Bug 264132

Summary:	Regression(270013@main): Crash when loading bgtime.tv
Product:	WebKit	Reporter:	Chris Dumez <cdumez>
Component:	Text	Assignee:	Chris Dumez <cdumez>
Status:	RESOLVED FIXED
Severity:	Normal	CC:	mmaxfield, webkit-bug-importer
Priority:	P2	Keywords:	InRadar
Version:	WebKit Nightly Build
Hardware:	Unspecified
OS:	Unspecified
See Also:	https://bugs.webkit.org/show_bug.cgi?id=263943

Chris Dumez

Reported 2023-11-02 21:28:11 PDT

Crash when loading bgtime.tv: ``` Thread 0 Crashed:: Dispatch queue: com.apple.main-thread 0 WebCore 0x1331b48f0 WTFCrashWithInfo(int, char const*, char const*, int) + 36 (Assertions.h:778) 1 WebCore 0x133409548 WTF::CanMakeCheckedPtrBase<WTF::SingleThreadIntegralWrapper<unsigned int>, unsigned int>::~CanMakeCheckedPtrBase() + 1180 (CheckedRef.h:325) 2 WebCore 0x139e59a04 WebCore::Font::~Font() + 912 (Font.cpp:174) 3 WebCore 0x13436ea34 std::__1::default_delete<WebCore::Font>::operator()[abi:v160006](WebCore::Font*) const + 4 (unique_ptr.h:65) [inlined] 4 WebCore 0x13436ea34 WTF::RefCounted<WebCore::Font, std::__1::default_delete<WebCore::Font>>::deref() const + 36 (RefCounted.h:190) [inlined] 5 WebCore 0x13436ea34 WTF::Ref<WebCore::Font, WTF::RawPtrTraits<WebCore::Font>>::~Ref() + 244 (Ref.h:61) 6 WebCore 0x13bd47d88 WTF::Ref<WebCore::Font, WTF::RawPtrTraits<WebCore::Font>>::~Ref() + 4 (Ref.h:55) [inlined] 7 WebCore 0x13bd47d88 WTF::VectorDestructor<true, WTF::Ref<WebCore::Font, WTF::RawPtrTraits<WebCore::Font>>>::destruct(WTF::Ref<WebCore::Font, WTF::RawPtrTraits<WebCore::Font>>*, WTF::Ref<WebCore::Font, WTF::RawPtrTraits<WebCore::Font>>*) + 8 (Vector.h:70) [inlined] 8 WebCore 0x13bd47d88 WTF::VectorTypeOperations<WTF::Ref<WebCore::Font, WTF::RawPtrTraits<WebCore::Font>>>::destruct(WTF::Ref<WebCore::Font, WTF::RawPtrTraits<WebCore::Font>>*, WTF::Ref<WebCore::Font, WTF::RawPtrTraits<WebCore::Font>>*) + 8 (Vector.h:253) [inlined] 9 WebCore 0x13bd47d88 WTF::Vector<WTF::Ref<WebCore::Font, WTF::RawPtrTraits<WebCore::Font>>, 20ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc>::~Vector() + 160 (Vector.h:766) 10 WebCore 0x13bd42a90 WTF::Vector<WTF::Ref<WebCore::Font, WTF::RawPtrTraits<WebCore::Font>>, 20ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc>::~Vector() + 8 (Vector.h:764) [inlined] 11 WebCore 0x13bd42a90 WebCore::FontCache::purgeInactiveFontData(unsigned int) + 816 (FontCache.cpp:318) 12 WebCore 0x13bd4399c WebCore::FontCache::releaseNoncriticalMemory() + 28 (FontCache.cpp:437) 13 WebCore 0x13bd43b6c WebCore::FontCache::releaseNoncriticalMemoryInAllFontCaches()::$_7::operator()(WebCore::FontCache&) const + 4 (FontCache.cpp:445) [inlined] 14 WebCore 0x13bd43b6c void WebCore::dispatchToAllFontCaches<WebCore::FontCache::releaseNoncriticalMemoryInAllFontCaches()::$_7>(WebCore::FontCache::releaseNoncriticalMemoryInAllFontCaches()::$_7) + 112 (FontCache.cpp:415) 15 WebCore 0x13bcf51c4 WebCore::releaseNoncriticalMemory(WebCore::MaintainMemoryCache) + 288 (MemoryRelease.cpp:78) 16 WebCore 0x13bcf486c WebCore::releaseMemory(WTF::Critical, WTF::Synchronous, WebCore::MaintainBackForwardCache, WebCore::MaintainMemoryCache) + 316 (MemoryRelease.cpp:162) ```

Attachments
Add attachment proposed patch, testcase, etc.

Chris Dumez

Comment 1 2023-11-02 21:33:02 PDT

<rdar://117882210>

Chris Dumez

Comment 2 2023-11-02 21:35:19 PDT

Pull request: https://github.com/WebKit/WebKit/pull/19930

EWS

Comment 3 2023-11-03 10:57:52 PDT

Committed 270190@main (1f9b90609d2f): <https://commits.webkit.org/270190@main> Reviewed commits have been landed. Closing PR #19930 and removing active labels.

Note You need to log in before you can comment on or make changes to this bug.