[Webkit-unassigned] [Bug 128041] New: Web Inspector: Crash when searching in DOM tree

[bugzilla-daemon at webkit.org]

https://bugs.webkit.org/show_bug.cgi?id=128041

           Summary: Web Inspector: Crash when searching in DOM tree
           Product: WebKit
           Version: 525.x (Safari 3.2)
          Platform: Macintosh
        OS/Version: Mac OS X 10.9
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: Web Inspector
        AssignedTo: webkit-unassigned at lists.webkit.org
        ReportedBy: taiki at taiki.us
                CC: timothy at apple.com, joepeck at webkit.org,
                    webkit-bug-importer at group.apple.com, graouts at apple.com


[Running Safari 7, don't know which version of Webkit is used]
I could reproduce a crash in the Web Inspector by performing the following tasks:
1. Disable Javascript
2. Go to some website (reproduced on google.com, some pages of deviantart)
3. Open the Web Inspector search bar
4. Type something
5. Crash

Reliably reproduced on google.com, with the string 'height' but crash also occurred with other strings, however, some pages of deviantart don't crash, while other do.
Here is the stack trace:

Thread 0 Crashed:: Dispatch queue: com.apple.main-thread
0   com.apple.JavaScriptCore          0x00007fff8ac3cb8d JSC::JSObject::defaultValue(JSC::JSObject const*, JSC::ExecState*, JSC::PreferredPrimitiveType) + 45
1   com.apple.JavaScriptCore          0x00007fff8ada2d2d JSC::JSObject::toString(JSC::ExecState*) const + 77
2   com.apple.WebCore                 0x00007fff8e259ac0 WebCore::eventListenerHandlerBody(WebCore::Document*, WebCore::EventListener*) + 128
3   com.apple.WebCore                 0x00007fff8de867b7 WebCore::InspectorDOMAgent::buildObjectForEventListener(WebCore::RegisteredEventListener const&, WTF::AtomicString const&, WebCore::Node*, WTF::String const*) + 695
4   com.apple.WebCore                 0x00007fff8de85ca3 WebCore::InspectorDOMAgent::getEventListenersForNode(WTF::String*, int, WTF::String const*, WTF::RefPtr<WebCore::TypeBuilder::Array<WebCore::TypeBuilder::DOM::EventListener> >&) + 339
5   com.apple.WebCore                 0x00007fff8de488fa WebCore::InspectorBackendDispatcherImpl::DOM_getEventListenersForNode(long, WebCore::InspectorObject*) + 634
6   com.apple.WebCore                 0x00007fff8de6620a WebCore::InspectorBackendDispatcherImpl::dispatch(WTF::String const&) + 1546
7   com.apple.WebCore                 0x00007fff8dea3d50 WebCore::InspectorBackendDispatchTask::onTimer(WebCore::Timer<WebCore::InspectorBackendDispatchTask>*) + 160
8   com.apple.WebCore                 0x00007fff8d6f164f WebCore::ThreadTimers::sharedTimerFiredInternal() + 175
9   com.apple.WebCore                 0x00007fff8d6f152a WebCore::timerFired(__CFRunLoopTimer*, void*) + 58
10  com.apple.CoreFoundation          0x00007fff879bb724 __CFRUNLOOP_IS_CALLING_OUT_TO_A_TIMER_CALLBACK_FUNCTION__ + 20
11  com.apple.CoreFoundation          0x00007fff879bb25f __CFRunLoopDoTimer + 1151
12  com.apple.CoreFoundation          0x00007fff87a2c76a __CFRunLoopDoTimers + 298
13  com.apple.CoreFoundation          0x00007fff87976aa5 __CFRunLoopRun + 1525
14  com.apple.CoreFoundation          0x00007fff87976275 CFRunLoopRunSpecific + 309
15  com.apple.HIToolbox               0x00007fff8d1c3f0d RunCurrentEventLoopInMode + 226
16  com.apple.HIToolbox               0x00007fff8d1c3cb7 ReceiveNextEventCommon + 479
17  com.apple.HIToolbox               0x00007fff8d1c3abc _BlockUntilNextEventMatchingListInModeWithFilter + 65
18  com.apple.AppKit                  0x00007fff8b5d828e _DPSNextEvent + 1434
19  com.apple.AppKit                  0x00007fff8b5d78db -[NSApplication nextEventMatchingMask:untilDate:inMode:dequeue:] + 122
20  com.apple.AppKit                  0x00007fff8b5cb9cc -[NSApplication run] + 553
21  com.apple.AppKit                  0x00007fff8b5b6803 NSApplicationMain + 940
22  com.apple.XPCService              0x00007fff87315c0f _xpc_main + 385
23  libxpc.dylib                      0x00007fff8718ab2e xpc_main + 399
24  com.apple.WebKit.WebContent       0x00000001045a0ba0 0x1045a0000 + 2976
25  libdyld.dylib                     0x00007fff8c1775fd start + 1

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.