170284 – ASSERTION FAILED: codePath(TextRun(text)) != FontCascade::Complex in WebCore::FontCascade::widthForSimpleText

Bug 170284 - ASSERTION FAILED: codePath(TextRun(text)) != FontCascade::Complex in WebCore::FontCascade::widthForSimpleText

Summary: ASSERTION FAILED: codePath(TextRun(text)) != FontCascade::Complex in WebCore:...

Status:	RESOLVED CONFIGURATION CHANGED

Alias:	None

Product:	WebKit
Classification:	Unclassified
Component:	WebCore Misc. (show other bugs)
Version:	WebKit Local Build
Hardware:	Unspecified Unspecified

Importance:	P2 Normal
Assignee:	Nobody

URL:
Keywords:

Depends on:
Blocks:	116980
	Show dependency tree / graph

Reported:	2017-03-30 06:30 PDT by Renata Hodovan
Modified:	2021-08-11 00:08 PDT (History)
CC List:	3 users (show)

See Also:

Attachments
Test (206 bytes, text/html) 2017-03-30 06:30 PDT, Renata Hodovan	no flags	Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Renata Hodovan 2017-03-30 06:30:28 PDT

Created attachment 305860 [details]
Test

Load the attached test with debug WebKitTestRunner:

Checked version: ea2710e
OS: macOS Sierra (10.12.3)

<script>
window.onload = function(){
    document.execCommand('selectAll')
    document.designMode='on'
    document.execCommand('indent')
}
</script>
<style>
* {
    font-feature-settings:"swsh"
}
</style>

Backtrace:

