WebKit Bugzilla
New
Browse
Log In
×
Sign in with GitHub
or
Remember my login
Create Account
·
Forgot Password
Forgotten password account recovery
RESOLVED FIXED
166030
ASSERTION FAILED: run->m_stop > 0 in *WebCore::RenderBlockFlow::computeInlineDirectionPositionsForSegment
https://bugs.webkit.org/show_bug.cgi?id=166030
Summary
ASSERTION FAILED: run->m_stop > 0 in *WebCore::RenderBlockFlow::computeInline...
Renata Hodovan
Reported
2016-12-19 12:25:12 PST
Load the attached test with WebKitTestRunner: Checked version: f368f1d OS: Darwin-15.6.0-x86_64-i386-64bit <table><font dir="auto">8888VVVVVVVVVVVVVVV <td></td> RRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRR<body contenteditable="plaintext-only"> Backtrace: ASSERTION FAILED: run->m_stop > 0 WebKit/Source/WebCore/rendering/RenderBlockLineLayout.cpp(897) : WebCore::BidiRun *WebCore::RenderBlockFlow::computeInlineDirectionPositionsForSegment(WebCore::RootInlineBox *, const WebCore::LineInfo &, WebCore::ETextAlign, float &, float &, WebCore::BidiRun *, WebCore::BidiRun *, GlyphOverflowAndFallbackFontsMap &, WebCore::VerticalPositionCache &, WordMeasurements &) 1 0x112d4dc71 WTFCrash 2 0x11c6e62eb WebCore::RenderBlockFlow::computeInlineDirectionPositionsForSegment(WebCore::RootInlineBox*, WebCore::LineInfo const&, WebCore::ETextAlign, float&, float&, WebCore::BidiRun*, WebCore::BidiRun*, WTF::HashMap<WebCore::InlineTextBox const*, std::__1::pair<WTF::Vector<WebCore::Font const*, 0ul, WTF::CrashOnOverflow, 16ul>, WebCore::GlyphOverflow>, WTF::PtrHash<WebCore::InlineTextBox const*>, WTF::HashTraits<WebCore::InlineTextBox const*>, WTF::HashTraits<std::__1::pair<WTF::Vector<WebCore::Font const*, 0ul, WTF::CrashOnOverflow, 16ul>, WebCore::GlyphOverflow> > >&, WebCore::VerticalPositionCache&, WTF::Vector<WebCore::WordMeasurement, 64ul, WTF::CrashOnOverflow, 16ul>&) 3 0x11c6e4094 WebCore::RenderBlockFlow::computeInlineDirectionPositionsForLine(WebCore::RootInlineBox*, WebCore::LineInfo const&, WebCore::BidiRun*, WebCore::BidiRun*, bool, WTF::HashMap<WebCore::InlineTextBox const*, std::__1::pair<WTF::Vector<WebCore::Font const*, 0ul, WTF::CrashOnOverflow, 16ul>, WebCore::GlyphOverflow>, WTF::PtrHash<WebCore::InlineTextBox const*>, WTF::HashTraits<WebCore::InlineTextBox const*>, WTF::HashTraits<std::__1::pair<WTF::Vector<WebCore::Font const*, 0ul, WTF::CrashOnOverflow, 16ul>, WebCore::GlyphOverflow> > >&, WebCore::VerticalPositionCache&, WTF::Vector<WebCore::WordMeasurement, 64ul, WTF::CrashOnOverflow, 16ul>&) 4 0x11c6eafe0 WebCore::RenderBlockFlow::createLineBoxesFromBidiRuns(unsigned int, WebCore::BidiRunList<WebCore::BidiRun>&, WebCore::InlineIterator const&, WebCore::LineInfo&, WebCore::VerticalPositionCache&, WebCore::BidiRun*, WTF::Vector<WebCore::WordMeasurement, 64ul, WTF::CrashOnOverflow, 16ul>&) 5 0x11c6efbe2 WebCore::RenderBlockFlow::layoutRunsAndFloatsInRange(WebCore::LineLayoutState&, WebCore::BidiResolverWithIsolate<WebCore::InlineIterator, WebCore::BidiRun, WebCore::BidiIsolatedRun>&, WebCore::InlineIterator const&, WebCore::BidiStatus const&, unsigned int) 6 0x11c6ebca1 WebCore::RenderBlockFlow::layoutRunsAndFloats(WebCore::LineLayoutState&, bool) 7 0x11c6f7aed WebCore::RenderBlockFlow::layoutLineBoxes(bool, WebCore::LayoutUnit&, WebCore::LayoutUnit&) 8 0x11c672acb WebCore::RenderBlockFlow::layoutInlineChildren(bool, WebCore::LayoutUnit&, WebCore::LayoutUnit&) 9 0x11c66fac1 WebCore::RenderBlockFlow::layoutBlock(bool, WebCore::LayoutUnit) 10 0x11c5b92b4 WebCore::RenderBlock::layout() 11 0x11c67a714 