Created attachment 304639 [details] Test Load the attached test with debug WebKitTestRunner: Checked version: c9b0459 OS: macOS Sierra (10.12.3) <style> * { -webkit-column-width: 5em; -webkit-appearance: square-button } </style> <ruby> <audio controls></audio> </ruby> Backtrace: ASSERTION FAILED: !object || !isRuby(object->parent()) || is<RenderRubyRun>(*object) || (object->isInline() && (object->isBeforeContent() || object->isAfterContent())) || (object->isAnonymous() && is<RenderBlock>(*object) && object->style().display() == INLINE_BLOCK) WebKit/Source/WebCore/rendering/RenderRuby.cpp(51) : bool WebCore::isAnonymousRubyInlineBlock(const WebCore::RenderObject *) 1 0x127f97521 WTFCrash 2 0x10f63656d WebCore::isAnonymousRubyInlineBlock(WebCore::RenderObject const*) 3 0x10f637225 WebCore::isRubyBeforeBlock(WebCore::RenderObject const*) 4 0x10f635fa2 WebCore::rubyBeforeBlock(WebCore::RenderElement const*) 5 0x10f6362a5 WebCore::lastRubyRun(WebCore::RenderElement const*) 6 0x10f636f2d WebCore::RenderRubyAsBlock::addChild(WebCore::RenderObject*, WebCore::RenderObject*) 7 0x10f94a843 WebCore::RenderTreePosition::insert(WebCore::RenderObject&) 8 0x10f948f69 WebCore::RenderTreeUpdater::createRenderer(WebCore::Element&, WebCore::RenderStyle&&) 9 0x10f946620 WebCore::RenderTreeUpdater::updateElementRenderer(WebCore::Element&, WebCore::Style::ElementUpdate const&) 10 0x10f945b93 WebCore::RenderTreeUpdater::updateRenderTree(WebCore::ContainerNode&) 11 0x10f9449bf WebCore::RenderTreeUpdater::commit(std::__1::unique_ptr<WebCore::Style::Update const, std::__1::default_delete<WebCore::Style::Update const> >) 12 0x10a9ca541 WebCore::Document::resolveStyle(WebCore::Document::ResolveStyleType) 13 0x10a9af6bb WebCore::Document::updateStyleIfNeeded() 14 0x10a9fbb7d WebCore::Document::finishedParsing() 15 0x10b7b8c06 WebCore::HTMLConstructionSite::finishedParsing() 16 0x10bad9d28 WebCore::HTMLTreeBuilder::finished() 17 0x10b8339ac WebCore::HTMLDocumentParser::end() 18 0x10b82e137 WebCore::HTMLDocumentParser::attemptToRunDeferredScriptsAndEnd() 19 0x10b82dcee WebCore::HTMLDocumentParser::prepareToStopParsing() 20 0x10b833acc WebCore::HTMLDocumentParser::attemptToEnd() 21 0x10b833c08 WebCore::HTMLDocumentParser::finish() 22 0x10abc9d00 WebCore::DocumentWriter::end() 23 0x10ab10777 WebCore::DocumentLoader::finishedLoading() 24 0x10ab10173 WebCore::DocumentLoader::notifyFinished(WebCore::CachedResource&) 25 0x109e34274 WebCore::CachedResource::checkNotify() 26 0x109e34904 WebCore::CachedResource::finishLoading(WebCore::SharedBuffer*) 27 0x109e26199 WebCore::CachedRawResource::finishLoading(WebCore::SharedBuffer*) 28 0x1103ad4ca WebCore::SubresourceLoader::didFinishLoading(WebCore::NetworkLoadMetrics const&) 29 0x105c4cac6 WebKit::WebResourceLoader::didFinishResourceLoad(WebCore::NetworkLoadMetrics const&) 30 0x105c5c98a void IPC::callMemberFunctionImpl<WebKit::WebResourceLoader, void (WebKit::WebResourceLoader::*)(WebCore::NetworkLoadMetrics const&), std::__1::tuple<WebCore::NetworkLoadMetrics>, 0ul>(WebKit::WebResourceLoader*, void (WebKit::WebResourceLoader::*)(WebCore::NetworkLoadMetrics const&), std::__1::tuple<WebCore::NetworkLoadMetrics>&&, std::__1::integer_sequence<unsigned long, 0ul>) 31 0x105c5c595 void IPC::callMemberFunction<WebKit::WebResourceLoader, void (WebKit::WebResourceLoader::*)(WebCore::NetworkLoadMetrics const&), std::__1::tuple<WebCore::NetworkLoadMetrics>, std::__1::integer_sequence<unsigned long, 0ul> >(std::__1::tuple<WebCore::NetworkLoadMetrics>&&, WebKit::WebResourceLoader*, void (WebKit::WebResourceLoader::*)(WebCore::NetworkLoadMetrics const&)) ASAN:DEADLYSIGNAL ================================================================= ==42167==ERROR: AddressSanitizer: SEGV on unknown address 0x0000bbadbeef (pc 0x000127f97559 bp 0x7fff5e7a3940 sp 0x7fff5e7a3930 T0) #0 0x127f97558 in WTFCrash (WebKit/WebKitBuild/Debug/JavaScriptCore.framework/Versions/A/JavaScriptCore+0x36db558) #1 0x10f63656c in WebCore::isAnonymousRubyInlineBlock(WebCore::RenderObject const*) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x5e1a56c) #2 0x10f637224 in WebCore::isRubyBeforeBlock(WebCore::RenderObject const*) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x5e1b224) #3 0x10f635fa1 in WebCore::rubyBeforeBlock(WebCore::RenderElement const*) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x5e19fa1) #4 0x10f6362a4 in WebCore::lastRubyRun(WebCore::RenderElement const*) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x5e1a2a4) #5 0x10f636f2c in WebCore::RenderRubyAsBlock::addChild(WebCore::RenderObject*, WebCore::RenderObject*) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x5e1af2c) #6 0x10f94a842 in WebCore::RenderTreePosition::insert(WebCore::RenderObject&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x612e842) #7 0x10f948f68 in WebCore::RenderTreeUpdater::createRenderer(WebCore::Element&, WebCore::RenderStyle&&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x612cf68) #8 0x10f94661f in WebCore::RenderTreeUpdater::updateElementRenderer(WebCore::Element&, WebCore::Style::ElementUpdate const&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x612a61f) #9 0x10f945b92 in WebCore::RenderTreeUpdater::updateRenderTree(WebCore::ContainerNode&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x6129b92) #10 0x10f9449be in WebCore::RenderTreeUpdater::commit(std::__1::unique_ptr<WebCore::Style::Update const, std::__1::default_delete<WebCore::Style::Update const> >) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x61289be) #11 0x10a9ca540 in WebCore::Document::resolveStyle(WebCore::Document::ResolveStyleType) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x11ae540) #12 0x10a9af6ba in WebCore::Document::updateStyleIfNeeded() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x11936ba) #13 0x10a9fbb7c in WebCore::Document::finishedParsing() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x11dfb7c) #14 0x10b7b8c05 in WebCore::HTMLConstructionSite::finishedParsing() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x1f9cc05) #15 0x10bad9d27 in WebCore::HTMLTreeBuilder::finished() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x22bdd27) #16 0x10b8339ab in WebCore::HTMLDocumentParser::end() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x20179ab) #17 0x10b82e136 in WebCore::HTMLDocumentParser::attemptToRunDeferredScriptsAndEnd() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x2012136) #18 0x10b82dced in WebCore::HTMLDocumentParser::prepareToStopParsing() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x2011ced) #19 0x10b833acb in