WebKit Bugzilla
New
Browse
Search+
Log In
×
Sign in with GitHub
or
Remember my login
Create Account
·
Forgot Password
Forgotten password account recovery
RESOLVED WORKSFORME
135664
ASSERTION FAILED: m_flowThread->objectShouldFragmentInFlowRegion(box, this) in WebCore::RenderRegion::ensureOverflowForBox
https://bugs.webkit.org/show_bug.cgi?id=135664
Summary
ASSERTION FAILED: m_flowThread->objectShouldFragmentInFlowRegion(box, this) i...
Renata Hodovan
Reported
2014-08-06 12:20:15 PDT
Created
attachment 236124
[details]
Test case The failing test: <style> * { -webkit-column-count:2; } </style> <li></li> <audio controls></audio> <style> body { -webkit-column-count:auto; } </style> The backtrace: ASSERTION FAILED: m_flowThread->objectShouldFragmentInFlowRegion(box, this) ../../Source/WebCore/rendering/RenderRegion.cpp(447) : void WebCore::RenderRegion::ensureOverflowForBox(const WebCore::RenderBox*, WTF::RefPtr<WebCore::RenderOverflow>&, bool) Program received signal SIGSEGV, Segmentation fault. [Switching to Thread 0x7fff97334700 (LWP 22285)] 0x00007ffff301845c in WTFCrash () at ../../Source/WTF/wtf/Assertions.cpp:329 329 *(int *)(uintptr_t)0xbbadbeef = 0; #0 0x00007ffff301845c in WTFCrash () at ../../Source/WTF/wtf/Assertions.cpp:329 #1 0x00007ffff3ed1434 in WebCore::RenderRegion::ensureOverflowForBox (this=0xa39700, box=0x8cadd0, overflow=..., forceCreation=true) at ../../Source/WebCore/rendering/RenderRegion.cpp:447 #2 0x00007ffff3ed1ac4 in WebCore::RenderRegion::visualOverflowRectForBox (this=0xa39700, box=0x8cadd0) at ../../Source/WebCore/rendering/RenderRegion.cpp:537 #3 0x00007ffff3ecfd6c in WebCore::RenderRegion::overflowRectForFlowThreadPortion (this=0xa39700, flowThreadPortionRect=..., isFirstPortion=true, isLastPortion=true, overflowType=WebCore::RenderRegion::VisualOverflow) at ../../Source/WebCore/rendering/RenderRegion.cpp:159 #4 0x00007ffff3ecfbf7 in WebCore::RenderRegion::flowThreadPortionOverflowRect (this=0xa39700) at ../../Source/WebCore/rendering/RenderRegion.cpp:134 #5 0x00007ffff3ead4ac in WebCore::RenderMultiColumnSet::collectLayerFragments (this=0xa39700, fragments=..., layerBoundingBox=..., dirtyRect=...) at ../../Source/WebCore/rendering/RenderMultiColumnSet.cpp:741 #6 0x00007ffff3e0aac7 in WebCore::RenderFlowThread::fragmentsBoundingBox (this=0x8cadd0, layerBoundingBox=...) at ../../Source/WebCore/rendering/RenderFlowThread.cpp:1158 #7 0x00007ffff3e54a7c in WebCore::RenderLayer::collectFragments (this=0xa59530, fragments=..., rootLayer=0x91f200, dirtyRect=..., inclusionMode=WebCore::RenderLayer::ExcludeCompositedPaginatedLayers, clipRectsType=WebCore::PaintingClipRects, inOverlayScrollbarSizeRelevancy=WebCore::IgnoreOverlayScrollbarSize, respectOverflowClip=WebCore::RespectOverflowClip, offsetFromRoot=..., layerBoundingBox=0x0, applyRootOffsetToFragments=WebCore::IgnoreRootOffsetForFragments) at ../../Source/WebCore/rendering/RenderLayer.cpp:4250 #8 0x00007ffff3e53dba in WebCore::RenderLayer::paintLayerContents (this=0xa59530, context=0xabea60, paintingInfo=..., paintFlags=224) at ../../Source/WebCore/rendering/RenderLayer.cpp:4072 #9 0x00007ffff3e52bf6 in WebCore::RenderLayer::paintLayerContentsAndReflection (this=0xa59530, context=0xabea60, paintingInfo=..., paintFlags=224) at ../../Source/WebCore/rendering/RenderLayer.cpp:3773 #10 0x00007ffff3e52ac9 in WebCore::RenderLayer::paintLayer (this=0xa59530, context=0xabea60, paintingInfo=..., paintFlags=224) at ../../Source/WebCore/rendering/RenderLayer.cpp:3755 #11 0x00007ffff3e5469a in WebCore::RenderLayer::paintList (this=0x8cbae0, list=0x8a3900, context=0xabea60, paintingInfo=..., paintFlags=224) at ../../Source/WebCore/rendering/RenderLayer.cpp:4186 #12 0x00007ffff3e53fe0 in WebCore::RenderLayer::paintLayerContents (this=0x8cbae0, context=0xabea60, paintingInfo=..., paintFlags=224) at ../../Source/WebCore/rendering/RenderLayer.cpp:4098 #13 0x00007ffff3e52bf6 in WebCore::RenderLayer::paintLayerContentsAndReflection (this=0x8cbae0, context=0xabea60, paintingInfo=..., paintFlags=224) at ../../Source/WebCore/rendering/RenderLayer.cpp:3773 #14 0x00007ffff3e52ac9 in WebCore::RenderLayer::paintLayer (this=0x8cbae0, context=0xabea60, paintingInfo=..., paintFlags=224) at ../../Source/WebCore/rendering/RenderLayer.cpp:3755 #15 0x00007ffff3e5469a in WebCore::RenderLayer::paintList (this=0x9dba30, list=0x9e7150, context=0xabea60, paintingInfo=..., paintFlags=224) at ../../Source/WebCore/rendering/RenderLayer.cpp:4186 #16 0x00007ffff3e53fe0 in WebCore::RenderLayer::paintLayerContents (this=0x9dba30, context=0xabea60, paintingInfo=..., paintFlags=224) at ../../Source/WebCore/rendering/RenderLayer.cpp:4098 #17 0x00007ffff3e52bf6 in WebCore::RenderLayer::paintLayerContentsAndReflection (this=0x9dba30, context=0xabea60, paintingInfo=..., paintFlags=224) at ../../Source/WebCore/rendering/RenderLayer.cpp:3773 #18 0x00007ffff3e52ac9 in WebCore::RenderLayer::paintLayer (this=0x9dba30, context=0xabea60, paintingInfo=..., paintFlags=224) at ../../Source/WebCore/rendering/RenderLayer.cpp:3755 #19 0x00007ffff3e5469a in WebCore::RenderLayer::paintList (this=0xa16860, list=0x93f670, context=0xabea60, paintingInfo=..., paintFlags=224) at ../../Source/WebCore/rendering/RenderLayer.cpp:4186 #20 0x00007ffff3e53fe0 in WebCore::RenderLayer::paintLayerContents (this=0xa16860, context=0xabea60, paintingInfo=..., paintFlags=224) at ../../Source/WebCore/rendering/RenderLayer.cpp:4098 #21 0x00007ffff3e52bf6 in WebCore::RenderLayer::paintLayerContentsAndReflection (this=0xa16860, context=0xabea60, paintingInfo=..., paintFlags=224) at ../../Source/WebCore/rendering/RenderLayer.cpp:3773 #22 0x00007ffff3e52ac9 in WebCore::RenderLayer::paintLayer (this=0xa16860, context=0xabea60, paintingInfo=..., paintFlags=224) at ../../Source/WebCore/rendering/RenderLayer.cpp:3755 #23 0x00007ffff3e5469a in WebCore::RenderLayer::paintList (this=0x91f200, list=0xaa4b30, context=0xabea60, paintingInfo=..., paintFlags=224) at ../../Source/WebCore/rendering/RenderLayer.cpp:4186 #24 0x00007ffff3e53fe0 in WebCore::RenderLayer::paintLayerContents (this=0x91f200, context=0xabea60, paintingInfo=..., paintFlags=224) at ../../Source/WebCore/rendering/RenderLayer.cpp:4098 #25 0x00007ffff3e52bf6 in WebCore::RenderLayer::paintLayerContentsAndReflection (this=0x91f200, context=0xabea60, paintingInfo=..., paintFlags=0) at ../../Source/WebCore/rendering/RenderLayer.cpp:3773 #26 0x00007ffff3e52ac9 in WebCore::RenderLayer::paintLayer (this=0x91f200, context=0xabea60, paintingInfo=..., paintFlags=0) at ../../Source/WebCore/rendering/RenderLayer.cpp:3755 #27 0x00007ffff3e51ba6 in WebCore::RenderLayer::paint (this=0x91f200, context=0xabea60, damageRect=..., subpixelAccumulation=..., paintBehavior=0, subtreePaintRoot=0x0, paintFlags=0) at ../../Source/WebCore/rendering/RenderLayer.cpp:3554 #28 0x00007ffff3ad6912 