[Webkit-unassigned] [Bug 237977] New: tv.youtube.com asserts in CustomElementQueue::add()

Wed Mar 16 13:03:58 PDT 2022

https://bugs.webkit.org/show_bug.cgi?id=237977

            Bug ID: 237977
           Summary: tv.youtube.com asserts in CustomElementQueue::add()
           Product: WebKit
           Version: WebKit Nightly Build
          Hardware: Unspecified
                OS: Unspecified
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: DOM
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: simon.fraser at apple.com

Loading tv.youtube.com (logged in) quickly asserts here:

ASSERTION FAILED: !m_invoking
./dom/CustomElementReactionQueue.cpp(247) : void WebCore::CustomElementQueue::add(WebCore::Element &)
1   0x538bc7ed9 WTFCrash
2   0x54cb6716b WTFCrashWithInfo(int, char const*, char const*, int)
3   0x54fdf181c WebCore::CustomElementQueue::add(WebCore::Element&)
4   0x54fdf0610 WebCore::CustomElementReactionQueue::enqueueElementOnAppropriateElementQueue(WebCore::Element&)
5   0x54fdf104a WebCore::CustomElementReactionQueue::enqueueAttributeChangedCallbackIfNeeded(WebCore::Element&, WebCore::QualifiedName const&, WTF::AtomString const&, WTF::AtomString const&)
6   0x54ff05301 WebCore::Element::attributeChanged(WebCore::QualifiedName const&, WTF::AtomString const&, WTF::AtomString const&, WebCore::Element::AttributeModificationReason)
7   0x55006a800 WebCore::StyledElement::attributeChanged(WebCore::QualifiedName const&, WTF::AtomString const&, WTF::AtomString const&, WebCore::Element::AttributeModificationReason)
8   0x54ff0bd14 WebCore::Element::didAddAttribute(WebCore::QualifiedName const&, WTF::AtomString const&)
9   0x54ff0bc70 WebCore::Element::addAttributeInternal(WebCore::QualifiedName const&, WTF::AtomString const&, WebCore::Element::SynchronizationOfLazyAttribute)
10  0x54ff0494c WebCore::Element::setAttributeInternal(unsigned int, WebCore::QualifiedName const&, WTF::AtomString const&, WebCore::Element::SynchronizationOfLazyAttribute)
11  0x54ff04d22 WebCore::Element::setAttributeWithoutSynchronization(WebCore::QualifiedName const&, WTF::AtomString const&)
12  0x54d758aa8 WebCore::setJSElement_ariaLabelSetter(JSC::JSGlobalObject&, WebCore::JSElement&, JSC::JSValue)::'lambda'()::operator()() const
13  0x54d758a3d void WebCore::invokeFunctorPropagatingExceptionIfNecessary<WebCore::setJSElement_ariaLabelSetter(JSC::JSGlobalObject&, WebCore::JSElement&, JSC::JSValue)::'lambda'()>(JSC::JSGlobalObject&, JSC::ThrowScope&, WebCore::setJSElement_ariaLabelSetter(JSC::JSGlobalObject&, WebCore::JSElement&, JSC::JSValue)::'lambda'()&&)
14  0x54d7589e6 WebCore::setJSElement_ariaLabelSetter(JSC::JSGlobalObject&, WebCore::JSElement&, JSC::JSValue)
15  0x54d691696 bool WebCore::IDLAttribute<WebCore::JSElement>::set<&(WebCore::setJSElement_ariaLabelSetter(JSC::JSGlobalObject&, WebCore::JSElement&, JSC::JSValue)), (WebCore::CastedThisErrorBehavior)0>(JSC::JSGlobalObject&, long long, long long, JSC::PropertyName)
16  0x54d691515 WebCore::setJSElement_ariaLabel(JSC::JSGlobalObject*, long long, long long, JSC::PropertyName)
17  0x53a7efd44 JSC::JSObject::putInlineSlow(JSC::JSGlobalObject*, JSC::PropertyName, JSC::JSValue, JSC::PutPropertySlot&)
18  0x53a7ef52c JSC::JSObject::putInlineForJSObject(JSC::JSCell*, JSC::JSGlobalObject*, JSC::PropertyName, JSC::JSValue, JSC::PutPropertySlot&)
19  0x539e1a631 JSC::JSCell::putInline(JSC::JSGlobalObject*, JSC::PropertyName, JSC::JSValue, JSC::PutPropertySlot&)
20  0x539e1b070 JSC::JSValue::putInline(JSC::JSGlobalObject*, JSC::PropertyName, JSC::JSValue, JSC::PutPropertySlot&)
21  0x53a32b820 llint_slow_path_put_by_id
22  0x539273507 llint_entry
23  0x53928aea7 llint_entry
24  0x53928bf4b llint_entry
25  0x53928aea7 llint_entry
26  0x53928aea7 llint_entry
27  0x241a848d0bdb
28  0x241a8482389b
29  0x241a848b0c21
30  0x241a84a9a396
31  0x241a84a9b852

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20220316/1498fa09/attachment-0001.htm>