Bug 128904

Summary: [GTK] ASSERTION FAILED: hasClass()
Product: WebKit Reporter: Piotr Grad <piotr.grad>
Component: WebCore Misc.Assignee: Nobody <webkit-unassigned>
Status: RESOLVED DUPLICATE    
Severity: Normal    
Priority: P2    
Version: 528+ (Nightly build)   
Hardware: Unspecified   
OS: Unspecified   
Attachments:
Description Flags
Patch
andersca: review-
Patch.txt
andersca: review-
Patch none

Description Piotr Grad 2014-02-17 05:38:09 PST 
ASSERTION FAILED: hasClass()
../../Source/WebCore/dom/Element.h(771) : const WebCore::SpaceSplitString& WebCore::Element::classNames() const
1   0x7fffef0980d6 .../WebKitBuild/Debug/.libs/libjavascriptcoregtk-3.0.so.0(WTFCrash+0x1e) [0x7fffef0980d6]
2   0x7ffff3054e6f .../WebKitBuild/Debug/.libs/libwebkitgtk-3.0.so.0(+0x1ad4e6f) [0x7ffff3054e6f]
3   0x7ffff42046ee .../WebKitBuild/Debug/.libs/libwebkitgtk-3.0.so.0(+0x2c846ee) [0x7ffff42046ee]
4   0x7ffff4205c4f .../WebKitBuild/Debug/.libs/libwebkitgtk-3.0.so.0(_ZN7WebCore14RenderThemeGtk20paintMediaPlayButtonEPNS_12RenderObjectERKNS_9PaintInfoERKNS_7IntRectE+0x6d) [0x7ffff4205c4f]
5   0x7ffff396445d .../WebKitBuild/Debug/.libs/libwebkitgtk-3.0.so.0(_ZN7WebCore11RenderTheme5paintEPNS_12RenderObjectERKNS_9PaintInfoERKNS_7IntRectE+0x273) [0x7ffff396445d]
6   0x7ffff3801384 .../WebKitBuild/Debug/.libs/libwebkitgtk-3.0.so.0(_ZN7WebCore9RenderBox19paintBoxDecorationsERNS_9PaintInfoERKNS_11LayoutPointE+0x214) [0x7ffff3801384]
7   0x7ffff37a269f .../WebKitBuild/Debug/.libs/libwebkitgtk-3.0.so.0(_ZN7WebCore11RenderBlock11paintObjectERNS_9PaintInfoERKNS_11LayoutPointE+0x1fb) [0x7ffff37a269f]
8   0x7ffff3803713 .../WebKitBuild/Debug/.libs/libwebkitgtk-3.0.so.0(_ZN7WebCore9RenderBox16pushContentsClipERNS_9PaintInfoERKNS_11LayoutPointE+0x111) [0x7ffff3803713]
9   0x7ffff37a019d .../WebKitBuild/Debug/.libs/libwebkitgtk-3.0.so.0(_ZN7WebCore11RenderBlock5paintERNS_9PaintInfoERKNS_11LayoutPointE+0x17b) [0x7ffff37a019d]
10  0x7ffff37a208f .../WebKitBuild/Debug/.libs/libwebkitgtk-3.0.so.0(_ZN7WebCore11RenderBlock10paintChildERNS_9RenderBoxERNS_9PaintInfoERKNS_11LayoutPointES4_b+0x3d7) [0x7ffff37a208f]
11  0x7ffff3854b37 .../WebKitBuild/Debug/.libs/libwebkitgtk-3.0.so.0(_ZN7WebCore17RenderFlexibleBox13paintChildrenERNS_9PaintInfoERKNS_11LayoutPointES2_b+0x5d) [0x7ffff3854b37]
12  0x7ffff37a1c32 .../WebKitBuild/Debug/.libs/libwebkitgtk-3.0.so.0(_ZN7WebCore11RenderBlock13paintContentsERNS_9PaintInfoERKNS_11LayoutPointE+0x166) [0x7ffff37a1c32]
13  0x7ffff37a286d .../WebKitBuild/Debug/.libs/libwebkitgtk-3.0.so.0(_ZN7WebCore11RenderBlock11paintObjectERNS_9PaintInfoERKNS_11LayoutPointE+0x3c9) [0x7ffff37a286d]
14  0x7ffff37a01c1 .../WebKitBuild/Debug/.libs/libwebkitgtk-3.0.so.0(_ZN7WebCore11RenderBlock5paintERNS_9PaintInfoERKNS_11LayoutPointE+0x19f) [0x7ffff37a01c1]
15  0x7ffff38a9cd3 .../WebKitBuild/Debug/.libs/libwebkitgtk-3.0.so.0(_ZN7WebCore11RenderLayer36paintForegroundForFragmentsWithPhaseENS_10PaintPhaseERKN3WTF6VectorINS_13LayerFragmentELm1ENS2_15CrashOnOverflowEEEPNS_15GraphicsContextERKNS0_17LayerPaintingInfoEjPNS_12RenderObjectE+0x2b7) [0x7ffff38a9cd3]
