237757 2022-03-10 23:02:14 -0800 [WinCairo] DrawingAreaWC::sendUpdateAC should keep a WeakPtr of this for the reply handler 2022-03-11 09:40:20 -0800 1 1 1 Unclassified WebKit WebKit2 WebKit Nightly Build Unspecified Unspecified RESOLVED FIXED InRadar P2 Normal --- 1 fujii fujii don.olmstead kkinnunen webkit-bug-importer oldest_to_newest 1850375 0 fujii 2022-03-10 23:02:14 -0800 I'm observing a crash of WinCairo Release r291050 MiniBrowser by browsing some web sites for several minutes. I don't know the exact production steps. > WTF.dll!WTFCrash() Line 322 C++ > WebKit2.dll!WTFCrashWithInfo(int __formal, const char * __formal, const char * __formal, int __formal) Line 741 C++ > WebKit2.dll!WebCore::TimerBase::setNextFireTime(WTF::MonotonicTime newTime) Line 471 C++ > WebKit2.dll!WebCore::TimerBase::start(WTF::Seconds nextFireInterval, WTF::Seconds repeatInterval) Line 282 C++ > [Inline Frame] WebKit2.dll!WebKit::DrawingAreaWC::sendUpdateAC::__l2::<lambda_1>::()::__l2::<lambda_1>::()::__l2::<lambda_1>::operator()(std::optional<WebKit::UpdateInfo>) Line 261 C++ > WebKit2.dll!WTF::Detail::CallableWrapper<```WebKit::DrawingAreaWC::sendUpdateAC'::`2'::<lambda_1>::operator()'::`2'::<lambda_1>::operator()'::`2'::<lambda_1>,void,std::optional<WebKit::UpdateInfo>>::call(std::optional<WebKit::UpdateInfo> <in_0>) Line 53 C++ > [Inline Frame] WebKit2.dll!WTF::Function<void __cdecl(std::optional<WebKit::UpdateInfo>)>::operator()(std::optional<WebKit::UpdateInfo>) Line 82 C++ > [Inline Frame] WebKit2.dll!WTF::CompletionHandler<void __cdecl(std::optional<WebKit::UpdateInfo>)>::operator()(std::optional<WebKit::UpdateInfo>) Line 68 C++ > WebKit2.dll!WTF::Detail::CallableWrapper<WTF::CompletionHandler<void __cdecl(std::optional<WebKit::UpdateInfo>)>,void,std::optional<WebKit::UpdateInfo> &&>::call(std::optional<WebKit::UpdateInfo> && <in_0>) Line 53 C++ > [Inline Frame] WebKit2.dll!WTF::Function<void __cdecl(std::optional<WebKit::UpdateInfo> &&)>::operator()(std::optional<WebKit::UpdateInfo> &&) Line 82 C++ > [Inline Frame] WebKit2.dll!WTF::CompletionHandler<void __cdecl(std::optional<WebKit::UpdateInfo> &&)>::operator()(std::optional<WebKit::UpdateInfo> &&) Line 68 C++ > WebKit2.dll!Messages::RemoteWCLayerTreeHost::Update::callReply(IPC::Decoder & decoder, WTF::CompletionHandler<void __cdecl(std::optional<WebKit::UpdateInfo> &&)> && completionHandler) Line 54 C++ > [Inline Frame] WebKit2.dll!IPC::MessageSender::sendWithAsyncReply::__l2::<lambda_1>::operator()(IPC::Decoder *) Line 100 C++ > WebKit2.dll!WTF::Detail::CallableWrapper<`IPC::MessageSender::sendWithAsyncReply<Messages::RemoteWCLayerTreeHost::Update,WTF::CompletionHandler<void __cdecl(std::optional<WebKit::UpdateInfo>)>>'::`2'::<lambda_1>,void,IPC::Decoder *>::call(IPC::Decoder * <in_0>) Line 53 C++ > [Inline Frame] WebKit2.dll!WTF::Function<void __cdecl(IPC::Decoder *)>::operator()(IPC::Decoder *) Line 82 C++ > [Inline Frame] WebKit2.dll!WTF::CompletionHandler<void __cdecl(IPC::Decoder *)>::operator()(IPC::Decoder *) Line 68 C++ > [Inline Frame] WebKit2.dll!IPC::Connection::dispatchMessage(IPC::Decoder & decoder) Line 1074 C++ > WebKit2.dll!IPC::Connection::dispatchMessage(std::unique_ptr<IPC::Decoder,std::default_delete<IPC::Decoder>> message) Line 1137 C++ > [Inline Frame] WebKit2.dll!IPC::Connection::dispatchOneIncomingMessage() Line 1206 C++ > [Inline Frame] WebKit2.dll!IPC::Connection::enqueueIncomingMessage::__l2::<lambda_1>::operator()() Line 1056 C++ > WebKit2.dll!WTF::Detail::CallableWrapper<`IPC::Connection::enqueueIncomingMessage'::`2'::<lambda_1>,void>::call() Line 53 C++ > [Inline Frame] WTF.dll!WTF::Function<void __cdecl(void)>::operator()() Line 82 C++ > WTF.dll!WTF::RunLoop::performWork() Line 134 C++ > [Inline Frame] WTF.dll!WTF::RunLoop::wndProc(HWND__ *) Line 56 C++ > WTF.dll!WTF::RunLoop::RunLoopWndProc(HWND__ * hWnd, unsigned int message, unsigned __int64 wParam, __int64 lParam) Line 39 C++ > [External Code] > WTF.dll!WTF::RunLoop::run() Line 73 C++ > [Inline Frame] WebKit2.dll!WebKit::AuxiliaryProcessMainBase<WebKit::WebProcess,1>::run(int) Line 70 C++ > [Inline Frame] WebKit2.dll!WebKit::AuxiliaryProcessMain(int) Line 96 C++ > WebKit2.dll!WebKit::WebProcessMain(int argc, char * * argv) Line 57 C++ > WebKitWebProcess.exe!main(int argc, char * * argv) Line 35 C++ > [External Code] 1850381 1 454448 fujii 2022-03-10 23:45:06 -0800 Created attachment 454448 Patch 1850540 2 ews-feeder 2022-03-11 09:39:33 -0800 Committed r291174 (248334@main): <https://commits.webkit.org/248334@main> All reviewed patches have been landed. Closing bug and clearing flags on attachment 454448. 1850541 3 webkit-bug-importer 2022-03-11 09:40:20 -0800 <rdar://problem/90165699> 454448 2022-03-10 23:45:06 -0800 2022-03-11 09:39:35 -0800 Patch bug-237757-20220311164505.patch text/plain 2189 fujii U3VidmVyc2lvbiBSZXZpc2lvbjogMjkxMTM4CmRpZmYgLS1naXQgYS9Tb3VyY2UvV2ViS2l0L0No YW5nZUxvZyBiL1NvdXJjZS9XZWJLaXQvQ2hhbmdlTG9nCmluZGV4IDg0MmUzMGMyY2VjYmVlNGVj MDhlYzkzZDJiYjFiMmEzOWVkMDI0Y2IuLjRkMjkyMWE3NDYyYzM0MGJjYjRhMmUyMDljNTE4MzNi M2QzNjM5YWUgMTAwNjQ0Ci0tLSBhL1NvdXJjZS9XZWJLaXQvQ2hhbmdlTG9nCisrKyBiL1NvdXJj ZS9XZWJLaXQvQ2hhbmdlTG9nCkBAIC0xLDMgKzEsMTkgQEAKKzIwMjItMDMtMTAgIEZ1amlpIEhp