views:

185

answers:

1

Hi, I have a very specific web page that causes webview to crash with the Garnage Collector ON (does not crash when OFF).

Easy to reproduce: create a document base application, drop a webview, and have the following line (button perhaps).

- (void)connectSearch:(id)sender
{
 [[webView mainFrame] loadRequest:[NSURLRequest requestWithURL:[NSURL URLWithString:@"http://apple.com"]]];
}

I guess this scenario is only valid while Apple advertises their new iPad. At the bottom of the page there is two video you can watch. Click on the one on the right. When it is playing, click on the Close button (link) top left - which sends #SwapViewPreviousSelection - and that's it, it crashes.

I'm just learning about the garbage collector but I suspect something is collected that should not.

Any idea what can prevent the crash, other than turning off the garbage collector?

Thank you.

Here is what I get:

Identifier:      com.yourcompany.wb
Version:         1.0 (1)
Code Type:       X86-64 (Native)
Parent Process:  launchd [163]

Date/Time:       2010-02-15 12:26:31.069 -0500
OS Version:      Mac OS X 10.6.2 (10C540)
Report Version:  6

Interval Since Last Report:          432447 sec
Crashes Since Last Report:           7
Per-App Interval Since Last Report:  2938 sec
Per-App Crashes Since Last Report:   5
Anonymous UUID:                      CC123A77-1407-444A-9081-8A2B7C15C2B6

Exception Type:  EXC_BREAKPOINT (SIGTRAP)
Exception Codes: 0x0000000000000002, 0x0000000000000000
Crashed Thread:  0  Dispatch queue: com.apple.main-thread

Application Specific Information:
objc[70635]: garbage collection is ON

Thread 0 Crashed:  Dispatch queue: com.apple.main-thread
0   com.apple.CoreFoundation        0x00007fff82e0a788 CFRetain + 200
1   com.apple.QuartzCore            0x00007fff81677a98 -[CALayer setSublayers:] + 486
2   com.apple.WebCore               0x00007fff87c792a1 WebCore::GraphicsLayerCA::updateSublayerList() + 433
3   com.apple.WebCore               0x00007fff87c7ebd8 WebCore::GraphicsLayerCA::commitLayerChanges() + 840
4   com.apple.WebCore               0x00007fff87c7ed05 WebCore::GraphicsLayerCA::recursiveCommitChanges() + 21
5   com.apple.WebCore               0x00007fff87c7ed31 WebCore::GraphicsLayerCA::recursiveCommitChanges() + 65
6   com.apple.WebCore               0x00007fff87705296 WebCore::FrameView::paintContents(WebCore::GraphicsContext*, WebCore::IntRect const&) + 390
7   com.apple.WebKit                0x00007fff81b3d205 -[WebFrame(WebInternal) _drawRect:contentsOnly:] + 149
8   com.apple.WebKit                0x00007fff81b3ce77 -[WebHTMLView drawSingleRect:] + 455
9   com.apple.WebKit                0x00007fff81b3cc16 -[WebHTMLView drawRect:] + 566
10  com.apple.AppKit                0x00007fff8597b05e -[NSView _drawRect:clip:] + 3566
11  com.apple.AppKit                0x00007fff85978834 -[NSView _recursiveDisplayRectIfNeededIgnoringOpacity:isVisibleRect:rectIsVisibleRectForView:topView:] + 2112
12  com.apple.WebKit                0x00007fff81b3dd6b -[WebHTMLView(WebPrivate) _recursiveDisplayRectIfNeededIgnoringOpacity:isVisibleRect:rectIsVisibleRectForView:topView:] + 299
13  com.apple.AppKit                0x00007fff859791bf -[NSView _recursiveDisplayRectIfNeededIgnoringOpacity:isVisibleRect:rectIsVisibleRectForView:topView:] + 4555
14  com.apple.AppKit                0x00007fff859791bf -[NSView _recursiveDisplayRectIfNeededIgnoringOpacity:isVisibleRect:rectIsVisibleRectForView:topView:] + 4555
15  com.apple.AppKit                0x00007fff859791bf -[NSView _recursiveDisplayRectIfNeededIgnoringOpacity:isVisibleRect:rectIsVisibleRectForView:topView:] + 4555
16  com.apple.AppKit                0x00007fff859791bf -[NSView _recursiveDisplayRectIfNeededIgnoringOpacity:isVisibleRect:rectIsVisibleRectForView:topView:] + 4555
17  com.apple.AppKit                0x00007fff859791bf -[NSView _recursiveDisplayRectIfNeededIgnoringOpacity:isVisibleRect:rectIsVisibleRectForView:topView:] + 4555
18  com.apple.AppKit                0x00007fff859791bf -[NSView _recursiveDisplayRectIfNeededIgnoringOpacity:isVisibleRect:rectIsVisibleRectForView:topView:] + 4555
19  com.apple.AppKit                0x00007fff85977e17 -[NSThemeFrame _recursiveDisplayRectIfNeededIgnoringOpacity:isVisibleRect:rectIsVisibleRectForView:topView:] + 254
20  com.apple.AppKit                0x00007fff859746bf -[NSView _displayRectIgnoringOpacity:isVisibleRect:rectIsVisibleRectForView:] + 2683
21  com.apple.AppKit                0x00007fff858edf37 -[NSView displayIfNeeded] + 969
22  com.apple.AppKit                0x00007fff858e8dde _handleWindowNeedsDisplay + 678
23  com.apple.CoreFoundation        0x00007fff82e74427 __CFRunLoopDoObservers + 519
24  com.apple.CoreFoundation        0x00007fff82e502d4 __CFRunLoopRun + 468
25  com.apple.CoreFoundation        0x00007fff82e4fc2f CFRunLoopRunSpecific + 575
26  com.apple.HIToolbox             0x00007fff88192a4e RunCurrentEventLoopInMode + 333
27  com.apple.HIToolbox             0x00007fff881927b1 ReceiveNextEventCommon + 148
28  com.apple.HIToolbox             0x00007fff8819270c BlockUntilNextEventMatchingListInMode + 59
29  com.apple.AppKit                0x00007fff858be1f2 _DPSNextEvent + 708
30  com.apple.AppKit                0x00007fff858bdb41 -[NSApplication nextEventMatchingMask:untilDate:inMode:dequeue:] + 155
31  com.apple.AppKit                0x00007fff85883747 -[NSApplication run] + 395
32  com.apple.AppKit                0x00007fff8587c468 NSApplicationMain + 364
33  com.yourcompany.wb              0x0000000100001c86 main + 33 (main.m:14)
34  com.yourcompany.wb              0x0000000100001a44 start + 52

