WebKit Bugzilla
New
Browse
Log In
×
Sign in with GitHub
or
Remember my login
Create Account
·
Forgot Password
Forgotten password account recovery
RESOLVED DUPLICATE of
bug 105986
105987
[Mac] svg/dynamic-updates/SVGFEMorphologyElement-dom*-in-attr.html intermittently asserts in SharedBuffer::releasePurgeableBuffer()
https://bugs.webkit.org/show_bug.cgi?id=105987
Summary
[Mac] svg/dynamic-updates/SVGFEMorphologyElement-dom*-in-attr.html intermitte...
Ryosuke Niwa
Reported
2013-01-02 19:18:48 PST
http://test-results.appspot.com/dashboards/flakiness_dashboard.html#group=%40ToT%20-%20webkit.org&tests=svg%2Fdynamic-updates%2FSVGFEMorphologyElement-dom-in-attr.html
http://build.webkit.org/results/Apple%20MountainLion%20Debug%20WK2%20(Tests)/r138686%20(5395)/svg/dynamic-updates/SVGFEMorphologyElement-dom-in-attr-crash-log.txt
Thread 0 Crashed:: Dispatch queue: com.apple.main-thread 0 com.apple.WebCore 0x000000011039f075 WebCore::SharedBuffer::releasePurgeableBuffer() + 101 (SharedBuffer.cpp:251) 1 com.apple.WebCore 0x00000001102902c6 WebCore::ResourceBuffer::releasePurgeableBuffer() + 54 (ResourceBuffer.cpp:119) 2 com.apple.WebCore 0x000000010ee7bad3 WebCore::CachedResource::makePurgeable(bool) + 451 (CachedResource.cpp:827) 3 com.apple.WebCore 0x000000010ee6e2cb WebCore::CachedImage::destroyDecodedData() + 283 (CachedImage.cpp:423) 4 com.apple.WebCore 0x000000010fe739f9 WebCore::MemoryCache::pruneDeadResourcesToSize(unsigned int) + 713 (MemoryCache.cpp:321) 5 com.apple.WebCore 0x000000010fe7371b WebCore::MemoryCache::pruneDeadResources() + 123 (MemoryCache.cpp:265) 6 com.apple.WebCore 0x000000010fe73f92 WebCore::MemoryCache::prune() + 82 (MemoryCache.cpp:762) 7 com.apple.WebCore 0x000000010ee7a6ee WebCore::CachedResource::removeClient(WebCore::CachedResourceClient*) + 606 (CachedResource.cpp:541) 8 com.apple.WebCore 0x00000001105608ce WebCore::SVGFEImageElement::clearResourceReferences() + 94 (SVGFEImageElement.cpp:74) 9 com.apple.WebCore 0x000000011056072a WebCore::SVGFEImageElement::~SVGFEImageElement() + 106 (SVGFEImageElement.cpp:69) 10 com.apple.WebCore 0x00000001105605f5 WebCore::SVGFEImageElement::~SVGFEImageElement() + 21 (SVGFEImageElement.cpp:69) 11 com.apple.WebCore 0x00000001105605c9 WebCore::SVGFEImageElement::~SVGFEImageElement() + 25 (SVGFEImageElement.cpp:67) 12 com.apple.WebCore 0x000000010ef28f8b void WebCore::removeAllChildrenInContainer<WebCore::Node, WebCore::ContainerNode>(WebCore::ContainerNode*) + 283 (ContainerNodeAlgorithms.h:105) 13 com.apple.WebCore 0x000000010ef240a5 WebCore::ContainerNode::removeAllChildren() + 21 (ContainerNode.cpp:95) 14 com.apple.WebCore 0x000000010f136af0 