[Webkit-unassigned] [Bug 119141] New: REGRESSION(FTL?): Crashes in plugin tests

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Fri Jul 26 04:35:57 PDT 2013 

https://bugs.webkit.org/show_bug.cgi?id=119141

           Summary: REGRESSION(FTL?): Crashes in plugin tests
           Product: WebKit
           Version: 528+ (Nightly build)
          Platform: Unspecified
        OS/Version: Unspecified
            Status: NEW
          Keywords: Gtk, LayoutTestFailure, Regression
          Severity: Normal
          Priority: P2
         Component: WebKit Gtk
        AssignedTo: webkit-unassigned at lists.webkit.org
        ReportedBy: zandobersek at gmail.com
                CC: ossy at webkit.org


There are assertions appearing in plugin tests on at least the GTK and Qt builders. These started to appear during/after the FTL merging.
The assertions occur in ScriptCallStack::at, due to the ScriptCallFrame vector being empty.
http://trac.webkit.org/browser/trunk/Source/WebCore/inspector/ScriptCallStack.cpp#L55

Crash log for DumpRenderTree (pid 15884):

[New LWP 15884]
[New LWP 15906]
[New LWP 15908]
[New LWP 15907]
[New LWP 15910]
[New LWP 15909]
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
Core was generated by `/home/slave/webkitgtk/gtk-linux-64-debug-wk1/build/WebKitBuild/Debug/Programs/D'.
Program terminated with signal 11, Segmentation fault.
#0  0x00007ff5156a8349 in WTFCrash () at ../../Source/WTF/wtf/Assertions.cpp:339
339        *(int *)(uintptr_t)0xbbadbeef = 0;

...

