Bug 164082 - ASSERTION FAILED: rangesIntersect(m_renderer.logicalTopForFloat(floatingObject), m_renderer.logicalBottomForFloat(floatingObject), m_belowLogicalHeight, m_aboveLogicalHeight) in WebCore::FindNextFloatLogicalBottomAdapter::collectIfNeeded
Summary: ASSERTION FAILED: rangesIntersect(m_renderer.logicalTopForFloat(floatingObjec...
Status: RESOLVED DUPLICATE of bug 249571
Alias: None
Product: WebKit
Classification: Unclassified
Component: Layout and Rendering (show other bugs)
Version: WebKit Local Build
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: Nobody
URL:
Keywords:
Depends on:
Blocks: 116980
  Show dependency treegraph
 
Reported: 2016-10-27 14:37 PDT by Renata Hodovan
Modified: 2022-12-22 13:28 PST (History)
2 users (show)

See Also:

Attachments
Test (251 bytes, application/octet-stream)
2016-10-27 14:37 PDT, Renata Hodovan 		no flags Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Renata Hodovan 2016-10-27 14:37:49 PDT 
Load the attached test with debug WebKitTestRunner:

Checked version: 2c9fa6e
OS: Darwin-15.6.0-x86_64-i386-64bit

><style>*{margin-bottom:94044547</style><div></div><img>qqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqq<table ALIGN=right><table><div>wwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwww

Backtrace:

WebKit/Source/WebKit2/Shared/mac/SandboxExtensionMac.mm(229) : static bool WebKit::SandboxExtension::createHandle(const WTF::String &, WebKit::SandboxExtension::Type, WebKit::SandboxExtension::Handle &)
ASSERTION FAILED: rangesIntersect(m_renderer.logicalTopForFloat(floatingObject), m_renderer.logicalBottomForFloat(floatingObject), m_belowLogicalHeight, m_aboveLogicalHeight)
WebKit/Source/WebCore/rendering/FloatingObjects.cpp(218) : void WebCore::FindNextFloatLogicalBottomAdapter::collectIfNeeded(const IntervalType &)
1   0x1105904f1 WTFCrash
2   0x115f72975 WebCore::FindNextFloatLogicalBottomAdapter::collectIfNeeded(WebCore::PODInterval<WebCore::LayoutUnit, WebCore::FloatingObject*> const&)
3   0x115f71d3a void WebCore::PODIntervalTree<WebCore::LayoutUnit, WebCore::FloatingObject*>::searchForOverlapsFrom<WebCore::FindNextFloatLogicalBottomAdapter>(WebCore::PODRedBlackTree<WebCore::PODInterval<WebCore::LayoutUnit, WebCore::FloatingObject*> >::Node*, WebCore::FindNextFloatLogicalBottomAdapter&) const
4   0x115f6cb40 void WebCore::PODIntervalTree<WebCore::LayoutUnit, WebCore::FloatingObject*>::allOverlapsWithAdapter<WebCore::FindNextFloatLogicalBottomAdapter>(WebCore::FindNextFloatLogicalBottomAdapter&) const
5   0x115f66be3 WebCore::FloatingObjects::findNextFloatLogicalBottomBelow(WebCore::LayoutUnit)
6   0x11961dc32 WebCore::RenderBlockFlow::nextFloatLogicalBottomBelow(WebCore::LayoutUnit) const
7   0x118c2d6ab WebCore::LineWidth::fitBelowFloats(bool)
8   0x118bde57a WebCore::BreakingContext::handleText(WTF::Vector<WebCore::WordMeasurement, 64ul, WTF::CrashOnOverflow, 16ul>&, bool&, unsigned int&)
9   0x118bce294 WebCore::LineBreaker::nextLineBreak(WebCore::BidiResolverWithIsolate<WebCore::InlineIterator, WebCore::BidiRun, WebCore::BidiIsolatedRun>&, WebCore::LineInfo&, WebCore::LineLayoutState&, WebCore::RenderTextInfo&, WebCore::FloatingObject*, unsigned int, WTF::Vector<WebCore::WordMeasurement, 64ul, WTF::CrashOnOverflow, 16ul>&)
