Bug 48746

I cannot reproduce this on Mac. Could you please attach a crash dump <http://webkit.org/quality/crashlogs.html>? Do you have any Safari extensions installed, and if so, does disabling them make the crash go away?

Created attachment 72636 [details]
crash dump from r70599

crash dump opening the said URL

Yes,
on Mac I don't remember having any problems, Windows just is a bit different (XP especially).
Crash dump is now attached...

and there are no extensions:)

I can reproduce on Windows XP with the r70599 nightly. Here's the backtrace:

0012f468 015e3b63 08312cf4 7fe92c4c 04bf0080 0x6941dcd
0012f4ac 015e39d0 04bf0000 0012f4f0 7fa46108 JavaScriptCore!JSC::Interpreter::execute+0x143 [c:\cygwin\home\buildbot\slave\windows-release-archive\build\opensource\javascriptcore\interpreter\interpreter.cpp @ 751]
0012f4f8 032e1809 0012f540 7fbf51d8 7fbf51a0 JavaScriptCore!JSC::evaluate+0xa0 [c:\cygwin\home\buildbot\slave\windows-release-archive\build\opensource\javascriptcore\runtime\completion.cpp @ 65]
0012f550 032e194e 0012f588 0012f5d8 7fea0ae0 WebKit!WebCore::ScriptController::evaluateInWorld+0x129 [c:\cygwin\home\buildbot\slave\windows-release-archive\build\opensource\webcore\bindings\js\scriptcontroller.cpp @ 149]
0012f564 035b1649 7fec7cf4 0012f5d8 00000001 WebKit!WebCore::ScriptController::evaluate+0x3e [c:\cygwin\home\buildbot\slave\windows-release-archive\build\opensource\webcore\bindings\js\scriptcontroller.cpp @ 171]
0012f594 037b5818 0012f5c8 0012f5d8 00000001 WebKit!WebCore::ScriptController::executeScript+0x99 [c:\cygwin\home\buildbot\slave\windows-release-archive\build\opensource\webcore\bindings\scriptcontrollerbase.cpp @ 62]
0012f624 037b5708 7fd1f9d8 7fb5e000 7fd1f9d8 WebKit!WebCore::HTMLScriptRunner::executePendingScriptAndDispatchEvent+0xd8 [c:\cygwin\home\buildbot\slave\windows-release-archive\build\opensource\webcore\html\parser\htmlscriptrunner.cpp @ 143]
0012f670 037b5990 0012f6f4 036c93e8 0012f698 WebKit!WebCore::HTMLScriptRunner::executeParsingBlockingScript+0x68 [c:\cygwin\home\buildbot\slave\windows-release-archive\build\opensource\webcore\html\parser\htmlscriptrunner.cpp @ 124]
0012f678 036c93e8 0012f698 7fbf7000 7fbf7000 WebKit!WebCore::HTMLScriptRunner::executeParsingBlockingScripts+0x50 [c:\cygwin\home\buildbot\slave\windows-release-archive\build\opensource\webcore\html\parser\htmlscriptrunner.cpp @ 203]
0012f688 036d8441 7fbf7000 00000000 7fbf7008 WebKit!WebCore::HTMLDocumentParser::notifyFinished+0x68 [c:\cygwin\home\buildbot\slave\windows-release-archive\build\opensource\webcore\html\parser\htmldocumentparser.cpp @ 458]
0012f6a8 036d8407 7f9e4cb0 7fbce948 7fbf7000 WebKit!WebCore::CachedScript::checkNotify+0x31 [c:\cygwin\home\buildbot\slave\windows-release-archive\build\opensource\webcore\loader\cachedscript.cpp @ 100]
0012f6b8 03697028 7fbd0190 00000001 076d2838 WebKit!WebCore::CachedScript::data+0xb7 [c:\cygwin\home\buildbot\slave\windows-release-archive\build\opensource\webcore\loader\cachedscript.cpp @ 90]
0012f6f4 037a6ca4 7fbe4000 0647d970 0012f660 WebKit!WebCore::Loader::Host::didFinishLoading+0x108 [c:\cygwin\home\buildbot\slave\windows-release-archive\build\opensource\webcore\loader\loader.cpp @ 422]
0012f760 035dcde1 00000000 00000000 0369af02 WebKit!WebCore::SubresourceLoader::didFinishLoading+0x34 [c:\cygwin\home\buildbot\slave\windows-release-archive\build\opensource\webcore\loader\subresourceloader.cpp @ 183]
0012f76c 0369af02 7f9efbc0 00000000 00000000 WebKit!WebCore::ResourceLoader::didFinishLoading+0x11 [c:\cygwin\home\buildbot\slave\windows-release-archive\build\opensource\webcore\loader\resourceloader.cpp @ 422]
0012f7b4 0286bfd4 06463378 7f9efbc0 076d2818 WebKit!WebCore::didFinishLoading+0x22 [c:\cygwin\home\buildbot\slave\windows-release-archive\build\opensource\webcore\platform\network\cf\resourcehandlecfnet.cpp @ 245]

Apparently we're dereferencing null.

Interesting, this page uses the new ES5 strict mode.

I can reproduce the crash in ToT build. This is not a nightly-specific bug.