WebCore::Document::removedLastRef() + 448 (Document.cpp:710) 15 com.apple.WebCore 0x000000010fecd662 WebCore::Node::removedLastRef() + 50 (Node.cpp:2579) 16 com.apple.WebCore 0x000000010ed27bef WebCore::TreeShared<WebCore::Node, WebCore::ContainerNode>::deref() + 479 (TreeShared.h:83) 17 com.apple.WebCore 0x000000010f9eb076 WebCore::JSNode::releaseImpl() + 38 (JSNode.h:69) 18 com.apple.WebCore 0x000000010fb0bc06 WebCore::JSNodeOwner::finalize(JSC::Handle<JSC::Unknown>, void*) + 102 (JSNodeCustom.cpp:142) 19 com.apple.JavaScriptCore 0x000000010e11d984 JSC::WeakBlock::finalize(JSC::WeakImpl*) + 212 (WeakSetInlines.h:53) 20 com.apple.JavaScriptCore 0x000000010e11d29e JSC::WeakBlock::sweep() + 158 (WeakBlock.cpp:77) 21 com.apple.JavaScriptCore 0x000000010e11dcd0 JSC::WeakSet::sweep() + 64 (WeakSet.cpp:46) 22 com.apple.JavaScriptCore 0x000000010dff7f78 JSC::MarkedBlock::sweep(JSC::MarkedBlock::SweepMode) + 40 (MarkedBlock.cpp:112) 23 com.apple.JavaScriptCore 0x000000010e11b685 JSC::MarkedAllocator::tryAllocateHelper(unsigned long) + 85 (MarkedAllocator.cpp:34) 24 com.apple.JavaScriptCore 0x000000010e11a7c9 JSC::MarkedAllocator::tryAllocate(unsigned long) + 137 (MarkedAllocator.cpp:66) 25 com.apple.JavaScriptCore 0x000000010e11a1d8 JSC::MarkedAllocator::allocateSlowCase(unsigned long) + 232 (MarkedAllocator.cpp:82) 26 com.apple.JavaScriptCore 0x000000010dd1f59b JSC::MarkedAllocator::allocate(unsigned long) + 75 (MarkedAllocator.h:78) 27 com.apple.JavaScriptCore 0x000000010dd34819 JSC::MarkedSpace::allocateWithNormalDestructor(unsigned long) + 41 (MarkedSpace.h:220) 28 com.apple.JavaScriptCore 0x000000010dd347dd JSC::Heap::allocateWithNormalDestructor(unsigned long) + 141 (Heap.h:402) 29 com.apple.JavaScriptCore 0x000000010df953c9 void* JSC::allocateCell<JSC::FunctionPrototype>(JSC::Heap&, unsigned long) + 233 (JSCell.h:318) 30 com.apple.JavaScriptCore 0x000000010df952cf void* JSC::allocateCell<JSC::FunctionPrototype>(JSC::Heap&) + 31 (JSCell.h:328) 31 com.apple.JavaScriptCore 0x000000010df8bc35 JSC::FunctionPrototype::create(JSC::ExecState*, JSC::JSGlobalObject*, JSC::Structure*) + 37 (FunctionPrototype.h:34) 32 com.apple.JavaScriptCore 0x000000010df862fe JSC::JSGlobalObject::reset(JSC::JSValue) + 190 (JSGlobalObject.cpp:203) 33 com.apple.JavaScriptCore 0x000000010df861fe JSC::JSGlobalObject::init(JSC::JSObject*) + 254 (JSGlobalObject.cpp:150) 34 com.apple.WebCore 0x000000010f914428 JSC::JSGlobalObject::finishCreation(JSC::JSGlobalData&, JSC::JSObject*) + 120 (JSGlobalObject.h:218) 35 com.apple.WebCore 0x000000010f913e8a WebCore::JSDOMGlobalObject::finishCreation(JSC::JSGlobalData&, JSC::JSObject*) + 