Created attachment 388866 [details] Patch

The commit-queue encountered the following flaky tests while processing attachment 388866 [details]: editing/spelling/spellcheck-attribute.html bug 206178 (authors: g.czajkowski@samsung.com, mark.lam@apple.com, and rniwa@webkit.org) The commit-queue is continuing to process your patch.

Comment on attachment 388866 [details] Patch Clearing flags on attachment: 388866 Committed r255167: <https://trac.webkit.org/changeset/255167>

All reviewed patches have been landed. Closing bug.

<rdar://problem/58931972>

The changes in https://trac.webkit.org/changeset/255167/webkit appear to have broken testing for windows https://build.webkit.org/builders/Apple%20Win%2010%20Release%20%28Tests%29/builds/4754 there are 48+ crashing accessibility/ tests: https://build.webkit.org/builders/Apple%20Win%2010%20Release%20%28Tests%29/builds/4754/steps/layout-test/logs/stdio It looks like EWS caught this.

WPE and GTK bots also now crashing in accessibility tests since this landed.

Looks like the AXObjectCache destructor ends up triggering some code that make the objects being detached trying to access the cache again. Top of the back trace of the GTK crash from the debug bot: https://build.webkit.org/results/GTK%20Linux%2064-bit%20Debug%20(Tests)/r255337%20(5852)/accessibility/aria-hidden-negates-no-visibility-crash-log.txt Thread 1 (Thread 0x7f60ee9899c0 (LWP 42862)): #0 0x00007f610730f8fc in _ZN3WTF9HashTableIPN7WebCore4NodeENS_12KeyValuePairIS3_jEENS_24KeyValuePairKeyExtractorIS5_EENS_7PtrHashIS3_EENS_7HashMapIS3_jS9_NS_10HashTraitsIS3_EENSB_IjEEE18KeyValuePairTraitsESC_E12inlineLookupINS_24HashMapTranslatorAdapterISF_NS_22IdentityHashTranslatorISF_S9_EEEES3_EEPS5_RKT0_ (this=0x90, key=@0x7ffd201b8500: 0x7f60995fb950) at DerivedSources/ForwardingHeaders/wtf/HashTable.h:652 #1 0x00007f6107308e77 in _ZN3WTF9HashTableIPN7WebCore4NodeENS_12KeyValuePairIS3_jEENS_24KeyValuePairKeyExtractorIS5_EENS_7PtrHashIS3_EENS_7HashMapIS3_jS9_NS_10HashTraitsIS3_EENSB_IjEEE18KeyValuePairTraitsESC_E6lookupINS_24HashMapTranslatorAdapterISF_NS_22IdentityHashTranslatorISF_S9_EEEES3_EEPS5_RKT0_ (this=0x90, key=@0x7ffd201b8500: 0x7f60995fb950) at DerivedSources/ForwardingHeaders/wtf/HashTable.h:642 #2 0x00007f6107301087 in _ZNK3WTF7HashMapIPN7WebCore4NodeEjNS_7PtrHashIS3_EENS_10HashTraitsIS3_EENS6_IjEEE3getINS_22IdentityHashTranslatorINS9_18KeyValuePairTraitsES5_EES3_EEjRKT0_ (this=0x90, value=@0x7ffd201b8500: 0x7f60995fb950) at DerivedSources/ForwardingHeaders/wtf/HashMap.h:321 #3 0x00007f61072f9145 in _ZNK3WTF7HashMapIPN7WebCore4NodeEjNS_7PtrHashIS3_EENS_10HashTraitsIS3_EENS6_IjEEE3getERKS3_ (this=0x90, key=@0x7ffd201b8500: 0x7f60995fb950) at DerivedSources/ForwardingHeaders/wtf/HashMap.h:436 #4 0x00007f61072e3479 in _ZN7WebCore13AXObjectCache3getEPNS_4NodeE (this=0x0, node=0x7f60995fb950) at ../../Source/WebCore/accessibility/AXObjectCache.cpp:472 #5 0x00007f61072e4671 in _ZN7WebCore13AXObjectCache11getOrCreateEPNS_4NodeE (this=0x0, node=0x7f60995fb950) at ../../Source/WebCore/accessibility/AXObjectCache.cpp:649 #6 0x00007f610731feaa in _ZNK7WebCore26AccessibilityListBoxOption12parentObjectEv (this=0x7f607b463600) at ../../Source/WebCore/accessibility/AccessibilityListBoxOption.cpp:168 #7 0x00007f6107336d8a in _ZNK7WebCore19AccessibilityObject17documentFrameViewEv (this=0x7f607b463600) at ../../Source/WebCore/accessibility/AccessibilityObject.cpp:1732 #8 0x00007f6107336cb9 in _ZNK7WebCore19AccessibilityObject8documentEv (this=0x7f607b463600) at ../../Source/WebCore/accessibility/AccessibilityObject.cpp:1713 #9 0x00007f610733b27d in _ZNK7WebCore19AccessibilityObject13axObjectCacheEv (this=0x7f607b463600) at ../../Source/WebCore/accessibility/AccessibilityObject.cpp:2625 #10 0x00007f61073731c4 in _ZN7WebCore19AccessibilityObject21detachPlatformWrapperENS_27AccessibilityDetachmentTypeE (this=0x7f607b463600, detachmentType=WebCore::AccessibilityDetachmentType::CacheDestroyed) at ../../Source/WebCore/accessibility/atk/AccessibilityObjectAtk.cpp:40 #11 0x00007f61072f479f in _ZN7WebCore12AXCoreObject13detachWrapperENS_27AccessibilityDetachmentTypeE (this=0x7f607b463600, detachmentType=WebCore::AccessibilityDetachmentType::CacheDestroyed) at ../../Source/WebCore/accessibility/AccessibilityObjectInterface.h:1157 #12 0x00007f61072f4732 in _ZN7WebCore12AXCoreObject6detachENS_27AccessibilityDetachmentTypeE (this=0x7f607b463600, detachmentType=WebCore::AccessibilityDetachmentType::CacheDestroyed) at ../../Source/WebCore/accessibility/AccessibilityObjectInterface.h:1150 #13 0x00007f61072e27df in _ZN7WebCore13AXObjectCacheD2Ev (this=0x7f607ae4e000, __in_chrg=<optimized out>) at ../../Source/WebCore/accessibility/AXObjectCache.cpp:243 #14 0x00007f610784a6f4 in _ZNKSt14default_deleteIN7WebCore13AXObjectCacheEEclEPS1_ (this=0x7f60a0da62d8, __ptr=0x7f607ae4e000) at /usr/include/c++/8/bits/unique_ptr.h:81 #15 0x00007f610784f3f1 in _ZNSt10unique_ptrIN7WebCore13AXObjectCacheESt14default_deleteIS1_EE5resetEPS1_ (this=0x7f60a0da62d8, __p=0x7f607ae4e000) at /usr/include/c++/8/bits/unique_ptr.h:382 #16 0x00007f610783fa4d in _ZNSt10unique_ptrIN7WebCore13AXObjectCacheESt14default_deleteIS1_EEaSEDn (this=0x7f60a0da62d8) at /usr/include/c++/8/bits/unique_ptr.h:318 #17 0x00007f6107813af9 in _ZN7WebCore8Document18clearAXObjectCacheEv (this=0x7f60a0da5df0) at ../../Source/WebCore/dom/Document.cpp:2691 #18 0x00007f6107812f06 in _ZN7WebCore8Document17destroyRenderTreeEv (this=0x7f60a0da5df0) at ../../Source/WebCore/dom/Document.cpp:2452

Reopening to attach new patch.

Created attachment 389141 [details] Patch

(In reply to Andres Gonzalez from comment #10) > Created attachment 389141 [details] > Patch With this patch I could not reproduce the error locally. Thanks!

Comment on attachment 389141 [details] Patch Clearing flags on attachment: 389141 Committed r255364: <https://trac.webkit.org/changeset/255364>

All reviewed patches have been landed. Closing bug.