[Webkit-unassigned] [Bug 113074] New: REGRESSION: Intermittent crashes in JSC::jsCast<JSC::RuntimeArray*, JSC::JSCell>(JSC::JSCell*)
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Fri Mar 22 09:42:03 PDT 2013
https://bugs.webkit.org/show_bug.cgi?id=113074
Summary: REGRESSION: Intermittent crashes in
JSC::jsCast<JSC::RuntimeArray*,
JSC::JSCell>(JSC::JSCell*)
Product: WebKit
Version: 528+ (Nightly build)
Platform: Unspecified
OS/Version: Unspecified
Status: NEW
Severity: Critical
Priority: P1
Component: JavaScriptCore
AssignedTo: webkit-unassigned at lists.webkit.org
ReportedBy: rniwa at webkit.org
CC: ggaren at apple.com, msaboff at apple.com, fpizlo at apple.com,
mhahnenberg at apple.com
Thread 0 Crashed:: Dispatch queue: com.apple.main-thread
0 com.apple.WebCore 0x000000010652bac8 JSC::RuntimeArray* JSC::jsCast<JSC::RuntimeArray*, JSC::JSCell>(JSC::JSCell*) + 104 (JSCell.h:171)
1 com.apple.WebCore 0x000000010652b065 JSC::RuntimeArray::destroy(JSC::JSCell*) + 21 (runtime_array.cpp:60)
2 com.apple.JavaScriptCore 0x000000010372f856 JSC::Heap::FinalizerOwner::finalize(JSC::Handle<JSC::Unknown>, void*) + 70 (Heap.cpp:858)
3 com.apple.JavaScriptCore 0x00000001039686a4 JSC::WeakBlock::finalize(JSC::WeakImpl*) + 212 (WeakSetInlines.h:53)
4 com.apple.JavaScriptCore 0x0000000103967fbe JSC::WeakBlock::sweep() + 158 (WeakBlock.cpp:77)
5 com.apple.JavaScriptCore 0x0000000103968a90 JSC::WeakSet::sweep() + 64 (WeakSet.cpp:46)
6 com.apple.JavaScriptCore 0x0000000103875298 JSC::MarkedBlock::sweep(JSC::MarkedBlock::SweepMode) + 40 (MarkedBlock.cpp:112)
7 com.apple.JavaScriptCore 0x0000000103874e95 JSC::MarkedAllocator::tryAllocateHelper(unsigned long) + 85 (MarkedAllocator.cpp:34)
8 com.apple.JavaScriptCore 0x0000000103873779 JSC::MarkedAllocator::tryAllocate(unsigned long) + 137 (MarkedAllocator.cpp:66)
9 com.apple.JavaScriptCore 0x0000000103873188 JSC::MarkedAllocator::allocateSlowCase(unsigned long) + 232 (MarkedAllocator.cpp:82)
10 com.apple.JavaScriptCore 0x00000001034f124b JSC::MarkedAllocator::allocate(unsigned long) + 75 (MarkedAllocator.h:82)
11 com.apple.JavaScriptCore 0x00000001034f10f9 JSC::MarkedSpace::allocateWithoutDestructor(unsigned long) + 41 (MarkedSpace.h:205)
12 com.apple.JavaScriptCore 0x00000001034f107d JSC::Heap::allocateWithoutDestructor(unsigned long) + 141 (Heap.h:384)
13 com.apple.JavaScriptCore 0x0000000103791c49 void* JSC::allocateCell<JSC::GetterSetter>(JSC::Heap&, unsigned long) + 233 (JSCellInlines.h:96)
14 com.apple.JavaScriptCore 0x0000000103791a2f void* JSC::allocateCell<JSC::GetterSetter>(JSC::Heap&) + 31 (JSCellInlines.h:104)
15 com.apple.JavaScriptCore 0x000000010379137d JSC::GetterSetter::create(JSC::ExecState*) + 29 (GetterSetter.h:51)
16 com.apple.JavaScriptCore 0x00000001037d8673 JSC::JSGlobalObject::reset(JSC::JSValue) + 1267 (JSGlobalObject.cpp:217)
17 com.apple.JavaScriptCore 0x00000001037d813e JSC::JSGlobalObject::init(JSC::JSObject*) + 254 (JSGlobalObject.cpp:153)
18 com.apple.WebCore 0x0000000105af8658 JSC::JSGlobalObject::finishCreation(JSC::JSGlobalData&, JSC::JSObject*) + 120 (JSGlobalObject.h:221)
19 com.apple.WebCore 0x0000000105af811a WebCore::JSDOMGlobalObject::finishCreation(JSC::JSGlobalData&, JSC::JSObject*) + 58 (JSDOMGlobalObject.cpp:65)
20 com.apple.WebCore 0x0000000105b62d28 WebCore::JSDOMWindowBase::finishCreation(JSC::JSGlobalData&, WebCore::JSDOMWindowShell*) + 72 (JSDOMWindowBase.cpp:65)
21 com.apple.WebCore 0x0000000105b6bf64 WebCore::JSDOMWindow::create(JSC::JSGlobalData&, JSC::Structure*, WTF::PassRefPtr<WebCore::DOMWindow>, WebCore::JSDOMWindowShell*) + 164 (JSDOMWindow.h:41)
22 com.apple.WebCore 0x0000000105b6b927 WebCore::JSDOMWindowShell::setWindow(WTF::PassRefPtr<WebCore::DOMWindow>) + 359 (JSDOMWindowShell.cpp:84)
23 com.apple.WebCore 0x0000000106544b93 WebCore::ScriptController::clearWindowShell(WebCore::DOMWindow*, bool) + 323 (ScriptController.cpp:188)
24 com.apple.WebCore 0x00000001055b44a9 WebCore::FrameLoader::clear(WebCore::Document*, bool, bool, bool) + 425 (FrameLoader.cpp:572)