ASSERTION FAILED: codePath(TextRun(text)) != FontCascade::Complex
WebKit/Source/WebCore/platform/graphics/FontCascade.cpp(425) : float WebCore::FontCascade::widthForSimpleText(WTF::StringView) const
1   0x136223a31 WTFCrash
2   0x1191317bb WebCore::FontCascade::widthForSimpleText(WTF::StringView) const
3   0x11e04d99b WebCore::SimpleLineLayout::TextFragmentIterator::Style::Style(WebCore::RenderStyle const&, bool)
4   0x11e04e3bc WebCore::SimpleLineLayout::TextFragmentIterator::Style::Style(WebCore::RenderStyle const&, bool)
5   0x11e04e6a3 WebCore::SimpleLineLayout::TextFragmentIterator::TextFragmentIterator(WebCore::RenderBlockFlow const&)
6   0x11e04e7fd WebCore::SimpleLineLayout::TextFragmentIterator::TextFragmentIterator(WebCore::RenderBlockFlow const&)
7   0x11e00534c WebCore::SimpleLineLayout::createTextRuns(WTF::Vector<WebCore::SimpleLineLayout::Run, 10ul, WTF::CrashOnOverflow, 16ul>&, WebCore::RenderBlockFlow&, unsigned int&)
8   0x11e004de5 WebCore::SimpleLineLayout::create(WebCore::RenderBlockFlow&)
9   0x11d0b9f71 WebCore::RenderBlockFlow::layoutSimpleLines(bool, WebCore::LayoutUnit&, WebCore::LayoutUnit&)
10  0x11d0ad73b WebCore::RenderBlockFlow::layoutInlineChildren(bool, WebCore::LayoutUnit&, WebCore::LayoutUnit&)
11  0x11d0aa1b1 WebCore::RenderBlockFlow::layoutBlock(bool, WebCore::LayoutUnit)
12  0x11cfeb564 WebCore::RenderBlock::layout()
13  0x11d0b76f4 WebCore::RenderBlockFlow::layoutBlockChild(WebCore::RenderBox&, WebCore::RenderBlockFlow::MarginInfo&, WebCore::LayoutUnit&, WebCore::LayoutUnit&)
14  0x11d0ae03f WebCore::RenderBlockFlow::layoutBlockChildren(bool, WebCore::LayoutUnit&)
15  0x11d0aa228 WebCore::RenderBlockFlow::layoutBlock(bool, WebCore::LayoutUnit)
16  0x11cfeb564 WebCore::RenderBlock::layout()
17  0x11d0b76f4 WebCore::RenderBlockFlow::layoutBlockChild(WebCore::RenderBox&, WebCore::RenderBlockFlow::MarginInfo&, WebCore::LayoutUnit&, WebCore::LayoutUnit&)
18  0x11d0ae03f WebCore::RenderBlockFlow::layoutBlockChildren(bool, WebCore::LayoutUnit&)
19  0x11d0aa228 WebCore::RenderBlockFlow::layoutBlock(bool, WebCore::LayoutUnit)
20  0x11cfeb564 WebCore::RenderBlock::layout()
21  0x11d0b76f4 WebCore::RenderBlockFlow::layoutBlockChild(WebCore::RenderBox&, WebCore::RenderBlockFlow::MarginInfo&, WebCore::LayoutUnit&, WebCore::LayoutUnit&)
22  0x11d0ae03f WebCore::RenderBlockFlow::layoutBlockChildren(bool, WebCore::LayoutUnit&)
23  0x11d0aa228 WebCore::RenderBlockFlow::layoutBlock(bool, WebCore::LayoutUnit)
24  0x11cfeb564 WebCore::RenderBlock::layout()
25  0x11d0b76f4 WebCore::RenderBlockFlow::layoutBlockChild(WebCore::RenderBox&, WebCore::RenderBlockFlow::MarginInfo&, WebCore::LayoutUnit&, WebCore::LayoutUnit&)
26  0x11d0ae03f WebCore::RenderBlockFlow::layoutBlockChildren(bool, WebCore::LayoutUnit&)
27  0x11d0aa228 WebCore::RenderBlockFlow::layoutBlock(bool, WebCore::LayoutUnit)
28  0x11cfeb564 WebCore::RenderBlock::layout()
29  0x11d9f3b46 WebCore::RenderView::layoutContent(WebCore::LayoutState const&)
30  0x11d9f5fa6 WebCore::RenderView::layout()
31  0x1194127ab WebCore::FrameView::layout(bool)
ASAN:DEADLYSIGNAL
=================================================================
==89606==ERROR: AddressSanitizer: SEGV on unknown address 0x0000bbadbeef (pc 0x000136223a69 bp 0x7fff51454cf0 sp 0x7fff51454ce0 T0)
    #0 0x136223a68 in WTFCrash (WebKit/WebKitBuild/Debug/JavaScriptCore.framework/Versions/A/JavaScriptCore+0x3793a68)
    #1 0x1191317ba in WebCore::FontCascade::widthForSimpleText(WTF::StringView) const (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x192f7ba)
    #2 0x11e04d99a in WebCore::SimpleLineLayout::TextFragmentIterator::Style::Style(WebCore::RenderStyle const&, bool) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x684b99a)
    #3 0x11e04e3bb in WebCore::SimpleLineLayout::TextFragmentIterator::Style::Style(WebCore::RenderStyle const&, bool) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x684c3bb)