10  0x119662b0a WebCore::RenderBlockFlow::layoutRunsAndFloatsInRange(WebCore::LineLayoutState&, WebCore::BidiResolverWithIsolate<WebCore::InlineIterator, WebCore::BidiRun, WebCore::BidiIsolatedRun>&, WebCore::InlineIterator const&, WebCore::BidiStatus const&, unsigned int)
11  0x11965f80b WebCore::RenderBlockFlow::layoutRunsAndFloats(WebCore::LineLayoutState&, bool)
12  0x11966af42 WebCore::RenderBlockFlow::layoutLineBoxes(bool, WebCore::LayoutUnit&, WebCore::LayoutUnit&)
13  0x1195e679b WebCore::RenderBlockFlow::layoutInlineChildren(bool, WebCore::LayoutUnit&, WebCore::LayoutUnit&)
14  0x1195e3791 WebCore::RenderBlockFlow::layoutBlock(bool, WebCore::LayoutUnit)
15  0x11952d1b2 WebCore::RenderBlock::layout()
16  0x1195ee3e4 WebCore::RenderBlockFlow::layoutBlockChild(WebCore::RenderBox&, WebCore::RenderBlockFlow::MarginInfo&, WebCore::LayoutUnit&, WebCore::LayoutUnit&)
17  0x1195e6f50 WebCore::RenderBlockFlow::layoutBlockChildren(bool, WebCore::LayoutUnit&)
18  0x1195e3808 WebCore::RenderBlockFlow::layoutBlock(bool, WebCore::LayoutUnit)
19  0x11952d1b2 WebCore::RenderBlock::layout()
20  0x1195ee3e4 WebCore::RenderBlockFlow::layoutBlockChild(WebCore::RenderBox&, WebCore::RenderBlockFlow::MarginInfo&, WebCore::LayoutUnit&, WebCore::LayoutUnit&)
21  0x1195e6f50 WebCore::RenderBlockFlow::layoutBlockChildren(bool, WebCore::LayoutUnit&)
22  0x1195e3808 WebCore::RenderBlockFlow::layoutBlock(bool, WebCore::LayoutUnit)
23  0x11952d1b2 WebCore::RenderBlock::layout()
24  0x1195ee3e4 WebCore::RenderBlockFlow::layoutBlockChild(WebCore::RenderBox&, WebCore::RenderBlockFlow::MarginInfo&, WebCore::LayoutUnit&, WebCore::LayoutUnit&)
25  0x1195e6f50 WebCore::RenderBlockFlow::layoutBlockChildren(bool, WebCore::LayoutUnit&)
26  0x1195e3808 WebCore::RenderBlockFlow::layoutBlock(bool, WebCore::LayoutUnit)
27  0x11952d1b2 WebCore::RenderBlock::layout()
28  0x119f743b6 WebCore::RenderView::layoutContent(WebCore::LayoutState const&)
29  0x119f76816 WebCore::RenderView::layout()
30  0x1163286a2 WebCore::FrameView::layout(bool)
31  0x1159a86fa WebCore::Document::updateLayout()
ASAN:DEADLYSIGNAL
=================================================================
==7968==ERROR: AddressSanitizer: SEGV on unknown address 0x0000bbadbeef (pc 0x000110590529 bp 0x7fff58f09990 sp 0x7fff58f09980 T0)
    #0 0x110590528 in WTFCrash (WebKit/WebKitBuild/Debug/JavaScriptCore.framework/Versions/A/JavaScriptCore+0x2d01528)
    #1 0x115f72974 in WebCore::FindNextFloatLogicalBottomAdapter::collectIfNeeded(WebCore::PODInterval<WebCore::LayoutUnit, WebCore::FloatingObject*> const&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x174e974)
    #2 0x115f71d39 in void WebCore::PODIntervalTree<WebCore::LayoutUnit, WebCore::FloatingObject*>::searchForOverlapsFrom<WebCore::FindNextFloatLogicalBottomAdapter>(WebCore::PODRedBlackTree<WebCore::PODInterval<WebCore::LayoutUnit, WebCore::FloatingObject*> >::Node*, WebCore::FindNextFloatLogicalBottomAdapter&) const (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x174dd39)
    #3 0x115f6cb3f in void WebCore::PODIntervalTree<WebCore::LayoutUnit, WebCore::FloatingObject*>::allOverlapsWithAdapter<WebCore::FindNextFloatLogicalBottomAdapter>(WebCore::FindNextFloatLogicalBottomAdapter&) const (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x1748b3f)
    #4 0x115f66be2 in WebCore::FloatingObjects::findNextFloatLogicalBottomBelow(WebCore::LayoutUnit) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x1742be2)
