[Webkit-unassigned] [Bug 119224] New: REGRESSION: Crash when creating a new spreadsheet on Google Docs
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Mon Jul 29 14:18:47 PDT 2013
https://bugs.webkit.org/show_bug.cgi?id=119224
Summary: REGRESSION: Crash when creating a new spreadsheet on
Google Docs
Product: WebKit
Version: 528+ (Nightly build)
Platform: Unspecified
OS/Version: Unspecified
Status: NEW
Keywords: GoogleBug, Regression
Severity: Normal
Priority: P2
Component: JavaScriptCore
AssignedTo: webkit-unassigned at lists.webkit.org
ReportedBy: rniwa at webkit.org
CC: oliver at apple.com, fpizlo at apple.com
Reproduction steps:
1. Visit docs.google.com with a Google account
2. Create a new spreadsheet via the red button on the left upper corner.
Thread 0:: Dispatch queue: com.apple.main-thread
0 ??? 0x0000519362878e8f 0 + 89693455093391
1 com.apple.JavaScriptCore 0x00000001047fde21 JSC::JITCode::execute(JSC::JSStack*, JSC::ExecState*, JSC::VM*) + 49
2 com.apple.JavaScriptCore 0x00000001047e324a JSC::Interpreter::executeCall(JSC::ExecState*, JSC::JSObject*, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) + 650
3 com.apple.JavaScriptCore 0x00000001046c9c05 JSC::call(JSC::ExecState*, JSC::JSValue, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) + 69
4 com.apple.JavaScriptCore 0x00000001048340ae JSC::boundFunctionCall(JSC::ExecState*) + 558
5 ??? 0x0000519362001045 0 + 89693446213701
6 com.apple.JavaScriptCore 0x00000001047fde21 JSC::JITCode::execute(JSC::JSStack*, JSC::ExecState*, JSC::VM*) + 49
7 com.apple.JavaScriptCore 0x00000001047dfa46 JSC::Interpreter::execute(JSC::EvalExecutable*, JSC::ExecState*, JSC::JSValue, JSC::JSScope*) + 1526
8 com.apple.JavaScriptCore 0x000000010484b0da JSC::globalFuncEval(JSC::ExecState*) + 874
9 ??? 0x0000519362001045 0 + 89693446213701
10 com.apple.JavaScriptCore 0x00000001047fde21 JSC::JITCode::execute(JSC::JSStack*, JSC::ExecState*, JSC::VM*) + 49
11 com.apple.JavaScriptCore 0x00000001047e324a JSC::Interpreter::executeCall(JSC::ExecState*, JSC::JSObject*, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) + 650
12 com.apple.JavaScriptCore 0x00000001046c9c05 JSC::call(JSC::ExecState*, JSC::JSValue, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) + 69
13 com.apple.JavaScriptCore 0x00000001048340ae JSC::boundFunctionCall(JSC::ExecState*) + 558
14 ??? 0x0000519362001045 0 + 89693446213701
15 com.apple.JavaScriptCore 0x00000001047fde21 JSC::JITCode::execute(JSC::JSStack*, JSC::ExecState*, JSC::VM*) + 49
16 com.apple.JavaScriptCore 0x00000001047e324a JSC::Interpreter::executeCall(JSC::ExecState*, JSC::JSObject*, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) + 650
17 com.apple.JavaScriptCore 0x00000001046c9c05 JSC::call(JSC::ExecState*, JSC::JSValue, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) + 69
18 com.apple.JavaScriptCore 0x00000001048340ae JSC::boundFunctionCall(JSC::ExecState*) + 558
19 ??? 0x0000519362001045 0 + 89693446213701
20 com.apple.JavaScriptCore 0x00000001047fde21 JSC::JITCode::execute(JSC::JSStack*, JSC::ExecState*, JSC::VM*) + 49
21 com.apple.JavaScriptCore 0x00000001047e324a JSC::Interpreter::executeCall(JSC::ExecState*, JSC::JSObject*, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) + 650
