RESOLVED FIXED Bug 109048
"ASSERTION FAILED: !document()->childNeedsStyleRecalc()" and segfault in "virtual bool WebCore::Node::isFocusable() const" when using CSS :checked pseudoclass 
https://bugs.webkit.org/show_bug.cgi?id=109048
Summary "ASSERTION FAILED: !document()->childNeedsStyleRecalc()" and segfault in "vir...
Jan Kundrát
Reported 2013-02-06 06:47:37 PST
Created attachment 186846 [details] webkit-input-checked-crash.html ASSERTION FAILED: !document()->childNeedsStyleRecalc() dom/Node.cpp(931) : virtual bool WebCore::Node::isFocusable() const 1 0x7fe3756c9afc /opt/qt5/lib/libQt5WebKit.so.5(+0xd20afc) [0x7fe3756c9afc] 2 0x7fe377022aae /opt/qt5/lib/libQt5WebKit.so.5(+0x2679aae) [0x7fe377022aae] 3 0x7fe3772c2f8d /opt/qt5/lib/libQt5WebKit.so.5(+0x2919f8d) [0x7fe3772c2f8d] 4 0x7fe37737d0de /opt/qt5/lib/libQt5WebKit.so.5(+0x29d40de) [0x7fe37737d0de] 5 0x7fe37737db38 /opt/qt5/lib/libQt5WebKit.so.5(+0x29d4b38) [0x7fe37737db38] 6 0x7fe3772e3cc3 /opt/qt5/lib/libQt5WebKit.so.5(+0x293acc3) [0x7fe3772e3cc3] 7 0x7fe3756cee47 /opt/qt5/lib/libQt5WebKit.so.5(+0xd25e47) [0x7fe3756cee47] 8 0x7fe3759ad8fd /opt/qt5/lib/libQt5WebKit.so.5(+0x10048fd) [0x7fe3759ad8fd] 9 0x7fe3759ae5a8 /opt/qt5/lib/libQt5WebKit.so.5(+0x10055a8) [0x7fe3759ae5a8] 10 0x7fe374e96580 /opt/qt5/lib/libQt5WebKit.so.5(_ZN15QWebPageAdapter17mouseReleaseEventEP11QMouseEvent+0x70) [0x7fe374e96580] 11 0x7fe37c9141d7 /opt/qt5/lib/libQt5WebKitWidgets.so.5(_ZN8QWebPage5eventEP6QEvent+0x111) [0x7fe37c9141d7] 12 0x7fe37c91c0af /opt/qt5/lib/libQt5WebKitWidgets.so.5(_ZN8QWebView17mouseReleaseEventEP11QMouseEvent+0x6d) [0x7fe37c91c0af] 13 0x7fe373b53614 /opt/qt5/lib/libQt5Widgets.so.5(_ZN7QWidget5eventEP6QEvent+0x176) [0x7fe373b53614] 14 0x7fe37c91bad2 /opt/qt5/lib/libQt5WebKitWidgets.so.5(_ZN8QWebView5eventEP6QEvent+0x27e) [0x7fe37c91bad2] 15 0x7fe373afa7d1 /opt/qt5/lib/libQt5Widgets.so.5(_ZN19QApplicationPrivate13notify_helperEP7QObjectP6QEvent+0x18b) [0x7fe373afa7d1] 16 0x7fe373af869f /opt/qt5/lib/libQt5Widgets.so.5(_ZN12QApplication6notifyEP7QObjectP6QEvent+0xbdb) [0x7fe373af869f] 17 0x7fe3726601ad /opt/qt5/lib/libQt5Core.so.5(_ZN16QCoreApplication14notifyInternalEP7QObjectP6QEvent+0xad) [0x7fe3726601ad] 18 0x7fe373afd5ca /opt/qt5/lib/libQt5Widgets.so.5(_ZN16QCoreApplication20sendSpontaneousEventEP7QObjectP6QEvent+0x60) [0x7fe373afd5ca] 19 0x7fe373af715e /opt/qt5/lib/libQt5Widgets.so.5(_ZN19QApplicationPrivate14sendMouseEventEP7QWidgetP11QMouseEventS1_S1_PS1_R8QPointerIS0_Eb+0x4dc) [0x7fe373af715e] 20 0x7fe373b8a0b5 /opt/qt5/lib/libQt5Widgets.so.5(+0x20e0b5) [0x7fe373b8a0b5] 21 0x7fe373b89431 /opt/qt5/lib/libQt5Widgets.so.5(+0x20d431) [0x7fe373b89431] 22 0x7fe373afa7d1 /opt/qt5/lib/libQt5Widgets.so.5(_ZN19QApplicationPrivate13notify_helperEP7QObjectP6QEvent+0x18b) [0x7fe373afa7d1] 23 0x7fe373af7e8b /opt/qt5/lib/libQt5Widgets.so.5(_ZN12QApplication6notifyEP7QObjectP6QEvent+0x3c7) [0x7fe373af7e8b] 24 0x7fe3726601ad /opt/qt5/lib/libQt5Core.so.5(_ZN16QCoreApplication14notifyInternalEP7QObjectP6QEvent+0xad) [0x7fe3726601ad] 25 