WebKit Bugzilla
New
Browse
Log In
×
Sign in with GitHub
or
Remember my login
Create Account
·
Forgot Password
Forgotten password account recovery
RESOLVED FIXED
108200
[GTK] fast/css/relative-positioned-block-crash.html is intermittently crashing
https://bugs.webkit.org/show_bug.cgi?id=108200
Summary
[GTK] fast/css/relative-positioned-block-crash.html is intermittently crashing
Zan Dobersek
Reported
2013-01-29 08:44:46 PST
Here's the dashboard data:
http://test-results.appspot.com/dashboards/flakiness_dashboard.html#group=%40ToT%20-%20webkit.org&showAllRuns=true&tests=fast%2Fcss%2Frelative-positioned-block-crash.html
Here's the commit range in which the crash occurred for the first time:
http://trac.webkit.org/log/?verbose=on&rev=140440&stop_rev=140259
The crash log: Crash log for DumpRenderTree (pid 21595): ... [Thread debugging using libthread_db enabled] Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1". Core was generated by `/home/slave/webkitgtk/gtk-linux-64-debug/build/WebKitBuild/Debug/Programs/DumpR'. Program terminated with signal 11, Segmentation fault. #0 0x00002ad34ffdea15 in WebCore::Position::Position (this=0x7fff71188070, anchorNode=..., anchorType=WebCore::Position::PositionIsBeforeAnchor) at ../../Source/WebCore/dom/Position.cpp:108 108 ASSERT(!m_anchorNode || !m_anchorNode->isPseudoElement()); ... Thread 1 (Thread 0x2ad35e30e6c0 (LWP 21595)): #0 0x00002ad34ffdea15 in WebCore::Position::Position (this=0x7fff71188070, anchorNode=..., anchorType=WebCore::Position::PositionIsBeforeAnchor) at ../../Source/WebCore/dom/Position.cpp:108 #1 0x00002ad34fbe9cea in WebCore::positionBeforeNode (anchorNode=0x1313a2d0) at ../../Source/WebCore/dom/Position.h:266 #2 0x00002ad3510868e6 in objectFocusedAndCaretOffsetUnignored (referenceObject=0x133921c0, offset=@0x7fff7118817c: -1) at ../../Source/WebCore/accessibility/atk/WebKitAccessibleWrapperAtk.cpp:1106 #3 0x00002ad3510870ae in WebCore::FrameSelection::notifyAccessibilityForSelectionChange (this=0x20a0a30) at ../../Source/WebCore/editing/gtk/FrameSelectionGtk.cpp:96 #4 0x00002ad350082588 in WebCore::FrameSelection::setSelection (this=0x20a0a30, newSelection=..., options=6, align=WebCore::FrameSelection::AlignCursorOnScrollIfNeeded, granularity=WebCore::CharacterGranularity) at ../../Source/WebCore/editing/FrameSelection.cpp:325 #5 0x00002ad3500894b2 in WebCore::FrameSelection::selectAll (this=0x20a0a30) at ../../Source/WebCore/editing/FrameSelection.cpp:1631 #6 0x00002ad350069755 in WebCore::executeSelectAll (frame=0x20a0400) at ../../Source/WebCore/editing/EditorCommand.cpp:1006 #7 0x00002ad35006b18a in WebCore::Editor::Command::execute (this=0x7fff71188500, parameter="(null)", triggeringEvent=0x0) at ../../Source/WebCore/editing/EditorCommand.cpp:1704 #8 0x00002ad34ff0e02c in WebCore::Document::execCommand (this=0x131d4190, commandName="selectall", userInterface=false, value="(null)") at ../../Source/WebCore/dom/Document.cpp:4157 #9 0x00002ad3509fad28 in WebCore::jsDocumentPrototypeFunctionExecCommand (exec=0x2ad3a42200e8) at DerivedSources/WebCore/JSDocument.cpp:2603 #10 0x00002ad35e5380e5 in ?? () #11 0x00007fff711886b0 in ?? () #12 0x00002ad34ef14418 in llint_op_call () from /home/slave/webkitgtk/gtk-linux-64-debug/build/WebKitBuild/Debug/.libs/libjavascriptcoregtk-3.0.so.0 #13 0x00002ad3a4220060 in ?? () #14 0x00000000020c0230 in ?? () #15 0x00007fff71188670 in ?? () #16 0x00002ad34eeb8ce7 in JSC::JSStack::installTrapsAfterFrame (this=0x0, frame=0x0) at ../../Source/JavaScriptCore/interpreter/JSStackInlines.h:213 #17 0x00002ad34eeb7a54 in JSC::JITCode::execute (this=0x2ad3a46209c0, stack=0x20c0230, callFrame=0x2ad3a4220060, globalData=0x2726cd0) at ../../Source/JavaScriptCore/jit/JITCode.h:135 #18 0x00002ad34eeb5211 in JSC::Interpreter::executeCall (this=0x20c0220, callFrame=0x2ad3a48ae388, function=0x2ad3a486edc0, callType=JSC::CallTypeJS, callData=..., thisValue=..., args=...) at ../../Source/JavaScriptCore/interpreter/Interpreter.cpp:1055 #19 0x00002ad34ef99bf1 in JSC::call (exec=0x2ad3a48ae388, functionObject=..., callType=JSC::CallTypeJS, callData=..., thisValue=..., args=...) at ../../Source/JavaScriptCore/runtime/CallData.cpp:40 #20 0x00002ad34fc41f89 in WebCore::JSMainThreadExecState::call (exec=0x2ad3a48ae388, functionObject=..., callType=JSC::CallTypeJS, callData=..., thisValue=..., args=...) at ../../Source/WebCore/bindings/js/JSMainThreadExecState.h:56 #21 0x00002ad34fc70c73 in WebCore::JSEventListener::handleEvent (this=0x11f09010, scriptExecutionContext=0x131d4230, event=0x120f8bf0) at ../../Source/WebCore/bindings/js/JSEventListener.cpp:130 #22 0x00002ad34ff9bf90 in WebCore::EventTarget::fireEventListeners (this=0xd65a860, event=0x120f8bf0, d=0xd65a950, entry=WTF::Vector of length 1, capacity 1 = {...}) at ../../Source/WebCore/dom/EventTarget.cpp:256 #23 0x00002ad34ff9bc1b in WebCore::EventTarget::fireEventListeners (this=0xd65a860, event=0x120f8bf0) at ../../Source/WebCore/dom/EventTarget.cpp:203 #24 0x00002ad3504e31ae in WebCore::DOMWindow::dispatchEvent (this=0xd65a860, prpEvent=..., prpTarget=...) at ../../Source/WebCore/page/DOMWindow.cpp:1695 #25 0x00002ad3504e2f34 in WebCore::DOMWindow::dispatchLoadEvent (this=0xd65a860) at ../../Source/WebCore/page/DOMWindow.cpp:1669 #26 0x00002ad34ff0c487 in WebCore::Document::dispatchWindowLoadEvent (this=0x131d4190) at ../../Source/WebCore/dom/Document.cpp:3642 #27 0x00002ad34ff078d1 in WebCore::Document::implicitClose (this=0x131d4190) at ../../Source/WebCore/dom/Document.cpp:2399 #28 0x00002ad3504320cb in WebCore::FrameLoader::checkCallImplicitClose (this=0x20a0480) at ../../Source/WebCore/loader/FrameLoader.cpp:835 #29 0x00002ad350431e49 in WebCore::FrameLoader::checkCompleted (this=0x20a0480) at ../../Source/WebCore/loader/FrameLoader.cpp:778 #30 0x00002ad350431b9d in WebCore::FrameLoader::finishedParsing (this=0x20a0480) at ../../Source/WebCore/loader/FrameLoader.cpp:711 #31 0x00002ad34ff0f021 in WebCore::Document::finishedParsing (this=0x131d4190) at ../../Source/WebCore/dom/Document.cpp:4401 #32 0x00002ad3502075cf in WebCore::HTMLConstructionSite::finishedParsing (this=0x132542a0) at ../../Source/WebCore/html/parser/HTMLConstructionSite.cpp:337 #33 0x00002ad35023c822 in WebCore::HTMLTreeBuilder::finished (this=0x13254280) at ../../Source/WebCore/html/parser/HTMLTreeBuilder.cpp:2882 #34 0x00002ad35020e622 in WebCore::HTMLDocumentParser::end (this=0x1326e090) at ../../Source/WebCore/html/parser/HTMLDocumentParser.cpp:550 #35 0x00002ad35020e729 in WebCore::HTMLDocumentParser::attemptToRunDeferredScriptsAndEnd (this=0x1326e090) at ../../Source/WebCore/html/parser/HTMLDocumentParser.cpp:559 #36 0x00002ad35020d605 in WebCore::HTMLDocumentParser::prepareToStopParsing (this=0x1326e090) at ../../Source/WebCore/html/parser/HTMLDocumentParser.cpp:182 #37 0x00002ad35020e76e in WebCore::HTMLDocumentParser::attemptToEnd (this=0x1326e090) at ../../Source/WebCore/html/parser/HTMLDocumentParser.cpp:571 #38 0x00002ad35020e827 in WebCore::HTMLDocumentParser::finish (this=0x1326e090) at ../../Source/WebCore/html/parser/HTMLDocumentParser.cpp:609 #39 0x00002ad35042a265 in WebCore::DocumentWriter::end (this=0x1328a538) at ../../Source/WebCore/loader/DocumentWriter.cpp:244 #40 0x00002ad3504190d0 in WebCore::DocumentLoader::finishedLoading (this=0x1328a490) at ../../Source/WebCore/loader/DocumentLoader.cpp:295 #41 0x00002ad35046d61a in WebCore::MainResourceLoader::didFinishLoading (this=0x13290fb0, finishTime=0) at ../../Source/WebCore/loader/MainResourceLoader.cpp:543 #42 0x00002ad35046d795 in WebCore::MainResourceLoader::notifyFinished (this=0x13290fb0, resource=0x12fab4f0) at ../../Source/WebCore/loader/MainResourceLoader.cpp:553 #43 0x00002ad3503f54b0 in WebCore::CachedResource::checkNotify (this=0x12fab4f0) at ../../Source/WebCore/loader/cache/CachedResource.cpp:336 #44 0x00002ad3503f550a in WebCore::CachedResource::data (this=0x12fab4f0, allDataReceived=true) at ../../Source/WebCore/loader/cache/CachedResource.cpp:345 #45 0x00002ad3503f2b58 in WebCore::CachedRawResource::data (this=0x12fab4f0, data=..., allDataReceived=true) at ../../Source/WebCore/loader/cache/CachedRawResource.cpp:72 #46 0x00002ad350484f66 in WebCore::SubresourceLoader::didFinishLoading (this=0x130eb1f0, finishTime=0) at ../../Source/WebCore/loader/SubresourceLoader.cpp:278 #47 0x00002ad35047a869 in WebCore::ResourceLoader::didFinishLoading (this=0x130eb1f0, finishTime=0) at ../../Source/WebCore/loader/ResourceLoader.cpp:457 #48 0x00002ad350e909ab in WebCore::readCallback (asyncResult=0xd882590, data=0x1316bd60) at ../../Source/WebCore/platform/network/soup/ResourceHandleSoup.cpp:1367 #49 0x00002ad354ac8e5f in async_ready_callback_wrapper () from /home/slave/webkitgtk/gtk-linux-64-debug/build/WebKitBuild/Dependencies/Root/lib64/libgio-2.0.so.0 #50 0x00002ad354ae37ea in g_simple_async_result_complete () from /home/slave/webkitgtk/gtk-linux-64-debug/build/WebKitBuild/Dependencies/Root/lib64/libgio-2.0.so.0 #51 0x00002ad354ae39b2 in complete_in_idle_cb_for_thread () from /home/slave/webkitgtk/gtk-linux-64-debug/build/WebKitBuild/Dependencies/Root/lib64/libgio-2.0.so.0 #52 0x00002ad354caafd1 in g_idle_dispatch () from /home/slave/webkitgtk/gtk-linux-64-debug/build/WebKitBuild/Dependencies/Root/lib64/libglib-2.0.so.0 #53 0x00002ad354ca8903 in g_main_dispatch () from /home/slave/webkitgtk/gtk-linux-64-debug/build/WebKitBuild/Dependencies/Root/lib64/libglib-2.0.so.0 #54 0x00002ad354ca94b3 in g_main_context_dispatch () from /home/slave/webkitgtk/gtk-linux-64-debug/build/WebKitBuild/Dependencies/Root/lib64/libglib-2.0.so.0 #55 0x00002ad354ca96a3 in g_main_context_iterate () from /home/slave/webkitgtk/gtk-linux-64-debug/build/WebKitBuild/Dependencies/Root/lib64/libglib-2.0.so.0 #56 0x00002ad354ca9ad3 in g_main_loop_run () from /home/slave/webkitgtk/gtk-linux-64-debug/build/WebKitBuild/Dependencies/Root/lib64/libglib-2.0.so.0 #57 0x00002ad353e9be22 in gtk_main () from /home/slave/webkitgtk/gtk-linux-64-debug/build/WebKitBuild/Dependencies/Root/lib64/libgtk-3.so.0 #58 0x000000000049b862 in runTest (inputLine=...) at ../../Tools/DumpRenderTree/gtk/DumpRenderTree.cpp:770 #59 0x000000000049af18 in runTestingServerLoop () at ../../Tools/DumpRenderTree/gtk/DumpRenderTree.cpp:553 #60 0x000000000049e246 in main (argc=2, argv=0x7fff71189fa8) at ../../Tools/DumpRenderTree/gtk/DumpRenderTree.cpp:1512
Attachments
Patch
(3.65 KB, patch)
2013-01-31 15:34 PST
,
Joanmarie Diggs
no flags
Details
Formatted Diff
Diff
View All
Add attachment
proposed patch, testcase, etc.
Joanmarie Diggs
Comment 1
2013-01-30 04:58:58 PST
This appears to be the same intermittent crash as fast/css-generated-content/block-and-box-hit-testing.html. (both of which I have yet to make crash, but I'm still trying)
Joanmarie Diggs
Comment 2
2013-01-31 15:26:55 PST
Seems the winner is the addition of assertions as part of the fix for
bug 104462
. In terms of real-world use cases and AT users, so far I've only been able to reproduce this issue if I click with the mouse on an empty area in a render block. Going with the unignored parent's node seems like a reasonable thing to do (and pass along to ATs) under these circumstances.
Joanmarie Diggs
Comment 3
2013-01-31 15:34:05 PST
Created
attachment 185881
[details]
Patch
WebKit Review Bot
Comment 4
2013-01-31 16:38:55 PST
Comment on
attachment 185881
[details]
Patch Clearing flags on attachment: 185881 Committed
r141503
: <
http://trac.webkit.org/changeset/141503
>
WebKit Review Bot
Comment 5
2013-01-31 16:38:59 PST
All reviewed patches have been landed. Closing bug.
Note
You need to
log in
before you can comment on or make changes to this bug.
Top of Page
Format For Printing
XML
Clone This Bug