22 com.apple.JavaScriptCore 0x00000001046c9c05 JSC::call(JSC::ExecState*, JSC::JSValue, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) + 69
23 com.apple.JavaScriptCore 0x00000001048340ae JSC::boundFunctionCall(JSC::ExecState*) + 558
24 com.apple.JavaScriptCore 0x00000001047e328b JSC::Interpreter::executeCall(JSC::ExecState*, JSC::JSObject*, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) + 715
25 com.apple.JavaScriptCore 0x00000001046c9c05 JSC::call(JSC::ExecState*, JSC::JSValue, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) + 69
26 com.apple.WebCore 0x0000000105143c8c WebCore::JSEventListener::handleEvent(WebCore::ScriptExecutionContext*, WebCore::Event*) + 908
27 com.apple.WebCore 0x0000000104e0f1ec WebCore::EventTarget::fireEventListeners(WebCore::Event*, WebCore::EventTargetData*, WTF::Vector<WebCore::RegisteredEventListener, 1ul, WTF::CrashOnOverflow>&) + 364
28 com.apple.WebCore 0x0000000104e0ef06 WebCore::EventTarget::fireEventListeners(WebCore::Event*) + 390
29 com.apple.WebCore 0x0000000104e0ed68 WebCore::EventTarget::dispatchEvent(WTF::PassRefPtr<WebCore::Event>) + 88
30 com.apple.WebCore 0x0000000105826d2f WebCore::XMLHttpRequestProgressEventThrottle::dispatchEvent(WTF::PassRefPtr<WebCore::Event>) + 335
31 com.apple.WebCore 0x0000000105826da8 WebCore::XMLHttpRequestProgressEventThrottle::dispatchReadyStateChangeEvent(WTF::PassRefPtr<WebCore::Event>, WebCore::ProgressEventAction) + 56
32 com.apple.WebCore 0x00000001058217ac WebCore::XMLHttpRequest::callReadyStateChangeListener() + 252
33 com.apple.WebCore 0x00000001058256f6 WebCore::XMLHttpRequest::didFinishLoading(unsigned long, double) + 358
34 com.apple.WebCore 0x0000000104bb792c WebCore::CachedResource::checkNotify() + 76
35 com.apple.WebCore 0x0000000104bb48c2 WebCore::CachedRawResource::finishLoading(WebCore::ResourceBuffer*) + 194
36 com.apple.WebCore 0x0000000105691085 WebCore::SubresourceLoader::didFinishLoading(double) + 133
37 com.apple.Foundation 0x00007fff93c64d88 __65-[NSURLConnectionInternal _withConnectionAndDelegate:onlyActive:]_block_invoke_0 + 28
38 com.apple.Foundation 0x00007fff93c64ccc -[NSURLConnectionInternal _withConnectionAndDelegate:onlyActive:] + 227
39 com.apple.Foundation 0x00007fff93c64bc8 -[NSURLConnectionInternal _withActiveConnectionAndDelegate:] + 63
40 com.apple.CFNetwork 0x00007fff91cf8091 ___delegate_didFinishLoading_block_invoke_0 + 40
41 com.apple.CFNetwork 0x00007fff91cea54a ___withDelegateAsync_block_invoke_0 + 90
42 com.apple.CFNetwork 0x00007fff91d7af3a __block_global_1 + 28
43 com.apple.CoreFoundation 0x00007fff961a2154 CFArrayApplyFunction + 68
44 com.apple.CFNetwork 0x00007fff91cdb2b4 RunloopBlockContext::perform() + 124
45 com.apple.CFNetwork 0x00007fff91cdb18b MultiplexerSource::perform() + 221
46 com.apple.CoreFoundation 0x00007fff96183b31 __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ + 17
47 com.apple.CoreFoundation 0x00007fff96183455 __CFRunLoopDoSources0 + 245
48 com.apple.CoreFoundation 0x00007fff961a67f5 __CFRunLoopRun + 789
49 com.apple.CoreFoundation 0x00007fff961a60e2 CFRunLoopRunSpecific + 290
50 com.apple.HIToolbox 0x00007fff8fe27eb4 RunCurrentEventLoopInMode + 209
51 com.apple.HIToolbox 0x00007fff8fe27c52 ReceiveNextEventCommon + 356
52 com.apple.HIToolbox 0x00007fff8fe27ae3 BlockUntilNextEventMatchingListInMode + 62
