[Webkit-unassigned] [Bug 275957] New: REGRESSION (iOS 18 beta 2): Crash in WTF::Detail::CallableWrapper<WebKit::WebPageProxy::WebPageProxy(...)>::call()

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Thu Jun 27 10:31:54 PDT 2024 

https://bugs.webkit.org/show_bug.cgi?id=275957

            Bug ID: 275957
           Summary: REGRESSION (iOS 18 beta 2): Crash in
                    WTF::Detail::CallableWrapper<WebKit::WebPageProxy::Web
                    PageProxy(...)>::call()
           Product: WebKit
           Version: WebKit Nightly Build
          Hardware: Unspecified
                OS: Unspecified
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: WebKit2
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: ajuma at chromium.org
                CC: beidson at apple.com, kkinnunen at apple.com,
                    sihui_liu at apple.com, wenson_hsieh at apple.com

Created attachment 471758

  --> https://bugs.webkit.org/attachment.cgi?id=471758&action=review

Crash log

Chrome for iOS is getting reports of a new crash in WTF::Detail::CallableWrapper<WebKit::WebPageProxy::WebPageProxy(...)::call() in iOS 18 beta 2. This is the #3 top crash for Chrome on iOS 18 beta 2.

We don't have steps to reproduce but I've attached a crash log. The crash stack is:
Exception Type:  EXC_BAD_ACCESS (SIGSEGV)
Exception Subtype: KERN_INVALID_ADDRESS at 0x0000000000000000

Thread 0 Crashed:
0   WebKit                              0x00000001a0b3f3b4 WTF::Detail::CallableWrapper<WebKit::WebPageProxy::WebPageProxy(WebKit::PageClient&, WebKit::WebProcessProxy&, WTF::Ref<API::PageConfiguration, WTF::RawPtrTraits<API::PageConfiguration>, WTF::Defau... + 56 (Function.h:53)
1   WebKit                              0x00000001a0352d64 WTF::Function<void ()>::operator()() const + 80 (Function.h:82)
2   WebKit                              0x00000001a0352d08 WTF::RunLoop::Timer::fired() + 32 (RunLoop.h:195)
3   JavaScriptCore                      0x00000001a13ca24c WTF::RunLoop::TimerBase::start(WTF::Seconds, bool)::$_0::__invoke(__CFRunLoopTimer*, void*) + 96 (RunLoopCF.cpp:126)
4   CoreFoundation                      0x000000018a38062c __CFRUNLOOP_IS_CALLING_OUT_TO_A_TIMER_CALLBACK_FUNCTION__ + 32 (CFRunLoop.c:1792)
5   CoreFoundation                      0x000000018a3802d0 __CFRunLoopDoTimer + 1012 (CFRunLoop.c:2399)
6   CoreFoundation                      0x000000018a37fe24 __CFRunLoopDoTimers + 288 (CFRunLoop.c:2557)
7   CoreFoundation                      0x000000018a31e2fc __CFRunLoopRun + 1872 (CFRunLoop.c:3117)
8   CoreFoundation                      0x000000018a31d714 CFRunLoopRunSpecific + 608 (CFRunLoop.c:3415)
9   GraphicsServices                    0x00000001d5e191c4 GSEventRunModal + 164 (GSEvent.c:2196)
10  UIKitCore                           0x000000018ce91564 -[UIApplication _run] + 888 (UIApplication.m:3809)
11  UIKitCore                           0x000000018cf3f530 UIApplicationMain + 340 (UIApplication.m:5409)
12  Chrome                              0x000000010079c1f0 0x100798000 + 16880
13  dyld                                0x00000001afec7cd0 start + 2760 (dyldMain.cpp:1335)

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20240627/086f4b36/attachment.htm>

More information about the webkit-unassigned mailing list