Thread 1:  Dispatch queue: com.apple.libdispatch-manager
0   libSystem.B.dylib               0x00007fff8874bbba kevent + 10
1   libSystem.B.dylib               0x00007fff8874da85 _dispatch_mgr_invoke + 154
2   libSystem.B.dylib               0x00007fff8874d75c _dispatch_queue_invoke + 185
3   libSystem.B.dylib               0x00007fff8874d286 _dispatch_worker_thread2 + 244
4   libSystem.B.dylib               0x00007fff8874cbb8 _pthread_wqthread + 353
5   libSystem.B.dylib               0x00007fff8874ca55 start_wqthread + 13

Thread 2:  JavaScriptCore: FastMalloc scavenger
0   libSystem.B.dylib               0x00007fff8876d9ee __semwait_signal + 10
1   libSystem.B.dylib               0x00007fff887717f1 _pthread_cond_wait + 1286
2   com.apple.JavaScriptCore        0x00007fff80ae62b3 WTF::TCMalloc_PageHeap::scavengerThread() + 515
3   com.apple.JavaScriptCore        0x00007fff80ae62f9 WTF::TCMalloc_PageHeap::runScavengerThread(void*) + 9
4   libSystem.B.dylib               0x00007fff8876bf8e _pthread_start + 331
5   libSystem.B.dylib               0x00007fff8876be41 thread_start + 13

Thread 3:
0   libSystem.B.dylib               0x00007fff8874c9da __workq_kernreturn + 10
1   libSystem.B.dylib               0x00007fff8874cdec _pthread_wqthread + 917
2   libSystem.B.dylib               0x00007fff8874ca55 start_wqthread + 13

Thread 4:
0   libSystem.B.dylib               0x00007fff88732e3a mach_msg_trap + 10
1   libSystem.B.dylib               0x00007fff887334ad mach_msg + 59
2   com.apple.CoreFoundation        0x00007fff82e507a2 __CFRunLoopRun + 1698
3   com.apple.CoreFoundation        0x00007fff82e4fc2f CFRunLoopRunSpecific + 575
4   com.apple.Foundation            0x00007fff800de4cf +[NSURLConnection(NSURLConnectionReallyInternal) _resourceLoadLoop:] + 297
5   com.apple.Foundation            0x00007fff8005ee99 __NSThread__main__ + 1429
6   libSystem.B.dylib               0x00007fff8876bf8e _pthread_start + 331
7   libSystem.B.dylib               0x00007fff8876be41 thread_start + 13

