Bug 12672 - CrashTracer: 46 crashes in Safari at com.apple.JavaScriptCore: KJS::Context::mark + 52
Summary: CrashTracer: 46 crashes in Safari at com.apple.JavaScriptCore: KJS::Context::...
Status: RESOLVED WORKSFORME
Alias: None
Product: WebKit
Classification: Unclassified
Component: WebCore JavaScript (show other bugs)
Version: 420+
Hardware: Mac OS X 10.4
: P2 Normal
Assignee: Nobody
URL:
Keywords: InRadar
: 12749 (view as bug list)
Depends on:
Blocks:
 
Reported: 2007-02-06 23:36 PST by Maciej Stachowiak
Modified: 2010-03-04 01:58 PST (History)
2 users (show)

See Also:

Attachments
bookmarks (33.28 KB, application/zip)
2007-02-07 10:12 PST, Adam Roben (:aroben) 		no flags Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Maciej Stachowiak 2007-02-06 23:36:44 PST 
2006-12-11 14:00:07 CrashTracer System:
PLEASE NOTE: This crash was automatically generated based on user crash reports. Go here to learn how to deal with it: http://howto.apple.com/db.cgi?CrashTracer

* APPLICATION: Safari
* CRASH: com.apple.JavaScriptCore:  KJS::Context::mark + 52
* MORE INFORMATION: http://crashtracer.apple.com/detail.php?crash_id=5086010&app=Safari&build=9A312 (may not immediately have data)

This crash was escalated to Radar by the CrashTracer System because an internal user explicitly requested it. The user provided the following comments:

I don't remember.


Note: This issue *may* be a duplicate of this radar which has the same crashing stack frame but different offset, rdar://4850576 . Please consider this when screening, but make no assumptions.


Possible third-party binary images occurring in over 75% in processes that crashed here:
    84.44% (38 of 45)  WebKitNightlyEnabler.dylib   
                  36 occurrences of version <unknown>	Empower.app/Contents/Resources/WebKitNightlyEnabler.dylib
                   2 occurrences of version <unknown>	WebKit.app/Contents/Resources/WebKitNightlyEnabler.dylib


Summary of a selection of backtraces attributed to this bug. The stack frame considered to be the unique "crash point" is highlighted ==> like this <==. This frame is used for aggregation when filing these bugs and does not necessarily imply fault.

