Bug 158164

Summary: REGRESSION(r201385) ASSERT in WebCore::HTMLMediaElement::updateActiveTextTrackCues + 5688
Product: WebKit Reporter: Ryan Haddad <ryanhaddad>
Component: MediaAssignee: Eric Carlson <eric.carlson>
Status: RESOLVED FIXED    
Severity: Normal CC: commit-queue, eric.carlson, jer.noble, ryanhaddad, webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
Attachments:
Description Flags
Proposed patch none

Ryan Haddad
Reported 2016-05-27 14:04:04 PDT
LayoutTest media/track/track-remove-track.html is a flaky crash <https://build.webkit.org/results/Apple%20Yosemite%20Debug%20WK2%20(Tests)/r201458%20(12432)/results.html> <http://webkit-test-results.webkit.org/dashboards/flakiness_dashboard.html#showAllRuns=true&tests=media%2Ftrack%2Ftrack-remove-track.html> Thread 0 Crashed:: Dispatch queue: com.apple.main-thread 0 com.apple.JavaScriptCore 0x00000001124e0867 WTFCrash + 39 1 com.apple.WebCore 0x0000000115458dc8 WebCore::HTMLMediaElement::updateActiveTextTrackCues(WTF::MediaTime const&) + 5688 (HTMLMediaElement.cpp:1691) 2 com.apple.WebCore 0x000000011545cbc0 WebCore::HTMLMediaElement::endIgnoringTrackDisplayUpdateRequests() + 176 (HTMLMediaElement.cpp:1810) 3 com.apple.WebCore 0x000000011548fcfa WebCore::TrackDisplayUpdateScope::~TrackDisplayUpdateScope() + 90 (HTMLMediaElement.cpp:294) 4 com.apple.WebCore 0x00000001154728c5 WebCore::TrackDisplayUpdateScope::~TrackDisplayUpdateScope() + 21 (HTMLMediaElement.cpp:294) 5 com.apple.WebCore 0x000000011546547d WebCore::HTMLMediaElement::removeTextTrack(WebCore::TextTrack&, bool) + 205 (HTMLMediaElement.cpp:3653) 6 com.apple.WebCore 0x000000011568a2b2 WebCore::InbandTextTrack::willRemove(WebCore::TrackPrivateBase*) + 162 (InbandTextTrack.cpp:193) 7 com.apple.WebCore 0x000000011568a2ef non-virtual thunk to WebCore::InbandTextTrack::willRemove(WebCore::TrackPrivateBase*) + 47 (InbandTextTrack.cpp:193) 8 com.apple.WebCore 0x0000000115473cbd WebCore::TrackPrivateBase::willBeRemoved() + 61 (TrackPrivateBase.h:71) 9 com.apple.WebCore 0x000000011546509c WebCore::HTMLMediaElement::mediaPlayerDidRemoveTextTrack(WTF::PassRefPtr<WebCore::InbandTextTrackPrivate>) + 28 (HTMLMediaElement.cpp:3600) 10 com.apple.WebCore 0x00000001154650cc non-virtual thunk to WebCore::HTMLMediaElement::mediaPlayerDidRemoveTextTrack(WTF::PassRefPtr<WebCore::InbandTextTrackPrivate>) + 28 (HTMLMediaElement.cpp:3600) 11 com.apple.WebCore 0x0000000116044790 WebCore::MediaPlayer::removeTextTrack(WTF::PassRefPtr<WebCore::InbandTextTrackPrivate>) + 64 (MediaPlayer.cpp:1280) 12 com.apple.WebCore 0x000000011604ea3e WebCore::MediaPlayerPrivateAVFoundation::clearTextTracks() + 142 (MediaPlayerPrivateAVFoundation.cpp:973) 13 com.apple.WebCore 0x000000011605b5dc WebCore::MediaPlayerPrivateAVFoundationObjC::cancelLoad() + 348 (MediaPlayerPrivateAVFoundationObjC.mm:594) 14 com.apple.WebCore 0x000000011605a7f3 WebCore::MediaPlayerPrivateAVFoundationObjC::~MediaPlayerPrivateAVFoundationObjC() + 851 (MediaPlayerPrivateAVFoundationObjC.mm:573) 15 com.apple.WebCore 0x000000011605b3e5 WebCore::MediaPlayerPrivateAVFoundationObjC::~MediaPlayerPrivateAVFoundationObjC() + 21 (MediaPlayerPrivateAVFoundationObjC.mm:574) 16 com.apple.WebCore 0x000000011605b439 WebCore::MediaPlayerPrivateAVFoundationObjC::~MediaPlayerPrivateAVFoundationObjC() + 25 (MediaPlayerPrivateAVFoundationObjC.mm:555) 17 com.apple.WebCore 0x00000001160402e4 WebCore::MediaPlayer::~MediaPlayer() + 388 (MediaPlayer.cpp:332) 18 com.apple.WebCore 0x0000000116040325 WebCore::MediaPlayer::~MediaPlayer() + 21 (MediaPlayer.cpp:332) 19 com.apple.WebCore 0x0000000116040349 WebCore::MediaPlayer::~MediaPlayer() + 25 (MediaPlayer.cpp:330) 20 com.apple.WebCore 0x0000000115451cb3 WebCore::HTMLMediaElement::~HTMLMediaElement() + 1539 (HTMLMediaElement.cpp:567) 21 com.apple.WebCore 0x0000000115511636 WebCore::HTMLVideoElement::~HTMLVideoElement() + 438 (HTMLVideoElement.h:37) 22 com.apple.WebCore 