Thread 5:
0   libSystem.B.dylib               0x00007fff887769e2 select$DARWIN_EXTSN + 10
1   com.apple.CoreFoundation        0x00007fff82e72242 __CFSocketManager + 818
2   libSystem.B.dylib               0x00007fff8876bf8e _pthread_start + 331
3   libSystem.B.dylib               0x00007fff8876be41 thread_start + 13

Thread 6:
0   libSystem.B.dylib               0x00007fff8874c9da __workq_kernreturn + 10
1   libSystem.B.dylib               0x00007fff8874cdec _pthread_wqthread + 917
2   libSystem.B.dylib               0x00007fff8874ca55 start_wqthread + 13

Thread 7:
0   libSystem.B.dylib               0x00007fff8873d426 read + 10
1   com.apple.CoreFoundation        0x00007fff82eb1ae0 __CFSocketRead + 544
2   com.apple.CFNetwork             0x00007fff88bba667 __CFSocketReadWithError(__CFSocket*, unsigned char*, long, CFStreamError*) + 35
3   com.apple.CFNetwork             0x00007fff88bba397 SocketStream::read(__CFReadStream*, unsigned char*, long, CFStreamError*, unsigned char*) + 699
4   com.apple.CoreFoundation        0x00007fff82e3ffac CFReadStreamRead + 540
5   com.apple.CFNetwork             0x00007fff88bd3dc1 HTTPReadFilter::doPlainRead(unsigned char*, long, CFStreamError*, unsigned char*) + 307
6   com.apple.CFNetwork             0x00007fff88bd3c59 HTTPReadFilter::streamRead(__CFReadStream*, unsigned char*, long, CFStreamError*, unsigned char*) + 469
7   com.apple.CoreFoundation        0x00007fff82e3ffac CFReadStreamRead + 540
8   com.apple.CFNetwork             0x00007fff88bd39e6 HTTPNetStreamInfo::streamRead(__CFReadStream*, unsigned char*, long, CFStreamError*, unsigned char*) + 562
9   com.apple.CoreFoundation        0x00007fff82e3ffac CFReadStreamRead + 540
10  com.apple.CFNetwork             0x00007fff88c23892 HTTPReadStream::streamRead(__CFReadStream*, unsigned char*, long, CFStreamError*, unsigned char*) + 82
11  com.apple.CoreFoundation        0x00007fff82e3ffac CFReadStreamRead + 540
12  com.apple.MediaToolbox          0x00007fff86b59a6f FigCFHTTPReadResponse + 855
13  com.apple.CoreFoundation        0x00007fff82eb1503 _signalEventSync + 115
14  com.apple.CoreFoundation        0x00007fff82eb1474 _cfstream_solo_signalEventSync + 116
15  com.apple.CFNetwork             0x00007fff88c228fd HTTPReadStream::streamEvent(unsigned long) + 163
16  com.apple.CoreFoundation        0x00007fff82eb1503 _signalEventSync + 115
17  com.apple.CoreFoundation        0x00007fff82eb1474 _cfstream_solo_signalEventSync + 116
18  com.apple.CoreFoundation        0x00007fff82e52271 __CFRunLoopDoSources0 + 1361
19  com.apple.CoreFoundation        0x00007fff82e50469 __CFRunLoopRun + 873
20  com.apple.CoreFoundation        0x00007fff82e4fc2f CFRunLoopRunSpecific + 575
21  com.apple.CoreFoundation        0x00007fff82e4f9b6 CFRunLoopRun + 70
22  com.apple.CoreMedia             0x00007fff803d4702 FigThreadGlobalNetworkBufferingRunloop + 119
23  libSystem.B.dylib               0x00007fff8876bf8e _pthread_start + 331
24  libSystem.B.dylib               0x00007fff8876be41 thread_start + 13

