121193 2013-09-11 17:25:33 -0700 Web Inspector: crash inspecting a cube at tridiv.com 2013-09-19 12:25:04 -0700 1 1 1 Unclassified WebKit JavaScriptCore 528+ (Nightly build) Mac OS X 10.8 RESOLVED DUPLICATE 121330 http://tridiv.com InRadar P2 Major --- 0 vicki webkit-unassigned ggaren graouts joepeck mark.lam sindre timothy webkit-bug-importer oldest_to_newest 928055 0 vicki 2013-09-11 17:25:33 -0700 SUMMARY Crash inspecting a cube at tridiv.com STEPS TO REPRODUCE 1. Go to tridiv.com, click "Start Using The App" if you haven't used this site before, then add a cuboid shape to the scene by clicking on the cube in the controls 2. Inspect the cube by ctrl-clicking on the cube shape that you've added to the scene. I immediately see this crash, with Nightly on 10.8.4, on a 13" MBP: Process: WebProcess [43037] Path: /Applications/WebKit.app/Contents/Frameworks/10.8/WebKit2.framework/WebProcess.app/Contents/MacOS/WebProcess Identifier: com.apple.WebProcess Version: 538+ (538.1+) Code Type: X86-64 (Native) Parent Process: SafariForWebKitDevelopment [43032] User ID: 501 Date/Time: 2013-09-11 17:21:12.527 -0700 OS Version: Mac OS X 10.8.4 (12E55) Report Version: 10 Interval Since Last Report: 594815 sec Crashes Since Last Report: 15 Per-App Interval Since Last Report: 388205 sec Per-App Crashes Since Last Report: 12 Anonymous UUID: 8E329367-0742-4E56-D288-DC6E7A93BF04 Crashed Thread: 0 Dispatch queue: com.apple.main-thread Exception Type: EXC_BAD_ACCESS (SIGSEGV) Exception Codes: KERN_INVALID_ADDRESS at 0x000000000000000a VM Regions Near 0xa: --> __TEXT 00000001049a7000-00000001049a8000 [ 4K] r-x/rwx SM=COW /Applications/WebKit.app/Contents/Frameworks/10.8/WebKit2.framework/WebProcess.app/Contents/MacOS/WebProcess Application Specific Information: Bundle controller class: BrowserBundleController Thread 0 Crashed:: Dispatch queue: com.apple.main-thread 0 ??? 0x000025ddfc830c1b 0 + 41635354446875 1 com.apple.JavaScriptCore 0x0000000104f99e61 JSC::JITCode::execute(JSC::JSStack*, JSC::ExecState*, JSC::VM*) + 49 2 com.apple.JavaScriptCore 0x0000000104f8016d JSC::Interpreter::executeCall(JSC::ExecState*, JSC::JSObject*, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) + 573 3 com.apple.JavaScriptCore 0x0000000104e54da5 JSC::call(JSC::ExecState*, JSC::JSValue, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) + 69 4 com.apple.JavaScriptCore 0x0000000104fcff62 JSC::boundFunctionCall(JSC::ExecState*) + 498 5 ??? 0x000025ddfc601045 0 + 41635352154181 6 com.apple.JavaScriptCore 0x0000000104f99e61 JSC::JITCode::execute(JSC::JSStack*, JSC::ExecState*, JSC::VM*) + 49 7 com.apple.JavaScriptCore 0x0000000104f8016d JSC::Interpreter::executeCall(JSC::ExecState*, JSC::JSObject*, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) + 573 8 com.apple.JavaScriptCore 0x0000000104e54da5 JSC::call(JSC::ExecState*, JSC::JSValue, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) + 69 9 com.apple.JavaScriptCore 0x0000000104f752c0 JSC::callSetter(JSC::ExecState*, JSC::JSValue, JSC::JSValue, JSC::JSValue, JSC::ECMAMode) + 256 10 com.apple.JavaScriptCore 0x0000000104ff8e3c JSC::JSObject::put(JSC::JSCell*, JSC::ExecState*, JSC::PropertyName, JSC::JSValue, JSC::PutPropertySlot&) + 764 11 com.apple.JavaScriptCore 0x000000010504793e llint_slow_path_put_by_id + 558 12 com.apple.JavaScriptCore 0x000000010504f98b llint_op_put_by_id + 133 13 com.apple.JavaScriptCore 0x0000000104f99e61 JSC::JITCode::execute(JSC::JSStack*, JSC::ExecState*, JSC::VM*) + 49 14 com.apple.JavaScriptCore 0x0000000104f8016d JSC::Interpreter::executeCall(JSC::ExecState*, JSC::JSObject*, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) + 573 15 com.apple.JavaScriptCore 0x0000000104e54da5 JSC::call(JSC::ExecState*, JSC::JSValue, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) + 69 16 com.apple.JavaScriptCore 0x0000000104fcff62 JSC::boundFunctionCall(JSC::ExecState*) + 498 17 ??? 