[Webkit-unassigned] [Bug 242294] New: [Regression] Mobile Safari 16 beta 2 crashes in slow Wasm loop

Sat Jul 2 22:38:48 PDT 2022

https://bugs.webkit.org/show_bug.cgi?id=242294

            Bug ID: 242294
           Summary: [Regression] Mobile Safari 16 beta 2 crashes in slow
                    Wasm loop
           Product: WebKit
           Version: Other
          Hardware: iPhone / iPad
                OS: Other
            Status: NEW
          Severity: Critical
          Priority: P2
         Component: WebAssembly
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: jonathan at hemi.dev

Created attachment 460636

  --> https://bugs.webkit.org/attachment.cgi?id=460636&action=review

Crash log.ips

Regression in iOS 16 beta 2 compared to iOS 15.5:
A long-running loop in Warm crashes the Safari tab on slow_path_wasm_loop_osr [Attached crash log].
Loop originates from SwiftWasm code (https://github.com/yonihemi/iOS16BetaCrashJavaScriptKitExample/blob/271c3a5728e4857c95846274e9bf40e39a28c0ae/Sources/iOS16Crash/main.swift#L16). 

Steps to Reproduce:
Open sample at https://yonihemi.github.io/iOS16BetaCrashJavaScriptKitExample/
Tap "This will crash iOS MobileSafari" button.

Actual Results:
Tab crashes and reloads.
Subsequent taps display "A problem repeatedly occurred".

Expected Results:
Dialog appears, tab doesn't crash.

Build Date & Hardware:
iPhone OS 16.0 beta 2 (20A5303i)
Also reproduces in iOS simulator

Additional Builds and Platforms:
Doesn't occur in iOS 15.5
Doesn't occur in Desktop SafariTP Release 147 (Safari 16.0, WebKit 17614.1.14.10.16)
Doesn't occur in Desktop SafariTP Release 148 (Safari 16.0, WebKit 17614.1.17.1)

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20220703/7e3d8fcb/attachment.htm>