[Webkit-unassigned] [Bug 154403] New: Crash on SES selftest page when loading the page while WebInspector is open in debug builds
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Thu Feb 18 11:31:00 PST 2016
https://bugs.webkit.org/show_bug.cgi?id=154403
Bug ID: 154403
Summary: Crash on SES selftest page when loading the page while
WebInspector is open in debug builds
Classification: Unclassified
Product: WebKit
Version: WebKit Nightly Build
Hardware: Unspecified
URL: https://rawgit.com/tvcutsem/es-lab/master/src/ses/cont
ract.html
OS: Unspecified
Status: NEW
Severity: Normal
Priority: P2
Component: Web Inspector
Assignee: webkit-unassigned at lists.webkit.org
Reporter: cdumez at apple.com
CC: bburg at apple.com, graouts at webkit.org,
joepeck at webkit.org, mattbaker at apple.com,
nvasilyev at apple.com, timothy at apple.com,
webkit-bug-importer at group.apple.com
Crash on SES selftest page when loading the page while WebInspector is open in debug builds:
https://rawgit.com/tvcutsem/es-lab/master/src/ses/contract.html
Trace:
Exception Type: EXC_BAD_ACCESS (SIGSEGV)
Exception Codes: KERN_INVALID_ADDRESS at 0x00000000bbadbeef
Exception Note: EXC_CORPSE_NOTIFY
VM Regions Near 0xbbadbeef:
-->
__TEXT 000000010f456000-000000010f458000 [ 8K] r-x/rwx SM=COW /Volumes/VOLUME/*/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.Development.xpc/Contents/MacOS/com.apple.WebKit.WebContent.Development
Application Specific Information:
Bundle controller class:
BrowserBundleController
Process Model:
Multiple Web Processes
Global Trace Buffer (reverse chronological seconds):
88.533547 CFNetwork 0x00007fff8f681d29 Explicitly setting CF cookie storage singleton
88.533865 CFNetwork 0x00007fff8f6b8621 Explicitly setting cookie storage singleton
Thread 0 Crashed:: Dispatch queue: com.apple.main-thread
0 com.apple.JavaScriptCore 0x000000011399e487 WTFCrash + 39 (Assertions.cpp:322)
1 com.apple.JavaScriptCore 0x00000001133097f7 Inspector::InjectedScriptBase::makeCall(Deprecated::ScriptFunctionCall&, WTF::RefPtr<Inspector::InspectorValue>*) + 183 (InjectedScriptBase.cpp:98)
2 com.apple.JavaScriptCore 0x0000000113305a0d Inspector::InjectedScript::getDisplayableProperties(WTF::String&, WTF::String const&, bool, WTF::RefPtr<Inspector::Protocol::Array<Inspector::Protocol::Runtime::PropertyDescriptor> >*) + 253 (InjectedScript.cpp:136)
3 com.apple.JavaScriptCore 0x000000011339d9cb Inspector::InspectorRuntimeAgent::getDisplayableProperties(WTF::String&, WTF::String const&, bool const*, WTF::RefPtr<Inspector::Protocol::Array<Inspector::Protocol::Runtime::PropertyDescriptor> >&, WTF::RefPtr<Inspector::Protocol::Array<Inspector::Protocol::Runtime::InternalPropertyDescriptor> >&) + 283 (InspectorRuntimeAgent.cpp:192)