WebCore::RenderBlockFlow::layoutBlockChild(WebCore::RenderBox&, WebCore::RenderBlockFlow::MarginInfo&, WebCore::LayoutUnit&, WebCore::LayoutUnit&) 12 0x11c673280 WebCore::RenderBlockFlow::layoutBlockChildren(bool, WebCore::LayoutUnit&) 13 0x11c66fb38 WebCore::RenderBlockFlow::layoutBlock(bool, WebCore::LayoutUnit) 14 0x11c5b92b4 WebCore::RenderBlock::layout() 15 0x11c67a714 WebCore::RenderBlockFlow::layoutBlockChild(WebCore::RenderBox&, WebCore::RenderBlockFlow::MarginInfo&, WebCore::LayoutUnit&, WebCore::LayoutUnit&) 16 0x11c673280 WebCore::RenderBlockFlow::layoutBlockChildren(bool, WebCore::LayoutUnit&) 17 0x11c66fb38 WebCore::RenderBlockFlow::layoutBlock(bool, WebCore::LayoutUnit) 18 0x11c5b92b4 WebCore::RenderBlock::layout() 19 0x11c67a714 WebCore::RenderBlockFlow::layoutBlockChild(WebCore::RenderBox&, WebCore::RenderBlockFlow::MarginInfo&, WebCore::LayoutUnit&, WebCore::LayoutUnit&) 20 0x11c673280 WebCore::RenderBlockFlow::layoutBlockChildren(bool, WebCore::LayoutUnit&) 21 0x11c66fb38 WebCore::RenderBlockFlow::layoutBlock(bool, WebCore::LayoutUnit) 22 0x11c5b92b4 WebCore::RenderBlock::layout() 23 0x11c67a714 WebCore::RenderBlockFlow::layoutBlockChild(WebCore::RenderBox&, WebCore::RenderBlockFlow::MarginInfo&, WebCore::LayoutUnit&, WebCore::LayoutUnit&) 24 0x11c673280 WebCore::RenderBlockFlow::layoutBlockChildren(bool, WebCore::LayoutUnit&) 25 0x11c66fb38 WebCore::RenderBlockFlow::layoutBlock(bool, WebCore::LayoutUnit) 26 0x11c5b92b4 WebCore::RenderBlock::layout() 27 0x11c67a714 WebCore::RenderBlockFlow::layoutBlockChild(WebCore::RenderBox&, WebCore::RenderBlockFlow::MarginInfo&, WebCore::LayoutUnit&, WebCore::LayoutUnit&) 28 0x11c673280 WebCore::RenderBlockFlow::layoutBlockChildren(bool, WebCore::LayoutUnit&) 29 0x11c66fb38 WebCore::RenderBlockFlow::layoutBlock(bool, WebCore::LayoutUnit) 30 0x11c5b92b4 WebCore::RenderBlock::layout() 31 0x11c67a714 WebCore::RenderBlockFlow::layoutBlockChild(WebCore::RenderBox&, WebCore::RenderBlockFlow::MarginInfo&, WebCore::LayoutUnit&, WebCore::LayoutUnit&) ASAN:DEADLYSIGNAL ================================================================= ==38943==ERROR: AddressSanitizer: SEGV on unknown address 0x0000bbadbeef (pc 0x000112d4dca9 bp 0x7fff56c20e50 sp 0x7fff56c20e40 T0) #0 0x112d4dca8 in WTFCrash (WebKit/WebKitBuild/Debug/JavaScriptCore.framework/Versions/A/JavaScriptCore+0x2f81ca8) #1 0x11c6e62ea in WebCore::RenderBlockFlow::computeInlineDirectionPositionsForSegment(WebCore::RootInlineBox*, WebCore::LineInfo const&, WebCore::ETextAlign, float&, float&, WebCore::BidiRun*, WebCore::BidiRun*, WTF::HashMap<WebCore::InlineTextBox const*, std::__1::pair<WTF::Vector<WebCore::Font const*, 0ul, WTF::CrashOnOverflow, 16ul>, WebCore::GlyphOverflow>, WTF::PtrHash<WebCore::InlineTextBox const*>, WTF::HashTraits<WebCore::InlineTextBox const*>, WTF::HashTraits<std::__1::pair<WTF::Vector<WebCore::Font const*, 0ul, WTF::CrashOnOverflow, 16ul>, WebCore::GlyphOverflow> > >&, WebCore::VerticalPositionCache&, WTF::Vector<WebCore::WordMeasurement, 64ul, WTF::CrashOnOverflow, 16ul>&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x53c52ea) #2 0x11c6e4093 in WebCore::RenderBlockFlow::computeInlineDirectionPositionsForLine(WebCore::RootInlineBox*, WebCore::LineInfo const&, WebCore::BidiRun*, WebCore::BidiRun*, bool, WTF::HashMap<WebCore::InlineTextBox const*, std::__1::pair<WTF::Vector<WebCore::Font const*, 0ul, WTF::CrashOnOverflow, 16ul>, WebCore::GlyphOverflow>, WTF::PtrHash<WebCore::InlineTextBox const*>, WTF::HashTraits<WebCore::InlineTextBox const*>, WTF::HashTraits<std::__1::pair<WTF::Vector<WebCore::Font