[Webkit-unassigned] [Bug 150214] New: Null dereference loading Blink layout test webaudio/dom-exceptions.html
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Thu Oct 15 17:10:57 PDT 2015
https://bugs.webkit.org/show_bug.cgi?id=150214
Bug ID: 150214
Summary: Null dereference loading Blink layout test
webaudio/dom-exceptions.html
Classification: Unclassified
Product: WebKit
Version: WebKit Local Build
Hardware: Unspecified
OS: Unspecified
Status: NEW
Keywords: HasReduction, NeedsRadar
Severity: Normal
Priority: P2
Component: Web Audio
Assignee: webkit-unassigned at lists.webkit.org
Reporter: jhoneycutt at apple.com
CC: webkit-bug-importer at group.apple.com
Created attachment 263231
--> https://bugs.webkit.org/attachment.cgi?id=263231&action=review
crashing test
Null dereference loading Blink layout test webaudio/dom-exceptions.html.
Stack trace:
Crashed Thread: 0 Dispatch queue: com.apple.main-thread
Exception Type: EXC_BAD_ACCESS (SIGABRT)
Exception Codes: KERN_INVALID_ADDRESS at 0x0000000000000018
VM Regions Near 0x18:
-->
__TEXT 000000010afa4000-000000010b03e000 [ 616K] r-x/rwx SM=COW /Users/USER/*
Application Specific Information:
CRASHING TEST: blink-tests-that-are-unknown/webaudio/dom-exceptions.html
================================================================
==23399==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000018 (pc 0x00010b328552 bp 0x7fff54c53ed0 sp 0x7fff54c53eb0 T0)
#0 0x10b328551 in JSC::ArrayBufferView::setNeuterable(bool) ArrayBufferView.cpp:51
#1 0x11081eff2 in WebCore::AudioBuffer::AudioBuffer(unsigned int, unsigned long, float) AudioBuffer.cpp:72
#2 0x11081eacb in WebCore::AudioBuffer::create(unsigned int, unsigned long, float) AudioBuffer.cpp:51
#3 0x11082d9bc in WebCore::AudioContext::AudioContext(WebCore::Document&, unsigned int, unsigned long, float) AudioContext.cpp:156
#4 0x112139a68 in WebCore::OfflineAudioContext::OfflineAudioContext(WebCore::Document&, unsigned int, unsigned long, float) OfflineAudioContext.cpp:58
#5 0x112139775 in WebCore::OfflineAudioContext::create(WebCore::ScriptExecutionContext&, unsigned int, unsigned long, float, int&) OfflineAudioContext.cpp:52
#6 0x111b45091 in WebCore::JSOfflineAudioContextConstructor::constructJSOfflineAudioContext(JSC::ExecState*) JSOfflineAudioContext.cpp:107
#7 0x10bdcad98 in JSC::LLInt::handleHostCall(JSC::ExecState*, JSC::Instruction*, JSC::JSValue, JSC::CodeSpecializationKind) LLIntSlowPaths.cpp:1113
#8 0x10bdcdd85 in JSC::LLInt::setUpCall(JSC::ExecState*, JSC::Instruction*, JSC::CodeSpecializationKind, JSC::JSValue, JSC::LLIntCallLinkInfo*) LLIntSlowPaths.cpp:1136
#9 0x10bdd5974 in llint_entry (/Users/jhoneycutt/src/OpenSource/WebKitBuild2/Release/JavaScriptCore.framework/Versions/A/JavaScriptCore+0xab4974)
#10 0x10bdcfa0a in vmEntryToJavaScript (/Users/jhoneycutt/src/OpenSource/WebKitBuild2/Release/JavaScriptCore.framework/Versions/A/JavaScriptCore+0xaaea0a)
#11 0x10bb3107d in JSC::JITCode::execute(JSC::VM*, JSC::ProtoCallFrame*) JITCode.cpp:80
#12 0x10bae717f in JSC::Interpreter::execute(JSC::EvalExecutable*, JSC::ExecState*, JSC::JSValue, JSC::JSScope*) Interpreter.cpp:1269
#13 0x10bae6542 in JSC::eval(JSC::ExecState*) Interpreter.cpp:182
#14 0x10bb61792 in operationCallEval JITOperations.cpp:677
#15 0x3cfc3660428b (<unknown module>)
#16 0x10bdd564f in llint_entry (/Users/jhoneycutt/src/OpenSource/WebKitBuild2/Release/JavaScriptCore.framework/Versions/A/JavaScriptCore+0xab464f)
#17 0x10bdd564f in llint_entry (/Users/jhoneycutt/src/OpenSource/WebKitBuild2/Release/JavaScriptCore.framework/Versions/A/JavaScriptCore+0xab464f)
#18 0x10bdcfa0a in vmEntryToJavaScript (/Users/jhoneycutt/src/OpenSource/WebKitBuild2/Release/JavaScriptCore.framework/Versions/A/JavaScriptCore+0xaaea0a)
#19 0x10bb3107d in JSC::JITCode::execute(JSC::VM*, JSC::ProtoCallFrame*) JITCode.cpp:80
#20 0x10baedcc6 in JSC::Interpreter::execute(JSC::ProgramExecutable*, JSC::ExecState*, JSC::JSObject*) Interpreter.cpp:961
#21 0x10b4b0689 in JSC::evaluate(JSC::ExecState*, JSC::SourceCode const&, JSC::JSValue, WTF::NakedPtr<JSC::Exception>&) Completion.cpp:104
#22 0x111a9f3ad in WebCore::JSMainThreadExecState::evaluate(JSC::ExecState*, JSC::SourceCode const&, JSC::JSValue, WTF::NakedPtr<JSC::Exception>&) JSMainThreadExecState.h:62
#23 0x1126db410 in WebCore::ScriptController::evaluateInWorld(WebCore::ScriptSourceCode const&, WebCore::DOMWrapperWorld&) ScriptController.cpp:164
