<html>
<head>
<base href="https://bugs.webkit.org/" />
</head>
<body><table border="1" cellspacing="0" cellpadding="8">
<tr>
<th>Bug ID</th>
<td><a class="bz_bug_link
bz_status_NEW "
title="NEW - crash in WebCore::CachedResource::clearLoader"
href="https://bugs.webkit.org/show_bug.cgi?id=156463">156463</a>
</td>
</tr>
<tr>
<th>Summary</th>
<td>crash in WebCore::CachedResource::clearLoader
</td>
</tr>
<tr>
<th>Classification</th>
<td>Unclassified
</td>
</tr>
<tr>
<th>Product</th>
<td>WebKit
</td>
</tr>
<tr>
<th>Version</th>
<td>Safari 9
</td>
</tr>
<tr>
<th>Hardware</th>
<td>iOS
</td>
</tr>
<tr>
<th>OS</th>
<td>iOS 9.3
</td>
</tr>
<tr>
<th>Status</th>
<td>NEW
</td>
</tr>
<tr>
<th>Severity</th>
<td>Critical
</td>
</tr>
<tr>
<th>Priority</th>
<td>P2
</td>
</tr>
<tr>
<th>Component</th>
<td>WebCore Misc.
</td>
</tr>
<tr>
<th>Assignee</th>
<td>webkit-unassigned@lists.webkit.org
</td>
</tr>
<tr>
<th>Reporter</th>
<td>danielo@opera.com
</td>
</tr></table>
<p>
<div>
<pre>WebCore::CachedResource::clearLoader crashes at random with EXC_BAD_ACCESS KERN_INVALID_ADDRESS 0x0000000000000368
This same crash existed before iOS 9.3, but it increased 500%-600% with appearence of 9.3.
The release of 9.3.1 doesn't fix it, we're still getting plenty of those on 9.3.1.
This might be related to <a class="bz_bug_link
bz_status_RESOLVED bz_closed"
title="RESOLVED FIXED - CachedResource::clearLoader() should self-destruct if nothing else retains the CachedResource."
href="show_bug.cgi?id=141568">Bug #141568</a> :
<a class="bz_bug_link
bz_status_RESOLVED bz_closed"
title="RESOLVED FIXED - CachedResource::clearLoader() should self-destruct if nothing else retains the CachedResource."
href="show_bug.cgi?id=141568">https://bugs.webkit.org/show_bug.cgi?id=141568</a>
Exazmple URLs:
<a href="http://hdrezka.me/">http://hdrezka.me/</a>
<a href="http://www.kvartira-lux.ru/objects_sale/live/evropa_sity/">http://www.kvartira-lux.ru/objects_sale/live/evropa_sity/</a>
<a href="http://m.zhihu.com/question/19802351">http://m.zhihu.com/question/19802351</a>
<a href="http://happyflora.ru/view_post3.php?latter=340">http://happyflora.ru/view_post3.php?latter=340</a>
<a href="http://www.xnxx.com/">http://www.xnxx.com/</a> - happens a lot here (maybe because it's a very interesting site and a popular visit place)
...