Thread 8:
0   libSystem.B.dylib               0x00007fff8876d9ee __semwait_signal + 10
1   libSystem.B.dylib               0x00007fff887717f1 _pthread_cond_wait + 1286
2   com.apple.CoreMedia             0x00007fff803d5947 WaitOnCondition + 14
3   com.apple.CoreMedia             0x00007fff803d5b13 FigSemaphoreWaitRelative + 167
4   com.apple.MediaToolbox          0x00007fff86aee8c7 FigAIORequestThread + 398
5   libSystem.B.dylib               0x00007fff8876bf8e _pthread_start + 331
6   libSystem.B.dylib               0x00007fff8876be41 thread_start + 13

Thread 9:
0   libSystem.B.dylib               0x00007fff8874c9da __workq_kernreturn + 10
1   libSystem.B.dylib               0x00007fff8874cdec _pthread_wqthread + 917
2   libSystem.B.dylib               0x00007fff8874ca55 start_wqthread + 13

Thread 10:
0   libSystem.B.dylib               0x00007fff88732e3a mach_msg_trap + 10
1   libSystem.B.dylib               0x00007fff887334ad mach_msg + 59
2   com.apple.CoreFoundation        0x00007fff82e507a2 __CFRunLoopRun + 1698
3   com.apple.CoreFoundation        0x00007fff82e4fc2f CFRunLoopRunSpecific + 575
4   com.apple.CoreFoundation        0x00007fff82e4f9b6 CFRunLoopRun + 70
5   com.apple.QTKit                 0x00007fff830d0c49 QTFigVisualContextImageProviderWorkThread + 342
6   libSystem.B.dylib               0x00007fff8876bf8e _pthread_start + 331
7   libSystem.B.dylib               0x00007fff8876be41 thread_start + 13

Thread 11:
0   libSystem.B.dylib               0x00007fff88732e3a mach_msg_trap + 10
1   libSystem.B.dylib               0x00007fff887334ad mach_msg + 59
2   com.apple.CoreFoundation        0x00007fff82e507a2 __CFRunLoopRun + 1698
3   com.apple.CoreFoundation        0x00007fff82e4fc2f CFRunLoopRunSpecific + 575
4   ....audio.toolbox.AudioToolbox  0x00007fff8416267a GenericRunLoopThread::RunLoop() + 42
5   ....audio.toolbox.AudioToolbox  0x00007fff841629f0 GenericRunLoopThread::Run() + 140
6   ....audio.toolbox.AudioToolbox  0x00007fff8412ded5 CAPThread::Entry(CAPThread*) + 67
7   libSystem.B.dylib               0x00007fff8876bf8e _pthread_start + 331
8   libSystem.B.dylib               0x00007fff8876be41 thread_start + 13

Thread 12:
0   libSystem.B.dylib               0x00007fff8876d9ee __semwait_signal + 10
1   libSystem.B.dylib               0x00007fff887717f1 _pthread_cond_wait + 1286
2   com.apple.CoreMedia             0x00007fff803d5947 WaitOnCondition + 14
3   com.apple.CoreMedia             0x00007fff803d5b13 FigSemaphoreWaitRelative + 167
4   com.apple.MediaToolbox          0x00007fff86afd4dd faq_EnqueueSourceDataThread + 44
5   libSystem.B.dylib               0x00007fff8876bf8e _pthread_start + 331
6   libSystem.B.dylib               0x00007fff8876be41 thread_start + 13

Thread 13:
0   libSystem.B.dylib               0x00007fff8876d9ee __semwait_signal + 10
1   libSystem.B.dylib               0x00007fff887717f1 _pthread_cond_wait + 1286
2   com.apple.CoreMedia             0x00007fff803d5947 WaitOnCondition + 14
3   com.apple.CoreMedia             0x00007fff803d5b13 FigSemaphoreWaitRelative + 167
4   com.apple.MediaToolbox          0x00007fff86b9b03b activitySchedulerOnThread + 69
5   libSystem.B.dylib               0x00007fff8876bf8e _pthread_start + 331
6   libSystem.B.dylib               0x00007fff8876be41 thread_start + 13

Thread 14:
0   libSystem.B.dylib               0x00007fff8876d9ee __semwait_signal + 10
1   libSystem.B.dylib               0x00007fff887717f1 _pthread_cond_wait + 1286
2   com.apple.CoreMedia             0x00007fff803d5947 WaitOnCondition + 14
3   com.apple.CoreMedia             0x00007fff803d5b13 FigSemaphoreWaitRelative + 167
4   com.apple.MediaToolbox          0x00007fff86b26d49 audioMentorThread + 6000
5   libSystem.B.dylib               0x00007fff8876bf8e _pthread_start + 331
6   libSystem.B.dylib               0x00007fff8876be41 thread_start + 13

