119112 2013-07-25 15:56:59 -0700 REGRESSION: Crash in gmail when clicking back button in conversation view 2013-07-26 13:38:21 -0700 1 1 1 Unclassified WebKit JavaScriptCore 528+ (Nightly build) Mac (Intel) OS X 10.8 RESOLVED DUPLICATE 119105 Regression P1 Normal --- 1 esprehn webkit-unassigned fpizlo ggaren oliver oldest_to_newest 911787 0 esprehn 2013-07-25 15:56:59 -0700 If you click a conversation and then click the backward arrow icon in the gmail app it crashes. Reproduces 100% of the time in nightly r153334. Process: WebProcess [52646] Path: /Applications/WebKit.app/Contents/Frameworks/10.8/WebKit2.framework/WebProcess.app/Contents/MacOS/WebProcess Identifier: com.apple.WebProcess Version: 538+ (538.1+) Code Type: X86-64 (Native) Parent Process: SafariForWebKitDevelopment [52644] User ID: 118728 Date/Time: 2013-07-25 15:54:12.947 -0700 OS Version: Mac OS X 10.8.4 (12E55) Report Version: 10 Crashed Thread: 0 Dispatch queue: com.apple.main-thread Exception Type: EXC_BAD_ACCESS (SIGSEGV) Exception Codes: EXC_I386_GPFLT Application Specific Information: Bundle controller class: BrowserBundleController Thread 0 Crashed:: Dispatch queue: com.apple.main-thread 0 com.apple.JavaScriptCore 0x000000010f9e9a43 JSC::DFG::dfgBuildGetByIDList(JSC::ExecState*, JSC::JSValue, JSC::Identifier const&, JSC::PropertySlot const&, JSC::StructureStubInfo&) + 3811 1 com.apple.JavaScriptCore 0x000000010f9d8f36 operationGetByIdBuildListWithReturnAddress + 294 2 ??? 0x000041f6683d5278 0 + 72526566609528 3 com.apple.JavaScriptCore 0x000000010fa92fe1 JSC::JITCode::execute(JSC::JSStack*, JSC::ExecState*, JSC::VM*) + 49 4 com.apple.JavaScriptCore 0x000000010fa7840a JSC::Interpreter::executeCall(JSC::ExecState*, JSC::JSObject*, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) + 650 5 com.apple.JavaScriptCore 0x000000010f95ed45 JSC::call(JSC::ExecState*, JSC::JSValue, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) + 69 6 com.apple.WebCore 0x00000001103d86ac WebCore::JSEventListener::handleEvent(WebCore::ScriptExecutionContext*, WebCore::Event*) + 908 7 com.apple.WebCore 0x00000001100a3bbc WebCore::EventTarget::fireEventListeners(WebCore::Event*, WebCore::EventTargetData*, WTF::Vector<WebCore::RegisteredEventListener, 1ul, WTF::CrashOnOverflow>&) + 364 8 com.apple.WebCore 0x00000001100a38d6 WebCore::EventTarget::fireEventListeners(WebCore::Event*) + 390 9 com.apple.WebCore 0x000000011069df53 WebCore::Node::handleLocalEvents(WebCore::Event*) + 67 10 com.apple.WebCore 0x000000011008bfb7 WebCore::EventContext::handleLocalEvents(WebCore::Event*) const + 87 11 com.apple.WebCore 0x000000011008ced8 WebCore::EventDispatcher::dispatchEventAtBubbling(WebCore::WindowEventContext&) + 56 12 com.apple.WebCore 0x000000011008cdc7 WebCore::EventDispatcher::dispatch() + 759 13 com.apple.WebCore 0x000000011068b19f WebCore::MouseEventDispatchMediator::dispatchEvent(WebCore::EventDispatcher*) const + 159 14 