Bug 109048 - "ASSERTION FAILED: !document()->childNeedsStyleRecalc()" and segfault in "virtual bool WebCore::Node::isFocusable() const" when using CSS :checked pseudoclass
Summary: "ASSERTION FAILED: !document()->childNeedsStyleRecalc()" and segfault in "vir...
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: WebKit Qt (show other bugs)
Version: 528+ (Nightly build)
Hardware: PC Linux
: P2 Normal
Assignee: Nobody
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2013-02-06 06:47 PST by Jan Kundrát
Modified: 2013-05-30 05:15 PDT (History)
3 users (show)

See Also:


Attachments
webkit-input-checked-crash.html (4.52 KB, text/html)
2013-02-06 06:47 PST, Jan Kundrát
no flags Details
Layout test that reproduces the failing assertion (892 bytes, text/html)
2013-02-28 04:58 PST, Simon Hausmann
no flags Details

Note You need to log in before you can comment on or make changes to this bug.
Description Jan Kundrát 2013-02-06 06:47:37 PST
Created attachment 186846 [details]
webkit-input-checked-crash.html

ASSERTION FAILED: !document()->childNeedsStyleRecalc()
dom/Node.cpp(931) : virtual bool WebCore::Node::isFocusable() const
1   0x7fe3756c9afc /opt/qt5/lib/libQt5WebKit.so.5(+0xd20afc) [0x7fe3756c9afc]
2   0x7fe377022aae /opt/qt5/lib/libQt5WebKit.so.5(+0x2679aae) [0x7fe377022aae]
3   0x7fe3772c2f8d /opt/qt5/lib/libQt5WebKit.so.5(+0x2919f8d) [0x7fe3772c2f8d]
4   0x7fe37737d0de /opt/qt5/lib/libQt5WebKit.so.5(+0x29d40de) [0x7fe37737d0de]
5   0x7fe37737db38 /opt/qt5/lib/libQt5WebKit.so.5(+0x29d4b38) [0x7fe37737db38]
6   0x7fe3772e3cc3 /opt/qt5/lib/libQt5WebKit.so.5(+0x293acc3) [0x7fe3772e3cc3]
7   0x7fe3756cee47 /opt/qt5/lib/libQt5WebKit.so.5(+0xd25e47) [0x7fe3756cee47]
8   0x7fe3759ad8fd /opt/qt5/lib/libQt5WebKit.so.5(+0x10048fd) [0x7fe3759ad8fd]
9   0x7fe3759ae5a8 /opt/qt5/lib/libQt5WebKit.so.5(+0x10055a8) [0x7fe3759ae5a8]
10  0x7fe374e96580 /opt/qt5/lib/libQt5WebKit.so.5(_ZN15QWebPageAdapter17mouseReleaseEventEP11QMouseEvent+0x70) [0x7fe374e96580]
11  0x7fe37c9141d7 /opt/qt5/lib/libQt5WebKitWidgets.so.5(_ZN8QWebPage5eventEP6QEvent+0x111) [0x7fe37c9141d7]
12  0x7fe37c91c0af /opt/qt5/lib/libQt5WebKitWidgets.so.5(_ZN8QWebView17mouseReleaseEventEP11QMouseEvent+0x6d) [0x7fe37c91c0af]
13  0x7fe373b53614 /opt/qt5/lib/libQt5Widgets.so.5(_ZN7QWidget5eventEP6QEvent+0x176) [0x7fe373b53614]
14  0x7fe37c91bad2 /opt/qt5/lib/libQt5WebKitWidgets.so.5(_ZN8QWebView5eventEP6QEvent+0x27e) [0x7fe37c91bad2]
15  0x7fe373afa7d1 /opt/qt5/lib/libQt5Widgets.so.5(_ZN19QApplicationPrivate13notify_helperEP7QObjectP6QEvent+0x18b) [0x7fe373afa7d1]
16  0x7fe373af869f /opt/qt5/lib/libQt5Widgets.so.5(_ZN12QApplication6notifyEP7QObjectP6QEvent+0xbdb) [0x7fe373af869f]
17  0x7fe3726601ad /opt/qt5/lib/libQt5Core.so.5(_ZN16QCoreApplication14notifyInternalEP7QObjectP6QEvent+0xad) [0x7fe3726601ad]
18  0x7fe373afd5ca /opt/qt5/lib/libQt5Widgets.so.5(_ZN16QCoreApplication20sendSpontaneousEventEP7QObjectP6QEvent+0x60) [0x7fe373afd5ca]
19  0x7fe373af715e /opt/qt5/lib/libQt5Widgets.so.5(_ZN19QApplicationPrivate14sendMouseEventEP7QWidgetP11QMouseEventS1_S1_PS1_R8QPointerIS0_Eb+0x4dc) [0x7fe373af715e]
20  0x7fe373b8a0b5 /opt/qt5/lib/libQt5Widgets.so.5(+0x20e0b5) [0x7fe373b8a0b5]
21  0x7fe373b89431 /opt/qt5/lib/libQt5Widgets.so.5(+0x20d431) [0x7fe373b89431]
22  0x7fe373afa7d1 /opt/qt5/lib/libQt5Widgets.so.5(_ZN19QApplicationPrivate13notify_helperEP7QObjectP6QEvent+0x18b) [0x7fe373afa7d1]
23  0x7fe373af7e8b /opt/qt5/lib/libQt5Widgets.so.5(_ZN12QApplication6notifyEP7QObjectP6QEvent+0x3c7) [0x7fe373af7e8b]
24  0x7fe3726601ad /opt/qt5/lib/libQt5Core.so.5(_ZN16QCoreApplication14notifyInternalEP7QObjectP6QEvent+0xad) [0x7fe3726601ad]
25  0x7fe372c6a2e6 /opt/qt5/lib/libQt5Gui.so.5(_ZN16QCoreApplication20sendSpontaneousEventEP7QObjectP6QEvent+0x60) [0x7fe372c6a2e6]
26  0x7fe372c63cce /opt/qt5/lib/libQt5Gui.so.5(_ZN22QGuiApplicationPrivate17processMouseEventEPN29QWindowSystemInterfacePrivate10MouseEventE+0x6b2) [0x7fe372c63cce]
27  0x7fe372c63427 /opt/qt5/lib/libQt5Gui.so.5(_ZN22QGuiApplicationPrivate24processWindowSystemEventEPN29QWindowSystemInterfacePrivate17WindowSystemEventE+0x163) [0x7fe372c63427]
28  0x7fe372c4c072 /opt/qt5/lib/libQt5Gui.so.5(_ZN22QWindowSystemInterface36sendWindowSystemEventsImplementationE6QFlagsIN10QEventLoop17ProcessEventsFlagEE+0x6e) [0x7fe372c4c072]
29  0x7fe372c4bfad /opt/qt5/lib/libQt5Gui.so.5(_ZN22QWindowSystemInterface22sendWindowSystemEventsE6QFlagsIN10QEventLoop17ProcessEventsFlagEE+0x33) [0x7fe372c4bfad]
30  0x7fe36ba01085 /opt/qt5/plugins/platforms/libqxcb.so(+0x6a085) [0x7fe36ba01085]
31  0x7fe379f2e603 /usr/lib64/libglib-2.0.so.0(g_main_context_dispatch+0x163) [0x7fe379f2e603]
Segmentation fault