    #5 0x11961dc31 in WebCore::RenderBlockFlow::nextFloatLogicalBottomBelow(WebCore::LayoutUnit) const (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x4df9c31)
    #6 0x118c2d6aa in WebCore::LineWidth::fitBelowFloats(bool) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x44096aa)
    #7 0x118bde579 in WebCore::BreakingContext::handleText(WTF::Vector<WebCore::WordMeasurement, 64ul, WTF::CrashOnOverflow, 16ul>&, bool&, unsigned int&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x43ba579)
    #8 0x118bce293 in WebCore::LineBreaker::nextLineBreak(WebCore::BidiResolverWithIsolate<WebCore::InlineIterator, WebCore::BidiRun, WebCore::BidiIsolatedRun>&, WebCore::LineInfo&, WebCore::LineLayoutState&, WebCore::RenderTextInfo&, WebCore::FloatingObject*, unsigned int, WTF::Vector<WebCore::WordMeasurement, 64ul, WTF::CrashOnOverflow, 16ul>&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x43aa293)
    #9 0x119662b09 in WebCore::RenderBlockFlow::layoutRunsAndFloatsInRange(WebCore::LineLayoutState&, WebCore::BidiResolverWithIsolate<WebCore::InlineIterator, WebCore::BidiRun, WebCore::BidiIsolatedRun>&, WebCore::InlineIterator const&, WebCore::BidiStatus const&, unsigned int) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x4e3eb09)
    #10 0x11965f80a in WebCore::RenderBlockFlow::layoutRunsAndFloats(WebCore::LineLayoutState&, bool) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x4e3b80a)
    #11 0x11966af41 in WebCore::RenderBlockFlow::layoutLineBoxes(bool, WebCore::LayoutUnit&, WebCore::LayoutUnit&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x4e46f41)
    #12 0x1195e679a in WebCore::RenderBlockFlow::layoutInlineChildren(bool, WebCore::LayoutUnit&, WebCore::LayoutUnit&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x4dc279a)
    #13 0x1195e3790 in WebCore::RenderBlockFlow::layoutBlock(bool, WebCore::LayoutUnit) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x4dbf790)
    #14 0x11952d1b1 in WebCore::RenderBlock::layout() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x4d091b1)
    #15 0x1195ee3e3 in WebCore::RenderBlockFlow::layoutBlockChild(WebCore::RenderBox&, WebCore::RenderBlockFlow::MarginInfo&, WebCore::LayoutUnit&, WebCore::LayoutUnit&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x4dca3e3)
    #16 0x1195e6f4f in WebCore::RenderBlockFlow::layoutBlockChildren(bool, WebCore::LayoutUnit&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x4dc2f4f)
    #17 0x1195e3807 in WebCore::RenderBlockFlow::layoutBlock(bool, WebCore::LayoutUnit) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x4dbf807)
    #18 0x11952d1b1 in WebCore::RenderBlock::layout() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x4d091b1)
    #19 0x1195ee3e3 in WebCore::RenderBlockFlow::layoutBlockChild(WebCore::RenderBox&, WebCore::RenderBlockFlow::MarginInfo&, WebCore::LayoutUnit&, WebCore::LayoutUnit&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x4dca3e3)
    #20 0x1195e6f4f in WebCore::RenderBlockFlow::layoutBlockChildren(bool, WebCore::LayoutUnit&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x4dc2f4f)
    #21 0x1195e3807 in WebCore::RenderBlockFlow::layoutBlock(bool, WebCore::LayoutUnit) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x4dbf807)
    #22 0x11952d1b1 in WebCore::RenderBlock::layout() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x4d091b1)