Thread 15:
0   libSystem.B.dylib               0x00007fff8876d9ee __semwait_signal + 10
1   libSystem.B.dylib               0x00007fff887717f1 _pthread_cond_wait + 1286
2   com.apple.CoreMedia             0x00007fff803d5947 WaitOnCondition + 14
3   com.apple.CoreMedia             0x00007fff803d5b13 FigSemaphoreWaitRelative + 167
4   com.apple.MediaToolbox          0x00007fff86b3003a videoMentorThread + 5700
5   libSystem.B.dylib               0x00007fff8876bf8e _pthread_start + 331
6   libSystem.B.dylib               0x00007fff8876be41 thread_start + 13

Thread 16:
0   libSystem.B.dylib               0x00007fff88732e3a mach_msg_trap + 10
1   libSystem.B.dylib               0x00007fff887334ad mach_msg + 59
2   com.apple.CoreFoundation        0x00007fff82e507a2 __CFRunLoopRun + 1698
3   com.apple.CoreFoundation        0x00007fff82e4fc2f CFRunLoopRunSpecific + 575
4   com.apple.CoreFoundation        0x00007fff82e4f9b6 CFRunLoopRun + 70
5   com.apple.QTKit                 0x00007fff830cfad4 QTCALayerRendererPendingQWorkLoop + 534
6   libSystem.B.dylib               0x00007fff8876bf8e _pthread_start + 331
7   libSystem.B.dylib               0x00007fff8876be41 thread_start + 13

Thread 17:
0   libSystem.B.dylib               0x00007fff88732e76 semaphore_wait_trap + 10
1   com.apple.VideoToolbox          0x00007fff80487f25 JVTLib_100988 + 11
2   com.apple.VideoToolbox          0x00007fff804d61d8 JVTLib_101021(void*) + 60
3   com.apple.VideoToolbox          0x00007fff804882f4 JVTLib_100971 + 552
4   libSystem.B.dylib               0x00007fff8876bf8e _pthread_start + 331
5   libSystem.B.dylib               0x00007fff8876be41 thread_start + 13

Thread 18:
0   libSystem.B.dylib               0x00007fff88732e76 semaphore_wait_trap + 10
1   com.apple.VideoToolbox          0x00007fff80487f25 JVTLib_100988 + 11
2   com.apple.VideoToolbox          0x00007fff804d61d8 JVTLib_101021(void*) + 60
3   com.apple.VideoToolbox          0x00007fff804882f4 JVTLib_100971 + 552
4   libSystem.B.dylib               0x00007fff8876bf8e _pthread_start + 331
5   libSystem.B.dylib               0x00007fff8876be41 thread_start + 13

Thread 19:
0   libSystem.B.dylib               0x00007fff88732e9a semaphore_timedwait_signal_trap + 10
1   libSystem.B.dylib               0x00007fff887716e2 _pthread_cond_wait + 1015
2   com.apple.CoreVideo             0x00007fff83d2988c CVDisplayLink::waitUntil(unsigned long long) + 252
3   com.apple.CoreVideo             0x00007fff83d28d91 CVDisplayLink::runIOThread() + 619
4   com.apple.CoreVideo             0x00007fff83d28aeb startIOThread(void*) + 139
5   libSystem.B.dylib               0x00007fff8876bf8e _pthread_start + 331
6   libSystem.B.dylib               0x00007fff8876be41 thread_start + 13

Thread 0 crashed with X86 Thread State (64-bit):
  rax: 0x0000000000000000  rbx: 0x0000000000000000  rcx: 0x0000000000000000  rdx: 0x0000000000000018
  rdi: 0x0000000000000000  rsi: 0x000000020070f7d8  rbp: 0x00007fff5fbfbcf0  rsp: 0x00007fff5fbfbce0
   r8: 0x00000001010e48d0   r9: 0x000000000000f740  r10: 0x00000001010e42f0  r11: 0x00007fff87d9ca50
  r12: 0x0000000101238600  r13: 0x0000000000000000  r14: 0x000000020070f7c0  r15: 0x0000000000000000
  rip: 0x00007fff82e0a788  rfl: 0x0000000000000246  cr2: 0x00007fff702c13c8
A: 

The stack trace in your question is evidencing a known (and fixed) bug in WebKit

https://bugs.webkit.org/show_bug.cgi?id=31429

cocoaconvert