[Webkit-unassigned] [Bug 136034] New: REGRESSION: Web Inspector crashes when reloading apple.com with Timeline recording active

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Sun Aug 17 18:24:11 PDT 2014 

https://bugs.webkit.org/show_bug.cgi?id=136034

           Summary: REGRESSION: Web Inspector crashes when reloading
                    apple.com with Timeline recording active
           Product: WebKit
           Version: 528+ (Nightly build)
          Platform: All
        OS/Version: All
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: WebCore JavaScript
        AssignedTo: webkit-unassigned at lists.webkit.org
        ReportedBy: burg at cs.washington.edu
                CC: timothy at apple.com, ggaren at apple.com,
                    joepeck at webkit.org, mark.lam at apple.com


Steps to reproduce:

1. Navigate to apple.com
2. Open the Web Inspector
3. Start timelines recording from the Timelines panel
4. Reload the inspected page

Looks like we try to walk the stack when creating a new profile but one of the call frames is bogus. Possibly, because this is evaluating script inside a <script> tag. However, this code has not changed in the Inspector side since January so maybe it's fallout from the ftlopt merge. Would appreciate it if others could bisect.

Stack trace:

#0    0x0000000109e51319 in JSC::VMEntryRecord::prevTopVMEntryFrame() [inlined] at /Users/burg/repos/webkit-dev/Source/JavaScriptCore/interpreter/VMEntryRecord.h:47
#1    0x0000000109e51319 in JSC::ExecState::callerFrame(void*&) at /Users/burg/repos/webkit-dev/Source/JavaScriptCore/interpreter/CallFrame.cpp:143
#2    0x000000010a252fbf in JSC::StackVisitor::readNonInlinedFrame(JSC::ExecState*, JSC::CodeOrigin*) [inlined] at /Users/burg/repos/webkit-dev/Source/JavaScriptCore/interpreter/StackVisitor.cpp:112
#3    0x000000010a252fa3 in JSC::StackVisitor::readFrame(JSC::ExecState*) at /Users/burg/repos/webkit-dev/Source/JavaScriptCore/interpreter/StackVisitor.cpp:77
#4    0x000000010a222c8c in void JSC::StackVisitor::visit<JSC::AddParentForConsoleStartFunctor>(JSC::ExecState*, JSC::AddParentForConsoleStartFunctor&) [inlined] at /Users/burg/repos/webkit-dev/Source/JavaScriptCore/interpreter/StackVisitor.h:125
#5    0x000000010a222c84 in void JSC::ExecState::iterate<JSC::AddParentForConsoleStartFunctor>(JSC::AddParentForConsoleStartFunctor&) [inlined] at /Users/burg/repos/webkit-dev/Source/JavaScriptCore/interpreter/CallFrame.h:260
#6    0x000000010a222c84 in JSC::ProfileGenerator::addParentForConsoleStart(JSC::ExecState*) [inlined] at /Users/burg/repos/webkit-dev/Source/JavaScriptCore/profiler/ProfileGenerator.cpp:99
#7    0x000000010a222c60 in ProfileGenerator at /Users/burg/repos/webkit-dev/Source/JavaScriptCore/profiler/ProfileGenerator.cpp:55
#8    0x000000010a222ac8 in WTF::RefCounted<JSC::ProfileGenerator>::operator new(unsigned long) [inlined] at /Users/burg/repos/webkit-dev/Source/JavaScriptCore/profiler/ProfileGenerator.cpp:56
#9    0x000000010a222aaf in JSC::ProfileGenerator::create(JSC::ExecState*, WTF::String const&, unsigned int) at /Users/burg/repos/webkit-dev/Source/JavaScriptCore/profiler/ProfileGenerator.cpp:44
#10    0x000000010a14c24b in JSC::LegacyProfiler::startProfiling(JSC::ExecState*, WTF::String const&) at /Users/burg/repos/webkit-dev/Source/JavaScriptCore/profiler/LegacyProfiler.cpp:77
#11    0x000000010ab993fa in WebCore::startProfiling(JSC::ExecState*, WTF::String const&) [inlined] at /Users/burg/repos/webkit-dev/Source/WebCore/inspector/InspectorTimelineAgent.cpp:162
