[Webkit-unassigned] [Bug 170377] New: Got a crash on AreWeFastYet.com on Safari Technology Preview 26
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Fri Mar 31 18:37:34 PDT 2017
https://bugs.webkit.org/show_bug.cgi?id=170377
Bug ID: 170377
Summary: Got a crash on AreWeFastYet.com on Safari Technology
Preview 26
Product: WebKit
Version: WebKit Nightly Build
Hardware: Unspecified
OS: Unspecified
Status: NEW
Severity: Normal
Priority: P2
Component: JavaScriptCore
Assignee: webkit-unassigned at lists.webkit.org
Reporter: sbarati at apple.com
CC: benjamin at webkit.org, fpizlo at apple.com,
ggaren at apple.com, gskachkov at gmail.com,
jfbastien at apple.com, keith_miller at apple.com,
mark.lam at apple.com, msaboff at apple.com,
ticaiolima at gmail.com, utatane.tea at gmail.com
The crash happened while I was mucking with the ranges on various graphs.
Stacktrace:
--------------------------------------------------
Exception Type: EXC_BAD_ACCESS (SIGSEGV)
Exception Codes: KERN_INVALID_ADDRESS at 0x0000000000000008
Exception Note: EXC_CORPSE_NOTIFY
Termination Signal: Segmentation fault: 11
Termination Reason: Namespace SIGNAL, Code 0xb
Terminating Process: exc handler [0]
VM Regions Near 0x8:
-->
__TEXT 0000000109126000-0000000109128000 [ 8K] r-x/rwx SM=COW /Applications/Safari Technology Preview.app/Contents/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
Application Specific Information:
Bundle controller class:
BrowserBundleController
Thread 0 Crashed:: Dispatch queue: com.apple.main-thread
0 com.apple.JavaScriptCore 0x000000010bc92334 JSC::JSCell::toPrimitive(JSC::ExecState*, JSC::PreferredPrimitiveType) const + 4
1 com.apple.JavaScriptCore 0x000000010c4806c9 JSC::JSValue::toStringSlowCase(JSC::ExecState*, bool) const + 729
2 com.apple.JavaScriptCore 0x000000010bd052c6 operationGetByVal + 2934
3 ??? 0x00002f993b1b6de4 0 + 52335168155108
4 com.apple.JavaScriptCore 0x000000010c57f87b llint_entry + 26701
5 com.apple.JavaScriptCore 0x000000010c57f809 llint_entry + 26587
6 ??? 0x00002f993b06b370 0 + 52335166796656
7 com.apple.JavaScriptCore 0x000000010c57f87b llint_entry + 26701
8 ??? 0x00002f993b014310 0 + 52335166440208
9 ??? 0x00002f993b0fd1a7 0 + 52335167394215
10 ??? 0x00002f993b18cbdc 0 + 52335167982556
11 com.apple.JavaScriptCore 0x000000010c57f87b llint_entry + 26701
12 ??? 0x00002f993b1aba5c 0 + 52335168109148
13 com.apple.JavaScriptCore 0x000000010c578e4b vmEntryToJavaScript + 299
14 com.apple.JavaScriptCore 0x000000010c432abf JSC::JITCode::execute(JSC::VM*, JSC::ProtoCallFrame*) + 127
15 com.apple.JavaScriptCore 0x000000010bc4f936 JSC::Interpreter::executeCall(JSC::ExecState*, JSC::JSObject*, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) + 470
16 com.apple.JavaScriptCore 0x000000010c065cd5 JSC::profiledCall(JSC::ExecState*, JSC::ProfilingReason, JSC::JSValue, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&, WTF::NakedPtr<JSC::Exception>&) + 197
17 com.apple.WebCore 0x0000000109d00b48 WebCore::JSEventListener::handleEvent(WebCore::ScriptExecutionContext*, WebCore::Event*) + 1192
18 com.apple.WebCore 0x000000010a177a34 WebCore::EventTarget::fireEventListeners(WebCore::Event&, WTF::Vector<WTF::RefPtr<WebCore::RegisteredEventListener>, 1ul, WTF::CrashOnOverflow, 16ul>) + 436