58 (JSDOMGlobalObject.cpp:65) 36 com.apple.WebCore 0x000000010f9773f8 WebCore::JSDOMWindowBase::finishCreation(JSC::JSGlobalData&, WebCore::JSDOMWindowShell*) + 72 (JSDOMWindowBase.cpp:65) 37 com.apple.WebCore 0x000000010f980504 WebCore::JSDOMWindow::create(JSC::JSGlobalData&, JSC::Structure*, WTF::PassRefPtr<WebCore::DOMWindow>, WebCore::JSDOMWindowShell*) + 164 (JSDOMWindow.h:41) 38 com.apple.WebCore 0x000000010f97ff87 WebCore::JSDOMWindowShell::setWindow(WTF::PassRefPtr<WebCore::DOMWindow>) + 359 (JSDOMWindowShell.cpp:75) 39 com.apple.WebCore 0x00000001102f0183 WebCore::ScriptController::clearWindowShell(WebCore::DOMWindow*, bool) + 323 (ScriptController.cpp:188) 40 com.apple.WebCore 0x000000010f45ad89 WebCore::FrameLoader::clear(WebCore::Document*, bool, bool, bool) + 425 (FrameLoader.cpp:568) 41 com.apple.WebCore 0x000000010f1c1833 WebCore::DocumentWriter::begin(WebCore::KURL const&, bool, WebCore::Document*) + 499 (DocumentWriter.cpp:135) 42 com.apple.WebCore 0x000000010f18f58a WebCore::DocumentLoader::commitData(char const*, unsigned long) + 106 (DocumentLoader.cpp:325) 43 com.apple.WebCore 0x000000010f18f21e WebCore::DocumentLoader::finishedLoading() + 110 (DocumentLoader.cpp:292) 44 com.apple.WebCore 0x000000010f191b2b WebCore::DocumentLoader::maybeLoadEmpty() + 875 (DocumentLoader.cpp:870) 45 com.apple.WebCore 0x000000010f191c1f WebCore::DocumentLoader::startLoadingMainResource() + 191 (DocumentLoader.cpp:880) 46 com.apple.WebCore 0x000000010f463df9 WebCore::FrameLoader::continueLoadAfterWillSubmitForm() + 185 (FrameLoader.cpp:2218) 47 com.apple.WebCore 0x000000010f46058f WebCore::FrameLoader::continueLoadAfterNavigationPolicy(WebCore::ResourceRequest const&, WTF::PassRefPtr<WebCore::FormState>, bool) + 991 (FrameLoader.cpp:2819) 48 com.apple.WebCore 0x000000010f4605f7 WebCore::FrameLoader::callContinueLoadAfterNavigationPolicy(void*, WebCore::ResourceRequest const&, WTF::PassRefPtr<WebCore::FormState>, bool) + 87 (FrameLoader.cpp:2688) 49 com.apple.WebCore 0x000000010ff6e97c WebCore::PolicyCallback::call(bool) + 140 (PolicyCallback.cpp:103) 50 com.apple.WebCore 0x000000010ff6f57c WebCore::PolicyChecker::continueAfterNavigationPolicy(WebCore::PolicyAction) + 652 (PolicyChecker.cpp:167) 51 com.apple.WebKit2 0x000000010cb62ed3 WebKit::WebFrameLoaderClient::dispatchDecidePolicyForNavigationAction(void (WebCore::PolicyChecker::*)(WebCore::PolicyAction), WebCore::NavigationAction const&, WebCore::ResourceRequest const&, WTF::PassRefPtr<WebCore::FormState>) + 691 (WebFrameLoaderClient.cpp:716) 52 com.apple.WebCore 0x000000010ff6f29c WebCore::PolicyChecker::checkNavigationPolicy(WebCore::ResourceRequest