WebKit Bugzilla
New
Browse
Log In
×
Sign in with GitHub
or
Remember my login
Create Account
·
Forgot Password
Forgotten password account recovery
RESOLVED FIXED
173401
[Win] Crash in accessibility layout test.
https://bugs.webkit.org/show_bug.cgi?id=173401
Summary
[Win] Crash in accessibility layout test.
Per Arne Vollan
Reported
2017-06-14 23:41:51 PDT
STACK_TEXT: WARNING: Frame IP not in any known module. Following frames may be wrong. 0040c200 647c441c 08fc7cf0 647b61bd 059a4cd8 0x7005c763 0040c208 647b61bd 059a4cd8 0040c23c 640f5ffa DumpRenderTreeLib!AccessibilityUIElement::~AccessibilityUIElement+0xc 0040c214 640f5ffa 058bb100 0040c254 058bb100 DumpRenderTreeLib!finalize+0x1d 0040c228 644e9d5d 058bb100 00000000 00000310 JavaScriptCore!JSC::JSCallbackObject<JSC::JSDestructibleObject>::~JSCallbackObject<JSC::JSDestructibleObject>+0x4a 0040c23c 644e9669 00000310 0051bab0 00000000 JavaScriptCore!<lambda_07778e20c17479c9d2c845ad43d19255>::operator()+0x2d 0040c2b4 644e9e13 058759d0 00000001 00000001 JavaScriptCore!JSC::MarkedBlock::Handle::specializedSweep<1,1,1,1,0,1,1,JSC::`anonymous namespace'::DestroyFunc>+0x149 0040c2d8 644e94e2 00000000 0051bab0 05771408 JavaScriptCore!<lambda_bd36abf116e3ed85297e973ffafd78a3>::operator()+0x53 0040c330 644e93d3 058759d0 0040c343 057737c8 JavaScriptCore!JSC::MarkedBlock::Handle::finishSweepKnowingSubspace<JSC::`anonymous namespace'::DestroyFunc>+0xe2 0040c344 6432bc0a 0051bab0 058759d0 058759d0 JavaScriptCore!JSC::JSDestructibleObjectSubspace::finishSweep+0x13 0040c3a0 6432b302 058759d0 00000001 00000000 JavaScriptCore!JSC::MarkedBlock::Handle::sweep+0xea 0040c3b4 6432b251 0051bab0 058759d0 05771410 JavaScriptCore!JSC::MarkedAllocator::tryAllocateIn+0x12 0040c3d4 6432b0ec 05771408 00000000 058cb8a0 JavaScriptCore!JSC::MarkedAllocator::tryAllocateWithoutCollecting+0xb1 0040c3e8 6432af6d 00000000 00000001 0040c408 JavaScriptCore!JSC::MarkedAllocator::allocateSlowCaseImpl+0x14c 0040c3f8 6433561a 00000000 05771408 0040c41c JavaScriptCore!JSC::MarkedAllocator::allocateSlowCase+0xd 0040c408 644fc3a5 00000018 05771408 058cb8a0 JavaScriptCore!JSC::Subspace::allocate+0x4a 0040c41c 644f19ec 05771408 05793f20 05771408 JavaScriptCore!JSC::FunctionPrototype::create+0x15 0040d27c 644ee453 05771408 05771408 058cb8a0 JavaScriptCore!JSC::JSGlobalObject::init+0x8c 0040d294 63456513 00000000 058b80a0 058cb8a0 JavaScriptCore!JSC::JSGlobalObject::finishCreation+0x53 0040d2e4 6391fda4 05771408 058b80a0 058cb8a0 WebKit!WebCore::JSDOMWindowBase::finishCreation+0x23 0040d300 6345820a 05771408 058b80a0 0a9271a0 WebKit!WebCore::JSDOMWindow::finishCreation+0x14 0040d338 63459d5c 0040d358 0a9271a0 05758ee8 WebKit!WebCore::JSDOMWindowProxy::setWindow+0x16a 0040d378 6324bf6c 091808c8 00000000 08f75924 WebKit!WebCore::ScriptController::setDOMWindowForWindowProxy+0xdc 0040d390 6365aa3e 0a9271a0 00000000 00000001 WebKit!WebCore::FrameLoader::clear+0x19c 0040d410 6312a834 