0x0000000115510e65 WebCore::HTMLVideoElement::~HTMLVideoElement() + 21 (HTMLVideoElement.h:37) 23 com.apple.WebCore 0x0000000115510e89 WebCore::HTMLVideoElement::~HTMLVideoElement() + 25 (HTMLVideoElement.h:37) 24 com.apple.WebCore 0x00000001162142dd WebCore::Node::removedLastRef() + 93 (Node.cpp:2328) 25 com.apple.WebCore 0x000000011478417e WebCore::Node::deref() + 382 (Node.h:738) 26 com.apple.WebCore 0x000000011620cec5 WebCore::Node::derefEventTarget() + 21 (Node.cpp:725) 27 com.apple.WebCore 0x0000000114ea4c36 WebCore::EventTarget::deref() + 22 (EventTarget.h:115) 28 com.apple.WebCore 0x0000000114fc71bd WTF::Ref<WebCore::EventTarget>::~Ref() + 45 (Ref.h:60) 29 com.apple.WebCore 0x0000000114fc59f5 WTF::Ref<WebCore::EventTarget>::~Ref() + 21 (Ref.h:60) 30 com.apple.WebCore 0x0000000115a5886c WebCore::JSDOMWrapper<WebCore::EventTarget>::~JSDOMWrapper() + 28 (JSDOMWrapper.h:52) 31 com.apple.WebCore 0x0000000115a58845 WebCore::JSEventTarget::~JSEventTarget() + 21 (JSEventTarget.h:29) 32 com.apple.WebCore 0x0000000115a579a5 WebCore::JSEventTarget::~JSEventTarget() + 21 (JSEventTarget.h:29) 33 com.apple.WebCore 0x0000000115a5738d WebCore::JSEventTarget::destroy(JSC::JSCell*) + 29 (JSEventTarget.cpp:130) 34 com.apple.JavaScriptCore 0x0000000112117ed8 JSC::MarkedBlock::callDestructor(JSC::JSCell*) + 232 35 com.apple.JavaScriptCore 0x0000000112117d7b JSC::MarkedBlock::FreeList JSC::MarkedBlock::specializedSweep<(JSC::MarkedBlock::BlockState)3, (JSC::MarkedBlock::SweepMode)0, true>() + 267 36 com.apple.JavaScriptCore 0x0000000112116874 JSC::MarkedBlock::FreeList JSC::MarkedBlock::sweepHelper<true>(JSC::MarkedBlock::SweepMode) + 308 37 com.apple.JavaScriptCore 0x0000000112115ec1 JSC::MarkedBlock::sweep(JSC::MarkedBlock::SweepMode) + 113 38 com.apple.JavaScriptCore 0x0000000111dda95d JSC::IncrementalSweeper::sweepNextBlock() + 125 39 com.apple.JavaScriptCore 0x0000000111dda882 JSC::IncrementalSweeper::doSweep(double) + 34 40 com.apple.JavaScriptCore 0x0000000111dda852 JSC::IncrementalSweeper::doWork() + 34 41 com.apple.JavaScriptCore 0x0000000111dd6aae JSC::HeapTimer::timerDidFire(__CFRunLoopTimer*, void*) + 494 42 com.apple.CoreFoundation 0x00007fff8d6b12e4 __CFRUNLOOP_IS_CALLING_OUT_TO_A_TIMER_CALLBACK_FUNCTION__ + 20 43 com.apple.CoreFoundation 0x00007fff8d6b0f73 __CFRunLoopDoTimer + 1059 44 com.apple.CoreFoundation 0x00007fff8d72453d __CFRunLoopDoTimers + 301 45 com.apple.CoreFoundation 0x00007fff8d66c608 __CFRunLoopRun + 2024 46 com.apple.CoreFoundation 0x00007fff8d66bbd8 CFRunLoopRunSpecific + 296 47 com.apple.HIToolbox 0x00007fff97f4756f RunCurrentEventLoopInMode + 235 48 com.apple.HIToolbox 0x00007fff97f472ea ReceiveNextEventCommon + 431 49 com.apple.HIToolbox 0x00007fff97f4712b _BlockUntilNextEventMatchingListInModeWithFilter + 71 50 com.apple.AppKit 0x00007fff986158ab _DPSNextEvent + 978 51 com.apple.AppKit 0x00007fff98614e58 -[NSApplication nextEventMatchingMask:untilDate:inMode:dequeue:] + 346 52 com.apple.AppKit 0x00007fff9860aaf3 -[NSApplication run] + 594 53 com.apple.AppKit 0x00007fff98587244 NSApplicationMain + 1832 54 libxpc.dylib 0x00007fff96cd0928 _xpc_objc_main + 793 55 libxpc.dylib 0x00007fff96cd2030 xpc_main + 490 56 com.apple.WebKit.WebContent.Development 0x000000010dee7110 main + 800 57 libdyld.dylib 0x00007fff9825f5c9 start + 1
Attachments
Proposed patch (1.39 KB, patch)
2016-06-01 13:09 PDT, Eric Carlson 		no flags
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Eric Carlson
Comment 1 2016-06-01 13:09:10 PDT
Created attachment 280259 [details] Proposed patch
WebKit Commit Bot
Comment 2 2016-06-01 15:47:48 PDT
Comment on attachment 280259 [details] Proposed patch Clearing flags on attachment: 280259 Committed r201574: <http://trac.webkit.org/changeset/201574>
WebKit Commit Bot
Comment 3 2016-06-01 15:47:53 PDT
All reviewed patches have been landed. Closing bug.
Note You need to log in before you can comment on or make changes to this bug.