const&, WebCore::DocumentLoader*, WTF::PassRefPtr<WebCore::FormState>, void (*)(void*, WebCore::ResourceRequest const&, WTF::PassRefPtr<WebCore::FormState>, bool), void*) + 956 (PolicyChecker.cpp:88) 53 com.apple.WebCore 0x000000010f45ffc5 WebCore::FrameLoader::loadWithDocumentLoader(WebCore::DocumentLoader*, WebCore::FrameLoadType, WTF::PassRefPtr<WebCore::FormState>) + 1477 (FrameLoader.cpp:1397) 54 com.apple.WebCore 0x000000010f45d672 WebCore::FrameLoader::load(WebCore::DocumentLoader*) + 450 (FrameLoader.cpp:1339) 55 com.apple.WebCore 0x000000010f45f9b7 WebCore::FrameLoader::load(WebCore::FrameLoadRequest const&) + 1207 (FrameLoader.cpp:1289) 56 com.apple.WebKit2 0x000000010cbc1afa WebKit::WebPage::loadURLRequest(WebCore::ResourceRequest const&, WebKit::SandboxExtension::Handle const&) + 266 (WebPage.cpp:841) 57 com.apple.WebKit2 0x000000010cbc19c2 WebKit::WebPage::loadURL(WTF::String const&, WebKit::SandboxExtension::Handle const&) + 114 (WebPage.cpp:833) 58 com.apple.WebKit2 0x000000010cc04ed5 void CoreIPC::callMemberFunction<WebKit::WebPage, void (WebKit::WebPage::*)(WTF::String const&, WebKit::SandboxExtension::Handle const&), WTF::String, WebKit::SandboxExtension::Handle>(CoreIPC::Arguments2<WTF::String, WebKit::SandboxExtension::Handle> const&, WebKit::WebPage*, void (WebKit::WebPage::*)(WTF::String const&, WebKit::SandboxExtension::Handle const&)) + 149 (HandleMessage.h:28) 59 com.apple.WebKit2 0x000000010cbf8e69 void CoreIPC::handleMessage<Messages::WebPage::LoadURL, WebKit::WebPage, void (WebKit::WebPage::*)(WTF::String const&, WebKit::SandboxExtension::Handle const&)>(CoreIPC::MessageDecoder&, WebKit::WebPage*, void (WebKit::WebPage::*)(WTF::String const&, WebKit::SandboxExtension::Handle const&)) + 121 (HandleMessage.h:323) 60 com.apple.WebKit2 0x000000010cbf383e WebKit::WebPage::didReceiveWebPageMessage(CoreIPC::Connection*, CoreIPC::MessageID, CoreIPC::MessageDecoder&) + 3598 (WebPageMessageReceiver.cpp:202) 61 com.apple.WebKit2 0x000000010cbc7ead WebKit::WebPage::didReceiveMessage(CoreIPC::Connection*, CoreIPC::MessageID, CoreIPC::MessageDecoder&) + 301 (WebPage.cpp:2976) 62 com.apple.WebKit2 0x000000010cbc7efd non-virtual thunk to WebKit::WebPage::didReceiveMessage(CoreIPC::Connection*, CoreIPC::MessageID, CoreIPC::MessageDecoder&) + 61 63 com.apple.WebKit2 0x000000010cd3bd8a CoreIPC::MessageReceiverMap::dispatchMessage(CoreIPC::Connection*, CoreIPC::MessageID, CoreIPC::MessageDecoder&) + 634 (MessageReceiverMap.cpp:87) 64 com.apple.WebKit2 0x000000010cc9dc1d WebKit::WebProcess::didReceiveMessage(CoreIPC::Connection*, CoreIPC::MessageID, CoreIPC::MessageDecoder&) + 