WebKit Bugzilla
New
Browse
Log In
×
Sign in with GitHub
or
Remember my login
Create Account
·
Forgot Password
Forgotten password account recovery
RESOLVED FIXED
278259
Crash in TimerBase::~TimerBase via DataDetection::detectContentInFrame
https://bugs.webkit.org/show_bug.cgi?id=278259
Summary
Crash in TimerBase::~TimerBase via DataDetection::detectContentInFrame
Ryosuke Niwa
Reported
2024-08-16 15:28:49 PDT
e.g. Thread 4 name: Dispatch queue: com.apple.WebKit.DataDetection Thread 4 Crashed: 0 WebCore 0x197511390 WTFCrashWithInfo(int, char const*, char const*, int) + 1790864 [inlined] 1 WebCore 0x197511390 WebCore::TimerBase::~TimerBase() + 1790864 2 WebCore 0x1976fb8d3 WebCore::Timer::~Timer() + 3799251 [inlined] 3 WebCore 0x1976fb8d3 WebCore::Timer::~Timer() + 3799251 [inlined] 4 WebCore 0x1976fb8d3 WebCore::ScriptRunner::~ScriptRunner() + 3799251 5 WebCore 0x1976fb7ef WebCore::ScriptRunner::~ScriptRunner() + 3799023 [inlined] 6 WebCore 0x1976fb7ef WebCore::ScriptRunner::operator delete(WebCore::ScriptRunner*, std::destroying_delete_t, unsigned long) + 3799023 [inlined] 7 WebCore 0x1976fb7ef WebCore::ScriptRunner::~ScriptRunner() + 3799023 8 WebCore 0x19775596f std::__1::default_delete<WebCore::ScriptRunner>::operator()[abi:sn180100](WebCore::ScriptRunner*) const + 4168047 [inlined] 9 WebCore 0x19775596f std::__1::unique_ptr<WebCore::ScriptRunner, std::__1::default_delete<WebCore::ScriptRunner>>::reset[abi:sn180100](WebCore::ScriptRunner*) + 4168047 [inlined] 10 WebCore 0x19775596f std::__1::unique_ptr<WebCore::ScriptRunner, std::__1::default_delete<WebCore::ScriptRunner>>::operator=[abi:sn180100](std::nullptr_t) + 4168047 [inlined] 11 WebCore 0x19775596f WebCore::Document::~Document() + 4168047 12 WebCore 0x1977556f3 WebCore::HTMLDocument::~HTMLDocument() + 4167411 [inlined] 13 WebCore 0x1977556f3 WebCore::HTMLDocument::~HTMLDocument() + 4167411 [inlined] 14 WebCore 0x1977556f3 WebCore::HTMLDocument::~HTMLDocument() + 4167411 15 WebCore 0x19772b9f7 WebCore::Document::removedLastRef() + 3996151 16 WebCore 0x197e81fc7 WebCore::Node::derefAllowingPartiallyDestroyed() const + 11689927 [inlined] 17 WebCore 0x197e81fc7 WebCore::Node::deref() const + 11689927 [inlined] 18 WebCore 0x197e81fc7 WTF::DefaultRefDerefTraits<WebCore::Document>::derefIfNotNull(WebCore::Document*) + 11689927 [inlined] 19 WebCore 0x197e81fc7 WTF::Ref<WebCore::Document, WTF::RawPtrTraits<WebCore::Document>, WTF::DefaultRefDerefTraits<WebCore::Document>>::~Ref() + 11689927 [inlined] 20 WebCore 0x197e81fc7 WTF::Ref<WebCore::Document, WTF::RawPtrTraits<WebCore::Document>, WTF::DefaultRefDerefTraits<WebCore::Document>>::~Ref() + 11689927 [inlined] 21 WebCore 0x197e81fc7 WebCore::DataDetection::detectContentInFrame(WebCore::LocalFrame*, WTF::OptionSet<WebCore::DataDetectorType>, std::__1::optional<double>, WTF::CompletionHandler<void (NSArray*)>&&)::$_0::~$_0() + 11689927 [inlined] 22 WebCore 0x197e81fc7 WebCore::DataDetection::detectContentInFrame(WebCore::LocalFrame*, WTF::OptionSet<WebCore::DataDetectorType>, std::__1::optional<double>, WTF::CompletionHandler<void (NSArray*)>&&)::$_0::operator()()::'lambda0'()::~() + 11689927 23 WebCore 0x197e9a4c3 WTF::Detail::CallableWrapper<WebCore::DataDetection::detectContentInFrame(WebCore::LocalFrame*, WTF::OptionSet<WebCore::DataDetectorType>, std::__1::optional<double>, WTF::CompletionHandler<void (NSArray*)>&&)::$_0, void>::~CallableWrapper() + 11789507 [inlined] 24 WebCore 0x197e9a4c3 WTF::Detail::CallableWrapper<WebCore::DataDetection::detectContentInFrame(WebCore::LocalFrame*, WTF::OptionSet<WebCore::DataDetectorType>, std::__1::optional<double>, WTF::CompletionHandler<void (NSArray*)>&&)::$_0, void>::~CallableWrapper() + 11789507 [inlined] 25 WebCore 0x197e9a4c3 WTF::Detail::CallableWrapper<WebCore::DataDetection::detectContentInFrame(WebCore::LocalFrame*, WTF::OptionSet<WebCore::DataDetectorType>, std::__1::optional<double>, WTF::CompletionHandler<void (NSArray*)>&&)::$_0, void>::~CallableWrapper() + 11789507 26 JavaScriptCore 0x19b2c9e3b std::__1::default_delete<WTF::Detail::CallableWrapperBase<void>>::operator()[abi:sn180100](WTF::Detail::CallableWrapperBase<void>*) const + 745019 [inlined] 27 JavaScriptCore 0x19b2c9e3b std::__1::unique_ptr<WTF::Detail::CallableWrapperBase<void>, std::__1::default_delete<WTF::Detail::CallableWrapperBase<void>>>::reset[abi:sn180100](WTF::Detail::CallableWrapperBase<void>*) + 745019 [inlined] 28 JavaScriptCore 0x19b2c9e3b std::__1::unique_ptr<WTF::Detail::CallableWrapperBase<void>, std::__1::default_delete<WTF::Detail::CallableWrapperBase<void>>>::~unique_ptr[abi:sn180100]() + 745019 [inlined] 29 JavaScriptCore 0x19b2c9e3b std::__1::unique_ptr<WTF::Detail::CallableWrapperBase<void>, std::__1::default_delete<WTF::Detail::CallableWrapperBase<void>>>::~unique_ptr[abi:sn180100]() + 745019 [inlined] 30 JavaScriptCore 0x19b2c9e3b WTF::Function<void ()>::~Function() + 745019 [inlined] 31 JavaScriptCore 0x19b2c9e3b WTF::Function<void ()>::~Function() + 745019 [inlined] 32 JavaScriptCore 0x19b2c9e3b WTF::(anonymous namespace)::DispatchWorkItem::~DispatchWorkItem() + 745019 [inlined] 33 JavaScriptCore 0x19b2c9e3b WTF::(anonymous namespace)::DispatchWorkItem::~DispatchWorkItem() + 745019 [inlined] 34 JavaScriptCore 0x19b2c9e3b void WTF::dispatchWorkItem<WTF::(anonymous namespace)::DispatchWorkItem>(void*) + 745019 <
rdar://133488287
>
Attachments
Add attachment
proposed patch, testcase, etc.
Ryosuke Niwa
Comment 1
2024-08-16 15:32:56 PDT
Pull request:
https://github.com/WebKit/WebKit/pull/32328
EWS
Comment 2
2024-08-16 18:56:39 PDT
Committed
282380@main
(c213f1482344): <
https://commits.webkit.org/282380@main
> Reviewed commits have been landed. Closing PR #32328 and removing active labels.
EWS
Comment 3
2024-08-23 13:06:25 PDT
Committed
280938.262@safari-7619-branch
(031367be5b9a): <
https://commits.webkit.org/280938.262@safari-7619-branch
> Reviewed commits have been landed. Closing PR #1639 and removing active labels.
Note
You need to
log in
before you can comment on or make changes to this bug.
Top of Page
Format For Printing
XML
Clone This Bug