0040d42c 00000000 00000000 WebKit!WebCore::DocumentWriter::begin+0x17e 0040d46c 6312be48 00000000 00000000 64075350 WebKit!WebCore::DocumentLoader::commitData+0x44 0040d56c 6312c974 08f758d0 08f76030 6bca25a9 WebKit!WebCore::DocumentLoader::finishedLoading+0x118 0040d7d8 63129bf1 05758ee8 08f758d0 00000000 WebKit!WebCore::DocumentLoader::maybeLoadEmpty+0x3a4 0040dd3c 632508f1 056c1d40 08f75d40 08f758d0 WebKit!WebCore::DocumentLoader::startLoadingMainResource+0x141 0040dd60 632545d9 08f75d40 00000000 00000001 WebKit!WebCore::FrameLoader::continueLoadAfterNavigationPolicy+0x291 0040dd78 636baa59 08f75d40 00000000 00000001 WebKit!WTF::Function<void __cdecl(WebCore::ResourceRequest const &,WebCore::FormState *,bool)>::CallableWrapper<<lambda_95aa8f0030eed8483eb052c9ec4a0293> >::call+0x19 0040df60 63251b5b 08f75d40 00000000 08f758d0 WebKit!WebCore::PolicyChecker::checkNavigationPolicy+0x249 0040e14c 63251c5b 08f758d0 00000000 00000000 WebKit!WebCore::FrameLoader::loadWithDocumentLoader+0x35b 0040e170 6324a5dd 08f758d0 05758e98 08e68388 WebKit!WebCore::FrameLoader::load+0xeb 0040e840 63027158 0040e854 08e68388 63cf5d48 WebKit!WebCore::FrameLoader::load+0x1ed 0040ee24 647cdf67 057656b8 08e68388 00000001 WebKit!WebFrame::loadRequest+0x88 0040ef44 647c9c61 0040ef5c 010d6df0 00512328 DumpRenderTreeLib!runTest+0x797 0040f7c8 647c9e2e 00000002 00512328 0040faa0 DumpRenderTreeLib!main+0x491 0040f7d8 010c16c9 00000002 00512328 010d6dec DumpRenderTreeLib!dllLauncherEntryPoint+0xe 0040faa0 010c32ba 00000002 00512328 00518640 DumpRenderTree!main+0x469 0040faec 7619336a 7efde000 0040fb38 77b59902 DumpRenderTree!__scrt_common_main_seh+0xff 0040faf8 77b59902 7efde000 ec72fbff 00000000 KERNEL32!BaseThreadInitThunk+0x12 0040fb38 77b598d5 010c3337 7efde000 00000000 ntdll_77b20000!RtlInitializeExceptionChain+0x63 0040fb50 00000000 010c3337 7efde000 00000000 ntdll_77b20000!RtlInitializeExceptionChain+0x36
Attachments
Patch
(1.48 KB, patch)
2017-06-14 23:49 PDT
,
Per Arne Vollan
no flags
Details
Formatted Diff
Diff
View All
Add attachment
proposed patch, testcase, etc.
Per Arne Vollan
Comment 1
2017-06-14 23:49:06 PDT
Created
attachment 312956
[details]
Patch
Brent Fulgham
Comment 2
2017-06-15 09:44:48 PDT
Comment on
attachment 312956
[details]
Patch Weird that this was every done this way. I wonder if there was a Retain() somewhere we removed at some point.
Per Arne Vollan
Comment 3
2017-06-15 09:58:41 PDT
Comment on
attachment 312956
[details]
Patch Thanks for reviewing!
WebKit Commit Bot
Comment 4
2017-06-15 10:01:30 PDT
Comment on
attachment 312956
[details]
Patch Clearing flags on attachment: 312956 Committed
r218337
: <
http://trac.webkit.org/changeset/218337
>
WebKit Commit Bot
Comment 5
2017-06-15 10:01:31 PDT
All reviewed patches have been landed. Closing bug.
Note
You need to
log in
before you can comment on or make changes to this bug.
Top of Page
Format For Printing
XML
Clone This Bug