Bug 138749 - Crash under WebCore::TimerBase::heapDeleteMin()
Summary: Crash under WebCore::TimerBase::heapDeleteMin()
Status: RESOLVED DUPLICATE of bug 137009
Alias: None
Product: WebKit
Classification: Unclassified
Component: WebCore Misc. (show other bugs)
Version: 528+ (Nightly build)
Hardware: iPhone / iPad iOS 8.1
: P2 Major
Assignee: Nobody
Keywords: InRadar
Depends on:
Reported: 2014-11-14 11:36 PST by Stuart Morgan
Modified: 2014-11-30 14:25 PST (History)
1 user (show)

See Also:


Note You need to log in before you can comment on or make changes to this bug.
Description Stuart Morgan 2014-11-14 11:36:24 PST
A significant number of UIWebView crashes in Chrome for iOS look like this:

0x00000001936dd1b0	[WebCore + 0x000291b0 ]	void std::__1::__push_heap_front<WebCore::TimerHeapLessThanFunction&, WebCore::TimerHeapIterator>(WebCore::TimerHeapIterator, WebCore::TimerHeapIterator, WebCore::TimerHeapLessThanFunction&, std::__1::iterator_traits<WebCore::TimerHeapIterator>::difference_type)
0x00000001936dd0c4	[WebCore + 0x000290c4 ]	WebCore::TimerBase::heapDeleteMin()
0x00000001936dcf50	[WebCore + 0x00028f50 ]	WebCore::ThreadTimers::sharedTimerFiredInternal()
0x00000001936dcec0	[WebCore + 0x00028ec0 ]	WebCore::timerFired(__CFRunLoopTimer*, void*)
0x0000000185c91fd0	[CoreFoundation + 0x000ddfd0 ]	__CFRUNLOOP_IS_CALLING_OUT_TO_A_TIMER_CALLBACK_FUNCTION__
0x0000000185c91c80	[CoreFoundation + 0x000ddc80 ]	__CFRunLoopDoTimer
0x0000000185c8f6cc	[CoreFoundation + 0x000db6cc ]	__CFRunLoopRun
0x0000000185bbd1f0	[CoreFoundation + 0x000091f0 ]	CFRunLoopRunSpecific
0x0000000193763fe8	[WebCore + 0x000affe8 ]	RunWebThread(void*)
0x0000000196befe7c	[libsystem_pthread.dylib + 0x00003e7c ]	_pthread_body
0x0000000196befdd8	[libsystem_pthread.dylib + 0x00003dd8 ]	_pthread_start
0x0000000196becfac	[libsystem_pthread.dylib + 0x00000fac ]	thread_start

Unfortunately these are coming from automated reports, and we don't have repro steps. Is there any information we could gather from aggregated reports that could help pinpoint this?

Note that this is also filed as rdar//16068939
Comment 1 Alexey Proskuryakov 2014-11-19 13:09:36 PST
Please let us know once you have crash data from iOS 8.1.1. Bug 137009 may have addressed a portion of these crashes (or even all of them, if we are lucky).
Comment 2 Stuart Morgan 2014-11-19 15:43:40 PST
We don't have much data yet, but so far none of our 8.1.1 crashes seem to have heapDeleteMin, which is a good sign. I'll update at the beginning of next week when we've had time to collect more data.
Comment 3 Stuart Morgan 2014-11-21 10:07:51 PST
Still 0 hits on anything with WebCore::TimerBase::heapDeleteMin in the stack for 8.1.1; I think we have enough data that we can call this fixed. Thanks!
Comment 4 Alexey Proskuryakov 2014-11-30 14:25:42 PST
Great! I'll call this a duplicate of bug 137009 then.

*** This bug has been marked as a duplicate of bug 137009 ***