0x000025ddfc601045 0 + 41635352154181 18 com.apple.JavaScriptCore 0x0000000104f99e61 JSC::JITCode::execute(JSC::JSStack*, JSC::ExecState*, JSC::VM*) + 49 19 com.apple.JavaScriptCore 0x0000000104f8016d JSC::Interpreter::executeCall(JSC::ExecState*, JSC::JSObject*, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) + 573 20 com.apple.JavaScriptCore 0x0000000104e54da5 JSC::call(JSC::ExecState*, JSC::JSValue, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) + 69 21 com.apple.JavaScriptCore 0x0000000104fcff62 JSC::boundFunctionCall(JSC::ExecState*) + 498 22 com.apple.JavaScriptCore 0x0000000104f8019e JSC::Interpreter::executeCall(JSC::ExecState*, JSC::JSObject*, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) + 622 23 com.apple.JavaScriptCore 0x0000000104e54da5 JSC::call(JSC::ExecState*, JSC::JSValue, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) + 69 24 com.apple.WebCore 0x0000000105d2caa9 WebCore::ScheduledAction::executeFunctionInContext(JSC::JSGlobalObject*, JSC::JSValue, WebCore::ScriptExecutionContext*) + 441 25 com.apple.WebCore 0x0000000105d2c70a WebCore::ScheduledAction::execute(WebCore::Document*) + 154 26 com.apple.WebCore 0x0000000105586434 WebCore::DOMTimer::fired() + 276 27 com.apple.WebCore 0x0000000105ebca4f WebCore::ThreadTimers::sharedTimerFiredInternal() + 175 28 com.apple.WebCore 0x0000000105d7d553 WebCore::timerFired(__CFRunLoopTimer*, void*) + 51 29 com.apple.CoreFoundation 0x00007fff96ecf804 __CFRUNLOOP_IS_CALLING_OUT_TO_A_TIMER_CALLBACK_FUNCTION__ + 20 30 com.apple.CoreFoundation 0x00007fff96ecf31d __CFRunLoopDoTimer + 557 31 com.apple.CoreFoundation 0x00007fff96eb4ad9 __CFRunLoopRun + 1529 32 com.apple.CoreFoundation 0x00007fff96eb40e2 CFRunLoopRunSpecific + 290 33 com.apple.HIToolbox 0x00007fff96b0aeb4 RunCurrentEventLoopInMode + 209 34 com.apple.HIToolbox 0x00007fff96b0ac52 ReceiveNextEventCommon + 356 35 com.apple.HIToolbox 0x00007fff96b0aae3 BlockUntilNextEventMatchingListInMode + 62 36 com.apple.AppKit 0x00007fff8f613533 _DPSNextEvent + 685 37 com.apple.AppKit 0x00007fff8f612df2 -[NSApplication nextEventMatchingMask:untilDate:inMode:dequeue:] + 128 38 com.apple.AppKit 0x00007fff8f60a1a3 -[NSApplication run] + 517 39 com.apple.WebCore 0x0000000105d28782 WebCore::RunLoop::run() + 82 40 com.apple.WebKit2 0x0000000104a8ef5a int WebKit::ChildProcessMain<WebKit::WebProcess, WebKit::WebContentProcessMainDelegate>(int, char**) + 422 41 com.apple.WebProcess 0x00000001049a7e23 main + 337 42 libdyld.dylib 0x00007fff93a277e1 start + 1 Thread 1:: Dispatch queue: com.apple.libdispatch-manager 0 libsystem_kernel.dylib 0x00007fff8eb5dd16 kevent + 10 1 libdispatch.dylib 0x00007fff9a0a6dea _dispatch_mgr_invoke + 883 2 libdispatch.dylib 0x00007fff9a0a69ee _dispatch_mgr_thread + 54 Thread 2:: JavaScriptCore::BlockFree 0 libsystem_kernel.dylib 0x00007fff8eb5d0fa __psynch_cvwait + 10 1 libsystem_c.dylib 0x00007fff904f3fe9 _pthread_cond_wait + 869 2 com.apple.JavaScriptCore 0x0000000105166976 WTF::ThreadCondition::timedWait(WTF::Mutex&, double) + 