286125 2025-01-16 23:22:26 -0800 [Win] "array subscript out of range" error in std::array<unsigned char,3>::operator[] in WTF::SignalHandlers::forEachHandler 2025-01-17 15:05:27 -0800 1 1 1 Unclassified WebKit New Bugs WebKit Nightly Build Unspecified Unspecified RESOLVED FIXED https://bugs.webkit.org/show_bug.cgi?id=259108 InRadar P2 Normal --- 1 fujii fujii webkit-bug-importer oldest_to_newest 2087981 0 fujii 2025-01-16 23:22:26 -0800 While testing debug build of <https://github.com/WebKit/WebKit/pull/36366#issuecomment-2597475092>, I'm observing "array subscript out of range" in std::array<unsigned char,3>::operator[]. 10 Id: 437c.6608 Suspend: 1 Teb: 000000a4`283a0000 Unfrozen # Child-SP RetAddr Call Site 00 000000a4`2dbfe990 00007ffb`208381d4 ucrtbased!_invoke_watson(wchar_t * expression = 0x00007ffb`0cb067ce ""array subscript out of range"", wchar_t * function_name = 0x00007ffb`0cb06060 "", wchar_t * file_name = 0x00007ffb`0cb06708 "C:\Program Files\Microsoft Visual Studio\2022\Professional\VC\Tools\MSVC\14.42.34433\include\array", unsigned int line_number = 0x21e, unsigned int64 reserved = 0)+0x2c [minkernel\crts\ucrt\src\appcrt\misc\invalid_parameter.cpp @ 237] 01 000000a4`2dbfe9c0 00007ffb`20838070 ucrtbased!_invalid_parameter_internal(wchar_t * expression = 0x00007ffb`0cb067ce ""array subscript out of range"", wchar_t * function_name = 0x00007ffb`0cb06060 "", wchar_t * file_name = 0x00007ffb`0cb06708 "C:\Program Files\Microsoft Visual Studio\2022\Professional\VC\Tools\MSVC\14.42.34433\include\array", unsigned int line_number = 0x21e, unsigned int64 reserved = 0, class __crt_cached_ptd_host * ptd = 0x000000a4`2dbfea60)+0x144 [minkernel\crts\ucrt\src\appcrt\misc\invalid_parameter.cpp @ 114] 02 000000a4`2dbfea30 00007ffb`0cac5465 ucrtbased!_invalid_parameter(wchar_t * expression = 0x00007ffb`0cb067ce ""array subscript out of range"", wchar_t * function_name = 0x00007ffb`0cb06060 "", wchar_t * file_name = 0x00007ffb`0cb06708 "C:\Program Files\Microsoft Visual Studio\2022\Professional\VC\Tools\MSVC\14.42.34433\include\array", unsigned int line_number = 0x21e, unsigned int64 reserved = 0)+0x60 [minkernel\crts\ucrt\src\appcrt\misc\invalid_parameter.cpp @ 125] 03 000000a4`2dbfeab0 00007ffb`0cac4ba3 JavaScriptCore!std::array<unsigned char,3>::operator[](unsigned int64 _Pos = 3)+0x95 [C:\Program Files\Microsoft Visual Studio\2022\Professional\VC\Tools\MSVC\14.42.34433\include\array @ 542] 04 000000a4`2dbfeb00 00007ffb`0cac4b32 JavaScriptCore!WTF::SignalHandlers::forEachHandler<`lambda at C:\webkit\wa\Source\WTF\wtf\win\SignalsWin.cpp:109:37'>(WTF::Signal signal = NumberOfSignals (0n3), class WTF::vectoredHandler::<lambda_0> * func = 0x000000a4`2dbfebb8)+0x43 [C:\webkit\wa\Source\WTF\wtf\win\SignalsWin.cpp @ 66] 05 000000a4`2dbfeb70 00007ffb`fcf680ba JavaScriptCore!WTF::vectoredHandler(struct _EXCEPTION_POINTERS * exceptionInfo = 0x000000a4`2dbfec40)+0xb2 [C:\webkit\wa\Source\WTF\wtf\win\SignalsWin.cpp @ 119] 06 000000a4`2dbfec00 00007ffb`fcf0e662 ntdll!RtlpCallVectoredHandlers+0x112 07 000000a4`2dbfeca0 00007ffb`fcf44955 ntdll!RtlDispatchException+0x62 08 000000a4`2dbfeef0 00007ffb`fa75fb4c ntdll!RtlRaiseException+0x195 09 000000a4`2dbff6d0 00007ffb`0cac579f KERNELBASE!RaiseException+0x6c 0a 000000a4`2dbff7b0 00007ffb`0c9ed8db JavaScriptCore!WTF::糸::initializeCurrentThreadInternal(char * szThreadName = 0x00007ffb`1a944b30 "DrawingAreaWC CommitQueue")+0x4f [C:\webkit\wa\Source\WTF\wtf\win\ThreadingWin.cpp @ 134] 0b 000000a4`2dbff810 00007ffb`0cac5993 JavaScriptCore!WTF::Thread::entryPoint(struct WTF::Thread::NewThreadContext * newThreadContext = 0x000001be`b9fab1b0)+0xdb [C:\webkit\wa\Source\WTF\wtf\Threading.cpp @ 253] 0c 000000a4`2dbff860 00007ffb`20843010 JavaScriptCore!WTF::wtfThreadEntryPoint(void * data = 0x000001be`b9fab1b0)+0x13 [C:\webkit\wa\Source\WTF\wtf\win\ThreadingWin.cpp @ 147] 0d 000000a4`2dbff890 00007ffb`fc96259d ucrtbased!thread_start<unsigned int (void * parameter = 0x000001be`baa73960)+0xb0 [minkernel\crts\ucrt\src\appcrt\startup\thread.cpp @ 97] 0e 000000a4`2dbff8f0 00007ffb`fcf4af38 KERNEL32!BaseThreadInitThunk+0x1d 0f 000000a4`2dbff920 00000000`00000000 ntdll!RtlUserThreadStart+0x28 2087984 1 fujii 2025-01-16 23:27:34 -0800 Pull request: https://github.com/WebKit/WebKit/pull/39181 2088149 2 ews-feeder 2025-01-17 15:04:49 -0800 Committed 289087@main (f0a0151f500b): <https://commits.webkit.org/289087@main> Reviewed commits have been landed. Closing PR #39181 and removing active labels. 2088150 3 webkit-bug-importer 2025-01-17 15:05:27 -0800 <rdar://problem/143155473>