[Webkit-unassigned] [Bug 180602] New: Crash in WTF::Atomic<unsigned char>::compareExchangeWeak + 36

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Fri Dec 8 13:37:03 PST 2017 

https://bugs.webkit.org/show_bug.cgi?id=180602

            Bug ID: 180602
           Summary: Crash in WTF::Atomic<unsigned
                    char>::compareExchangeWeak + 36
           Product: WebKit
           Version: Other
          Hardware: Unspecified
                OS: Unspecified
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: New Bugs
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: ryanhaddad at apple.com

The following crash was seen on El Capitan Debug WK2 with LayoutTests compositing/video/video-clip-change-src.html and credentials/idlharness.html

https://build.webkit.org/results/Apple%20El%20Capitan%20Debug%20WK2%20(Tests)/r225684%20(4532)/results.html

Thread 1 Crashed:: Dispatch queue: WebResourceLoadStatisticsStore Process Data Queue
0   com.apple.WebKit                    0x000000011396eb2f WTF::Atomic<unsigned char>::compareExchangeWeak(unsigned char, unsigned char, std::__1::memory_order) + 367 (Atomics.h:87)
1   com.apple.WebKit                    0x000000011396e9b3 WTF::LockAlgorithm<unsigned char, (unsigned char)1, (unsigned char)2, WTF::EmptyLockHooks<unsigned char> >::lockFastAssumingZero(WTF::Atomic<unsigned char>&) + 51 (LockAlgorithm.h:54)
2   com.apple.WebKit                    0x000000011396e959 WTF::Lock::lock() + 25 (Lock.h:59)
3   com.apple.WebKit                    0x0000000113b0d326 void WTF::addIterator<unsigned long long, WTF::KeyValuePair<unsigned long long, WebKit::WebPageProxy*>, WTF::KeyValuePairKeyExtractor<WTF::KeyValuePair<unsigned long long, WebKit::WebPageProxy*> >, WTF::IntHash<unsigned long long>, WTF::HashMap<unsigned long long, WebKit::WebPageProxy*, WTF::IntHash<unsigned long long>, WTF::HashTraits<unsigned long long>, WTF::HashTraits<WebKit::WebPageProxy*> >::KeyValuePairTraits, WTF::HashTraits<unsigned long long> >(WTF::HashTable<unsigned long long, WTF::KeyValuePair<unsigned long long, WebKit::WebPageProxy*>, WTF::KeyValuePairKeyExtractor<WTF::KeyValuePair<unsigned long long, WebKit::WebPageProxy*> >, WTF::IntHash<unsigned long long>, WTF::HashMap<unsigned long long, WebKit::WebPageProxy*, WTF::IntHash<unsigned long long>, WTF::HashTraits<unsigned long long>, WTF::HashTraits<WebKit::WebPageProxy*> >::KeyValuePairTraits, WTF::HashTraits<unsigned long long> > const*, WTF::HashTableConstIterator<unsigned long long, WTF::KeyValuePair<unsigned long long, WebKit::WebPageProxy*>, WTF::KeyValuePairKeyExtractor<WTF::KeyValuePair<unsigned long long, WebKit::WebPageProxy*> >, WTF::IntHash<unsigned long long>, WTF::HashMap<unsigned long long, WebKit::WebPageProxy*, WTF::IntHash<unsigned long long>, WTF::HashTraits<unsigned long long>, WTF::HashTraits<WebKit::WebPageProxy*> >::KeyValuePairTraits, WTF::HashTraits<unsigned long long> >*) + 150 (HashTable.h:1413)
4   com.apple.WebKit                    0x0000000113b0d6db WTF::HashTableConstIterator<unsigned long long, WTF::KeyValuePair<unsigned long long, WebKit::WebPageProxy*>, WTF::KeyValuePairKeyExtractor<WTF::KeyValuePair<unsigned long long, WebKit::WebPageProxy*> >, WTF::IntHash<unsigned long long>, WTF::HashMap<unsigned long long, WebKit::WebPageProxy*, WTF::IntHash<unsigned long long>, WTF::HashTraits<unsigned long long>, WTF::HashTraits<WebKit::WebPageProxy*> >::KeyValuePairTraits, WTF::HashTraits<unsigned long long> >::HashTableConstIterator(WTF::HashTable<unsigned long long, WTF::KeyValuePair<unsigned long long, WebKit::WebPageProxy*>, WTF::KeyValuePairKeyExtractor<WTF::KeyValuePair<unsigned long long, 
