167878 2017-02-06 06:16:57 -0800 CrashTracer: com.apple.WebKit.WebContent at WebCore: WebCore::Node::invalidateStyle 2019-05-02 16:18:11 -0700 1 1 1 Unclassified WebKit DOM WebKit Nightly Build Unspecified Unspecified RESOLVED FIXED InRadar P2 Normal --- 1 koivisto webkit-unassigned arkr17997 cdumez commit-queue esprehn+autocc glenn kondapallykalyan simon.fraser oldest_to_newest 1273544 0 koivisto 2017-02-06 06:16:57 -0800 Exception Type: EXC_BAD_ACCESS (SIGSEGV) Exception Subtype: KERN_INVALID_ADDRESS at 0x0000000000000014 Termination Signal: Segmentation fault: 11 Termination Reason: Namespace SIGNAL, Code 0xb Terminating Process: exc handler [0] Triggered by Thread: 0 Thread 0 name: Dispatch queue: com.apple.main-thread Thread 0 Crashed ↩: 0 WebCore 0x000000018aa657d4 WebCore::Node::invalidateStyle(WebCore::Style::Validity, WebCore::Style::InvalidationMode) + 0 (Node.cpp:796) 1 WebCore 0x000000018ad35af8 WebCore::Style::PostResolutionCallbackDisabler::~PostResolutionCallbackDisabler() + 104 (Function.h:50) 2 WebCore 0x000000018a1ff23c WebCore::Document::recalcStyle(WebCore::Style::Change) + 752 (Document.cpp:1844) 3 WebCore 0x0000000189f0a56c WebCore::Document::updateLayout() + 236 (Document.cpp:1893) 4 WebCore 0x000000018a1ff470 WebCore::Document::updateLayoutIgnorePendingStylesheets(WebCore::Document::RunPostLayoutTasks) + 132 (Document.cpp:1951) 5 WebCore 0x0000000189f10cd4 WebCore::Element::getBoundingClientRect() + 44 (Element.cpp:1167) 6 WebCore 0x0000000189f10c20 WebCore::jsElementPrototypeFunctionGetBoundingClientRect(JSC::ExecState*) + 132 (JSElement.cpp:2931) 7 ??? 0x0000000280530030 0 + 10742857776 8 JavaScriptCore 0x00000001899a3608 llint_entry + 26408 9 JavaScriptCore 0x00000001899a3608 llint_entry + 26408 10 JavaScriptCore 0x00000001899a3608 llint_entry + 26408 11 JavaScriptCore 0x00000001899a3608 llint_entry + 26408 12 JavaScriptCore 0x00000001899a39a0 llint_entry + 27328 13 JavaScriptCore 0x000000018999cd18 vmEntryToJavaScript + 264 14 JavaScriptCore 0x0000000189885068 JSC::JITCode::execute(JSC::VM*, JSC::ProtoCallFrame*) + 212 (JITCode.cpp:81) 15 JavaScriptCore 0x0000000189218534 JSC::Interpreter::executeCall(JSC::ExecState*, JSC::JSObject*, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) + 416 (Interpreter.cpp:927) 16 WebCore 0x000000018a3ed3bc