[Webkit-unassigned] [Bug 279669] New: AX: `accessibility/iframe-content-inert.html` is a flaky crash
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Fri Sep 13 03:44:20 PDT 2024
https://bugs.webkit.org/show_bug.cgi?id=279669
Bug ID: 279669
Summary: AX: `accessibility/iframe-content-inert.html` is a
flaky crash
Product: WebKit
Version: WebKit Nightly Build
Hardware: Unspecified
OS: Unspecified
Status: NEW
Severity: Normal
Priority: P2
Component: Accessibility
Assignee: webkit-unassigned at lists.webkit.org
Reporter: vitaly at igalia.com
CC: andresg_22 at apple.com,
webkit-bug-importer at group.apple.com
Stack trace:
```
#0 0x00007f236d9f1af9 in WTF::HashTable<WTF::WeakRef<WebCore::Widget, WTF::SingleThreadWeakPtrImpl>, WTF::KeyValuePair<WTF::WeakRef<WebCore::Widget, WTF::SingleThreadWeakPtrImpl>, WTF::ObjectIdentifierGeneric<WebCore::AXIDType, WTF::ObjectIdentifierMainThreadAccessTraits<unsigned long>, unsigned long, (WTF::SupportsObjectIdentifierNullState)1> >, WTF::KeyValuePairKeyExtractor<WTF::KeyValuePair<WTF::WeakRef<WebCore::Widget, WTF::SingleThreadWeakPtrImpl>, WTF::ObjectIdentifierGeneric<WebCore::AXIDType, WTF::ObjectIdentifierMainThreadAccessTraits<unsigned long>, unsigned long, (WTF::SupportsObjectIdentifierNullState)1> > >, WTF::DefaultHash<WTF::WeakRef<WebCore::Widget, WTF::SingleThreadWeakPtrImpl> >, WTF::HashMap<WTF::WeakRef<WebCore::Widget, WTF::SingleThreadWeakPtrImpl>, WTF::ObjectIdentifierGeneric<WebCore::AXIDType, WTF::ObjectIdentifierMainThreadAccessTraits<unsigned long>, unsigned long, (WTF::SupportsObjectIdentifierNullState)1>, WTF::DefaultHash<WTF::WeakRef<WebCore::Widget, WTF::SingleThreadWeakPtrImpl> >, WTF::HashTraits<WTF::WeakRef<WebCore::Widget, WTF::SingleThreadWeakPtrImpl> >, WTF::HashTraits<WTF::ObjectIdentifierGeneric<WebCore::AXIDType, WTF::ObjectIdentifierMainThreadAccessTraits<unsigned long>, unsigned long, (WTF::SupportsObjectIdentifierNullState)1> >, WTF::HashTableTraits>::KeyValuePairTraits, WTF::HashTraits<WTF::WeakRef<WebCore::Widget, WTF::SingleThreadWeakPtrImpl> > >::inlineLookup<WTF::HashMapTranslator<WTF::HashMap<WTF::WeakRef<WebCore::Widget, WTF::SingleThreadWeakPtrImpl>, WTF::ObjectIdentifierGeneric<WebCore::AXIDType, WTF::ObjectIdentifierMainThreadAccessTraits<unsigned long>, unsigned long, (WTF::SupportsObjectIdentifierNullState)1>, WTF::DefaultHash<WTF::WeakRef<WebCore::Widget, WTF::SingleThreadWeakPtrImpl> >, WTF::HashTraits<WTF::WeakRef<WebCore::Widget, WTF::SingleThreadWeakPtrImpl> >, WTF::HashTraits<WTF::ObjectIdentifierGeneric<WebCore::AXIDType, WTF::ObjectIdentifierMainThreadAccessTraits<unsigned long>, unsigned long, (WTF::SupportsObjectIdentifierNullState)1> >, WTF::HashTableTraits>::KeyValuePairTraits, WTF::DefaultHash<WTF::WeakRef<WebCore::Widget, WTF::SingleThreadWeakPtrImpl> > >, WebCore::Widget const*>(WebCore::Widget const* const&) (this=0x80, key=@0x7ffe438b88a0: 0x7f228e046060) at /app/webkit/WebKitBuild/GTK/Debug/WTF/Headers/wtf/HashTable.h:676