    #4 0x11e04e6a2 in WebCore::SimpleLineLayout::TextFragmentIterator::TextFragmentIterator(WebCore::RenderBlockFlow const&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x684c6a2)
    #5 0x11e04e7fc in WebCore::SimpleLineLayout::TextFragmentIterator::TextFragmentIterator(WebCore::RenderBlockFlow const&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x684c7fc)
    #6 0x11e00534b in WebCore::SimpleLineLayout::createTextRuns(WTF::Vector<WebCore::SimpleLineLayout::Run, 10ul, WTF::CrashOnOverflow, 16ul>&, WebCore::RenderBlockFlow&, unsigned int&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x680334b)
    #7 0x11e004de4 in WebCore::SimpleLineLayout::create(WebCore::RenderBlockFlow&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x6802de4)
    #8 0x11d0b9f70 in WebCore::RenderBlockFlow::layoutSimpleLines(bool, WebCore::LayoutUnit&, WebCore::LayoutUnit&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x58b7f70)
    #9 0x11d0ad73a in WebCore::RenderBlockFlow::layoutInlineChildren(bool, WebCore::LayoutUnit&, WebCore::LayoutUnit&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x58ab73a)
    #10 0x11d0aa1b0 in WebCore::RenderBlockFlow::layoutBlock(bool, WebCore::LayoutUnit) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x58a81b0)
    #11 0x11cfeb563 in WebCore::RenderBlock::layout() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x57e9563)
    #12 0x11d0b76f3 in WebCore::RenderBlockFlow::layoutBlockChild(WebCore::RenderBox&, WebCore::RenderBlockFlow::MarginInfo&, WebCore::LayoutUnit&, WebCore::LayoutUnit&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x58b56f3)
    #13 0x11d0ae03e in WebCore::RenderBlockFlow::layoutBlockChildren(bool, WebCore::LayoutUnit&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x58ac03e)
    #14 0x11d0aa227 in WebCore::RenderBlockFlow::layoutBlock(bool, WebCore::LayoutUnit) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x58a8227)
    #15 0x11cfeb563 in WebCore::RenderBlock::layout() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x57e9563)
    #16 0x11d0b76f3 in WebCore::RenderBlockFlow::layoutBlockChild(WebCore::RenderBox&, WebCore::RenderBlockFlow::MarginInfo&, WebCore::LayoutUnit&, WebCore::LayoutUnit&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x58b56f3)
    #17 0x11d0ae03e in WebCore::RenderBlockFlow::layoutBlockChildren(bool, WebCore::LayoutUnit&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x58ac03e)
    #18 0x11d0aa227 in WebCore::RenderBlockFlow::layoutBlock(bool, WebCore::LayoutUnit) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x58a8227)
    #19 0x11cfeb563 in WebCore::RenderBlock::layout() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x57e9563)
    #20 0x11d0b76f3 in WebCore::RenderBlockFlow::layoutBlockChild(WebCore::RenderBox&, WebCore::RenderBlockFlow::MarginInfo&, WebCore::LayoutUnit&, WebCore::LayoutUnit&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x58b56f3)
    #21 0x11d0ae03e in WebCore::RenderBlockFlow::layoutBlockChildren(bool, WebCore::LayoutUnit&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x58ac03e)
    #22 0x11d0aa227 in WebCore::RenderBlockFlow::layoutBlock(bool, WebCore::LayoutUnit) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x58a8227)
    #23 0x11cfeb563 in WebCore::RenderBlock::layout() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x57e9563)
    #24 0x11d0b76f3 in WebCore::RenderBlockFlow::layoutBlockChild(WebCore::RenderBox&, WebCore::RenderBlockFlow::MarginInfo&, WebCore::LayoutUnit&, WebCore::LayoutUnit&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x58b56f3)
    #25 0x11d0ae03e in WebCore::RenderBlockFlow::layoutBlockChildren(bool, WebCore::LayoutUnit&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x58ac03e)
    #26 0x11d0aa227 in WebCore::RenderBlockFlow::layoutBlock(bool, WebCore::LayoutUnit) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x58a8227)