#12    0x000000010ab993e7 in WebCore::startProfiling(WebCore::Frame*, WTF::String const&) [inlined] at /Users/burg/repos/webkit-dev/Source/WebCore/inspector/InspectorTimelineAgent.cpp:172
#13    0x000000010ab993cc in WebCore::InspectorTimelineAgent::willEvaluateScript(WTF::String const&, int, WebCore::Frame*) at /Users/burg/repos/webkit-dev/Source/WebCore/inspector/InspectorTimelineAgent.cpp:410
#14    0x000000010ab6af3b in WebCore::InspectorInstrumentation::willEvaluateScriptImpl(WebCore::InstrumentingAgents*, WTF::String const&, int, WebCore::Frame*) at /Users/burg/repos/webkit-dev/Source/WebCore/inspector/InspectorInstrumentation.cpp:396
#15    0x000000010b1b6322 in WebCore::InspectorInstrumentation::willEvaluateScript(WebCore::Frame*, WTF::String const&, int) [inlined] at /Users/burg/repos/webkit-dev/Source/WebCore/inspector/InspectorInstrumentation.h:973
#16    0x000000010b1b62fa in WebCore::ScriptController::evaluateInWorld(WebCore::ScriptSourceCode const&, WebCore::DOMWrapperWorld&) at /Users/burg/repos/webkit-dev/Source/WebCore/bindings/js/ScriptController.cpp:148
#17    0x000000010b1b6379 in WebCore::ScriptController::evaluate(WebCore::ScriptSourceCode const&) at /Users/burg/repos/webkit-dev/Source/WebCore/bindings/js/ScriptController.cpp:168
#18    0x000000010b1bc017 in WebCore::ScriptElement::executeScript(WebCore::ScriptSourceCode const&) at /Users/burg/repos/webkit-dev/Source/WebCore/dom/ScriptElement.cpp:301
#19    0x000000010aa95dd3 in WebCore::HTMLScriptRunner::executePendingScriptAndDispatchEvent(WebCore::PendingScript&) at /Users/burg/repos/webkit-dev/Source/WebCore/html/parser/HTMLScriptRunner.cpp:144
#20    0x000000010aa95cc9 in WebCore::HTMLScriptRunner::executeParsingBlockingScript() at /Users/burg/repos/webkit-dev/Source/WebCore/html/parser/HTMLScriptRunner.cpp:120
#21    0x000000010aa9641f in WebCore::HTMLScriptRunner::executeParsingBlockingScripts() at /Users/burg/repos/webkit-dev/Source/WebCore/html/parser/HTMLScriptRunner.cpp:195
#22    0x000000010aa43e0a in WebCore::HTMLDocumentParser::notifyFinished(WebCore::CachedResource*) at /Users/burg/repos/webkit-dev/Source/WebCore/html/parser/HTMLDocumentParser.cpp:585
#23    0x000000010a6f7955 in WebCore::CachedResource::switchClientsToRevalidatedResource() at /Users/burg/repos/webkit-dev/Source/WebCore/loader/cache/CachedResource.cpp:708
#24    0x000000010af8b02d in WebCore::MemoryCache::revalidationSucceeded(WebCore::CachedResource*, WebCore::ResourceResponse const&) at /Users/burg/repos/webkit-dev/Source/WebCore/loader/cache/MemoryCache.cpp:173
#25    0x000000010b284ede in WebCore::SubresourceLoader::didReceiveResponse(WebCore::ResourceResponse const&) at /Users/burg/repos/webkit-dev/Source/WebCore/loader/SubresourceLoader.cpp:203
#26    0x0000000109487fb8 in WebKit::WebResourceLoader::didReceiveResponseWithCertificateInfo(WebCore::ResourceResponse const&, WebCore::CertificateInfo const&, bool) at /Users/burg/repos/webkit-dev/Source/WebKit2/WebProcess/Network/WebResourceLoader.cpp:131
#27    0x000000010948891b in void IPC::callMemberFunctionImpl<WebKit::WebResourceLoader, void (WebKit::WebResourceLoader::*)(WebCore::ResourceResponse const&, WebCore::CertificateInfo const&, bool), std::__1::tuple<WebCore::ResourceResponse, WebCore::CertificateInfo, bool>, 0ul, 1ul, 2ul>(WebKit::WebResourceLoader*, void (WebKit::WebResourceLoader::*)(WebCore::ResourceResponse const&, WebCore::CertificateInfo const&, bool), std::__1::tuple<WebCore::ResourceResponse, WebCore::CertificateInfo, bool>&&, std::index_sequence<0ul, 1ul, 2ul>) [inlined] at /Users/burg/repos/webkit-dev/Source/WebKit2/Platform/IPC/HandleMessage.h:16