#1 0x00007f236d9ded14 in WTF::HashMap<WTF::WeakRef<WebCore::Widget, WTF::SingleThreadWeakPtrImpl>, WTF::ObjectIdentifierGeneric<WebCore::AXIDType, WTF::ObjectIdentifierMainThreadAccessTraits<unsigned long>, unsigned long, (WTF::SupportsObjectIdentifierNullState)1>, WTF::DefaultHash<WTF::WeakRef<WebCore::Widget, WTF::SingleThreadWeakPtrImpl> >, WTF::HashTraits<WTF::WeakRef<WebCore::Widget, WTF::SingleThreadWeakPtrImpl> >, WTF::HashTraits<WTF::ObjectIdentifierGeneric<WebCore::AXIDType, WTF::ObjectIdentifierMainThreadAccessTraits<unsigned long>, unsigned long, (WTF::SupportsObjectIdentifierNullState)1> >, WTF::HashTableTraits>::inlineGet<WTF::WeakRef<WebCore::Widget, WTF::SingleThreadWeakPtrImpl> >(std::add_const<WTF::GetPtrHelper<WTF::WeakRef<WebCore::Widget, WTF::SingleThreadWeakPtrImpl> >::UnderlyingType>::type*) const (this=0x80, key=0x7f228e046060) at /app/webkit/WebKitBuild/GTK/Debug/WTF/Headers/wtf/HashMap.h:609
#2 0x00007f236d9cfcef in WTF::HashMap<WTF::WeakRef<WebCore::Widget, WTF::SingleThreadWeakPtrImpl>, WTF::ObjectIdentifierGeneric<WebCore::AXIDType, WTF::ObjectIdentifierMainThreadAccessTraits<unsigned long>, unsigned long, (WTF::SupportsObjectIdentifierNullState)1>, WTF::DefaultHash<WTF::WeakRef<WebCore::Widget, WTF::SingleThreadWeakPtrImpl> >, WTF::HashTraits<WTF::WeakRef<WebCore::Widget, WTF::SingleThreadWeakPtrImpl> >, WTF::HashTraits<WTF::ObjectIdentifierGeneric<WebCore::AXIDType, WTF::ObjectIdentifierMainThreadAccessTraits<unsigned long>, unsigned long, (WTF::SupportsObjectIdentifierNullState)1> >, WTF::HashTableTraits>::get<WTF::WeakRef<WebCore::Widget, WTF::SingleThreadWeakPtrImpl> >(std::add_const<WTF::GetPtrHelper<WTF::WeakRef<WebCore::Widget, WTF::SingleThreadWeakPtrImpl> >::UnderlyingType>::type&) const (this=0x80, key=...) at /app/webkit/WebKitBuild/GTK/Debug/WTF/Headers/wtf/HashMap.h:673
#3 0x00007f236d9b51b3 in WebCore::AXObjectCache::get(WebCore::Widget&) const (this=0x0, widget=...) at /app/webkit/Source/WebCore/accessibility/AXObjectCache.cpp:547
#4 0x00007f236d9b7311 in WebCore::AXObjectCache::getOrCreate(WebCore::Widget&) (this=0x0, widget=...) at /app/webkit/Source/WebCore/accessibility/AXObjectCache.cpp:825
#5 0x00007f236da75986 in WebCore::AccessibilityRenderObject::addAttachmentChildren() (this=0x7f234718f400) at /app/webkit/Source/WebCore/accessibility/AccessibilityRenderObject.cpp:2385
#6 0x00007f236da763b5 in WebCore::AccessibilityRenderObject::addChildren() (this=0x7f234718f400) at /app/webkit/Source/WebCore/accessibility/AccessibilityRenderObject.cpp:2556
#7 0x00007f236da5f462 in WebCore::AccessibilityObject::updateChildrenIfNecessary() (this=0x7f234718f400) at /app/webkit/Source/WebCore/accessibility/AccessibilityObject.cpp:2116
#8 0x00007f236da382fc in WebCore::AccessibilityNodeObject::updateChildrenIfNecessary() (this=0x7f234718f400) at /app/webkit/Source/WebCore/accessibility/AccessibilityNodeObject.cpp:559
