WebKit Bugzilla
New
Browse
Log In
×
Sign in with GitHub
or
Remember my login
Create Account
·
Forgot Password
Forgotten password account recovery
RESOLVED FIXED
134849
Web Inspector: Crash when using a stale InspectableNode Node
https://bugs.webkit.org/show_bug.cgi?id=134849
Summary
Web Inspector: Crash when using a stale InspectableNode Node
Joseph Pecoraro
Reported
2014-07-11 16:57:45 PDT
InspectableNode has a weak pointer to a Node. It should have a RefPtr to prevent it from getting stale out from under it. Crashed Thread: 0 Dispatch queue: com.apple.main-thread Exception Type: EXC_BAD_ACCESS (SIGSEGV) Exception Codes: KERN_INVALID_ADDRESS at 0x000000003394e57b Thread 0 Crashed:: Dispatch queue: com.apple.main-thread 0 com.apple.WebCore 0x00007fff83201b94 WebCore::InspectorDOMAgent::nodeAsScriptValue(JSC::ExecState*, WebCore::Node*) + 132 1 com.apple.WebCore 0x00007fff8362dc18 WebCore::InspectableNode::get(JSC::ExecState*) + 24 2 com.apple.WebCore 0x00007fff832a0414 WebCore::JSCommandLineAPIHost::inspectedObject(JSC::ExecState*) + 164 3 ??? 0x0000228e27e01034 0 + 37993949696052 4 com.apple.JavaScriptCore 0x00007fff8d22b4ae llint_entry + 22744 5 com.apple.JavaScriptCore 0x00007fff8d22b678 llint_entry + 23202 6 com.apple.JavaScriptCore 0x00007fff8d2259b1 callToJavaScript + 311 ... * STEPS TO REPRODUCE 1. Inspect attached [crash-reduction.html] 2. Show DOM Tree 3. Expand <body> 4. Select the <h1> (it will be deleted in a second) 5. Trigger a garbage collection 6. js> $1 => CRASH <
rdar://problem/14540951
>
Attachments
[PATCH] Proposed Fix
(1.28 KB, patch)
2014-07-11 16:59 PDT
,
Joseph Pecoraro
no flags
Details
Formatted Diff
Diff
View All
Add attachment
proposed patch, testcase, etc.
Joseph Pecoraro
Comment 1
2014-07-11 16:59:15 PDT
Created
attachment 234792
[details]
[PATCH] Proposed Fix If needed I could probably create a test for this.
WebKit Commit Bot
Comment 2
2014-07-11 18:49:34 PDT
Comment on
attachment 234792
[details]
[PATCH] Proposed Fix Clearing flags on attachment: 234792 Committed
r171018
: <
http://trac.webkit.org/changeset/171018
>
WebKit Commit Bot
Comment 3
2014-07-11 18:49:36 PDT
All reviewed patches have been landed. Closing bug.
Note
You need to
log in
before you can comment on or make changes to this bug.
Top of Page
Format For Printing
XML
Clone This Bug