Bug 251647

Summary: WebContent (JavaScriptCore) Segfault when interacting with code.visualstudio.com
Product: WebKit Reporter: Alex Barris <alex>
Component: JavaScriptCoreAssignee: Nobody <webkit-unassigned>
Status: RESOLVED DUPLICATE    
Severity: Major    
Priority: P2    
Version: Safari Technology Preview   
Hardware: Mac (Apple Silicon)   
OS: macOS 13   
Attachments:
Description Flags
Crash Report (exported from Console.app) none

Alex Barris
Reported 2023-02-02 16:03:59 PST
Created attachment 464817 [details] Crash Report (exported from Console.app) Environment: Safari Technology Preview 162 (Safari 16.4, WebKit 18615.1.18.2) macOS 13.2 (22D49) MacBook Pro 16" 2021 - M1 Pro Went to code.visualstudio.com and tried to click on website. Caused immediate WebKit.WebContent crash. Website will reload if you tell Safari to, but any subsequent click will crash website again. Can scroll on website w/o it crashing. Only crashes with user interaction. Can't recreate with latest Safari 16.3 (18614.4.6.1.5) Wasn't able to recreate with latest WebKit build (Safari archive kept crashing... another bug?) Reproduce: 1) Get Safari Technology Preview *duh* 2) Go to code.visualstudio.com 3) Click anywhere, even whitespace. 4) Experience crash (hopefully?) Thread 0 Crashed:: Dispatch queue: com.apple.main-thread 0 WebCore 0x10f996794 WebCore::AXObjectCache::updateRelationsForTree(WebCore::ContainerNode&) + 280 1 WebCore 0x10f99678c WebCore::AXObjectCache::updateRelationsForTree(WebCore::ContainerNode&) + 272 2 WebCore 0x10f997888 WebCore::AXObjectCache::relatedObjectIDsFor(WebCore::AXCoreObject const&, WebCore::AXRelationType) + 100 3 WebCore 0x10f9cf3cc WebCore::AccessibilityObject::relatedObjects(WebCore::AXRelationType) const + 104 4 WebCore 0x10f9f8ea0 WebCore::AccessibilityTableRow::addChildren() + 80 5 WebCore 0x10f9aad68 WebCore::AccessibilityNodeObject::updateChildrenIfNecessary() + 304 6 WebCore 0x10f9c6a88 WebCore::AccessibilityObject::children(bool) + 72 7 WebCore 0x10f9ba23c WebCore::AccessibilityObject::insertChild(WebCore::AXCoreObject*, unsigned int, WebCore::AccessibilityObject::DescendIfIgnored) + 1192 8 WebCore 0x10f9e4ed4 WebCore::AccessibilityRenderObject::addChildren() + 224 9 WebCore 0x10f9aad68 WebCore::AccessibilityNodeObject::updateChildrenIfNecessary() + 304 10 WebCore 0x10f9c6a88 WebCore::AccessibilityObject::children(bool) + 72 11 WebCore 0x10f9ba23c WebCore::AccessibilityObject::insertChild(WebCore::AXCoreObject*, unsigned int, WebCore::AccessibilityObject::DescendIfIgnored) + 1192 12 WebCore 0x10f9e4ed4 WebCore::AccessibilityRenderObject::addChildren() + 224 13 WebCore 0x10f9aad68 WebCore::AccessibilityNodeObject::updateChildrenIfNecessary() + 304 14 WebCore 0x10f9c6a88 WebCore::AccessibilityObject::children(bool) + 72 15 WebCore 0x10f9ba23c WebCore::AccessibilityObject::insertChild(WebCore::AXCoreObject*, unsigned int, WebCore::AccessibilityObject::DescendIfIgnored) + 1192 16 WebCore 0x10f9e4ed4 WebCore::AccessibilityRenderObject::addChildren() + 224 17 WebCore 0x10f9aad68 WebCore::AccessibilityNodeObject::updateChildrenIfNecessary() + 304 18 WebCore 0x10f9c6a88 WebCore::AccessibilityObject::children(bool) + 72 19 WebCore 0x10f9ba23c WebCore::AccessibilityObject::insertChild(WebCore::AXCoreObject*, unsigned int, WebCore::AccessibilityObject::DescendIfIgnored) + 1192 20 WebCore 0x10f9e4ed4 WebCore::AccessibilityRenderObject::addChildren() + 224 21 WebCore 0x10f9aad68 WebCore::AccessibilityNodeObject::updateChildrenIfNecessary() + 304 22 WebCore 0x10f9c6a88 WebCore::AccessibilityObject::children(bool) + 72 23 WebCore 0x10f9ba23c WebCore::AccessibilityObject::insertChild(WebCore::AXCoreObject*, unsigned int, WebCore::AccessibilityObject::DescendIfIgnored) + 1192 24 WebCore 0x10f9e4ed4 WebCore::AccessibilityRenderObject::addChildren() + 224 25 WebCore 0x10f9aad68 WebCore::AccessibilityNodeObject::updateChildrenIfNecessary() + 304 26 WebCore 0x10f9c67b0 WebCore::AccessibilityObject::updateBackingStore() + 316 27 WebCore 0x110d7d01c -[WebAccessibilityObjectWrapperBase updateObjectBackingStore] + 100 28 WebCore 0x110d87718 -[WebAccessibilityObjectWrapper accessibilityAttributeValue:] + 64 29 AppKit 0x190fc745c NSAccessibilityGetObjectForAttributeUsingLegacyAPI + 280 30 AppKit 0x191499414 ___NSAccessibilityEntryPointValueForAttribute_block_invoke.748 + 1992 31 AppKit 0x191494db0 NSAccessibilityPerformEntryPointObject + 44 32 AppKit 0x19119e860 _NSAccessibilityEntryPointValueForAttribute + 224 33 AppKit 0x191169984 -[NSObject(NSRemoteUIElementAccessibility) accessibilityPresenterProcessIdentifier] + 120 34 AppKit 0x19108d3fc NSAccessibilityCreateAXUIElementRef + 740 35 AppKit 0x1912974f0 CopyElementAtPosition + 344 36 HIServices 0x19346a240 _AXXMIGCopyElementAtPosition + 444 37 HIServices 0x19348f0f4 _XCopyElementAtPosition + 356 38 HIServices 0x193447ba8 mshMIGPerform + 204 39 CoreFoundation 0x18dcc1f98 __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE1_PERFORM_FUNCTION__ + 60 40 CoreFoundation 0x18dcc1eb8 __CFRunLoopDoSource1 + 520 41 CoreFoundation 0x18dcc08a4 __CFRunLoopRun + 2264 42 CoreFoundation 0x18dcbf878 CFRunLoopRunSpecific + 612 43 Foundation 0x18ebcaab8 -[NSRunLoop(NSRunLoop) runMode:beforeDate:] + 212 44 Foundation 0x18ec43ac0 -[NSRunLoop(NSRunLoop) run] + 64 45 libxpc.dylib 0x18d95b45c _xpc_objc_main + 860 46 libxpc.dylib 0x18d95ad7c xpc_main + 108 47 WebKit 0x105d23d50 WebKit::XPCServiceMain(int, char const**) + 256 48 dyld 0x18d8b7e50 start + 2544
Attachments
Crash Report (exported from Console.app) (26.09 KB, text/plain)
2023-02-02 16:03 PST, Alex Barris 		no flags
Details
View All Add attachment proposed patch, testcase, etc.
Sam Sneddon [:gsnedders]
Comment 1 2023-02-03 07:05:10 PST
*** This bug has been marked as a duplicate of bug 250406 ***
Note You need to log in before you can comment on or make changes to this bug.