[Webkit-unassigned] [Bug 230717] New: [Catalina BigSur wk1 Debug ] resize-observer/delete-observers-in-callbacks.html is a flaky crash
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Thu Sep 23 14:23:56 PDT 2021
https://bugs.webkit.org/show_bug.cgi?id=230717
Bug ID: 230717
Summary: [Catalina BigSur wk1 Debug ]
resize-observer/delete-observers-in-callbacks.html is
a flaky crash
Product: WebKit
Version: WebKit Nightly Build
Hardware: Unspecified
OS: Unspecified
Status: NEW
Severity: Normal
Priority: P2
Component: CSS
Assignee: webkit-unassigned at lists.webkit.org
Reporter: ehutchison at apple.com
Created attachment 439091
--> https://bugs.webkit.org/attachment.cgi?id=439091&action=review
Crash Log
resize-observer/delete-observers-in-callbacks.html
is a flaky crash on BigSur/Catalina wk1 Debug.
History: https://results.webkit.org/?suite=layout-tests&test=resize-observer/delete-observers-in-callbacks.html
Results: https://ews-build.webkit.org/#/builders/56/builds/15816, https://build.webkit.org/results/Apple-BigSur-Debug-WK1-Tests/r282862%20(4285)/results.html, https://build.webkit.org/results/Apple-BigSur-Debug-WK1-Tests/r282862%20(4285)/results.html
Crash Log attached
CRASHING TEST: resize-observer/delete-observers-in-callbacks.html
Thread 0 Crashed:
0 com.apple.JavaScriptCore 0x00000001041d3906 adjustStat + 76 (Heap.cpp:105) [inlined]
1 com.apple.JavaScriptCore 0x00000001041d3906 adjustFreeableMemory + 106 (Heap.cpp:118) [inlined]
2 com.apple.JavaScriptCore 0x00000001041d3906 bmalloc::Heap::decommitLargeRange(std::__1::unique_lock<bmalloc::Mutex>&, bmalloc::LargeRange&, bmalloc::BulkDecommit&) + 486 (Heap.cpp:146)
3 com.apple.JavaScriptCore 0x00000001041d41dc bmalloc::Heap::scavenge(std::__1::unique_lock<bmalloc::Mutex>&, bmalloc::BulkDecommit&, unsigned long&) + 1548 (Heap.cpp:199)
4 com.apple.JavaScriptCore 0x00000001041e457d bmalloc::Scavenger::scavenge() + 205 (Scavenger.cpp:208)
5 com.apple.JavaScriptCore 0x00000001041c7b26 bmalloc::api::scavenge() + 134 (bmalloc.cpp:142)
6 com.apple.JavaScriptCore 0x0000000104096be9 WTF::releaseFastMallocFreeMemory() + 9 (FastMalloc.cpp:638)
7 com.apple.WebCore 0x000000012c55b6c5 WebCore::GCController::garbageCollectNow() + 117 (GCController.cpp:97)
8 com.apple.WebKitLegacy 0x000000010c9d6c3d +[WebCoreStatistics garbageCollectJavaScriptObjects] + 29 (WebCoreStatistics.mm:108)
9 DumpRenderTree 0x000000010297acb3 GCController::collect() const + 35 (GCControllerMac.mm:38)
10 DumpRenderTree 0x000000010297ab76 collectCallback(OpaqueJSContext const*, OpaqueJSValue*, OpaqueJSValue*, unsigned long, OpaqueJSValue const* const*, OpaqueJSValue const**) + 54 (GCController.cpp:39)
11 com.apple.JavaScriptCore 0x0000000104858b9a long long JSC::APICallbackFunction::callImpl<JSC::JSCallbackFunction>(JSC::JSGlobalObject*, JSC::CallFrame*) + 618 (APICallbackFunction.h:61)
12 com.apple.JavaScriptCore 0x000000010484c53d JSC::callJSCallbackFunction(JSC::JSGlobalObject*, JSC::CallFrame*) + 29 (JSCallbackFunction.cpp:42)
13 ??? 0x000050c874401027 0 + 88821874036775
14 com.apple.JavaScriptCore 0x000000010471e87f llint_entry + 144485
15 com.apple.JavaScriptCore 0x000000010471e92f llint_entry + 144661
16 com.apple.JavaScriptCore 0x00000001046fb120 vmEntryToJavaScript + 289
17 com.apple.JavaScriptCore 0x00000001056e329b JSC::JITCode::execute(JSC::VM*, JSC::ProtoCallFrame*) + 235 (JITCodeInlines.h:42)
18 com.apple.JavaScriptCore 0x00000001056e3a77 JSC::Interpreter::executeCall(JSC::JSGlobalObject*, JSC::JSObject*, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) + 1847 (Interpreter.cpp:900)
19 com.apple.JavaScriptCore 0x0000000105ad8e3d JSC::call(JSC::JSGlobalObject*, JSC::JSValue, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) + 221 (CallData.cpp:57)