4 com.apple.JavaScriptCore 0x000000011339daba non-virtual thunk to Inspector::InspectorRuntimeAgent::getDisplayableProperties(WTF::String&, WTF::String const&, bool const*, WTF::RefPtr<Inspector::Protocol::Array<Inspector::Protocol::Runtime::PropertyDescriptor> >&, WTF::RefPtr<Inspector::Protocol::Array<Inspector::Protocol::Runtime::InternalPropertyDescriptor> >&) + 90 (InspectorRuntimeAgent.cpp:180)
5 com.apple.JavaScriptCore 0x000000011334887e Inspector::RuntimeBackendDispatcher::getDisplayableProperties(long, WTF::RefPtr<Inspector::InspectorObject>&&) + 718 (InspectorBackendDispatchers.cpp:5154)
6 com.apple.JavaScriptCore 0x0000000113346476 Inspector::RuntimeBackendDispatcher::dispatch(long, WTF::String const&, WTF::Ref<Inspector::InspectorObject>&&) + 886 (InspectorBackendDispatchers.cpp:4970)
7 com.apple.JavaScriptCore 0x0000000113317950 Inspector::BackendDispatcher::dispatch(WTF::String const&) + 2000 (InspectorBackendDispatcher.cpp:181)
8 com.apple.WebCore 0x000000011698651f WebCore::InspectorController::dispatchMessageFromFrontend(WTF::String const&) + 47 (InspectorController.cpp:386)
9 com.apple.WebKit 0x000000010fc07243 WebKit::WebInspector::sendMessageToBackend(WTF::String const&) + 83 (WebInspector.cpp:252)
10 com.apple.WebKit 0x000000010fc1435f void IPC::callMemberFunctionImpl<WebKit::WebInspector, void (WebKit::WebInspector::*)(WTF::String const&), std::__1::tuple<WTF::String>, 0ul>(WebKit::WebInspector*, void (WebKit::WebInspector::*)(WTF::String const&), std::__1::tuple<WTF::String>&&, std::index_sequence<0ul>) + 159 (HandleMessage.h:17)
11 com.apple.WebKit 0x000000010fc142b8 void IPC::callMemberFunction<WebKit::WebInspector, void (WebKit::WebInspector::*)(WTF::String const&), std::__1::tuple<WTF::String>, std::make_index_sequence<1ul> >(std::__1::tuple<WTF::String>&&, WebKit::WebInspector*, void (WebKit::WebInspector::*)(WTF::String const&)) + 88 (HandleMessage.h:23)
12 com.apple.WebKit 0x000000010fc13ed0 void IPC::handleMessage<Messages::WebInspector::SendMessageToBackend, WebKit::WebInspector, void (WebKit::WebInspector::*)(WTF::String const&)>(IPC::MessageDecoder&, WebKit::WebInspector*, void (WebKit::WebInspector::*)(WTF::String const&)) + 240 (HandleMessage.h:93)
13 com.apple.WebKit 0x000000010fc1339a WebKit::WebInspector::didReceiveMessage(IPC::Connection&, IPC::MessageDecoder&) + 1306 (WebInspectorMessageReceiver.cpp:77)
14 com.apple.WebKit 0x000000010fc13407 non-virtual thunk to WebKit::WebInspector::didReceiveMessage(IPC::Connection&, IPC::MessageDecoder&) + 55 (WebInspectorMessageReceiver.cpp:37)
15 com.apple.WebKit 0x000000010f5174d3 IPC::Connection::dispatchMessage(IPC::MessageDecoder&) + 51 (Connection.cpp:892)
16 com.apple.WebKit 0x000000010f50e351 IPC::Connection::dispatchMessage(std::__1::unique_ptr<IPC::MessageDecoder, std::__1::default_delete<IPC::MessageDecoder> >) + 785 (Connection.cpp:924)
17 com.apple.WebKit 0x000000010f517acf IPC::Connection::dispatchOneMessage() + 1519 (Connection.cpp:953)
18 com.apple.WebKit 0x000000010f528e3d IPC::Connection::enqueueIncomingMessage(std::__1::unique_ptr<IPC::MessageDecoder, std::__1::default_delete<IPC::MessageDecoder> >)::$_10::operator()() const + 29 (Connection.cpp:886)
