Bug 142639
| Summary: | editing/selection/select-bidi-run.html crashed in bmalloc | ||
|---|---|---|---|
| Product: | WebKit | Reporter: | Simon Fraser (smfr) <simon.fraser> |
| Component: | Tools / Tests | Assignee: | Nobody <webkit-unassigned> |
| Status: | RESOLVED DUPLICATE | ||
| Severity: | Normal | CC: | ap, cdumez, enrica, ggaren, simon.fraser |
| Priority: | P2 | ||
| Version: | 528+ (Nightly build) | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
Simon Fraser (smfr)
https://build.webkit.org/results/Apple%20Yosemite%20Debug%20WK2%20(Tests)/r181448%20(2723)/editing/selection/select-bidi-run-crash-log.txt
| Attachments | ||
|---|---|---|
| Add attachment proposed patch, testcase, etc. |
Simon Fraser (smfr)
Thread 0 Crashed:: Dispatch queue: com.apple.main-thread
0 com.apple.JavaScriptCore 0x000000010d7aeff0 bmalloc::LargeObject::validateSelf() const + 128
1 com.apple.JavaScriptCore 0x000000010d7aee81 bmalloc::LargeObject::validate() const + 225
2 com.apple.JavaScriptCore 0x000000010d7b107f bmalloc::LargeObject::LargeObject(void*) + 95
3 com.apple.JavaScriptCore 0x000000010d7b0d9d bmalloc::LargeObject::LargeObject(void*) + 29
4 com.apple.JavaScriptCore 0x000000010d7b0199 bmalloc::Allocator::reallocate(void*, unsigned long) + 361
5 com.apple.JavaScriptCore 0x000000010d76fb06 bmalloc::Cache::reallocate(void*, unsigned long) + 86
6 com.apple.JavaScriptCore 0x000000010d76eecd bmalloc::api::realloc(void*, unsigned long) + 29
7 com.apple.JavaScriptCore 0x000000010d76ebbd WTF::fastRealloc(void*, unsigned long) + 29
8 com.apple.JavaScriptCore 0x000000010d79492b WTF::Ref<WTF::StringImpl> WTF::StringImpl::reallocateInternal<unsigned char>(WTF::PassRefPtr<WTF::StringImpl>, unsigned int, unsigned char*&) + 299
9 com.apple.JavaScriptCore 0x000000010d78b330 WTF::StringImpl::reallocate(WTF::PassRefPtr<WTF::StringImpl>, unsigned int, unsigned char*&) + 128
10 com.apple.JavaScriptCore 0x000000010d789346 void WTF::StringBuilder::reallocateBuffer<unsigned char>(unsigned int) + 310
11 com.apple.JavaScriptCore 0x000000010d789f42 WTF::StringBuilder::shrinkToFit() + 66
12 com.apple.WebCore 0x000000010edbf3a7 WTF::StringBuilder::toString() + 39 (StringBuilder.h:178)
13 com.apple.WebCore 0x0000000110d00c1e WebCore::plainText(WebCore::Range const*, unsigned short, bool) + 334 (TextIterator.cpp:2536)
14 com.apple.WebCore 0x000000010f4186d8 WebCore::DOMSelection::toString() + 120 (DOMSelection.cpp:492)
15 com.apple.WebCore 0x000000010fc8a0a4 WebCore::jsDOMSelectionPrototypeFunctionToString(JSC::ExecState*) + 404 (JSDOMSelection.cpp:573)
16 ??? 0x00003d2699801028 0 + 67235993358376
17 ??? 0x00003d269989462d 0 + 67235993962029
18 com.apple.JavaScriptCore 0x000000010d4f8ec6 llint_entry + 25658
19 com.apple.JavaScriptCore 0x000000010d4f2849 vmEntryToJavaScript + 361
20 com.apple.JavaScriptCore 0x000000010d3740ea JSC::JITCode::execute(JSC::VM*, JSC::ProtoCallFrame*) + 266
21 com.apple.JavaScriptCore 0x000000010d3576a5 JSC::Interpreter::execute(JSC::ProgramExecutable*, JSC::ExecState*, JSC::JSObject*) + 4853
22 com.apple.JavaScriptCore 0x000000010ceb4d10 JSC::evaluate(JSC::ExecState*, JSC::SourceCode const&, JSC::JSValue, JSC::JSValue*) + 480
23 com.apple.WebCore 0x000000010fe4c545 WebCore::JSMainThreadExecState::evaluate(JSC::ExecState*, JSC::SourceCode const&, JSC::JSValue, JSC::JSValue*) + 69 (JSMainThreadExecState.h:62)
24 com.apple.WebCore 0x0000000110890abd WebCore::ScriptController::evaluateInWorld(WebCore::ScriptSourceCode const&, WebCore::DOMWrapperWorld&) + 317 (ScriptController.cpp:164)
...
Alexey Proskuryakov
Is this the same as bug 142642?
Geoffrey Garen
*** This bug has been marked as a duplicate of bug 142642 ***