WebCore::HTMLMediaElement::didAddUserAgentShadowRoot(WebCore::ShadowRoot*) + 1072 (HTMLMediaElement.cpp:6642) 17 WebCore 0x000000018a2749ec WebCore::Element::addShadowRoot(WTF::Ref<WebCore::ShadowRoot>&&) + 260 (Element.cpp:1763) 18 WebCore 0x0000000189ea4040 WebCore::Element::ensureUserAgentShadowRoot() + 92 (Element.cpp:1856) 19 WebCore 0x000000018a3db9fc WebCore::HTMLMediaElement::configureMediaControls() + 304 (HTMLMediaElement.cpp:3891) 20 WebCore 0x000000018a0c461c WebCore::ContainerNode::notifyChildInserted(WebCore::Node&, WebCore::ContainerNode::ChildChangeSource) + 284 (ContainerNode.cpp:349) 21 WebCore 0x000000018a0c41a8 WebCore::ContainerNode::updateTreeAfterInsertion(WebCore::Node&) + 36 (ContainerNode.cpp:802) 22 WebCore 0x000000018a0c3f68 WebCore::ContainerNode::appendChildWithoutPreInsertionValidityCheck(WebCore::Node&) + 320 (ContainerNode.cpp:691) 23 WebCore 0x000000018a0c3c3c WebCore::ContainerNode::insertBefore(WebCore::Node&, WebCore::Node*) + 332 (ContainerNode.cpp:254) 24 WebCore 0x000000018a7c3ed4 WebCore::JSNode::insertBefore(JSC::ExecState&) + 112 (JSNodeCustom.cpp:126) 25 WebCore 0x0000000189e7ca70 WebCore::jsNodePrototypeFunctionInsertBefore(JSC::ExecState*) + 108 (JSNode.cpp:674) 1273545 1 koivisto 2017-02-06 06:17:15 -0800 rdar://problem/30251840 1273547 2 300715 koivisto 2017-02-06 06:23:45 -0800 Created attachment 300715 patch 1273560 3 300720 koivisto 2017-02-06 07:13:50 -0800 Created attachment 300720 patch 1273604 4 300720 commit-queue 2017-02-06 09:36:42 -0800 Comment on attachment 300720 patch Clearing flags on attachment: 300720 Committed r211730: <http://trac.webkit.org/changeset/211730> 1273605 5 commit-queue 2017-02-06 09:36:47 -0800 All reviewed patches have been landed. Closing bug. 300715 2017-02-06 06:23:45 -0800 2017-02-06 07:13:50 -0800 patch invalidateStyle-nullptr.patch text/plain 1898 koivisto SW5kZXg6IFNvdXJjZS9XZWJDb3JlL0NoYW5nZUxvZwo9PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09Ci0tLSBTb3VyY2UvV2Vi Q29yZS9DaGFuZ2VMb2cJKHJldmlzaW9uIDIxMTcyMikKKysrIFNvdXJjZS9XZWJDb3JlL0NoYW5n ZUxvZwkod29ya2luZyBjb3B5KQpAQCAtMSwzICsxLDIwIEBACisyMDE3LTAyLTA2ICBBbnR0aSBL b2l2aXN0byAgPGFudHRpQGFwcGxlLmNvbT4KKworICAgICAgICBDcmFzaFRyYWNlcjogY29tLmFw cGxlLldlYktpdC5XZWJDb250ZW50IGF0IFdlYkNvcmU6IFdlYkNvcmU6Ok5vZGU6OmludmFsaWRh