13180 2007-03-24 10:00:45 -0700 Another debug build crash from ASSERTION FAILED: !needsLayout() 2007-03-24 15:29:03 -0700 1 1 1 Unclassified WebKit Layout and Rendering 523.x (Safari 3) Mac OS X 10.4 RESOLVED FIXED InRadar P1 Normal --- 1 ddkilzer mitz mitz oldest_to_newest 17643 0 ddkilzer 2007-03-24 10:00:45 -0700 3/23/07 10:22 AM Dave Kilzer: * SUMMARY Found another reproducible case of ASSERTION FAILED: !needsLayout() with WebKit r20436 and Safari 2.0.4 (419.3) on Mac OS X 10.4.9 (8P135). * STEPS TO REPRODUCE 1. Open Safari/WebKit. 2. Open URL: http://ln-s.net/ 3. Paste a URL into the text field. I used this one: http://bugs.webkit.org/buglist.cgi?query_format=advanced&short_desc_type=allwordssubstr&short_desc=&product=WebKit&long_desc_type=substring&long_desc=&bug_file_loc_type=allwordssubstr&bug_file_loc=&keywords_type=allwords&keywords=&priority=P1&emailassigned_to1=1&emailtype1=substring&email1=&emailassigned_to2=1&emailreporter2=1&emailcc2=1&emailtype2=substring&email2=&bugidtype=include&bug_id=&votes=&chfieldfrom=&chfieldto=Now&chfieldvalue=&cmdtype=doit&order=Reuse+same+sort+as+last+time&field0-0-0=keywords&type0-0-0=nowords&value0-0-0=InRadar+NeedsRadar 4. Hit Enter. * EXPECTED RESULTS The form should submit. * ACTUAL RESULTS Safari/WebKit crashes. * REGRESSION This is a regression since r20385. * NOTES See also <http://bugs.webkit.org/show_bug.cgi?id=13155> and <rdar://problem/5082421>. * STACK TRACE Exception: EXC_BAD_ACCESS (0x0001) Codes: KERN_INVALID_ADDRESS (0x0001) at 0xbbadbeef Thread 0 Crashed: 0 com.apple.WebCore 0x011968f4 WebCore::RenderView::paint(WebCore::RenderObject::PaintInfo&, int, int) + 112 (RenderView.cpp:132) 1 com.apple.WebCore 0x011b94d8 WebCore::RenderLayer::paintLayer(WebCore::RenderLayer*, WebCore::GraphicsContext*, WebCore::IntRect const&, bool, WebCore::PaintRestriction, WebCore::RenderObject*) + 1092 (RenderLayer.cpp:1454) 2 com.apple.WebCore 0x011b9a38 WebCore::RenderLayer::paint(WebCore::GraphicsContext*, WebCore::IntRect const&, WebCore::PaintRestriction, WebCore::RenderObject*) + 72 (RenderLayer.cpp:1374) 3 com.apple.WebCore 0x010e40a0 WebCore::Frame::paint(WebCore::GraphicsContext*, WebCore::IntRect const&) + 800 (Frame.cpp:1305) 4 com.apple.WebCore 0x0110ec4c -[WebCoreFrameBridge drawRect:] + 376 (WebCoreFrameBridge.mm:413) 5 com.apple.WebKit 0x0034ff14 -[WebHTMLView drawSingleRect:] + 700 (WebHTMLView.mm:2759) 6 com.apple.WebKit 0x0035038c -[WebHTMLView drawRect:] + 576 (WebHTMLView.mm:2809) 7 