159307 2016-06-30 11:45:05 -0700 WebContent crash due to RELEASE_ASSERT(!m_inLoadPendingImages) in StyleResolver::~StyleResolver() 2016-06-30 16:12:56 -0700 1 1 1 Unclassified WebKit CSS WebKit Nightly Build Unspecified Unspecified RESOLVED FIXED InRadar P2 Normal --- 1 koivisto webkit-unassigned oldest_to_newest 1206790 0 koivisto 2016-06-30 11:45:05 -0700 Thread 0 name: Dispatch queue: com.apple.main-thread Thread 0 Crashed ↩: 0 WebCore 0x0000000188f8b830 WebCore::StyleResolver::~StyleResolver() + 364 (StyleResolver.cpp:309) 1 WebCore 0x0000000188f8b648 WebCore::Document::clearStyleResolver() + 32 (memory:2525) 2 WebCore 0x0000000188f8b648 WebCore::Document::clearStyleResolver() + 32 (memory:2525) 3 WebCore 0x0000000189179ac8 WebCore::AuthorStyleSheets::updateActiveStyleSheets(WebCore::AuthorStyleSheets::UpdateFlag) + 484 (AuthorStyleSheets.cpp:317) 4 WebCore 0x0000000188f8a574 WebCore::Document::styleResolverChanged(WebCore::StyleResolverUpdateFlag) + 116 (Document.cpp:3650) 5 WebKit 0x000000018d9949e4 WebKit::WebPage::viewportConfigurationChanged() + 196 (WebPageIOS.mm:2822) 6 WebKit 0x000000018d98a080 WebKit::WebPage::mainFrameDidLayout() + 156 (WebPage.cpp:3750) 7 WebCore 0x0000000188fd0598 WebCore::FrameView::performPostLayoutTasks() + 176 (FrameView.cpp:3183) 8 WebCore 0x0000000188fcc8e8 WebCore::FrameView::layout(bool) + 3544 (FrameView.cpp:1487) 9 WebCore 0x0000000188fc9528 WebCore::Document::implicitClose() + 788 (Document.cpp:2776) 10 WebCore 0x0000000188fc8928 WebCore::FrameLoader::checkCompleted() + 352 (FrameLoader.cpp:867) 11 WebCore 0x0000000188ffad54 WebCore::CachedResourceLoader::loadDone(WebCore::CachedResource*, bool) + 612 (CachedResourceLoader.cpp:991) 12 WebCore 0x0000000188ffcdc8 WebCore::SubresourceLoader::didCancel(WebCore::ResourceError const&) + 96 (SubresourceLoader.cpp:508) 13 WebCore 0x0000000188ffc7c8 WebCore::ResourceLoader::cancel(WebCore::ResourceError const&) + 484 (ResourceLoader.cpp:590) 14 WebCore 0x0000000188ffc558 WebCore::ResourceLoader::cancel() + 84 (ResourceLoader.cpp:546) 15 WebCore 0x0000000189cf039c WebCore::SubresourceLoader::willSendRequestInternal(WebCore::ResourceRequest&, WebCore::ResourceResponse const&) + 704 (SubresourceLoader.cpp:211) 16 WebCore 0x0000000188f6b990 WebCore::ResourceLoader::init(WebCore::ResourceRequest const&) + 288 (ResourceLoader.cpp:155) 17 WebCore 0x0000000188f6b724 WebCore::SubresourceLoader::init(WebCore::ResourceRequest const&) + 32 (SubresourceLoader.cpp:144) 18 WebCore 0x0000000188f6b178 WebCore::SubresourceLoader::create(WebCore::Frame*, WebCore::CachedResource*, WebCore::ResourceRequest