    #27 0x11cfeb563 in WebCore::RenderBlock::layout() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x57e9563)
    #28 0x11d9f3b45 in WebCore::RenderView::layoutContent(WebCore::LayoutState const&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x61f1b45)
    #29 0x11d9f5fa5 in WebCore::RenderView::layout() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x61f3fa5)
    #30 0x1194127aa in WebCore::FrameView::layout(bool) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x1c107aa)
    #31 0x1189f5619 in WebCore::Document::updateLayout() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x11f3619)
    #32 0x1189ffe31 in WebCore::Document::updateLayoutIgnorePendingStylesheets(WebCore::Document::RunPostLayoutTasks) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x11fde31)
    #33 0x11ec0ab07 in WebCore::VisiblePosition::canonicalPosition(WebCore::Position const&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x7408b07)
    #34 0x11ec0a6cc in WebCore::VisiblePosition::init(WebCore::Position const&, WebCore::EAffinity) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x74086cc)
    #35 0x11ec0a502 in WebCore::VisiblePosition::VisiblePosition(WebCore::Position const&, WebCore::EAffinity) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x7408502)
    #36 0x11ec0a8d2 in WebCore::VisiblePosition::VisiblePosition(WebCore::Position const&, WebCore::EAffinity) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x74088d2)
    #37 0x11ec17104 in WebCore::VisibleSelection::setBaseAndExtentToDeepEquivalents() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x7415104)
    #38 0x11ec14c14 in WebCore::VisibleSelection::validate(WebCore::TextGranularity) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x7412c14)
    #39 0x11ec14ecd in WebCore::VisibleSelection::VisibleSelection(WebCore::Position const&, WebCore::Position const&, WebCore::EAffinity, bool) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x7412ecd)
    #40 0x11ec14f1b in WebCore::VisibleSelection::VisibleSelection(WebCore::Position const&, WebCore::Position const&, WebCore::EAffinity, bool) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x7412f1b)
    #41 0x1180aa624 in WebCore::CompositeEditCommand::moveParagraphWithClones(WebCore::VisiblePosition const&, WebCore::VisiblePosition const&, WebCore::Element*, WebCore::Node*) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x8a8624)
    #42 0x119f0b7cf in WebCore::IndentOutdentCommand::indentIntoBlockquote(WebCore::Position const&, WebCore::Position const&, WTF::RefPtr<WebCore::Element>&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x27097cf)
    #43 0x119f0d48b in WebCore::IndentOutdentCommand::formatRange(WebCore::Position const&, WebCore::Position const&, WebCore::Position const&, WTF::RefPtr<WebCore::Element>&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x270b48b)
    #44 0x117a7a470 in WebCore::ApplyBlockElementCommand::formatSelection(WebCore::VisiblePosition const&, WebCore::VisiblePosition const&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x278470)
    #45 0x119f0d3fe in WebCore::IndentOutdentCommand::formatSelection(WebCore::VisiblePosition const&, WebCore::VisiblePosition const&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x270b3fe)
    #46 0x117a79037 in WebCore::ApplyBlockElementCommand::doApply() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x277037)
    #47 0x1180969b9 in WebCore::CompositeEditCommand::apply() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x8949b9)
    #48 0x1180965d0 in WebCore::applyCommand(WTF::PassRefPtr<WebCore::CompositeEditCommand>) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x8945d0)
    #49 0x118db05fc in WebCore::executeIndent(WebCore::Frame&, WebCore::Event*, WebCore::EditorCommandSource, WTF::String const&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x15ae5fc)