com.apple.WebCore 0x000000011008c1cc WebCore::EventDispatcher::dispatchEvent(WebCore::Node*, WTF::PassRefPtr<WebCore::EventDispatchMediator>) + 124 15 com.apple.WebCore 0x000000011069e655 WebCore::Node::dispatchMouseEvent(WebCore::PlatformMouseEvent const&, WTF::AtomicString const&, int, WebCore::Node*) + 133 16 com.apple.WebCore 0x000000011009395b WebCore::EventHandler::dispatchMouseEvent(WTF::AtomicString const&, WebCore::Node*, bool, int, WebCore::PlatformMouseEvent const&, bool) + 107 17 com.apple.WebCore 0x00000001100952ec WebCore::EventHandler::handleMouseReleaseEvent(WebCore::PlatformMouseEvent const&) + 924 18 com.apple.WebKit2 0x000000010f5c29cc WebKit::handleMouseEvent(WebKit::WebMouseEvent const&, WebKit::WebPage*, bool) + 419 19 com.apple.WebKit2 0x000000010f5c27ed WebKit::WebPage::mouseEvent(WebKit::WebMouseEvent const&) + 221 20 com.apple.WebKit2 0x000000010f5d5cc8 void CoreIPC::handleMessage<Messages::WebPage::MouseEvent, WebKit::WebPage, void (WebKit::WebPage::*)(WebKit::WebMouseEvent const&)>(CoreIPC::MessageDecoder&, WebKit::WebPage*, void (WebKit::WebPage::*)(WebKit::WebMouseEvent const&)) + 83 21 com.apple.WebKit2 0x000000010f50881f CoreIPC::MessageReceiverMap::dispatchMessage(CoreIPC::Connection*, CoreIPC::MessageDecoder&) + 137 22 com.apple.WebKit2 0x000000010f610f72 WebKit::WebProcess::didReceiveMessage(CoreIPC::Connection*, CoreIPC::MessageDecoder&) + 34 23 com.apple.WebKit2 0x000000010f4dc58d CoreIPC::Connection::dispatchMessage(WTF::PassOwnPtr<CoreIPC::MessageDecoder>) + 105 24 com.apple.WebKit2 0x000000010f4de0c8 CoreIPC::Connection::dispatchOneMessage() + 106 25 com.apple.WebCore 0x0000000110877ad1 WebCore::RunLoop::performWork() + 129 26 com.apple.WebCore 0x0000000110878092 WebCore::RunLoop::performWork(void*) + 34 27 com.apple.CoreFoundation 0x00007fff97f1bb31 __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ + 17 28 com.apple.CoreFoundation 0x00007fff97f1b455 __CFRunLoopDoSources0 + 245 29 com.apple.CoreFoundation 0x00007fff97f3e7f5 __CFRunLoopRun + 789 30 com.apple.CoreFoundation 0x00007fff97f3e0e2 CFRunLoopRunSpecific + 290 31 com.apple.HIToolbox 0x00007fff94adceb4 RunCurrentEventLoopInMode + 209 32 com.apple.HIToolbox 0x00007fff94adcc52 ReceiveNextEventCommon + 356 33 com.apple.HIToolbox 0x00007fff94adcae3 BlockUntilNextEventMatchingListInMode + 62 34 com.apple.AppKit 0x00007fff93dfa533 _DPSNextEvent + 685 35 com.apple.AppKit 0x00007fff93df9df2 -[NSApplication nextEventMatchingMask:untilDate:inMode:dequeue:] + 128 36 com.apple.AppKit 0x00007fff93df11a3 -[NSApplication run] + 517 37 com.apple.WebCore 0x0000000110878712 WebCore::RunLoop::run() + 82 38 com.apple.WebKit2 0x000000010f581173 int WebKit::ChildProcessMain<WebKit::WebProcess, WebKit::WebContentProcessMainDelegate>(int, char**) + 579 39 com.apple.WebProcess 0x000000010f494e23 main + 337 912071 1 fpizlo 2013-07-26 13:38:21 -0700 *** This bug has been marked as a duplicate of bug 119105 ***