Bug 145518

Summary: ASSERT(revalidatingResource.inCache()) in MemoryCache when reloading tumblr.com
Product: WebKit Reporter: Chris Dumez <cdumez>
Component: Page LoadingAssignee: Chris Dumez <cdumez>
Status: RESOLVED FIXED    
Severity: Normal CC: beidson, commit-queue, japhet, joepeck, kling, koivisto
Priority: P2 Keywords: InRadar
Version: 528+ (Nightly build)   
Hardware: Unspecified   
OS: Unspecified   
Attachments:
Description Flags
Patch none

Chris Dumez
Reported 2015-06-01 11:27:39 PDT
ASSERT(revalidatingResource.inCache()) in MemoryCache when reloading tumblr.com: * thread #1: tid = 0x172676, 0x0000000116c46bca JavaScriptCore`::WTFCrash() + 42 at Assertions.cpp:321, queue = 'com.apple.main-thread', stop reason = EXC_BAD_ACCESS (code=1, address=0xbbadbeef) * frame #0: 0x0000000116c46bca JavaScriptCore`::WTFCrash() + 42 at Assertions.cpp:321 frame #1: 0x00000001199a9dbb WebCore`WebCore::MemoryCache::revalidationSucceeded(this=0x000000011b301190, revalidatingResource=0x00000001342e9a00, response=0x00007fff542aff20) + 283 at MemoryCache.cpp:132 frame #2: 0x000000011a1d58f1 WebCore`WebCore::SubresourceLoader::didReceiveResponse(this=0x00000001343b6c80, response=0x00007fff542aff20) + 321 at SubresourceLoader.cpp:217 frame #3: 0x00000001137e5047 WebKit`WebKit::WebResourceLoader::didReceiveResponse(this=0x0000000135d90ed0, response=0x00007fff542aff20, needsContinueDidReceiveResponseMessage=false) + 311 at WebResourceLoader.cpp:129 frame #4: 0x00000001137eac4d WebKit`void IPC::callMemberFunctionImpl<WebKit::WebResourceLoader, void (WebKit::WebResourceLoader::*)(WebCore::ResourceResponse const&, bool), std::__1::tuple<WebCore::ResourceResponse, bool>, 0ul, 1ul>(object=0x0000000135d90ed0, function=0x00000001137e4f10, args=0x00007fff542aff20, (null)=index_sequence<0, 1> at 0x00007fff542afdc8)(WebCore::ResourceResponse const&, bool), std::__1::tuple<WebCore::ResourceResponse, bool>&&, std::index_sequence<0ul, 1ul>) + 205 at HandleMessage.h:16 frame #5: 0x00000001137eaad8 WebKit`void IPC::callMemberFunction<WebKit::WebResourceLoader, void (WebKit::WebResourceLoader::*)(WebCore::ResourceResponse const&, bool), std::__1::tuple<WebCore::ResourceResponse, bool>, std::make_index_sequence<2ul> >(args=0x00007fff542aff20, object=0x0000000135d90ed0, function=0x00000001137e4f10)(WebCore::ResourceResponse const&, bool)) + 88 at HandleMessage.h:22 frame #6: 0x00000001137e9886 WebKit`void IPC::handleMessage<Messages::WebResourceLoader::DidReceiveResponse, WebKit::WebResourceLoader, void (WebKit::WebResourceLoader::*)(WebCore::ResourceResponse const&, bool)>(decoder=0x0000000135991000, object=0x0000000135d90ed0, function=0x00000001137e4f10)(WebCore::ResourceResponse const&, bool)) + 374 at HandleMessage.h:92 frame #7: 0x00000001137e9066 WebKit`WebKit::WebResourceLoader::didReceiveWebResourceLoaderMessage(this=0x0000000135d90ed0, connection=0x00000001217fb290, decoder=0x0000000135991000) + 502 at WebResourceLoaderMessageReceiver.cpp:63 frame #8: 0x00000001130de460 WebKit`WebKit::NetworkProcessConnection::didReceiveMessage(this=0x0000000121fffb40, connection=0x00000001217fb290, decoder=0x0000000135991000) + 160 at NetworkProcessConnection.cpp:60 frame #9: 0x0000000112ea9323 WebKit`IPC::Connection::dispatchMessage(this=0x00000001217fb290, decoder=0x0000000135991000) + 51 at Connection.cpp:870 frame #10: 0x0000000112ea14d0 WebKit`IPC::Connection::dispatchMessage(this=0x00000001217fb290, message=unique_ptr<IPC::MessageDecoder, std::__1::default_delete<IPC::MessageDecoder> > at 0x00007fff542b04b8) + 416 at Connection.cpp:893 frame #11: 0x0000000112ea991f WebKit`IPC::Connection::dispatchOneMessage(this=0x00000001217fb290) + 1519 at Connection.cpp:921 frame #12: 0x0000000112eab00d WebKit`IPC::Connection::enqueueIncomingMessage(this=0x00007fec23f22068)::$_9::operator()() const + 29 at Connection.cpp:864 frame #13: 0x0000000112eaafdc