Summary: | Release assert in ScriptController::canExecuteScripts via WebCore::SVGUseElement::insertedIntoAncestor | ||||||||
---|---|---|---|---|---|---|---|---|---|
Product: | WebKit | Reporter: | Ryosuke Niwa <rniwa> | ||||||
Component: | SVG | Assignee: | Ryosuke Niwa <rniwa> | ||||||
Status: | RESOLVED FIXED | ||||||||
Severity: | Normal | CC: | commit-queue, ews-watchlist, koivisto, rniwa, sabouhallawa, zalan, zimmermann | ||||||
Priority: | P2 | Keywords: | InRadar | ||||||
Version: | WebKit Nightly Build | ||||||||
Hardware: | Unspecified | ||||||||
OS: | Unspecified | ||||||||
Attachments: |
|
Description
Ryosuke Niwa
2018-06-27 23:57:40 PDT
Oops, wrong stack trace :( Thread 0 Crashed ↩:: Dispatch queue: com.apple.main-thread 0 com.apple.WebCore 0x00007fff52eb9d4d WebCore::ScriptController::canExecuteScripts(WebCore::ReasonForCallingCanExecuteScripts) + 509 1 com.apple.WebCore 0x00007fff539922b2 WebCore::JSEventListener::handleEvent(WebCore::ScriptExecutionContext&, WebCore::Event&) + 338 2 com.apple.WebCore 0x00007fff53bc43b4 WebCore::EventTarget::fireEventListeners(WebCore::Event&, WTF::Vector<WTF::RefPtr<WebCore::RegisteredEventListener, WTF::DumbPtrTraits<WebCore::RegisteredEventListener> >, 1ul, WTF::CrashOnOverflow, 16ul>) + 836 3 com.apple.WebCore 0x00007fff53bc21f0 WebCore::EventTarget::fireEventListeners(WebCore::Event&) + 512 4 com.apple.WebCore 0x00007fff53bc1196 WebCore::dispatchEventInDOM(WebCore::Event&, WebCore::EventPath const&) + 86 5 com.apple.WebCore 0x00007fff53bc0e8a WebCore::EventDispatcher::dispatchEvent(WebCore::Node&, WebCore::Event&) + 602 6 com.apple.WebCore 0x00007fff543e25cd WebCore::SVGUseElement::notifyFinished(WebCore::CachedResource&) + 125 7 com.apple.WebCore 0x00007fff53ee0578 WebCore::CachedResource::didAddClient(WebCore::CachedResourceClient&) + 152 8 com.apple.WebCore 0x00007fff543dffbb WebCore::SVGUseElement::updateExternalDocument() + 1435 9 com.apple.WebCore 0x00007fff543df9c0 WebCore::SVGUseElement::insertedIntoAncestor(WebCore::Node::InsertionType, WebCore::ContainerNode&) + 128 10 com.apple.WebCore 0x00007fff53b7095d WebCore::notifyNodeInsertedIntoDocument(WebCore::ContainerNode&, WebCore::Node&, WebCore::TreeScopeChange, WTF::Vector<WTF::Ref<WebCore::Node, WTF::DumbPtrTraits<WebCore::Node> >, 11ul, WTF::CrashOnOverflow, 16ul>&) + 61 11 com.apple.WebCore 0x00007fff53b709d8 WebCore::notifyNodeInsertedIntoDocument(WebCore::ContainerNode&, WebCore::Node&, WebCore::TreeScopeChange, WTF::Vector<WTF::Ref<WebCore::Node, WTF::DumbPtrTraits<WebCore::Node> >, 11ul, WTF::CrashOnOverflow, 16ul>&) + 184 12 com.apple.WebCore 0x00007fff53b709d8 WebCore::notifyNodeInsertedIntoDocument(WebCore::ContainerNode&, WebCore::Node&, WebCore::TreeScopeChange, WTF::Vector<WTF::Ref<WebCore::Node, WTF::DumbPtrTraits<WebCore::Node> >, 11ul, WTF::CrashOnOverflow, 16ul>&) + 184 13 com.apple.WebCore 0x00007fff53b7087b WebCore::notifyChildNodeInserted(WebCore::ContainerNode&, WebCore::Node&) + 107 14 com.apple.WebCore 0x00007fff53b6d397 WebCore::ContainerNode::replaceChild(WebCore::Node&, WebCore::Node&) + 1479 15 com.apple.WebCore 0x00007fff53bdba7b WebCore::Node::replaceChild(WebCore::Node&, WebCore::Node&) + 43 16 com.apple.WebCore 0x00007fff52fdf759 WebCore::jsNodePrototypeFunctionReplaceChild(JSC::ExecState*) + 361 Created attachment 343800 [details]
Fixes the bug
Comment on attachment 343800 [details] Fixes the bug Attachment 343800 [details] did not pass mac-wk2-ews (mac-wk2): Output: https://webkit-queues.webkit.org/results/8367770 New failing tests: http/tests/security/javascriptURL/xss-ALLOWED-from-javascript-url-window-open.html Created attachment 343803 [details]
Archive of layout-test-results from ews106 for mac-sierra-wk2
The attached test failures were seen while running run-webkit-tests on the mac-wk2-ews.
Bot: ews106 Port: mac-sierra-wk2 Platform: Mac OS X 10.12.6
Hm... I don't think this test failure is related to my patch. Comment on attachment 343800 [details] Fixes the bug Clearing flags on attachment: 343800 Committed r233324: <https://trac.webkit.org/changeset/233324> All reviewed patches have been landed. Closing bug. |