const&, WebCore::ResourceLoaderOptions const&) + 188 (SubresourceLoader.cpp:112) 19 WebKit 0x000000018d979014 WebKit::WebLoaderStrategy::loadResource(WebCore::Frame*, WebCore::CachedResource*, WebCore::ResourceRequest const&, WebCore::ResourceLoaderOptions const&) + 52 (WebLoaderStrategy.cpp:76) 20 WebCore 0x00000001891acd20 WebCore::CachedResource::load(WebCore::CachedResourceLoader&, WebCore::ResourceLoaderOptions const&) + 1184 (CachedResource.cpp:283) 21 WebCore 0x0000000188f68774 WebCore::CachedResourceLoader::requestResource(WebCore::CachedResource::Type, WebCore::CachedResourceRequest&) + 2160 (CachedResourceLoader.cpp:631) 22 WebCore 0x0000000189008750 WebCore::CachedResourceLoader::requestImage(WebCore::CachedResourceRequest&) + 260 (CachedResourceLoader.cpp:190) 23 WebCore 0x0000000189261bd0 WebCore::CSSImageValue::cachedImage(WebCore::CachedResourceLoader&, WebCore::ResourceLoaderOptions const&) + 452 (CSSImageValue.cpp:88) 24 WebCore 0x0000000189ce27a4 WebCore::StyleResolver::loadPendingImage(WebCore::StylePendingImage const&, WebCore::ResourceLoaderOptions const&) + 76 (StyleResolver.cpp:2083) 25 WebCore 0x0000000188f54654 WebCore::StyleResolver::loadPendingImages() + 1172 (StyleResolver.cpp:2105) 26 WebCore 0x0000000189cdcf78 WebCore::StyleResolver::applyMatchedProperties(WebCore::StyleResolver::MatchResult const&, WebCore::Element const&, WebCore::StyleResolver::ShouldUseMatchedPropertiesCache) + 2076 (StyleResolver.cpp:2243) 27 WebCore 0x0000000189cdeb10 WebCore::StyleResolver::pseudoStyleForElement(WebCore::Element const&, WebCore::PseudoStyleRequest const&, WebCore::RenderStyle const&) + 596 (StyleResolver.cpp:596) 28 WebCore 0x0000000189af9138 WebCore::RenderElement::getCachedPseudoStyle(WebCore::PseudoId, WebCore::RenderStyle const*) const + 128 (RenderElement.cpp:1543) 29 WebCore 0x0000000189bc68ac WebCore::RenderTreeUpdater::updateBeforeOrAfterPseudoElement(WebCore::Element&, WebCore::PseudoId) + 320 (RenderTreeUpdater.cpp:459) 30 WebCore 0x0000000189bc6ab4 WebCore::RenderTreeUpdater::popParent() + 64 (RenderTreeUpdater.cpp:192) 31 WebCore 0x0000000189bc58dc WebCore::RenderTreeUpdater::updateRenderTree(WebCore::ContainerNode&) + 736 (RenderTreeUpdater.cpp:205) 32 WebCore 0x0000000189bc55a4 WebCore::RenderTreeUpdater::commit(std::__1::unique_ptr<WebCore::Style::Update, std::__1::default_delete<WebCore::Style::Update> >) + 492 (RenderTreeUpdater.cpp:99) 33 WebCore 0x00000001892fa5b8 WebCore::Document::recalcStyle(WebCore::Style::Change) + 752 (Document.cpp:1891) 34 WebCore 