WebKit::WebPageProxy*> >, WTF::IntHash<unsigned long long>, WTF::HashMap<unsigned long long, WebKit::WebPageProxy*, WTF::IntHash<unsigned long long>, WTF::HashTraits<unsigned long long>, WTF::HashTraits<WebKit::WebPageProxy*> >::KeyValuePairTraits, WTF::HashTraits<unsigned long long> > const*, WTF::KeyValuePair<unsigned long long, WebKit::WebPageProxy*> const*, WTF::KeyValuePair<unsigned long long, WebKit::WebPageProxy*> const*, WTF::HashItemKnownGoodTag) + 59 (HashTable.h:135)
5   com.apple.WebKit                    0x0000000113b0d695 WTF::HashTableConstIterator<unsigned long long, WTF::KeyValuePair<unsigned long long, WebKit::WebPageProxy*>, WTF::KeyValuePairKeyExtractor<WTF::KeyValuePair<unsigned long long, WebKit::WebPageProxy*> >, WTF::IntHash<unsigned long long>, WTF::HashMap<unsigned long long, WebKit::WebPageProxy*, WTF::IntHash<unsigned long long>, WTF::HashTraits<unsigned long long>, WTF::HashTraits<WebKit::WebPageProxy*> >::KeyValuePairTraits, WTF::HashTraits<unsigned long long> >::HashTableConstIterator(WTF::HashTable<unsigned long long, WTF::KeyValuePair<unsigned long long, WebKit::WebPageProxy*>, WTF::KeyValuePairKeyExtractor<WTF::KeyValuePair<unsigned long long, WebKit::WebPageProxy*> >, WTF::IntHash<unsigned long long>, WTF::HashMap<unsigned long long, WebKit::WebPageProxy*, WTF::IntHash<unsigned long long>, WTF::HashTraits<unsigned long long>, WTF::HashTraits<WebKit::WebPageProxy*> >::KeyValuePairTraits, WTF::HashTraits<unsigned long long> > const*, WTF::KeyValuePair<unsigned long long, WebKit::WebPageProxy*> const*, WTF::KeyValuePair<unsigned long long, WebKit::WebPageProxy*> const*, WTF::HashItemKnownGoodTag) + 53 (HashTable.h:135)
6   com.apple.WebKit                    0x0000000113b0d653 WTF::HashTable<unsigned long long, WTF::KeyValuePair<unsigned long long, WebKit::WebPageProxy*>, WTF::KeyValuePairKeyExtractor<WTF::KeyValuePair<unsigned long long, WebKit::WebPageProxy*> >, WTF::IntHash<unsigned long long>, WTF::HashMap<unsigned long long, WebKit::WebPageProxy*, WTF::IntHash<unsigned long long>, WTF::HashTraits<unsigned long long>, WTF::HashTraits<WebKit::WebPageProxy*> >::KeyValuePairTraits, WTF::HashTraits<unsigned long long> >::makeKnownGoodConstIterator(WTF::KeyValuePair<unsigned long long, WebKit::WebPageProxy*>*) const + 67 (HashTable.h:469)
7   com.apple.WebKit                    0x0000000113b0d5af WTF::HashTable<unsigned long long, WTF::KeyValuePair<unsigned long long, WebKit::WebPageProxy*>, WTF::KeyValuePairKeyExtractor<WTF::KeyValuePair<unsigned long long, WebKit::WebPageProxy*> >, WTF::IntHash<unsigned long long>, WTF::HashMap<unsigned long long, WebKit::WebPageProxy*, WTF::IntHash<unsigned long long>, WTF::HashTraits<unsigned long long>, WTF::HashTraits<WebKit::WebPageProxy*> >::KeyValuePairTraits, WTF::HashTraits<unsigned long long> >::end() const + 47 (HashTable.h:380)
8   com.apple.WebKit                    0x0000000113b0d0d7 WTF::HashMap<unsigned long long, WebKit::WebPageProxy*, WTF::IntHash<unsigned long long>, WTF::HashTraits<unsigned long long>, WTF::HashTraits<WebKit::WebPageProxy*> >::end() const + 39 (HashMap.h:266)
9   com.apple.WebKit                    0x0000000113b0cebe WTF::HashMap<unsigned long long, WebKit::WebPageProxy*, WTF::IntHash<unsigned long long>, WTF::HashTraits<unsigned long long>, WTF::HashTraits<WebKit::WebPageProxy*> >::values() const + 110 (HashMap.h:106)
10  com.apple.WebKit                    0x0000000113b0cca3 WebKit::WebProcessProxy::pages() const + 35 (WebProcessProxy.h:102)
11  com.apple.WebKit                    0x0000000114556a55 WebKit::nonEphemeralWebPageProxy() + 277 (WebResourceLoadStatisticsTelemetry.cpp:138)
12  com.apple.WebKit                    0x00000001145563c1 WebKit::WebResourceLoadStatisticsTelemetry::calculateAndSubmit(WebKit::WebResourceLoadStatisticsStore const&) + 321 (WebResourceLoadStatisticsTelemetry.cpp:249)