77 (WebProcess.cpp:590) 65 com.apple.WebKit2 0x000000010c9945c8 CoreIPC::Connection::dispatchMessage(CoreIPC::MessageID, CoreIPC::MessageDecoder&) + 72 (Connection.cpp:662) 66 com.apple.WebKit2 0x000000010c991a8e CoreIPC::Connection::dispatchMessage(CoreIPC::Connection::Message<CoreIPC::MessageDecoder>&) + 318 (Connection.cpp:684) 67 com.apple.WebKit2 0x000000010c99456b CoreIPC::Connection::dispatchOneMessage() + 203 (Connection.cpp:711) 68 com.apple.WebKit2 0x000000010c99be52 WTF::FunctionWrapper<void (CoreIPC::Connection::*)()>::operator()(CoreIPC::Connection*) + 114 (Functional.h:173) 69 com.apple.WebKit2 0x000000010c99bdd5 WTF::BoundFunctionImpl<WTF::FunctionWrapper<void (CoreIPC::Connection::*)()>, void (CoreIPC::Connection*)>::operator()() + 53 (Functional.h:405) 70 com.apple.WebCore 0x00000001102d1e39 WTF::Function<void ()>::operator()() const + 137 (Functional.h:613) 71 com.apple.WebCore 0x00000001102d1b3b WebCore::RunLoop::performWork() + 395 (RunLoop.cpp:89) 72 com.apple.WebCore 0x00000001102d2f8e WebCore::RunLoop::performWork(void*) + 62 (RunLoopCF.cpp:66) 73 com.apple.CoreFoundation 0x00007fff8dedf101 __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ + 17 74 com.apple.CoreFoundation 0x00007fff8dedea25 __CFRunLoopDoSources0 + 245 75 com.apple.CoreFoundation 0x00007fff8df01dc5 __CFRunLoopRun + 789 76 com.apple.CoreFoundation 0x00007fff8df016b2 CFRunLoopRunSpecific + 290 77 com.apple.HIToolbox 0x00007fff867b00a4 RunCurrentEventLoopInMode + 209 78 com.apple.HIToolbox 0x00007fff867afe42 ReceiveNextEventCommon + 356 79 com.apple.HIToolbox 0x00007fff867afcd3 BlockUntilNextEventMatchingListInMode + 62 80 com.apple.AppKit 0x00007fff897ba613 _DPSNextEvent + 685 81 com.apple.AppKit 0x00007fff897b9ed2 -[NSApplication nextEventMatchingMask:untilDate:inMode:dequeue:] + 128 82 com.apple.AppKit 0x00007fff897b1283 -[NSApplication run] + 517 83 com.apple.WebCore 0x00000001102d3bec WebCore::RunLoop::run() + 92 (RunLoopMac.mm:37) 84 com.apple.WebKit2 0x000000010ccb85b3 WebKit::WebProcessMain(WebKit::CommandLine const&) + 4451 (WebProcessMainMac.mm:187) 85 com.apple.WebKit2 0x000000010cba2fd9 WebKitMain(WebKit::CommandLine const&) + 201 (WebKitMain.cpp:58) 86 com.apple.WebKit2 0x000000010cba2ee9 WebKitMain + 153 (WebKitMain.cpp:88) 87 com.apple.WebProcess 0x000000010c929da2 main + 274 88 libdyld.dylib 0x00007fff8f4327e1 start + 1
Attachments
Add attachment
proposed patch, testcase, etc.
Ryosuke Niwa
Comment 1
2013-01-02 19:19:13 PST
Also see
http://webkit.org/b/105986
.
Ryosuke Niwa
Comment 2
2013-01-02 19:25:51 PST
Added a flaky crash expectation in
http://trac.webkit.org/changeset/138694
.