0x0000000188fc7b08 WebCore::Document::finishedParsing() + 340 (Document.cpp:1937) 35 WebCore 0x0000000188fc5484 WebCore::HTMLDocumentParser::prepareToStopParsing() + 172 (HTMLDocumentParser.cpp:405) 36 WebCore 0x0000000188fc49c0 WebCore::DocumentWriter::end() + 92 (DocumentWriter.cpp:257) 37 WebCore 0x0000000188fbc180 WebCore::DocumentLoader::finishedLoading(double) + 256 (DocumentLoader.cpp:436) 38 WebCore 0x0000000188ffa468 WebCore::CachedResource::checkNotify() + 448 (CachedResource.cpp:299) 39 WebCore 0x00000001891ab4d8 WebCore::CachedRawResource::finishLoading(WebCore::SharedBuffer*) + 224 (CachedRawResource.cpp:103) 40 WebCore 0x0000000188ffa148 WebCore::SubresourceLoader::didFinishLoading(double) + 988 (SubresourceLoader.cpp:429) 41 WebKit 0x000000018da1ff18 WebKit::WebResourceLoader::didFinishResourceLoad(double) + 216 (WebResourceLoader.cpp:159) 42 WebKit 0x000000018da20958 WebKit::WebResourceLoader::didReceiveWebResourceLoaderMessage(IPC::Connection&, IPC::MessageDecoder&) + 540 (HandleMessage.h:16) 43 WebKit 0x000000018d85981c IPC::Connection::dispatchMessage(std::__1::unique_ptr<IPC::MessageDecoder, std::__1::default_delete<IPC::MessageDecoder> >) + 160 (Connection.cpp:899) 44 WebKit 0x000000018d85c1d4 IPC::Connection::dispatchOneMessage() + 204 (Connection.cpp:961) 45 JavaScriptCore 0x0000000188cad648 WTF::RunLoop::performWork() + 884 (functional:1817) 46 JavaScriptCore 0x0000000188cad844 WTF::RunLoop::performWork(void*) + 36 (RunLoopCF.cpp:38) 47 CoreFoundation 0x00000001845863f0 __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ + 24 (CFRunLoop.c:1943) 48 CoreFoundation 0x0000000184585d38 __CFRunLoopDoSources0 + 524 (CFRunLoop.c:1989) 49 CoreFoundation 0x0000000184583938 __CFRunLoopRun + 804 (CFRunLoop.c:2821) 50 CoreFoundation 0x00000001844b62e4 CFRunLoopRunSpecific + 292 (CFRunLoop.c:3103) 51 Foundation 0x0000000184f6093c -[NSRunLoop(NSRunLoop) runMode:beforeDate:] + 304 (NSRunLoop.m:367) 52 Foundation 0x0000000184fb5214 -[NSRunLoop(NSRunLoop) run] + 88 (NSRunLoop.m:389) 53 libxpc.dylib 0x000000018426bf28 _xpc_objc_main + 660 (main.m:186) 54 libxpc.dylib 0x000000018426dc20 xpc_main + 200 (init.c:1438) 55 com.apple.WebKit.WebContent 0x00000001000335e4 main + 376 (XPCServiceMain.mm:114) 56 libdyld.dylib 0x0000000184058600 start + 4 1206792 1 koivisto 2016-06-30 11:45:49 -0700 <rdar://problem/26184868> 1206915 2 282485 koivisto 2016-06-30 15:58:42 -0700 Created attachment 282485 Patch 1206916 3 282485 kling 2016-06-30 16:00:11 -0700 Comment on attachment 282485 Patch r=me 1206925 4 koivisto 2016-06-30 16:12:56 -0700 