    #23 0x1195ee3e3 in WebCore::RenderBlockFlow::layoutBlockChild(WebCore::RenderBox&, WebCore::RenderBlockFlow::MarginInfo&, WebCore::LayoutUnit&, WebCore::LayoutUnit&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x4dca3e3)
    #24 0x1195e6f4f in WebCore::RenderBlockFlow::layoutBlockChildren(bool, WebCore::LayoutUnit&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x4dc2f4f)
    #25 0x1195e3807 in WebCore::RenderBlockFlow::layoutBlock(bool, WebCore::LayoutUnit) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x4dbf807)
    #26 0x11952d1b1 in WebCore::RenderBlock::layout() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x4d091b1)
    #27 0x119f743b5 in WebCore::RenderView::layoutContent(WebCore::LayoutState const&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x57503b5)
    #28 0x119f76815 in WebCore::RenderView::layout() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x5752815)
    #29 0x1163286a1 in WebCore::FrameView::layout(bool) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x1b046a1)
    #30 0x1159a86f9 in WebCore::Document::updateLayout() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x11846f9)
    #31 0x1159b0fc0 in WebCore::Document::updateLayoutIgnorePendingStylesheets(WebCore::Document::RunPostLayoutTasks) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x118cfc0)
    #32 0x115d5aad9 in WebCore::Element::focus(bool, WebCore::FocusDirection) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x1536ad9)
    #33 0x11674609e in WebCore::HTMLFormControlElement::didAttachRenderers()::$_1::operator()() const (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x1f2209e)
    #34 0x116745f58 in WTF::Function<void ()>::CallableWrapper<WebCore::HTMLFormControlElement::didAttachRenderers()::$_1>::call() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x1f21f58)
    #35 0x114963980 in WTF::Function<void ()>::operator()() const (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x13f980)
    #36 0x11a8f2d9c in WebCore::Style::PostResolutionCallbackDisabler::~PostResolutionCallbackDisabler() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x60ced9c)
    #37 0x11a8f2e64 in WebCore::Style::PostResolutionCallbackDisabler::~PostResolutionCallbackDisabler() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x60cee64)
    #38 0x1159afc24 in WebCore::Document::recalcStyle(WebCore::Style::Change) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x118bc24)
    #39 0x11599a00a in WebCore::Document::updateStyleIfNeeded() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x117600a)
    #40 0x116863c18 in WebCore::HTMLObjectElement::parseAttribute(WebCore::QualifiedName const&, WTF::AtomicString const&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x203fc18)
    #41 0x115d523a8 in WebCore::Element::attributeChanged(WebCore::QualifiedName const&, WTF::AtomicString const&, WTF::AtomicString const&, WebCore::Element::AttributeModificationReason) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x152e3a8)
    #42 0x11a7fa3d7 in WebCore::StyledElement::attributeChanged(WebCore::QualifiedName const&, WTF::AtomicString const&, WTF::AtomicString const&, WebCore::Element::AttributeModificationReason) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x5fd63d7)
    #43 0x115d53ab2 in WebCore::Element::parserSetAttributes(WTF::Vector<WebCore::Attribute, 0ul, WTF::CrashOnOverflow, 16ul> const&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x152fab2)
