Created attachment 236021 [details] Test case The failing test case: <style> * { display:table-row-group; -webkit-border-radius:611268% 0% +90%; list-style-type:AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA; } </style> Backtrace: ASSERTION FAILED: snappedRoundedRect.isRenderable() ../../Source/WebCore/platform/graphics/RoundedRect.cpp(259) : WebCore::FloatRoundedRect WebCore::RoundedRect::pixelSnappedRoundedRectForPainting(float) const Program received signal SIGSEGV, Segmentation fault. [Switching to Thread 0x7fff97334700 (LWP 23951)] 0x00007ffff30191c8 in WTFCrash () at ../../Source/WTF/wtf/Assertions.cpp:329 329 *(int *)(uintptr_t)0xbbadbeef = 0; #0 0x00007ffff30191c8 in WTFCrash () at ../../Source/WTF/wtf/Assertions.cpp:329 #1 0x00007ffff3c334b3 in WebCore::RoundedRect::pixelSnappedRoundedRectForPainting (this=0x7fffffffc3d0, deviceScaleFactor=1) at ../../Source/WebCore/platform/graphics/RoundedRect.cpp:259 #2 0x00007ffff3dc6218 in WebCore::RenderBoxModelObject::paintFillLayerExtended (this=0x8c1490, paintInfo=..., color=..., bgLayer=0x860848, rect=..., bleedAvoidance=WebCore::BackgroundBleedNone, box=0x0, boxSize=..., op=WebCore::CompositeSourceOver, backgroundObject=0x9c1000, baseBgColorUsage=WebCore::BaseBackgroundColorUse) at ../../Source/WebCore/rendering/RenderBoxModelObject.cpp:712 #3 0x00007ffff3daab7e in WebCore::RenderBox::paintFillLayer (this=0x8c1490, paintInfo=..., c=..., fillLayer=0x860848, rect=..., bleedAvoidance=WebCore::BackgroundBleedNone, op=WebCore::CompositeSourceOver, backgroundObject=0x9c1000, baseBgColorUsage=WebCore::BaseBackgroundColorUse) at ../../Source/WebCore/rendering/RenderBox.cpp:1588 #4 0x00007ffff3daaaac in WebCore::RenderBox::paintFillLayers (this=0x8c1490, paintInfo=..., c=..., fillLayer=0x860848, rect=..., bleedAvoidance=WebCore::BackgroundBleedNone, op=WebCore::CompositeSourceOver, backgroundObject=0x9c1000) at ../../Source/WebCore/rendering/RenderBox.cpp:1579 #5 0x00007ffff3da901e in WebCore::RenderBox::paintRootBoxFillLayers (this=0x8c1490, paintInfo=...) at ../../Source/WebCore/rendering/RenderBox.cpp:1193 #6 0x00007ffff3da9789 in WebCore::RenderBox::paintBackground (this=0x8c1490, paintInfo=..., paintRect=..., bleedAvoidance=WebCore::BackgroundBleedNone) at ../../Source/WebCore/rendering/RenderBox.cpp:1303 #7 0x00007ffff3da95b4 in WebCore::RenderBox::paintBoxDecorations (this=0x8c1490, paintInfo=..., paintOffset=...) at ../../Source/WebCore/rendering/RenderBox.cpp:1285 #8 0x00007ffff3d53751 in WebCore::RenderBlock::paintObject (this=0x8c1490, paintInfo=..., paintOffset=...) at ../../Source/WebCore/rendering/RenderBlock.cpp:1650 #9 0x00007ffff3d52ae7 in WebCore::RenderBlock::paint (this=0x8c1490, paintInfo=..., paintOffset=...) at ../../Source/WebCore/rendering/RenderBlock.cpp:1521 #10 0x00007ffff3e55f46 in WebCore::RenderLayer::paintBackgroundForFragments (this=0x8c18c0, layerFragments=..., context=0x7d8ea0, transparencyLayerContext=0x7d8ea0, transparencyPaintDirtyRect=..., haveTransparency=false, localPaintingInfo=..., paintBehavior=0, subtreePaintRootForRenderer=0x0) at ../../Source/WebCore/rendering/RenderLayer.cpp:4422 #11 0x00007ffff3e54571 in WebCore::RenderLayer::paintLayerContents (this=0x8c18c0, context=0x7d8ea0, paintingInfo=..., paintFlags=224) at ../../Source/WebCore/rendering/RenderLayer.cpp:4080 #12 0x00007ffff3e532f8 in WebCore::RenderLayer::paintLayerContentsAndReflection (this=0x8c18c0, context=0x7d8ea0, paintingInfo=..., paintFlags=224) at ../../Source/WebCore/rendering/RenderLayer.cpp:3773 #13 0x00007ffff3e531cb in WebCore::RenderLayer::paintLayer (this=0x8c18c0, context=0x7d8ea0, paintingInfo=..., paintFlags=224) at ../../Source/WebCore/rendering/RenderLayer.cpp:3755 #14 0x00007ffff3e54d9c in WebCore::RenderLayer::paintList (this=0x8bc7a0, list=0x87ada0, context=0x7d8ea0, paintingInfo=..., paintFlags=224) at ../../Source/WebCore/rendering/RenderLayer.cpp:4186 #15 0x00007ffff3e5471a in WebCore::RenderLayer::paintLayerContents (this=0x8bc7a0, context=0x7d8ea0, paintingInfo=..., paintFlags=224) at ../../Source/WebCore/rendering/RenderLayer.cpp:4101 #16 0x00007ffff3e532f8 in WebCore::RenderLayer::paintLayerContentsAndReflection (this=0x8bc7a0, context=0x7d8ea0, paintingInfo=..., paintFlags=0) at ../../Source/WebCore/rendering/RenderLayer.cpp:3773 #17 0x00007ffff3e531cb in WebCore::RenderLayer::paintLayer (this=0x8bc7a0, context=0x7d8ea0, paintingInfo=..., paintFlags=0) at ../../Source/WebCore/rendering/RenderLayer.cpp:3755 #18 0x00007ffff3e522a8 in WebCore::RenderLayer::paint (this=0x8bc7a0, context=0x7d8ea0, damageRect=..., subpixelAccumulation=..., paintBehavior=0, subtreePaintRoot=0x0, paintFlags=0) at ../../Source/WebCore/rendering/RenderLayer.cpp:3554 #19 0x00007ffff3ad7102 in WebCore::FrameView::paintContents (this=0xa0e830, context=0x7d8ea0, dirtyRect=...) at ../../Source/WebCore/page/FrameView.cpp:3693 #20 0x00007ffff3b848ea in WebCore::ScrollView::paint (this=0xa0e830, context=0x7d8ea0, rect=...) at ../../Source/WebCore/platform/ScrollView.cpp:1203 #21 0x00007ffff2ecaf60 in WebKit::WebPage::drawRect (this=0x8949d0, graphicsContext=..., rect=...) at ../../Source/WebKit2/WebProcess/WebPage/WebPage.cpp:1292 #22 0x00007ffff2f977da in WebKit::DrawingAreaImpl::display (this=0x7d3680, updateInfo=...) at ../../Source/WebKit2/WebProcess/WebPage/DrawingAreaImpl.cpp:664 #23 0x00007ffff2f97096 in WebKit::DrawingAreaImpl::display (this=0x7d3680) at ../../Source/WebKit2/WebProcess/WebPage/DrawingAreaImpl.cpp:580 #24 0x00007ffff2f96f54 in WebKit::DrawingAreaImpl::displayTimerFired (this=0x7d3680) at ../../Source/WebKit2/WebProcess/WebPage/DrawingAreaImpl.cpp:559 #25 0x00007ffff2f991ad in WTF::RunLoop::Timer<WebKit::DrawingAreaImpl>::fired (this=0x7d3878) at ../../Source/WTF/wtf/RunLoop.h:120 #26 0x00007ffff306a5d1 in WTF::RunLoop::TimerBase::__lambda1::operator() (__closure=0x83ed30) at ../../Source/WTF/wtf/gtk/RunLoopGtk.cpp:121 #27 0x00007ffff306a9b8 in std::_Function_handler<bool(), WTF::RunLoop::TimerBase::start(double, bool)::__lambda1>::_M_invoke(const std::_Any_data &) (__functor=...) at /usr/include/c++/4.8/functional:2057 #28 0x00007ffff3069594 in std::function<bool ()>::operator()() const (this=0x7d38c0) at /usr/include/c++/4.8/functional:2464 #29 0x00007ffff3068e28 in WTF::GMainLoopSource::boolCallback (this=0x7d3888) at ../../Source/WTF/wtf/gobject/GMainLoopSource.cpp:210 #30 0x00007ffff30690c6 in WTF::GMainLoopSource::boolSourceCallback (source=0x7d3888, source@entry=<error reading variable: value has been optimized out>) at ../../Source/WTF/wtf/gobject/GMainLoopSource.cpp:261 #31 0x00007fffeb44ee43 in g_timeout_dispatch (source=source@entry=0x812520, callback=<optimized out>, user_data=<optimized out>) at gmain.c:4450 #32 0x00007fffeb44e2e6 in g_main_dispatch (context=0x677bb0) at gmain.c:3065 #33 g_main_context_dispatch (context=context@entry=0x677bb0) at gmain.c:3641 #34 0x00007fffeb44e638 in g_main_context_iterate (context=0x677bb0, block=block@entry=1, dispatch=dispatch@entry=1, self=<optimized out>) at gmain.c:3712 #35 0x00007fffeb44ea3a in g_main_loop_run (loop=0x70c750) at gmain.c:3906 #36 0x00007ffff306a156 in WTF::RunLoop::run () at ../../Source/WTF/wtf/gtk/RunLoopGtk.cpp:59 #37 0x00007ffff2fa35e0 in WebKit::ChildProcessMain<WebKit::WebProcess, WebKit::WebProcessMain> (argc=2, argv=0x7fffffffda58) at ../../Source/WebKit2/Shared/unix/ChildProcessMain.h:61 #38 0x00007ffff2fa3445 in WebKit::WebProcessMainUnix (argc=2, argv=0x7fffffffda58) at ../../Source/WebKit2/WebProcess/gtk/WebProcessMainGtk.cpp:73 #39 0x000000000040085d in main (argc=2, argv=0x7fffffffda58) at ../../Source/WebKit2/WebProcess/EntryPoint/unix/WebProcessMain.cpp:32