    #50 0x118dac2eb in WebCore::Editor::Command::execute(WTF::String const&, WebCore::Event*) const (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x15aa2eb)
    #51 0x118a2b5f1 in WebCore::Document::execCommand(WTF::String const&, bool, WTF::String const&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x12295f1)
    #52 0x11a799b3a in WebCore::jsDocumentPrototypeFunctionExecCommandCaller(JSC::ExecState*, WebCore::JSDocument*, JSC::ThrowScope&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x2f97b3a)
    #53 0x11a74b743 in long long WebCore::BindingCaller<WebCore::JSDocument>::callOperation<&(WebCore::jsDocumentPrototypeFunctionExecCommandCaller(JSC::ExecState*, WebCore::JSDocument*, JSC::ThrowScope&)), (WebCore::CastedThisErrorBehavior)0>(JSC::ExecState*, char const*) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x2f49743)
    #54 0x11a74b2b9 in WebCore::jsDocumentPrototypeFunctionExecCommand(JSC::ExecState*) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x2f492b9)
    #55 0x33da6f801027  (<unknown module>)
    #56 0x13538c30e in llint_entry (WebKit/WebKitBuild/Debug/JavaScriptCore.framework/Versions/A/JavaScriptCore+0x28fc30e)
    #57 0x135384bdd in vmEntryToJavaScript (WebKit/WebKitBuild/Debug/JavaScriptCore.framework/Versions/A/JavaScriptCore+0x28f4bdd)
    #58 0x134d4ba2f in JSC::JITCode::execute(JSC::VM*, JSC::ProtoCallFrame*) (WebKit/WebKitBuild/Debug/JavaScriptCore.framework/Versions/A/JavaScriptCore+0x22bba2f)
    #59 0x134c65bf5 in JSC::Interpreter::executeCall(JSC::ExecState*, JSC::JSObject*, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) (WebKit/WebKitBuild/Debug/JavaScriptCore.framework/Versions/A/JavaScriptCore+0x21d5bf5)
    #60 0x1335a625a in JSC::call(JSC::ExecState*, JSC::JSValue, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) (WebKit/WebKitBuild/Debug/JavaScriptCore.framework/Versions/A/JavaScriptCore+0xb1625a)
    #61 0x1335a67d7 in JSC::call(JSC::ExecState*, JSC::JSValue, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&, WTF::NakedPtr<JSC::Exception>&) (WebKit/WebKitBuild/Debug/JavaScriptCore.framework/Versions/A/JavaScriptCore+0xb167d7)
    #62 0x1335a734d in JSC::profiledCall(JSC::ExecState*, JSC::ProfilingReason, JSC::JSValue, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&, WTF::NakedPtr<JSC::Exception>&) (WebKit/WebKitBuild/Debug/JavaScriptCore.framework/Versions/A/JavaScriptCore+0xb1734d)
    #63 0x11a4aedb0 in WebCore::JSMainThreadExecState::profiledCall(JSC::ExecState*, JSC::ProfilingReason, JSC::JSValue, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&, WTF::NakedPtr<JSC::Exception>&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x2cacdb0)
    #64 0x11acad749 in WebCore::JSEventListener::handleEvent(WebCore::ScriptExecutionContext*, WebCore::Event*) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x34ab749)
    #65 0x118ed0369 in WebCore::EventTarget::fireEventListeners(WebCore::Event&, WTF::Vector<WTF::RefPtr<WebCore::RegisteredEventListener>, 1ul, WTF::CrashOnOverflow, 16ul>) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x16ce369)
    #66 0x118ecfb95 in WebCore::EventTarget::fireEventListeners(WebCore::Event&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x16cdb95)
    #67 0x118c7d5ea in WebCore::DOMWindow::dispatchEvent(WebCore::Event&, WebCore::EventTarget*) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x147b5ea)
    #68 0x118c9b7e6 in WebCore::DOMWindow::dispatchLoadEvent() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x14997e6)
    #69 0x118a0c1fc in WebCore::Document::dispatchWindowLoadEvent() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x120a1fc)
    #70 0x1189ff2dc in WebCore::Document::implicitClose() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x11fd2dc)
    #71 0x11937b982 in WebCore::FrameLoader::checkCallImplicitClose() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x1b79982)
    #72 0x11937b17c in WebCore::FrameLoader::checkCompleted() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x1b7917c)