const*, 0ul, WTF::CrashOnOverflow, 16ul>, WebCore::GlyphOverflow> > >&, WebCore::VerticalPositionCache&, WTF::Vector<WebCore::WordMeasurement, 64ul, WTF::CrashOnOverflow, 16ul>&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x53c3093) #3 0x11c6eafdf in WebCore::RenderBlockFlow::createLineBoxesFromBidiRuns(unsigned int, WebCore::BidiRunList<WebCore::BidiRun>&, WebCore::InlineIterator const&, WebCore::LineInfo&, WebCore::VerticalPositionCache&, WebCore::BidiRun*, WTF::Vector<WebCore::WordMeasurement, 64ul, WTF::CrashOnOverflow, 16ul>&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x53c9fdf) #4 0x11c6efbe1 in WebCore::RenderBlockFlow::layoutRunsAndFloatsInRange(WebCore::LineLayoutState&, WebCore::BidiResolverWithIsolate<WebCore::InlineIterator, WebCore::BidiRun, WebCore::BidiIsolatedRun>&, WebCore::InlineIterator const&, WebCore::BidiStatus const&, unsigned int) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x53cebe1) #5 0x11c6ebca0 in WebCore::RenderBlockFlow::layoutRunsAndFloats(WebCore::LineLayoutState&, bool) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x53caca0) #6 0x11c6f7aec in WebCore::RenderBlockFlow::layoutLineBoxes(bool, WebCore::LayoutUnit&, WebCore::LayoutUnit&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x53d6aec) #7 0x11c672aca in WebCore::RenderBlockFlow::layoutInlineChildren(bool, WebCore::LayoutUnit&, WebCore::LayoutUnit&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x5351aca) #8 0x11c66fac0 in WebCore::RenderBlockFlow::layoutBlock(bool, WebCore::LayoutUnit) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x534eac0) #9 0x11c5b92b3 in WebCore::RenderBlock::layout() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x52982b3) #10 0x11c67a713 in WebCore::RenderBlockFlow::layoutBlockChild(WebCore::RenderBox&, WebCore::RenderBlockFlow::MarginInfo&, WebCore::LayoutUnit&, WebCore::LayoutUnit&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x5359713) #11 0x11c67327f in WebCore::RenderBlockFlow::layoutBlockChildren(bool, WebCore::LayoutUnit&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x535227f) #12 0x11c66fb37 in WebCore::RenderBlockFlow::layoutBlock(bool, WebCore::LayoutUnit) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x534eb37) #13 0x11c5b92b3 in WebCore::RenderBlock::layout() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x52982b3) #14 0x11c67a713 in WebCore::RenderBlockFlow::layoutBlockChild(WebCore::RenderBox&, WebCore::RenderBlockFlow::MarginInfo&, WebCore::LayoutUnit&, WebCore::LayoutUnit&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x5359713) #15 0x11c67327f in WebCore::RenderBlockFlow::layoutBlockChildren(bool, WebCore::LayoutUnit&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x535227f) #16 0x11c66fb37 in WebCore::RenderBlockFlow::layoutBlock(bool, WebCore::LayoutUnit) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x534eb37) #17 0x11c5b92b3 in WebCore::RenderBlock::layout() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x52982b3) #18 0x11c67a713 in WebCore::RenderBlockFlow::layoutBlockChild(WebCore::RenderBox&, WebCore::RenderBlockFlow::MarginInfo&, WebCore::LayoutUnit&, WebCore::LayoutUnit&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x5359713) #19 0x11c67327f in WebCore::RenderBlockFlow::layoutBlockChildren(bool, WebCore::LayoutUnit&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x535227f) #20 0x11c66fb37 in WebCore::RenderBlockFlow::layoutBlock(bool, WebCore::LayoutUnit) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x534eb37) #21 0x11c5b92b3 in