0x7fe372c6a2e6 /opt/qt5/lib/libQt5Gui.so.5(_ZN16QCoreApplication20sendSpontaneousEventEP7QObjectP6QEvent+0x60) [0x7fe372c6a2e6] 26 0x7fe372c63cce /opt/qt5/lib/libQt5Gui.so.5(_ZN22QGuiApplicationPrivate17processMouseEventEPN29QWindowSystemInterfacePrivate10MouseEventE+0x6b2) [0x7fe372c63cce] 27 0x7fe372c63427 /opt/qt5/lib/libQt5Gui.so.5(_ZN22QGuiApplicationPrivate24processWindowSystemEventEPN29QWindowSystemInterfacePrivate17WindowSystemEventE+0x163) [0x7fe372c63427] 28 0x7fe372c4c072 /opt/qt5/lib/libQt5Gui.so.5(_ZN22QWindowSystemInterface36sendWindowSystemEventsImplementationE6QFlagsIN10QEventLoop17ProcessEventsFlagEE+0x6e) [0x7fe372c4c072] 29 0x7fe372c4bfad /opt/qt5/lib/libQt5Gui.so.5(_ZN22QWindowSystemInterface22sendWindowSystemEventsE6QFlagsIN10QEventLoop17ProcessEventsFlagEE+0x33) [0x7fe372c4bfad] 30 0x7fe36ba01085 /opt/qt5/plugins/platforms/libqxcb.so(+0x6a085) [0x7fe36ba01085] 31 0x7fe379f2e603 /usr/lib64/libglib-2.0.so.0(g_main_context_dispatch+0x163) [0x7fe379f2e603] Segmentation fault Using qt5's QWebView, commit v5.0.0-24-g70c60ff. The crash happens when the user clicks on the [...] <label> in the attached testcase. It works fine using Qt4's webkit.
Attachments
webkit-input-checked-crash.html (4.52 KB, text/html)
2013-02-06 06:47 PST, Jan Kundrát 		no flags
Details
Layout test that reproduces the failing assertion (892 bytes, text/html)
2013-02-28 04:58 PST, Simon Hausmann 		no flags
Details
View All Add attachment proposed patch, testcase, etc.
Jan Kundrát
Comment 1 2013-02-12 06:01:29 PST
Dear webkit developers, do you require any additional information to fix this assert crash?
Alexey Proskuryakov
Comment 2 2013-02-12 19:01:30 PST
I cannot reproduce this with current trunk build (in Safari). Guessing it's already fixed.
Simon Hausmann
Comment 3 2013-02-28 03:42:27 PST
I can reproduce this crash with webkit trunk, Qt build, the html file loaded in QtTestBrowser and the label being clicked on.
Simon Hausmann
Comment 4 2013-02-28 04:39:24 PST
(In reply to comment #3) > I can reproduce this crash with webkit trunk, Qt build, the html file loaded in QtTestBrowser and the label being clicked on. I'm working on a layout test reduction. Seems to be roughly related to a label element working on a display:none input type.
Simon Hausmann
Comment 5 2013-02-28 04:58:39 PST
Created attachment 190707 [details] Layout test that reproduces the failing assertion The attached layout test reproduces the failing assertion for me.
Simon Hausmann
Comment 6 2013-02-28 07:11:48 PST
I can't seem to reproduce this in a PLATFORM(MAC) build of DRT ;(
Jan Kundrát
Comment 7 2013-04-19 09:27:43 PDT
This crash remains unfixed in the Qt 5.1 branch ("stable" at this point, commit 9e5eaab34ec9fe2a0e0ba169c939a23bef8df900). Do you need any further information to ensure it gets fixed?
Jan Kundrát
Comment 8 2013-05-30 05:15:02 PDT
I cannot reproduce this issue anymore as of v5.1.0-beta1-11-gfb2adc6. Thanks for fixing it.
Note You need to log in before you can comment on or make changes to this bug.