[Webkit-unassigned] [Bug 129221] New: REGRESSION (r164483-r164523) Crash on pages that contain form fields

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Sat Feb 22 17:26:14 PST 2014 

https://bugs.webkit.org/show_bug.cgi?id=129221

           Summary: REGRESSION (r164483-r164523) Crash on pages that
                    contain form fields
           Product: WebKit
           Version: 528+ (Nightly build)
          Platform: Unspecified
               URL: http://shisaku.blogspot.jp
        OS/Version: Unspecified
            Status: NEW
          Severity: Critical
          Priority: P2
         Component: JavaScriptCore
        AssignedTo: webkit-unassigned at lists.webkit.org
        ReportedBy: phiw at l-c-n.com


Created an attachment (id=224986)
 --> (https://bugs.webkit.org/attachment.cgi?id=224986&action=review)
crash log

randomly picked URLs that exhibit the issues:

http://shisaku.blogspot.jp
http://l-c-n.com/contact/

load the offending pages, the webkit process crashes and crashes and crashes

The issue started with r164523, r164483 is fine

Thread 0 Crashed:: Dispatch queue: com.apple.main-thread
0   com.apple.JavaScriptCore          0x000000010940751e WTFCrash + 62
1   com.apple.JavaScriptCore          0x00000001090930be JSC::ErrorHandlingScope::ErrorHandlingScope(JSC::VM&) + 62
2   com.apple.JavaScriptCore          0x00000001092c7896 Inspector::JSGlobalObjectInspectorController::reportAPIException(JSC::ExecState*, JSC::JSValue) + 70
3   com.apple.JavaScriptCore          0x0000000109298e2b JSValueToObject + 331
4   com.apple.Safari.framework        0x00007fff8de95a21 controlObject(objc_object*, double, NSString*) + 207
5   com.apple.Safari.framework        0x00007fff8de95864 FrameMetadata::metadataForAllForms(WBSFormMetadataRequestType) const + 632
6   com.apple.Safari.framework        0x00007fff8de965f1 -[WBSFormMetadataController recursivelyCollectMetadataInFrame:requestType:frames:formMetadata:] + 184
7   com.apple.Safari.framework        0x00007fff8de96896 -[WBSFormMetadataController getMetadataForAllFormsInPageWithMainFrame:requestType:frames:formMetadata:] + 109
8   com.apple.Safari.framework        0x00007fff8dbb4c59 Safari::BrowserBundlePageController::collectFormMetadataForPreFillingForm(Safari::WK::URL const&, Safari::PreFillEvent) + 203
9   com.apple.Safari.framework        0x00007fff8dbbd2eb Safari::BrowserBundlePageController::handleMessageToPage(Safari::WK::BundlePage const&, Safari::WK::String const&, Safari::WK::Type const&) + 1019
10  com.apple.Safari.framework        0x00007fff8dbb2699 Safari::BrowserBundleController::dispatchMessageToPage(Safari::WK::BundlePage const&, Safari::WK::String const&, Safari::WK::Type const&) + 25
11  com.apple.Safari.framework        0x00007fff8dc390a7 Safari::WK::didReceiveMessageToPage(OpaqueWKBundle const*, OpaqueWKBundlePage const*, OpaqueWKString const*, void const*, void const*) + 126
12  com.apple.WebKit2                 0x0000000108b7efb7 WebKit::InjectedBundleClient::didReceiveMessageToPage(WebKit::InjectedBundle*, WebKit::WebPage*, WTF::String const&, API::Object*) + 129
13  com.apple.WebKit2                 0x0000000108c696df WebKit::WebPage::postInjectedBundleMessage(WTF::String const&, IPC::MessageDecoder&) + 91
14  com.apple.WebKit2                 0x0000000108c7eef6 void IPC::handleMessageVariadic<Messages::WebPage::PostInjectedBundleMessage, WebKit::WebPage, void (WebKit::WebPage::*)(WTF::String const&, IPC::MessageDecoder&)>(IPC::MessageDecoder&, WebKit::WebPage*, void (WebKit::WebPage::*)(WTF::String const&, IPC::MessageDecoder&)) + 78
15  com.apple.WebKit2                 0x0000000108c7cfd9 WebKit::WebPage::didReceiveWebPageMessage(IPC::Connection*, IPC::MessageDecoder&) + 5709
16  com.apple.WebKit2                 0x0000000108b8be61 IPC::MessageReceiverMap::dispatchMessage(IPC::Connection*, IPC::MessageDecoder&) + 125
17  com.apple.WebKit2                 0x0000000108cc01cc WebKit::WebProcess::didReceiveMessage(IPC::Connection*, IPC::MessageDecoder&) + 28
18  com.apple.WebKit2                 0x0000000108b3cfb8 IPC::Connection::dispatchMessage(std::__1::unique_ptr<IPC::MessageDecoder, std::__1::default_delete<IPC::MessageDecoder> >) + 94
19  com.apple.WebKit2                 0x0000000108b3f130 IPC::Connection::dispatchOneMessage() + 106
20  com.apple.JavaScriptCore          0x000000010942e8a2 WTF::RunLoop::performWork() + 850
21  com.apple.JavaScriptCore          0x000000010942edd2 WTF::RunLoop::performWork(void*) + 34
22  com.apple.CoreFoundation          0x00007fff8ffdd8f1 __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ + 17
23  com.apple.CoreFoundation          0x00007fff8ffcf062 __CFRunLoopDoSources0 + 242
24  com.apple.CoreFoundation          0x00007fff8ffce7ef __CFRunLoopRun + 831
25  com.apple.CoreFoundation          0x00007fff8ffce275 CFRunLoopRunSpecific + 309
26  com.apple.HIToolbox               0x00007fff91a6cf0d RunCurrentEventLoopInMode + 226
27  com.apple.HIToolbox               0x00007fff91a6ccb7 ReceiveNextEventCommon + 479
28  com.apple.HIToolbox               0x00007fff91a6cabc _BlockUntilNextEventMatchingListInModeWithFilter + 65
29  com.apple.AppKit                  0x00007fff86d1e28e _DPSNextEvent + 1434
30  com.apple.AppKit                  0x00007fff86d1d8db -[NSApplication nextEventMatchingMask:untilDate:inMode:dequeue:] + 122
31  com.apple.AppKit                  0x00007fff86d119cc -[NSApplication run] + 553
32  com.apple.AppKit                  0x00007fff86cfc803 NSApplicationMain + 940
33  com.apple.XPCService              0x00007fff9199dc0f _xpc_main + 385
34  libxpc.dylib                      0x00007fff8f659b2e xpc_main + 399
35  com.apple.WebKit.WebContent.Development    0x00000001057196a0 main + 16
36  libdyld.dylib                     0x00007fff87ebe5fd start + 1

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

More information about the webkit-unassigned mailing list