Here's a better backtrace from a debug build:


>	JavaScriptCore.dll!JSC::Register::withCallee(JSC::JSObject * callee=0x0920b08c)  Line 86 + 0xf bytes	C++
 	JavaScriptCore.dll!JSC::JITCode::execute(JSC::RegisterFile * registerFile=0x0920b08c, JSC::ExecState * callFrame=0x09610038, JSC::JSGlobalData * globalData=0x08523ff8)  Line 77 + 0x22 bytes	C++
 	JavaScriptCore.dll!JSC::Interpreter::execute(JSC::ProgramExecutable * program=0x095fca98, JSC::ExecState * callFrame=0x08595d10, JSC::ScopeChainNode * scopeChain=0x093d3c58, JSC::JSObject * thisObj=0x09a57180)  Line 759 + 0x25 bytes	C++
 	JavaScriptCore.dll!JSC::evaluate(JSC::ExecState * exec=0x08595d10, JSC::ScopeChain & scopeChain={...}, const JSC::SourceCode & source={...}, JSC::JSValue thisValue={...})  Line 64	C++
 	WebKit.dll!WebCore::JSMainThreadExecState::evaluate(JSC::ExecState * exec=0x08595d10, JSC::ScopeChain & chain={...}, const JSC::SourceCode & source={...}, JSC::JSValue thisValue={...})  Line 54 + 0x1d bytes	C++
 	WebKit.dll!WebCore::ScriptController::evaluateInWorld(const WebCore::ScriptSourceCode & sourceCode={...}, WebCore::DOMWrapperWorld * world=0x08428560, WebCore::ShouldAllowXSS shouldAllowXSS=DoNotAllowXSS)  Line 148 + 0x2f bytes	C++
 	WebKit.dll!WebCore::ScriptController::evaluate(const WebCore::ScriptSourceCode & sourceCode={...}, WebCore::ShouldAllowXSS shouldAllowXSS=DoNotAllowXSS)  Line 171 + 0x1a bytes	C++
 	WebKit.dll!WebCore::ScriptController::executeScript(const WebCore::ScriptSourceCode & sourceCode={...}, WebCore::ShouldAllowXSS shouldAllowXSS=DoNotAllowXSS)  Line 62	C++
 	WebKit.dll!WebCore::HTMLScriptRunner::executeScript(const WebCore::ScriptSourceCode & sourceCode={...})  Line 156 + 0x22 bytes	C++
 	WebKit.dll!WebCore::HTMLScriptRunner::executePendingScriptAndDispatchEvent(WebCore::PendingScript & pendingScript={...})  Line 144	C++
 	WebKit.dll!WebCore::HTMLScriptRunner::executeParsingBlockingScript()  Line 124	C++
 	WebKit.dll!WebCore::HTMLScriptRunner::executeParsingBlockingScripts()  Line 204	C++
 	WebKit.dll!WebCore::HTMLScriptRunner::executeScriptsWaitingForStylesheets()  Line 226	C++
 	WebKit.dll!WebCore::HTMLDocumentParser::executeScriptsWaitingForStylesheets()  Line 483 + 0x15 bytes	C++
 	WebKit.dll!WebCore::Document::removePendingSheet()  Line 2790 + 0xf bytes	C++
 	WebKit.dll!WebCore::HTMLLinkElement::sheetLoaded()  Line 342	C++
 	WebKit.dll!WebCore::CSSStyleSheet::checkLoaded()  Line 214 + 0x29 bytes	C++
 	WebKit.dll!WebCore::CSSImportRule::setCSSStyleSheet(const WTF::String & href={...}, const WebCore::KURL & baseURL={m_impl=0x093ce8d8 {m_data=0x093ce8ec "http://momjian.us/main/css/misc.css" m_buffer=0x00000000 m_substringBuffer=0x00000000 ...} }, const WTF::String & charset={...}, const WebCore::CachedCSSStyleSheet * sheet=0x095f9d78)  Line 104 + 0xf bytes	C++
 	WebKit.dll!WebCore::CachedCSSStyleSheet::checkNotify()  Line 117 + 0x4f bytes	C++
 	WebKit.dll!WebCore::CachedCSSStyleSheet::data(WTF::PassRefPtr<WebCore::SharedBuffer> data={...}, bool allDataReceived=true)  Line 107	C++
 	WebKit.dll!WebCore::Loader::Host::didFinishLoading(WebCore::SubresourceLoader * loader=0x095137a0)  Line 422	C++
 	WebKit.dll!WebCore::SubresourceLoader::didFinishLoading(double finishTime=0.00000000000000000)  Line 181 + 0x1f bytes	C++
 	WebKit.dll!WebCore::ResourceLoader::didFinishLoading(WebCore::ResourceHandle * __formal=0x093a5a08, double finishTime=0.00000000000000000)  Line 421 + 0x18 bytes	C++
 	WebKit.dll!WebCore::didFinishLoading(_CFURLConnection * conn=0x092a2b90, const void * clientInfo=0x093a5a08)  Line 244 + 0x26 bytes	C++

<rdar://problem/8620060>

There were a number of follow on fixes to strict mode that landed not long after the original support landed.  As I can no longer repro this crash I suspect that this was one of them.