25 com.apple.WebCore 0x000000010530e3c3 WebCore::DocumentWriter::begin(WebCore::KURL const&, bool, WebCore::Document*) + 499 (DocumentWriter.cpp:139)
26 com.apple.WebCore 0x00000001052d20ea WebCore::DocumentLoader::commitData(char const*, unsigned long) + 106 (DocumentLoader.cpp:755)
27 com.apple.WebKit 0x00000001047ba3d3 -[WebFrame(WebInternal) _commitData:] + 211 (WebFrame.mm:827)
28 com.apple.WebKit 0x00000001047f8720 -[WebHTMLRepresentation receivedData:withDataSource:] + 128 (WebHTMLRepresentation.mm:186)
29 com.apple.WebKit 0x0000000104798d7a -[WebDataSource(WebInternal) _receivedData:] + 90 (WebDataSource.mm:215)
30 com.apple.WebKit 0x00000001047c8481 WebFrameLoaderClient::committedLoad(WebCore::DocumentLoader*, char const*, int) + 129 (WebFrameLoaderClient.mm:847)
31 com.apple.WebCore 0x00000001052d3e00 WebCore::DocumentLoader::commitLoad(char const*, int) + 208 (DocumentLoader.cpp:737)
32 com.apple.WebCore 0x00000001052d47f9 WebCore::DocumentLoader::dataReceived(WebCore::CachedResource*, char const*, int) + 1065 (DocumentLoader.cpp:870)
33 com.apple.WebCore 0x0000000104f78b28 WebCore::CachedRawResource::data(WTF::PassRefPtr<WebCore::ResourceBuffer>, bool) + 600 (CachedRawResource.cpp:70)
34 com.apple.WebCore 0x000000010672e2a4 WebCore::SubresourceLoader::sendDataToResource(char const*, int) + 340 (SubresourceLoader.cpp:267)
35 com.apple.WebCore 0x000000010672e65f WebCore::SubresourceLoader::didReceiveDataOrBuffer(char const*, int, WTF::PassRefPtr<WebCore::SharedBuffer>, long long, WebCore::DataPayloadType) + 623 (SubresourceLoader.cpp:241)
36 com.apple.WebCore 0x000000010672e6cb WebCore::SubresourceLoader::didReceiveBuffer(WTF::PassRefPtr<WebCore::SharedBuffer>, long long, WebCore::DataPayloadType) + 75 (SubresourceLoader.cpp:223)
37 com.apple.WebCore 0x00000001064f613c WebCore::ResourceLoader::didReceiveBuffer(WebCore::ResourceHandle*, WTF::PassRefPtr<WebCore::SharedBuffer>, int) + 140 (ResourceLoader.cpp:494)
38 com.apple.WebCore 0x00000001064f25d9 -[WebCoreResourceHandleAsDelegate connection:didReceiveData:lengthReceived:] + 249 (ResourceHandleMac.mm:766)
39 com.apple.Foundation 0x00007fff9005d528 __65-[NSURLConnectionInternal _withConnectionAndDelegate:onlyActive:]_block_invoke_0 + 28
40 com.apple.Foundation 0x00007fff9005d46c -[NSURLConnectionInternal _withConnectionAndDelegate:onlyActive:] + 227
41 com.apple.Foundation 0x00007fff9005d368 -[NSURLConnectionInternal _withActiveConnectionAndDelegate:] + 63
42 com.apple.Foundation 0x00007fff9005fefb _NSURLConnectionDidReceiveData_LengthReceived + 86
43 com.apple.CFNetwork 0x00007fff8e6f3d84 ___delegate_didReceiveDataArray_block_invoke_0 + 132
44 com.apple.CFNetwork 0x00007fff8e6e6a7a ___withDelegateAsync_block_invoke_0 + 90
45 com.apple.CFNetwork 0x00007fff8e7772ea __block_global_1 + 28
46 com.apple.CoreFoundation 0x00007fff95ba9154 CFArrayApplyFunction + 68
47 com.apple.CFNetwork 0x00007fff8e6d77e4 RunloopBlockContext::perform() + 124
48 com.apple.CFNetwork 0x00007fff8e6d76bb MultiplexerSource::perform() + 221
49 com.apple.CoreFoundation 0x00007fff95b8ab31 __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ + 17
50 com.apple.CoreFoundation 0x00007fff95b8a455 __CFRunLoopDoSources0 + 245
51 com.apple.CoreFoundation 0x00007fff95bad7f5 __CFRunLoopRun + 789
52 com.apple.CoreFoundation 0x00007fff95bad0e2 CFRunLoopRunSpecific + 290
53 com.apple.Foundation 0x00007fff900daf5e -[NSRunLoop(NSRunLoop) runMode:beforeDate:] + 268
54 DumpRenderTree 0x00000001033679f9 runTest(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&) + 5017 (DumpRenderTree.mm:1372)
55 DumpRenderTree 0x00000001033665ea runTestingServerLoop() + 282 (DumpRenderTree.mm:832)
56 DumpRenderTree 0x0000000103365fe5 dumpRenderTree(int, char const**) + 405 (DumpRenderTree.mm:887)
57 DumpRenderTree 0x00000001033681e9 main + 105 (DumpRenderTree.mm:925)
58 libdyld.dylib 0x00007fff91f0a7e1 start + 1
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list