#9 0x00007f236dab252e in WebCore::AXObjectCache::postPlatformNotification(WebCore::AccessibilityObject&, WebCore::AXObjectCache::AXNotification) (this=0x7f2347663a40, coreObject=..., notification=WebCore::AXObjectCache::AXChildrenChanged) at /app/webkit/Source/WebCore/accessibility/atspi/AXObjectCacheAtspi.cpp:142
#10 0x00007f236d9b9136 in WebCore::AXObjectCache::handleAllDeferredChildrenChanged() (this=0x7f2347663a40) at /app/webkit/Source/WebCore/accessibility/AXObjectCache.cpp:1281
#11 0x00007f236d9c4579 in WebCore::AXObjectCache::performDeferredCacheUpdate(WebCore::ForceLayout) (this=0x7f2347663a40, forceLayout=WebCore::ForceLayout::No) at /app/webkit/Source/WebCore/accessibility/AXObjectCache.cpp:4156
#12 0x00007f236e8875a7 in WebCore::Document::flushDeferredAXObjectCacheUpdate() (this=0x7f2296ef1400) at /app/webkit/Source/WebCore/dom/Document.cpp:5667
#13 0x00007f236e88742f in operator()() const (__closure=0x7f2347428ac8) at /app/webkit/Source/WebCore/dom/Document.cpp:5655
#14 0x00007f236e939104 in WTF::Detail::CallableWrapper<WebCore::Document::scheduleDeferredAXObjectCacheUpdate()::<lambda()>, void>::call(void) (this=0x7f2347428ac0) at /app/webkit/WebKitBuild/GTK/Debug/WTF/Headers/wtf/Function.h:53
#15 0x00007f2369b6b859 in WTF::Function<void ()>::operator()() const (this=0x7f234733ff20) at /app/webkit/WebKitBuild/GTK/Debug/WTF/Headers/wtf/Function.h:82
#16 0x00007f236e9bea98 in WebCore::EventLoopFunctionDispatchTask::execute() (this=0x7f234733ff00) at /app/webkit/Source/WebCore/dom/EventLoop.cpp:475
#17 0x00007f236e9bda47 in WebCore::EventLoop::run(std::optional<WTF::ApproximateTime>) (this=0x7f23470fc660, deadline=std::optional<WTF::ApproximateTime> = {...}) at /app/webkit/Source/WebCore/dom/EventLoop.cpp:332
#18 0x00007f236eb53bf9 in WebCore::WindowEventLoop::didReachTimeToRun() (this=0x7f23470fc660) at /app/webkit/Source/WebCore/dom/WindowEventLoop.cpp:210
#19 0x00007f236eb6ac94 in std::__invoke_impl<void, void (WebCore::WindowEventLoop::*&)(), WebCore::WindowEventLoop*&>(std::__invoke_memfun_deref, void (WebCore::WindowEventLoop::*&)(), WebCore::WindowEventLoop*&) (__f=@0x7f23470a4fa8: (void (WebCore::WindowEventLoop::*)(WebCore::WindowEventLoop * const)) 0x7f236eb53b60 <WebCore::WindowEventLoop::didReachTimeToRun()>, __t=@0x7f23470a4fb8: 0x7f23470fc660) at /usr/include/c++/13.2.0/bits/invoke.h:74
#20 0x00007f236eb6abff in std::__invoke<void (WebCore::WindowEventLoop::*&)(), WebCore::WindowEventLoop*&>(void (WebCore::WindowEventLoop::*&)(), WebCore::WindowEventLoop*&) (__fn=@0x7f23470a4fa8: (void (WebCore::WindowEventLoop::*)(WebCore::WindowEventLoop * const)) 0x7f236eb53b60 <WebCore::WindowEventLoop::didReachTimeToRun()>) at /usr/include/c++/13.2.0/bits/invoke.h:96
#21 0x00007f236eb6ab75 in std::_Bind<void (WebCore::WindowEventLoop::*(WebCore::WindowEventLoop*))()>::__call<void, , 0ul>(std::tuple<>&&, std::_Index_tuple<0ul>) (this=0x7f23470a4fa8, __args=...) at /usr/include/c++/13.2.0/functional:506