19 com.apple.WebKit 0x000000010f528e0d void std::__1::__invoke_void_return_wrapper<void>::__call<IPC::Connection::enqueueIncomingMessage(std::__1::unique_ptr<IPC::MessageDecoder, std::__1::default_delete<IPC::MessageDecoder> >)::$_10&>(IPC::Connection::enqueueIncomingMessage(std::__1::unique_ptr<IPC::MessageDecoder, std::__1::default_delete<IPC::MessageDecoder> >)::$_10&&&) + 45 (__functional_base:441)
20 com.apple.WebKit 0x000000010f528c5c std::__1::__function::__func<IPC::Connection::enqueueIncomingMessage(std::__1::unique_ptr<IPC::MessageDecoder, std::__1::default_delete<IPC::MessageDecoder> >)::$_10, std::__1::allocator<IPC::Connection::enqueueIncomingMessage(std::__1::unique_ptr<IPC::MessageDecoder, std::__1::default_delete<IPC::MessageDecoder> >)::$_10>, void ()>::operator()() + 44 (functional:1407)
21 com.apple.JavaScriptCore 0x00000001132e2cda std::__1::function<void ()>::operator()() const + 26 (functional:1793)
22 com.apple.JavaScriptCore 0x00000001139e8272 WTF::RunLoop::performWork() + 306 (RunLoop.cpp:106)
23 com.apple.JavaScriptCore 0x00000001139e8a94 WTF::RunLoop::performWork(void*) + 36 (RunLoopCF.cpp:38)
24 com.apple.CoreFoundation 0x00007fff985275c1 __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ + 17
25 com.apple.CoreFoundation 0x00007fff9851941c __CFRunLoopDoSources0 + 556
26 com.apple.CoreFoundation 0x00007fff9851893f __CFRunLoopRun + 927
27 com.apple.CoreFoundation 0x00007fff98518338 CFRunLoopRunSpecific + 296
28 com.apple.HIToolbox 0x00007fff9a7e4935 RunCurrentEventLoopInMode + 235
29 com.apple.HIToolbox 0x00007fff9a7e476f ReceiveNextEventCommon + 432
30 com.apple.HIToolbox 0x00007fff9a7e45af _BlockUntilNextEventMatchingListInModeWithFilter + 71
31 com.apple.AppKit 0x00007fff938cd0ee _DPSNextEvent + 1067
32 com.apple.AppKit 0x00007fff93c99943 -[NSApplication _nextEventMatchingEventMask:untilDate:inMode:dequeue:] + 454
33 com.apple.WebCore 0x000000011631542a WebCore::EventLoop::cycle() + 138 (EventLoopMac.mm:34)
34 com.apple.WebCore 0x00000001174d2611 WebCore::PageScriptDebugServer::runEventLoopWhilePausedInternal() + 97 (PageScriptDebugServer.cpp:116)
35 com.apple.WebCore 0x00000001174d25a5 WebCore::PageScriptDebugServer::runEventLoopWhilePaused() + 21 (PageScriptDebugServer.cpp:109)
36 com.apple.JavaScriptCore 0x00000001137dde14 Inspector::ScriptDebugServer::handlePause(JSC::JSGlobalObject*, JSC::Debugger::ReasonForPause) + 116 (ScriptDebugServer.cpp:317)
37 com.apple.JavaScriptCore 0x0000000112dc62fd JSC::Debugger::pauseIfNeeded(JSC::ExecState*) + 637 (Debugger.cpp:660)
38 com.apple.JavaScriptCore 0x0000000112dc65bc JSC::Debugger::updateCallFrameAndPauseIfNeeded(JSC::ExecState*) + 60 (Debugger.cpp:612)
39 com.apple.JavaScriptCore 0x0000000112dc6a54 JSC::Debugger::didReachBreakpoint(JSC::ExecState*) + 100 (Debugger.cpp:767)
