Bug 17742

Summary: ASSERTION FAILED: !m_deletionHasBegun on GMail
Product: WebKit Reporter: Matt Lilek <dev+webkit>
Component: Web Template FrameworkAssignee: Nobody <webkit-unassigned>
Status: RESOLVED FIXED    
Severity: Normal Keywords: Regression
Priority: P1    
Version: 528+ (Nightly build)   
Hardware: Mac   
OS: OS X 10.5   
URL: http://mail.google.com/

Matt Lilek
Reported 2008-03-10 06:39:57 PDT
I'm hitting this loading GMail with r30926 while signing into GMail hosted (the Loading... screen) and then again before the page even finished loading and I could put in my username and password on http://mail.google.com/. ASSERTION FAILED: !m_deletionHasBegun (/Users/mlilek/Documents/WebKit/WebKitBuild/Debug/JavaScriptCore.framework/PrivateHeaders/RefCounted.h:41 void WTF::RefCounted<T>::ref() [with T = WebCore::Plugin]) Thread 0 Crashed: 0 com.apple.WebCore 0x020b3a85 WTF::RefCounted<WebCore::Plugin>::ref() + 71 (RefCounted.h:41) 1 com.apple.WebCore 0x020b8437 WTF::RefPtr<WebCore::Plugin>::RefPtr(WebCore::Plugin*) + 31 2 com.apple.WebCore 0x020b826e WebCore::JSPlugin::JSPlugin(KJS::JSObject*, WebCore::Plugin*) + 66 (JSPlugin.cpp:81) 3 com.apple.WebCore 0x020b861c KJS::JSValue* WebCore::cacheDOMObject<WebCore::Plugin, WebCore::JSPlugin, WebCore::JSPluginPrototype>(KJS::ExecState*, WebCore::Plugin*) + 98 (kjs_binding.h:86) 4 com.apple.WebCore 0x020b8320 WebCore::toJS(KJS::ExecState*, WebCore::Plugin*) + 24 (JSPlugin.cpp:157) 5 com.apple.WebCore 0x020b6f2c WebCore::JSPluginArray::nameGetter(KJS::ExecState*, KJS::JSObject*, KJS::Identifier const&, KJS::PropertySlot const&) + 82 (JSPluginArrayCustom.cpp:37) 6 com.apple.JavaScriptCore 0x0045973a KJS::PropertySlot::getValue(KJS::ExecState*, KJS::JSObject*, KJS::Identifier const&) const + 132 (property_slot.h:49) 7 com.apple.JavaScriptCore 0x0040ff08 KJS::JSObject::get(KJS::ExecState*, KJS::Identifier const&) const + 74 (object.cpp:164) 8 com.apple.JavaScriptCore 0x00483f77 KJS::BracketAccessorNode::inlineEvaluate(KJS::ExecState*) + 311 (nodes.cpp:774) 9 com.apple.JavaScriptCore 0x0043e1a6 KJS::BracketAccessorNode::evaluate(KJS::ExecState*) + 30 (nodes.cpp:780) 10 com.apple.JavaScriptCore 0x0043b5dc KJS::AssignLocalVarNode::evaluate(KJS::ExecState*) + 144 (nodes.cpp:3310) 11 com.apple.JavaScriptCore 0x0043aa1d KJS::VarStatementNode::execute(KJS::ExecState*) + 43 (nodes.cpp:3767) 12 com.apple.JavaScriptCore 0x0041be9b KJS::statementListExecute(WTF::Vector<WTF::RefPtr<KJS::StatementNode>, 0ul>&, KJS::ExecState*) + 85 (nodes.cpp:3703) 13 com.apple.JavaScriptCore 0x0041bf28 KJS::BlockNode::execute(KJS::ExecState*) + 26 (nodes.cpp:3729) 14 com.apple.JavaScriptCore 0x0043a92d KJS::IfElseNode::execute(KJS::ExecState*) + 121 (nodes.cpp:3804) 15 com.apple.JavaScriptCore 0x0041be9b KJS::statementListExecute(WTF::Vector<WTF::RefPtr<KJS::StatementNode>, 0ul>&, KJS::ExecState*) + 85 (nodes.cpp:3703) 16 com.apple.JavaScriptCore 0x0041bf28 KJS::BlockNode::execute(KJS::ExecState*) + 