13  com.apple.WebKit                    0x0000000114538d5d WebKit::WebResourceLoadStatisticsStore::WebResourceLoadStatisticsStore(WTF::String const&, WTF::Function<void (WTF::String const&)>&&, WTF::Function<void (WTF::Vector<WTF::String, 0ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc> const&, WTF::Vector<WTF::String, 0ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc> const&, WTF::Vector<WTF::String, 0ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc> const&, WebKit::ShouldClearFirst)>&&, WTF::Function<void (WTF::String const&, WTF::String const&, bool, WTF::Function<void (bool)>&&)>&&, WTF::Function<void (WTF::Vector<WTF::String, 0ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc> const&)>&&)::$_1::operator()() const + 45 (WebResourceLoadStatisticsStore.cpp:171)
14  com.apple.WebKit                    0x0000000114538c99 WTF::Function<void ()>::CallableWrapper<WebKit::WebResourceLoadStatisticsStore::WebResourceLoadStatisticsStore(WTF::String const&, WTF::Function<void (WTF::String const&)>&&, WTF::Function<void (WTF::Vector<WTF::String, 0ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc> const&, WTF::Vector<WTF::String, 0ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc> const&, WTF::Vector<WTF::String, 0ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc> const&, WebKit::ShouldClearFirst)>&&, WTF::Function<void (WTF::String const&, WTF::String const&, bool, WTF::Function<void (bool)>&&)>&&, WTF::Function<void (WTF::Vector<WTF::String, 0ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc> const&)>&&)::$_1>::call() + 25 (Function.h:101)
15  com.apple.JavaScriptCore            0x0000000110a699fb WTF::Function<void ()>::operator()() const + 139 (Function.h:56)
16  com.apple.JavaScriptCore            0x0000000110af2169 WTF::WorkQueue::dispatchAfter(WTF::Seconds, WTF::Function<void ()>&&)::$_1::operator()() const + 25 (WorkQueueCocoa.cpp:44)
17  com.apple.JavaScriptCore            0x0000000110af2140 WTF::BlockPtr<void ()> WTF::BlockPtr<void ()>::fromCallable<WTF::WorkQueue::dispatchAfter(WTF::Seconds, WTF::Function<void ()>&&)::$_1>(WTF::WorkQueue::dispatchAfter(WTF::Seconds, WTF::Function<void ()>&&)::$_1)::'lambda'(void*)::operator()(void*) const + 32 (BlockPtr.h:94)
18  com.apple.JavaScriptCore            0x0000000110af2118 WTF::BlockPtr<void ()> WTF::BlockPtr<void ()>::fromCallable<WTF::WorkQueue::dispatchAfter(WTF::Seconds, WTF::Function<void ()>&&)::$_1>(WTF::WorkQueue::dispatchAfter(WTF::Seconds, WTF::Function<void ()>&&)::$_1)::'lambda'(void*)::__invoke(void*) + 24 (BlockPtr.h:93)
19  libdispatch.dylib                   0x00007fff8c17e93d _dispatch_call_block_and_release + 12
20  libdispatch.dylib                   0x00007fff8c17340b _dispatch_client_callout + 8
21  libdispatch.dylib                   0x00007fff8c1861f9 _dispatch_after_timer_callback + 77
22  libdispatch.dylib                   0x00007fff8c17340b _dispatch_client_callout + 8
23  libdispatch.dylib                   0x00007fff8c183675 _dispatch_source_latch_and_call + 2235
24  libdispatch.dylib                   0x00007fff8c177a83 _dispatch_source_invoke + 983
25  libdispatch.dylib                   0x00007fff8c178200 _dispatch_queue_drain + 1207
26  libdispatch.dylib                   0x00007fff8c17e707 _dispatch_queue_invoke + 549
27  libdispatch.dylib                   0x00007fff8c176d53 _dispatch_root_queue_drain + 538
28  libdispatch.dylib                   0x00007fff8c176b00 _dispatch_worker_thread3 + 91
29  libsystem_pthread.dylib             0x00007fff90bc34de _pthread_wqthread + 1129
30  libsystem_pthread.dylib             0x00007fff90bc1341 start_wqthread + 13

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20171208/5ffbc149/attachment-0001.html>

More information about the webkit-unassigned mailing list