[Webkit-unassigned] [Bug 137319] New: fast/css/test-setting-canvas-color.html crashes intermittently deep inside convertNSColorToColor()
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Wed Oct 1 15:32:21 PDT 2014
https://bugs.webkit.org/show_bug.cgi?id=137319
Summary: fast/css/test-setting-canvas-color.html crashes
intermittently deep inside convertNSColorToColor()
Product: WebKit
Version: 528+ (Nightly build)
Platform: Unspecified
OS/Version: Unspecified
Status: NEW
Severity: Normal
Priority: P2
Component: Layout and Rendering
AssignedTo: webkit-unassigned at lists.webkit.org
ReportedBy: bdakin at apple.com
fast/css/test-setting-canvas-color.html crashes intermittently deep inside convertNSColorToColor().
Process: DumpRenderTree [81282]
Path: /Volumes/VOLUME/*/DumpRenderTree
Identifier: DumpRenderTree
Version: 0
Code Type: X86-64 (Native)
Parent Process: Python [81281]
User ID: 501
Date/Time: 2014-10-01 13:57:46.294 -0700
OS Version: Mac OS X 10.8.5 (12F45)
Report Version: 10
Crashed Thread: 0 Dispatch queue: com.apple.main-thread
Exception Type: EXC_BAD_ACCESS (SIGSEGV)
Exception Codes: KERN_INVALID_ADDRESS at 0x00007fb588b344a5
VM Regions Near 0x7fb588b344a5:
JS JIT generated code 000053cd61c01000-000053cd61c02000 [ 4K] ---/rwx SM=NUL
-->
MALLOC_TINY 00007fb600400000-00007fb600700000 [ 3072K] rw-/rwx SM=PRV
Application Specific Information:
CRASHING TEST: fast/css/test-setting-canvas-color.html
Thread 0 Crashed:: Dispatch queue: com.apple.main-thread
0 libunwind.dylib 0x00007fff87e8335b libunwind::CFI_Parser<libunwind::LocalAddressSpace>::parseCIE(libunwind::LocalAddressSpace&, unsigned long long, libunwind::CFI_Parser<libunwind::LocalAddressSpace>::CIE_Info*) + 63
1 libunwind.dylib 0x00007fff87e82fe6 libunwind::CFI_Parser<libunwind::LocalAddressSpace>::decodeFDE(libunwind::LocalAddressSpace&, unsigned long long, libunwind::CFI_Parser<libunwind::LocalAddressSpace>::FDE_Info*, libunwind::CFI_Parser<libunwind::LocalAddressSpace>::CIE_Info*) + 120
2 libunwind.dylib 0x00007fff87e81ef5 libunwind::UnwindCursor<libunwind::LocalAddressSpace, libunwind::Registers_x86_64>::setInfoBasedOnIPRegister(bool) + 401
3 libunwind.dylib 0x00007fff87e82555 libunwind::UnwindCursor<libunwind::LocalAddressSpace, libunwind::Registers_x86_64>::step() + 129
4 libobjc.A.dylib 0x00007fff929887af objc_addExceptionHandler + 79
5 com.apple.CoreFoundation 0x00007fff8f79dc6c _CFDoExceptionOperation + 380
6 com.apple.AppKit 0x00007fff8d5b724c _NSAppKitLock + 77
7 com.apple.AppKit 0x00007fff8d5fc0d1 +[NSColorList _findColorListNamed:forDeviceType:] + 79
8 com.apple.AppKit 0x00007fff8d5fb72f -[NSCatalogColor colorUsingColorSpaceName:device:] + 310
9 com.apple.AppKit 0x00007fff8d871831 -[NSCatalogColor drawSwatchInRect:] + 35
10 com.apple.WebCore 0x000000010d349e8f WebCore::convertNSColorToColor(NSColor*) + 1087 (RenderThemeMac.mm:439)
11 com.apple.WebCore 0x000000010d348f5f WebCore::RenderThemeMac::systemColor(WebCore::CSSValueID) const + 2463 (RenderThemeMac.mm:585)
12 com.apple.WebCore 0x000000010be1a752 WebCore::CSSParser::parseSystemColor(unsigned int&, WTF::String const&, WebCore::Document*) + 162 (CSSParser.cpp:1376)
13 com.apple.WebCore 0x000000010bc8fa7c WebCore::parseColor(unsigned int&, WTF::String const&, WebCore::Document*) + 124 (CanvasStyle.cpp:54)
14 com.apple.WebCore 0x000000010bc8fefb WebCore::CanvasStyle::createFromString(WTF::String const&, WebCore::Document*) + 43 (CanvasStyle.cpp:139)
15 com.apple.WebCore 0x000000010bc7f8be WebCore::CanvasRenderingContext2D::setFillColor(WTF::String const&) + 126 (CanvasRenderingContext2D.cpp:792)