118 3 com.apple.JavaScriptCore 0x0000000104e3b4fb JSC::BlockAllocator::blockFreeingThreadMain() + 123 4 com.apple.JavaScriptCore 0x0000000105165c8f WTF::wtfThreadEntryPoint(void*) + 15 5 libsystem_c.dylib 0x00007fff904ef7a2 _pthread_start + 327 6 libsystem_c.dylib 0x00007fff904dc1e1 thread_start + 13 Thread 3:: JavaScriptCore::Marking 0 libsystem_kernel.dylib 0x00007fff8eb5d0fa __psynch_cvwait + 10 1 libsystem_c.dylib 0x00007fff904f3fe9 _pthread_cond_wait + 869 2 com.apple.JavaScriptCore 0x0000000104f72f8b JSC::GCThread::waitForNextPhase() + 123 3 com.apple.JavaScriptCore 0x0000000104f7304f JSC::GCThread::gcThreadMain() + 143 4 com.apple.JavaScriptCore 0x0000000105165c8f WTF::wtfThreadEntryPoint(void*) + 15 5 libsystem_c.dylib 0x00007fff904ef7a2 _pthread_start + 327 6 libsystem_c.dylib 0x00007fff904dc1e1 thread_start + 13 Thread 4:: JavaScriptCore::Marking 0 libsystem_kernel.dylib 0x00007fff8eb5d0fa __psynch_cvwait + 10 1 libsystem_c.dylib 0x00007fff904f3fe9 _pthread_cond_wait + 869 2 com.apple.JavaScriptCore 0x0000000104f72f8b JSC::GCThread::waitForNextPhase() + 123 3 com.apple.JavaScriptCore 0x0000000104f7304f JSC::GCThread::gcThreadMain() + 143 4 com.apple.JavaScriptCore 0x0000000105165c8f WTF::wtfThreadEntryPoint(void*) + 15 5 libsystem_c.dylib 0x00007fff904ef7a2 _pthread_start + 327 6 libsystem_c.dylib 0x00007fff904dc1e1 thread_start + 13 Thread 5:: JavaScriptCore::Marking 0 libsystem_kernel.dylib 0x00007fff8eb5d0fa __psynch_cvwait + 10 1 libsystem_c.dylib 0x00007fff904f3fe9 _pthread_cond_wait + 869 2 com.apple.JavaScriptCore 0x0000000104f72f8b JSC::GCThread::waitForNextPhase() + 123 3 com.apple.JavaScriptCore 0x0000000104f7304f JSC::GCThread::gcThreadMain() + 143 4 com.apple.JavaScriptCore 0x0000000105165c8f WTF::wtfThreadEntryPoint(void*) + 15 5 libsystem_c.dylib 0x00007fff904ef7a2 _pthread_start + 327 6 libsystem_c.dylib 0x00007fff904dc1e1 thread_start + 13 Thread 6:: WebCore: Scrolling 0 libsystem_kernel.dylib 0x00007fff8eb5b686 mach_msg_trap + 10 1 libsystem_kernel.dylib 0x00007fff8eb5ac42 mach_msg + 70 2 com.apple.CoreFoundation 0x00007fff96eaf233 __CFRunLoopServiceMachPort + 195 3 com.apple.CoreFoundation 0x00007fff96eb4916 __CFRunLoopRun + 1078 4 com.apple.CoreFoundation 0x00007fff96eb40e2 CFRunLoopRunSpecific + 290 5 com.apple.CoreFoundation 0x00007fff96ec2dd1 CFRunLoopRun + 97 6 com.apple.WebCore 0x0000000105d537ce WebCore::ScrollingThread::initializeRunLoop() + 254 7 com.apple.JavaScriptCore 0x0000000105165c8f WTF::wtfThreadEntryPoint(void*) + 15 8 libsystem_c.dylib 0x00007fff904ef7a2 _pthread_start + 327 9 libsystem_c.dylib 0x00007fff904dc1e1 thread_start + 13 Thread 7:: com.apple.NSURLConnectionLoader 0 libsystem_kernel.dylib 0x00007fff8eb5b686 mach_msg_trap + 10 1 libsystem_kernel.dylib 0x00007fff8eb5ac42 mach_msg + 70 2 com.apple.CoreFoundation 0x00007fff96eaf233 __CFRunLoopServiceMachPort + 195 3 com.apple.CoreFoundation 0x00007fff96eb4916 __CFRunLoopRun + 1078 4 com.apple.CoreFoundation 0x00007fff96eb40e2 CFRunLoopRunSpecific + 290 5 com.apple.Foundation 0x00007fff95edd546 +[NSURLConnection(Loader) _resourceLoadLoop:] + 356 6 com.apple.Foundation 0x00007fff95f3b562 __NSThread__main__ + 1345 7 libsystem_c.dylib 0x00007fff904ef7a2 _pthread_start + 327 8 libsystem_c.dylib 0x00007fff904dc1e1 thread_start + 13 Thread 8:: com.apple.CFSocket.private 0 libsystem_kernel.dylib 0x00007fff8eb5d322 __select + 10 1 com.apple.CoreFoundation 0x00007fff96ef3f46 __CFSocketManager + 1302 2 libsystem_c.dylib 0x00007fff904ef7a2 _pthread_start + 327 3 libsystem_c.dylib 0x00007fff904dc1e1 thread_start + 13 Thread 9:: JSC Compilation Thread 0 libsystem_kernel.dylib 0x00007fff8eb5d0fa __psynch_cvwait + 10 1 libsystem_c.dylib 0x00007fff904f3fe9 _pthread_cond_wait + 869 2 com.apple.JavaScriptCore 0x0000000104f66c6b JSC::DFG::Worklist::runThread() + 763 3 com.apple.JavaScriptCore 0x0000000105165c8f WTF::wtfThreadEntryPoint(void*) + 15 4 libsystem_c.dylib 0x00007fff904ef7a2 _pthread_start + 327 5 libsystem_c.dylib 0x00007fff904dc1e1 thread_start + 13 Thread 10: 0 libsystem_kernel.dylib 0x00007fff8eb5d6d6 __workq_kernreturn + 10 1 libsystem_c.dylib 0x00007fff904f1f4c _pthread_workq_return + 25 2 libsystem_c.dylib 0x00007fff904f1d13 _pthread_wqthread + 412 3 libsystem_c.dylib 0x00007fff904dc1d1 start_wqthread + 13 Thread 11: 0 libsystem_kernel.dylib 0x00007fff8eb5d6d6 __workq_kernreturn + 10 1 libsystem_c.dylib 0x00007fff904f1f4c _pthread_workq_return + 25 2 libsystem_c.dylib 0x00007fff904f1d13 _pthread_wqthread + 412 3 libsystem_c.dylib 0x00007fff904dc1d1 start_wqthread + 13 Thread 12: 0 libsystem_kernel.dylib 0x00007fff8eb5d6d6 __workq_kernreturn + 10 1 libsystem_c.dylib 0x00007fff904f1f4c _pthread_workq_return + 25 2 libsystem_c.dylib 0x00007fff904f1d13 _pthread_wqthread + 412 3 libsystem_c.dylib 0x00007fff904dc1d1 start_wqthread + 13 Thread 13: 0 libsystem_kernel.dylib 0x00007fff8eb5d6d6 __workq_kernreturn + 10 1 libsystem_c.dylib 0x00007fff904f1f4c _pthread_workq_return + 25 2 libsystem_c.dylib 0x00007fff904f1d13 _pthread_wqthread + 412 3 libsystem_c.dylib 0x00007fff904dc1d1 start_wqthread + 13 Thread 14: 0 libsystem_kernel.dylib 0x00007fff8eb5d6d6 __workq_kernreturn + 10 1 libsystem_c.dylib 0x00007fff904f1f4c _pthread_workq_return + 25 2 libsystem_c.dylib 0x00007fff904f1d13 _pthread_wqthread + 412 3 libsystem_c.dylib 0x00007fff904dc1d1 start_wqthread + 13 Thread 0 crashed with X86 Thread State (64-bit): rax: 0x000000000000000a rbx: 0x000000010fb49dd0 rcx: 0x000000000000000a rdx: 0x000000010fa2ab70 rdi: 0x0000000106e2f470 rsi: 0x0000000000000006 rbp: 0x00007fff5b256620 rsp: 0x00007fff5b256580 r8: 0x0000000106e2f470 r9: 0x000000000000001f r10: 0x0000000084b8af87 r11: 0x0000000117aa37a0 r12: 0x0000000000000200 r13: 0x0000000108bcdaa0 r14: 0xffff000000000000 r15: 0xffff000000000002 rip: 0x000025ddfc830c1b rfl: 0x0000000000010202 cr2: 0x000000000000000a Logical CPU: 0 928057 1 webkit-bug-importer 2013-09-11 17:26:18 -0700 <rdar://problem/14971143> 928058 2 vicki 2013-09-11 17:29:05 -0700 Whoops, I committed before pasting in my Nightly revision number - it's today's build, WebKit r155573 . 928060 3 vicki 2013-09-11 17:32:35 -0700 Also FWIW, with a Nightly from at least a week ago, I could get a little further and be able to edit the transform style on the cube... then crash. I updated to today's Nightly to see if the crash was still present, and now I see this new behavior where I crash immediately upon inspecting the cube. 930853 4 sindre 2013-09-19 00:17:23 -0700 I am experiencing the exact same crash in the latest nightlies in an internal project (also an ide). Had to go back to 1542** to get rid of the constant crashes. 931043 5 mark.lam 2013-09-19 12:25:04 -0700 Resolved in r155730: <http://trac.webkit.org/r155730> for https://bugs.webkit.org/show_bug.cgi?id=121330. Closing as duplicate. *** This bug has been marked as a duplicate of bug 121330 ***