WebCore::RenderBlock::layout() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x52982b3) #22 0x11c67a713 in WebCore::RenderBlockFlow::layoutBlockChild(WebCore::RenderBox&, WebCore::RenderBlockFlow::MarginInfo&, WebCore::LayoutUnit&, WebCore::LayoutUnit&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x5359713) #23 0x11c67327f in WebCore::RenderBlockFlow::layoutBlockChildren(bool, WebCore::LayoutUnit&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x535227f) #24 0x11c66fb37 in WebCore::RenderBlockFlow::layoutBlock(bool, WebCore::LayoutUnit) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x534eb37) #25 0x11c5b92b3 in WebCore::RenderBlock::layout() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x52982b3) #26 0x11c67a713 in WebCore::RenderBlockFlow::layoutBlockChild(WebCore::RenderBox&, WebCore::RenderBlockFlow::MarginInfo&, WebCore::LayoutUnit&, WebCore::LayoutUnit&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x5359713) #27 0x11c67327f in WebCore::RenderBlockFlow::layoutBlockChildren(bool, WebCore::LayoutUnit&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x535227f) #28 0x11c66fb37 in WebCore::RenderBlockFlow::layoutBlock(bool, WebCore::LayoutUnit) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x534eb37) #29 0x11c5b92b3 in WebCore::RenderBlock::layout() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x52982b3) #30 0x11c67a713 in WebCore::RenderBlockFlow::layoutBlockChild(WebCore::RenderBox&, WebCore::RenderBlockFlow::MarginInfo&, WebCore::LayoutUnit&, WebCore::LayoutUnit&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x5359713) #31 0x11c67327f in WebCore::RenderBlockFlow::layoutBlockChildren(bool, WebCore::LayoutUnit&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x535227f) #32 0x11c66fb37 in WebCore::RenderBlockFlow::layoutBlock(bool, WebCore::LayoutUnit) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x534eb37) #33 0x11c5b92b3 in WebCore::RenderBlock::layout() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x52982b3) #34 0x11c67a713 in WebCore::RenderBlockFlow::layoutBlockChild(WebCore::RenderBox&, WebCore::RenderBlockFlow::MarginInfo&, WebCore::LayoutUnit&, WebCore::LayoutUnit&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x5359713) #35 0x11c67327f in WebCore::RenderBlockFlow::layoutBlockChildren(bool, WebCore::LayoutUnit&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x535227f) #36 0x11c66fb37 in WebCore::RenderBlockFlow::layoutBlock(bool, WebCore::LayoutUnit) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x534eb37) #37 0x11c5b92b3 in WebCore::RenderBlock::layout() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x52982b3) #38 0x11c67a713 in WebCore::RenderBlockFlow::layoutBlockChild(WebCore::RenderBox&, WebCore::RenderBlockFlow::MarginInfo&, WebCore::LayoutUnit&, WebCore::LayoutUnit&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x5359713) #39 0x11c67327f in WebCore::RenderBlockFlow::layoutBlockChildren(bool, WebCore::LayoutUnit&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x535227f) #40 0x11c66fb37 in WebCore::RenderBlockFlow::layoutBlock(bool, WebCore::LayoutUnit) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x534eb37) #41 0x11c5b92b3 in WebCore::RenderBlock::layout() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x52982b3) #42 0x11c67a713 in WebCore::RenderBlockFlow::layoutBlockChild(WebCore::RenderBox&, WebCore::RenderBlockFlow::MarginInfo&, WebCore::LayoutUnit&, WebCore::LayoutUnit&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x5359713) #43 0x11c67327f in