19 com.apple.WebCore 0x000000010a17769c WebCore::EventTarget::fireEventListeners(WebCore::Event&) + 412
20 com.apple.WebCore 0x000000010a1774e5 WebCore::EventTarget::dispatchEvent(WebCore::Event&) + 101
21 com.apple.WebCore 0x0000000109cffa05 WebCore::XMLHttpRequest::callReadyStateChangeListener() + 149
22 com.apple.WebCore 0x000000010aec8442 WebCore::XMLHttpRequest::didFinishLoading(unsigned long) + 562
23 com.apple.WebCore 0x0000000109cc53ad WebCore::CachedResource::checkNotify() + 157
24 com.apple.WebCore 0x0000000109f2553c WebCore::CachedRawResource::finishLoading(WebCore::SharedBuffer*) + 204
25 com.apple.WebCore 0x000000010ac90e9a WebCore::SubresourceLoader::didFinishLoading(WebCore::NetworkLoadMetrics const&) + 1162
26 com.apple.WebKit 0x00000001093dd103 WebKit::WebResourceLoader::didFinishResourceLoad(WebCore::NetworkLoadMetrics const&) + 205
27 com.apple.WebKit 0x00000001093ddd55 void IPC::handleMessage<Messages::WebResourceLoader::DidFinishResourceLoad, WebKit::WebResourceLoader, void (WebKit::WebResourceLoader::*)(WebCore::NetworkLoadMetrics const&)>(IPC::Decoder&, WebKit::WebResourceLoader*, void (WebKit::WebResourceLoader::*)(WebCore::NetworkLoadMetrics const&)) + 146
28 com.apple.WebKit 0x00000001091d1b75 IPC::Connection::dispatchMessage(std::__1::unique_ptr<IPC::Decoder, std::__1::default_delete<IPC::Decoder> >) + 119
29 com.apple.WebKit 0x00000001091d47ff IPC::Connection::dispatchOneMessage() + 175
30 com.apple.JavaScriptCore 0x000000010c882769 WTF::RunLoop::performWork() + 169
31 com.apple.JavaScriptCore 0x000000010c883882 WTF::RunLoop::performWork(void*) + 34
32 com.apple.CoreFoundation 0x00007fffc4e6a3b1 __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ + 17
33 com.apple.CoreFoundation 0x00007fffc4e4b63c __CFRunLoopDoSources0 + 556
34 com.apple.CoreFoundation 0x00007fffc4e4ab26 __CFRunLoopRun + 934
35 com.apple.CoreFoundation 0x00007fffc4e4a524 CFRunLoopRunSpecific + 420
36 com.apple.HIToolbox 0x00007fffc43aaebc RunCurrentEventLoopInMode + 240
37 com.apple.HIToolbox 0x00007fffc43aacf1 ReceiveNextEventCommon + 432
38 com.apple.HIToolbox 0x00007fffc43aab26 _BlockUntilNextEventMatchingListInModeWithFilter + 71
39 com.apple.AppKit 0x00007fffc2945e24 _DPSNextEvent + 1120
40 com.apple.AppKit 0x00007fffc30c185e -[NSApplication(NSEvent) _nextEventMatchingEventMask:untilDate:inMode:dequeue:] + 2796
41 com.apple.AppKit 0x00007fffc293a7ab -[NSApplication run] + 926
42 com.apple.AppKit 0x00007fffc29051de NSApplicationMain + 1237
43 libxpc.dylib 0x00007fffdac628c7 _xpc_objc_main + 775
44 libxpc.dylib 0x00007fffdac612e4 xpc_main + 494
45 com.apple.WebKit.WebContent 0x00000001091276bb 0x109126000 + 5819
46 libdyld.dylib 0x00007fffdaa09235 start + 1
Thread 1:
0 libsystem_kernel.dylib 0x00007fffdab3844e __workq_kernreturn + 10
1 libsystem_pthread.dylib 0x00007fffdac225fe _pthread_wqthread + 1023
2 libsystem_pthread.dylib 0x00007fffdac221ed start_wqthread + 13
Thread 2:
0 libsystem_kernel.dylib 0x00007fffdab3844e __workq_kernreturn + 10
1 libsystem_pthread.dylib 0x00007fffdac22791 _pthread_wqthread + 1426
2 libsystem_pthread.dylib 0x00007fffdac221ed start_wqthread + 13
