REOPENED 120087
Lion: fast/forms/submit-to-url-fragment.html intermittently crashes 
https://bugs.webkit.org/show_bug.cgi?id=120087
Summary Lion: fast/forms/submit-to-url-fragment.html intermittently crashes
Ryosuke Niwa
Reported 2013-08-20 13:58:48 PDT
Exception Type: EXC_BAD_ACCESS (SIGSEGV) Exception Codes: KERN_INVALID_ADDRESS at 0x00000000bbadbeef VM Regions Near 0xbbadbeef: --> __TEXT 0000000103565000-00000001035cb000 [ 408K] r-x/rwx SM=COW /Volumes/VOLUME/* Application Specific Information: CRASHING TEST: fast/forms/resources/submit-to-blank-multiple-times-form-action.html objc[41691]: garbage collection is OFF Thread 0 Crashed:: Dispatch queue: com.apple.main-thread 0 com.apple.JavaScriptCore 0x00000001039a3e2e WTFCrash + 62 (Assertions.cpp:342) 1 DumpRenderTree 0x000000010359386a -[UIDelegate webView:createWebViewWithRequest:] + 136 2 com.apple.CoreFoundation 0x00007fff897dcefc __invoking___ + 140 3 com.apple.CoreFoundation 0x00007fff897dcd94 -[NSInvocation invoke] + 132 4 com.apple.CoreFoundation 0x00007fff897dcf64 -[NSInvocation invokeWithTarget:] + 52 5 com.apple.CoreFoundation 0x00007fff897d7fa4 ___forwarding___ + 756 6 com.apple.CoreFoundation 0x00007fff897d7c38 _CF_forwarding_prep_0 + 232 7 com.apple.WebKit 0x0000000103d649a3 WebFrameLoaderClient::dispatchCreatePage(WebCore::NavigationAction const&) + 99 (WebFrameLoaderClient.mm:729) 8 com.apple.WebCore 0x00000001043548cd WebCore::FrameLoader::continueLoadAfterNewWindowPolicy(WebCore::ResourceRequest const&, WTF::PassRefPtr<WebCore::FormState>, WTF::String const&, WebCore::NavigationAction const&, bool) + 77 (FrameLoader.cpp:2905) 9 com.apple.WebCore 0x000000010434f481 WebCore::FrameLoader::callContinueLoadAfterNewWindowPolicy(void*, WebCore::ResourceRequest const&, WTF::PassRefPtr<WebCore::FormState>, WTF::String const&, WebCore::NavigationAction const&, bool) + 33 (PassRefPtr.h:67) 10 com.apple.WebCore 0x00000001048e5a48 WebCore::PolicyCallback::call(bool) + 168 (PassRefPtr.h:67) 11 com.apple.WebCore 0x00000001048e65ca WebCore::PolicyChecker::continueAfterNewWindowPolicy(WebCore::PolicyAction) + 170 (PolicyChecker.cpp:201) 12 com.apple.WebKit 0x0000000103d6995b -[WebFramePolicyListener receivedPolicyDecision:] + 91 (RefCounted.h:141) 13 com.apple.CoreFoundation 0x00007fff897dcefc __invoking___ + 140 14 com.apple.CoreFoundation 0x00007fff897dcd94 -[NSInvocation invoke] + 132 15 com.apple.CoreFoundation 0x00007fff897dcf64 -[NSInvocation invokeWithTarget:] + 52 16 com.apple.WebKit 0x0000000103dcd767 -[_WebSafeForwarder forwardInvocation:] + 87 (WebView.mm:3139) 17 com.apple.CoreFoundation 0x00007fff897d7fa4 ___forwarding___ + 756 18 com.apple.CoreFoundation 0x00007fff897d7c38 _CF_forwarding_prep_0 + 232 19 com.apple.WebKit 0x0000000103d64d0d WebFrameLoaderClient::dispatchDecidePolicyForNewWindowAction(void (WebCore::PolicyChecker::*)(WebCore::PolicyAction), WebCore::NavigationAction const&, WebCore::ResourceRequest const&, WTF::PassRefPtr<WebCore::FormState>, WTF::String const&) + 205 (RetainPtr.h:125) 20 com.apple.WebCore 0x00000001048e64dc WebCore::PolicyChecker::checkNewWindowPolicy(WebCore::NavigationAction const&, void (*)(void*, WebCore::ResourceRequest const&, WTF::PassRefPtr<WebCore::FormState>, WTF::String const&, WebCore::NavigationAction const&, bool), WebCore::ResourceRequest const&, WTF::PassRefPtr<WebCore::FormState>, WTF::String const&, void*) + 316 (PassRefPtr.h:67) 21 com.apple.WebCore 0x000000010434df5b WebCore::FrameLoader::loadURL(WebCore::KURL const&, WTF::String const&, WTF::String const&, bool, WebCore::FrameLoadType, WTF::PassRefPtr<WebCore::Event>, WTF::PassRefPtr<WebCore::FormState>) + 843 (PassRefPtr.h:67) 22 com.apple.WebCore 0x000000010434ab50 WebCore::FrameLoader::loadFrameRequest(WebCore::FrameLoadRequest const&, bool, bool, WTF::PassRefPtr<WebCore::Event>, WTF::PassRefPtr<WebCore::FormState>, WebCore::ShouldSendReferrer) + 800 (PassRefPtr.h:67) 23 com.apple.WebCore 0x000000010489c4ca WebCore::ScheduledFormSubmission::fire(WebCore::Frame*) + 202 (PassRefPtr.h:67) 24 com.apple.WebCore 0x000000010489b249 WebCore::NavigationScheduler::timerFired(WebCore::Timer<WebCore::NavigationScheduler>*) + 105 (NavigationScheduler.cpp:427) 25 com.apple.WebCore 0x0000000104c2bccf WebCore::ThreadTimers::sharedTimerFiredInternal() + 175 (ThreadTimers.cpp:132) 26 com.apple.WebCore 0x0000000104add6ba _ZN7WebCoreL10timerFiredEP16__CFRunLoopTimerPv + 58 (SharedTimerMac.mm:134) 27 com.apple.CoreFoundation 0x00007fff8979f934 __CFRUNLOOP_IS_CALLING_OUT_TO_A_TIMER_CALLBACK_FUNCTION__ + 20 28 com.apple.CoreFoundation 0x00007fff8979f486 __CFRunLoopDoTimer + 534 29 com.apple.CoreFoundation 0x00007fff8977fe11 __CFRunLoopRun + 1617 30 com.apple.CoreFoundation 0x00007fff8977f486 CFRunLoopRunSpecific + 230 31 DumpRenderTree 0x000000010357389a _ZL7runTestRKNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEEE + 1373 32 DumpRenderTree 0x00000001035730fd dumpRenderTree(int, char const**) + 1664 33 DumpRenderTree 0x0000000103573cbd main + 86 34 DumpRenderTree 0x0000000103567054 start + 52
Attachments
Add attachment proposed patch, testcase, etc.
Radar WebKit Bug Importer
Comment 1 2013-08-20 13:59:06 PDT
<rdar://problem/14788543>
Ryosuke Niwa
Comment 3 2013-08-20 14:02:17 PDT
Committed r154356: <http://trac.webkit.org/changeset/154356>
Alexey Proskuryakov
Comment 4 2013-08-20 14:11:17 PDT
Per flakiness dashboard, looks like a very recent regression.
Ryosuke Niwa
Comment 5 2013-08-20 14:14:00 PDT
Shouldn't be closing this.
Note You need to log in before you can comment on or make changes to this bug.