40 com.apple.JavaScriptCore 0x00000001133ae20b JSC::Interpreter::debug(JSC::ExecState*, JSC::DebugHookID) + 347 (Interpreter.cpp:1366)
41 com.apple.JavaScriptCore 0x00000001135ea25b llint_slow_path_debug + 123 (LLIntSlowPaths.cpp:1379)
42 com.apple.JavaScriptCore 0x00000001135f4ec4 llint_entry + 29472
43 com.apple.JavaScriptCore 0x00000001135f4471 llint_entry + 26829
44 com.apple.JavaScriptCore 0x00000001135f4471 llint_entry + 26829
45 com.apple.JavaScriptCore 0x00000001135f4471 llint_entry + 26829
46 com.apple.JavaScriptCore 0x00000001135f4471 llint_entry + 26829
47 com.apple.JavaScriptCore 0x00000001135f4471 llint_entry + 26829
48 com.apple.JavaScriptCore 0x00000001135ed98e vmEntryToJavaScript + 334
49 com.apple.JavaScriptCore 0x000000011340e6fa JSC::JITCode::execute(JSC::VM*, JSC::ProtoCallFrame*) + 218 (JITCode.cpp:80)
50 com.apple.JavaScriptCore 0x00000001133ac7b6 JSC::Interpreter::execute(JSC::ProgramExecutable*, JSC::ExecState*, JSC::JSObject*) + 4518 (Interpreter.cpp:972)
51 com.apple.JavaScriptCore 0x0000000112d97b60 JSC::evaluate(JSC::ExecState*, JSC::SourceCode const&, JSC::JSValue, WTF::NakedPtr<JSC::Exception>&) + 480 (Completion.cpp:105)
52 com.apple.JavaScriptCore 0x0000000112d97c9e JSC::profiledEvaluate(JSC::ExecState*, JSC::ProfilingReason, JSC::SourceCode const&, JSC::JSValue, WTF::NakedPtr<JSC::Exception>&) + 94 (Completion.cpp:120)
53 com.apple.WebCore 0x00000001179b8beb WebCore::JSMainThreadExecState::profiledEvaluate(JSC::ExecState*, JSC::ProfilingReason, JSC::SourceCode const&, JSC::JSValue, WTF::NakedPtr<JSC::Exception>&) + 75 (JSMainThreadExecState.h:80)
54 com.apple.WebCore 0x00000001179b6766 WebCore::ScriptController::evaluateInWorld(WebCore::ScriptSourceCode const&, WebCore::DOMWrapperWorld&, WebCore::ExceptionDetails*) + 326 (ScriptController.cpp:164)
55 com.apple.WebCore 0x00000001179b68cc WebCore::ScriptController::evaluate(WebCore::ScriptSourceCode const&, WebCore::ExceptionDetails*) + 76 (ScriptController.cpp:180)
56 com.apple.WebCore 0x00000001179c5ccb WebCore::ScriptElement::executeScript(WebCore::ScriptSourceCode const&) + 491 (ScriptElement.cpp:314)
57 com.apple.WebCore 0x00000001179c4bb3 WebCore::ScriptElement::prepareScript(WTF::TextPosition const&, WebCore::ScriptElement::LegacyTypeSupport) + 1731 (ScriptElement.cpp:245)
58 com.apple.WebCore 0x0000000116711f2c WebCore::HTMLScriptRunner::runScript(WebCore::Element*, WTF::TextPosition const&) + 364 (HTMLScriptRunner.cpp:304)
59 com.apple.WebCore 0x0000000116711d3a WebCore::HTMLScriptRunner::execute(WTF::PassRefPtr<WebCore::Element>, WTF::TextPosition const&) + 138 (HTMLScriptRunner.cpp:177)
60 com.apple.WebCore 0x0000000116638021 WebCore::HTMLDocumentParser::runScriptsForPausedTreeBuilder() + 289 (HTMLDocumentParser.cpp:195)
61 com.apple.WebCore 0x0000000116638131 WebCore::HTMLDocumentParser::canTakeNextToken(WebCore::HTMLDocumentParser::SynchronousMode, WebCore::PumpSession&) + 177 (HTMLDocumentParser.cpp:214)