53 com.apple.AppKit 0x00007fff92743533 _DPSNextEvent + 685
54 com.apple.AppKit 0x00007fff92742df2 -[NSApplication nextEventMatchingMask:untilDate:inMode:dequeue:] + 128
55 com.apple.AppKit 0x00007fff9273a1a3 -[NSApplication run] + 517
56 com.apple.WebCore 0x00000001055e3e92 WebCore::RunLoop::run() + 82
57 com.apple.WebKit2 0x00000001042ea263 int WebKit::ChildProcessMain<WebKit::WebProcess, WebKit::WebContentProcessMainDelegate>(int, char**) + 579
58 com.apple.WebProcess 0x00000001041fde23 main + 337
59 libdyld.dylib 0x00007fff9012d7e1 start + 1
Thread 0:: Dispatch queue: com.apple.main-thread
0 com.apple.JavaScriptCore 0x00000001008e6f8e JSC::Lexer<unsigned char>::lex(JSC::JSTokenData*, JSC::JSTokenLocation*, unsigned int, bool) + 206
1 com.apple.JavaScriptCore 0x000000010097b174 JSC::ASTBuilder::Expression JSC::Parser<JSC::Lexer<unsigned char> >::parseMemberExpression<JSC::ASTBuilder>(JSC::ASTBuilder&) + 20932
2 com.apple.JavaScriptCore 0x00000001009733aa JSC::ASTBuilder::Expression JSC::Parser<JSC::Lexer<unsigned char> >::parseAssignmentExpression<JSC::ASTBuilder>(JSC::ASTBuilder&) + 1002
3 com.apple.JavaScriptCore 0x0000000100972d89 JSC::ASTBuilder::Expression JSC::Parser<JSC::Lexer<unsigned char> >::parseExpression<JSC::ASTBuilder>(JSC::ASTBuilder&) + 153
4 com.apple.JavaScriptCore 0x000000010097280e JSC::ASTBuilder::Statement JSC::Parser<JSC::Lexer<unsigned char> >::parseExpressionOrLabelStatement<JSC::ASTBuilder>(JSC::ASTBuilder&) + 910
5 com.apple.JavaScriptCore 0x000000010096b5e5 JSC::ASTBuilder::Statement JSC::Parser<JSC::Lexer<unsigned char> >::parseStatement<JSC::ASTBuilder>(JSC::ASTBuilder&, JSC::Identifier const*&, unsigned int*) + 1605
6 com.apple.JavaScriptCore 0x000000010096b27c JSC::ASTBuilder::Statement JSC::Parser<JSC::Lexer<unsigned char> >::parseStatement<JSC::ASTBuilder>(JSC::ASTBuilder&, JSC::Identifier const*&, unsigned int*) + 732
7 com.apple.JavaScriptCore 0x000000010093be20 JSC::ASTBuilder::SourceElements JSC::Parser<JSC::Lexer<unsigned char> >::parseSourceElements<(JSC::SourceElementsMode)0, JSC::ASTBuilder>(JSC::ASTBuilder&) + 352
8 com.apple.JavaScriptCore 0x000000010093b94b JSC::Parser<JSC::Lexer<unsigned char> >::parseInner() + 363
9 com.apple.JavaScriptCore 0x00000001009c4451 WTF::PassRefPtr<JSC::FunctionBodyNode> JSC::Parser<JSC::Lexer<unsigned char> >::parse<JSC::FunctionBodyNode>(JSC::ParserError&) + 113
10 com.apple.JavaScriptCore 0x00000001009c412e WTF::PassRefPtr<JSC::FunctionBodyNode> JSC::parse<JSC::FunctionBodyNode>(JSC::VM*, JSC::SourceCode const&, JSC::FunctionParameters*, JSC::Identifier const&, JSC::JSParserStrictness, JSC::JSParserMode, JSC::ParserError&) + 126
11 com.apple.JavaScriptCore 0x00000001009c3152 JSC::UnlinkedFunctionExecutable::codeBlockFor(JSC::VM&, JSC::SourceCode const&, JSC::CodeSpecializationKind, JSC::DebuggerMode, JSC::ProfilerMode, JSC::ParserError&) + 130
12 com.apple.JavaScriptCore 0x0000000100848919 JSC::FunctionExecutable::produceCodeBlockFor(JSC::JSScope*, JSC::CodeSpecializationKind, JSC::JSObject*&) + 345
13 com.apple.JavaScriptCore 0x0000000100848514 JSC::FunctionExecutable::compileForCallInternal(JSC::ExecState*, JSC::JSScope*, JSC::JITCode::JITType, JSC::CompilationResult*, unsigned int) + 84
