RESOLVED FIXED 120666
Crash beneath JITCode::execute @ http://www.telegraaf.nl/dft/ 
https://bugs.webkit.org/show_bug.cgi?id=120666
Summary Crash beneath JITCode::execute @ http://www.telegraaf.nl/dft/
Vincent
Reported 2013-09-04 01:25:45 PDT
Safari crashes if I try to load http://www.telegraaf.nl/dft/
Attachments
Add attachment proposed patch, testcase, etc.
zalan
Comment 1 2013-09-04 04:56:30 PDT
#0 0x000055e98324e274 in ?? () #1 0x0000000108161647 in JSC::JITCode::execute (this=0x7ffb1238eca0, stack=0x7ffb0bc35a98, callFrame=0x114829058, vm=0x7ffb0e00f800) at /Users/zalan/Opensource/Source/JavaScriptCore/jit/JITCode.cpp:46 #2 0x00000001081445a8 in JSC::Interpreter::execute (this=0x7ffb0bc35a80, program=0x1114dae70, callFrame=0x1113df9e0, thisObj=0x10fc3ffd8) at /Users/zalan/Opensource/Source/JavaScriptCore/interpreter/Interpreter.cpp:849 #3 0x0000000107f1a811 in JSC::evaluate (exec=0x1113df9e0, source=@0x7fff59507498, thisValue={u = {asInt64 = 4559470552, ptr = 0x10fc3ffd8, asBits = {payload = 264503256, tag = 1}}}, returnedException=0x7fff59507288) at /Users/zalan/Opensource/Source/JavaScriptCore/runtime/Completion.cpp:83 #4 0x0000000109f4b5f2 in WebCore::JSMainThreadExecState::evaluate (exec=0x1113df9e0, source=@0x7fff59507498, thisValue={u = {asInt64 = 4559470552, ptr = 0x10fc3ffd8, asBits = {payload = 264503256, tag = 1}}}, exception=0x7fff59507288) at JSMainThreadExecState.h:74 #5 0x000000010a7526fc in WebCore::ScriptController::evaluateInWorld (this=0x7ffb0bc1c220, sourceCode=@0x7fff59507490, world=0x7ffb0bc38180) at /Users/zalan/Opensource/Source/WebCore/bindings/js/ScriptController.cpp:142 #6 0x000000010a752844 in WebCore::ScriptController::evaluate (this=0x7ffb0bc1c220, sourceCode=@0x7fff59507490) at /Users/zalan/Opensource/Source/WebCore/bindings/js/ScriptController.cpp:158 #7 0x000000010a76a03a in WebCore::ScriptElement::executeScript (this=0x7ffb12396778, sourceCode=@0x7fff59507490) at /Users/zalan/Opensource/Source/WebCore/dom/ScriptElement.cpp:317 #8 0x000000010a768d70 in WebCore::ScriptElement::prepareScript (this=0x7ffb12396778, scriptStartPosition=@0x7fff59507760, supportLegacyTypes=WebCore::ScriptElement::DisallowLegacyTypeInTypeAttribute) at /Users/zalan/Opensource/Source/WebCore/dom/ScriptElement.cpp:246 #9 0x0000000109ad4f19 in WebCore::HTMLScriptRunner::runScript (this=0x7ffb0bc42320, script=0x7ffb12396710, scriptStartPosition=@0x7fff59507760) at /Users/zalan/Opensource/Source/WebCore/html/parser/HTMLScriptRunner.cpp:312 #10 0x0000000109ad4d29 in WebCore::HTMLScriptRunner::execute (this=0x7ffb0bc42320, scriptElement=@0x7fff59507748, scriptStartPosition=@0x7fff59507760) at /Users/zalan/Opensource/Source/WebCore/html/parser/HTMLScriptRunner.cpp:181 #11 0x0000000109a36cfa in WebCore::HTMLDocumentParser::runScriptsForPausedTreeBuilder (this=0x7ffb0bc439d0) at /Users/zalan/Opensource/Source/WebCore/html/parser/HTMLDocumentParser.cpp:271 #12 0x0000000109a36e38 in WebCore::HTMLDocumentParser::canTakeNextToken (this=0x7ffb0bc439d0, mode=WebCore::HTMLDocumentParser::AllowYield, session=@0x7fff595078f8) at /Users/zalan/Opensource/Source/WebCore/html/parser/HTMLDocumentParser.cpp:290 #13 0x0000000109a364ed in WebCore::HTMLDocumentParser::pumpTokenizer (this=0x7ffb0bc439d0, mode=WebCore::HTMLDocumentParser::AllowYield) at /Users/zalan/Opensource/Source/WebCore/html/parser/HTMLDocumentParser.cpp:535 #14 0x0000000109a36039 in WebCore::HTMLDocumentParser::pumpTokenizerIfPossible (this=0x7ffb0bc439d0, mode=WebCore::HTMLDocumentParser::AllowYield) at /Users/zalan/Opensource/Source/WebCore/html/parser/HTMLDocumentParser.cpp:235 #15 0x0000000109a37a29 in WebCore::HTMLDocumentParser::resumeParsingAfterScriptExecution (this=0x7ffb0bc439d0) at /Users/zalan/Opensource/Source/WebCore/html/parser/HTMLDocumentParser.cpp:903 #16 0x0000000109a37daf in WebCore::HTMLDocumentParser::notifyFinished (this=0x7ffb0bc439d0, cachedResource=0x7ffb0eca3c10) at /Users/zalan/Opensource/Source/WebCore/html/parser/HTMLDocumentParser.cpp:943 #17 0x0000000109a37e0f in non-virtual thunk to WebCore::HTMLDocumentParser::notifyFinished(WebCore::CachedResource*) (this=0x7ffb0bc43a00, cachedResource=0x7ffb0eca3c10) at /Users/zalan/Opensource/Source/WebCore/html/parser/HTMLDocumentParser.cpp:944 #18 0x000000010933036d in WebCore::CachedResource::checkNotify (this=0x7ffb0eca3c10) at /Users/zalan/Opensource/Source/WebCore/loader/cache/CachedResource.cpp:369 #19 0x0000000109330484 in WebCore::CachedResource::finishLoading (this=0x7ffb0eca3c10) at /Users/zalan/Opensource/Source/WebCore/loader/cache/CachedResource.cpp:385 #20 0x0000000109348aa9 in WebCore::CachedScript::finishLoading (this=0x7ffb0eca3c10, data=0x7ffb0bc4d190) at /Users/zalan/Opensource/Source/WebCore/loader/cache/CachedScript.cpp:89 #21 0x000000010a8e123b in WebCore::SubresourceLoader::didFinishLoading (this=0x7ffb0b0bc400, finishTime=0) at /Users/zalan/Opensource/Source/WebCore/loader/SubresourceLoader.cpp:282 #22 0x000000010a709585 in WebCore::ResourceLoader::didFinishLoading (this=0x7ffb0b0bc400, finishTime=0) at /Users/zalan/Opensource/Source/WebCore/loader/ResourceLoader.cpp:488 #23 0x000000010aaf019a in -[WebCoreResourceHandleAsDelegate connectionDidFinishLoading:] (self=0x7ffb0eca3110, _cmd=0x7fff92b820a4, connection=0x7ffb0eca2b00) at /Users/zalan/Opensource/Source/WebCore/platform/network/mac/WebCoreResourceHandleAsDelegate.mm:233 #24 0x00007fff8c467d88 in __65-[NSURLConnectionInternal _withConnectionAndDelegate:onlyActive:]_block_invoke_0 () #25 0x00007fff8c467ccc in -[NSURLConnectionInternal _withConnectionAndDelegate:onlyActive:] () #26 0x00007fff8c467bc8 in -[NSURLConnectionInternal _withActiveConnectionAndDelegate:] () #27 0x00007fff8f746091 in ___delegate_didFinishLoading_block_invoke_0 () #28 0x00007fff8f73854a in ___withDelegateAsync_block_invoke_0 () #29 0x00007fff8f7c8f3a in __block_global_1 () #30 0x00007fff865c5154 in CFArrayApplyFunction () #31 0x00007fff8f7292b4 in RunloopBlockContext::perform () #32 0x00007fff8f72918b in MultiplexerSource::perform () #33 0x00007fff865a6b31 in __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ () #34 0x00007fff865a6455 in __CFRunLoopDoSources0 () #35 0x00007fff865c97f5 in __CFRunLoopRun () #36 0x00007fff865c90e2 in CFRunLoopRunSpecific () #37 0x00007fff8ff6aeb4 in RunCurrentEventLoopInMode () #38 0x00007fff8ff6ac52 in ReceiveNextEventCommon () #39 0x00007fff8ff6aae3 in BlockUntilNextEventMatchingListInMode () #40 0x00007fff8a9fb533 in _DPSNextEvent () #41 0x00007fff8a9fadf2 in -[NSApplication nextEventMatchingMask:untilDate:inMode:dequeue:] () #42 0x00007fff8a9f21a3 in -[NSApplication run] () #43 0x000000010a738612 in WebCore::RunLoop::run ()
Geoffrey Garen
Comment 2 2013-09-04 10:56:00 PDT
<rdar://problem/14908896>
Geoffrey Garen
Comment 3 2014-01-27 14:12:32 PST
I could not reproduce a crash as of r162850.
Note You need to log in before you can comment on or make changes to this bug.