Bug 128041

Summary: Web Inspector: Crash when searching in DOM tree
Product: WebKit Reporter: Taiki <taiki>
Component: Web InspectorAssignee: Nobody <webkit-unassigned>
Status: RESOLVED WORKSFORME    
Severity: Normal CC: joepeck, timothy, webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: 525.x (Safari 3.2)   
Hardware: Mac   
OS: OS X 10.9   

Description Taiki 2014-02-01 02:40:52 PST 
[Running Safari 7, don't know which version of Webkit is used]
I could reproduce a crash in the Web Inspector by performing the following tasks:
1. Disable Javascript
2. Go to some website (reproduced on google.com, some pages of deviantart)
3. Open the Web Inspector search bar
4. Type something
5. Crash

Reliably reproduced on google.com, with the string 'height' but crash also occurred with other strings, however, some pages of deviantart don't crash, while other do.
Here is the stack trace:

Thread 0 Crashed:: Dispatch queue: com.apple.main-thread
0   com.apple.JavaScriptCore      	0x00007fff8ac3cb8d JSC::JSObject::defaultValue(JSC::JSObject const*, JSC::ExecState*, JSC::PreferredPrimitiveType) + 45
1   com.apple.JavaScriptCore      	0x00007fff8ada2d2d JSC::JSObject::toString(JSC::ExecState*) const + 77
2   com.apple.WebCore             	0x00007fff8e259ac0 WebCore::eventListenerHandlerBody(WebCore::Document*, WebCore::EventListener*) + 128
3   com.apple.WebCore             	0x00007fff8de867b7 WebCore::InspectorDOMAgent::buildObjectForEventListener(WebCore::RegisteredEventListener const&, WTF::AtomicString const&, WebCore::Node*, WTF::String const*) + 695
4   com.apple.WebCore             	0x00007fff8de85ca3 WebCore::InspectorDOMAgent::getEventListenersForNode(WTF::String*, int, WTF::String const*, WTF::RefPtr<WebCore::TypeBuilder::Array<WebCore::TypeBuilder::DOM::EventListener> >&) + 339
5   com.apple.WebCore             	0x00007fff8de488fa WebCore::InspectorBackendDispatcherImpl::DOM_getEventListenersForNode(long, WebCore::InspectorObject*) + 634
6   com.apple.WebCore             	0x00007fff8de6620a WebCore::InspectorBackendDispatcherImpl::dispatch(WTF::String const&) + 1546
7   com.apple.WebCore             	0x00007fff8dea3d50 WebCore::InspectorBackendDispatchTask::onTimer(WebCore::Timer<WebCore::InspectorBackendDispatchTask>*) + 160
8   com.apple.WebCore             	0x00007fff8d6f164f WebCore::ThreadTimers::sharedTimerFiredInternal() + 175
9   com.apple.WebCore             	0x00007fff8d6f152a WebCore::timerFired(__CFRunLoopTimer*, void*) + 58
10  com.apple.CoreFoundation      	0x00007fff879bb724 __CFRUNLOOP_IS_CALLING_OUT_TO_A_TIMER_CALLBACK_FUNCTION__ + 20
11  com.apple.CoreFoundation      	0x00007fff879bb25f __CFRunLoopDoTimer + 1151
12  com.apple.CoreFoundation      	0x00007fff87a2c76a __CFRunLoopDoTimers + 298
13  com.apple.CoreFoundation      	0x00007fff87976aa5 __CFRunLoopRun + 1525
14  com.apple.CoreFoundation      	0x00007fff87976275 CFRunLoopRunSpecific + 309
15  com.apple.HIToolbox           	0x00007fff8d1c3f0d RunCurrentEventLoopInMode + 226
16  com.apple.HIToolbox           	0x00007fff8d1c3cb7 ReceiveNextEventCommon + 479
17  com.apple.HIToolbox           	0x00007fff8d1c3abc _BlockUntilNextEventMatchingListInModeWithFilter + 65
18  com.apple.AppKit              	0x00007fff8b5d828e _DPSNextEvent + 1434
19  com.apple.AppKit              	0x00007fff8b5d78db -[NSApplication nextEventMatchingMask:untilDate:inMode:dequeue:] + 122
20  com.apple.AppKit              	0x00007fff8b5cb9cc -[NSApplication run] + 553
21  com.apple.AppKit              	0x00007fff8b5b6803 NSApplicationMain + 940
22  com.apple.XPCService          	0x00007fff87315c0f _xpc_main + 385
23  libxpc.dylib                  	0x00007fff8718ab2e xpc_main + 399
24  com.apple.WebKit.WebContent   	0x00000001045a0ba0 0x1045a0000 + 2976
25  libdyld.dylib                 	0x00007fff8c1775fd start + 1
Comment 1 Radar WebKit Bug Importer 2014-02-01 02:41:18 PST 
<rdar://problem/15963811>
Comment 2 Timothy Hatcher 2014-03-28 22:29:12 PDT 
I can't reproduce in TOT / the WebKit nightly.