20 com.apple.JavaScriptCore 0x0000000105ad8f1f JSC::call(JSC::JSGlobalObject*, JSC::JSValue, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&, WTF::NakedPtr<JSC::Exception>&) + 207 (CallData.cpp:64)
21 com.apple.JavaScriptCore 0x0000000105ad9202 JSC::profiledCall(JSC::JSGlobalObject*, JSC::ProfilingReason, JSC::JSValue, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&, WTF::NakedPtr<JSC::Exception>&) + 130 (CallData.cpp:85)
22 com.apple.WebCore 0x000000012c564d6e WebCore::JSExecState::profiledCall(JSC::JSGlobalObject*, JSC::ProfilingReason, JSC::JSValue, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&, WTF::NakedPtr<JSC::Exception>&) + 110 (JSExecState.h:73)
23 com.apple.WebCore 0x000000012c5649c0 WebCore::JSCallbackData::invokeCallback(WebCore::JSDOMGlobalObject&, JSC::JSObject*, JSC::JSValue, JSC::MarkedArgumentBufferWithSize<8ul>&, WebCore::JSCallbackData::CallbackType, JSC::PropertyName, WTF::NakedPtr<JSC::Exception>&) + 1504 (JSCallbackData.cpp:91)
24 com.apple.WebCore 0x000000012aad367d WebCore::JSCallbackDataWeak::invokeCallback(JSC::JSValue, JSC::MarkedArgumentBufferWithSize<8ul>&, WebCore::JSCallbackData::CallbackType, JSC::PropertyName, WTF::NakedPtr<JSC::Exception>&) + 173 (JSCallbackData.h:113)
25 com.apple.WebCore 0x000000012affacc5 WebCore::JSResizeObserverCallback::handleEvent(WebCore::ResizeObserver&, WTF::Vector<WTF::Ref<WebCore::ResizeObserverEntry, WTF::RawPtrTraits<WebCore::ResizeObserverEntry> >, 0ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc> const&, WebCore::ResizeObserver&) + 533 (JSResizeObserverCallback.cpp:77)
26 com.apple.WebCore 0x000000012ddc5f45 WebCore::ResizeObserver::deliverObservations() + 965 (ResizeObserver.cpp:145)
27 com.apple.WebCore 0x000000012cccf2ea WebCore::Document::deliverResizeObservations() + 154 (Document.cpp:8111)
28 com.apple.WebCore 0x000000012cccf60a WebCore::Document::updateResizeObservations(WebCore::Page&) + 106 (Document.cpp:8141)
29 com.apple.WebCore 0x000000012dd4a5b0 WebCore::Page::updateRendering()::$_28::operator()(WebCore::Document&) const + 32 (Page.cpp:1592)
30 com.apple.WebCore 0x000000012dd4a543 WTF::Detail::CallableWrapper<WebCore::Page::updateRendering()::$_28, void, WebCore::Document&>::call(WebCore::Document&) + 51 (Function.h:53)
31 com.apple.WebCore 0x000000012cc0e1ca WTF::Function<void (WebCore::Document&)>::operator()(WebCore::Document&) const + 154 (Function.h:82)
32 com.apple.WebCore 0x000000012dcfca7c WebCore::Page::forEachDocument(WTF::Function<void (WebCore::Document&)> const&) const + 220 (Page.cpp:3354)
33 com.apple.WebCore 0x000000012dd0417c WebCore::Page::updateRendering()::$_21::operator()(WebCore::RenderingUpdateStep, WTF::Function<void (WebCore::Document&)> const&) const + 92 (Page.cpp:1557)
34 com.apple.WebCore 0x000000012dd03ddf WebCore::Page::updateRendering() + 927 (Page.cpp:1591)
35 com.apple.WebKitLegacy 0x000000010c96d376 -[WebView(WebPrivate) _updateRendering] + 86 (WebView.mm:1730)
36 com.apple.WebKitLegacy 0x000000010c976e34 -[WebView(WebPrivate) _forceRepaintForTesting] + 36 (WebView.mm:4426)
37 DumpRenderTree 0x0000000102934617 updateDisplay() + 55 (DumpRenderTree.mm:1582)
38 DumpRenderTree 0x0000000102933b63 dump() + 35 (DumpRenderTree.mm:1599)
39 DumpRenderTree 0x00000001029fc991 TestRunner::forceImmediateCompletion() + 65 (TestRunnerMac.mm:290)
40 DumpRenderTree 0x00000001029ebfa6 forceImmediateCompletionCallback(OpaqueJSContext const*, OpaqueJSValue*, OpaqueJSValue*, unsigned long, OpaqueJSValue const* const*, OpaqueJSValue const**) + 54 (TestRunner.cpp:1808)
41 com.apple.JavaScriptCore 0x0000000104858b9a long long JSC::APICallbackFunction::callImpl<JSC::JSCallbackFunction>(JSC::JSGlobalObject*, JSC::CallFrame*) + 618 (APICallbackFunction.h:61)
42 com.apple.JavaScriptCore 0x000000010484c53d JSC::callJSCallbackFunction(JSC::JSGlobalObject*, JSC::CallFrame*) + 29 (JSCallbackFunction.cpp:42)