Example stack:
Thread : Crashed: WebThread
0 WebCore 0x185242e70 WebCore::CachedResource::clearLoader() + 20
1 WebCore 0x185242e48 WebCore::SubresourceLoader::releaseResources() + 40
2 WebCore 0x185242e48 WebCore::SubresourceLoader::releaseResources() + 40
3 WebCore 0x1852453a8 WebCore::ResourceLoader::cancel(WebCore::ResourceError const&) + 528
4 WebCore 0x18524518c WebCore::ResourceLoader::cancel() + 48
5 WebCore 0x1851a4194 WebCore::SubresourceLoader::willSendRequest(WebCore::ResourceRequest&, WebCore::ResourceResponse const&) + 464
6 WebCore 0x18530bdec WebCore::ResourceHandle::willSendRequest(WebCore::ResourceRequest&, WebCore::ResourceResponse const&) + 616
7 WebCore 0x185f14558 WebCore::SynchronousResourceHandleCFURLConnectionDelegate::willSendRequest(_CFURLRequest const*, _CFURLResponse*) + 160
8 CFNetwork 0x181a08050 URLConnectionClient_Classic::_connectionClientInterface_precanonicalizeForSynchronousStart() + 256
9 CFNetwork 0x1818f8378 ClassicURLConnection::start() + 172
10 CFNetwork 0x1818f829c CFURLConnectionStart + 60
11 WebCore 0x1851a6094 WebCore::ResourceHandle::start() + 312
12 WebCore 0x1851a59d4 WebCore::ResourceHandle::create(WebCore::NetworkingContext*, WebCore::ResourceRequest const&, WebCore::ResourceHandleClient*, bool, bool) + 444
13 WebCore 0x1851a54c4 WebCore::ResourceLoader::start() + 336
14 WebCore 0x1851a3b6c WebCore::SubresourceLoader::startLoading() + 412
15 WebCore 0x1851a3954 WebCore::ResourceLoadScheduler::servePendingRequests(WebCore::ResourceLoadScheduler::HostInformation*, WebCore::ResourceLoadPriority) + 516
16 WebCore 0x185d79d94 WebCore::ResourceLoadScheduler::scheduleSubresourceLoad(WebCore::Frame*, WebCore::CachedResource*, WebCore::ResourceRequest const&, WebCore::ResourceLoaderOptions const&) + 76
17 WebCore 0x1853fb5f8 WebCore::CachedResource::load(WebCore::CachedResourceLoader&, WebCore::ResourceLoaderOptions const&) + 1196
18 WebCore 0x1851a0d48 WebCore::CachedResourceLoader::requestResource(WebCore::CachedResource::Type, WebCore::CachedResourceRequest&) + 2260
19 WebCore 0x1851a0450 WebCore::CachedResourceLoader::requestScript(WebCore::CachedResourceRequest&) + 40
20 WebCore 0x18519f608 WebCore::ScriptElement::requestScript(WTF::String const&) + 1220
21 WebCore 0x18519e770 WebCore::ScriptElement::prepareScript(WTF::TextPosition const&, WebCore::ScriptElement::LegacyTypeSupport) + 616
22 WebCore 0x185d9021c WebCore::ScriptElement::finishedInsertingSubtree() + 28
23 WebCore 0x18543e120 WebCore::ContainerNode::notifyChildInserted(WebCore::Node&, WebCore::ContainerNode::ChildChangeSource) + 316
24 WebCore 0x18543dc58 WebCore::ContainerNode::updateTreeAfterInsertion(WebCore::Node&) + 36
25 WebCore 0x18543d76c WebCore::ContainerNode::insertBefore(WTF::PassRefPtr<WebCore::Node>, WebCore::Node*, int&) + 1148
26 WebCore 0x185bf1378 WebCore::Node::insertBefore(WTF::PassRefPtr<WebCore::Node>, WebCore::Node*, int&) + 60
27 WebCore 0x18519dc40 WebCore::JSNode::insertBefore(JSC::ExecState*) + 120
28 JavaScriptCore 0x184e2e2c0 llint_entry + 25040
29 JavaScriptCore 0x184e2dd44 llint_entry + 23636
30 JavaScriptCore 0x184e2dd44 llint_entry + 23636