    #73 0x11937720b in WebCore::FrameLoader::finishedParsing() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x1b7520b)
    #74 0x118a2fa58 in WebCore::Document::finishedParsing() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x122da58)
    #75 0x1197e6ab5 in WebCore::HTMLConstructionSite::finishedParsing() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x1fe4ab5)
    #76 0x119af8cd7 in WebCore::HTMLTreeBuilder::finished() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x22f6cd7)
    #77 0x1198629bb in WebCore::HTMLDocumentParser::end() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x20609bb)
    #78 0x11985d146 in WebCore::HTMLDocumentParser::attemptToRunDeferredScriptsAndEnd() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x205b146)
    #79 0x11985ccfd in WebCore::HTMLDocumentParser::prepareToStopParsing() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x205acfd)
    #80 0x119862adb in WebCore::HTMLDocumentParser::attemptToEnd() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x2060adb)
    #81 0x119862c17 in WebCore::HTMLDocumentParser::finish() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x2060c17)
    #82 0x118bf6c7f in WebCore::DocumentWriter::end() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x13f4c7f)
    #83 0x118b3f956 in WebCore::DocumentLoader::finishedLoading() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x133d956)
    #84 0x118b3f352 in WebCore::DocumentLoader::notifyFinished(WebCore::CachedResource&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x133d352)
    #85 0x117e202f3 in WebCore::CachedResource::checkNotify() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x61e2f3)
    #86 0x117e20983 in WebCore::CachedResource::finishLoading(WebCore::SharedBuffer*) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x61e983)
    #87 0x117e12218 in WebCore::CachedRawResource::finishLoading(WebCore::SharedBuffer*) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x610218)
    #88 0x11e445af1 in WebCore::SubresourceLoader::didFinishLoading(WebCore::NetworkLoadMetrics const&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x6c43af1)
    #89 0x1106fbd15 in WebKit::WebResourceLoader::didFinishResourceLoad(WebCore::NetworkLoadMetrics const&) (WebKit/WebKitBuild/Debug/WebKit.framework/Versions/A/WebKit+0x1f51d15)
    #90 0x11070bbd9 in void IPC::callMemberFunctionImpl<WebKit::WebResourceLoader, void (WebKit::WebResourceLoader::*)(WebCore::NetworkLoadMetrics const&), std::__1::tuple<WebCore::NetworkLoadMetrics>, 0ul>(WebKit::WebResourceLoader*, void (WebKit::WebResourceLoader::*)(WebCore::NetworkLoadMetrics const&), std::__1::tuple<WebCore::NetworkLoadMetrics>&&, std::__1::integer_sequence<unsigned long, 0ul>) (WebKit/WebKitBuild/Debug/WebKit.framework/Versions/A/WebKit+0x1f61bd9)
    #91 0x11070b7e4 in void IPC::callMemberFunction<WebKit::WebResourceLoader, void (WebKit::WebResourceLoader::*)(WebCore::NetworkLoadMetrics const&), std::__1::tuple<WebCore::NetworkLoadMetrics>, std::__1::integer_sequence<unsigned long, 0ul> >(std::__1::tuple<WebCore::NetworkLoadMetrics>&&, WebKit::WebResourceLoader*, void (WebKit::WebResourceLoader::*)(WebCore::NetworkLoadMetrics const&)) (WebKit/WebKitBuild/Debug/WebKit.framework/Versions/A/WebKit+0x1f617e4)
    #92 0x110708898 in void IPC::handleMessage<Messages::WebResourceLoader::DidFinishResourceLoad, WebKit::WebResourceLoader, void (WebKit::WebResourceLoader::*)(WebCore::NetworkLoadMetrics const&)>(IPC::Decoder&, WebKit::WebResourceLoader*, void (WebKit::WebResourceLoader::*)(WebCore::NetworkLoadMetrics const&)) (WebKit/WebKitBuild/Debug/WebKit.framework/Versions/A/WebKit+0x1f5e898)
    #93 0x110706a4a in WebKit::WebResourceLoader::didReceiveWebResourceLoaderMessage(IPC::Connection&, IPC::Decoder&) (WebKit/WebKitBuild/Debug/WebKit.framework/Versions/A/WebKit+0x1f5ca4a)
