Bug 171705

Summary: REGRESSION: Multiple LayoutTests crashing in WebCore::Document::page() const + 4
Product: WebKit Reporter: Ryan Haddad <ryanhaddad>
Component: New BugsAssignee: Nobody <webkit-unassigned>
Status: RESOLVED DUPLICATE    
Severity: Normal CC: sam
Priority: P2    
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
Attachments:
Description Flags
Crashlog none

Ryan Haddad
Reported 2017-05-04 18:20:18 PDT
Created attachment 309123 [details] Crashlog Thread 0 Crashed:: Dispatch queue: com.apple.main-thread 0 com.apple.WebCore 0x0000000101eaae84 WebCore::Document::page() const + 4 (Document.cpp:1643) 1 com.apple.WebCore 0x0000000102859eb3 WebCore::Notification::contextDestroyed() + 35 (Notification.cpp:135) 2 com.apple.WebCore 0x0000000102b04e68 WebCore::ScriptExecutionContext::~ScriptExecutionContext() + 72 (HashTable.h:384) 3 com.apple.WebCore 0x0000000101ead1d0 WebCore::Document::~Document() + 5776 (Document.cpp:623) 4 com.apple.WebCore 0x00000001020e5a2e WebCore::HTMLDocument::~HTMLDocument() + 14 (HTMLDocument.cpp:90) 5 com.apple.WebCore 0x0000000101cf3803 WebCore::ChildNodeList::~ChildNodeList() + 147 (ChildNodeList.cpp:45) 6 com.apple.WebCore 0x0000000101cf384e WebCore::ChildNodeList::~ChildNodeList() + 14 (ChildNodeList.cpp:43) 7 com.apple.JavaScriptCore 0x000000010594f094 JSC::JSDestructibleObjectSubspace::finishSweep(JSC::MarkedBlock::Handle&, JSC::MarkedBlock::Handle::SweepMode) + 1492 (JSDestructibleObjectSubspace.cpp:40) 8 com.apple.JavaScriptCore 0x0000000105a8743c JSC::MarkedBlock::Handle::sweep(JSC::MarkedBlock::Handle::SweepMode) + 252 (MarkedBlock.cpp:432) 9 com.apple.JavaScriptCore 0x0000000105832300 JSC::IncrementalSweeper::sweepNextBlock() + 128 (IncrementalSweeper.cpp:91) 10 com.apple.JavaScriptCore 0x0000000105832228 JSC::IncrementalSweeper::doWork() + 40 (IncrementalSweeper.cpp:55) 11 com.apple.JavaScriptCore 0x000000010575fa1f JSC::JSRunLoopTimer::timerDidFire() + 63 (JSRunLoopTimer.cpp:61) 12 com.apple.CoreFoundation 0x00007fff7edb1de4 __CFRUNLOOP_IS_CALLING_OUT_TO_A_TIMER_CALLBACK_FUNCTION__ + 20 13 com.apple.CoreFoundation 0x00007fff7edb1a73 __CFRunLoopDoTimer + 1075 14 com.apple.CoreFoundation 0x00007fff7edb15ca __CFRunLoopDoTimers + 298 15 com.apple.CoreFoundation 0x00007fff7eda8fa1 __CFRunLoopRun + 2081 16 com.apple.CoreFoundation 0x00007fff7eda8524 CFRunLoopRunSpecific + 420 17 com.apple.HIToolbox 0x00007fff7e308ebc RunCurrentEventLoopInMode + 240 18 com.apple.HIToolbox 0x00007fff7e308cf1 ReceiveNextEventCommon + 432 19 com.apple.HIToolbox 0x00007fff7e308b26 _BlockUntilNextEventMatchingListInModeWithFilter + 71 20 com.apple.AppKit 0x00007fff7c8a3e24 _DPSNextEvent + 1120 21 com.apple.AppKit 0x00007fff7d01f85e -[NSApplication(NSEvent) _nextEventMatchingEventMask:untilDate:inMode:dequeue:] + 2796 22 com.apple.AppKit 0x00007fff7c8987ab -[NSApplication run] + 926 23 com.apple.AppKit 0x00007fff7c8631de NSApplicationMain + 1237 24 libxpc.dylib 0x00007fff94d228c7 _xpc_objc_main + 775 25 libxpc.dylib 0x00007fff94d212e4 xpc_main + 494 26 com.apple.WebKit.WebContent 0x0000000100a8e695 main + 492 (XPCServiceMain.mm:122) 27 libdyld.dylib 0x00007fff94ac9235 start + 1 https://build.webkit.org/results/Apple%20Sierra%20Release%20WK2%20(Tests)/r216219%20(1199)/results.html
Attachments
Crashlog (73.95 KB, text/plain)
2017-05-04 18:20 PDT, Ryan Haddad 		no flags
Details
View All Add attachment proposed patch, testcase, etc.
Ryan Haddad
Comment 1 2017-05-04 18:22:17 PDT
My best guess is that this may be related to https://trac.webkit.org/changeset/216206/webkit
Ryan Haddad
Comment 2 2017-05-04 18:22:34 PDT
(In reply to Ryan Haddad from comment #1) > My best guess is that this may be related to > https://trac.webkit.org/changeset/216206/webkit Remove support for legacy Notifications ​https://bugs.webkit.org/show_bug.cgi?id=171487
Ryan Haddad
Comment 3 2017-05-04 18:24:21 PDT
http/tests/notifications/window-show-on-click.html https://build.webkit.org/results/Apple%20Sierra%20Release%20WK2%20(Tests)/r216219%20(1199)/results.html
Ryan Haddad
Comment 4 2017-05-04 18:25:09 PDT
http/tests/performance/performance-resource-timing-cached-entries.html https://build.webkit.org/results/Apple%20Sierra%20Release%20WK2%20(Tests)/r216218%20(1198)/results.html
Alexey Proskuryakov
Comment 5 2017-05-04 22:34:36 PDT
So let's roll back ASAP. *** This bug has been marked as a duplicate of bug 171714 ***
Sam Weinig
Comment 6 2017-05-05 13:06:34 PDT
Any idea why the EWS didn't catch this?
Ryan Haddad
Comment 7 2017-05-05 13:22:48 PDT
(In reply to Sam Weinig from comment #6) > Any idea why the EWS didn't catch this? I think it is because the crashes were flaky.
Note You need to log in before you can comment on or make changes to this bug.