[Webkit-unassigned] [Bug 175321] New: Random crashes in application using JavascriptCore (macOS)

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Tue Aug 8 06:57:42 PDT 2017 

https://bugs.webkit.org/show_bug.cgi?id=175321

            Bug ID: 175321
           Summary: Random crashes in application using JavascriptCore
                    (macOS)
           Product: WebKit
           Version: Other
          Hardware: Macintosh
                OS: macOS 10.12
            Status: NEW
          Severity: Critical
          Priority: P2
         Component: WebCore JavaScript
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: a.pronskih at informer.com

Our application uses JavascriptCore/WebKit for app UI.
We've been getting random crashes like this one:

Operating system: Mac OS X (10.12.6 16G29)
Architecture: amd64
Crash reason:  EXC_BAD_ACCESS / KERN_INVALID_ADDRESS
Crash address: 0x40

Thread 38 (crashed)
 0 JavaScriptCore                           0x7fffc48f08e1 JSC::ASTBuilder::Statement JSC::Parser<JSC::Lexer<unsigned char> >::parseForStatement<JSC::ASTBuilder>(JSC::ASTBuilder&) + 0x11b1
 1 JavaScriptCore                           0x7fffc4cfd67d Inspector::NetworkBackendDispatcher::getResponseBody(long, WTF::RefPtr<Inspector::InspectorObject>&&) + 0x23d
 2 JavaScriptCore                           0x7fffc4cf9f33 Inspector::IndexedDBBackendDispatcher::requestData(long, WTF::RefPtr<Inspector::InspectorObject>&&) + 0x133
 3 JavaScriptCore                           0x7fffc4ffeeec void WTF::Vector<std::__1::unique_ptr<JSC::Yarr::ByteDisjunction, std::__1::default_delete<JSC::Yarr::ByteDisjunction> >, 0ul, WTF::CrashOnOverflow, 16ul>::appendSlowCase<std::__1::unique_ptr<JSC::Yarr::ByteDisjunction, std::__1::default_delete<JSC::Yarr::ByteDisjunction> > >(std::__1::unique_ptr<JSC::Yarr::ByteDisjunction, std::__1::default_delete<JSC::Yarr::ByteDisjunction> >&&) + 0x7c
 4 JavaScriptCore                           0x7fffc50018bc JSC::MacroAssembler::addPtr(JSC::AbstractMacroAssembler<JSC::X86Assembler, JSC::MacroAssemblerX86Common>::Imm32, JSC::X86Registers::RegisterID) + 0x6c
 5 JavaScriptCore                           0x7fffc53e35fd .objc_class_name_WTFLanguageChangeObserver + 0x31050d
 6 JavaScriptCore                           0x7fffc489afd1 WTF::Unicode::convertLatin1ToUTF8(unsigned char const**, unsigned char const*, char**, char*) + 0x11
 7 JavaScriptCore                           0x7fffc489aefe WTF::String::String(unsigned short const*, unsigned int) + 0x6e
 8 libsystem_pthread.dy                     0x7fffd7d9693a 
 9 libsystem_pthread.dy                     0x7fffd7d96886 
10 libsystem_pthread.dy                     0x7fffd7d9608c 
11 JavaScriptCore                           0x7fffc489aeef WTF::String::String(unsigned short const*, unsigned int) + 0x5f

The crash address/reason is always the same, the stacktrace varies but generally ends in parseForStatement.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20170808/e1a6562a/attachment.html>

More information about the webkit-unassigned mailing list