Thread 1 (Thread 0x7ff504fef900 (LWP 15884)):
#0  0x00007ff5156a8349 in WTFCrash () at ../../Source/WTF/wtf/Assertions.cpp:339
#1  0x00007ff5115efcc2 in WebCore::ScriptCallStack::at (this=0x25e2980, index=0) at ../../Source/WebCore/inspector/ScriptCallStack.cpp:55
#2  0x00007ff5116fbf83 in WebCore::internalAddMessage (page=0x1edbf00, type=WebCore::LogMessageType, level=WebCore::LogMessageLevel, state=0x7ff4c1a0f060, prpArguments=..., acceptNoArguments=false, printTrace=false) at ../../Source/WebCore/page/Console.cpp:80
#3  0x00007ff5116fc510 in WebCore::Console::log (this=0x1ea2810, state=0x7ff4c1a0f060, arguments=...) at ../../Source/WebCore/page/Console.cpp:131
#4  0x00007ff511b4742a in WebCore::jsConsolePrototypeFunctionLog (exec=0x7ff4c1a0f060) at DerivedSources/WebCore/JSConsole.cpp:208
#5  0x00007ff5154d50b9 in JSC::Interpreter::executeCall (this=0x2560a60, callFrame=0x7ff4c116f8e0, function=0x7ff4c10cedf0, callType=JSC::CallTypeHost, callData=..., thisValue=..., args=...) at ../../Source/JavaScriptCore/interpreter/Interpreter.cpp:934
#6  0x00007ff5155af633 in JSC::call (exec=0x7ff4c116f8e0, functionObject=..., callType=JSC::CallTypeHost, callData=..., thisValue=..., args=...) at ../../Source/JavaScriptCore/runtime/CallData.cpp:39
#7  0x00007ff510ff34e2 in _NPN_Invoke (npp=0x25ddd48, o=0x25e1570, methodName=0x25e0650, args=0x7fff10341f10, argCount=1, result=0x7fff10341ef0) at ../../Source/WebCore/bridge/NP_jsobject.cpp:237
#8  0x00007ff4c3678542 in pluginLogWithWindowObject (windowObject=0x25e1240, instance=0x25ddd48, message=0x7fff10341f90 "PLUGIN: NPP_SetWindow: 800 200") at ../../Tools/DumpRenderTree/TestNetscapePlugIn/PluginObject.cpp:53
#9  0x00007ff4c36786f7 in pluginLogWithArguments (instance=0x25ddd48, format=0x7ff4c3680392 "NPP_SetWindow: %d %d", args=0x7fff103427d8) at ../../Tools/DumpRenderTree/TestNetscapePlugIn/PluginObject.cpp:78
#10 0x00007ff4c36787b9 in pluginLog (instance=0x25ddd48, format=0x7ff4c3680392 "NPP_SetWindow: %d %d") at ../../Tools/DumpRenderTree/TestNetscapePlugIn/PluginObject.cpp:87
#11 0x00007ff4c367d3fd in NPP_SetWindow (instance=0x25ddd48, window=0x25ddd58) at ../../Tools/DumpRenderTree/TestNetscapePlugIn/main.cpp:352
#12 0x00007ff512134f90 in WebCore::PluginView::setNPWindowIfNeeded (this=0x25ddb10) at ../../Source/WebCore/plugins/gtk/PluginViewGtk.cpp:520
#13 0x00007ff512133743 in WebCore::PluginView::updatePluginWidget (this=0x25ddb10) at ../../Source/WebCore/plugins/gtk/PluginViewGtk.cpp:152
#14 0x00007ff5121362bb in WebCore::PluginView::platformStart (this=0x25ddb10) at ../../Source/WebCore/plugins/gtk/PluginViewGtk.cpp:876
#15 0x00007ff5117bd979 in WebCore::PluginView::start (this=0x25ddb10) at ../../Source/WebCore/plugins/PluginView.cpp:274
#16 0x00007ff5117bd59b in WebCore::PluginView::startOrAddToUnstartedList (this=0x25ddb10) at ../../Source/WebCore/plugins/PluginView.cpp:231
#17 0x00007ff5117bd4a9 in WebCore::PluginView::init (this=0x25ddb10) at ../../Source/WebCore/plugins/PluginView.cpp:209
#18 0x00007ff512134c40 in WebCore::PluginView::setParent (this=0x25ddb10, parent=0x1ef6b40) at ../../Source/WebCore/plugins/gtk/PluginViewGtk.cpp:468
#19 0x00007ff511f1a95f in WebCore::ScrollView::addChild (this=0x1ef6b40, prpChild=...) at ../../Source/WebCore/platform/ScrollView.cpp:72