16  0x7ffff38a987f .../WebKitBuild/Debug/.libs/libwebkitgtk-3.0.so.0(_ZN7WebCore11RenderLayer27paintForegroundForFragmentsERKN3WTF6VectorINS_13LayerFragmentELm1ENS1_15CrashOnOverflowEEEPNS_15GraphicsContextES9_RKNS_10LayoutRectEbRKNS0_17LayerPaintingInfoEjPNS_12RenderObjectEbb+0x1ef) [0x7ffff38a987f]
17  0x7ffff38a81d8 .../WebKitBuild/Debug/.libs/libwebkitgtk-3.0.so.0(_ZN7WebCore11RenderLayer18paintLayerContentsEPNS_15GraphicsContextERKNS0_17LayerPaintingInfoEj+0x754) [0x7ffff38a81d8]
18  0x7ffff38a72ca .../WebKitBuild/Debug/.libs/libwebkitgtk-3.0.so.0(_ZN7WebCore11RenderLayer31paintLayerContentsAndReflectionEPNS_15GraphicsContextERKNS0_17LayerPaintingInfoEj+0x108) [0x7ffff38a72ca]
19  0x7ffff38a7192 .../WebKitBuild/Debug/.libs/libwebkitgtk-3.0.so.0(_ZN7WebCore11RenderLayer10paintLayerEPNS_15GraphicsContextERKNS0_17LayerPaintingInfoEj+0x69e) [0x7ffff38a7192]
20  0x7ffff38a8869 .../WebKitBuild/Debug/.libs/libwebkitgtk-3.0.so.0(_ZN7WebCore11RenderLayer9paintListEPN3WTF6VectorIPS0_Lm0ENS1_15CrashOnOverflowEEEPNS_15GraphicsContextERKNS0_17LayerPaintingInfoEj+0xaf) [0x7ffff38a8869]
21  0x7ffff38a829b .../WebKitBuild/Debug/.libs/libwebkitgtk-3.0.so.0(_ZN7WebCore11RenderLayer18paintLayerContentsEPNS_15GraphicsContextERKNS0_17LayerPaintingInfoEj+0x817) [0x7ffff38a829b]
22  0x7ffff38a72ca .../WebKitBuild/Debug/.libs/libwebkitgtk-3.0.so.0(_ZN7WebCore11RenderLayer31paintLayerContentsAndReflectionEPNS_15GraphicsContextERKNS0_17LayerPaintingInfoEj+0x108) [0x7ffff38a72ca]
23  0x7ffff38a7192 .../WebKitBuild/Debug/.libs/libwebkitgtk-3.0.so.0(_ZN7WebCore11RenderLayer10paintLayerEPNS_15GraphicsContextERKNS0_17LayerPaintingInfoEj+0x69e) [0x7ffff38a7192]
24  0x7ffff38a8869 .../WebKitBuild/Debug/.libs/libwebkitgtk-3.0.so.0(_ZN7WebCore11RenderLayer9paintListEPN3WTF6VectorIPS0_Lm0ENS1_15CrashOnOverflowEEEPNS_15GraphicsContextERKNS0_17LayerPaintingInfoEj+0xaf) [0x7ffff38a8869]
25  0x7ffff38a829b .../WebKitBuild/Debug/.libs/libwebkitgtk-3.0.so.0(_ZN7WebCore11RenderLayer18paintLayerContentsEPNS_15GraphicsContextERKNS0_17LayerPaintingInfoEj+0x817) [0x7ffff38a829b]
26  0x7ffff38a72ca .../WebKitBuild/Debug/.libs/libwebkitgtk-3.0.so.0(_ZN7WebCore11RenderLayer31paintLayerContentsAndReflectionEPNS_15GraphicsContextERKNS0_17LayerPaintingInfoEj+0x108) [0x7ffff38a72ca]
27  0x7ffff38a7192 .../WebKitBuild/Debug/.libs/libwebkitgtk-3.0.so.0(_ZN7WebCore11RenderLayer10paintLayerEPNS_15GraphicsContextERKNS0_17LayerPaintingInfoEj+0x69e) [0x7ffff38a7192]
28  0x7ffff38a6308 .../WebKitBuild/Debug/.libs/libwebkitgtk-3.0.so.0(_ZN7WebCore11RenderLayer5paintEPNS_15GraphicsContextERKNS_10LayoutRectEjPNS_12RenderObjectEPNS_12RenderRegionEj+0x106) [0x7ffff38a6308]
29  0x7ffff36d1f7e .../WebKitBuild/Debug/.libs/libwebkitgtk-3.0.so.0(_ZN7WebCore9FrameView13paintContentsEPNS_15GraphicsContextERKNS_7IntRectE+0x46c) [0x7ffff36d1f7e]
30  0x7ffff3f8118b .../WebKitBuild/Debug/.libs/libwebkitgtk-3.0.so.0(_ZN7WebCore10ScrollView5paintEPNS_15GraphicsContextERKNS_7IntRectE+0x2ed) [0x7ffff3f8118b]
31  0x7ffff2bf49fe .../WebKitBuild/Debug/.libs/libwebkitgtk-3.0.so.0(+0x16749fe) [0x7ffff2bf49fe]
Comment 1 Piotr Grad 2014-02-17 05:48:37 PST 
Created attachment 224360 [details]
Patch
Comment 2 Anders Carlsson 2014-02-17 11:20:47 PST 
Comment on attachment 224360 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=224360&action=review