com.apple.AppKit 0x937e3858 -[NSView _drawRect:clip:] + 2128 8 com.apple.AppKit 0x937e25fc -[NSView _recursiveDisplayRectIfNeededIgnoringOpacity:isVisibleRect:rectIsVisibleRectForView:topView:] + 736 9 com.apple.WebKit 0x00347424 -[WebHTMLView(WebPrivate) _recursiveDisplayRectIfNeededIgnoringOpacity:isVisibleRect:rectIsVisibleRectForView:topView:] + 524 (WebHTMLView.mm:850) 10 com.apple.AppKit 0x937e29a8 -[NSView _recursiveDisplayRectIfNeededIgnoringOpacity:isVisibleRect:rectIsVisibleRectForView:topView:] + 1676 11 com.apple.AppKit 0x937e29a8 -[NSView _recursiveDisplayRectIfNeededIgnoringOpacity:isVisibleRect:rectIsVisibleRectForView:topView:] + 1676 12 com.apple.AppKit 0x937e29a8 -[NSView _recursiveDisplayRectIfNeededIgnoringOpacity:isVisibleRect:rectIsVisibleRectForView:topView:] + 1676 13 com.apple.AppKit 0x937e29a8 -[NSView _recursiveDisplayRectIfNeededIgnoringOpacity:isVisibleRect:rectIsVisibleRectForView:topView:] + 1676 14 com.apple.AppKit 0x937e29a8 -[NSView _recursiveDisplayRectIfNeededIgnoringOpacity:isVisibleRect:rectIsVisibleRectForView:topView:] + 1676 15 com.apple.AppKit 0x937e29a8 -[NSView _recursiveDisplayRectIfNeededIgnoringOpacity:isVisibleRect:rectIsVisibleRectForView:topView:] + 1676 16 com.apple.AppKit 0x937e29a8 -[NSView _recursiveDisplayRectIfNeededIgnoringOpacity:isVisibleRect:rectIsVisibleRectForView:topView:] + 1676 17 com.apple.AppKit 0x93803044 -[NSThemeFrame _recursiveDisplayRectIfNeededIgnoringOpacity:isVisibleRect:rectIsVisibleRectForView:topView:] + 192 18 com.apple.AppKit 0x937dc054 -[NSView _displayRectIgnoringOpacity:isVisibleRect:rectIsVisibleRectForView:] + 384 19 com.apple.AppKit 0x937d1348 -[NSView displayIfNeeded] + 248 20 com.apple.AppKit 0x937d11b8 -[NSWindow displayIfNeeded] + 180 21 com.apple.Safari 0x0001a5f8 0x1000 + 103928 22 com.apple.WebCore 0x0127fa08 WebCore::ScrollView::updateContents(WebCore::IntRect const&, bool) + 776 (ScrollViewMac.mm:349) 23 com.apple.WebCore 0x010f12ec WebCore::FrameView::repaintRectangle(WebCore::IntRect const&, bool) + 52 (FrameView.cpp:622) 24 com.apple.WebCore 0x01196d78 WebCore::RenderView::repaintViewRectangle(WebCore::IntRect const&, bool) + 220 (RenderView.cpp:185) 25 com.apple.WebCore 0x011c3984 WebCore::RenderObject::repaint(bool) + 288 (RenderObject.cpp:1719) 26 com.apple.WebCore 0x01109db4 WebCore::ContainerNode::setActive(bool, bool) + 472 (ContainerNode.cpp:837) 27 com.apple.WebCore 0x0129067c WebCore::EventTargetNode::dispatchSimulatedClick(WTF::PassRefPtr<WebCore::Event>, bool, bool) + 