[Webkit-unassigned] [Bug 123940] New: Map structure crash when used in the WebInspector
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Wed Nov 6 17:08:41 PST 2013
https://bugs.webkit.org/show_bug.cgi?id=123940
Summary: Map structure crash when used in the WebInspector
Product: WebKit
Version: 528+ (Nightly build)
Platform: Unspecified
OS/Version: Unspecified
Status: NEW
Severity: Normal
Priority: P2
Component: JavaScriptCore
AssignedTo: webkit-unassigned at lists.webkit.org
ReportedBy: achicu at adobe.com
I've used the Map structure in the WebInspector and I've found this crash. I will post more data on how to reproduce this with a test case as soon as I isolate the issue.
Crashlog:
0 com.apple.JavaScriptCore 0x0000000109a923c9 JSC::MapData::get(JSC::ExecState*, JSC::MapData::KeyType) + 185 (WriteBarrier.h:168)
1 com.apple.JavaScriptCore 0x0000000109a9476e JSC::mapProtoFuncGet(JSC::ExecState*) + 334 (MapPrototype.cpp:138)
2 ??? 0x0000218ff54010a5 0 + 36902178656421
3 com.apple.JavaScriptCore 0x00000001099add78 JSC::JITCode::execute(JSC::JSStack*, JSC::ExecState*, JSC::VM*) + 40 (VM.h:361)
4 com.apple.JavaScriptCore 0x0000000109984651 JSC::Interpreter::executeCall(JSC::ExecState*, JSC::JSObject*, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) + 529 (Interpreter.cpp:958)
5 com.apple.JavaScriptCore 0x000000010984dc7e JSC::call(JSC::ExecState*, JSC::JSValue, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) + 62 (CallData.cpp:39)
6 com.apple.JavaScriptCore 0x00000001099fe4e3 JSC::boundFunctionCall(JSC::ExecState*) + 579 (JSBoundFunction.cpp:54)
7 com.apple.JavaScriptCore 0x0000000109984682 JSC::Interpreter::executeCall(JSC::ExecState*, JSC::JSObject*, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) + 578 (Interpreter.cpp:961)
8 com.apple.JavaScriptCore 0x000000010984dc7e JSC::call(JSC::ExecState*, JSC::JSValue, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) + 62 (CallData.cpp:39)
9 com.apple.WebCore 0x000000010a923a5f WebCore::ScheduledAction::executeFunctionInContext(JSC::JSGlobalObject*, JSC::JSValue, WebCore::ScriptExecutionContext*) + 479 (JSMainThreadExecState.h:76)
10 com.apple.WebCore 0x000000010a923697 WebCore::ScheduledAction::execute(WebCore::Document*) + 151 (ScheduledAction.cpp:133)
11 com.apple.WebCore 0x000000010a172090 WebCore::DOMTimer::fired() + 304 (InspectorInstrumentation.h:292)
12 com.apple.WebCore 0x000000010aab05cf WebCore::ThreadTimers::sharedTimerFiredInternal() + 175 (ThreadTimers.cpp:132)
13 com.apple.WebCore 0x000000010a97405a WebCore::timerFired(__CFRunLoopTimer*, void*) + 58 (SharedTimerMac.mm:134)
14 com.apple.CoreFoundation 0x00007fff94d56724 __CFRUNLOOP_IS_CALLING_OUT_TO_A_TIMER_CALLBACK_FUNCTION__ + 20
15 com.apple.CoreFoundation 0x00007fff94d5625f __CFRunLoopDoTimer + 1151
16 com.apple.CoreFoundation 0x00007fff94dc776a __CFRunLoopDoTimers + 298
17 com.apple.CoreFoundation 0x00007fff94d11aa5 __CFRunLoopRun + 1525
18 com.apple.CoreFoundation 0x00007fff94d11275 CFRunLoopRunSpecific + 309
19 com.apple.HIToolbox 0x00007fff92e5bf0d RunCurrentEventLoopInMode + 226
20 com.apple.HIToolbox 0x00007fff92e5bcb7 ReceiveNextEventCommon + 479
21 com.apple.HIToolbox 0x00007fff92e5babc _BlockUntilNextEventMatchingListInModeWithFilter + 65
22 com.apple.AppKit 0x00007fff98b2f28e _DPSNextEvent + 1434
23 com.apple.AppKit 0x00007fff98b2e8db -[NSApplication nextEventMatchingMask:untilDate:inMode:dequeue:] + 122
24 com.apple.AppKit 0x00007fff98b229cc -[NSApplication run] + 553
25 com.apple.AppKit 0x00007fff98b0d803 NSApplicationMain + 940
26 com.apple.XPCService 0x00007fff948d3c0f _xpc_main + 385
27 libxpc.dylib 0x00007fff91082b2e xpc_main + 399
28 com.apple.WebKit.WebContent.Development 0x00000001034116a0 main + 16 (XPCServiceMain.Development.mm:91)
29 libdyld.dylib 0x00007fff98a425fd start + 1
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list