62 com.apple.WebCore 0x000000011663749f WebCore::HTMLDocumentParser::pumpTokenizer(WebCore::HTMLDocumentParser::SynchronousMode) + 399 (HTMLDocumentParser.cpp:252)
63 com.apple.WebCore 0x00000001166370ce WebCore::HTMLDocumentParser::pumpTokenizerIfPossible(WebCore::HTMLDocumentParser::SynchronousMode) + 174 (HTMLDocumentParser.cpp:167)
64 com.apple.WebCore 0x000000011663914f WebCore::HTMLDocumentParser::resumeParsingAfterScriptExecution() + 383 (HTMLDocumentParser.cpp:488)
65 com.apple.WebCore 0x0000000116639557 WebCore::HTMLDocumentParser::notifyFinished(WebCore::CachedResource*) + 327 (HTMLDocumentParser.cpp:528)
66 com.apple.WebCore 0x000000011663959f non-virtual thunk to WebCore::HTMLDocumentParser::notifyFinished(WebCore::CachedResource*) + 47 (HTMLDocumentParser.cpp:512)
67 com.apple.WebCore 0x0000000115ca7212 WebCore::CachedResource::checkNotify() + 130 (CachedResource.cpp:295)
68 com.apple.WebCore 0x0000000115ca7321 WebCore::CachedResource::finishLoading(WebCore::SharedBuffer*) + 49 (CachedResource.cpp:313)
69 com.apple.WebCore 0x0000000115cc802e WebCore::CachedScript::finishLoading(WebCore::SharedBuffer*) + 126 (CachedScript.cpp:117)
70 com.apple.WebCore 0x0000000117c9ea54 WebCore::SubresourceLoader::didFinishLoading(double) + 532 (SubresourceLoader.cpp:386)
71 com.apple.WebKit 0x000000010fea6687 WebKit::WebResourceLoader::didFinishResourceLoad(double) + 151 (WebResourceLoader.cpp:154)
72 com.apple.WebKit 0x000000010feabbf3 void IPC::callMemberFunctionImpl<WebKit::WebResourceLoader, void (WebKit::WebResourceLoader::*)(double), std::__1::tuple<double>, 0ul>(WebKit::WebResourceLoader*, void (WebKit::WebResourceLoader::*)(double), std::__1::tuple<double>&&, std::index_sequence<0ul>) + 163 (HandleMessage.h:17)
73 com.apple.WebKit 0x000000010feabb48 void IPC::callMemberFunction<WebKit::WebResourceLoader, void (WebKit::WebResourceLoader::*)(double), std::__1::tuple<double>, std::make_index_sequence<1ul> >(std::__1::tuple<double>&&, WebKit::WebResourceLoader*, void (WebKit::WebResourceLoader::*)(double)) + 88 (HandleMessage.h:23)
74 com.apple.WebKit 0x000000010feaac62 void IPC::handleMessage<Messages::WebResourceLoader::DidFinishResourceLoad, WebKit::WebResourceLoader, void (WebKit::WebResourceLoader::*)(double)>(IPC::MessageDecoder&, WebKit::WebResourceLoader*, void (WebKit::WebResourceLoader::*)(double)) + 226 (HandleMessage.h:93)
75 com.apple.WebKit 0x000000010feaa3dc WebKit::WebResourceLoader::didReceiveWebResourceLoaderMessage(IPC::Connection&, IPC::MessageDecoder&) + 636 (WebResourceLoaderMessageReceiver.cpp:66)
76 com.apple.WebKit 0x000000010f8638b0 WebKit::NetworkProcessConnection::didReceiveMessage(IPC::Connection&, IPC::MessageDecoder&) + 160 (NetworkProcessConnection.cpp:60)
77 com.apple.WebKit 0x000000010f5174d3 IPC::Connection::dispatchMessage(IPC::MessageDecoder&) + 51 (Connection.cpp:892)