WebCore::RenderBlockFlow::layoutBlockChildren(bool, WebCore::LayoutUnit&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x535227f) #44 0x11c66fb37 in WebCore::RenderBlockFlow::layoutBlock(bool, WebCore::LayoutUnit) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x534eb37) #45 0x11c5b92b3 in WebCore::RenderBlock::layout() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x52982b3) #46 0x11c67a713 in WebCore::RenderBlockFlow::layoutBlockChild(WebCore::RenderBox&, WebCore::RenderBlockFlow::MarginInfo&, WebCore::LayoutUnit&, WebCore::LayoutUnit&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x5359713) #47 0x11c67327f in WebCore::RenderBlockFlow::layoutBlockChildren(bool, WebCore::LayoutUnit&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x535227f) #48 0x11c66fb37 in WebCore::RenderBlockFlow::layoutBlock(bool, WebCore::LayoutUnit) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x534eb37) #49 0x11c5b92b3 in WebCore::RenderBlock::layout() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x52982b3) #50 0x11c67a713 in WebCore::RenderBlockFlow::layoutBlockChild(WebCore::RenderBox&, WebCore::RenderBlockFlow::MarginInfo&, WebCore::LayoutUnit&, WebCore::LayoutUnit&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x5359713) #51 0x11c67327f in WebCore::RenderBlockFlow::layoutBlockChildren(bool, WebCore::LayoutUnit&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x535227f) #52 0x11c66fb37 in WebCore::RenderBlockFlow::layoutBlock(bool, WebCore::LayoutUnit) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x534eb37) #53 0x11c5b92b3 in WebCore::RenderBlock::layout() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x52982b3) #54 0x11cfebae5 in WebCore::RenderView::layoutContent(WebCore::LayoutState const&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x5ccaae5) #55 0x11cfedf45 in WebCore::RenderView::layout() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x5cccf45) #56 0x118ec6a7e in WebCore::FrameView::layout(bool) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x1ba5a7e) #57 0x1184faf29 in WebCore::Document::updateLayout() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x11d9f29) #58 0x118503a70 in WebCore::Document::updateLayoutIgnorePendingStylesheets(WebCore::Document::RunPostLayoutTasks) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x11e2a70) #59 0x1188e26c9 in WebCore::Element::focus(bool, WebCore::FocusDirection) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x15c16c9) #60 0x1193065be in WebCore::HTMLFormControlElement::didAttachRenderers()::$_1::operator()() const (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x1fe55be) #61 0x119306478 in WTF::Function<void ()>::CallableWrapper<WebCore::HTMLFormControlElement::didAttachRenderers()::$_1>::call() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x1fe5478) #62 0x1174824f0 in WTF::Function<void ()>::operator()() const (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x1614f0) #63 0x11d9e0b4c in WebCore::Style::PostResolutionCallbackDisabler::~PostResolutionCallbackDisabler() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x66bfb4c) #64 0x11d9e0c14 in WebCore::Style::PostResolutionCallbackDisabler::~PostResolutionCallbackDisabler() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x66bfc14) #65 0x1185026be in WebCore::Document::recalcStyle(WebCore::Style::Change) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x11e16be) #66 0x1184ec8ca in WebCore::Document::updateStyleIfNeeded() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x11cb8ca) #67 0x118527ae9 in WebCore::Document::finishedParsing() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x1206ae9) #68 