26 (nodes.cpp:3729) 17 com.apple.JavaScriptCore 0x00429b06 KJS::FunctionBodyNode::execute(KJS::ExecState*) + 34 (nodes.cpp:4646) 18 com.apple.JavaScriptCore 0x0042a270 KJS::FunctionImp::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List const&) + 116 (function.cpp:76) 19 com.apple.JavaScriptCore 0x00433d66 KJS::JSObject::call(KJS::ExecState*, KJS::JSObject*, KJS::List const&) + 222 (object.cpp:96) 20 com.apple.JavaScriptCore 0x00449f7d KJS::FunctionCallValueNode::evaluate(KJS::ExecState*) + 395 (nodes.cpp:1043) 21 com.apple.JavaScriptCore 0x0043aa87 KJS::ExprStatementNode::execute(KJS::ExecState*) + 43 (nodes.cpp:3750) 22 com.apple.JavaScriptCore 0x0041be9b KJS::statementListExecute(WTF::Vector<WTF::RefPtr<KJS::StatementNode>, 0ul>&, KJS::ExecState*) + 85 (nodes.cpp:3703) 23 com.apple.JavaScriptCore 0x0041bf28 KJS::BlockNode::execute(KJS::ExecState*) + 26 (nodes.cpp:3729) 24 com.apple.JavaScriptCore 0x0042a049 KJS::TryNode::execute(KJS::ExecState*) + 43 (nodes.cpp:4323) 25 com.apple.JavaScriptCore 0x0041be9b KJS::statementListExecute(WTF::Vector<WTF::RefPtr<KJS::StatementNode>, 0ul>&, KJS::ExecState*) + 85 (nodes.cpp:3703) 26 com.apple.JavaScriptCore 0x0041bf28 KJS::BlockNode::execute(KJS::ExecState*) + 26 (nodes.cpp:3729) 27 com.apple.JavaScriptCore 0x00429cb4 KJS::ProgramNode::execute(KJS::ExecState*) + 34 (nodes.cpp:4634) 28 com.apple.JavaScriptCore 0x00455ae4 KJS::Interpreter::evaluate(KJS::ExecState*, KJS::UString const&, int, KJS::UChar const*, int, KJS::JSValue*) + 846 (interpreter.cpp:103) 29 com.apple.WebCore 0x02053ceb WebCore::KJSProxy::evaluate(WebCore::String const&, int, WebCore::String const&) + 223 (kjs_proxy.cpp:88) 30 com.apple.WebCore 0x01c1fd7e WebCore::FrameLoader::executeScript(WebCore::String const&, int, WebCore::String const&) + 110 (FrameLoader.cpp:763) 31 com.apple.WebCore 0x01ca2dda WebCore::HTMLTokenizer::scriptExecution(WebCore::String const&, WebCore::HTMLTokenizer::State, WebCore::String const&, int) + 276 (HTMLTokenizer.cpp:527) 32 com.apple.WebCore 0x01ca445b WebCore::HTMLTokenizer::scriptHandler(WebCore::HTMLTokenizer::State) + 1477 (HTMLTokenizer.cpp:476) 33 com.apple.WebCore 0x01ca49af WebCore::HTMLTokenizer::parseSpecial(WebCore::SegmentedString&, WebCore::HTMLTokenizer::State) + 991 (HTMLTokenizer.cpp:326) 34 com.apple.WebCore 0x01ca6a26 WebCore::HTMLTokenizer::parseTag(WebCore::SegmentedString&, WebCore::HTMLTokenizer::State) + 6830 (HTMLTokenizer.cpp:1472) 35 com.apple.WebCore 0x01ca72f1 WebCore::HTMLTokenizer::write(WebCore::SegmentedString const&, bool) + 1295 (HTMLTokenizer.cpp:1697) 36 com.apple.WebCore 0x01c1930e WebCore::FrameLoader::write(char const*, int, bool) + 956 (FrameLoader.cpp:1004) 37 com.apple.WebCore 0x01c19442 WebCore::FrameLoader::addData(char const*, int) + 278 (FrameLoader.cpp:1751) 38 com.apple.WebCore 0x02007c36 -[WebCoreFrameBridge addData:] + 148 (WebCoreFrameBridge.mm:286) 39 com.apple.WebCore 0x0200c7be -[WebCoreFrameBridge