#24 0x1126db618 in WebCore::ScriptController::evaluate(WebCore::ScriptSourceCode const&) ScriptController.cpp:180
#25 0x1126ed586 in WebCore::ScriptElement::executeScript(WebCore::ScriptSourceCode const&) ScriptElement.cpp:309
#26 0x1126eae6a in WebCore::ScriptElement::prepareScript(WTF::TextPosition const&, WebCore::ScriptElement::LegacyTypeSupport) ScriptElement.cpp:242
#27 0x1113e09cb in WebCore::HTMLScriptRunner::runScript(WebCore::Element*, WTF::TextPosition const&) HTMLScriptRunner.cpp:308
#28 0x1113e0705 in WebCore::HTMLScriptRunner::execute(WTF::PassRefPtr<WebCore::Element>, WTF::TextPosition const&) HTMLScriptRunner.cpp:177
#29 0x11130ba6f in WebCore::HTMLDocumentParser::runScriptsForPausedTreeBuilder() HTMLDocumentParser.cpp:195
#30 0x11130bce3 in WebCore::HTMLDocumentParser::canTakeNextToken(WebCore::HTMLDocumentParser::SynchronousMode, WebCore::PumpSession&) HTMLDocumentParser.cpp:213
#31 0x11130b2a8 in WebCore::HTMLDocumentParser::pumpTokenizer(WebCore::HTMLDocumentParser::SynchronousMode) HTMLDocumentParser.cpp:259
#32 0x11130cc9d in WebCore::HTMLDocumentParser::resumeParsingAfterScriptExecution() HTMLDocumentParser.cpp:496
#33 0x11130cf61 in WebCore::HTMLDocumentParser::notifyFinished(WebCore::CachedResource*) HTMLDocumentParser.cpp:536
#34 0x11092eca7 in WebCore::CachedResource::checkNotify() CachedResource.cpp:297
#35 0x1129b7588 in WebCore::SubresourceLoader::didFinishLoading(double) SubresourceLoader.cpp:372
#36 0x7fff8c4a3850 in __65-[NSURLConnectionInternal _withConnectionAndDelegate:onlyActive:]_block_invoke (/System/Library/Frameworks/CFNetwork.framework/Versions/A/CFNetwork+0x2e850)
#37 0x7fff8c4a3765 in -[NSURLConnectionInternal _withConnectionAndDelegate:onlyActive:] (/System/Library/Frameworks/CFNetwork.framework/Versions/A/CFNetwork+0x2e765)
#38 0x7fff8c4a366a in -[NSURLConnectionInternal _withActiveConnectionAndDelegate:] (/System/Library/Frameworks/CFNetwork.framework/Versions/A/CFNetwork+0x2e66a)
#39 0x7fff8c4a8491 in ___ZN27URLConnectionClient_Classic26_delegate_didFinishLoadingEU13block_pointerFvvE_block_invoke (/System/Library/Frameworks/CFNetwork.framework/Versions/A/CFNetwork+0x33491)
#40 0x7fff8c63c976 in ___ZN27URLConnectionClient_Classic18_withDelegateAsyncEPKcU13block_pointerFvP16_CFURLConnectionPK33CFURLConnectionClientCurrent_VMaxE_block_invoke_2 (/System/Library/Frameworks/CFNetwork.framework/Versions/A/CFNetwork+0x1c7976)
#41 0x7fff9a99c3c2 in _dispatch_client_callout (/usr/lib/system/libdispatch.dylib+0x23c2)
#42 0x7fff9a9aa0bd in _dispatch_block_invoke (/usr/lib/system/libdispatch.dylib+0x100bd)
#43 0x7fff8c4a3527 in RunloopBlockContext::_invoke_block(void const*, void*) (/System/Library/Frameworks/CFNetwork.framework/Versions/A/CFNetwork+0x2e527)
#44 0x7fff96f5ce63 in CFArrayApplyFunction (/System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation+0x4ce63)
#45 0x7fff8c4a3420 in RunloopBlockContext::perform() (/System/Library/Frameworks/CFNetwork.framework/Versions/A/CFNetwork+0x2e420)
#46 0x7fff8c4a32c1 in MultiplexerSource::perform() (/System/Library/Frameworks/CFNetwork.framework/Versions/A/CFNetwork+0x2e2c1)
#47 0x7fff8c4a30e3 in MultiplexerSource::_perform(void*) (/System/Library/Frameworks/CFNetwork.framework/Versions/A/CFNetwork+0x2e0e3)
#48 0x7fff96fba8b0 in __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ (/System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation+0xaa8b0)
#49 0x7fff96f9a0ab in __CFRunLoopDoSources0 (/System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation+0x8a0ab)
#50 0x7fff96f995ce in __CFRunLoopRun (/System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation+0x895ce)
#51 0x7fff96f98fc7 in CFRunLoopRunSpecific (/System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation+0x88fc7)
#52 0x10afc698d in runTest(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&) DumpRenderTree.mm:2030
#53 0x10afc5f39 in runTestingServerLoop() DumpRenderTree.mm:1180
#54 0x10afc5267 in dumpRenderTree(int, char const**) DumpRenderTree.mm:1288
#55 0x10afc72b1 in DumpRenderTreeMain(int, char const**) DumpRenderTree.mm:1418
#56 0x7fff931e95ac in start (/usr/lib/system/libdyld.dylib+0x35ac)
#57 0x1 (<unknown module>)
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.webkit.org/pipermail/webkit-unassigned/attachments/20151016/6edff10f/attachment-0001.html>
More information about the webkit-unassigned
mailing list