Thread 3:
0 libsystem_kernel.dylib 0x00007fffdab3844e __workq_kernreturn + 10
1 libsystem_pthread.dylib 0x00007fffdac22791 _pthread_wqthread + 1426
2 libsystem_pthread.dylib 0x00007fffdac221ed start_wqthread + 13
Thread 4:
0 libsystem_kernel.dylib 0x00007fffdab3844e __workq_kernreturn + 10
1 libsystem_pthread.dylib 0x00007fffdac225fe _pthread_wqthread + 1023
2 libsystem_pthread.dylib 0x00007fffdac221ed start_wqthread + 13
Thread 5:: com.apple.NSEventThread
0 libsystem_kernel.dylib 0x00007fffdab3034a mach_msg_trap + 10
1 libsystem_kernel.dylib 0x00007fffdab2f797 mach_msg + 55
2 com.apple.CoreFoundation 0x00007fffc4e4b854 __CFRunLoopServiceMachPort + 212
3 com.apple.CoreFoundation 0x00007fffc4e4acd1 __CFRunLoopRun + 1361
4 com.apple.CoreFoundation 0x00007fffc4e4a524 CFRunLoopRunSpecific + 420
5 com.apple.AppKit 0x00007fffc2a932d2 _NSEventThread + 205
6 libsystem_pthread.dylib 0x00007fffdac22aab _pthread_body + 180
7 libsystem_pthread.dylib 0x00007fffdac229f7 _pthread_start + 286
8 libsystem_pthread.dylib 0x00007fffdac221fd thread_start + 13
Thread 6:
0 libsystem_kernel.dylib 0x00007fffdab37f46 __semwait_signal + 10
1 libsystem_c.dylib 0x00007fffdaabeb72 nanosleep + 199
2 libc++.1.dylib 0x00007fffd95e765b std::__1::this_thread::sleep_for(std::__1::chrono::duration<long long, std::__1::ratio<1l, 1000000000l> > const&) + 80
3 com.apple.JavaScriptCore 0x000000010c8991df void std::__1::this_thread::sleep_for<long long, std::__1::ratio<1l, 1000l> >(std::__1::chrono::duration<long long, std::__1::ratio<1l, 1000l> > const&) + 63
4 com.apple.JavaScriptCore 0x000000010c8980c1 bmalloc::waitUntilFalse(std::__1::unique_lock<bmalloc::StaticMutex>&, std::__1::chrono::duration<long long, std::__1::ratio<1l, 1000l> >, bool&) + 113
5 com.apple.JavaScriptCore 0x000000010c897f10 bmalloc::Heap::scavenge(std::__1::unique_lock<bmalloc::StaticMutex>&, std::__1::chrono::duration<long long, std::__1::ratio<1l, 1000l> >) + 48
6 com.apple.JavaScriptCore 0x000000010c897da6 bmalloc::Heap::concurrentScavenge() + 102
7 com.apple.JavaScriptCore 0x000000010c899431 bmalloc::AsyncTask<bmalloc::Heap, void (bmalloc::Heap::*)()>::threadRunLoop() + 97
8 com.apple.JavaScriptCore 0x000000010c89933d bmalloc::AsyncTask<bmalloc::Heap, void (bmalloc::Heap::*)()>::threadEntryPoint(bmalloc::AsyncTask<bmalloc::Heap, void (bmalloc::Heap::*)()>*) + 29
9 com.apple.JavaScriptCore 0x000000010c8995ed void* std::__1::__thread_proxy<std::__1::tuple<void (*)(bmalloc::AsyncTask<bmalloc::Heap, void (bmalloc::Heap::*)()>*), bmalloc::AsyncTask<bmalloc::Heap, void (bmalloc::Heap::*)()>*> >(void*) + 93
10 libsystem_pthread.dylib 0x00007fffdac22aab _pthread_body + 180
11 libsystem_pthread.dylib 0x00007fffdac229f7 _pthread_start + 286
12 libsystem_pthread.dylib 0x00007fffdac221fd thread_start + 13
Thread 7:: com.apple.NSURLConnectionLoader
0 libsystem_kernel.dylib 0x00007fffdab3034a mach_msg_trap + 10
1 libsystem_kernel.dylib 0x00007fffdab2f797 mach_msg + 55
2 com.apple.CoreFoundation 0x00007fffc4e4b854 __CFRunLoopServiceMachPort + 212
3 com.apple.CoreFoundation 0x00007fffc4e4acd1 __CFRunLoopRun + 1361
4 com.apple.CoreFoundation 0x00007fffc4e4a524 CFRunLoopRunSpecific + 420