    #94 0x10f0d702c in WebKit::NetworkProcessConnection::didReceiveMessage(IPC::Connection&, IPC::Decoder&) (WebKit/WebKitBuild/Debug/WebKit.framework/Versions/A/WebKit+0x92d02c)
    #95 0x10e9d0f1a in IPC::Connection::dispatchMessage(IPC::Decoder&) (WebKit/WebKitBuild/Debug/WebKit.framework/Versions/A/WebKit+0x226f1a)
    #96 0x10e9b5544 in IPC::Connection::dispatchMessage(std::__1::unique_ptr<IPC::Decoder, std::__1::default_delete<IPC::Decoder> >) (WebKit/WebKitBuild/Debug/WebKit.framework/Versions/A/WebKit+0x20b544)
    #97 0x10e9d1c05 in IPC::Connection::dispatchOneMessage() (WebKit/WebKitBuild/Debug/WebKit.framework/Versions/A/WebKit+0x227c05)
    #98 0x10ea1285c in IPC::Connection::enqueueIncomingMessage(std::__1::unique_ptr<IPC::Decoder, std::__1::default_delete<IPC::Decoder> >)::$_14::operator()() (WebKit/WebKitBuild/Debug/WebKit.framework/Versions/A/WebKit+0x26885c)
    #99 0x10ea12788 in WTF::Function<void ()>::CallableWrapper<IPC::Connection::enqueueIncomingMessage(std::__1::unique_ptr<IPC::Decoder, std::__1::default_delete<IPC::Decoder> >)::$_14>::call() (WebKit/WebKitBuild/Debug/WebKit.framework/Versions/A/WebKit+0x268788)
    #100 0x1362a7980 in WTF::Function<void ()>::operator()() const (WebKit/WebKitBuild/Debug/JavaScriptCore.framework/Versions/A/JavaScriptCore+0x3817980)
    #101 0x1362f6266 in WTF::RunLoop::performWork() (WebKit/WebKitBuild/Debug/JavaScriptCore.framework/Versions/A/JavaScriptCore+0x3866266)
    #102 0x1362f73a1 in WTF::RunLoop::performWork(void*) (WebKit/WebKitBuild/Debug/JavaScriptCore.framework/Versions/A/JavaScriptCore+0x38673a1)
    #103 0x7fff90bdc980 in __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ (/System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation+0xa7980)
    #104 0x7fff90bbda7c in __CFRunLoopDoSources0 (/System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation+0x88a7c)
    #105 0x7fff90bbcf75 in __CFRunLoopRun (/System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation+0x87f75)
    #106 0x7fff90bbc973 in CFRunLoopRunSpecific (/System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation+0x87973)
    #107 0x7fff90148a5b in RunCurrentEventLoopInMode (/System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/HIToolbox.framework/Versions/A/HIToolbox+0x30a5b)
    #108 0x7fff90148890 in ReceiveNextEventCommon (/System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/HIToolbox.framework/Versions/A/HIToolbox+0x30890)
    #109 0x7fff901486c5 in _BlockUntilNextEventMatchingListInModeWithFilter (/System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/HIToolbox.framework/Versions/A/HIToolbox+0x306c5)
    #110 0x7fff8e6ee5b3 in _DPSNextEvent (/System/Library/Frameworks/AppKit.framework/Versions/C/AppKit+0x475b3)
    #111 0x7fff8ee68d6a in -[NSApplication(NSEvent) _nextEventMatchingEventMask:untilDate:inMode:dequeue:] (/System/Library/Frameworks/AppKit.framework/Versions/C/AppKit+0x7c1d6a)
    #112 0x7fff8e6e2f34 in -[NSApplication run] (/System/Library/Frameworks/AppKit.framework/Versions/C/AppKit+0x3bf34)
    #113 0x7fff8e6ad84f in NSApplicationMain (/System/Library/Frameworks/AppKit.framework/Versions/C/AppKit+0x684f)
    #114 0x7fffa636e8c6 in _xpc_objc_main (/usr/lib/system/libxpc.dylib+0x108c6)
    #115 0x7fffa636d2e3 in xpc_main (/usr/lib/system/libxpc.dylib+0xf2e3)
    #116 0x10e797fb2 in main (WebKit/WebKitBuild/Debug/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent.Development+0x100001fb2)
    #117 0x7fffa610a254 in start (/usr/lib/system/libdyld.dylib+0x5254)

AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV (WebKit/WebKitBuild/Debug/JavaScriptCore.framework/Versions/A/JavaScriptCore+0x3793a68) in WTFCrash
==89606==ABORTING
#CRASHED - com.apple.WebKit.WebContent.Development (pid 89606)
LEAK: 1 WebProcessPool
LEAK: 1 WebPageProxy

Comment 1 Myles C. Maxfield 2021-08-11 00:08:06 PDT

I can't reproduce this. This bug is 4 years old - can you verify that it still happens?