in WebCore::FrameView::paintContents (this=0x8ba230, context=0xabea60, dirtyRect=...) at ../../Source/WebCore/page/FrameView.cpp:3693 #29 0x00007ffff3b840fa in WebCore::ScrollView::paint (this=0x8ba230, context=0xabea60, rect=...) at ../../Source/WebCore/platform/ScrollView.cpp:1203 #30 0x00007ffff2eca1f4 in WebKit::WebPage::drawRect (this=0x815480, graphicsContext=..., rect=...) at ../../Source/WebKit2/WebProcess/WebPage/WebPage.cpp:1292 #31 0x00007ffff2f96a6e in WebKit::DrawingAreaImpl::display (this=0x91db90, updateInfo=...) at ../../Source/WebKit2/WebProcess/WebPage/DrawingAreaImpl.cpp:664 #32 0x00007ffff2f9632a in WebKit::DrawingAreaImpl::display (this=0x91db90) at ../../Source/WebKit2/WebProcess/WebPage/DrawingAreaImpl.cpp:580 #33 0x00007ffff2f961e8 in WebKit::DrawingAreaImpl::displayTimerFired (this=0x91db90) at ../../Source/WebKit2/WebProcess/WebPage/DrawingAreaImpl.cpp:559 #34 0x00007ffff2f98441 in WTF::RunLoop::Timer<WebKit::DrawingAreaImpl>::fired (this=0x91dd88) at ../../Source/WTF/wtf/RunLoop.h:120 #35 0x00007ffff3069865 in WTF::RunLoop::TimerBase::__lambda1::operator() (__closure=0x76ab90) at ../../Source/WTF/wtf/gtk/RunLoopGtk.cpp:121 #36 0x00007ffff3069c4c in std::_Function_handler<bool(), WTF::RunLoop::TimerBase::start(double, bool)::__lambda1>::_M_invoke(const std::_Any_data &) (__functor=...) at /usr/include/c++/4.8/functional:2057 #37 0x00007ffff3068828 in std::function<bool ()>::operator()() const (this=0x91ddd0) at /usr/include/c++/4.8/functional:2464 #38 0x00007ffff30680bc in WTF::GMainLoopSource::boolCallback (this=0x91dd98) at ../../Source/WTF/wtf/gobject/GMainLoopSource.cpp:210 #39 0x00007ffff306835a in WTF::GMainLoopSource::boolSourceCallback (source=0x91dd98, source@entry=<error reading variable: value has been optimized out>) at ../../Source/WTF/wtf/gobject/GMainLoopSource.cpp:261 #40 0x00007fffeb440e43 in g_timeout_dispatch (source=source@entry=0xa15550, callback=<optimized out>, user_data=<optimized out>) at gmain.c:4450 #41 0x00007fffeb4402e6 in g_main_dispatch (context=0x677bc0) at gmain.c:3065 #42 g_main_context_dispatch (context=context@entry=0x677bc0) at gmain.c:3641 #43 0x00007fffeb440638 in g_main_context_iterate (context=0x677bc0, block=block@entry=1, dispatch=dispatch@entry=1, self=<optimized out>) at gmain.c:3712 #44 0x00007fffeb440a3a in g_main_loop_run (loop=0x709730) at gmain.c:3906 #45 0x00007ffff30693ea in WTF::RunLoop::run () at ../../Source/WTF/wtf/gtk/RunLoopGtk.cpp:59 #46 0x00007ffff2fa2874 in WebKit::ChildProcessMain<WebKit::WebProcess, WebKit::WebProcessMain> (argc=2, argv=0x7fffffffda58) at ../../Source/WebKit2/Shared/unix/ChildProcessMain.h:61 #47 0x00007ffff2fa26d9 in WebKit::WebProcessMainUnix (argc=2, argv=0x7fffffffda58) at ../../Source/WebKit2/WebProcess/gtk/WebProcessMainGtk.cpp:73 #48 0x000000000040085d in main (argc=2, argv=0x7fffffffda58) at ../../Source/WebKit2/WebProcess/EntryPoint/unix/WebProcessMain.cpp:32
Attachments
Test case
(142 bytes, text/html)
2014-08-06 12:20 PDT
,
Renata Hodovan
no flags
Details
View All
Add attachment
proposed patch, testcase, etc.
Brent Fulgham
Comment 1
2016-08-03 14:55:19 PDT
This issue no longer occurs under GuardMalloc or ASAN as of
r204037
. If you believe there is still a bug, please reopen this issue with a revised test case.
Note
You need to
log in
before you can comment on or make changes to this bug.
Top of Page
Format For Printing
XML
Clone This Bug