Load the attached test with debug WebKitTestRunner: Checked version: f368f1d OS: Darwin-15.6.0-x86_64-i386-64bit <object><embed src><LINK REL="stylesheet"href=.> Backtrace: ASSERTION FAILED: !parent->renderer()->isEmbeddedObject() WebKit/Source/WebCore/html/HTMLEmbedElement.cpp(199) : virtual bool WebCore::HTMLEmbedElement::rendererIsNeeded(const WebCore::RenderStyle &) 1 0x11980bf31 WTFCrash 2 0x11fc2f78b WebCore::HTMLEmbedElement::rendererIsNeeded(WebCore::RenderStyle const&) 3 0x1242a4d28 WebCore::Style::affectsRenderedSubtree(WebCore::Element&, WebCore::RenderStyle const&) 4 0x1242a3524 WebCore::Style::TreeResolver::resolveElement(WebCore::Element&) 5 0x1242a6d40 WebCore::Style::TreeResolver::resolveComposedTree() 6 0x1242a887a WebCore::Style::TreeResolver::resolve(WebCore::Style::Change) 7 0x11ee814a3 WebCore::Document::recalcStyle(WebCore::Style::Change) 8 0x11ee6c10b WebCore::Document::updateStyleIfNeeded() 9 0x11f8439e7 WebCore::FrameView::updateLayoutAndStyleIfNeededRecursive() 10 0x111086a85 WebKit::WebPage::layoutIfNeeded() 11 0x1109daf58 WebKit::TiledCoreAnimationDrawingArea::flushLayers() 12 0x12244795c WebCore::LayerFlushScheduler::layerFlushCallback() 13 0x12244ad6c WebCore::LayerFlushScheduler::LayerFlushScheduler(WebCore::LayerFlushSchedulerClient*)::$_0::operator()() const 14 0x12244ac8d _ZNSt3__128__invoke_void_return_wrapperIvE6__callIJRZN7WebCore19LayerFlushSchedulerC1EPNS3_25LayerFlushSchedulerClientEE3$_0EEEvDpOT_ 15 0x12244ac39 std::__1::__function::__func<WebCore::LayerFlushScheduler::LayerFlushScheduler(WebCore::LayerFlushSchedulerClient*)::$_0, std::__1::allocator<WebCore::LayerFlushScheduler::LayerFlushScheduler(WebCore::LayerFlushSchedulerClient*)::$_0>, void ()>::operator()() 16 0x11de01445 std::__1::function<void ()>::operator()() const 17 0x123ac355f WebCore::RunLoopObserver::runLoopObserverFired() 18 0x123ac34e0 WebCore::RunLoopObserver::runLoopObserverFired(__CFRunLoopObserver*, unsigned long, void*) 19 0x7fff927c8fc7 __CFRUNLOOP_IS_CALLING_OUT_TO_AN_OBSERVER_CALLBACK_FUNCTION__ 20 0x7fff927c8f37 __CFRunLoopDoObservers 21 0x7fff927a7e58 CFRunLoopRunSpecific 22 0x7fff90b63935 RunCurrentEventLoopInMode 23 0x7fff90b6376f ReceiveNextEventCommon 24 0x7fff90b635af _BlockUntilNextEventMatchingListInModeWithFilter 25 0x7fff95a03df6 _DPSNextEvent 26 0x7fff95a03226 -[NSApplication _nextEventMatchingEventMask:untilDate:inMode:dequeue:] 27 0x7fff959f7d80 -[NSApplication run] 28 0x7fff959c1368 NSApplicationMain 29 0x7fff897b8194 _xpc_objc_main 30 0x7fff897b6bbe xpc_main 31 0x10fc81f74 main ASAN:DEADLYSIGNAL ================================================================= ==53912==ERROR: AddressSanitizer: SEGV on unknown address 0x0000bbadbeef (pc 0x00011980bf69 bp 0x7fff4ff79a60 sp 0x7fff4ff79a50 T0) #0 0x11980bf68 in WTFCrash (WebKit/WebKitBuild/Debug/JavaScriptCore.framework/Versions/A/JavaScriptCore+0x2e6ef68) #1 0x11fc2f78a in WebCore::HTMLEmbedElement::rendererIsNeeded(WebCore::RenderStyle const&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x1f2578a) #2 0x1242a4d27 in WebCore::Style::affectsRenderedSubtree(WebCore::Element&, WebCore::RenderStyle const&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x659ad27) #3 0x1242a3523 in WebCore::Style::TreeResolver::resolveElement(WebCore::Element&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x6599523) #4 0x1242a6d3f in WebCore::Style::TreeResolver::resolveComposedTree() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x659cd3f) #5 0x1242a8879 in WebCore::Style::TreeResolver::resolve(WebCore::Style::Change) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x659e879) #6 0x11ee814a2 in WebCore::Document::recalcStyle(WebCore::Style::Change) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x11774a2) #7 0x11ee6c10a in WebCore::Document::updateStyleIfNeeded() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x116210a) #8 0x11f8439e6 in WebCore::FrameView::updateLayoutAndStyleIfNeededRecursive() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x1b399e6) #9 0x111086a84 in WebKit::WebPage::layoutIfNeeded() (WebKit/WebKitBuild/Debug/WebKit.framework/Versions/A/WebKit+0x13eda84) #10 0x1109daf57 in WebKit::TiledCoreAnimationDrawingArea::flushLayers() (WebKit/WebKitBuild/Debug/WebKit.framework/Versions/A/WebKit+0xd41f57) #11 