WebCore::HTMLDocumentParser::attemptToEnd() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x2017acb) #20 0x10b833c07 in WebCore::HTMLDocumentParser::finish() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x2017c07) #21 0x10abc9cff in WebCore::DocumentWriter::end() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x13adcff) #22 0x10ab10776 in WebCore::DocumentLoader::finishedLoading() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x12f4776) #23 0x10ab10172 in WebCore::DocumentLoader::notifyFinished(WebCore::CachedResource&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x12f4172) #24 0x109e34273 in WebCore::CachedResource::checkNotify() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x618273) #25 0x109e34903 in WebCore::CachedResource::finishLoading(WebCore::SharedBuffer*) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x618903) #26 0x109e26198 in WebCore::CachedRawResource::finishLoading(WebCore::SharedBuffer*) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x60a198) #27 0x1103ad4c9 in WebCore::SubresourceLoader::didFinishLoading(WebCore::NetworkLoadMetrics const&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x6b914c9) #28 0x105c4cac5 in WebKit::WebResourceLoader::didFinishResourceLoad(WebCore::NetworkLoadMetrics const&) (WebKit/WebKitBuild/Debug/WebKit.framework/Versions/A/WebKit+0x1f14ac5) #29 0x105c5c989 in void IPC::callMemberFunctionImpl<WebKit::WebResourceLoader, void (WebKit::WebResourceLoader::*)(WebCore::NetworkLoadMetrics const&), std::__1::tuple<WebCore::NetworkLoadMetrics>, 0ul>(WebKit::WebResourceLoader*, void (WebKit::WebResourceLoader::*)(WebCore::NetworkLoadMetrics const&), std::__1::tuple<WebCore::NetworkLoadMetrics>&&, std::__1::integer_sequence<unsigned long, 0ul>) (WebKit/WebKitBuild/Debug/WebKit.framework/Versions/A/WebKit+0x1f24989) #30 0x105c5c594 in void IPC::callMemberFunction<WebKit::WebResourceLoader, void (WebKit::WebResourceLoader::*)(WebCore::NetworkLoadMetrics const&), std::__1::tuple<WebCore::NetworkLoadMetrics>, std::__1::integer_sequence<unsigned long, 0ul> >(std::__1::tuple<WebCore::NetworkLoadMetrics>&&, WebKit::WebResourceLoader*, void (WebKit::WebResourceLoader::*)(WebCore::NetworkLoadMetrics const&)) (WebKit/WebKitBuild/Debug/WebKit.framework/Versions/A/WebKit+0x1f24594) #31 0x105c59648 in void IPC::handleMessage<Messages::WebResourceLoader::DidFinishResourceLoad, WebKit::WebResourceLoader, void (WebKit::WebResourceLoader::*)(WebCore::NetworkLoadMetrics const&)>(IPC::Decoder&, WebKit::WebResourceLoader*, void (WebKit::WebResourceLoader::*)(WebCore::NetworkLoadMetrics const&)) (WebKit/WebKitBuild/Debug/WebKit.framework/Versions/A/WebKit+0x1f21648) #32 0x105c577fa in WebKit::WebResourceLoader::didReceiveWebResourceLoaderMessage(IPC::Connection&, IPC::Decoder&) (WebKit/WebKitBuild/Debug/WebKit.framework/Versions/A/WebKit+0x1f1f7fa) #33 0x104650040 in WebKit::NetworkProcessConnection::didReceiveMessage(IPC::Connection&, IPC::Decoder&) (WebKit/WebKitBuild/Debug/WebKit.framework/Versions/A/WebKit+0x918040) #34 0x103f5356a in IPC::Connection::dispatchMessage(IPC::Decoder&) (WebKit/WebKitBuild/Debug/WebKit.framework/Versions/A/WebKit+0x21b56a) #35 0x103f37b94 in IPC::Connection::dispatchMessage(std::__1::unique_ptr<IPC::Decoder, std::__1::default_delete<IPC::Decoder> >) (WebKit/WebKitBuild/Debug/WebKit.framework/Versions/A/WebKit+0x1ffb94) #36 