43 ??? 0x000050c874401027 0 + 88821874036775
44 com.apple.JavaScriptCore 0x000000010471e92f llint_entry + 144661
45 com.apple.JavaScriptCore 0x00000001046fb120 vmEntryToJavaScript + 289
46 com.apple.JavaScriptCore 0x00000001056e329b JSC::JITCode::execute(JSC::VM*, JSC::ProtoCallFrame*) + 235 (JITCodeInlines.h:42)
47 com.apple.JavaScriptCore 0x00000001056e3a77 JSC::Interpreter::executeCall(JSC::JSGlobalObject*, JSC::JSObject*, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) + 1847 (Interpreter.cpp:900)
48 com.apple.JavaScriptCore 0x0000000105ad8e3d JSC::call(JSC::JSGlobalObject*, JSC::JSValue, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) + 221 (CallData.cpp:57)
49 com.apple.JavaScriptCore 0x0000000105ad8f1f JSC::call(JSC::JSGlobalObject*, JSC::JSValue, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&, WTF::NakedPtr<JSC::Exception>&) + 207 (CallData.cpp:64)
50 com.apple.JavaScriptCore 0x0000000105ad9202 JSC::profiledCall(JSC::JSGlobalObject*, JSC::ProfilingReason, JSC::JSValue, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&, WTF::NakedPtr<JSC::Exception>&) + 130 (CallData.cpp:85)
51 com.apple.WebCore 0x000000012c564d6e WebCore::JSExecState::profiledCall(JSC::JSGlobalObject*, JSC::ProfilingReason, JSC::JSValue, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&, WTF::NakedPtr<JSC::Exception>&) + 110 (JSExecState.h:73)
52 com.apple.WebCore 0x000000012c6325e1 WebCore::ScheduledAction::executeFunctionInContext(JSC::JSGlobalObject*, JSC::JSValue, WebCore::ScriptExecutionContext&) + 1009 (ScheduledAction.cpp:121)
53 com.apple.WebCore 0x000000012c632005 WebCore::ScheduledAction::execute(WebCore::Document&) + 277 (ScheduledAction.cpp:141)
54 com.apple.WebCore 0x000000012c631ec3 WebCore::ScheduledAction::execute(WebCore::ScriptExecutionContext&) + 67 (ScheduledAction.cpp:86)
55 com.apple.WebCore 0x000000012dbfa947 WebCore::DOMTimer::fired() + 1063 (DOMTimer.cpp:337)
56 com.apple.WebCore 0x000000012df4c624 WebCore::ThreadTimers::sharedTimerFiredInternal() + 644 (ThreadTimers.cpp:127)
57 com.apple.WebCore 0x000000012df52971 WebCore::ThreadTimers::setSharedTimer(WebCore::SharedTimer*)::$_0::operator()() const + 33 (ThreadTimers.cpp:67)
58 com.apple.WebCore 0x000000012df528fe WTF::Detail::CallableWrapper<WebCore::ThreadTimers::setSharedTimer(WebCore::SharedTimer*)::$_0, void>::call() + 30 (Function.h:53)
59 com.apple.WebCore 0x0000000129ab07f2 WTF::Function<void ()>::operator()() const + 130 (Function.h:82)
60 com.apple.WebCore 0x000000012def95cb WebCore::MainThreadSharedTimer::fired() + 139 (MainThreadSharedTimer.cpp:83)
61 com.apple.WebCore 0x000000012dfe1436 WebCore::timerFired(__CFRunLoopTimer*, void*) + 38 (MainThreadSharedTimerCF.cpp:85)
62 com.apple.CoreFoundation 0x00007fff204ca2b9 0x7fff20430000 + 631481
63 com.apple.CoreFoundation 0x00007fff204c9dad 0x7fff20430000 + 630189
64 com.apple.CoreFoundation 0x00007fff204c990a 0x7fff20430000 + 629002
65 com.apple.CoreFoundation 0x00007fff204b04d3 0x7fff20430000 + 525523
66 com.apple.CoreFoundation 0x00007fff204af64c 0x7fff20430000 + 521804
67 DumpRenderTree 0x00000001029326cb runTest(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&) + 3323 (DumpRenderTree.mm:1963)
68 DumpRenderTree 0x000000010293192a runTestingServerLoop() + 218 (DumpRenderTree.mm:1077)
69 DumpRenderTree 0x0000000102931168 dumpRenderTree(int, char const**) + 616 (DumpRenderTree.mm:1190)
70 DumpRenderTree 0x0000000102933262 DumpRenderTreeMain(int, char const**) + 114 (DumpRenderTree.mm:1301)
71 DumpRenderTree 0x0000000102a1eba2 main + 34 (DumpRenderTreeMain.mm:34)
72 libdyld.dylib 0x00007fff203d3f5d 0x7fff203be000 + 89949
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20210923/205eb792/attachment-0001.htm>
More information about the webkit-unassigned
mailing list