    #44 0x11665dacc in WebCore::setAttributes(WebCore::Element&, WTF::Vector<WebCore::Attribute, 0ul, WTF::CrashOnOverflow, 16ul>&, WebCore::ParserContentPolicy) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x1e39acc)
    #45 0x11665aa15 in WebCore::setAttributes(WebCore::Element&, WebCore::AtomicHTMLToken&, WebCore::ParserContentPolicy) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x1e36a15)
    #46 0x11665d68b in WebCore::HTMLConstructionSite::createHTMLElementOrFindCustomElementInterface(WebCore::AtomicHTMLToken&, WebCore::JSCustomElementInterface**) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x1e3968b)
    #47 0x11665c4b1 in WebCore::HTMLConstructionSite::createHTMLElement(WebCore::AtomicHTMLToken&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x1e384b1)
    #48 0x11665cc5b in WebCore::HTMLConstructionSite::insertHTMLElement(WebCore::AtomicHTMLToken&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x1e38c5b)
    #49 0x11694b58e in WebCore::HTMLTreeBuilder::processStartTagForInBody(WebCore::AtomicHTMLToken&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x212758e)
    #50 0x11694386c in WebCore::HTMLTreeBuilder::processStartTag(WebCore::AtomicHTMLToken&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x211f86c)
    #51 0x116942674 in WebCore::HTMLTreeBuilder::processToken(WebCore::AtomicHTMLToken&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x211e674)
    #52 0x1169414b8 in WebCore::HTMLTreeBuilder::constructTree(WebCore::AtomicHTMLToken&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x211d4b8)
    #53 0x1166cd576 in WebCore::HTMLDocumentParser::constructTreeFromHTMLToken(WebCore::HTMLTokenizer::TokenPtr&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x1ea9576)
    #54 0x1166cd2d2 in WebCore::HTMLDocumentParser::pumpTokenizerLoop(WebCore::HTMLDocumentParser::SynchronousMode, bool, WebCore::PumpSession&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x1ea92d2)
    #55 0x1166caeb2 in WebCore::HTMLDocumentParser::pumpTokenizer(WebCore::HTMLDocumentParser::SynchronousMode) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x1ea6eb2)
    #56 0x1166ca86f in WebCore::HTMLDocumentParser::pumpTokenizerIfPossible(WebCore::HTMLDocumentParser::SynchronousMode) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x1ea686f)
    #57 0x1166ceafb in WebCore::HTMLDocumentParser::append(WTF::RefPtr<WTF::StringImpl>&&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x1eaaafb)
    #58 0x11587c1eb in WebCore::DecodedDataDocumentParser::appendBytes(WebCore::DocumentWriter&, char const*, unsigned long) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x10581eb)
    #59 0x115b9acf1 in WebCore::DocumentWriter::addData(char const*, unsigned long) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x1376cf1)
    #60 0x115af5045 in WebCore::DocumentLoader::commitData(char const*, unsigned long) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x12d1045)
    #61 0x107dece4d in WebKit::WebFrameLoaderClient::committedLoad(WebCore::DocumentLoader*, char const*, int) (WebKit/WebKitBuild/Debug/WebKit.framework/Versions/A/WebKit+0x10ede4d)
    #62 0x115afa1b6 in WebCore::DocumentLoader::commitLoad(char const*, int) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x12d61b6)
