Created attachment 236023 [details] Test case The failing test case: <style> * { -webkit-column-count:2 } </style> <frameset><frame> Backtrace: ASSERTION FAILED: !paintInfo.overlapTestRequests->contains(this) ../../Source/WebCore/rendering/RenderWidget.cpp(245) : virtual void WebCore::RenderWidget::paintContents(WebCore::PaintInfo&, const WebCore::LayoutPoint&) Program received signal SIGSEGV, Segmentation fault. [Switching to Thread 0x7fff97334700 (LWP 25734)] 0x00007ffff30191c8 in WTFCrash () at ../../Source/WTF/wtf/Assertions.cpp:329 329 *(int *)(uintptr_t)0xbbadbeef = 0; #0 0x00007ffff30191c8 in WTFCrash () at ../../Source/WTF/wtf/Assertions.cpp:329 #1 0x00007ffff3f3de1b in WebCore::RenderWidget::paintContents (this=0x7d63e0, paintInfo=..., paintOffset=...) at ../../Source/WebCore/rendering/RenderWidget.cpp:245 #2 0x00007ffff3f3e35b in WebCore::RenderWidget::paint (this=0x7d63e0, paintInfo=..., paintOffset=...) at ../../Source/WebCore/rendering/RenderWidget.cpp:286 #3 0x00007ffff3e1f3b8 in WebCore::RenderFrameSet::paint (this=0x990920, paintInfo=..., paintOffset=...) at ../../Source/WebCore/rendering/RenderFrameSet.cpp:144 #4 0x00007ffff3d53181 in WebCore::RenderBlock::paintChild (this=0x871610, child=..., paintInfo=..., paintOffset=..., paintInfoForChild=..., usePrintRect=false) at ../../Source/WebCore/rendering/RenderBlock.cpp:1591 #5 0x00007ffff3d52d87 in WebCore::RenderBlock::paintChildren (this=0x871610, paintInfo=..., paintOffset=..., paintInfoForChild=..., usePrintRect=false) at ../../Source/WebCore/rendering/RenderBlock.cpp:1561 #6 0x00007ffff3d52d2d in WebCore::RenderBlock::paintContents (this=0x871610, paintInfo=..., paintOffset=...) at ../../Source/WebCore/rendering/RenderBlock.cpp:1554 #7 0x00007ffff3d538dc in WebCore::RenderBlock::paintObject (this=0x871610, paintInfo=..., paintOffset=...) at ../../Source/WebCore/rendering/RenderBlock.cpp:1682 #8 0x00007ffff3d52ae7 in WebCore::RenderBlock::paint (this=0x871610, paintInfo=..., paintOffset=...) at ../../Source/WebCore/rendering/RenderBlock.cpp:1521 #9 0x00007ffff3e5653b in WebCore::RenderLayer::paintForegroundForFragmentsWithPhase (this=0x794590, phase=WebCore::PaintPhaseForeground, layerFragments=..., context=0x7e1c80, localPaintingInfo=..., paintBehavior=0, subtreePaintRootForRenderer=0x0) at ../../Source/WebCore/rendering/RenderLayer.cpp:4497 #10 0x00007ffff3e561e3 in WebCore::RenderLayer::paintForegroundForFragments (this=0x794590, layerFragments=..., context=0x7e1c80, transparencyLayerContext=0x7e1c80, transparencyPaintDirtyRect=..., haveTransparency=false, localPaintingInfo=..., paintBehavior=0, subtreePaintRootForRenderer=0x0, selectionOnly=false, forceBlackText=false) at ../../Source/WebCore/rendering/RenderLayer.cpp:4461 #11 0x00007ffff3e54657 in WebCore::RenderLayer::paintLayerContents (this=0x794590, context=0x7e1c80, paintingInfo=..., paintFlags=224) at ../../Source/WebCore/rendering/RenderLayer.cpp:4090 #12 0x00007ffff3e532f8 in WebCore::RenderLayer::paintLayerContentsAndReflection (this=0x794590, context=0x7e1c80, paintingInfo=..., paintFlags=224) at ../../Source/WebCore/rendering/RenderLayer.cpp:3773 #13 0x00007ffff3e531cb in WebCore::RenderLayer::paintLayer (this=0x794590, context=0x7e1c80, paintingInfo=..., paintFlags=224) at ../../Source/WebCore/rendering/RenderLayer.cpp:3755 #14 0x00007ffff3e54d9c in WebCore::RenderLayer::paintList (this=0x8f0f00, list=0x82d6e0, context=0x7e1c80, paintingInfo=..., paintFlags=224) at ../../Source/WebCore/rendering/RenderLayer.cpp:4186 #15 0x00007ffff3e546e2 in WebCore::RenderLayer::paintLayerContents (this=0x8f0f00, context=0x7e1c80, paintingInfo=..., paintFlags=224) at ../../Source/WebCore/rendering/RenderLayer.cpp:4098 #16 0x00007ffff3e532f8 in WebCore::RenderLayer::paintLayerContentsAndReflection (this=0x8f0f00, context=0x7e1c80, paintingInfo=..., paintFlags=224) at ../../Source/WebCore/rendering/RenderLayer.cpp:3773 #17 0x00007ffff3e531cb in WebCore::RenderLayer::paintLayer (this=0x8f0f00, context=0x7e1c80, paintingInfo=..., paintFlags=224) at ../../Source/WebCore/rendering/RenderLayer.cpp:3755 #18 0x00007ffff3e54d9c in WebCore::RenderLayer::paintList (this=0x86a7e0, list=0x6f14a0, context=0x7e1c80, paintingInfo=..., paintFlags=224) at ../../Source/WebCore/rendering/RenderLayer.cpp:4186 #19 0x00007ffff3e546e2 in WebCore::RenderLayer::paintLayerContents (this=0x86a7e0, context=0x7e1c80, paintingInfo=..., paintFlags=224) at ../../Source/WebCore/rendering/RenderLayer.cpp:4098 #20 0x00007ffff3e532f8 in WebCore::RenderLayer::paintLayerContentsAndReflection (this=0x86a7e0, context=0x7e1c80, paintingInfo=..., paintFlags=0) at ../../Source/WebCore/rendering/RenderLayer.cpp:3773 #21 0x00007ffff3e531cb in WebCore::RenderLayer::paintLayer (this=0x86a7e0, context=0x7e1c80, paintingInfo=..., paintFlags=0) at ../../Source/WebCore/rendering/RenderLayer.cpp:3755 #22 0x00007ffff3e522a8 in WebCore::RenderLayer::paint (this=0x86a7e0, context=0x7e1c80, damageRect=..., subpixelAccumulation=..., paintBehavior=0, subtreePaintRoot=0x0, paintFlags=0) at ../../Source/WebCore/rendering/RenderLayer.cpp:3554 #23 0x00007ffff3ad7102 in WebCore::FrameView::paintContents (this=0x7a3db0, context=0x7e1c80, dirtyRect=...) at ../../Source/WebCore/page/FrameView.cpp:3693 #24 0x00007ffff3b848ea in WebCore::ScrollView::paint (this=0x7a3db0, context=0x7e1c80, rect=...) at ../../Source/WebCore/platform/ScrollView.cpp:1203 #25 0x00007ffff2ecaf60 in WebKit::WebPage::drawRect (this=0x91b5f0, graphicsContext=..., rect=...) at ../../Source/WebKit2/WebProcess/WebPage/WebPage.cpp:1292 #26 0x00007ffff2f977da in WebKit::DrawingAreaImpl::display (this=0x814d00, updateInfo=...) at ../../Source/WebKit2/WebProcess/WebPage/DrawingAreaImpl.cpp:664 #27 0x00007ffff2f97096 in WebKit::DrawingAreaImpl::display (this=0x814d00) at ../../Source/WebKit2/WebProcess/WebPage/DrawingAreaImpl.cpp:580 #28 0x00007ffff2f96f54 in WebKit::DrawingAreaImpl::displayTimerFired (this=0x814d00) at ../../Source/WebKit2/WebProcess/WebPage/DrawingAreaImpl.cpp:559 #29 0x00007ffff2f991ad in WTF::RunLoop::Timer<WebKit::DrawingAreaImpl>::fired (this=0x814ef8) at ../../Source/WTF/wtf/RunLoop.h:120 #30 0x00007ffff306a5d1 in WTF::RunLoop::TimerBase::__lambda1::operator() (__closure=0xa1b490) at ../../Source/WTF/wtf/gtk/RunLoopGtk.cpp:121 #31 0x00007ffff306a9b8 in std::_Function_handler<bool(), WTF::RunLoop::TimerBase::start(double, bool)::__lambda1>::_M_invoke(const std::_Any_data &) (__functor=...) at /usr/include/c++/4.8/functional:2057 #32 0x00007ffff3069594 in std::function<bool ()>::operator()() const (this=0x814f40) at /usr/include/c++/4.8/functional:2464 #33 0x00007ffff3068e28 in WTF::GMainLoopSource::boolCallback (this=0x814f08) at ../../Source/WTF/wtf/gobject/GMainLoopSource.cpp:210 #34 0x00007ffff30690c6 in WTF::GMainLoopSource::boolSourceCallback (source=0x814f08, source@entry=<error reading variable: value has been optimized out>) at ../../Source/WTF/wtf/gobject/GMainLoopSource.cpp:261 #35 0x00007fffeb44ee43 in g_timeout_dispatch (source=source@entry=0x7e1d80, callback=<optimized out>, user_data=<optimized out>) at gmain.c:4450 #36 0x00007fffeb44e2e6 in g_main_dispatch (context=0x677bb0) at gmain.c:3065 #37 g_main_context_dispatch (context=context@entry=0x677bb0) at gmain.c:3641 #38 0x00007fffeb44e638 in g_main_context_iterate (context=0x677bb0, block=block@entry=1, dispatch=dispatch@entry=1, self=<optimized out>) at gmain.c:3712 #39 0x00007fffeb44ea3a in g_main_loop_run (loop=0x913eb0) at gmain.c:3906 #40 0x00007ffff306a156 in WTF::RunLoop::run () at ../../Source/WTF/wtf/gtk/RunLoopGtk.cpp:59 #41 0x00007ffff2fa35e0 in WebKit::ChildProcessMain<WebKit::WebProcess, WebKit::WebProcessMain> (argc=2, argv=0x7fffffffda58) at ../../Source/WebKit2/Shared/unix/ChildProcessMain.h:61 #42 0x00007ffff2fa3445 in WebKit::WebProcessMainUnix (argc=2, argv=0x7fffffffda58) at ../../Source/WebKit2/WebProcess/gtk/WebProcessMainGtk.cpp:73 #43 0x000000000040085d in main (argc=2, argv=0x7fffffffda58) at ../../Source/WebKit2/WebProcess/EntryPoint/unix/WebProcessMain.cpp:32