   ==> 45  com.apple.JavaScriptCore:  KJS::Context::mark + 52 <==
            41  com.apple.JavaScriptCore:  KJS::Interpreter::mark + 44
            +-41  com.apple.JavaScriptCore:  KJS::Collector::collect + 116
            +---33  com.apple.WebCore:  WebCore::KJSProxy::~KJSProxy [in-charge] + 28
            +---+-33  com.apple.WebCore:  WebCore::FramePrivate::~FramePrivate [in-charge] + 80
            +---+---33  com.apple.WebCore:  WebCore::Frame::~Frame [not-in-charge] + 492
            +---+-----33  com.apple.WebCore:  WebCore::FrameMac::~FrameMac [in-charge deleting] + 344
            +---+-------33  com.apple.WebCore:  WebCore::Page::~Page [in-charge] + 640
            +---+---------33  com.apple.WebCore:  -[WebCorePageBridge close] + 48
            +---+-----------33  com.apple.WebKit:  -[WebView(WebPrivate) _close] + 148
            +---+-------------33  com.apple.Safari:  0x47858
            +---+---------------33  com.apple.Foundation:  -[NSArray makeObjectsPerformSelector:withObject:] + 264
            +---+-----------------33  com.apple.Safari:  0x5c1ec
            +---+-------------------33  com.apple.Safari:  0x5a4f4
            +---+---------------------33  com.apple.Foundation:  _nsnote_callback + 180
            +---+-----------------------33  com.apple.CoreFoundation:  __CFXNotificationPost + 368
            +---+-------------------------33  com.apple.CoreFoundation:  _CFXNotificationPostNotification + 684
            +---+---------------------------33  com.apple.Foundation:  -[NSNotificationCenter postNotificationName:object:userInfo:] + 92
            +---+-----------------------------33  com.apple.AppKit:  -[NSWindow _close] + 100
            +---+-------------------------------33  com.apple.AppKit:  -[NSWindow close] + 36
            +---+---------------------------------33  com.apple.Safari:  0x5a498
            +---+-----------------------------------33  com.apple.Safari:  0x5c07c
            +---+-------------------------------------32  com.apple.AppKit:  -[NSApplication sendAction:to:from:] + 108
            +---+-------------------------------------+-32  com.apple.Safari:  0x2956c
            +---+-------------------------------------+---32  com.apple.AppKit:  -[NSControl sendAction:to:] + 96
            +---+-------------------------------------+-----32  com.apple.AppKit:  -[NSCell _sendActionFrom:] + 156
            +---+-------------------------------------+-------32  com.apple.AppKit:  -[NSCell trackMouse:inRect:ofView:untilMouseUp:] + 1020
            +---+-------------------------------------+---------32  com.apple.AppKit:  -[NSButtonCell trackMouse:inRect:ofView:untilMouseUp:] + 564
            +---+-------------------------------------+-----------32  com.apple.AppKit:  -[NSControl mouseDown:] + 536
            +---+-------------------------------------+-------------32  com.apple.AppKit:  -[_NSThemeWidget mouseDown:] + 100
            +---+-------------------------------------+---------------32  com.apple.AppKit:  -[NSWindow sendEvent:] + 4616
            +---+-------------------------------------+-----------------32  com.apple.Safari:  0x21734
            +---+-------------------------------------+-------------------32  com.apple.AppKit:  -[NSApplication sendEvent:] + 4172
            +---+-------------------------------------+---------------------32  com.apple.Safari:  0x21238
            +---+-------------------------------------+-----------------------32  com.apple.AppKit:  -[NSApplication run] + 508
            +---+-------------------------------------+-------------------------32  com.apple.AppKit:  NSApplicationMain + 452
            +---+-------------------------------------+---------------------------32  com.apple.Safari:  0x5c77c
            +---+-------------------------------------+-----------------------------32  com.apple.Safari:  0x5c624
            +---+-------------------------------------+-------------------------------32  Main thread
            +---+-------------------------------------pruning:  1  com.apple.Foundation:  -[NSArray makeObjectsPerformSelector:withObject:] + 264
            +---pruning:  2  com.apple.WebCore:  KJS::Window::clear + 184
            +---pruning:  2  com.apple.WebCore:  WebCore::KJSProxy::~KJSProxy [in-charge] + 60
            +---pruning:  2  com.apple.WebCore:  WebCore::PageState::clear + 620
            +---pruning:  1  com.apple.WebCore:  -[KWQPageState clear] + 272
            +---pruning:  1  com.apple.WebCore:  -[WebCorePageState clear] + 272
            pruning:  4  com.apple.JavaScriptCore:  KJS::Interpreter::mark + 40


Some of the most recent comments:
* 10147339: Crash for no reason!

Overall this crash was reported 45 times in OS builds 8J135 to 9A312, Safari versions 521.13.1 to 17878. Of these crashes, 4 were in the latest OS build, 9A312, and 1 was in the latest Safari version, 17878.

2006-12-12 20:17:30 Stephanie Lewis:
Duplicate of 4850576, which was closed.  Looks like 4596096 is back.  No useful repro steps

2006-12-15 07:57:36 Julien Robert:
I had this too, loading a bunch of pages.. This was using 9A325.

2006-12-19 21:30:56 Stephanie Lewis:
duplicate crashtracer adds another 12 crashes

2007-01-11 05:27:36 Alexandre Carlhian:
Following disccusion from duplicate <rdar://problem/4915325>. I have attached my bookmarks as Bookmarks-AC.zip. To reproduce the crash:
- Open all these bookmarks as tabs
- Wait 2 minutes to make sure all the pages are loaded (optional step)
- Read the and close the active page
=> Crash

2007-01-11 05:28:17 Alexandre Carlhian:
(Problem still exists on 9A341)

2007-01-11 21:15:16 Geoff Garen:
Leopard/P1 because <rdar://problem/4915325> has repro steps.

2007-01-15 14:11:37 Alice Liu:
Safari blocker reviewed

<rdar://problem/4876466>
Comment 1 Adam Roben (:aroben) 2007-02-07 10:12:36 PST 
Created attachment 13010 [details]
bookmarks
Comment 2 Peter Enevoldsen 2007-03-17 04:54:25 PDT 
*** Bug 12749 has been marked as a duplicate of this bug. ***
Comment 3 Oliver Hunt 2007-07-13 21:58:26 PDT 
No longer seems to be reproducible, dropping to p2 unless someone can reproduce this