    #63 0x115af9efa in WebCore::DocumentLoader::dataReceived(char const*, int) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x12d5efa)
    #64 0x115afa598 in WebCore::DocumentLoader::dataReceived(WebCore::CachedResource&, char const*, int) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x12d6598)
    #65 0x114e2a931 in WebCore::CachedRawResource::notifyClientsDataWasReceived(char const*, unsigned int) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x606931)
    #66 0x114e2a5e0 in WebCore::CachedRawResource::addDataBuffer(WebCore::SharedBuffer&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x6065e0)
    #67 0x11a92691a in WebCore::SubresourceLoader::didReceiveDataOrBuffer(char const*, int, WTF::RefPtr<WebCore::SharedBuffer>&&, long long, WebCore::DataPayloadType) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x610291a)
    #68 0x11a926250 in WebCore::SubresourceLoader::didReceiveData(char const*, unsigned int, long long, WebCore::DataPayloadType) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x6102250)
    #69 0x1087901fa in WebKit::WebResourceLoader::didReceiveData(IPC::DataReference const&, long long) (WebKit/WebKitBuild/Debug/WebKit.framework/Versions/A/WebKit+0x1a911fa)
    #70 0x10879e003 in void IPC::callMemberFunctionImpl<WebKit::WebResourceLoader, void (WebKit::WebResourceLoader::*)(IPC::DataReference const&, long long), std::__1::tuple<IPC::DataReference, long long>, 0ul, 1ul>(WebKit::WebResourceLoader*, void (WebKit::WebResourceLoader::*)(IPC::DataReference const&, long long), std::__1::tuple<IPC::DataReference, long long>&&, std::__1::integer_sequence<unsigned long, 0ul, 1ul>) (WebKit/WebKitBuild/Debug/WebKit.framework/Versions/A/WebKit+0x1a9f003)
    #71 0x10879db04 in void IPC::callMemberFunction<WebKit::WebResourceLoader, void (WebKit::WebResourceLoader::*)(IPC::DataReference const&, long long), std::__1::tuple<IPC::DataReference, long long>, std::__1::integer_sequence<unsigned long, 0ul, 1ul> >(std::__1::tuple<IPC::DataReference, long long>&&, WebKit::WebResourceLoader*, void (WebKit::WebResourceLoader::*)(IPC::DataReference const&, long long)) (WebKit/WebKitBuild/Debug/WebKit.framework/Versions/A/WebKit+0x1a9eb04)
    #72 0x10879b211 in void IPC::handleMessage<Messages::WebResourceLoader::DidReceiveData, WebKit::WebResourceLoader, void (WebKit::WebResourceLoader::*)(IPC::DataReference const&, long long)>(IPC::Decoder&, WebKit::WebResourceLoader*, void (WebKit::WebResourceLoader::*)(IPC::DataReference const&, long long)) (WebKit/WebKitBuild/Debug/WebKit.framework/Versions/A/WebKit+0x1a9c211)
    #73 0x1087997c0 in WebKit::WebResourceLoader::didReceiveWebResourceLoaderMessage(IPC::Connection&, IPC::Decoder&) (WebKit/WebKitBuild/Debug/WebKit.framework/Versions/A/WebKit+0x1a9a7c0)
    #74 0x1074c2da9 in WebKit::NetworkProcessConnection::didReceiveMessage(IPC::Connection&, IPC::Decoder&) (WebKit/WebKitBuild/Debug/WebKit.framework/Versions/A/WebKit+0x7c3da9)
    #75 0x106ed6fba in IPC::Connection::dispatchMessage(IPC::Decoder&) (WebKit/WebKitBuild/Debug/WebKit.framework/Versions/A/WebKit+0x1d7fba)
    #76 0x106ebf7c4 in IPC::Connection::dispatchMessage(std::__1::unique_ptr<IPC::Decoder, std::__1::default_delete<IPC::Decoder> >) (WebKit/WebKitBuild/Debug/WebKit.framework/Versions/A/WebKit+0x1c07c4)
    #77 0x106ed7ca5 in IPC::Connection::dispatchOneMessage() (WebKit/WebKitBuild/Debug/WebKit.framework/Versions/A/WebKit+0x1d8ca5)
