[Webkit-unassigned] [Bug 279372] New: Release assert in ElementIterator<WebCore::HTMLAnchorElement>::traverseAncestor() via searchForLinkRemovingExistingDDLinks

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Mon Sep 9 10:54:11 PDT 2024 

https://bugs.webkit.org/show_bug.cgi?id=279372

            Bug ID: 279372
           Summary: Release assert in
                    ElementIterator<WebCore::HTMLAnchorElement>::traverseA
                    ncestor() via searchForLinkRemovingExistingDDLinks
           Product: WebKit
           Version: Safari Technology Preview
          Hardware: Unspecified
                OS: Unspecified
            Status: NEW
          Keywords: InRadar
          Severity: Normal
          Priority: P2
         Component: WebCore Misc.
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: rniwa at webkit.org

e.g.
Thread 0 name:   Dispatch queue: com.apple.main-thread
Thread 0 Crashed:
0   WebCore                                    0x1add9ec40 WTFCrashWithInfo(int, char const*, char const*, int) + 11426880 [inlined]
1   WebCore                                    0x1add9ec40 WTF::CanMakeCheckedPtrBase<WTF::SingleThreadIntegralWrapper<unsigned int>, unsigned int>::decrementPtrCount() const + 11426880 [inlined]
2   WebCore                                    0x1add9ec40 WTF::CheckedPtr<WebCore::HTMLAnchorElement, WTF::RawPtrTraits<WebCore::HTMLAnchorElement>>::derefIfNotNull() + 11426880 [inlined]
3   WebCore                                    0x1add9ec40 WTF::CheckedPtr<WebCore::HTMLAnchorElement, WTF::RawPtrTraits<WebCore::HTMLAnchorElement>>::~CheckedPtr() + 11426880 [inlined]
4   WebCore                                    0x1add9ec40 WTF::CheckedPtr<WebCore::HTMLAnchorElement, WTF::RawPtrTraits<WebCore::HTMLAnchorElement>>::~CheckedPtr() + 11426880 [inlined]
5   WebCore                                    0x1add9ec40 WTF::CheckedPtr<WebCore::HTMLLinkElement, WTF::RawPtrTraits<WebCore::HTMLLinkElement>>::operator=(WebCore::HTMLLinkElement*) + 11426880
6   WebCore                                    0x1add8d3eb WebCore::ElementIterator<WebCore::HTMLAnchorElement>::traverseAncestor() + 11355115 [inlined]
7   WebCore                                    0x1add8d3eb WebCore::ElementAncestorIterator<WebCore::HTMLAnchorElement>::operator++() + 11355115 [inlined]
8   WebCore                                    0x1add8d3eb WebCore::searchForLinkRemovingExistingDDLinks(WebCore::Node&, WebCore::Node&) + 11355115 [inlined]
9   WebCore                                    0x1add8d3eb WebCore::processDataDetectorScannerResults(__DDScanner*, WTF::OptionSet<WebCore::DataDetectorType>, std::__1::optional<double>, __DDScanQuery*, WebCore::SimpleRange const&, WTF::Vector<WebCore::DDQueryFragmentCore, 0ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc> const&) + 11355115
10  WebCore                                    0x1adda34cb WebCore::DataDetection::detectContentInFrame(WebCore::LocalFrame*, WTF::OptionSet<WebCore::DataDetectorType>, std::__1::optional<double>, WTF::CompletionHandler<void (NSArray*)>&&)::$_0::operator()()::'lambda0'()::operator()() + 11445451 [inlined]
11  WebCore                                    0x1adda34cb WTF::Detail::CallableWrapper<WebCore::DataDetection::detectContentInFrame(WebCore::LocalFrame*, WTF::OptionSet<WebCore::DataDetectorType>, std::__1::optional<double>, WTF::CompletionHandler<void (NSArray*)>&&)::$_0::operator()()::'lambda0'(), void>::call() + 11445451
12  JavaScriptCore                             0x1b11fd6eb WTF::Function<void ()>::operator()() const + 370411 [inlined]
13  JavaScriptCore                             0x1b11fd6eb WTF::RunLoop::performWork() + 370411

<rdar://134586621>

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20240909/c1ba8b3e/attachment.htm>

More information about the webkit-unassigned mailing list