Ryosuke Niwa
Comment 3
2013-01-02 21:39:52 PST
Apparently this is also reproducible on WebKit1:
http://build.webkit.org/results/Apple%20MountainLion%20Debug%20WK1%20(Tests)/r138694%20(4263)/svg/dynamic-updates/SVGFEMorphologyElement-dom-radius-attr-crash-log.txt
Thread 0 Crashed:: Dispatch queue: com.apple.main-thread 0 com.apple.WebCore 0x0000000104258fb5 WebCore::SharedBuffer::releasePurgeableBuffer() + 101 (SharedBuffer.cpp:251) 1 com.apple.WebCore 0x000000010414a206 WebCore::ResourceBuffer::releasePurgeableBuffer() + 54 (ResourceBuffer.cpp:119) 2 com.apple.WebCore 0x0000000102d35853 WebCore::CachedResource::makePurgeable(bool) + 451 (CachedResource.cpp:827) 3 com.apple.WebCore 0x0000000102d2804b WebCore::CachedImage::destroyDecodedData() + 283 (CachedImage.cpp:423) 4 com.apple.WebCore 0x0000000103d2d939 WebCore::MemoryCache::pruneDeadResourcesToSize(unsigned int) + 713 (MemoryCache.cpp:321) 5 com.apple.WebCore 0x0000000103d2d65b WebCore::MemoryCache::pruneDeadResources() + 123 (MemoryCache.cpp:265) 6 com.apple.WebCore 0x0000000103d2ded2 WebCore::MemoryCache::prune() + 82 (MemoryCache.cpp:762) 7 com.apple.WebCore 0x0000000102d3446e WebCore::CachedResource::removeClient(WebCore::CachedResourceClient*) + 606 (CachedResource.cpp:541) 8 com.apple.WebCore 0x000000010441a80e WebCore::SVGFEImageElement::clearResourceReferences() + 94 (SVGFEImageElement.cpp:74) 9 com.apple.WebCore 0x000000010441a66a WebCore::SVGFEImageElement::~SVGFEImageElement() + 106 (SVGFEImageElement.cpp:69) 10 com.apple.WebCore 0x000000010441a535 WebCore::SVGFEImageElement::~SVGFEImageElement() + 21 (SVGFEImageElement.cpp:69) 11 com.apple.WebCore 0x000000010441a509 WebCore::SVGFEImageElement::~SVGFEImageElement() + 25 (SVGFEImageElement.cpp:67) 12 com.apple.WebCore 0x0000000102de2c5b void WebCore::removeAllChildrenInContainer<WebCore::Node, WebCore::ContainerNode>(WebCore::ContainerNode*) + 283 (ContainerNodeAlgorithms.h:105) 13 com.apple.WebCore 0x0000000102dddd75 WebCore::ContainerNode::removeAllChildren() + 21 (ContainerNode.cpp:95) 14 com.apple.WebCore 0x0000000102ff07c0 WebCore::Document::removedLastRef() + 448 (Document.cpp:710) 15 com.apple.WebCore 0x0000000103d875a2 WebCore::Node::removedLastRef() + 50 (Node.cpp:2579) 16 com.apple.WebCore 0x0000000102be196f WebCore::TreeShared<WebCore::Node, WebCore::ContainerNode>::deref() + 479 (TreeShared.h:83) 17 com.apple.WebCore 0x0000000102be177b void WTF::derefIfNotNull<WebCore::Node>(WebCore::Node*) + 59 (PassRefPtr.h:54) 18 com.apple.WebCore 0x0000000102be1738 WTF::RefPtr<WebCore::Node>::~RefPtr() + 24 (RefPtr.h:56) 19 com.apple.WebCore 0x0000000102be1715 WTF::RefPtr<WebCore::Node>::~RefPtr() + 21 (RefPtr.h:56) 20 com.apple.WebCore 0x0000000102d8447b WebCore::LiveNodeListBase::~LiveNodeListBase() + 91 (LiveNodeList.h:78) 21 com.apple.WebCore 0x0000000102d843f5 WebCore::LiveNodeList::~LiveNodeList() + 21 (LiveNodeList.h:195) 22 com.apple.WebCore 0x0000000102d8423f WebCore::ChildNodeList::~ChildNodeList() + 79 (ChildNodeList.cpp:39) 23 com.apple.WebCore 0x0000000102d841e5 