14 com.apple.JavaScriptCore 0x000000010090f57d JSC::LLInt::setUpCall(JSC::ExecState*, JSC::Instruction*, JSC::CodeSpecializationKind, JSC::JSValue, JSC::LLIntCallLinkInfo*) + 669
15 com.apple.JavaScriptCore 0x0000000100913582 llint_op_call + 185
16 com.apple.JavaScriptCore 0x0000000100876e21 JSC::JITCode::execute(JSC::JSStack*, JSC::ExecState*, JSC::VM*) + 49
17 com.apple.JavaScriptCore 0x000000010085c24a JSC::Interpreter::executeCall(JSC::ExecState*, JSC::JSObject*, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) + 650
18 com.apple.JavaScriptCore 0x0000000100742c05 JSC::call(JSC::ExecState*, JSC::JSValue, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) + 69
19 com.apple.JavaScriptCore 0x00000001008ad0ae JSC::boundFunctionCall(JSC::ExecState*) + 558
20 ??? 0x00005383c4201045 0 + 91825396256837
21 com.apple.JavaScriptCore 0x0000000100876e21 JSC::JITCode::execute(JSC::JSStack*, JSC::ExecState*, JSC::VM*) + 49
22 com.apple.JavaScriptCore 0x0000000100858a46 JSC::Interpreter::execute(JSC::EvalExecutable*, JSC::ExecState*, JSC::JSValue, JSC::JSScope*) + 1526
23 com.apple.JavaScriptCore 0x00000001008c40da JSC::globalFuncEval(JSC::ExecState*) + 874
24 ??? 0x00005383c4201045 0 + 91825396256837
25 com.apple.JavaScriptCore 0x0000000100876e21 JSC::JITCode::execute(JSC::JSStack*, JSC::ExecState*, JSC::VM*) + 49
26 com.apple.JavaScriptCore 0x000000010085c24a JSC::Interpreter::executeCall(JSC::ExecState*, JSC::JSObject*, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) + 650
27 com.apple.JavaScriptCore 0x0000000100742c05 JSC::call(JSC::ExecState*, JSC::JSValue, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) + 69
28 com.apple.JavaScriptCore 0x00000001008ad0ae JSC::boundFunctionCall(JSC::ExecState*) + 558
29 ??? 0x00005383c4201045 0 + 91825396256837
30 com.apple.JavaScriptCore 0x0000000100876e21 JSC::JITCode::execute(JSC::JSStack*, JSC::ExecState*, JSC::VM*) + 49
31 com.apple.JavaScriptCore 0x000000010085c24a JSC::Interpreter::executeCall(JSC::ExecState*, JSC::JSObject*, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) + 650
32 com.apple.JavaScriptCore 0x0000000100742c05 JSC::call(JSC::ExecState*, JSC::JSValue, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) + 69
33 com.apple.JavaScriptCore 0x00000001008ad0ae JSC::boundFunctionCall(JSC::ExecState*) + 558
34 ??? 0x00005383c4201045 0 + 91825396256837
35 com.apple.JavaScriptCore 0x0000000100876e21 JSC::JITCode::execute(JSC::JSStack*, JSC::ExecState*, JSC::VM*) + 49
36 com.apple.JavaScriptCore 0x000000010085c24a JSC::Interpreter::executeCall(JSC::ExecState*, JSC::JSObject*, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) + 650
37 com.apple.JavaScriptCore 0x0000000100742c05 JSC::call(JSC::ExecState*, JSC::JSValue, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) + 69
38 com.apple.JavaScriptCore 0x00000001008ad0ae JSC::boundFunctionCall(JSC::ExecState*) + 558
39 com.apple.JavaScriptCore 0x000000010085c28b JSC::Interpreter::executeCall(JSC::ExecState*, JSC::JSObject*, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) + 715
40 com.apple.JavaScriptCore 0x0000000100742c05 JSC::call(JSC::ExecState*, JSC::JSValue, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) + 69
41 com.apple.WebCore 0x00000001011bcc8c WebCore::JSEventListener::handleEvent(WebCore::ScriptExecutionContext*, WebCore::Event*) + 908