5 com.apple.CFNetwork 0x00007fffc3f87604 +[NSURLConnection(Loader) _resourceLoadLoop:] + 313
6 com.apple.Foundation 0x00007fffc688aa1d __NSThread__start__ + 1243
7 libsystem_pthread.dylib 0x00007fffdac22aab _pthread_body + 180
8 libsystem_pthread.dylib 0x00007fffdac229f7 _pthread_start + 286
9 libsystem_pthread.dylib 0x00007fffdac221fd thread_start + 13
Thread 8:: WebCore: Scrolling
0 libsystem_kernel.dylib 0x00007fffdab3034a mach_msg_trap + 10
1 libsystem_kernel.dylib 0x00007fffdab2f797 mach_msg + 55
2 com.apple.CoreFoundation 0x00007fffc4e4b854 __CFRunLoopServiceMachPort + 212
3 com.apple.CoreFoundation 0x00007fffc4e4acd1 __CFRunLoopRun + 1361
4 com.apple.CoreFoundation 0x00007fffc4e4a524 CFRunLoopRunSpecific + 420
5 com.apple.CoreFoundation 0x00007fffc4e89d01 CFRunLoopRun + 97
6 com.apple.WebCore 0x0000000109c8e49d WebCore::ScrollingThread::initializeRunLoop() + 253
7 com.apple.JavaScriptCore 0x000000010bc18e02 WTF::threadEntryPoint(void*) + 178
8 com.apple.JavaScriptCore 0x000000010bc18d2f WTF::wtfThreadEntryPoint(void*) + 15
9 libsystem_pthread.dylib 0x00007fffdac22aab _pthread_body + 180
10 libsystem_pthread.dylib 0x00007fffdac229f7 _pthread_start + 286
11 libsystem_pthread.dylib 0x00007fffdac221fd thread_start + 13
Thread 9:: WTF::AutomaticThread
0 libsystem_kernel.dylib 0x00007fffdab37bf2 __psynch_cvwait + 10
1 libsystem_pthread.dylib 0x00007fffdac2396a _pthread_cond_wait + 712
2 com.apple.JavaScriptCore 0x000000010bc21117 WTF::ThreadCondition::timedWait(WTF::Mutex&, double) + 119
3 com.apple.JavaScriptCore 0x000000010c880002 WTF::ParkingLot::parkConditionallyImpl(void const*, WTF::ScopedLambda<bool ()> const&, WTF::ScopedLambda<void ()> const&, WTF::TimeWithDynamicClockType const&) + 2706
4 com.apple.JavaScriptCore 0x000000010c2c52d6 bool WTF::ConditionBase::waitUntil<WTF::Lock>(WTF::Lock&, WTF::TimeWithDynamicClockType const&) + 150
5 com.apple.JavaScriptCore 0x000000010c8703e7 std::__1::__function::__func<WTF::AutomaticThread::start(WTF::AbstractLocker const&)::$_0, std::__1::allocator<WTF::AutomaticThread::start(WTF::AbstractLocker const&)::$_0>, void ()>::operator()() + 199
6 com.apple.JavaScriptCore 0x000000010bc18e02 WTF::threadEntryPoint(void*) + 178
7 com.apple.JavaScriptCore 0x000000010bc18d2f WTF::wtfThreadEntryPoint(void*) + 15
8 libsystem_pthread.dylib 0x00007fffdac22aab _pthread_body + 180
9 libsystem_pthread.dylib 0x00007fffdac229f7 _pthread_start + 286
10 libsystem_pthread.dylib 0x00007fffdac221fd thread_start + 13
Thread 0 crashed with X86 Thread State (64-bit):
rax: 0x000000010c48066f rbx: 0xffff000000000002 rcx: 0x000000010c480874 rdx: 0x0000000000000002
rdi: 0x0000000000000003 rsi: 0x00007fff56ad7560 rbp: 0x00007fff56ad72e0 rsp: 0x00007fff56ad72e0
r8: 0x0000000000000001 r9: 0xffff000000000002 r10: 0x0000000110fef0e0 r11: 0x000000010bd04750
r12: 0x0000000000000001 r13: 0x00007fff56ad7560 r14: 0x0000000115400000 r15: 0x0000000115400000
rip: 0x000000010bc92334 rfl: 0x0000000000010202 cr2: 0x0000000000000008
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.webkit.org/pipermail/webkit-unassigned/attachments/20170401/5caf480b/attachment-0001.html>
More information about the webkit-unassigned
mailing list