Bug 13155

Summary:	ASSERTION FAILURE (r20385): !needsLayout() in WebCore::RenderView::paint()
Product:	WebKit	Reporter:	David Kilzer (:ddkilzer) <ddkilzer>
Component:	Layout and Rendering	Assignee:	Nobody <webkit-unassigned>
Status:	RESOLVED FIXED
Severity:	Normal	CC:	bdakin, hyatt
Priority:	P2	Keywords:	InRadar
Version:	523.x (Safari 3)
Hardware:	Mac
OS:	OS X 10.4

David Kilzer (:ddkilzer)

Reported 2007-03-22 04:46:11 PDT

Summary: Assertion failure (!needsLayout()) triggered by Google image results page on debug builds of WebKit. Steps to reproduce: 1. Open debug build of Safari/WebKit. 2. Search for "jpg site:apple.com" on: http://images.google.com/ 3. Click on Windows Media Player image search result: http://images.google.com/imgres?imgurl=http://images.apple.com/downloads/macosx/video/images/windowsmediaplayerformacosx_200311071940.jpg&imgrefurl=http://www.apple.com/downloads/macosx/video/windowsmediaplayerformacosx.html&h=337&w=382&sz=16&hl=en&start=12&tbnid=xpRK4qQ9xPDvuM:&tbnh=109&tbnw=123&prev=/images%3Fq%3Djpg%2Bsite:apple.com%26gbv%3D2%26svnum%3D10%26hl%3Den%26sa%3DG Expected results: Page should render without crashing a debug build. Actual resutls: Page crashes a debug build with an assertion failure. Notes: Something went horribly wrong: http://trac.webkit.org/projects/webkit/changeset/20385#file4 Console output: ASSERTION FAILED: !needsLayout() (/Users/ddkilzer/Projects/Cocoa/WebKit/WebCore/rendering/RenderView.cpp:132 virtual void WebCore::RenderView::paint(WebCore::RenderObject::PaintInfo&, int, int)) Segmentation fault Stack trace: Exception: EXC_BAD_ACCESS (0x0001) Codes: KERN_INVALID_ADDRESS (0x0001) at 0xbbadbeef Thread 0 Crashed: 0 com.apple.WebCore 0x011a312c WebCore::RenderView::paint(WebCore::RenderObject::PaintInfo&, int, int) + 112 (RenderView.cpp:132) 1 com.apple.WebCore 0x011c669c WebCore::RenderLayer::paintLayer(WebCore::RenderLayer*, WebCore::GraphicsContext*, WebCore::IntRect const&, bool, WebCore::PaintRestriction, WebCore::RenderObject*) + 1092 (RenderLayer.cpp:1454) 2 com.apple.WebCore 0x011c6bfc WebCore::RenderLayer::paint(WebCore::GraphicsContext*, WebCore::IntRect const&, WebCore::PaintRestriction, WebCore::RenderObject*) + 72 (RenderLayer.cpp:1374) 3 com.apple.WebCore 0x010eda68 WebCore::Frame::paint(WebCore::GraphicsContext*, WebCore::IntRect const&) + 800 (Frame.cpp:1291) 4 com.apple.WebCore 0x011195b8 -[WebCoreFrameBridge drawRect:] + 372 (WebCoreFrameBridge.mm:415) 5 com.apple.WebKit 0x0034fe84 -[WebHTMLView drawSingleRect:] + 760 (WebHTMLView.mm:2759) 6 com.apple.WebKit 0x003502ec -[WebHTMLView drawRect:] + 560 (WebHTMLView.mm:2809) 7 com.apple.AppKit 0x937e7858 0x93799000 + 321624 8 com.apple.AppKit 0x937e6e18 0x93799000 + 319000 9 com.apple.WebKit 0x00347730 -[WebHTMLView(WebPrivate) _recursiveDisplayAllDirtyWithLockFocus:visRect:] + 796 (WebHTMLView.mm:896) 10 com.apple.AppKit 0x937e9b60 0x93799000 + 330592 11 com.apple.CoreFoundation 0x907ee3ec 0x907bc000 + 205804 12 com.apple.AppKit 0x937e6f2c 0x93799000 + 319276 13 com.apple.AppKit 0x937e9b60 0x93799000 + 330592 14 com.apple.CoreFoundation 0x907ee3ec 0x907bc000 + 205804 15 com.apple.AppKit 0x937e6f2c 0x93799000 + 319276 16 com.apple.AppKit 0x937e9b60 0x93799000 + 330592 17 com.apple.CoreFoundation 0x907ee3ec 0x907bc000 + 205804 18 com.apple.AppKit 0x937e6f2c 0x93799000 + 319276 19 com.apple.AppKit 0x937e63e0 0x93799000 + 316384 20 com.apple.AppKit 0x937e0054 0x93799000 + 290900 21 com.apple.AppKit 0x938bff7c 0x93799000 + 1208188 22 com.apple.AppKit 0x938bfe60 0x93799000 + 1207904 23 com.apple.WebCore 0x012816e4 WebCore::Widget::paint(WebCore::GraphicsContext*, WebCore::IntRect const&) + 516 (WidgetMac.mm:269) 24 com.apple.WebCore 0x013341f0 WebCore::RenderWidget::paint(WebCore::RenderObject::PaintInfo&, int, int) + 888 (RenderWidget.cpp:196) 25 com.apple.WebCore 0x0132e398 WebCore::RenderFrameSet::paint(WebCore::RenderObject::PaintInfo&, int, int) + 316 (RenderFrameSet.cpp:144) 26 com.apple.WebCore 0x01180860 