cm9ub3JpICA8SGlyb25vcmkuRnVqaWlAc29ueS5jb20+CisKKyAgICAgICAgW1dpbkNhaXJvXSBE cmF3aW5nQXJlYVdDOjpzZW5kVXBkYXRlQUMgc2hvdWxkIGtlZXAgYSBXZWFrUHRyIG9mIHRoaXMg Zm9yIHRoZSByZXBseSBoYW5kbGVyCisgICAgICAgIGh0dHBzOi8vYnVncy53ZWJraXQub3JnL3No b3dfYnVnLmNnaT9pZD0yMzc3NTcKKworICAgICAgICBSZXZpZXdlZCBieSBOT0JPRFkgKE9PUFMh KS4KKworICAgICAgICBXaW5DYWlybyBSZWxlYXNlIHdhcyBjcmFzaGluZyBieSB2aXNpdGluZyBz b21lIHJhbmRvbSB3ZWIgc2l0ZXMKKyAgICAgICAgZm9yIHNldmVyYWwgbWludXRlcy4gVGhlIHJl cGx5IGhhbmRsZXIgaW4KKyAgICAgICAgRHJhd2luZ0FyZWFXQzo6c2VuZFVwZGF0ZUFDIHNob3Vs ZCBjaGVjayB0aGF0IGB0aGlzYCBvYmplY3QgaXMKKyAgICAgICAgc3RpbGwgYWxpdmUgd2l0aCBg d2Vha1RoaXNgLgorCisgICAgICAgICogV2ViUHJvY2Vzcy9XZWJQYWdlL3djL0RyYXdpbmdBcmVh V0MuY3BwOgorICAgICAgICAoV2ViS2l0OjpEcmF3aW5nQXJlYVdDOjpzZW5kVXBkYXRlQUMpOiBD YXB0dXJlIHdlYWtUaGlzIGZvciB0aGUKKyAgICAgICAgcmVwbHkgaGFuZGxlciBhbmQgY2hlY2sg aXQuCisKIDIwMjItMDMtMTAgIENocmlzIER1bWV6ICA8Y2R1bWV6QGFwcGxlLmNvbT4KIAogICAg ICAgICBbbWFjT1NdIFdlYkNvbnRlbnQgcHJvY2Vzc2VzIGNyYXNoIHdpdGggWFBDX0VYSVRfUkVB U09OX1NJR1RFUk1fVElNRU9VVCB3aGVuIGxvZ2dpbmcgb3V0CmRpZmYgLS1naXQgYS9Tb3VyY2Uv V2ViS2l0L1dlYlByb2Nlc3MvV2ViUGFnZS93Yy9EcmF3aW5nQXJlYVdDLmNwcCBiL1NvdXJjZS9X ZWJLaXQvV2ViUHJvY2Vzcy9XZWJQYWdlL3djL0RyYXdpbmdBcmVhV0MuY3BwCmluZGV4IDYwZDll YjZlYjg4NjBkNDM0OTVjYWNmYWQ5ZjM4ZjRmODk1N2Q1M2QuLjk5MWJlYWZkN2IwZjRiODgzYWJk ZTc2YzQ2ZWRiN2U4OGNiZTg4YmMgMTAwNjQ0Ci0tLSBhL1NvdXJjZS9XZWJLaXQvV2ViUHJvY2Vz cy9XZWJQYWdlL3djL0RyYXdpbmdBcmVhV0MuY3BwCisrKyBiL1NvdXJjZS9XZWJLaXQvV2ViUHJv Y2Vzcy9XZWJQYWdlL3djL0RyYXdpbmdBcmVhV0MuY3BwCkBAIC0yNTMsNyArMjUzLDkgQEAgdm9p ZCBEcmF3aW5nQXJlYVdDOjpzZW5kVXBkYXRlQUMoKQogICAgICAgICBSdW5Mb29wOjptYWluKCku ZGlzcGF0Y2goW3RoaXMsIHdlYWtUaGlzID0gV1RGTW92ZSh3ZWFrVGhpcyksIHN0YXRlSUQsIHVw ZGF0ZUluZm8gPSBXVEZNb3ZlKHVwZGF0ZUluZm8pXSgpIG11dGFibGUgewogICAgICAgICAgICAg aWYgKCF3ZWFrVGhpcykKICAgICAgICAgICAgICAgICByZXR1cm47Ci0gICAgICAgICAgICBtX3Jl bW90ZVdDTGF5ZXJUcmVlSG9zdFByb3h5LT51cGRhdGUoV1RGTW92ZSh1cGRhdGVJbmZvKSwgW3Ro aXMsIHN0YXRlSURdKHN0ZDo6b3B0aW9uYWw8VXBkYXRlSW5mbz4gdXBkYXRlSW5mbykgeworICAg ICAgICAgICAgbV9yZW1vdGVXQ0xheWVyVHJlZUhvc3RQcm94eS0+dXBkYXRlKFdURk1vdmUodXBk YXRlSW5mbyksIFt0aGlzLCB3ZWFrVGhpcyA9IFdURk1vdmUod2Vha1RoaXMpLCBzdGF0ZUlEXShz dGQ6Om9wdGlvbmFsPFVwZGF0ZUluZm8+IHVwZGF0ZUluZm8pIHsKKyAgICAgICAgICAgICAgICBp ZiAoIXdlYWtUaGlzKQorICAgICAgICAgICAgICAgICAgICByZXR1cm47CiAgICAgICAgICAgICAg ICAgaWYgKHVwZGF0ZUluZm8gJiYgc3RhdGVJRCA9PSBtX2JhY2tpbmdTdG9yZVN0YXRlSUQpIHsK ICAgICAgICAgICAgICAgICAgICAgc2VuZChNZXNzYWdlczo6RHJhd2luZ0FyZWFQcm94eTo6VXBk YXRlKG1fYmFja2luZ1N0b3JlU3RhdGVJRCwgV1RGTW92ZSgqdXBkYXRlSW5mbykpKTsKICAgICAg ICAgICAgICAgICAgICAgcmV0dXJuOwo=