0x103f54255 in IPC::Connection::dispatchOneMessage() (WebKit/WebKitBuild/Debug/WebKit.framework/Versions/A/WebKit+0x21c255) #37 0x103f94eac in IPC::Connection::enqueueIncomingMessage(std::__1::unique_ptr<IPC::Decoder, std::__1::default_delete<IPC::Decoder> >)::$_14::operator()() (WebKit/WebKitBuild/Debug/WebKit.framework/Versions/A/WebKit+0x25ceac) #38 0x103f94dd8 in WTF::Function<void ()>::CallableWrapper<IPC::Connection::enqueueIncomingMessage(std::__1::unique_ptr<IPC::Decoder, std::__1::default_delete<IPC::Decoder> >)::$_14>::call() (WebKit/WebKitBuild/Debug/WebKit.framework/Versions/A/WebKit+0x25cdd8) #39 0x12801b470 in WTF::Function<void ()>::operator()() const (WebKit/WebKitBuild/Debug/JavaScriptCore.framework/Versions/A/JavaScriptCore+0x375f470) #40 0x12806a1a0 in WTF::RunLoop::performWork() (WebKit/WebKitBuild/Debug/JavaScriptCore.framework/Versions/A/JavaScriptCore+0x37ae1a0) #41 0x12806b1d1 in WTF::RunLoop::performWork(void*) (WebKit/WebKitBuild/Debug/JavaScriptCore.framework/Versions/A/JavaScriptCore+0x37af1d1) #42 0x7fff79d43980 in __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ (/System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation+0xa7980) #43 0x7fff79d24a7c in __CFRunLoopDoSources0 (/System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation+0x88a7c) #44 0x7fff79d23f75 in __CFRunLoopRun (/System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation+0x87f75) #45 0x7fff79d23973 in CFRunLoopRunSpecific (/System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation+0x87973) #46 0x7fff792afa5b in RunCurrentEventLoopInMode (/System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/HIToolbox.framework/Versions/A/HIToolbox+0x30a5b) #47 0x7fff792af890 in ReceiveNextEventCommon (/System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/HIToolbox.framework/Versions/A/HIToolbox+0x30890) #48 0x7fff792af6c5 in _BlockUntilNextEventMatchingListInModeWithFilter (/System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/HIToolbox.framework/Versions/A/HIToolbox+0x306c5) #49 0x7fff778555b3 in _DPSNextEvent (/System/Library/Frameworks/AppKit.framework/Versions/C/AppKit+0x475b3) #50 0x7fff77fcfd6a in -[NSApplication(NSEvent) _nextEventMatchingEventMask:untilDate:inMode:dequeue:] (/System/Library/Frameworks/AppKit.framework/Versions/C/AppKit+0x7c1d6a) #51 0x7fff77849f34 in -[NSApplication run] (/System/Library/Frameworks/AppKit.framework/Versions/C/AppKit+0x3bf34) #52 0x7fff7781484f in NSApplicationMain (/System/Library/Frameworks/AppKit.framework/Versions/C/AppKit+0x684f) #53 0x7fff8f4df8c6 in _xpc_objc_main (/usr/lib/system/libxpc.dylib+0x108c6) #54 0x7fff8f4de2e3 in xpc_main (/usr/lib/system/libxpc.dylib+0xf2e3) #55 0x101454fb2 in main (WebKit/WebKitBuild/Debug/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent.Development+0x100001fb2) #56 0x7fff8f27b254 in start (/usr/lib/system/libdyld.dylib+0x5254) AddressSanitizer can not provide additional info. SUMMARY: AddressSanitizer: SEGV (WebKit/WebKitBuild/Debug/JavaScriptCore.framework/Versions/A/JavaScriptCore+0x36db558) in WTFCrash ==42167==ABORTING #CRASHED - com.apple.WebKit.WebContent.Development (pid 42167) LEAK: 1 WebProcessPool LEAK: 1 WebPageProxy