WebKit Bugzilla
New
Browse
Log In
×
Sign in with GitHub
or
Remember my login
Create Account
·
Forgot Password
Forgotten password account recovery
RESOLVED FIXED
270477
REGRESSION (
274894@main
): [ iOS Debug ] accessibility/text-marker/text-marker-range-stale-node-crash.html is a constant crash
https://bugs.webkit.org/show_bug.cgi?id=270477
Summary
REGRESSION (274894@main): [ iOS Debug ] accessibility/text-marker/text-marker...
Jay Stfleur
Reported
2024-03-04 13:20:42 PST
Description: accessibility/text-marker/text-marker-range-stale-node-crash.html Is a constant crash on iOS Debug. History:
https://results.webkit.org/?suite=layout-tests&test=accessibility%2Ftext-marker%2Ftext-marker-range-stale-node-crash.html
Diff/Image Diff/Crash Log: stderr: ASSERTION FAILED: !deletionHasBegun() /Volumes/Data/worker/Apple-iOS-17-Simulator-Debug-Build/build/Source/WebCore/dom/Node.h(821) : void WebCore::Node::ref() const 1 0x10f77e7b8 WTFCrash 2 0x2cb7ed140 WebCore::BaseAudioContext::currentSampleFrame() const 3 0x2cb801fac WebCore::Node::ref() const 4 0x2c951c234 WTF::DefaultRefDerefTraits<WebCore::Node>::refIfNotNull(WebCore::Node*) 5 0x2c951c1f0 WTF::RefPtr<WebCore::Node, WTF::RawPtrTraits<WebCore::Node>, WTF::DefaultRefDerefTraits<WebCore::Node>>::RefPtr(WebCore::Node*) 6 0x2c951c124 WTF::RefPtr<WebCore::Node, WTF::RawPtrTraits<WebCore::Node>, WTF::DefaultRefDerefTraits<WebCore::Node>>::RefPtr(WebCore::Node*) 7 0x2cb9e6bb8 WebCore::AXObjectCache::characterOffsetForTextMarkerData(WebCore::TextMarkerData&) 8 0x2c94aaa84 -[WebAccessibilityTextMarker characterOffset] 9 0x2c94ba54c -[WebAccessibilityObjectWrapper rangeForTextMarkers:] 10 0x2c94ba8e8 -[WebAccessibilityObjectWrapper textMarkerRangeForMarkers:] 11 0x13accc7dc WTR::AccessibilityUIElement::textMarkerRangeForMarkers(WTR::AccessibilityTextMarker*, WTR::AccessibilityTextMarker*) 12 0x13ad120b8 WTR::JSAccessibilityUIElement::textMarkerRangeForMarkers(OpaqueJSContext const*, OpaqueJSValue*, OpaqueJSValue*, unsigned long, OpaqueJSValue const* const*, OpaqueJSValue const**) 13 0x1100a4884 long long JSC::APICallbackFunction::callImpl<JSC::JSCallbackFunction>(JSC::JSGlobalObject*, JSC::CallFrame*) 14 0x11009cf44 JSC::callJSCallbackFunction(JSC::JSGlobalObject*, JSC::CallFrame*) 15 0x2900103b0 14 ??? 0x00000002900103b0 0x0 + 11005920176 16 0x111e7bc64 llint_entry 17 0x111e55eb4 vmEntryToJavaScript 18 0x110fb2314 JSC::Interpreter::executeProgram(JSC::SourceCode const&, JSC::JSGlobalObject*, JSC::JSObject*) 19 0x111278a9c JSC::evaluate(JSC::JSGlobalObject*, JSC::SourceCode const&, JSC::JSValue, WTF::NakedPtr<JSC::Exception>&) 20 0x111278be8 JSC::profiledEvaluate(JSC::JSGlobalObject*, JSC::ProfilingReason, JSC::SourceCode const&, JSC::JSValue, WTF::NakedPtr<JSC::Exception>&) 21 0x2cbd39254 WebCore::JSExecState::profiledEvaluate(JSC::JSGlobalObject*, JSC::ProfilingReason, JSC::SourceCode const&, JSC::JSValue, WTF::NakedPtr<JSC::Exception>&) 22 0x2cbd38d2c WebCore::ScriptController::evaluateInWorld(WebCore::ScriptSourceCode const&, WebCore::DOMWrapperWorld&) 23 0x2cbd38b60 WebCore::ScriptController::evaluateInWorldIgnoringException(WebCore::ScriptSourceCode const&, WebCore::DOMWrapperWorld&) 24 0x2cbd39510 WebCore::ScriptController::evaluateIgnoringException(WebCore::ScriptSourceCode const&) 25 0x2cc79467c WebCore::ScriptElement::executeClassicScript(WebCore::ScriptSourceCode const&) 26 0x2cc792410 WebCore::ScriptElement::prepareScript(WTF::TextPosition const&) 27 0x2ccdb5968 WebCore::HTMLScriptRunner::runScript(WebCore::ScriptElement&, WTF::TextPosition const&) 28 0x2ccdb5798 WebCore::HTMLScriptRunner::execute(WTF::Ref<WebCore::ScriptElement, WTF::RawPtrTraits<WebCore::ScriptElement>, WTF::DefaultRefDerefTraits<WebCore::ScriptElement>>&&, WTF::TextPosition const&) 29 0x2ccd77e64 WebCore::HTMLDocumentParser::runScriptsForPausedTreeBuilder() 30 0x2ccd78370 WebCore::HTMLDocumentParser::pumpTokenizerLoop(WebCore::HTMLDocumentParser::SynchronousMode, bool, WebCore::PumpSession&) 31 0x2ccd776e4 WebCore::HTMLDocumentParser::pumpTokenizer(WebCore::HTMLDocumentParser::SynchronousMode) com.apple.WebKit.WebContent.Development terminated (pid 2919) for reason: crash LEAK: 1 WebPageProxy
Attachments
Add attachment
proposed patch, testcase, etc.
Radar WebKit Bug Importer
Comment 1
2024-03-04 13:21:14 PST
<
rdar://problem/124030130
>
Jay Stfleur
Comment 2
2024-03-04 14:00:48 PST
Reproducibility: rwt --root --ios-simulator accessibility/text-marker/text-marker-range-stale-node-crash.html --child-process=1 --iterations 10
Charlie Wolfe
Comment 3
2024-03-04 19:18:31 PST
Pull request:
https://github.com/WebKit/WebKit/pull/25469
EWS
Comment 4
2024-03-05 09:08:58 PST
Committed
275695@main
(f3f8811670c3): <
https://commits.webkit.org/275695@main
> Reviewed commits have been landed. Closing PR #25469 and removing active labels.
EWS
Comment 5
2024-04-26 13:53:03 PDT
Test gardening commit
278056@main
(745a77767bf2): <
https://commits.webkit.org/278056@main
> Reviewed commits have been landed. Closing PR #27817 and removing active labels.
Note
You need to
log in
before you can comment on or make changes to this bug.
Top of Page
Format For Printing
XML
Clone This Bug