WebKit`std::__1::__function::__func<IPC::Connection::enqueueIncomingMessage(std::__1::unique_ptr<IPC::MessageDecoder, std::__1::default_delete<IPC::MessageDecoder> >)::$_9, std::__1::allocator<IPC::Connection::enqueueIncomingMessage(std::__1::unique_ptr<IPC::MessageDecoder, std::__1::default_delete<IPC::MessageDecoder> >)::$_9>, void ()>::operator()() [inlined] decltype(this=0x00007fec23f22068, __f=0x00007fec23f22068)::$_9&>(fp)(std::__1::forward<>(fp0))) std::__1::__invoke<IPC::Connection::enqueueIncomingMessage(std::__1::unique_ptr<IPC::MessageDecoder, std::__1::default_delete<IPC::MessageDecoder> >)::$_9&>(IPC::Connection::enqueueIncomingMessage(std::__1::unique_ptr<IPC::MessageDecoder, std::__1::default_delete<IPC::MessageDecoder> >)::$_9&&&) + 60 at __functional_base:413 frame #14: 0x0000000112eaafcb WebKit`std::__1::__function::__func<IPC::Connection::enqueueIncomingMessage(std::__1::unique_ptr<IPC::MessageDecoder, std::__1::default_delete<IPC::MessageDecoder> >)::$_9, std::__1::allocator<IPC::Connection::enqueueIncomingMessage(std::__1::unique_ptr<IPC::MessageDecoder, std::__1::default_delete<IPC::MessageDecoder> >)::$_9>, void ()>::operator(this=0x00007fec23f22060)() + 43 at functional:1370 frame #15: 0x000000011676771a JavaScriptCore`std::__1::function<void ()>::operator(this=0x00007fff542b09b0)() const + 26 at functional:1755 frame #16: 0x0000000116c7b2c1 JavaScriptCore`WTF::RunLoop::performWork(this=0x0000000121ff9000) + 561 at RunLoop.cpp:119 frame #17: 0x0000000116c7c494 JavaScriptCore`WTF::RunLoop::performWork(context=0x0000000121ff9000) + 36 at RunLoopCF.cpp:38 frame #18: 0x00007fff8c9aaa01 CoreFoundation`__CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ + 17 frame #19: 0x00007fff8c99cb8d CoreFoundation`__CFRunLoopDoSources0 + 269 frame #20: 0x00007fff8c99c1bf CoreFoundation`__CFRunLoopRun + 927 frame #21: 0x00007fff8c99bbd8 CoreFoundation`CFRunLoopRunSpecific + 296 frame #22: 0x00007fff96a5256f HIToolbox`RunCurrentEventLoopInMode + 235 frame #23: 0x00007fff96a522ea HIToolbox`ReceiveNextEventCommon + 431 frame #24: 0x00007fff96a5212b HIToolbox`_BlockUntilNextEventMatchingListInModeWithFilter + 71 frame #25: 0x00007fff9a7359bb AppKit`_DPSNextEvent + 978 frame #26: 0x00007fff9a734f68 AppKit`-[NSApplication nextEventMatchingMask:untilDate:inMode:dequeue:] + 346 frame #27: 0x00007fff9a72abf3 AppKit`-[NSApplication run] + 594 frame #28: 0x00007fff9a6a7354 AppKit`NSApplicationMain + 1832 frame #29: 0x00007fff9636b958 libxpc.dylib`_xpc_objc_main + 793 frame #30: 0x00007fff9636d060 libxpc.dylib`xpc_main + 490 frame #31: 0x000000010b94e177 com.apple.WebKit.WebContent.Development`main(argc=1, argv=0x00007fff542b22d8) + 39 at XPCServiceMain.Development.mm:170 frame #32: 0x00007fff947d25c9 libdyld.dylib`start + 1 frame #33: 0x00007fff947d25c9 libdyld.dylib`start + 1 (lldb) up frame #1: 0x00000001199a9dbb WebCore`WebCore::MemoryCache::revalidationSucceeded(this=0x000000011b301190, revalidatingResource=0x00000001342e9a00, response=0x00007fff542aff20) + 283 at MemoryCache.cpp:132 129 CachedResource& resource = *revalidatingResource.resourceToRevalidate(); 130 ASSERT(!resource.inCache()); 131 ASSERT(resource.isLoaded()); -> 132 ASSERT(revalidatingResource.inCache()); 133 134 // Calling remove() can potentially delete revalidatingResource, which we use 135 // below. This mustn't be the case since revalidation means it is loaded Radar: <rdar://problem/21168573>
Attachments
Patch (5.25 KB, patch)
2015-06-01 11:35 PDT, Chris Dumez 		no flags
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Chris Dumez
Comment 1 2015-06-01 11:35:34 PDT
Created attachment 254010 [details] Patch
WebKit Commit Bot
Comment 2 2015-06-01 12:31:57 PDT
Comment on attachment 254010 [details] Patch Clearing flags on attachment: 254010 Committed r185070: <http://trac.webkit.org/changeset/185070>
WebKit Commit Bot
Comment 3 2015-06-01 12:32:02 PDT
All reviewed patches have been landed. Closing bug.
Note You need to log in before you can comment on or make changes to this bug.