#20 0x00007ff5119c90bf in WebCore::moveWidgetToParentSoon (child=0x25ddb10, parent=0x1ef6b40) at ../../Source/WebCore/rendering/RenderWidget.cpp:81
#21 0x00007ff5119c9a76 in WebCore::RenderWidget::setWidget (this=0x25d22d8, widget=...) at ../../Source/WebCore/rendering/RenderWidget.cpp:213
#22 0x00007ff511966cc8 in WebCore::RenderPart::setWidget (this=0x25d22d8, widget=...) at ../../Source/WebCore/rendering/RenderPart.cpp:57
#23 0x00007ff5116c2fbd in WebCore::SubframeLoader::loadPlugin (this=0x1ee61d8, pluginElement=0x25ae110, url=..., mimeType=..., paramNames=..., paramValues=..., useFallback=false) at ../../Source/WebCore/loader/SubframeLoader.cpp:465
#24 0x00007ff5116c184b in WebCore::SubframeLoader::requestPlugin (this=0x1ee61d8, ownerElement=0x25ae110, url=..., mimeType=..., paramNames=..., paramValues=..., useFallback=false) at ../../Source/WebCore/loader/SubframeLoader.cpp:160
#25 0x00007ff5116c1ed4 in WebCore::SubframeLoader::requestObject (this=0x1ee61d8, ownerElement=0x25ae110, url=..., frameName=..., mimeType=..., paramNames=..., paramValues=...) at ../../Source/WebCore/loader/SubframeLoader.cpp:235
#26 0x00007ff5113f6434 in WebCore::HTMLEmbedElement::updateWidget (this=0x25ae110, pluginCreationOption=WebCore::CreateAnyWidgetType) at ../../Source/WebCore/html/HTMLEmbedElement.cpp:170
#27 0x00007ff511758e3a in WebCore::FrameView::updateWidget (this=0x1ef6b40, object=0x25d22d8) at ../../Source/WebCore/page/FrameView.cpp:2685
#28 0x00007ff511759087 in WebCore::FrameView::updateWidgets (this=0x1ef6b40) at ../../Source/WebCore/page/FrameView.cpp:2725
#29 0x00007ff511759452 in WebCore::FrameView::performPostLayoutTasks (this=0x1ef6b40) at ../../Source/WebCore/page/FrameView.cpp:2800
#30 0x00007ff51175429f in WebCore::FrameView::layout (this=0x1ef6b40, allowSubtree=true) at ../../Source/WebCore/page/FrameView.cpp:1380
#31 0x00007ff5111b8956 in WebCore::Document::implicitClose (this=0x2570340) at ../../Source/WebCore/dom/Document.cpp:2454
#32 0x00007ff511675eb9 in WebCore::FrameLoader::checkCallImplicitClose (this=0x1ee61b0) at ../../Source/WebCore/loader/FrameLoader.cpp:844
#33 0x00007ff511675c24 in WebCore::FrameLoader::checkCompleted (this=0x1ee61b0) at ../../Source/WebCore/loader/FrameLoader.cpp:787
#34 0x00007ff511675962 in WebCore::FrameLoader::finishedParsing (this=0x1ee61b0) at ../../Source/WebCore/loader/FrameLoader.cpp:720
#35 0x00007ff5111bfc2d in WebCore::Document::finishedParsing (this=0x2570340) at ../../Source/WebCore/dom/Document.cpp:4417
#36 0x00007ff511475e35 in WebCore::HTMLConstructionSite::finishedParsing (this=0x254a518) at ../../Source/WebCore/html/parser/HTMLConstructionSite.cpp:348
#37 0x00007ff5114a9f67 in WebCore::HTMLTreeBuilder::finished (this=0x254a500) at ../../Source/WebCore/html/parser/HTMLTreeBuilder.cpp:2926
#38 0x00007ff51147cebe in WebCore::HTMLDocumentParser::end (this=0x25487a0) at ../../Source/WebCore/html/parser/HTMLDocumentParser.cpp:756
#39 0x00007ff51147cfab in WebCore::HTMLDocumentParser::attemptToRunDeferredScriptsAndEnd (this=0x25487a0) at ../../Source/WebCore/html/parser/HTMLDocumentParser.cpp:767
#40 0x00007ff51147bbe2 in WebCore::HTMLDocumentParser::prepareToStopParsing (this=0x25487a0) at ../../Source/WebCore/html/parser/HTMLDocumentParser.cpp:211
#41 0x00007ff51147cfee in WebCore::HTMLDocumentParser::attemptToEnd (this=0x25487a0) at ../../Source/WebCore/html/parser/HTMLDocumentParser.cpp:779