> Source/WebCore/platform/gtk/RenderThemeGtk.cpp:114
>  static bool nodeHasClass(Node* node, const char* className)

I think this should take a const Node& since it can never be null (You'd have to change the call sites as well). The same thing is true for nodeHasPseudo but that doesn't have to be in this patch.

> Source/WebCore/platform/gtk/RenderThemeGtk.cpp:116
> -    return node->isElementNode() ? toElement(node)->classNames().contains(className) : false;
> +    return (node->isElementNode() && toElement(node)->hasClass()) ? toElement(node)->classNames().contains(className) : false;

I think this would look better with early returns, something like:

if (!node.isElementNode())
    return false;

const Element& element = toElement(node);
if (!element.hasClass())
    return false;

return element.classNames().contains(className);
Comment 3 Piotr Grad 2014-02-18 04:15:17 PST 
Created attachment 224493 [details]
Patch.txt
Comment 4 Anders Carlsson 2014-02-18 07:50:43 PST 
Comment on attachment 224493 [details]
Patch.txt

View in context: https://bugs.webkit.org/attachment.cgi?id=224493&action=review

> Source/WebCore/platform/gtk/RenderThemeGtk.cpp:122
> +    if (!toElement(&node)->hasClass())
> +        return false;
> +
> +    return toElement(&node)->classNames().contains(className);

As I suggested, please put the element in a local variable here to avoid calling toElement twice (since toElement is a virtual call):

const Element& element = toElement(node);
(or *toElement(*node) if there's no version that takes references).
Comment 5 Piotr Grad 2014-02-18 08:49:00 PST 
Created attachment 224517 [details]
Patch
Comment 6 Piotr Grad 2014-02-18 08:55:19 PST 
Comment on attachment 224517 [details]
Patch

duplicate of https://bugs.webkit.org/show_bug.cgi?id=128820
Comment 7 Piotr Grad 2014-02-18 08:55:55 PST 

*** This bug has been marked as a duplicate of bug 128820 ***