https://trac.webkit.org/r202716 282485 2016-06-30 15:58:42 -0700 2016-06-30 16:00:11 -0700 Patch rendertreeupdater-postresolutiondisabler.patch text/plain 1840 koivisto SW5kZXg6IFNvdXJjZS9XZWJDb3JlL0NoYW5nZUxvZwo9PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09Ci0tLSBTb3VyY2UvV2Vi Q29yZS9DaGFuZ2VMb2cJKHJldmlzaW9uIDIwMjY5MykKKysrIFNvdXJjZS9XZWJDb3JlL0NoYW5n ZUxvZwkod29ya2luZyBjb3B5KQpAQCAtMSwzICsxLDIzIEBACisyMDE2LTA2LTMwICBBbnR0aSBL b2l2aXN0byAgPGFudHRpQGFwcGxlLmNvbT4KKworICAgICAgICBXZWJDb250ZW50IGNyYXNoIGR1 ZSB0byBSRUxFQVNFX0FTU0VSVCghbV9pbkxvYWRQZW5kaW5nSW1hZ2VzKSBpbiBTdHlsZVJlc29s dmVyOjp+U3R5bGVSZXNvbHZlcigpCisgICAgICAgIGh0dHBzOi8vYnVncy53ZWJraXQub3JnL3No b3dfYnVnLmNnaT9pZD0xNTkzMDcKKyAgICAgICAgPHJkYXI6Ly9wcm9ibGVtLzI2MTg0ODY4Pgor CisgICAgICAgIFJldmlld2VkIGJ5IE5PQk9EWSAoT09QUyEpLgorCisgICAgICAgIFBzZXVkbyBl bGVtZW50cyBhcmUgcmVzb2x2ZWQgaW4gUmVuZGVyVHJlZVVwZGF0ZXIgKGluc3RlYWQgb2YgU3R5 bGU6OlRyZWVSZXNvbHZlcikuIFRoZWlyIHJlc29sdXRpb24gbWF5IHRyaWdnZXIKKyAgICAgICAg cmVzb3VyY2UgbG9hZHMgd2hpY2ggY2FuIGNhdXNlIHN5bmNocm9ub3VzIGxheW91dCAod2hlbiBm YWlsaW5nIHN5bmNocm9ub3VzbHkpIGFuZCBsZWFkIHRvIGRlc3RydWN0aW9uIG9mIHRoZQorICAg ICAgICB0aGUgc3R5bGUgcmVzb2x2ZXIgaW4gcG9zdCBsYXlvdXQgdGFzay4KKworICAgICAgICBO byBrbm93biByZWxpYWJsZSB3YXkgdG8gdGVzdCB0aGlzLgorCisgICAgICAgICogc3R5bGUvUmVu ZGVyVHJlZVVwZGF0ZXIuY3BwOgorICAgICAgICAoV2ViQ29yZTo6UmVuZGVyVHJlZVVwZGF0ZXI6 OmNvbW1pdCk6CisKKyAgICAgICAgICAgIFVzZSBQb3N0UmVzb2x1dGlvbkNhbGxiYWNrRGlzYWJs ZXIgaW4gUmVuZGVyVHJlZVVwZGF0ZXIgc2ltaWxhcmx5IHRvIFN0eWxlOjpUcmVlUmVzb2x2ZXIu IFRoaXMgcHJldmVudHMKKyAgICAgICAgICAgIHBvc3QgbGF5b3V0IHRhc2tzIGZyb20gcnVubmlu ZyBzeW5jaHJvbm91c2x5IGFuZCBjbG9zZXMgdGhpcyBwYXJ0aWN1bGFyIGNyYXNoIHBhdGguCisK IDIwMTYtMDYtMzAgIEJyaWFuIEJ1cmcgIDxiYnVyZ0BhcHBsZS5jb20+CiAKICAgICAgICAgVW5y ZXZpZXdlZCwgZml4IHRoZSBtYWNPUyBTaWVycmEgUmVsZWFzZSBjb25maWd1cmF0aW9uIGFmdGVy IHIyMDI2NDIuCkluZGV4OiBTb3VyY2UvV2ViQ29yZS9zdHlsZS9SZW5kZXJUcmVlVXBkYXRlci5j cHAKPT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PQotLS0gU291cmNlL1dlYkNvcmUvc3R5bGUvUmVuZGVyVHJlZVVwZGF0ZXIu Y3BwCShyZXZpc2lvbiAyMDI2NTUpCisrKyBTb3VyY2UvV2ViQ29yZS9zdHlsZS9SZW5kZXJUcmVl VXBkYXRlci5jcHAJKHdvcmtpbmcgY29weSkKQEAgLTkzLDYgKzkzLDggQEAgdm9pZCBSZW5kZXJU cmVlVXBkYXRlcjo6Y29tbWl0KHN0ZDo6dW5pcQogICAgIGlmICghbV9kb2N1bWVudC5zaG91bGRD cmVhdGVSZW5kZXJlcnMoKSB8fCAhbV9kb2N1bWVudC5yZW5kZXJWaWV3KCkpCiAgICAgICAgIHJl dHVybjsKIAorICAgIFN0eWxlOjpQb3N0UmVzb2x1dGlvbkNhbGxiYWNrRGlzYWJsZXIgY2FsbGJh Y2tEaXNhYmxlcihtX2RvY3VtZW50KTsKKwogICAgIG1fc3R5bGVVcGRhdGUgPSBXVEZNb3ZlKHN0 eWxlVXBkYXRlKTsKIAogICAgIGZvciAoYXV0byogcm9vdCA6IGZpbmRSZW5kZXJpbmdSb290cygq bV9zdHlsZVVwZGF0ZSkpCg==