProcessMain.h:106)
59  com.apple.WebKit2                 0x0000000100c65b75 WebKit::WebProcessMain(WebKit::CommandLine const&) + 21 (WebProcessMainMac.mm:152)
60  com.apple.WebKit2                 0x0000000100b5f279 _ZL10WebKitMainRKN6WebKit11CommandLineE + 201 (WebKitMain.cpp:56)
61  com.apple.WebKit2                 0x0000000100b5f189 WebKitMain + 153 (WebKitMain.cpp:86)
62  com.apple.WebProcess              0x000000010089ad92 main + 274
63  com.apple.WebProcess              0x000000010089ac74 start + 52

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

More information about the webkit-unassigned mailing list