RESOLVED FIXED 229196
Crash under JSIntersectionObserverCallback::handleEvent() 
https://bugs.webkit.org/show_bug.cgi?id=229196
Summary Crash under JSIntersectionObserverCallback::handleEvent()
Chris Dumez
Reported 2021-08-17 10:33:08 PDT
Crash under JSIntersectionObserverCallback::handleEvent(): Exception Type: EXC_BAD_ACCESS (SIGSEGV) Exception Codes: KERN_INVALID_ADDRESS at 0x0000000000000005 Exception Note: EXC_CORPSE_NOTIFY Thread 0 Crashed ↩:: Dispatch queue: com.apple.main-thread 0 com.apple.WebCore 0x00000001b22e3480 WebCore::JSCallbackData::invokeCallback(WebCore::JSDOMGlobalObject&, JSC::JSObject*, JSC::JSValue, JSC::MarkedArgumentBuffer&, WebCore::JSCallbackData::CallbackType, JSC::PropertyName, WTF::NakedPtr<JSC::Exception>&) + 140 1 com.apple.WebCore 0x00000001b19dbd10 WebCore::JSIntersectionObserverCallback::handleEvent(WebCore::IntersectionObserver&, WTF::Vector<WTF::Ref<WebCore::IntersectionObserverEntry, WTF::RawPtrTraits<WebCore::IntersectionObserverEntry> >, 0ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc> const&, WebCore::IntersectionObserver&) + 564 2 com.apple.WebCore 0x00000001b19dbd10 WebCore::JSIntersectionObserverCallback::handleEvent(WebCore::IntersectionObserver&, WTF::Vector<WTF::Ref<WebCore::IntersectionObserverEntry, WTF::RawPtrTraits<WebCore::IntersectionObserverEntry> >, 0ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc> const&, WebCore::IntersectionObserver&) + 564 3 com.apple.WebCore 0x00000001b2ca597c WebCore::IntersectionObserver::notify() + 228 4 com.apple.WebCore 0x00000001b25cf534 WebCore::Document::updateIntersectionObservations() + 5532 5 com.apple.WebCore 0x00000001b2caee30 WebCore::Page::forEachDocument(WTF::Function<void (WebCore::Document&)> const&) const + 328 6 com.apple.WebCore 0x00000001b2cb6c5c WebCore::Page::updateRendering() + 1148 7 com.apple.WebKit 0x00000001b4413e9c WebKit::TiledCoreAnimationDrawingArea::updateRendering(WebKit::TiledCoreAnimationDrawingArea::UpdateRenderingType) + 588 8 com.apple.CoreFoundation 0x00000001957e3e84 __CFRUNLOOP_IS_CALLING_OUT_TO_AN_OBSERVER_CALLBACK_FUNCTION__ + 36 9 com.apple.CoreFoundation 0x00000001957e3cd0 __CFRunLoopDoObservers + 572 10 com.apple.CoreFoundation 0x00000001957e27c0 CFRunLoopRunSpecific + 684 11 com.apple.Foundation 0x00000001966b6820 -[NSRunLoop(NSRunLoop) runMode:beforeDate:] + 236 12 com.apple.Foundation 0x00000001967462c0 -[NSRunLoop(NSRunLoop) run] + 92 13 libxpc.dylib 0x0000000195476900 _xpc_objc_main + 900 14 libxpc.dylib 0x0000000195476204 xpc_main + 108 15 com.apple.WebKit 0x00000001b40ccad8 WebKit::XPCServiceMain(int, char const**) + 152 16 dyld 0x0000000100c390f4 start + 520
Attachments
Patch (2.09 KB, patch)
2021-08-17 10:38 PDT, Chris Dumez 		no flags
DetailsFormatted DiffDiff
Patch (2.41 KB, patch)
2021-08-17 10:40 PDT, Chris Dumez 		no flags
DetailsFormatted DiffDiff
Patch (3.16 KB, patch)
2021-08-17 11:20 PDT, Chris Dumez 		ews-feeder: commit-queue-
DetailsFormatted DiffDiff
Patch (4.50 KB, patch)
2021-08-17 13:31 PDT, Chris Dumez 		ews-feeder: commit-queue-
DetailsFormatted DiffDiff
Patch (5.04 KB, patch)
2021-08-17 13:38 PDT, Chris Dumez 		no flags
DetailsFormatted DiffDiff
Show Obsolete (4) View All Add attachment proposed patch, testcase, etc.
Chris Dumez
Comment 1 2021-08-17 10:33:23 PDT
<rdar://82016054>
Chris Dumez
Comment 2 2021-08-17 10:38:32 PDT
Created attachment 435695 [details] Patch
Chris Dumez
Comment 3 2021-08-17 10:40:26 PDT
Created attachment 435696 [details] Patch
Geoffrey Garen
Comment 4 2021-08-17 10:57:13 PDT
Comment on attachment 435696 [details] Patch r=me
Ryosuke Niwa
Comment 5 2021-08-17 11:16:24 PDT
Can we also fix ResizeObserver to be safe?
Chris Dumez
Comment 6 2021-08-17 11:20:42 PDT
Created attachment 435699 [details] Patch
Chris Dumez
Comment 7 2021-08-17 11:21:14 PDT
(In reply to Ryosuke Niwa from comment #5) > Can we also fix ResizeObserver to be safe? Good idea. Done.
Chris Dumez
Comment 8 2021-08-17 13:31:47 PDT
Created attachment 435709 [details] Patch
Chris Dumez
Comment 9 2021-08-17 13:38:11 PDT
Created attachment 435710 [details] Patch
Ryosuke Niwa
Comment 10 2021-08-17 13:44:43 PDT
(In reply to Chris Dumez from comment #7) > (In reply to Ryosuke Niwa from comment #5) > > Can we also fix ResizeObserver to be safe? > > Good idea. Done. Thanks!
EWS
Comment 11 2021-08-17 18:03:23 PDT
Found 1 new test failure: imported/w3c/web-platform-tests/navigation-timing/nav2_test_attributes_values.html
Chris Dumez
Comment 12 2021-08-18 08:25:14 PDT
Comment on attachment 435710 [details] Patch Clearing flags on attachment: 435710 Committed r281188 (240632@main): <https://commits.webkit.org/240632@main>
Chris Dumez
Comment 13 2021-08-18 08:25:17 PDT
All reviewed patches have been landed. Closing bug.
Andrew Bednar
Comment 14 2024-09-18 01:07:17 PDT
Undertale Yellow introduces new mechanics that add depth to combat while maintaining the core philosophy of choice and consequence that made the original so compelling.https://undertaleyellow.io
Note You need to log in before you can comment on or make changes to this bug.