42 com.apple.WebCore 0x0000000100e881ec WebCore::EventTarget::fireEventListeners(WebCore::Event*, WebCore::EventTargetData*, WTF::Vector<WebCore::RegisteredEventListener, 1ul, WTF::CrashOnOverflow>&) + 364
43 com.apple.WebCore 0x0000000100e87f06 WebCore::EventTarget::fireEventListeners(WebCore::Event*) + 390
44 com.apple.WebCore 0x0000000100e87d68 WebCore::EventTarget::dispatchEvent(WTF::PassRefPtr<WebCore::Event>) + 88
45 com.apple.WebCore 0x000000010189fd2f WebCore::XMLHttpRequestProgressEventThrottle::dispatchEvent(WTF::PassRefPtr<WebCore::Event>) + 335
46 com.apple.WebCore 0x000000010189fda8 WebCore::XMLHttpRequestProgressEventThrottle::dispatchReadyStateChangeEvent(WTF::PassRefPtr<WebCore::Event>, WebCore::ProgressEventAction) + 56
47 com.apple.WebCore 0x000000010189a7ac WebCore::XMLHttpRequest::callReadyStateChangeListener() + 252
48 com.apple.WebCore 0x000000010189e6f6 WebCore::XMLHttpRequest::didFinishLoading(unsigned long, double) + 358
49 com.apple.WebCore 0x0000000100c3092c WebCore::CachedResource::checkNotify() + 76
50 com.apple.WebCore 0x0000000100c2d8c2 WebCore::CachedRawResource::finishLoading(WebCore::ResourceBuffer*) + 194
51 com.apple.WebCore 0x000000010170a085 WebCore::SubresourceLoader::didFinishLoading(double) + 133
52 com.apple.Foundation 0x00007fff93c64d88 __65-[NSURLConnectionInternal _withConnectionAndDelegate:onlyActive:]_block_invoke_0 + 28
53 com.apple.Foundation 0x00007fff93c64ccc -[NSURLConnectionInternal _withConnectionAndDelegate:onlyActive:] + 227
54 com.apple.Foundation 0x00007fff93c64bc8 -[NSURLConnectionInternal _withActiveConnectionAndDelegate:] + 63
55 com.apple.CFNetwork 0x00007fff91cf8091 ___delegate_didFinishLoading_block_invoke_0 + 40
56 com.apple.CFNetwork 0x00007fff91cea54a ___withDelegateAsync_block_invoke_0 + 90
57 com.apple.CFNetwork 0x00007fff91d7af3a __block_global_1 + 28
58 com.apple.CoreFoundation 0x00007fff961a2154 CFArrayApplyFunction + 68
59 com.apple.CFNetwork 0x00007fff91cdb2b4 RunloopBlockContext::perform() + 124
60 com.apple.CFNetwork 0x00007fff91cdb18b MultiplexerSource::perform() + 221
61 com.apple.CoreFoundation 0x00007fff96183b31 __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ + 17
62 com.apple.CoreFoundation 0x00007fff9618351d __CFRunLoopDoSources0 + 445
63 com.apple.CoreFoundation 0x00007fff961a67f5 __CFRunLoopRun + 789
64 com.apple.CoreFoundation 0x00007fff961a60e2 CFRunLoopRunSpecific + 290
65 com.apple.HIToolbox 0x00007fff8fe27eb4 RunCurrentEventLoopInMode + 209
66 com.apple.HIToolbox 0x00007fff8fe27c52 ReceiveNextEventCommon + 356
67 com.apple.HIToolbox 0x00007fff8fe27ae3 BlockUntilNextEventMatchingListInMode + 62
68 com.apple.AppKit 0x00007fff92743533 _DPSNextEvent + 685
69 com.apple.AppKit 0x00007fff92742df2 -[NSApplication nextEventMatchingMask:untilDate:inMode:dequeue:] + 128
70 com.apple.AppKit 0x00007fff9273a1a3 -[NSApplication run] + 517
71 com.apple.WebCore 0x000000010165ce92 WebCore::RunLoop::run() + 82
72 com.apple.WebKit2 0x0000000100363263 int WebKit::ChildProcessMain<WebKit::WebProcess, WebKit::WebContentProcessMainDelegate>(int, char**) + 579
73 com.apple.WebProcess 0x0000000100276e23 main + 337
74 libdyld.dylib 0x00007fff9012d7e1 start + 1
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list