Bug 164798

Summary: REGRESSION (r208730): WTFCrashWithSecurityImplication under UserMediaPermissionRequestManager::removeMediaRequestFromMaps
Product: WebKit Reporter: Alexey Proskuryakov <ap>
Component: MediaAssignee: Nobody <webkit-unassigned>
Status: RESOLVED INVALID    
Severity: Normal CC: eric.carlson, ryanhaddad
Priority: P2    
Version: Other   
Hardware: Unspecified   
OS: Unspecified   
See Also: https://bugs.webkit.org/show_bug.cgi?id=164715

Alexey Proskuryakov
Reported 2016-11-15 15:11:03 PST
Got this crash when running the tests locally. The code that crashes was added today in r208730. Thread 0 Crashed:: Dispatch queue: com.apple.main-thread 0 com.apple.JavaScriptCore 0x00000001065257a4 WTFCrash + 36 (Assertions.cpp:323) 1 com.apple.JavaScriptCore 0x00000001065257b9 WTFCrashWithSecurityImplication + 9 2 com.apple.WebCore 0x0000000108b7801c WTF::match_constness<WebCore::ScriptExecutionContext, WebCore::Document>::type* WTF::downcast<WebCore::Document, WebCore::ScriptExecutionContext>(WebCore::ScriptExecutionContext*) + 76 (TypeCasts.h:89) 3 com.apple.WebCore 0x000000010b498029 WebCore::UserMediaRequest::document() const + 57 (UserMediaRequest.cpp:246) 4 com.apple.WebKit 0x000000010276a357 WebKit::UserMediaPermissionRequestManager::removeMediaRequestFromMaps(WebCore::UserMediaRequest&) + 39 (UserMediaPermissionRequestManager.cpp:126) 5 com.apple.WebKit 0x000000010276a133 WebKit::UserMediaPermissionRequestManager::cancelUserMediaRequest(WebCore::UserMediaRequest&) + 99 (UserMediaPermissionRequestManager.cpp:108) 6 com.apple.WebKit 0x0000000102cf8bb9 WebKit::WebUserMediaClient::cancelUserMediaAccessRequest(WebCore::UserMediaRequest&) + 41 (WebUserMediaClient.cpp:51) 7 com.apple.WebCore 0x000000010b497fe3 WebCore::UserMediaController::cancelUserMediaAccessRequest(WebCore::UserMediaRequest&) + 51 (UserMediaController.h:64) 8 com.apple.WebCore 0x000000010b497f53 WebCore::UserMediaRequest::contextDestroyed() + 67 (UserMediaRequest.cpp:235) 9 com.apple.WebCore 0x000000010aee4919 WebCore::ScriptExecutionContext::~ScriptExecutionContext() + 137 (ScriptExecutionContext.cpp:127) 10 com.apple.WebCore 0x00000001091f3dbe WebCore::Document::~Document() + 8174 (Document.cpp:656)
Attachments
Add attachment proposed patch, testcase, etc.
Alexey Proskuryakov
Comment 1 2016-11-15 15:13:20 PST
No, I misread the patch. It's just the same crash, not fixed. Will reopen that bug.
Radar WebKit Bug Importer
Comment 2 2016-11-15 15:13:49 PST
<rdar://problem/29277180>
Note You need to log in before you can comment on or make changes to this bug.