dGVTdHlsZQorICAgICAgICBodHRwczovL2J1Z3Mud2Via2l0Lm9yZy9zaG93X2J1Zy5jZ2k/aWQ9 MTY3ODc4CisgICAgICAgIHJkYXI6Ly9wcm9ibGVtLzMwMjUxODQwCisKKyAgICAgICAgUmV2aWV3 ZWQgYnkgTk9CT0RZIChPT1BTISkuCisKKyAgICAgICAgU3BlY3VsYXRpdmUgZml4LgorCisgICAg ICAgIFdlIGFyZSB0cnlpbmcgdG8gaW52YWxpZGF0ZSBhIG51bGwgbm9kZSBmcm9tIH5Qb3N0UmVz b2x1dGlvbkNhbGxiYWNrRGlzYWJsZXIuIExvb2tzIGxpa2UgdGhlIG9ubHkgd2F5CisgICAgICAg IHRoaXMgY291bGQgaGFwcGVuIGlzIGlmIEhUTUxGcmFtZU93bmVyRWxlbWVudDo6c2NoZWR1bGVp bnZhbGlkYXRlU3R5bGVBbmRMYXllckNvbXBvc2l0aW9uIGlzIGNhbGxlZAorICAgICAgICB3aXRo IG51bGwgJ3RoaXMnLiBUaGVyZSBpcyBvbmUgY2FzZSBwbGFjZSB3aGVyZSB0aGlzIG1pZ2h0IGhh cHBlbi4KKworICAgICAgICAqIHJlbmRlcmluZy9SZW5kZXJMYXllckNvbXBvc2l0b3IuY3BwOgor ICAgICAgICAoV2ViQ29yZTo6UmVuZGVyTGF5ZXJDb21wb3NpdG9yOjphdHRhY2hSb290TGF5ZXIp OiBBZGQgbnVsbCBjaGVjay4KKwogMjAxNy0wMi0wNiAgQW50b2luZSBRdWludCAgPGdyYW91dHNA YXBwbGUuY29tPgogCiAgICAgICAgIFtNb2Rlcm4gTWVkaWEgQ29udHJvbHNdIEltcHJvdmUgaGFu ZGxpbmcgb2YgPHZpZGVvPiB3aXRoIG9ubHkgYXVkaW8gdHJhY2tzCkluZGV4OiBTb3VyY2UvV2Vi Q29yZS9yZW5kZXJpbmcvUmVuZGVyTGF5ZXJDb21wb3NpdG9yLmNwcAo9PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09Ci0tLSBT b3VyY2UvV2ViQ29yZS9yZW5kZXJpbmcvUmVuZGVyTGF5ZXJDb21wb3NpdG9yLmNwcAkocmV2aXNp b24gMjExNTYzKQorKysgU291cmNlL1dlYkNvcmUvcmVuZGVyaW5nL1JlbmRlckxheWVyQ29tcG9z aXRvci5jcHAJKHdvcmtpbmcgY29weSkKQEAgLTM0NzUsNyArMzQ3NSw4IEBAIHZvaWQgUmVuZGVy TGF5ZXJDb21wb3NpdG9yOjphdHRhY2hSb290TGEKICAgICAgICAgY2FzZSBSb290TGF5ZXJBdHRh Y2hlZFZpYUVuY2xvc2luZ0ZyYW1lOiB7CiAgICAgICAgICAgICAvLyBUaGUgbGF5ZXIgd2lsbCBn ZXQgaG9va2VkIHVwIHZpYSBSZW5kZXJMYXllckJhY2tpbmc6OnVwZGF0ZUNvbmZpZ3VyYXRpb24o KQogICAgICAgICAgICAgLy8gZm9yIHRoZSBmcmFtZSdzIHJlbmRlcmVyIGluIHRoZSBwYXJlbnQg ZG9jdW1lbnQuCi0gICAgICAgICAgICBtX3JlbmRlclZpZXcuZG9jdW1lbnQoKS5vd25lckVsZW1l bnQoKS0+c2NoZWR1bGVpbnZhbGlkYXRlU3R5bGVBbmRMYXllckNvbXBvc2l0aW9uKCk7CisgICAg ICAgICAgICBpZiAoYXV0byogb3duZXJFbGVtZW50ID0gbV9yZW5kZXJWaWV3LmRvY3VtZW50KCku b3duZXJFbGVtZW50KCkpCisgICAgICAgICAgICAgICAgb3duZXJFbGVtZW50LT5zY2hlZHVsZWlu dmFsaWRhdGVTdHlsZUFuZExheWVyQ29tcG9zaXRpb24oKTsKICAgICAgICAgICAgIGJyZWFrOwog ICAgICAgICB9CiAgICAgfQo= 300720 2017-02-06 07:13:50 -0800 2017-02-06 09:36:42 -0800 patch invalidateStyle-nullptr-2.patch text/plain 1892 koivisto SW5kZXg6IFNvdXJjZS9XZWJDb3JlL0NoYW5nZUxvZwo9PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09Ci0tLSBTb3VyY2UvV2Vi Q29yZS9DaGFuZ2VMb2cJKHJldmlzaW9uIDIxMTcyMikKKysrIFNvdXJjZS9XZWJDb3JlL0NoYW5n