16 com.apple.WebCore 0x000000010c871b5b WebCore::JSCanvasRenderingContext2D::setFillStyle(JSC::ExecState*, JSC::JSValue) + 107 (JSCanvasRenderingContext2DCustom.cpp:87)
17 com.apple.WebCore 0x000000010c85a2bb WebCore::setJSCanvasRenderingContext2DFillStyle(JSC::ExecState*, JSC::JSObject*, long long, long long) + 75 (JSCanvasRenderingContext2D.cpp:1037)
18 ??? 0x000053cd21c13fb9 0 + 92140499713977
19 com.apple.JavaScriptCore 0x000000010718e771 llint_entry + 25317
20 com.apple.JavaScriptCore 0x0000000107188249 vmEntryToJavaScript + 361
21 com.apple.JavaScriptCore 0x0000000107015b9a JSC::JITCode::execute(JSC::VM*, JSC::ProtoCallFrame*) + 266 (JITCode.cpp:56)
22 com.apple.JavaScriptCore 0x0000000106ffa104 JSC::Interpreter::execute(JSC::ProgramExecutable*, JSC::ExecState*, JSC::JSObject*) + 4820 (Interpreter.cpp:928)
23 com.apple.JavaScriptCore 0x0000000106c02ab0 JSC::evaluate(JSC::ExecState*, JSC::SourceCode const&, JSC::JSValue, JSC::JSValue*) + 480 (Completion.cpp:82)
24 com.apple.WebCore 0x000000010cada145 WebCore::JSMainThreadExecState::evaluate(JSC::ExecState*, JSC::SourceCode const&, JSC::JSValue, JSC::JSValue*) + 69 (JSMainThreadExecState.h:62)
25 com.apple.WebCore 0x000000010d3f959d WebCore::ScriptController::evaluateInWorld(WebCore::ScriptSourceCode const&, WebCore::DOMWrapperWorld&) + 317 (ScriptController.cpp:152)
26 com.apple.WebCore 0x000000010d3f96e4 WebCore::ScriptController::evaluate(WebCore::ScriptSourceCode const&) + 68 (ScriptController.cpp:168)
27 com.apple.WebCore 0x000000010d408b97 WebCore::ScriptElement::executeScript(WebCore::ScriptSourceCode const&) + 455 (ScriptElement.cpp:301)
28 com.apple.WebCore 0x000000010d407b60 WebCore::ScriptElement::prepareScript(WTF::TextPosition const&, WebCore::ScriptElement::LegacyTypeSupport) + 1792 (ScriptElement.cpp:237)
29 com.apple.WebCore 0x000000010c53bd39 WebCore::HTMLScriptRunner::runScript(WebCore::Element*, WTF::TextPosition const&) + 361 (HTMLScriptRunner.cpp:304)
30 com.apple.WebCore 0x000000010c53bb49 WebCore::HTMLScriptRunner::execute(WTF::PassRefPtr<WebCore::Element>, WTF::TextPosition const&) + 137 (HTMLScriptRunner.cpp:177)
31 com.apple.WebCore 0x000000010c4802b1 WebCore::HTMLDocumentParser::runScriptsForPausedTreeBuilder() + 289 (HTMLDocumentParser.cpp:218)
32 com.apple.WebCore 0x000000010c4803f8 WebCore::HTMLDocumentParser::canTakeNextToken(WebCore::HTMLDocumentParser::SynchronousMode, WebCore::PumpSession&) + 248 (HTMLDocumentParser.cpp:238)
33 com.apple.WebCore 0x000000010c47f59f WebCore::HTMLDocumentParser::pumpTokenizer(WebCore::HTMLDocumentParser::SynchronousMode) + 783 (HTMLDocumentParser.cpp:293)
34 com.apple.WebCore 0x000000010c47f029 WebCore::HTMLDocumentParser::pumpTokenizerIfPossible(WebCore::HTMLDocumentParser::SynchronousMode) + 169 (HTMLDocumentParser.cpp:190)
35 com.apple.WebCore 0x000000010c480fc1 WebCore::HTMLDocumentParser::append(WTF::PassRefPtr<WTF::StringImpl>) + 913 (HTMLDocumentParser.cpp:430)
36 com.apple.WebCore 0x000000010bf28d8c WebCore::DecodedDataDocumentParser::appendBytes(WebCore::DocumentWriter&, char const*, unsigned long) + 172 (DecodedDataDocumentParser.cpp:50)
37 com.apple.WebCore 0x000000010c068cae WebCore::DocumentWriter::addData(char const*, unsigned long) + 190 (DocumentWriter.cpp:224)
38 com.apple.WebCore 0x000000010c02fe86 WebCore::DocumentLoader::commitData(char const*, unsigned long) + 1014 (DocumentLoader.cpp:846)
39 com.apple.WebKitLegacy 0x0000000113301a2d -[WebFrame(WebInternal) _commitData:] + 205 (WebFrame.mm:1002)