#22 0x00007f236eb6ab07 in std::_Bind<void (WebCore::WindowEventLoop::*(WebCore::WindowEventLoop*))()>::operator()<, void>() (this=0x7f23470a4fa8) at /usr/include/c++/13.2.0/functional:591
#23 0x00007f236eb6a8aa in WTF::Detail::CallableWrapper<std::_Bind<void (WebCore::WindowEventLoop::*(WebCore::WindowEventLoop*))()>, void>::call() (this=0x7f23470a4fa0) at /app/webkit/WebKitBuild/GTK/Debug/WTF/Headers/wtf/Function.h:53
#24 0x00007f2369b6b859 in WTF::Function<void ()>::operator()() const (this=0x7f23470fc788) at /app/webkit/WebKitBuild/GTK/Debug/WTF/Headers/wtf/Function.h:82
#25 0x00007f2369b63e7a in WebCore::Timer::fired() (this=0x7f23470fc750) at /app/webkit/WebKitBuild/GTK/Debug/WebCore/PrivateHeaders/WebCore/Timer.h:169
#26 0x00007f236fa3c71a in WebCore::ThreadTimers::sharedTimerFiredInternal() (this=0x7f23470f14d0) at /app/webkit/Source/WebCore/platform/ThreadTimers.cpp:128
#27 0x00007f236fa3bfa5 in operator()() const (__closure=0x7f2347000da8) at /app/webkit/Source/WebCore/platform/ThreadTimers.cpp:68
#28 0x00007f236fa46254 in WTF::Detail::CallableWrapper<WebCore::ThreadTimers::setSharedTimer(WebCore::SharedTimer*)::<lambda()>, void>::call(void) (this=0x7f2347000da0) at /app/webkit/WebKitBuild/GTK/Debug/WTF/Headers/wtf/Function.h:53
#29 0x00007f2369b6b859 in WTF::Function<void ()>::operator()() const (this=0x7f2372427508 <WebCore::MainThreadSharedTimer::singleton()::instance+8>) at /app/webkit/WebKitBuild/GTK/Debug/WTF/Headers/wtf/Function.h:82
#30 0x00007f236f9e73bc in WebCore::MainThreadSharedTimer::fired() (this=0x7f2372427500 <WebCore::MainThreadSharedTimer::singleton()::instance>) at /app/webkit/Source/WebCore/platform/MainThreadSharedTimer.cpp:86
#31 0x00007f236f9ef99a in std::__invoke_impl<void, void (WebCore::MainThreadSharedTimer::*&)(), WebCore::MainThreadSharedTimer*&>(std::__invoke_memfun_deref, void (WebCore::MainThreadSharedTimer::*&)(), WebCore::MainThreadSharedTimer*&) (__f=@0x7f23470ef1a8: (void (WebCore::MainThreadSharedTimer::*)(WebCore::MainThreadSharedTimer * const)) 0x7f236f9e7326 <WebCore::MainThreadSharedTimer::fired()>, __t=@0x7f23470ef1b8: 0x7f2372427500 <WebCore::MainThreadSharedTimer::singleton()::instance>) at /usr/include/c++/13.2.0/bits/invoke.h:74
#32 0x00007f236f9ef913 in std::__invoke<void (WebCore::MainThreadSharedTimer::*&)(), WebCore::MainThreadSharedTimer*&>(void (WebCore::MainThreadSharedTimer::*&)(), WebCore::MainThreadSharedTimer*&) (__fn=@0x7f23470ef1a8: (void (WebCore::MainThreadSharedTimer::*)(WebCore::MainThreadSharedTimer * const)) 0x7f236f9e7326 <WebCore::MainThreadSharedTimer::fired()>) at /usr/include/c++/13.2.0/bits/invoke.h:96
#33 0x00007f236f9ef889 in std::_Bind<void (WebCore::MainThreadSharedTimer::*(WebCore::MainThreadSharedTimer*))()>::__call<void, , 0ul>(std::tuple<>&&, std::_Index_tuple<0ul>) (this=0x7f23470ef1a8, __args=...) at /usr/include/c++/13.2.0/functional:506