#42 0x00007ff51147d0a5 in WebCore::HTMLDocumentParser::finish (this=0x25487a0) at ../../Source/WebCore/html/parser/HTMLDocumentParser.cpp:828
#43 0x00007ff51166e321 in WebCore::DocumentWriter::end (this=0x254ac50) at ../../Source/WebCore/loader/DocumentWriter.cpp:248
#44 0x00007ff51165ed18 in WebCore::DocumentLoader::finishedLoading (this=0x254abb0, finishTime=0) at ../../Source/WebCore/loader/DocumentLoader.cpp:402
#45 0x00007ff51165ea86 in WebCore::DocumentLoader::notifyFinished (this=0x254abb0, resource=0x2564ae0) at ../../Source/WebCore/loader/DocumentLoader.cpp:344
#46 0x00007ff511642c7a in WebCore::CachedResource::checkNotify (this=0x2564ae0) at ../../Source/WebCore/loader/cache/CachedResource.cpp:369
#47 0x00007ff511642d50 in WebCore::CachedResource::finishLoading (this=0x2564ae0) at ../../Source/WebCore/loader/cache/CachedResource.cpp:385
#48 0x00007ff51163f85c in WebCore::CachedRawResource::finishLoading (this=0x2564ae0, data=0x256b020) at ../../Source/WebCore/loader/cache/CachedRawResource.cpp:94
#49 0x00007ff5116c44b4 in WebCore::SubresourceLoader::didFinishLoading (this=0x2565050, finishTime=0) at ../../Source/WebCore/loader/SubresourceLoader.cpp:282
#50 0x00007ff5116bab47 in WebCore::ResourceLoader::didFinishLoading (this=0x2565050, finishTime=0) at ../../Source/WebCore/loader/ResourceLoader.cpp:488
#51 0x00007ff511f0fe52 in WebCore::readCallback (asyncResult=0x256a9f0, data=0x254c6e0) at ../../Source/WebCore/platform/network/soup/ResourceHandleSoup.cpp:1331
#52 0x00007ff50fcd0eb8 in async_ready_callback_wrapper () from /home/slave/webkitgtk/gtk-linux-64-debug-wk1/build/WebKitBuild/Dependencies/Root/lib64/libgio-2.0.so.0
#53 0x00007ff50fcfd22e in g_task_return_now () from /home/slave/webkitgtk/gtk-linux-64-debug-wk1/build/WebKitBuild/Dependencies/Root/lib64/libgio-2.0.so.0
#54 0x00007ff50fcfd258 in complete_in_idle_cb () from /home/slave/webkitgtk/gtk-linux-64-debug-wk1/build/WebKitBuild/Dependencies/Root/lib64/libgio-2.0.so.0
#55 0x00007ff50fb1f70c in g_idle_dispatch () from /home/slave/webkitgtk/gtk-linux-64-debug-wk1/build/WebKitBuild/Dependencies/Root/lib64/libglib-2.0.so.0
#56 0x00007ff50fb1cfb1 in g_main_dispatch () from /home/slave/webkitgtk/gtk-linux-64-debug-wk1/build/WebKitBuild/Dependencies/Root/lib64/libglib-2.0.so.0
#57 0x00007ff50fb1dd08 in g_main_context_dispatch () from /home/slave/webkitgtk/gtk-linux-64-debug-wk1/build/WebKitBuild/Dependencies/Root/lib64/libglib-2.0.so.0
#58 0x00007ff50fb1defa in g_main_context_iterate () from /home/slave/webkitgtk/gtk-linux-64-debug-wk1/build/WebKitBuild/Dependencies/Root/lib64/libglib-2.0.so.0
#59 0x00007ff50fb1e323 in g_main_loop_run () from /home/slave/webkitgtk/gtk-linux-64-debug-wk1/build/WebKitBuild/Dependencies/Root/lib64/libglib-2.0.so.0
#60 0x00007ff510447fcf in gtk_main () from /home/slave/webkitgtk/gtk-linux-64-debug-wk1/build/WebKitBuild/Dependencies/Root/lib64/libgtk-3.so.0
#61 0x00000000004a1e4f in runTest (inputLine=...) at ../../Tools/DumpRenderTree/gtk/DumpRenderTree.cpp:769
#62 0x00000000004a151e in runTestingServerLoop () at ../../Tools/DumpRenderTree/gtk/DumpRenderTree.cpp:552
#63 0x00000000004a4855 in main (argc=2, argv=0x7fff10344558) at ../../Tools/DumpRenderTree/gtk/DumpRenderTree.cpp:1519

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

More information about the webkit-unassigned mailing list