0x12244795b in WebCore::LayerFlushScheduler::layerFlushCallback() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x473d95b) #12 0x12244ad6b in WebCore::LayerFlushScheduler::LayerFlushScheduler(WebCore::LayerFlushSchedulerClient*)::$_0::operator()() const (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x4740d6b) #13 0x12244ac8c in _ZNSt3__128__invoke_void_return_wrapperIvE6__callIJRZN7WebCore19LayerFlushSchedulerC1EPNS3_25LayerFlushSchedulerClientEE3$_0EEEvDpOT_ (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x4740c8c) #14 0x12244ac38 in std::__1::__function::__func<WebCore::LayerFlushScheduler::LayerFlushScheduler(WebCore::LayerFlushSchedulerClient*)::$_0, std::__1::allocator<WebCore::LayerFlushScheduler::LayerFlushScheduler(WebCore::LayerFlushSchedulerClient*)::$_0>, void ()>::operator()() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x4740c38) #15 0x11de01444 in std::__1::function<void ()>::operator()() const (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0xf7444) #16 0x123ac355e in WebCore::RunLoopObserver::runLoopObserverFired() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x5db955e) #17 0x123ac34df in WebCore::RunLoopObserver::runLoopObserverFired(__CFRunLoopObserver*, unsigned long, void*) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x5db94df) #18 0x7fff927c8fc6 in __CFRUNLOOP_IS_CALLING_OUT_TO_AN_OBSERVER_CALLBACK_FUNCTION__ (/System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation+0xa9fc6) #19 0x7fff927c8f36 in __CFRunLoopDoObservers (/System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation+0xa9f36) #20 0x7fff927a7e57 in CFRunLoopRunSpecific (/System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation+0x88e57) #21 0x7fff90b63934 in RunCurrentEventLoopInMode (/System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/HIToolbox.framework/Versions/A/HIToolbox+0x30934) #22 0x7fff90b6376e in ReceiveNextEventCommon (/System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/HIToolbox.framework/Versions/A/HIToolbox+0x3076e) #23 0x7fff90b635ae in _BlockUntilNextEventMatchingListInModeWithFilter (/System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/HIToolbox.framework/Versions/A/HIToolbox+0x305ae) #24 0x7fff95a03df5 in _DPSNextEvent (/System/Library/Frameworks/AppKit.framework/Versions/C/AppKit+0x48df5) #25 0x7fff95a03225 in -[NSApplication _nextEventMatchingEventMask:untilDate:inMode:dequeue:] (/System/Library/Frameworks/AppKit.framework/Versions/C/AppKit+0x48225) #26 0x7fff959f7d7f in -[NSApplication run] (/System/Library/Frameworks/AppKit.framework/Versions/C/AppKit+0x3cd7f) #27 0x7fff959c1367 in NSApplicationMain (/System/Library/Frameworks/AppKit.framework/Versions/C/AppKit+0x6367) #28 0x7fff897b8193 in _xpc_objc_main (/usr/lib/system/libxpc.dylib+0x11193) #29 0x7fff897b6bbd in xpc_main (/usr/lib/system/libxpc.dylib+0xfbbd) #30 0x10fc81f73 in main (WebKit/WebKitBuild/Debug/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent.Development+0x100001f73) #31 0x7fff9c5a45ac in start (/usr/lib/system/libdyld.dylib+0x35ac) #32 0x0 (<unknown module>) AddressSanitizer can not provide additional info. SUMMARY: AddressSanitizer: SEGV (WebKit/WebKitBuild/Debug/JavaScriptCore.framework/Versions/A/JavaScriptCore+0x2e6ef68) in WTFCrash ==53912==ABORTING #CRASHED - com.apple.WebKit.WebContent.Development (pid 53912)
Created attachment 297436 [details] Test
Loading this test case in WK2 Debug Mini-Browser only load following in Terminal logs: CONSOLE SECURITY ERROR Did not parse stylesheet at 'https://bug-166010-attachments.webkit.org/' because non CSS MIME types are not allowed when 'X-Content-Type-Options: nosniff' is given. Any steps to reproduce it or if it is not instantly showing assert failed while loading, we can consider this as fixed or resolved?
(In reply to Ahmad Saleem from comment #2) > Loading this test case in WK2 Debug Mini-Browser only load following in > Terminal logs: > > CONSOLE SECURITY ERROR Did not parse stylesheet at > 'https://bug-166010-attachments.webkit.org/' because non CSS MIME types are > not allowed when 'X-Content-Type-Options: nosniff' is given. > > Any steps to reproduce it or if it is not instantly showing assert failed > while loading, we can consider this as fixed or resolved? WebKit Debug based of 259136@main.