164 (EventTargetNode.cpp:428) 28 com.apple.WebCore 0x010d5d8c WebCore::HTMLFormElement::submitClick(WebCore::Event*) + 300 (HTMLFormElement.cpp:148) 29 com.apple.WebCore 0x010ceca8 WebCore::HTMLInputElement::defaultEventHandler(WebCore::Event*) + 3356 (HTMLInputElement.cpp:1284) 30 com.apple.WebCore 0x0128f6ec WebCore::EventTargetNode::dispatchGenericEvent(WTF::PassRefPtr<WebCore::Event>, int&, bool) + 2632 (EventTargetNode.cpp:266) 31 com.apple.WebCore 0x01291dbc WebCore::EventTargetNode::dispatchEvent(WTF::PassRefPtr<WebCore::Event>, int&, bool, WebCore::EventTarget*) + 396 (EventTargetNode.cpp:308) 32 com.apple.WebCore 0x01291e50 WebCore::EventTargetNode::dispatchEvent(WTF::PassRefPtr<WebCore::Event>, int&, bool) + 80 (EventTargetNode.cpp:292) 33 com.apple.WebCore 0x014af068 WebCore::EventHandler::handleTextInputEvent(WebCore::String const&, WebCore::Event*, bool, bool) + 488 (EventHandler.cpp:1524) 34 com.apple.WebCore 0x0144ab94 WebCore::execInsertNewline(WebCore::Frame*, WebCore::Event*) + 248 (Editor.cpp:1134) 35 com.apple.WebCore 0x0144f050 WebCore::Editor::execCommand(WebCore::AtomicString const&, WebCore::Event*) + 300 (Editor.cpp:1301) 36 com.apple.WebKit 0x0035fd90 -[WebHTMLView(WebNSTextInputSupport) doCommandBySelector:] + 672 (WebHTMLView.mm:5517) 37 com.apple.WebKit 0x0035faac -[WebHTMLView(WebInternal) _interceptEditingKeyEvent:shouldSaveCommand:] + 644 (WebHTMLView.mm:5280) 38 com.apple.WebKit 0x003c9040 WebEditorClient::handleKeypress(WebCore::KeyboardEvent*) + 228 (WebEditorClient.mm:429) 39 com.apple.WebCore 0x0144a29c WebCore::Editor::handleKeypress(WebCore::KeyboardEvent*) + 164 (Editor.cpp:110) 40 com.apple.WebCore 0x014acb48 WebCore::EventHandler::defaultKeyboardEventHandler(WebCore::KeyboardEvent*) + 1060 (EventHandler.cpp:1315) 41 com.apple.WebCore 0x01292238 WebCore::EventTargetNode::defaultEventHandler(WebCore::Event*) + 308 (EventTargetNode.cpp:583) 42 com.apple.WebCore 0x010ce3c4 WebCore::HTMLInputElement::defaultEventHandler(WebCore::Event*) + 1080 (HTMLInputElement.cpp:1143) 43 com.apple.WebCore 0x0128f6ec WebCore::EventTargetNode::dispatchGenericEvent(WTF::PassRefPtr<WebCore::Event>, int&, bool) + 2632 (EventTargetNode.cpp:266) 44 com.apple.WebCore 0x01291dbc WebCore::EventTargetNode::dispatchEvent(WTF::PassRefPtr<WebCore::Event>, int&, bool, WebCore::EventTarget*) + 396 (EventTargetNode.cpp:308) 45 com.apple.WebCore 0x01291e50 WebCore::EventTargetNode::dispatchEvent(WTF::PassRefPtr<WebCore::Event>, int&, bool) + 