    #78 0x106ee825c in IPC::Connection::enqueueIncomingMessage(std::__1::unique_ptr<IPC::Decoder, std::__1::default_delete<IPC::Decoder> >)::$_14::operator()() (WebKit/WebKitBuild/Debug/WebKit.framework/Versions/A/WebKit+0x1e925c)
    #79 0x106ee8188 in WTF::Function<void ()>::CallableWrapper<IPC::Connection::enqueueIncomingMessage(std::__1::unique_ptr<IPC::Decoder, std::__1::default_delete<IPC::Decoder> >)::$_14>::call() (WebKit/WebKitBuild/Debug/WebKit.framework/Versions/A/WebKit+0x1e9188)
    #80 0x110614830 in WTF::Function<void ()>::operator()() const (WebKit/WebKitBuild/Debug/JavaScriptCore.framework/Versions/A/JavaScriptCore+0x2d85830)
    #81 0x11065ec46 in WTF::RunLoop::performWork() (WebKit/WebKitBuild/Debug/JavaScriptCore.framework/Versions/A/JavaScriptCore+0x2dcfc46)
    #82 0x11065fb11 in WTF::RunLoop::performWork(void*) (WebKit/WebKitBuild/Debug/JavaScriptCore.framework/Versions/A/JavaScriptCore+0x2dd0b11)
    #83 0x7fff81c1f880 in __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ (/System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation+0xaa880)
    #84 0x7fff81bfefbb in __CFRunLoopDoSources0 (/System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation+0x89fbb)
    #85 0x7fff81bfe4de in __CFRunLoopRun (/System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation+0x894de)
    #86 0x7fff81bfded7 in CFRunLoopRunSpecific (/System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation+0x88ed7)
    #87 0x7fff82fde934 in RunCurrentEventLoopInMode (/System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/HIToolbox.framework/Versions/A/HIToolbox+0x30934)
    #88 0x7fff82fde76e in ReceiveNextEventCommon (/System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/HIToolbox.framework/Versions/A/HIToolbox+0x3076e)
    #89 0x7fff82fde5ae in _BlockUntilNextEventMatchingListInModeWithFilter (/System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/HIToolbox.framework/Versions/A/HIToolbox+0x305ae)
    #90 0x7fff8e643df5 in _DPSNextEvent (/System/Library/Frameworks/AppKit.framework/Versions/C/AppKit+0x48df5)
    #91 0x7fff8e643225 in -[NSApplication _nextEventMatchingEventMask:untilDate:inMode:dequeue:] (/System/Library/Frameworks/AppKit.framework/Versions/C/AppKit+0x48225)
    #92 0x7fff8e637d7f in -[NSApplication run] (/System/Library/Frameworks/AppKit.framework/Versions/C/AppKit+0x3cd7f)
    #93 0x7fff8e601367 in NSApplicationMain (/System/Library/Frameworks/AppKit.framework/Versions/C/AppKit+0x6367)
    #94 0x7fff92f09193 in _xpc_objc_main (/usr/lib/system/libxpc.dylib+0x11193)
    #95 0x7fff92f07bbd in xpc_main (/usr/lib/system/libxpc.dylib+0xfbbd)
    #96 0x106ce3f73 in main (WebKit/WebKitBuild/Debug/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent.Development+0x100001f73)
    #97 0x7fff8ab8d5ac in start (/usr/lib/system/libdyld.dylib+0x35ac)
    #98 0x0  (<unknown module>)

AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV (WebKit/WebKitBuild/Debug/JavaScriptCore.framework/Versions/A/JavaScriptCore+0x2d01528) in WTFCrash
==7968==ABORTING
#CRASHED - com.apple.WebKit.WebContent.Development (pid 7968)
Comment 1 Renata Hodovan 2016-10-27 14:37:52 PDT 
Created attachment 293059 [details]
Test
Comment 2 Fujii Hironori 2022-12-22 13:28:49 PST 

*** This bug has been marked as a duplicate of bug 249571 ***