[Webkit-unassigned] [Bug 196398] New: [iOS] Safari crashes on launch on trunk (as of r243644)

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Fri Mar 29 08:36:08 PDT 2019 

https://bugs.webkit.org/show_bug.cgi?id=196398

            Bug ID: 196398
           Summary: [iOS] Safari crashes on launch on trunk (as of
                    r243644)
           Product: WebKit
           Version: WebKit Nightly Build
          Hardware: Unspecified
                OS: Unspecified
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: Scrolling
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: wenson_hsieh at apple.com

Exception Type:  EXC_BAD_ACCESS (SIGSEGV)
Exception Subtype: KERN_INVALID_ADDRESS at 0x2000000104d8f1e0 -> 0x0000000104d8f1e0 (possible pointer authentication failure)
VM Region Info: 0x104d8f1e0 is in 0x104a3c000-0x1050a0000;  bytes after start: 3486176  bytes before end: 3214879
      REGION TYPE                      START - END             [ VSIZE] PRT/MAX SHRMOD  REGION DETAIL
      __LINKEDIT             00000001049cc000-0000000104a3c000 [  448K] r--/rw- SM=COW  .../WebBookmarks
--->  __TEXT                 0000000104a3c000-00000001050a0000 [ 6544K] r-x/rwx SM=COW  ...mework/WebKit
      __DATA_CONST           00000001050a0000-00000001050d0000 [  192K] r--/rw- SM=COW  ...mework/WebKit

Termination Signal: Segmentation fault: 11
Termination Reason: Namespace SIGNAL, Code 0xb
Terminating Process: exc handler [14028]
Triggered by Thread:  0

Thread 0 name:  Dispatch queue: com.apple.main-thread
Thread 0 Crashed:
0   WebKit                          0x0000000104d8f1e0 WebKit::RemoteScrollingTree::scrollingTreeNodeDidScroll(WebCore::ScrollingTreeScrollingNode&, WebCore::ScrollingLayerPositionAction) + 0
1   WebCore                         0x000000010768ef5c WebCore::ScrollingTree::commitTreeState(std::__1::unique_ptr<WebCore::ScrollingStateTree, std::__1::default_delete<WebCore::ScrollingStateTree> >) + 648
2   WebKit                          0x0000000104d8ee2c WebKit::RemoteScrollingCoordinatorProxy::commitScrollingTreeState(WebKit::RemoteScrollingCoordinatorTransaction const&, WebKit::RemoteScrollingCoordinatorProxy::RequestedScrollInfo&) + 132
3   WebKit                          0x0000000104c7e760 WebKit::RemoteLayerTreeDrawingAreaProxy::commitLayerTree(WebKit::RemoteLayerTreeTransaction const&, WebKit::RemoteScrollingCoordinatorTransaction const&) + 200
4   WebKit                          0x0000000104aad308 void IPC::handleMessage<Messages::RemoteLayerTreeDrawingAreaProxy::CommitLayerTree, WebKit::RemoteLayerTreeDrawingAreaProxy, void (WebKit::RemoteLayerTreeDrawingAreaProxy::*)(WebKit::RemoteLayerTreeTransaction const&, WebKit::RemoteScrollingCoordinatorTransaction const&)>(IPC::Decoder&, WebKit::RemoteLayerTreeDrawingAreaProxy*, void (WebKit::RemoteLayerTreeDrawingAreaProxy::*)(WebKit::RemoteLayerTreeTransaction const&, WebKit::RemoteScrollingCoordinatorTransaction const&)) + 116
5   WebKit                          0x0000000104a6e388 IPC::MessageReceiverMap::dispatchMessage(IPC::Connection&, IPC::Decoder&) + 112
6   WebKit                          0x0000000104ccff8c WebKit::WebProcessProxy::didReceiveMessage(IPC::Connection&, IPC::Decoder&) + 36
7   WebKit                          0x0000000104a5a9dc IPC::Connection::dispatchMessage(IPC::Decoder&) + 104
8   WebKit                          0x0000000104a576bc IPC::Connection::dispatchMessage(std::__1::unique_ptr<IPC::Decoder, std::__1::default_delete<IPC::Decoder> >) + 152
9   WebKit                          0x0000000104a5a210 IPC::Connection::dispatchIncomingMessages() + 348
10  JavaScriptCore                  0x00000001033c0588 WTF::RunLoop::performWork() + 272
11  JavaScriptCore                  0x00000001033c0858 WTF::RunLoop::performWork(void*) + 40
12  CoreFoundation                  0x00000001f6d90150 __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ + 28
13  CoreFoundation                  0x00000001f6d900d8 __CFRunLoopDoSource0 + 92
14  CoreFoundation                  0x00000001f6d8f838 __CFRunLoopDoSources0 + 184
15  CoreFoundation                  0x00000001f6d8a72c __CFRunLoopRun + 1068
16  CoreFoundation                  0x00000001f6d89fd8 CFRunLoopRunSpecific + 480
17  GraphicsServices                0x00000001f5f6460c GSEventRunModal + 108
18  UIKitCore                       0x00000001fe8427f0 UIApplicationMain + 1956
19  MobileSafari                    0x00000001029343dc main + 1504
20  libdyld.dylib                   0x00000001f72ebcc0 start + 4

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20190329/c8f75e3c/attachment.html>

More information about the webkit-unassigned mailing list