Bug 124375

Summary: ASSERTION FAILED: rangesIntersect(m_renderer.pixelSnappedLogicalTopForFloat(floatingObject), m_renderer.pixelSnappedLogicalBottomForFloat(floatingObject), m_lineTop, m_lineBottom) ../../Source/WebCore/rendering/FloatingObjects.cpp(463)
Product: WebKit Reporter: Bem Jones-Bey <bjonesbe>
Component: Layout and RenderingAssignee: Bem Jones-Bey <bjonesbe>
Status: RESOLVED FIXED    
Severity: Normal CC: commit-queue, esprehn+autocc, glenn, kondapallykalyan, simon.fraser, svillar
Priority: P2    
Version: 528+ (Nightly build)   
Hardware: Unspecified   
OS: Unspecified   
Attachments:
Description Flags
Patch none

Bem Jones-Bey
Reported 2013-11-14 12:16:43 PST
From Sergio Villar Senin: I'm constantly hitting this in debug builds (I'm running webkitgtk r159276). Just opening http://www.igalia.com makes the webprocess crash ASSERTION FAILED: rangesIntersect(m_renderer.pixelSnappedLogicalTopForFloat(floatingObject), m_renderer.pixelSnappedLogicalBottomForFloat(floatingObject), m_lineTop, m_lineBottom) ../../Source/WebCore/rendering/FloatingObjects.cpp(463) : void WebCore::ComputeFloatOffsetAdapter<FloatTypeValue>::collectIfNeeded(const IntervalType&) [with WebCore::FloatingObject::Type FloatTypeValue = (WebCore::FloatingObject::Type)1u; WebCore::ComputeFloatOffsetAdapter<FloatTypeValue>::IntervalType = WebCore::PODInterval<WebCore::LayoutUnit, WebCore::FloatingObject*>] 1 0x7f624149365e /opt/WebKit/WebKitBuild/Debug/.libs/libjavascriptcoregtk-3.0.so.0(WTFCrash+0x1e) [0x7f624149365e] 2 0x7f623d1af414 /opt/WebKit/WebKitBuild/Debug/.libs/libwebkit2gtk-3.0.so.25(+0x2428414) [0x7f623d1af414] 3 0x7f623d1ad116 /opt/WebKit/WebKitBuild/Debug/.libs/libwebkit2gtk-3.0.so.25(+0x2426116) [0x7f623d1ad116] 4 0x7f623d1ad174 /opt/WebKit/WebKitBuild/Debug/.libs/libwebkit2gtk-3.0.so.25(+0x2426174) [0x7f623d1ad174] 5 0x7f623d1ab50a /opt/WebKit/WebKitBuild/Debug/.libs/libwebkit2gtk-3.0.so.25(+0x242450a) [0x7f623d1ab50a] 6 0x7f623d1a9881 /opt/WebKit/WebKitBuild/Debug/.libs/libwebkit2gtk-3.0.so.25(_ZN7WebCore15FloatingObjects36logicalLeftOffsetForPositioningFloatENS_10LayoutUnitES1_PS1_+0x51) [0x7f623d1a9881] 7 0x7f623d21fb89 /opt/WebKit/WebKitBuild/Debug/.libs/libwebkit2gtk-3.0.so.25(_ZNK7WebCore15RenderBlockFlow36logicalLeftOffsetForPositioningFloatENS_10LayoutUnitES1_bPS1_+0x8b) [0x7f623d21fb89] 8 0x7f623d21ffad /opt/WebKit/WebKitBuild/Debug/.libs/libwebkit2gtk-3.0.so.25(_ZNK7WebCore15RenderBlockFlow30computeLogicalLocationForFloatEPKNS_14FloatingObjectENS_10LayoutUnitE+0x363) [0x7f623d21ffad] 9 0x7f623d2206f6 /opt/WebKit/WebKitBuild/Debug/.libs/libwebkit2gtk-3.0.so.25(_ZN7WebCore15RenderBlockFlow17positionNewFloatsEv+0x370) [0x7f623d2206f6] 10 0x7f623d239b15 /opt/WebKit/WebKitBuild/Debug/.libs/libwebkit2gtk-3.0.so.25(_ZN7WebCore15RenderBlockFlow22positionNewFloatOnLineEPNS_14FloatingObjectES2_RNS_8LineInfoERNS_9LineWidthE+0x3d) [0x7f623d239b15] 11 0x7f623d237111 /opt/WebKit/WebKitBuild/Debug/.libs/libwebkit2gtk-3.0.so.25(_ZN7WebCore11LineBreaker21skipLeadingWhitespaceERNS_12BidiResolverINS_14InlineIteratorENS_7BidiRunEEERNS_8LineInfoEPNS_14FloatingObjectERNS_9LineWidthE+0x22d) [0x7f623d237111] 12 0x7f623d238c2d /opt/WebKit/WebKitBuild/Debug/.libs/libwebkit2gtk-3.0.so.25(_ZN7WebCore11LineBreaker16nextSegmentBreakERNS_12BidiResolverINS_14InlineIteratorENS_7BidiRunEEERNS_8LineInfoERNS_14RenderTextInfoEPNS_14FloatingObjectEjRN3WTF6VectorINS_15WordMeasurementELm64ENSC_15CrashOnOverflowEEE+0x14d) [0x7f623d238c2d] 13 0x7f623d237eab /opt/WebKit/WebKitBuild/Debug/.libs/libwebkit2gtk-3.0.so.25(_ZN7WebCore11LineBreaker13nextLineBreakERNS_12BidiResolverINS_14InlineIteratorENS_7BidiRunEEERNS_8LineInfoERNS_14RenderTextInfoEPNS_14FloatingObjectEjRN3WTF6VectorINS_15WordMeasurementELm64ENSC_15CrashOnOverflowEEE+0xb7) [0x7f623d237eab] 14 0x7f623d232cb7 /opt/WebKit/WebKitBuild/Debug/.libs/libwebkit2gtk-3.0.so.25(_ZN7WebCore15RenderBlockFlow26layoutRunsAndFloatsInRangeERNS_15LineLayoutStateERNS_12BidiResolverINS_14InlineIteratorENS_7BidiRunEEERKS4_RKNS_10BidiStatusEj+0x553) [0x7f623d232cb7] 15 0x7f623d23164e /opt/WebKit/WebKitBuild/Debug/.libs/libwebkit2gtk-3.0.so.25(_ZN7WebCore15RenderBlockFlow19layoutRunsAndFloatsERNS_15LineLayoutStateEb+0x40e) [0x7f623d23164e] 16 0x7f623d234c94 /opt/WebKit/WebKitBuild/Debug/.libs/libwebkit2gtk-3.0.so.25(_ZN7WebCore15RenderBlockFlow15layoutLineBoxesEbRNS_10LayoutUnitES2_+0x676) [0x7f623d234c94] 17 0x7f623d218ba8 /opt/WebKit/WebKitBuild/Debug/.libs/libwebkit2gtk-3.0.so.25(_ZN7WebCore15RenderBlockFlow20layoutInlineChildrenEbRNS_10LayoutUnitES2_+0xc8) [0x7f623d218ba8] 18 0x7f623d217ef9 /opt/WebKit/WebKitBuild/Debug/.libs/libwebkit2gtk-3.0.so.25(_ZN7WebCore15RenderBlockFlow11layoutBlockEbNS_10LayoutUnitE+0x401) [0x7f623d217ef9] 19 0x7f623d1e70ed /opt/WebKit/WebKitBuild/Debug/.libs/libwebkit2gtk-3.0.so.25(_ZN7WebCore11RenderBlock6layoutEv+0x77) [0x7f623d1e70ed] 20 0x7f623d1b3b2b /opt/WebKit/WebKitBuild/Debug/.libs/libwebkit2gtk-3.0.so.25(+0x242cb2b) [0x7f623d1b3b2b] 21 0x7f623d21f5c0 /opt/WebKit/WebKitBuild/Debug/.libs/libwebkit2gtk-3.0.so.25(_ZN7WebCore15RenderBlockFlow20insertFloatingObjectERNS_9RenderBoxE+0x216) [0x7f623d21f5c0] 22 0x7f623d2370f0 /opt/WebKit/WebKitBuild/Debug/.libs/libwebkit2gtk-3.0.so.25(_ZN7WebCore11LineBreaker21skipLeadingWhitespaceERNS_12BidiResolverINS_14InlineIteratorENS_7BidiRunEEERNS_8LineInfoEPNS_14FloatingObjectERNS_9LineWidthE+0x20c) [0x7f623d2370f0] 23 0x7f623d238c2d /opt/WebKit/WebKitBuild/Debug/.libs/libwebkit2gtk-3.0.so.25(_ZN7WebCore11LineBreaker16nextSegmentBreakERNS_12BidiResolverINS_14InlineIteratorENS_7BidiRunEEERNS_8LineInfoERNS_14RenderTextInfoEPNS_14FloatingObjectEjRN3WTF6VectorINS_15WordMeasurementELm64ENSC_15CrashOnOverflowEEE+0x14d) [0x7f623d238c2d] 24 0x7f623d237eab /opt/WebKit/WebKitBuild/Debug/.libs/libwebkit2gtk-3.0.so.25(_ZN7WebCore11LineBreaker13nextLineBreakERNS_12BidiResolverINS_14InlineIteratorENS_7BidiRunEEERNS_8LineInfoERNS_14RenderTextInfoEPNS_14FloatingObjectEjRN3WTF6VectorINS_15WordMeasurementELm64ENSC_15CrashOnOverflowEEE+0xb7) [0x7f623d237eab] 25 0x7f623d232cb7 /opt/WebKit/WebKitBuild/Debug/.libs/libwebkit2gtk-3.0.so.25(_ZN7WebCore15RenderBlockFlow26layoutRunsAndFloatsInRangeERNS_15LineLayoutStateERNS_12BidiResolverINS_14InlineIteratorENS_7BidiRunEEERKS4_RKNS_10BidiStatusEj+0x553) [0x7f623d232cb7] 26 0x7f623d23164e /opt/WebKit/WebKitBuild/Debug/.libs/libwebkit2gtk-3.0.so.25(_ZN7WebCore15RenderBlockFlow19layoutRunsAndFloatsERNS_15LineLayoutStateEb+0x40e) [0x7f623d23164e] 27 0x7f623d234c94 /opt/WebKit/WebKitBuild/Debug/.libs/libwebkit2gtk-3.0.so.25(_ZN7WebCore15RenderBlockFlow15layoutLineBoxesEbRNS_10LayoutUnitES2_+0x676) [0x7f623d234c94] 28 0x7f623d218ba8 /opt/WebKit/WebKitBuild/Debug/.libs/libwebkit2gtk-3.0.so.25(_ZN7WebCore15RenderBlockFlow20layoutInlineChildrenEbRNS_10LayoutUnitES2_+0xc8) [0x7f623d218ba8] 29 0x7f623d217ef9 /opt/WebKit/WebKitBuild/Debug/.libs/libwebkit2gtk-3.0.so.25(_ZN7WebCore15RenderBlockFlow11layoutBlockEbNS_10LayoutUnitE+0x401) [0x7f623d217ef9] 30 0x7f623d1e70ed /opt/WebKit/WebKitBuild/Debug/.libs/libwebkit2gtk-3.0.so.25(_ZN7WebCore11RenderBlock6layoutEv+0x77) [0x7f623d1e70ed] 31 0x7f623d218f7b /opt/WebKit/WebKitBuild/Debug/.libs/libwebkit2gtk-3.0.so.25(_ZN7WebCore15RenderBlockFlow16layoutBlockChildERNS_9RenderBoxERNS0_10MarginInfoERNS_10LayoutUnitES6_+0x3d1) [0x7f623d218f7b]
Attachments
Patch (2.74 KB, patch)
2013-11-14 12:49 PST, Bem Jones-Bey 		no flags
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Bem Jones-Bey
Comment 1 2013-11-14 12:18:26 PST
This was caused by my patch for bug 124207, I missed changing this assert, it shouldn't be using the pixel snapped coordinates anymore. Fix forthcoming.
Bem Jones-Bey
Comment 2 2013-11-14 12:49:05 PST
Created attachment 216968 [details] Patch
Alexandru Chiculita
Comment 3 2013-11-14 17:08:49 PST
Comment on attachment 216968 [details] Patch r=me
WebKit Commit Bot
Comment 4 2013-11-14 17:32:38 PST
Comment on attachment 216968 [details] Patch Clearing flags on attachment: 216968 Committed r159324: <http://trac.webkit.org/changeset/159324>
WebKit Commit Bot
Comment 5 2013-11-14 17:32:40 PST
All reviewed patches have been landed. Closing bug.
Simon Fraser (smfr)
Comment 6 2014-05-08 19:24:55 PDT
Still seeing assertions here: bug 132725.
Note You need to log in before you can comment on or make changes to this bug.