#28    0x00000001094888f1 in void IPC::callMemberFunction<WebKit::WebResourceLoader, void (WebKit::WebResourceLoader::*)(WebCore::ResourceResponse const&, WebCore::CertificateInfo const&, bool), std::__1::tuple<WebCore::ResourceResponse, WebCore::CertificateInfo, bool>, std::make_index_sequence<3ul> >(std::__1::tuple<WebCore::ResourceResponse, WebCore::CertificateInfo, bool>&&, WebKit::WebResourceLoader*, void (WebKit::WebResourceLoader::*)(WebCore::ResourceResponse const&, WebCore::CertificateInfo const&, bool)) [inlined] at /Users/burg/repos/webkit-dev/Source/WebKit2/Platform/IPC/HandleMessage.h:22
#29    0x00000001094888f1 in void IPC::handleMessage<Messages::WebResourceLoader::DidReceiveResponseWithCertificateInfo, WebKit::WebResourceLoader, void (WebKit::WebResourceLoader::*)(WebCore::ResourceResponse const&, WebCore::CertificateInfo const&, bool)>(IPC::MessageDecoder&, WebKit::WebResourceLoader*, void (WebKit::WebResourceLoader::*)(WebCore::ResourceResponse const&, WebCore::CertificateInfo const&, bool)) at /Users/burg/repos/webkit-dev/Source/WebKit2/Platform/IPC/HandleMessage.h:120
#30    0x0000000109488571 in WebKit::WebResourceLoader::didReceiveWebResourceLoaderMessage(IPC::Connection*, IPC::MessageDecoder&) at /Users/burg/repos/webkit-dev/WebKitBuild/Release/DerivedSources/WebKit2/WebResourceLoaderMessageReceiver.cpp:64
#31    0x00000001092c9ece in IPC::Connection::dispatchMessage(IPC::MessageDecoder&) [inlined] at /Users/burg/repos/webkit-dev/Source/WebKit2/Platform/IPC/Connection.cpp:809
#32    0x00000001092c9ec1 in IPC::Connection::dispatchMessage(std::__1::unique_ptr<IPC::MessageDecoder, std::__1::default_delete<IPC::MessageDecoder> >) at /Users/burg/repos/webkit-dev/Source/WebKit2/Platform/IPC/Connection.cpp:828
#33    0x00000001092cc03a in IPC::Connection::dispatchOneMessage() at /Users/burg/repos/webkit-dev/Source/WebKit2/Platform/IPC/Connection.cpp:856
#34    0x000000010a2ddfa3 in std::__1::function<void ()>::operator()() const [inlined] at /Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/../lib/c++/v1/functional:1755
#35    0x000000010a2ddf99 in WTF::RunLoop::performWork() at /Users/burg/repos/webkit-dev/Source/WTF/wtf/RunLoop.cpp:104
#36    0x000000010a2de682 in WTF::RunLoop::performWork(void*) at /Users/burg/repos/webkit-dev/Source/WTF/wtf/cf/RunLoopCF.cpp:38
#37    0x00007fff96b0e5b1 in __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ ()
#38    0x00007fff96affd29 in __CFRunLoopDoSources0 ()
#39    0x00007fff96aff3ef in __CFRunLoopRun ()
#40    0x00007fff96afee75 in CFRunLoopRunSpecific ()
#41    0x00007fff8ba39a0d in RunCurrentEventLoopInMode ()
#42    0x00007fff8ba397b7 in ReceiveNextEventCommon ()
#43    0x00007fff8ba395bc in _BlockUntilNextEventMatchingListInModeWithFilter ()
#44    0x00007fff8e4c424e in _DPSNextEvent ()
#45    0x00007fff8e4c389b in -[NSApplication nextEventMatchingMask:untilDate:inMode:dequeue:] ()
#46    0x00007fff8e4b799c in -[NSApplication run] ()
#47    0x00007fff8e4a2783 in NSApplicationMain ()
#48    0x00007fff91e97c0f in _xpc_main ()
#49    0x00007fff8cc80bde in xpc_main ()
#50    0x0000000105411630 in main at /Users/burg/repos/webkit-dev/Source/WebKit2/Shared/EntryPointUtilities/mac/XPCService/XPCServiceMain.Development.mm:164

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

More information about the webkit-unassigned mailing list