WebCore::ChildNodeList::~ChildNodeList() + 21 (ChildNodeList.cpp:39) 24 com.apple.WebCore 0x0000000102d841b9 WebCore::ChildNodeList::~ChildNodeList() + 25 (ChildNodeList.cpp:37) 25 com.apple.WebCore 0x0000000102be0ed3 WTF::RefCounted<WebCore::NodeList>::deref() + 83 (RefCounted.h:203) 26 com.apple.WebCore 0x00000001039d2df6 WebCore::JSNodeList::releaseImpl() + 38 (JSNodeList.h:58) 27 com.apple.WebCore 0x00000001039d1ffe WebCore::JSNodeListOwner::finalize(JSC::Handle<JSC::Unknown>, void*) + 110 (JSNodeList.cpp:266) 28 com.apple.JavaScriptCore 0x0000000101914984 JSC::WeakBlock::finalize(JSC::WeakImpl*) + 212 (WeakSetInlines.h:53) 29 com.apple.JavaScriptCore 0x000000010191429e JSC::WeakBlock::sweep() + 158 (WeakBlock.cpp:77) 30 com.apple.JavaScriptCore 0x0000000101914cd0 JSC::WeakSet::sweep() + 64 (WeakSet.cpp:46) 31 com.apple.JavaScriptCore 0x00000001017eef78 JSC::MarkedBlock::sweep(JSC::MarkedBlock::SweepMode) + 40 (MarkedBlock.cpp:112) 32 com.apple.JavaScriptCore 0x0000000101912685 JSC::MarkedAllocator::tryAllocateHelper(unsigned long) + 85 (MarkedAllocator.cpp:34) 33 com.apple.JavaScriptCore 0x00000001019117c9 JSC::MarkedAllocator::tryAllocate(unsigned long) + 137 (MarkedAllocator.cpp:66) 34 com.apple.JavaScriptCore 0x00000001019111d8 JSC::MarkedAllocator::allocateSlowCase(unsigned long) + 232 (MarkedAllocator.cpp:82) 35 com.apple.WebCore 0x0000000102d0e4eb JSC::MarkedAllocator::allocate(unsigned long) + 75 (MarkedAllocator.h:78) 36 com.apple.WebCore 0x0000000102d0ef59 JSC::MarkedSpace::allocateWithNormalDestructor(unsigned long) + 41 (MarkedSpace.h:220) 37 com.apple.WebCore 0x0000000102d0ef1d JSC::Heap::allocateWithNormalDestructor(unsigned long) + 141 (Heap.h:402) 38 com.apple.WebCore 0x00000001038d3739 void* JSC::allocateCell<WebCore::JSHTMLSpanElement>(JSC::Heap&, unsigned long) + 233 (JSCell.h:318) 39 com.apple.WebCore 0x00000001038d35df void* JSC::allocateCell<WebCore::JSHTMLSpanElement>(JSC::Heap&) + 31 (JSCell.h:328) 40 com.apple.WebCore 0x00000001038d322e WebCore::JSHTMLSpanElement::create(JSC::Structure*, WebCore::JSDOMGlobalObject*, WTF::PassRefPtr<WebCore::HTMLSpanElement>) + 46 (JSHTMLSpanElement.h:36) 41 com.apple.WebCore 0x00000001038d310d WebCore::JSDOMWrapper* WebCore::createWrapper<WebCore::JSHTMLSpanElement, WebCore::HTMLSpanElement>(JSC::ExecState*, WebCore::JSDOMGlobalObject*, WebCore::HTMLSpanElement*) + 253 (JSDOMBinding.h:192) 42 com.apple.WebCore 0x00000001038cbb98 WebCore::createHTMLSpanElementWrapper(JSC::ExecState*, WebCore::JSDOMGlobalObject*, WTF::PassRefPtr<WebCore::HTMLElement>) + 56 (JSHTMLElementWrapperFactory.cpp:591) 43 com.apple.WebCore 0x00000001038cac09 WebCore::createJSHTMLWrapper(JSC::ExecState*, WebCore::JSDOMGlobalObject*, WTF::PassRefPtr<WebCore::HTMLElement>) + 13417 (JSHTMLElementWrapperFactory.cpp:840) 44 com.apple.WebCore 0x000000010384acd3 WebCore::toJSNewlyCreated(JSC::ExecState*, WebCore::JSDOMGlobalObject*, WebCore::Element*) + 227 (JSElementCustom.cpp:63) 45 com.apple.WebCore 0x00000001037ab37e WebCore::jsDocumentPrototypeFunctionCreateElement(JSC::ExecState*) + 638 (JSDocument.cpp:2135) 46 ??? 