[Webkit-unassigned] [Bug 164798] New: REGRESSION (r208730): WTFCrashWithSecurityImplication under UserMediaPermissionRequestManager::removeMediaRequestFromMaps

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Tue Nov 15 15:11:03 PST 2016


https://bugs.webkit.org/show_bug.cgi?id=164798

            Bug ID: 164798
           Summary: REGRESSION (r208730): WTFCrashWithSecurityImplication
                    under
                    UserMediaPermissionRequestManager::removeMediaRequestF
                    romMaps
    Classification: Unclassified
           Product: WebKit
           Version: Other
          Hardware: Unspecified
                OS: Unspecified
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: Media Elements
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: ap at webkit.org
                CC: eric.carlson at apple.com, ryanhaddad at apple.com,
                    webkit-bug-importer at group.apple.com

Got this crash when running the tests locally. The code that crashes was added today in r208730.

Thread 0 Crashed:: Dispatch queue: com.apple.main-thread
0   com.apple.JavaScriptCore          0x00000001065257a4 WTFCrash + 36 (Assertions.cpp:323)
1   com.apple.JavaScriptCore          0x00000001065257b9 WTFCrashWithSecurityImplication + 9
2   com.apple.WebCore                 0x0000000108b7801c WTF::match_constness<WebCore::ScriptExecutionContext, WebCore::Document>::type* WTF::downcast<WebCore::Document, WebCore::ScriptExecutionContext>(WebCore::ScriptExecutionContext*) + 76 (TypeCasts.h:89)
3   com.apple.WebCore                 0x000000010b498029 WebCore::UserMediaRequest::document() const + 57 (UserMediaRequest.cpp:246)
4   com.apple.WebKit                  0x000000010276a357 WebKit::UserMediaPermissionRequestManager::removeMediaRequestFromMaps(WebCore::UserMediaRequest&) + 39 (UserMediaPermissionRequestManager.cpp:126)
5   com.apple.WebKit                  0x000000010276a133 WebKit::UserMediaPermissionRequestManager::cancelUserMediaRequest(WebCore::UserMediaRequest&) + 99 (UserMediaPermissionRequestManager.cpp:108)
6   com.apple.WebKit                  0x0000000102cf8bb9 WebKit::WebUserMediaClient::cancelUserMediaAccessRequest(WebCore::UserMediaRequest&) + 41 (WebUserMediaClient.cpp:51)
7   com.apple.WebCore                 0x000000010b497fe3 WebCore::UserMediaController::cancelUserMediaAccessRequest(WebCore::UserMediaRequest&) + 51 (UserMediaController.h:64)
8   com.apple.WebCore                 0x000000010b497f53 WebCore::UserMediaRequest::contextDestroyed() + 67 (UserMediaRequest.cpp:235)
9   com.apple.WebCore                 0x000000010aee4919 WebCore::ScriptExecutionContext::~ScriptExecutionContext() + 137 (ScriptExecutionContext.cpp:127)
10  com.apple.WebCore                 0x00000001091f3dbe WebCore::Document::~Document() + 8174 (Document.cpp:656)

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.webkit.org/pipermail/webkit-unassigned/attachments/20161115/8ee1a656/attachment-0001.html>


More information about the webkit-unassigned mailing list