ZUxvZwkod29ya2luZyBjb3B5KQpAQCAtMSwzICsxLDIwIEBACisyMDE3LTAyLTA2ICBBbnR0aSBL b2l2aXN0byAgPGFudHRpQGFwcGxlLmNvbT4KKworICAgICAgICBDcmFzaFRyYWNlcjogY29tLmFw cGxlLldlYktpdC5XZWJDb250ZW50IGF0IFdlYkNvcmU6IFdlYkNvcmU6Ok5vZGU6OmludmFsaWRh dGVTdHlsZQorICAgICAgICBodHRwczovL2J1Z3Mud2Via2l0Lm9yZy9zaG93X2J1Zy5jZ2k/aWQ9 MTY3ODc4CisgICAgICAgIHJkYXI6Ly9wcm9ibGVtLzMwMjUxODQwCisKKyAgICAgICAgUmV2aWV3 ZWQgYnkgQW5kcmVhcyBLbGluZy4KKworICAgICAgICBTcGVjdWxhdGl2ZSBmaXguCisKKyAgICAg ICAgV2UgYXJlIHRyeWluZyB0byBpbnZhbGlkYXRlIGEgbnVsbCBub2RlIGZyb20gflBvc3RSZXNv bHV0aW9uQ2FsbGJhY2tEaXNhYmxlci4gTG9va3MgbGlrZSB0aGUgb25seSB3YXkKKyAgICAgICAg dGhpcyBjb3VsZCBoYXBwZW4gaXMgaWYgSFRNTEZyYW1lT3duZXJFbGVtZW50OjpzY2hlZHVsZWlu dmFsaWRhdGVTdHlsZUFuZExheWVyQ29tcG9zaXRpb24gaXMgY2FsbGVkCisgICAgICAgIHdpdGgg bnVsbCAndGhpcycuIFRoZXJlIGlzIG9uZSBwbGFjZSB3aGVyZSB0aGlzIG1pZ2h0IGhhcHBlbi4K KworICAgICAgICAqIHJlbmRlcmluZy9SZW5kZXJMYXllckNvbXBvc2l0b3IuY3BwOgorICAgICAg ICAoV2ViQ29yZTo6UmVuZGVyTGF5ZXJDb21wb3NpdG9yOjphdHRhY2hSb290TGF5ZXIpOiBBZGQg bnVsbCBjaGVjay4KKwogMjAxNy0wMi0wNiAgQW50b2luZSBRdWludCAgPGdyYW91dHNAYXBwbGUu Y29tPgogCiAgICAgICAgIFtNb2Rlcm4gTWVkaWEgQ29udHJvbHNdIEltcHJvdmUgaGFuZGxpbmcg b2YgPHZpZGVvPiB3aXRoIG9ubHkgYXVkaW8gdHJhY2tzCkluZGV4OiBTb3VyY2UvV2ViQ29yZS9y ZW5kZXJpbmcvUmVuZGVyTGF5ZXJDb21wb3NpdG9yLmNwcAo9PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09Ci0tLSBTb3VyY2Uv V2ViQ29yZS9yZW5kZXJpbmcvUmVuZGVyTGF5ZXJDb21wb3NpdG9yLmNwcAkocmV2aXNpb24gMjEx NTYzKQorKysgU291cmNlL1dlYkNvcmUvcmVuZGVyaW5nL1JlbmRlckxheWVyQ29tcG9zaXRvci5j cHAJKHdvcmtpbmcgY29weSkKQEAgLTM0NzUsNyArMzQ3NSw4IEBAIHZvaWQgUmVuZGVyTGF5ZXJD b21wb3NpdG9yOjphdHRhY2hSb290TGEKICAgICAgICAgY2FzZSBSb290TGF5ZXJBdHRhY2hlZFZp YUVuY2xvc2luZ0ZyYW1lOiB7CiAgICAgICAgICAgICAvLyBUaGUgbGF5ZXIgd2lsbCBnZXQgaG9v a2VkIHVwIHZpYSBSZW5kZXJMYXllckJhY2tpbmc6OnVwZGF0ZUNvbmZpZ3VyYXRpb24oKQogICAg ICAgICAgICAgLy8gZm9yIHRoZSBmcmFtZSdzIHJlbmRlcmVyIGluIHRoZSBwYXJlbnQgZG9jdW1l bnQuCi0gICAgICAgICAgICBtX3JlbmRlclZpZXcuZG9jdW1lbnQoKS5vd25lckVsZW1lbnQoKS0+ c2NoZWR1bGVpbnZhbGlkYXRlU3R5bGVBbmRMYXllckNvbXBvc2l0aW9uKCk7CisgICAgICAgICAg ICBpZiAoYXV0byogb3duZXJFbGVtZW50ID0gbV9yZW5kZXJWaWV3LmRvY3VtZW50KCkub3duZXJF bGVtZW50KCkpCisgICAgICAgICAgICAgICAgb3duZXJFbGVtZW50LT5zY2hlZHVsZWludmFsaWRh dGVTdHlsZUFuZExheWVyQ29tcG9zaXRpb24oKTsKICAgICAgICAgICAgIGJyZWFrOwogICAgICAg ICB9CiAgICAgfQo=