80 (EventTargetNode.cpp:292) 46 com.apple.WebCore 0x014acab0 WebCore::EventHandler::defaultKeyboardEventHandler(WebCore::KeyboardEvent*) + 908 (EventHandler.cpp:1308) 47 com.apple.WebCore 0x01292238 WebCore::EventTargetNode::defaultEventHandler(WebCore::Event*) + 308 (EventTargetNode.cpp:583) 48 com.apple.WebCore 0x010ce3c4 WebCore::HTMLInputElement::defaultEventHandler(WebCore::Event*) + 1080 (HTMLInputElement.cpp:1143) 49 com.apple.WebCore 0x0128f6ec WebCore::EventTargetNode::dispatchGenericEvent(WTF::PassRefPtr<WebCore::Event>, int&, bool) + 2632 (EventTargetNode.cpp:266) 50 com.apple.WebCore 0x01291dbc WebCore::EventTargetNode::dispatchEvent(WTF::PassRefPtr<WebCore::Event>, int&, bool, WebCore::EventTarget*) + 396 (EventTargetNode.cpp:308) 51 com.apple.WebCore 0x01291e50 WebCore::EventTargetNode::dispatchEvent(WTF::PassRefPtr<WebCore::Event>, int&, bool) + 80 (EventTargetNode.cpp:292) 52 com.apple.WebCore 0x0128fe18 WebCore::EventTargetNode::dispatchKeyEvent(WebCore::PlatformKeyboardEvent const&) + 260 (EventTargetNode.cpp:370) 53 com.apple.WebCore 0x014a8318 WebCore::EventHandler::keyEvent(WebCore::PlatformKeyboardEvent const&) + 152 (EventHandler.cpp:1274) 54 com.apple.WebCore 0x014a5d6c WebCore::EventHandler::keyEvent(NSEvent*) + 524 (EventHandlerMac.mm:138) 55 com.apple.WebKit 0x003533bc -[WebHTMLView keyDown:] + 400 (WebHTMLView.mm:3419) 56 com.apple.AppKit 0x937f9fa0 -[NSWindow sendEvent:] + 6424 57 com.apple.Safari 0x00021734 0x1000 + 132916 58 com.apple.AppKit 0x937a28d4 -[NSApplication sendEvent:] + 4172 59 com.apple.Safari 0x00021238 0x1000 + 131640 60 com.apple.AppKit 0x93799d10 -[NSApplication run] + 508 61 com.apple.AppKit 0x9388a87c NSApplicationMain + 452 62 com.apple.Safari 0x0005c77c 0x1000 + 374652 63 com.apple.Safari 0x0005c624 0x1000 + 374308 3/23/07 10:31 AM Dave Kilzer: Actually, you can just click in the text field, then hit Enter. There is no need to paste a URL into it. See also Bug 13155. 17644 1 ddkilzer 2007-03-24 10:01:03 -0700 <rdar://problem/5084478> 17645 2 13798 mitz 2007-03-24 10:27:11 -0700 Created attachment 13798 Get the layout root only after style recalc 17496 3 ddkilzer 2007-03-24 14:28:26 -0700 This should really be a P1. 17486 4 ddkilzer 2007-03-24 15:29:03 -0700 Committed revision 20473. 