[Webkit-unassigned] [Bug 150193] New: Null dereference loading Blink layout test fast/mediastream/MediaStream-add-remove-tracks.html
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Thu Oct 15 15:23:39 PDT 2015
https://bugs.webkit.org/show_bug.cgi?id=150193
Bug ID: 150193
Summary: Null dereference loading Blink layout test
fast/mediastream/MediaStream-add-remove-tracks.html
Classification: Unclassified
Product: WebKit
Version: WebKit Nightly Build
Hardware: Unspecified
OS: Unspecified
Status: NEW
Keywords: HasReduction, NeedsRadar
Severity: Normal
Priority: P2
Component: Media Elements
Assignee: webkit-unassigned at lists.webkit.org
Reporter: jhoneycutt at apple.com
CC: jer.noble at apple.com,
webkit-bug-importer at group.apple.com
Created attachment 263200
--> https://bugs.webkit.org/attachment.cgi?id=263200&action=review
crashing test
Null dereference loading Blink layout test fast/mediastream/MediaStream-add-remove-tracks.html
Stack trace:
Crashed Thread: 0 Dispatch queue: com.apple.main-thread
Exception Type: EXC_BAD_ACCESS (SIGABRT)
Exception Codes: KERN_INVALID_ADDRESS at 0x0000000000000078
VM Regions Near 0x78:
-->
__TEXT 000000010fcd2000-000000010fd6c000 [ 616K] r-x/rwx SM=COW /Users/USER/*
Application Specific Information:
CRASHING TEST: blink-tests-that-are-different/fast/mediastream/MediaStream-add-remove-tracks.html
================================================================
==25591==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000078 (pc 0x000116d8af5d bp 0x7fff4ff29fe0 sp 0x7fff4ff29fe0 T0)
#0 0x116d8af5c in WTF::Ref<WebCore::MediaStreamTrackPrivate>::operator->() const Ref.h:114
#1 0x116d9e4dc in WebCore::MediaStreamTrack::id() const MediaStreamTrack.cpp:82
#2 0x116d879ea in WebCore::MediaStream::internalRemoveTrack(WTF::RefPtr<WebCore::MediaStreamTrack>&&, WebCore::MediaStream::StreamModifier) MediaStream.cpp:229
#3 0x116d877b7 in WebCore::MediaStream::removeTrack(WebCore::MediaStreamTrack*) MediaStream.cpp:144
#4 0x11680357d in WebCore::jsMediaStreamPrototypeFunctionRemoveTrack(JSC::ExecState*) JSMediaStream.cpp:512
#5 0x58ef70801027 (<unknown module>)
#6 0x110b0664f in llint_entry (/Users/jhoneycutt/src/OpenSource/WebKitBuild2/Release/JavaScriptCore.framework/Versions/A/JavaScriptCore+0xab464f)
#7 0x110b0664f in llint_entry (/Users/jhoneycutt/src/OpenSource/WebKitBuild2/Release/JavaScriptCore.framework/Versions/A/JavaScriptCore+0xab464f)
#8 0x110b00a0a in vmEntryToJavaScript (/Users/jhoneycutt/src/OpenSource/WebKitBuild2/Release/JavaScriptCore.framework/Versions/A/JavaScriptCore+0xaaea0a)
#9 0x11086207d in JSC::JITCode::execute(JSC::VM*, JSC::ProtoCallFrame*) JITCode.cpp:80
#10 0x11081f714 in JSC::Interpreter::executeCall(JSC::ExecState*, JSC::JSObject*, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) Interpreter.cpp:1024
#11 0x1101309d1 in JSC::call(JSC::ExecState*, JSC::JSValue, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) CallData.cpp:39
#12 0x110130ac1 in JSC::call(JSC::ExecState*, JSC::JSValue, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&, WTF::NakedPtr<JSC::Exception>&) CallData.cpp:44
#13 0x1164429c7 in WebCore::JSMainThreadExecState::call(JSC::ExecState*, JSC::JSValue, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&, WTF::NakedPtr<JSC::Exception>&) JSMainThreadExecState.h:56
#14 0x116442308 in WebCore::JSCallbackData::invokeCallback(JSC::JSObject*, JSC::MarkedArgumentBuffer&, WebCore::JSCallbackData::CallbackType, JSC::PropertyName, WTF::NakedPtr<JSC::Exception>&) JSCallbackData.cpp:85
#15 0x11684b4d7 in WebCore::JSNavigatorUserMediaSuccessCallback::handleEvent(WebCore::MediaStream*) JSNavigatorUserMediaSuccessCallback.cpp:75
#16 0x115ab0202 in WebCore::Document::postTask(WebCore::ScriptExecutionContext::Task)::$_0::operator()() const Document.cpp:5243
#17 0x110ebda9c in WTF::dispatchFunctionsFromMainThread() MainThread.cpp:134
#18 0x110ebe5fe in WTF::timerFired(__CFRunLoopTimer*, void*) MainThreadMac.mm:112
#19 0x7fff96fa2c83 in __CFRUNLOOP_IS_CALLING_OUT_TO_A_TIMER_CALLBACK_FUNCTION__ (/System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation+0x92c83)
#20 0x7fff96fa2912 in __CFRunLoopDoTimer (/System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation+0x92912)
#21 0x7fff96fa2469 in __CFRunLoopDoTimers (/System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation+0x92469)
#22 0x7fff96f99960 in __CFRunLoopRun (/System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation+0x89960)
#23 0x7fff96f98fc7 in CFRunLoopRunSpecific (/System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation+0x88fc7)
#24 0x10fcf498d in runTest(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&) DumpRenderTree.mm:2030
#25 0x10fcf3f39 in runTestingServerLoop() DumpRenderTree.mm:1180
#26 0x10fcf3267 in dumpRenderTree(int, char const**) DumpRenderTree.mm:1288
#27 0x10fcf52b1 in DumpRenderTreeMain(int, char const**) DumpRenderTree.mm:1418
#28 0x7fff931e95ac in start (/usr/lib/system/libdyld.dylib+0x35ac)
#29 0x1 (<unknown module>)
AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV Ref.h:114 WTF::Ref<WebCore::MediaStreamTrackPrivate>::operator->() const
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.webkit.org/pipermail/webkit-unassigned/attachments/20151015/e8c57e28/attachment.html>
More information about the webkit-unassigned
mailing list