WebCore::RenderBlock::paintChildren(WebCore::RenderObject::PaintInfo&, int, int) + 804 (RenderBlock.cpp:1429) 27 com.apple.WebCore 0x01180bdc WebCore::RenderBlock::paintContents(WebCore::RenderObject::PaintInfo&, int, int) + 256 (RenderBlock.cpp:1403) 28 com.apple.WebCore 0x0118e254 WebCore::RenderBlock::paintObject(WebCore::RenderObject::PaintInfo&, int, int) + 480 (RenderBlock.cpp:1489) 29 com.apple.WebCore 0x0117ff60 WebCore::RenderBlock::paint(WebCore::RenderObject::PaintInfo&, int, int) + 672 (RenderBlock.cpp:1325) 30 com.apple.WebCore 0x011c6900 WebCore::RenderLayer::paintLayer(WebCore::RenderLayer*, WebCore::GraphicsContext*, WebCore::IntRect const&, bool, WebCore::PaintRestriction, WebCore::RenderObject*) + 1704 (RenderLayer.cpp:1482) 31 com.apple.WebCore 0x011c6aec WebCore::RenderLayer::paintLayer(WebCore::RenderLayer*, WebCore::GraphicsContext*, WebCore::IntRect const&, bool, WebCore::PaintRestriction, WebCore::RenderObject*) + 2196 (RenderLayer.cpp:1505) 32 com.apple.WebCore 0x011c6bfc WebCore::RenderLayer::paint(WebCore::GraphicsContext*, WebCore::IntRect const&, WebCore::PaintRestriction, WebCore::RenderObject*) + 72 (RenderLayer.cpp:1374) 33 com.apple.WebCore 0x010eda68 WebCore::Frame::paint(WebCore::GraphicsContext*, WebCore::IntRect const&) + 800 (Frame.cpp:1291) 34 com.apple.WebCore 0x011195b8 -[WebCoreFrameBridge drawRect:] + 372 (WebCoreFrameBridge.mm:415) 35 com.apple.WebKit 0x0034fe84 -[WebHTMLView drawSingleRect:] + 760 (WebHTMLView.mm:2759) 36 com.apple.WebKit 0x003502ec -[WebHTMLView drawRect:] + 560 (WebHTMLView.mm:2809) 37 com.apple.AppKit 0x937e7858 0x93799000 + 321624 38 com.apple.AppKit 0x937e65fc 0x93799000 + 316924 39 com.apple.WebKit 0x00347380 -[WebHTMLView(WebPrivate) _recursiveDisplayRectIfNeededIgnoringOpacity:isVisibleRect:rectIsVisibleRectForView:topView:] + 520 (WebHTMLView.mm:850) 40 com.apple.AppKit 0x937e69a8 0x93799000 + 317864 41 com.apple.AppKit 0x937e69a8 0x93799000 + 317864 42 com.apple.AppKit 0x937e69a8 0x93799000 + 317864 43 com.apple.AppKit 0x937e69a8 0x93799000 + 317864 44 com.apple.AppKit 0x937e69a8 0x93799000 + 317864 45 com.apple.AppKit 0x937e69a8 0x93799000 + 317864 46 com.apple.AppKit 0x937e69a8 0x93799000 + 317864 47 com.apple.AppKit 0x93807044 0x93799000 + 450628 48 com.apple.AppKit 0x937e0054 0x93799000 + 290900 49 com.apple.AppKit 0x937d5348 0x93799000 + 246600 50 com.apple.AppKit 0x937d51b8 0x93799000 + 246200 51 com.apple.Safari 0x0001a5f8 0x1000 + 103928 52 com.apple.AppKit 0x937d5064 0x93799000 + 245860 53 com.apple.CoreFoundation 0x907de76c 0x907bc000 + 141164 54 com.apple.CoreFoundation 0x907dea0c 0x907bc000 + 141836 55 com.apple.CoreFoundation 0x907de4ac 0x907bc000 + 140460 56 com.apple.HIToolbox 0x9329bb20 0x93293000 + 35616 57 com.apple.HIToolbox 0x9329b1b4 0x93293000 + 33204 58 com.apple.HIToolbox 0x9329b020 0x93293000 + 32800 59 com.apple.AppKit 0x937a1ae4 0x93799000 + 35556 60 com.apple.AppKit 0x937a17a8 0x93799000 + 34728 61 com.apple.Safari 0x00006740 0x1000 + 22336 62 com.apple.AppKit 0x9379dcec 0x93799000 + 19692 63 com.apple.AppKit 0x9388e87c 0x93799000 + 1005692 64 com.apple.Safari 0x0005c77c 0x1000 + 374652 65 com.apple.Safari 0x0005c624 0x1000 + 374308

Attachments
Add attachment proposed patch, testcase, etc.

David Kilzer (:ddkilzer)

Comment 1 2007-03-22 04:49:53 PDT

Actually, just clicking on this link usually does the trick: http://images.google.com/imgres?imgurl=http://images.apple.com/downloads/macosx/video/images/windowsmediaplayerformacosx_200311071940.jpg&imgrefurl=http://www.apple.com/downloads/macosx/video/windowsmediaplayerformacosx.html&h=337&w=382&sz=16&hl=en&start=12&tbnid=xpRK4qQ9xPDvuM:&tbnh=109&tbnw=123&prev=/images%3Fq%3Djpg%2Bsite:apple.com%26gbv%3D2%26svnum%3D10%26hl%3Den%26sa%3DG

David Kilzer (:ddkilzer)

Comment 2 2007-03-22 18:32:33 PDT

<rdar://problem/5082421> Constantly hitting ASSERT(!needsLayout()) in RenderView::paint() Fixed by bdakin in r20410.

Note You need to log in before you can comment on or make changes to this bug.