[Webkit-unassigned] [Bug 174548] New: Crash at WebCore::Document::~Document()

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Sat Jul 15 12:59:14 PDT 2017 

https://bugs.webkit.org/show_bug.cgi?id=174548

            Bug ID: 174548
           Summary: Crash at WebCore::Document::~Document()
           Product: WebKit
           Version: Other
          Hardware: iPhone / iPad
                OS: iOS 10.3
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: WebCore JavaScript
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: omer.cansizoglu at snap.com

I removed some part of the crash report but stack trace for the thread is complete. This is one of crash and reporting here if this is known.

Incident Identifier: 976FD31A-BCD2-439C-A8F0-D396445156DC
CrashReporter Key:   6542DE38-55C3-4406-8514-2F98A2375305
Hardware Model:      iPhone9,3
Version:         10.13.0 (10.13.0.26)
Code Type:       ARM-64
Parent Process:  ??? [1]

Date/Time:       2017-07-03T23:37:37Z
Launch Time:     2017-07-03T17:40:57Z
OS Version:      iPhone OS 10.3.2 (14F89)
Report Version:  104

Exception Type:  SIGSEGV
Exception Codes: SEGV_ACCERR at 0x28
Crashed Thread:  33

Thread 33 Crashed:
0   WebCore                              0x0000000195af3d14 WebCore::Document::~Document() + 924
1   WebCore                              0x0000000195fb81f4 WebCore::HTMLDocument::~HTMLDocument() + 8
2   JavaScriptCore                       0x00000001954e4aa0 JSC::JSDestructibleObjectSubspace::finishSweep(JSC::MarkedBlock::Handle&, JSC::MarkedBlock::Handle::SweepMode) + 764
3   JavaScriptCore                       0x00000001955bfe40 JSC::MarkedBlock::Handle::sweep(JSC::MarkedBlock::Handle::SweepMode) + 244
4   JavaScriptCore                       0x00000001955be7a0 JSC::MarkedAllocator::tryAllocateIn(JSC::MarkedBlock::Handle*) + 40
5   JavaScriptCore                       0x00000001955be6ec JSC::MarkedAllocator::tryAllocateWithoutCollecting() + 232
6   JavaScriptCore                       0x00000001955bebe8 JSC::MarkedAllocator::allocateSlowCaseImpl(JSC::GCDeferralContext*, bool) + 200
7   WebCore                              0x00000001961aa6f8 std::__1::enable_if<std::is_same<WebCore::HTMLDocument, WebCore::HTMLDocument>::value, WebCore::JSDOMWrapperConverterTraits<WebCore::HTMLDocument>::WrapperClass*>::type WebCore::createWrapper<WebCore::HTMLDocument, WebCore::HTMLDocument>(WebCore::JSDOMGlobalObject*, WTF::Ref<WebCore::HTMLDocument>&&) + 204
8   WebCore                              0x00000001961a9d50 WebCore::toJSNewlyCreated(JSC::ExecState*, WebCore::JSDOMGlobalObject*, WTF::Ref<WebCore::Document>&&) + 84
9   WebCore                              0x00000001961a9ed0 WebCore::toJS(JSC::ExecState*, WebCore::JSDOMGlobalObject*, WebCore::Document&) + 144
10  WebCore                              0x0000000195afbe44 WebCore::JSDOMWindowBase::updateDocument() + 132
11  WebCore                              0x0000000196810648 WebCore::ScriptController::initScript(WebCore::DOMWrapperWorld&) + 64
12  WebCore                              0x000000019680f20c WebCore::ScriptController::evaluateInWorld(WebCore::ScriptSourceCode const&, WebCore::DOMWrapperWorld&, WebCore::ExceptionDetails*) + 172
13  WebCore                              0x0000000196814da0 WebCore::ScriptElement::executeClassicScript(WebCore::ScriptSourceCode const&) + 544
14  WebCore                              0x00000001965a3298 WebCore::LoadableClassicScript::execute(WebCore::ScriptElement&) + 48
15  WebCore                              0x000000019681529c WebCore::ScriptElement::executeScriptAndDispatchEvent(WebCore::LoadableScript&) + 212
16  WebCore                              0x0000000196010528 WebCore::HTMLScriptRunner::executePendingScriptAndDispatchEvent(WTF::RefPtr<WebCore::PendingScript>) + 116
17  WebCore                              0x0000000196010464 WebCore::HTMLScriptRunner::executeParsingBlockingScript() + 196
18  WebCore                              0x0000000196010560 WebCore::HTMLScriptRunner::executeScriptsWaitingForLoad(WebCore::PendingScript&) + 24
19  WebCore                              0x0000000195fb9ad4 WebCore::HTMLDocumentParser::notifyFinished(WebCore::PendingScript&) + 68
20  WebCore                              0x0000000196661eb0 WebCore::PendingScript::notifyFinished(WebCore::LoadableScript&) + 48
21  WebCore                              0x00000001965a3c14 WebCore::LoadableScript::notifyClientFinished() + 272
22  WebCore                              0x0000000195aff234 WebCore::CachedResource::checkNotify() + 456
23  WebCore                              0x0000000195afef48 WebCore::SubresourceLoader::didFinishLoading(double) + 944
24  CFNetwork                            0x000000019177f330 __65-[NSURLConnectionInternal _withConnectionAndDelegate:onlyActive:]_block_invoke + 56
25  CFNetwork                            0x000000019177f2d4 -[NSURLConnectionInternal _withConnectionAndDelegate:onlyActive:] + 196
26  CFNetwork                            0x000000019177f448 -[NSURLConnectionInternal _withActiveConnectionAndDelegate:] + 52
27  CFNetwork                            0x00000001916a0440 ___ZN27URLConnectionClient_Classic26_delegate_didFinishLoadingEU13block_pointerFvvE_block_invoke + 92
28  CFNetwork                            0x000000019169e318 ___ZN27URLConnectionClient_Classic18_withDelegateAsyncEPKcU13block_pointerFvP16_CFURLConnectionPK33CFURLConnectionClientCurrent_VMaxE_block_invoke_2 + 104
29  libdispatch.dylib                    0x000000018fdce9a0 _dispatch_client_callout + 12
30  libdispatch.dylib                    0x000000018fdda194 _dispatch_block_invoke_direct + 328
31  CFNetwork                            0x000000019175bb30 RunloopBlockContext::_invoke_block(void const*, void*) + 32
32  CoreFoundation                       0x0000000190df2710 CFArrayApplyFunction + 64
33  CFNetwork                            0x000000019175b9f0 RunloopBlockContext::perform() + 124
34  CFNetwork                            0x000000019175cd34 MultiplexerSource::perform() + 308
35  CFNetwork                            0x000000019175caa0 MultiplexerSource::_perform(void*) + 60
36  CoreFoundation                       0x0000000190ec542c __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ + 20
37  CoreFoundation                       0x0000000190ec4d9c __CFRunLoopDoSources0 + 536
38  CoreFoundation                       0x0000000190ec29a8 __CFRunLoopRun + 740
39  CoreFoundation                       0x0000000190df2da4 CFRunLoopRunSpecific + 420
40  WebCore                              0x0000000195ac4608 RunWebThread(void*) + 452
41  libsystem_pthread.dylib              0x000000018ffd968c _pthread_body + 236
42  libsystem_pthread.dylib              0x000000018ffd959c _pthread_start + 280
43  libsystem_pthread.dylib              0x000000018ffd6cb4 thread_start + 0

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20170715/1130b82c/attachment.html>

More information about the webkit-unassigned mailing list