receivedData:textEncodingName:] + 252 (WebCoreFrameBridge.mm:1178) 40 com.apple.WebKit 0x001c193c -[WebHTMLRepresentation receivedData:withDataSource:] + 200 (WebHTMLRepresentation.mm:175) 41 com.apple.WebKit 0x001a015c -[WebDataSource(WebInternal) _receivedData:] + 90 (WebDataSource.mm:197) 42 com.apple.WebKit 0x001b378a WebFrameLoaderClient::committedLoad(WebCore::DocumentLoader*, char const*, int) + 128 (WebFrameLoaderClient.mm:709) 43 com.apple.WebCore 0x01c140c9 WebCore::FrameLoader::committedLoad(WebCore::DocumentLoader*, char const*, int) + 53 (FrameLoader.cpp:3233) 44 com.apple.WebCore 0x01bb5bfb WebCore::DocumentLoader::commitLoad(char const*, int) + 87 (DocumentLoader.cpp:354) 45 com.apple.WebCore 0x01bb5e1a WebCore::DocumentLoader::receivedData(char const*, int) + 76 (DocumentLoader.cpp:367) 46 com.apple.WebCore 0x01c138d5 WebCore::FrameLoader::receivedData(char const*, int) + 41 (FrameLoader.cpp:2198) 47 com.apple.WebCore 0x01ded822 WebCore::MainResourceLoader::addData(char const*, int, bool) + 80 (MainResourceLoader.cpp:139) 48 com.apple.WebCore 0x01ee98b3 WebCore::ResourceLoader::didReceiveData(char const*, int, long long, bool) + 83 (ResourceLoader.cpp:240) 49 com.apple.WebCore 0x01deda34 WebCore::MainResourceLoader::didReceiveData(char const*, int, long long, bool) + 282 (MainResourceLoader.cpp:299) 50 com.apple.WebCore 0x01ee948a WebCore::ResourceLoader::didReceiveData(WebCore::ResourceHandle*, char const*, int, int) + 62 (ResourceLoader.cpp:368) 51 com.apple.WebCore 0x01ee6b27 -[WebCoreResourceHandleAsDelegate connection:didReceiveData:lengthReceived:] + 201 (ResourceHandleMac.mm:502) 52 com.apple.Foundation 0x94ee83b7 -[NSURLConnection(NSURLConnectionReallyInternal) sendDidReceiveData:originalLength:] + 119 53 com.apple.Foundation 0x94ee831e _NSURLConnectionDidReceiveData + 94 54 com.apple.CFNetwork 0x9233e0af sendDidReceiveDataCallback + 518 55 com.apple.CFNetwork 0x9233b76d _CFURLConnectionSendCallbacks + 1559 56 com.apple.CFNetwork 0x9233b0d9 muxerSourcePerform + 283 57 com.apple.CoreFoundation 0x9481e62e CFRunLoopRunSpecific + 3166 58 com.apple.CoreFoundation 0x9481ed18 CFRunLoopRunInMode + 88 59 com.apple.HIToolbox 0x95a386a0 RunCurrentEventLoopInMode + 283 60 com.apple.HIToolbox 0x95a384b9 ReceiveNextEventCommon + 374 61 com.apple.HIToolbox 0x95a3832d BlockUntilNextEventMatchingListInMode + 106 62 com.apple.AppKit 0x93e177d9 _DPSNextEvent + 657 63 com.apple.AppKit 0x93e1708e -[NSApplication nextEventMatchingMask:untilDate:inMode:dequeue:] + 128 64 com.apple.Safari 0x0000806e 0x1000 + 28782 65 com.apple.AppKit 0x93e100c5 -[NSApplication run] + 795 66 com.apple.AppKit 0x93ddd30a NSApplicationMain + 574 67 com.apple.Safari 0x000b9a76 0x1000 + 756342
Attachments
Add attachment proposed patch, testcase, etc.
Matt Lilek
Comment 1 2008-03-10 07:08:41 PDT
Simon fixed this in http://trac.webkit.org/projects/webkit/changeset/30927
Note You need to log in before you can comment on or make changes to this bug.