13798 2007-03-24 10:27:11 -0700 2007-03-24 12:08:11 -0700 Get the layout root only after style recalc 13180_r1.patch text/plain 1921 mitz SW5kZXg6IFdlYkNvcmUvQ2hhbmdlTG9nCj09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT0KLS0tIFdlYkNvcmUvQ2hhbmdlTG9n CShyZXZpc2lvbiAyMDQ3MCkKKysrIFdlYkNvcmUvQ2hhbmdlTG9nCSh3b3JraW5nIGNvcHkpCkBA IC0xLDMgKzEsMTggQEAKKzIwMDctMDMtMjQgIE1pdHogUGV0dGVsICA8bWl0ekB3ZWJraXQub3Jn PgorCisgICAgICAgIFJldmlld2VkIGJ5IE5PQk9EWSAoT09QUyEpLgorCisgICAgICAgIC0gZml4 IGh0dHA6Ly9idWdzLndlYmtpdC5vcmcvc2hvd19idWcuY2dpP2lkPTEzMTgwCisgICAgICAgICAg ICAgIDxyZGFyOi8vcHJvYmxlbS81MDg0NDc4PgorICAgICAgICAgIEFub3RoZXIgZGVidWcgYnVp bGQgY3Jhc2ggZnJvbSBBU1NFUlRJT04gRkFJTEVEOiAhbmVlZHNMYXlvdXQoKQorCisgICAgICAg IE5vIHRlc3QgcG9zc2libGUgYmVjYXVzZSB1cGRhdGVSZW5kZXJpbmcoKSBpcyBhbHdheXMgY2Fs bGVkIGFmdGVyIHNjcmlwdAorICAgICAgICBleGVjdXRpb24uCisKKyAgICAgICAgKiBwYWdlL0Zy YW1lVmlldy5jcHA6CisgICAgICAgIChXZWJDb3JlOjpGcmFtZVZpZXc6OmxheW91dCk6IEdldCB0 aGUgbGF5b3V0IHJvb3QgYWZ0ZXIgY2FsbGluZyByZWNhbGNTdHlsZSgpCisgICAgICAgIHNpbmNl IGEgc3R5bGUgcmVjYWxjIG1heSByZXN1bHQgaW4gbmVlZGluZyB0byBkbyBzdGFydCBsYXlvdXQg YXQgdGhlIHJvb3QuCisKIDIwMDctMDMtMjUgIE1hcmsgUm93ZSAgPG1yb3dlQGFwcGxlLmNvbT4K IAogICAgICAgICBGaXggaW5jb3JyZWN0IHJhZGFyIG51bWJlci4KSW5kZXg6IFdlYkNvcmUvcGFn ZS9GcmFtZVZpZXcuY3BwCj09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT0KLS0tIFdlYkNvcmUvcGFnZS9GcmFtZVZpZXcuY3Bw CShyZXZpc2lvbiAyMDQ3MCkKKysrIFdlYkNvcmUvcGFnZS9GcmFtZVZpZXcuY3BwCSh3b3JraW5n IGNvcHkpCkBAIC0zMDMsNyArMzAzLDYgQEAgdm9pZCBGcmFtZVZpZXc6OmxheW91dChib29sIGFs bG93U3VidHJlZQogICAgICAgICBkLT5sYXlvdXRSb290ID0gMDsKICAgICB9CiAKLSAgICBib29s IHN1YnRyZWUgPSBkLT5sYXlvdXRSb290OwogCiAgICAgQVNTRVJUKG1fZnJhbWUtPnZpZXcoKSA9 PSB0aGlzKTsKIApAQCAtMzE0LDcgKzMxMyw2IEBAIHZvaWQgRnJhbWVWaWV3OjpsYXlvdXQoYm9v bCBhbGxvd1N1YnRyZWUKICAgICAgICAgcmV0dXJuOwogICAgIH0KIAotICAgIE5vZGUqIHJvb3RO b2RlID0gc3VidHJlZSA/IGQtPmxheW91dFJvb3QuZ2V0KCkgOiBkb2N1bWVudDsKICAgICBkLT5s YXlvdXRTY2hlZHVsaW5nRW5hYmxlZCA9IGZhbHNlOwogCiAgICAgLy8gQWx3YXlzIGVuc3VyZSBv dXIgc3R5bGUgaW5mbyBpcyB1cC10by1kYXRlLiAgVGhpcyBjYW4gaGFwcGVuIGluIHNpdHVhdGlv bnMgd2hlcmUKQEAgLTMyMiw2ICszMjAsOSBAQCB2b2lkIEZyYW1lVmlldzo6bGF5b3V0KGJvb2wg YWxsb3dTdWJ0cmVlCiAgICAgaWYgKGRvY3VtZW50LT5oYXNDaGFuZ2VkQ2hpbGQoKSkKICAgICAg ICAgZG9jdW1lbnQtPnJlY2FsY1N0eWxlKCk7CiAgICAgCisgICAgYm9vbCBzdWJ0cmVlID0gZC0+ bGF5b3V0Um9vdDsKKyAgICBOb2RlKiByb290Tm9kZSA9IHN1YnRyZWUgPyBkLT5sYXlvdXRSb290 LmdldCgpIDogZG9jdW1lbnQ7CisKICAgICAvLyBJZiB0aGVyZSBpcyBvbmx5IG9uZSByZWYgdG8g dGhpcyB2aWV3IGxlZnQsIHRoZW4gaXRzIGdvaW5nIHRvIGJlIGRlc3Ryb3llZCBhcyBzb29uIGFz IHdlIGV4aXQsIAogICAgIC8vIHNvIHRoZXJlJ3Mgbm8gcG9pbnQgdG8gY29udGludWlpbmcgdG8g bGF5b3V0CiAgICAgaWYgKHByb3RlY3Rvci0+aGFzT25lUmVmKCkpCg==