31 JavaScriptCore 0x184e27ed8 vmEntryToJavaScript + 312
32 JavaScriptCore 0x184d539fc JSC::JITCode::execute(JSC::VM*, JSC::ProtoCallFrame*) + 180
33 JavaScriptCore 0x1849d9bc4 JSC::Interpreter::execute(JSC::ProgramExecutable*, JSC::ExecState*, JSC::JSObject*) + 8204
34 JavaScriptCore 0x184b32418 JSC::evaluate(JSC::ExecState*, JSC::SourceCode const&, JSC::JSValue, WTF::NakedPtr<JSC::Exception>&) + 440
35 WebCore 0x185d8d29c WebCore::ScriptController::evaluateInWorld(WebCore::ScriptSourceCode const&, WebCore::DOMWrapperWorld&) + 292
36 WebCore 0x1851bd804 WebCore::ScriptElement::executeScript(WebCore::ScriptSourceCode const&) + 340
37 WebCore 0x18519e96c WebCore::ScriptElement::prepareScript(WTF::TextPosition const&, WebCore::ScriptElement::LegacyTypeSupport) + 1124
38 WebCore 0x18523d244 WebCore::HTMLScriptRunner::runScript(WebCore::Element*, WTF::TextPosition const&) + 280
39 WebCore 0x18523d0d0 WebCore::HTMLScriptRunner::execute(WTF::PassRefPtr<WebCore::Element>, WTF::TextPosition const&) + 64
40 WebCore 0x18523cff4 WebCore::HTMLDocumentParser::runScriptsForPausedTreeBuilder() + 76
41 WebCore 0x1851ecae8 WebCore::HTMLDocumentParser::canTakeNextToken(WebCore::HTMLDocumentParser::SynchronousMode, WebCore::PumpSession&) + 108
42 WebCore 0x1851ebc5c WebCore::HTMLDocumentParser::pumpTokenizer(WebCore::HTMLDocumentParser::SynchronousMode) + 456
43 WebCore 0x1852464ac WebCore::HTMLDocumentParser::resumeParsingAfterScriptExecution() + 304
44 WebCore 0x1856cbbd8 non-virtual thunk to WebCore::HTMLDocumentParser::notifyFinished(WebCore::CachedResource*) + 100
45 WebCore 0x1852421f0 WebCore::CachedResource::checkNotify() + 284
46 WebCore 0x185241fbc WebCore::SubresourceLoader::didFinishLoading(double) + 1020
47 CFNetwork 0x18190f500 ___ZN27URLConnectionClient_Classic26_delegate_didFinishLoadingEU13block_pointerFvvE_block_invoke + 100
48 CFNetwork 0x181a032a8 ___ZN27URLConnectionClient_Classic18_withDelegateAsyncEPKcU13block_pointerFvP16_CFURLConnectionPK33CFURLConnectionClientCurrent_VMaxE_block_invoke_2 + 108
49 libdispatch.dylib 0x180d7947c _dispatch_client_callout + 16
50 libdispatch.dylib 0x180d827b8 _dispatch_block_invoke + 540
51 CFNetwork 0x1818fbc6c RunloopBlockContext::_invoke_block(void const*, void*) + 36
52 CoreFoundation 0x18120c73c CFArrayApplyFunction + 68
53 CFNetwork 0x1818fbb50 RunloopBlockContext::perform() + 136
54 CFNetwork 0x1818fba10 MultiplexerSource::perform() + 312
55 CFNetwork 0x1818fb83c MultiplexerSource::_perform(void*) + 68
56 CoreFoundation 0x1812e5124 __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ + 24
57 CoreFoundation 0x1812e4b38 __CFRunLoopDoSources0 + 412
58 CoreFoundation 0x1812e28b8 __CFRunLoopRun + 724
59 CoreFoundation 0x18120cd10 CFRunLoopRunSpecific + 384
60 WebCore 0x1851f6558 RunWebThread(void*) + 456
61 libsystem_pthread.dylib 0x180f93b28 _pthread_body + 156
62 libsystem_pthread.dylib 0x180f93a8c _pthread_body + 154
63 libsystem_pthread.dylib 0x180f91028 thread_start + 4</pre>
</div>
</p>
<hr>
<span>You are receiving this mail because:</span>
<ul>
<li>You are the assignee for the bug.</li>
</ul>
</body>
</html>