#34 0x00007f236f9ef81b in std::_Bind<void (WebCore::MainThreadSharedTimer::*(WebCore::MainThreadSharedTimer*))()>::operator()<, void>() (this=0x7f23470ef1a8) at /usr/include/c++/13.2.0/functional:591
#35 0x00007f236f9ef7e4 in WTF::Detail::CallableWrapper<std::_Bind<void (WebCore::MainThreadSharedTimer::*(WebCore::MainThreadSharedTimer*))()>, void>::call() (this=0x7f23470ef1a0) at /app/webkit/WebKitBuild/GTK/Debug/WTF/Headers/wtf/Function.h:53
#36 0x00007f2369b6b859 in WTF::Function<void ()>::operator()() const (this=0x7f2372427538 <WebCore::MainThreadSharedTimer::singleton()::instance+56>) at /app/webkit/WebKitBuild/GTK/Debug/WTF/Headers/wtf/Function.h:82
#37 0x00007f2369c9731e in WTF::RunLoop::Timer::fired() (this=0x7f2372427510 <WebCore::MainThreadSharedTimer::singleton()::instance+16>) at /app/webkit/WebKitBuild/GTK/Debug/WTF/Headers/wtf/RunLoop.h:195
#38 0x00007f235c55364f in operator()(gpointer) const (__closure=0x0, userData=0x7f2372427510 <WebCore::MainThreadSharedTimer::singleton()::instance+16>) at /app/webkit/Source/WTF/wtf/glib/RunLoopGLib.cpp:177
#39 0x00007f235c55368f in _FUN(gpointer) () at /app/webkit/Source/WTF/wtf/glib/RunLoopGLib.cpp:181
#40 0x00007f235c552a33 in operator()(GSource*, GSourceFunc, gpointer) const (__closure=0x0, source=0x5646d91172f0, callback=0x7f235c553672 <_FUN(gpointer)>, userData=0x7f2372427510 <WebCore::MainThreadSharedTimer::singleton()::instance+16>) at /app/webkit/Source/WTF/wtf/glib/RunLoopGLib.cpp:53
#41 0x00007f235c552a81 in _FUN(GSource*, GSourceFunc, gpointer) () at /app/webkit/Source/WTF/wtf/glib/RunLoopGLib.cpp:56
#42 0x00007f2357917d36 in g_main_dispatch (context=0x5646d88c6d70) at ../glib/gmain.c:3460
#43 g_main_context_dispatch (context=0x5646d88c6d70) at ../glib/gmain.c:4200
#44 0x00007f23579752b8 in g_main_context_iterate.isra.0 (context=0x5646d88c6d70, block=block at entry=1, dispatch=dispatch at entry=1, self=<optimized out>) at ../glib/gmain.c:4276
#45 0x00007f23579173ff in g_main_loop_run (loop=0x5646d88a3bb0) at ../glib/gmain.c:4479
#46 0x00007f235c5531bc in WTF::RunLoop::run() () at /app/webkit/Source/WTF/wtf/glib/RunLoopGLib.cpp:108
#47 0x00007f236b151ded in WebKit::AuxiliaryProcessMainBase<WebKit::WebProcess, true>::run(int, char**) (this=0x7ffe438b9680, argc=5, argv=0x7ffe438b9848) at /app/webkit/Source/WebKit/Shared/AuxiliaryProcessMain.h:72
#48 0x00007f236b14de0a in WebKit::AuxiliaryProcessMain<WebKit::WebProcessMainGtk>(int, char**) (argc=5, argv=0x7ffe438b9848) at /app/webkit/Source/WebKit/Shared/AuxiliaryProcessMain.h:98
#49 0x00007f236b14ae23 in WebKit::WebProcessMain(int, char**) (argc=5, argv=0x7ffe438b9848) at /app/webkit/Source/WebKit/WebProcess/gtk/WebProcessMainGtk.cpp:106
#50 0x00005646d8153979 in main(int, char**) (argc=5, argv=0x7ffe438b9848) at /app/webkit/Source/WebKit/WebProcess/EntryPoint/unix/WebProcessMain.cpp:31
```
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20240913/16c7c0ee/attachment-0001.htm>
More information about the webkit-unassigned
mailing list