RESOLVED FIXED 264709
[WPE][GTK][Debug] Crashes in imported/w3c/web-platform-tests/reporting 
https://bugs.webkit.org/show_bug.cgi?id=264709
Summary [WPE][GTK][Debug] Crashes in imported/w3c/web-platform-tests/reporting
Philippe Normand
Reported 2023-11-12 07:40:36 PST
Thread 1 (Thread 0x7fb050f69a00 (LWP 661165)): #0 WTFCrash() () at /app/webkit/Source/WTF/wtf/Assertions.cpp:333 #1 0x00007fb0669012b9 in WTFCrashWithInfo(int, char const*, char const*, int) () at /app/webkit/WebKitBuild/GTK/Debug/WTF/Headers/wtf/Assertions.h:778 #2 0x00007fb069c1d205 in WTF::Ref<WebCore::TestReportBody, WTF::RawPtrTraits<WebCore::TestReportBody> >::operator->() const (this=0x7ffe5f8b38e8) at /app/webkit/WebKitBuild/GTK/Debug/WTF/Headers/wtf/Ref.h:115 #3 0x00007fb06a731244 in WebCore::ReportingScope::generateTestReport(WTF::String&&, WTF::String&&) (this=0x7fafda005110, message=..., group=...) at /app/webkit/Source/WebCore/Modules/reporting/ReportingScope.cpp:180 #4 0x00007fb067fc5928 in _WKBundleFrameGenerateTestReport(WKBundleFrameRef, WKStringRef, WKStringRef) (frameRef=0x7fb047010680, message=0x7fb0473f9140, group=0x7fb0473f9120) at /app/webkit/Source/WebKit/WebProcess/InjectedBundle/API/c/WKBundleFrame.cpp:300 #5 0x00007fafeb5894c1 in WTR::TestRunner::generateTestReport(OpaqueJSString*, OpaqueJSString*) (this=0x7fb0472f9680, message=0x7fb0473f9100, group=0x0) at /app/webkit/Tools/WebKitTestRunner/InjectedBundle/TestRunner.cpp:2425 #6 0x00007fafeb5b2e41 in WTR::JSTestRunner::generateTestReport(OpaqueJSContext const*, OpaqueJSValue*, OpaqueJSValue*, unsigned long, OpaqueJSValue const* const*, OpaqueJSValue const**) (context=0x7faff601f068, thisObject=0x7faff6188280, argumentCount=1, arguments=0x7ffe5f8b3ba0, exception=0x7ffe5f8b3b00) at /app/webkit/WebKitBuild/GTK/Debug/WebKitTestRunner/DerivedSources/InjectedBundle/JSTestRunner.cpp:3879 #7 0x00007fb05a0fcb73 in JSC::APICallbackFunction::callImpl<JSC::JSCallbackFunction>(JSC::JSGlobalObject*, JSC::CallFrame*) (globalObject=0x7faff601f068, callFrame=0x7ffe5f8b3c70) at /app/webkit/Source/JavaScriptCore/API/APICallbackFunction.h:60 #8 0x00007fb05a0fa4d1 in JSC::callJSCallbackFunction(JSC::JSGlobalObject*, JSC::CallFrame*) (globalObject=0x7faff601f068, callFrame=0x7ffe5f8b3c70) at /app/webkit/Source/JavaScriptCore/API/JSCallbackFunction.cpp:42 #9 0x00007fb00648c027 in () #10 0x00007ffe5f8b3ce0 in () #11 0x00007fb059efc920 in op_call_ignore_result_slow_return_location () at /app/webkit/Source/JavaScriptCore/llint/LowLevelInterpreter.asm:1193 #12 0x0000000000000000 in () STDERR: ASSERTION FAILED: m_ptr
Attachments
Add attachment proposed patch, testcase, etc.
Philippe Normand
Comment 1 2023-11-12 07:42:51 PST
notifyReportObservers(Report::create(testReportBody->type(), WTFMove(reportURL), WTFMove(testReportBody))); Might be UB here to call ->type()?
Philippe Normand
Comment 2 2023-11-12 07:45:11 PST
Also the WTFMove(reportURL) looks incorrect...
Philippe Normand
Comment 3 2023-11-12 08:25:19 PST
Pull request: https://github.com/WebKit/WebKit/pull/20393
EWS
Comment 4 2023-11-12 11:12:52 PST
Committed 270612@main (723ded32d95e): <https://commits.webkit.org/270612@main> Reviewed commits have been landed. Closing PR #20393 and removing active labels.
Note You need to log in before you can comment on or make changes to this bug.