78 com.apple.WebKit 0x000000010f50e351 IPC::Connection::dispatchMessage(std::__1::unique_ptr<IPC::MessageDecoder, std::__1::default_delete<IPC::MessageDecoder> >) + 785 (Connection.cpp:924)
79 com.apple.WebKit 0x000000010f517acf IPC::Connection::dispatchOneMessage() + 1519 (Connection.cpp:953)
80 com.apple.WebKit 0x000000010f528e3d IPC::Connection::enqueueIncomingMessage(std::__1::unique_ptr<IPC::MessageDecoder, std::__1::default_delete<IPC::MessageDecoder> >)::$_10::operator()() const + 29 (Connection.cpp:886)
81 com.apple.WebKit 0x000000010f528e0d void std::__1::__invoke_void_return_wrapper<void>::__call<IPC::Connection::enqueueIncomingMessage(std::__1::unique_ptr<IPC::MessageDecoder, std::__1::default_delete<IPC::MessageDecoder> >)::$_10&>(IPC::Connection::enqueueIncomingMessage(std::__1::unique_ptr<IPC::MessageDecoder, std::__1::default_delete<IPC::MessageDecoder> >)::$_10&&&) + 45 (__functional_base:441)
82 com.apple.WebKit 0x000000010f528c5c std::__1::__function::__func<IPC::Connection::enqueueIncomingMessage(std::__1::unique_ptr<IPC::MessageDecoder, std::__1::default_delete<IPC::MessageDecoder> >)::$_10, std::__1::allocator<IPC::Connection::enqueueIncomingMessage(std::__1::unique_ptr<IPC::MessageDecoder, std::__1::default_delete<IPC::MessageDecoder> >)::$_10>, void ()>::operator()() + 44 (functional:1407)
83 com.apple.JavaScriptCore 0x00000001132e2cda std::__1::function<void ()>::operator()() const + 26 (functional:1793)
84 com.apple.JavaScriptCore 0x00000001139e83ad WTF::RunLoop::performWork() + 621 (RunLoop.cpp:123)
85 com.apple.JavaScriptCore 0x00000001139e8a94 WTF::RunLoop::performWork(void*) + 36 (RunLoopCF.cpp:38)
86 com.apple.CoreFoundation 0x00007fff985275c1 __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ + 17
87 com.apple.CoreFoundation 0x00007fff9851941c __CFRunLoopDoSources0 + 556
88 com.apple.CoreFoundation 0x00007fff9851893f __CFRunLoopRun + 927
89 com.apple.CoreFoundation 0x00007fff98518338 CFRunLoopRunSpecific + 296
90 com.apple.HIToolbox 0x00007fff9a7e4935 RunCurrentEventLoopInMode + 235
91 com.apple.HIToolbox 0x00007fff9a7e476f ReceiveNextEventCommon + 432
92 com.apple.HIToolbox 0x00007fff9a7e45af _BlockUntilNextEventMatchingListInModeWithFilter + 71
93 com.apple.AppKit 0x00007fff938cd0ee _DPSNextEvent + 1067
94 com.apple.AppKit 0x00007fff93c99943 -[NSApplication _nextEventMatchingEventMask:untilDate:inMode:dequeue:] + 454
95 com.apple.AppKit 0x00007fff938c2fc8 -[NSApplication run] + 682
96 com.apple.AppKit 0x00007fff93845520 NSApplicationMain + 1176
97 libxpc.dylib 0x00007fff99fcbf6c _xpc_objc_main + 793
98 libxpc.dylib 0x00007fff99fcd6bb xpc_main + 494
99 com.apple.WebKit.WebContent.Development 0x000000010f457110 main + 800 (XPCServiceMain.mm:114)
100 libdyld.dylib 0x00007fff97aed5ad start + 1
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.webkit.org/pipermail/webkit-unassigned/attachments/20160218/caa2bd54/attachment-0001.html>
More information about the webkit-unassigned
mailing list