214000 – ASSERTION FAILED: document.renderView() in MediaQueryEvaluator::mediaAttributeMatches loading chonkit.app

Bug 214000 - ASSERTION FAILED: document.renderView() in MediaQueryEvaluator::mediaAttributeMatches loading chonkit.app

Summary: ASSERTION FAILED: document.renderView() in MediaQueryEvaluator::mediaAttribut...

Status:	NEW

Alias:	None

Product:	WebKit
Classification:	Unclassified
Component:	CSS (show other bugs)
Version:	Safari Technology Preview
Hardware:	Unspecified Unspecified

Importance:	P2 Normal
Assignee:	Nobody

URL:	https://chonkit.app/
Keywords:	InRadar

Depends on:
Blocks:

Reported:	2020-07-06 13:01 PDT by Simon Fraser (smfr)
Modified:	2020-08-26 22:29 PDT (History)
CC List:	4 users (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Simon Fraser (smfr) 2020-07-06 13:01:13 PDT

ASSERTION FAILED: document.renderView()
./css/MediaQueryEvaluator.cpp(909) : static bool WebCore::MediaQueryEvaluator::mediaAttributeMatches(WebCore::Document &, const WTF::String &)
1   0x52142ae39 WTFCrash
2   0x5056f451b WTFCrashWithInfo(int, char const*, char const*, int)
3   0x507e65859 WebCore::MediaQueryEvaluator::mediaAttributeMatches(WebCore::Document&, WTF::String const&)
4   0x508b535e5 WebCore::LinkLoader::preloadIfNeeded(WebCore::LinkLoadParameters const&, WebCore::Document&, WebCore::LinkLoader*)
5   0x508b52b6a WebCore::LinkLoader::loadLinksFromHeader(WTF::String const&, WTF::URL const&, WebCore::Document&, WebCore::LinkLoader::MediaAttributeCheck)
6   0x508babde8 WebCore::SubresourceLoader::didReceiveResponse(WebCore::ResourceResponse const&, WTF::CompletionHandler<void ()>&&)
7   0x4f95e77bc WebKit::WebResourceLoader::didReceiveResponse(WebCore::ResourceResponse const&, bool)
8   0x4f9bcbf7e void IPC::callMemberFunctionImpl<WebKit::WebResourceLoader, void (WebKit::WebResourceLoader::*)(WebCore::ResourceResponse const&, bool), std::__1::tuple<WebCore::ResourceResponse, bool>, 0ul, 1ul>(WebKit::WebResourceLoader*, void (WebKit::WebResourceLoader::*)(WebCore::ResourceResponse const&, bool), std::__1::tuple<WebCore::ResourceResponse, bool>&&, std::__1::integer_sequence<unsigned long, 0ul, 1ul>)
9   0x4f9bcbeb0 void IPC::callMemberFunction<WebKit::WebResourceLoader, void (WebKit::WebResourceLoader::*)(WebCore::ResourceResponse const&, bool), std::__1::tuple<WebCore::ResourceResponse, bool>, std::__1::integer_sequence<unsigned long, 0ul, 1ul> >(std::__1::tuple<WebCore::ResourceResponse, bool>&&, WebKit::WebResourceLoader*, void (WebKit::WebResourceLoader::*)(WebCore::ResourceResponse const&, bool))
10  0x4f9bc9cfe void IPC::handleMessage<Messages::WebResourceLoader::DidReceiveResponse, WebKit::WebResourceLoader, void (WebKit::WebResourceLoader::*)(WebCore::ResourceResponse const&, bool)>(IPC::Decoder&, WebKit::WebResourceLoader*, void (WebKit::WebResourceLoader::*)(WebCore::ResourceResponse const&, bool))
11  0x4f9bc96c6 WebKit::WebResourceLoader::didReceiveWebResourceLoaderMessage(IPC::Connection&, IPC::Decoder&)
12  0x4f95acf00 WebKit::NetworkProcessConnection::didReceiveMessage(IPC::Connection&, IPC::Decoder&)
13  0x4f8075a8f IPC::Connection::dispatchMessage(IPC::Decoder&)
14  0x4f80763c0 IPC::Connection::dispatchMessage(std::__1::unique_ptr<IPC::Decoder, std::__1::default_delete<IPC::Decoder> >)
15  0x4f8076a20 IPC::Connection::dispatchOneIncomingMessage()
16  0x4f80952fe IPC::Connection::enqueueIncomingMessage(std::__1::unique_ptr<IPC::Decoder, std::__1::default_delete<IPC::Decoder> >)::$_7::operator()()
17  0x4f809520e WTF::Detail::CallableWrapper<IPC::Connection::enqueueIncomingMessage(std::__1::unique_ptr<IPC::Decoder, std::__1::default_delete<IPC::Decoder> >)::$_7, void>::call()
18  0x521452822 WTF::Function<void ()>::operator()() const
19  0x5214c3358 WTF::RunLoop::performWork()
20  0x5214c3d21 WTF::RunLoop::performWork(void*)
21  0x7fff359e9f12 __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__
22  0x7fff359e9eb1 __CFRunLoopDoSource0
23  0x7fff359e9ccb __CFRunLoopDoSources0
24  0x7fff359e89fa __CFRunLoopRun
25  0x7fff359e7ffe CFRunLoopRunSpecific
26  0x7fff3807c2a8 -[NSRunLoop(NSRunLoop) runMode:beforeDate:]
27  0x7fff3812ed2f -[NSRunLoop(NSRunLoop) run]
28  0x7fff6fbeb51a _xpc_objc_main.cold.4
29  0x7fff6fbeb460 _xpc_objc_main
30  0x7fff6fbeaf93 _xpc_copy_xpcservice_dictionary
31  0x4f8866085 WebKit::XPCServiceMain(int, char const**)

Comment 1 Radar WebKit Bug Importer 2020-07-06 13:01:41 PDT

<rdar://problem/65144546>

Comment 2 Tyler Wilcock 2020-08-26 22:29:52 PDT

I can't reproduce this with Safari Version 13.1.2 (15609.3.5.1.3), but can running the GTK mini-browser built from commit hash https://github.com/WebKit/webkit/commit/271d9289eac9aea2e2ba04f4520ef20317c16bb7.  At least, I can reproduce _a_ crash in the mini-browser...I'm not seeing the backtrace dumped to stdout, so I'm not sure it's exactly this same thing.