Using qt5's QWebView, commit v5.0.0-24-g70c60ff. The crash happens when the user clicks on the [...] <label> in the attached testcase. It works fine using Qt4's webkit.
Comment 1 Jan Kundrát 2013-02-12 06:01:29 PST
Dear webkit developers, do you require any additional information to fix this assert crash?
Comment 2 Alexey Proskuryakov 2013-02-12 19:01:30 PST
I cannot reproduce this with current trunk build (in Safari). Guessing it's already fixed.
Comment 3 Simon Hausmann 2013-02-28 03:42:27 PST
I can reproduce this crash with webkit trunk, Qt build, the html file loaded in QtTestBrowser and the label being clicked on.
Comment 4 Simon Hausmann 2013-02-28 04:39:24 PST
(In reply to comment #3)
> I can reproduce this crash with webkit trunk, Qt build, the html file loaded in QtTestBrowser and the label being clicked on.

I'm working on a layout test reduction. Seems to be roughly related to a label element working on a display:none input type.
Comment 5 Simon Hausmann 2013-02-28 04:58:39 PST
Created attachment 190707 [details]
Layout test that reproduces the failing assertion

The attached layout test reproduces the failing assertion for me.
Comment 6 Simon Hausmann 2013-02-28 07:11:48 PST
I can't seem to reproduce this in a PLATFORM(MAC) build of DRT ;(
Comment 7 Jan Kundrát 2013-04-19 09:27:43 PDT
This crash remains unfixed in the Qt 5.1 branch ("stable" at this point, commit 9e5eaab34ec9fe2a0e0ba169c939a23bef8df900). Do you need any further information to ensure it gets fixed?
Comment 8 Jan Kundrát 2013-05-30 05:15:02 PDT
I cannot reproduce this issue anymore as of v5.1.0-beta1-11-gfb2adc6. Thanks for fixing it.