40 com.apple.WebKitLegacy 0x000000011333ea9e -[WebHTMLRepresentation receivedData:withDataSource:] + 142 (WebHTMLRepresentation.mm:191)
41 com.apple.WebKitLegacy 0x00000001132df94a -[WebDataSource(WebInternal) _receivedData:] + 90 (WebDataSource.mm:252)
42 com.apple.WebKitLegacy 0x000000011330eef2 WebFrameLoaderClient::committedLoad(WebCore::DocumentLoader*, char const*, int) + 114 (WebFrameLoaderClient.mm:988)
43 com.apple.WebCore 0x000000010c031e60 WebCore::DocumentLoader::commitLoad(char const*, int) + 208 (DocumentLoader.cpp:771)
44 com.apple.WebCore 0x000000010c0326dc WebCore::DocumentLoader::dataReceived(WebCore::CachedResource*, char const*, int) + 1660 (DocumentLoader.cpp:891)
45 com.apple.WebCore 0x000000010bc53fb1 WebCore::CachedRawResource::notifyClientsDataWasReceived(char const*, unsigned int) + 161 (CachedRawResource.cpp:117)
46 com.apple.WebCore 0x000000010bc53e97 WebCore::CachedRawResource::addDataBuffer(WebCore::ResourceBuffer*) + 215 (CachedRawResource.cpp:72)
47 com.apple.WebCore 0x000000010d61650e WebCore::SubresourceLoader::didReceiveDataOrBuffer(char const*, int, WTF::PassRefPtr<WebCore::SharedBuffer>, long long, WebCore::DataPayloadType) + 478 (SubresourceLoader.cpp:277)
48 com.apple.WebCore 0x000000010d61663b WebCore::SubresourceLoader::didReceiveBuffer(WTF::PassRefPtr<WebCore::SharedBuffer>, long long, WebCore::DataPayloadType) + 75 (SubresourceLoader.cpp:258)
49 com.apple.WebCore 0x000000010d3a6a4c WebCore::ResourceLoader::didReceiveBuffer(WebCore::ResourceHandle*, WTF::PassRefPtr<WebCore::SharedBuffer>, int) + 140 (ResourceLoader.cpp:506)
50 com.apple.WebCore 0x000000010d888f57 -[WebCoreResourceHandleAsDelegate connection:didReceiveDataArray:] + 311 (WebCoreResourceHandleAsDelegate.mm:200)
51 com.apple.Foundation 0x00007fff885ddd88 __65-[NSURLConnectionInternal _withConnectionAndDelegate:onlyActive:]_block_invoke_0 + 28
52 com.apple.Foundation 0x00007fff885ddccc -[NSURLConnectionInternal _withConnectionAndDelegate:onlyActive:] + 227
53 com.apple.Foundation 0x00007fff885ddbc8 -[NSURLConnectionInternal _withActiveConnectionAndDelegate:] + 63
54 com.apple.Foundation 0x00007fff887551df _NSURLConnectionDidReceiveDataArray + 82
55 com.apple.CFNetwork 0x00007fff8b5c38e1 ___delegate_didReceiveDataArray_block_invoke_0 + 81
56 com.apple.CFNetwork 0x00007fff8b5b660a ___withDelegateAsync_block_invoke_0 + 90
57 com.apple.CFNetwork 0x00007fff8b646fea __block_global_1 + 28
58 com.apple.CoreFoundation 0x00007fff8f74a154 CFArrayApplyFunction + 68
59 com.apple.CFNetwork 0x00007fff8b5a7374 RunloopBlockContext::perform() + 124
60 com.apple.CFNetwork 0x00007fff8b5a724b MultiplexerSource::perform() + 221
61 com.apple.CoreFoundation 0x00007fff8f72bb31 __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ + 17
62 com.apple.CoreFoundation 0x00007fff8f72b455 __CFRunLoopDoSources0 + 245
63 com.apple.CoreFoundation 0x00007fff8f74e7f5 __CFRunLoopRun + 789
64 com.apple.CoreFoundation 0x00007fff8f74e0e2 CFRunLoopRunSpecific + 290
65 DumpRenderTree 0x00000001067babef runTest(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&) + 5135 (DumpRenderTree.mm:1853)
66 DumpRenderTree 0x00000001067b977a runTestingServerLoop() + 282 (DumpRenderTree.mm:1073)
67 DumpRenderTree 0x00000001067b90b5 dumpRenderTree(int, char const**) + 405 (DumpRenderTree.mm:1164)
68 DumpRenderTree 0x00000001067bb486 DumpRenderTreeMain(int, char const**) + 102 (DumpRenderTree.mm:1295)
69 DumpRenderTree 0x000000010680b652 main + 34 (DumpRenderTreeMain.mm:30)
70 libdyld.dylib 0x00007fff8a3c17e1 start + 1
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list