0x000036e7ab801045 0 + 60368642641989 47 com.apple.JavaScriptCore 0x0000000101702714 JSC::JITCode::execute(JSC::JSStack*, JSC::ExecState*, JSC::JSGlobalData*) + 84 (JITCode.h:134) 48 com.apple.JavaScriptCore 0x00000001016ff19f JSC::Interpreter::execute(JSC::ProgramExecutable*, JSC::ExecState*, JSC::JSObject*) + 4735 (Interpreter.cpp:983) 49 com.apple.JavaScriptCore 0x00000001015c52e3 JSC::evaluate(JSC::ExecState*, JSC::SourceCode const&, JSC::JSValue, JSC::JSValue*) + 483 (Completion.cpp:75) 50 com.apple.WebCore 0x0000000103970722 WebCore::JSMainThreadExecState::evaluate(JSC::ExecState*, JSC::SourceCode const&, JSC::JSValue, JSC::JSValue*) + 82 (JSMainThreadExecState.h:77) 51 com.apple.WebCore 0x00000001041a9dd3 WebCore::ScriptController::evaluateInWorld(WebCore::ScriptSourceCode const&, WebCore::DOMWrapperWorld*) + 339 (ScriptController.cpp:141) 52 com.apple.WebCore 0x00000001041a9f14 WebCore::ScriptController::evaluate(WebCore::ScriptSourceCode const&) + 68 (ScriptController.cpp:158) 53 com.apple.WebCore 0x00000001041c1f9a WebCore::ScriptElement::executeScript(WebCore::ScriptSourceCode const&) + 746 (ScriptElement.cpp:304) 54 com.apple.WebCore 0x00000001041c226e WebCore::ScriptElement::execute(WebCore::CachedScript*) + 270 (ScriptElement.cpp:325) 55 com.apple.WebCore 0x00000001041d81b9 WebCore::ScriptRunner::timerFired(WebCore::Timer<WebCore::ScriptRunner>*) + 505 (ScriptRunner.cpp:122) 56 com.apple.WebCore 0x00000001041dbe43 WebCore::Timer<WebCore::ScriptRunner>::fired() + 115 (Timer.h:106) 57 com.apple.WebCore 0x000000010452d996 WebCore::ThreadTimers::sharedTimerFiredInternal() + 294 (ThreadTimers.cpp:119) 58 com.apple.WebCore 0x000000010452d729 WebCore::ThreadTimers::sharedTimerFired() + 25 (ThreadTimers.cpp:94) 59 com.apple.WebCore 0x000000010425c493 WebCore::timerFired(__CFRunLoopTimer*, void*) + 67 (SharedTimerMac.mm:167) 60 com.apple.CoreFoundation 0x00007fff8a050da4 __CFRUNLOOP_IS_CALLING_OUT_TO_A_TIMER_CALLBACK_FUNCTION__ + 20 61 com.apple.CoreFoundation 0x00007fff8a0508bd __CFRunLoopDoTimer + 557 62 com.apple.CoreFoundation 0x00007fff8a036099 __CFRunLoopRun + 1513 63 com.apple.CoreFoundation 0x00007fff8a0356b2 CFRunLoopRunSpecific + 290 64 com.apple.Foundation 0x00007fff8702389e -[NSRunLoop(NSRunLoop) runMode:beforeDate:] + 268 65 DumpRenderTree 0x0000000101261839 runTest(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&) + 5017 (DumpRenderTree.mm:1381) Updated the test expectation accordingly in
http://trac.webkit.org/changeset/138698
.
Ryosuke Niwa
Comment 4
2013-01-03 10:35:20 PST
I'm pretty certain this is a duplicate of 105986. I'm seeing more crashes in SharedBuffer::releasePurgeableBuffer:
http://build.webkit.org/results/Apple%20MountainLion%20Debug%20WK2%20(Tests)/r138709%20(5405)/results.html
*** This bug has been marked as a duplicate of
bug 105986
***
Note
You need to
log in
before you can comment on or make changes to this bug.
Top of Page
Format For Printing
XML
Clone This Bug