0x119215195 in WebCore::HTMLConstructionSite::finishedParsing() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x1ef4195) #69 0x1195309b7 in WebCore::HTMLTreeBuilder::finished() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x220f9b7) #70 0x11928f3db in WebCore::HTMLDocumentParser::end() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x1f6e3db) #71 0x11928b116 in WebCore::HTMLDocumentParser::attemptToRunDeferredScriptsAndEnd() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x1f6a116) #72 0x11928ad7d in WebCore::HTMLDocumentParser::prepareToStopParsing() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x1f69d7d) #73 0x11928c59a in WebCore::HTMLDocumentParser::endIfDelayed() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x1f6b59a) #74 0x11928c415 in WebCore::HTMLDocumentParser::resumeParsingAfterYield() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x1f6b415) #75 0x11944f8b5 in WebCore::HTMLParserScheduler::continueNextChunkTimerFired() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x212e8b5) #76 0x119453bb8 in void std::__1::__invoke_void_return_wrapper<void>::__call<std::__1::__bind<void (WebCore::HTMLParserScheduler::*&)(), WebCore::HTMLParserScheduler*>&>(std::__1::__bind<void (WebCore::HTMLParserScheduler::*&)(), WebCore::HTMLParserScheduler*>&&&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x2132bb8) #77 0x1194538c8 in std::__1::__function::__func<std::__1::__bind<void (WebCore::HTMLParserScheduler::*&)(), WebCore::HTMLParserScheduler*>, std::__1::allocator<std::__1::__bind<void (WebCore::HTMLParserScheduler::*&)(), WebCore::HTMLParserScheduler*> >, void ()>::operator()() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x21328c8) #78 0x117434a94 in std::__1::function<void ()>::operator()() const (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x113a94) #79 0x117434628 in WebCore::Timer::fired() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x113628) #80 0x11de950de in WebCore::ThreadTimers::sharedTimerFiredInternal() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x6b740de) #81 0x11de98290 in WebCore::ThreadTimers::setSharedTimer(WebCore::SharedTimer*)::$_0::operator()() const (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x6b77290) #82 0x11de9825c in void std::__1::__invoke_void_return_wrapper<void>::__call<WebCore::ThreadTimers::setSharedTimer(WebCore::SharedTimer*)::$_0&>(WebCore::ThreadTimers::setSharedTimer(WebCore::SharedTimer*)::$_0&&&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x6b7725c) #83 0x11de98208 in std::__1::__function::__func<WebCore::ThreadTimers::setSharedTimer(WebCore::SharedTimer*)::$_0, std::__1::allocator<WebCore::ThreadTimers::setSharedTimer(WebCore::SharedTimer*)::$_0>, void ()>::operator()() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x6b77208) #84 0x117434a94 in std::__1::function<void ()>::operator()() const (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x113a94) #85 0x11bc4c46d in WebCore::MainThreadSharedTimer::fired() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x492b46d) #86 0x11bc4ccf2 in WebCore::timerFired(__CFRunLoopTimer*, void*) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x492bcf2) #87 0x7fff94ee5af3 in __CFRUNLOOP_IS_CALLING_OUT_TO_A_TIMER_CALLBACK_FUNCTION__ (/System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation+0x92af3) #88 0x7fff94ee5782 in __CFRunLoopDoTimer (/System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation+0x92782) #89 0x7fff94ee52d9 in __CFRunLoopDoTimers (/System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation+0x922d9) #90 0x7fff94edc7d0 in __CFRunLoopRun (/System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation+0x897d0) #91 0x7fff94edbe37 in CFRunLoopRunSpecific (/System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation+0x88e37) #92 0x7fff93297934 in RunCurrentEventLoopInMode (/System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/HIToolbox.framework/Versions/A/HIToolbox+0x30934) #93 0x7fff9329776e in ReceiveNextEventCommon (/System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/HIToolbox.framework/Versions/A/HIToolbox+0x3076e) #94 0x7fff932975ae in _BlockUntilNextEventMatchingListInModeWithFilter (/System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/HIToolbox.framework/Versions/A/HIToolbox+0x305ae) #95 0x7fff98137df5 in _DPSNextEvent (/System/Library/Frameworks/AppKit.framework/Versions/C/AppKit+0x48df5) #96 0x7fff98137225 in -[NSApplication _nextEventMatchingEventMask:untilDate:inMode:dequeue:] (/System/Library/Frameworks/AppKit.framework/Versions/C/AppKit+0x48225) #97 0x7fff9812bd7f in -[NSApplication run] (/System/Library/Frameworks/AppKit.framework/Versions/C/AppKit+0x3cd7f) #98 0x7fff980f5367 in NSApplicationMain (/System/Library/Frameworks/AppKit.framework/Versions/C/AppKit+0x6367) #99 0x7fff8beec193 in _xpc_objc_main (/usr/lib/system/libxpc.dylib+0x11193) #100 0x7fff8beeabbd in xpc_main (/usr/lib/system/libxpc.dylib+0xfbbd) #101 0x108fc4f73 in main (WebKit/WebKitBuild/Debug/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent.Development+0x100001f73) #102 0x7fff9ecd85ac in start (/usr/lib/system/libdyld.dylib+0x35ac) #103 0x0 (<unknown module>) AddressSanitizer can not provide additional info. SUMMARY: AddressSanitizer: SEGV (WebKit/WebKitBuild/Debug/JavaScriptCore.framework/Versions/A/JavaScriptCore+0x2f81ca8) in WTFCrash ==38943==ABORTING #CRASHED - com.apple.WebKit.WebContent.Development (pid 38943)
Attachments
Test
(146 bytes, text/html)
2016-12-19 12:25 PST
,
Renata Hodovan
no flags
Details
Test reduction
(114 bytes, text/html)
2016-12-23 20:59 PST
,
zalan
no flags
Details
Test reduction
(155 bytes, text/html)
2016-12-25 15:29 PST
,
zalan
no flags
Details
Patch
(4.90 KB, patch)
2017-01-07 15:21 PST
,
Myles C. Maxfield
no flags
Details
Formatted Diff
Diff
Archive of layout-test-results from ews102 for mac-elcapitan
(781.97 KB, application/zip)
2017-01-07 16:20 PST
,
Build Bot
no flags
Details
Archive of layout-test-results from ews104 for mac-elcapitan-wk2
(963.13 KB, application/zip)
2017-01-07 16:24 PST
,
Build Bot
no flags
Details
Archive of layout-test-results from ews116 for mac-elcapitan
(1.66 MB, application/zip)
2017-01-07 16:40 PST
,
Build Bot
no flags
Details
Patch
(4.28 KB, patch)
2017-01-09 17:41 PST
,
Myles C. Maxfield
no flags
Details
Formatted Diff
Diff
Patch
(4.25 KB, patch)
2017-01-10 15:47 PST
,
Myles C. Maxfield
rniwa
: review+
Details
Formatted Diff
Diff
Patch for committing
(4.51 KB, patch)
2017-01-10 23:21 PST
,
Myles C. Maxfield
commit-queue
: commit-queue-
Details
Formatted Diff
Diff
Show Obsolete
(7)
View All
Add attachment
proposed patch, testcase, etc.
Renata Hodovan
Comment 1
2016-12-19 12:25:15 PST
Created
attachment 297473
[details]
Test
zalan
Comment 2
2016-12-23 20:59:10 PST
Created
attachment 297730
[details]
Test reduction
zalan
Comment 3
2016-12-25 15:29:29 PST
Created
attachment 297756
[details]
Test reduction We end up processing a fake isolated run. Not sure at which point we are supposed to get rid of it.
Myles C. Maxfield
Comment 4
2017-01-07 15:21:09 PST
Created
attachment 298286
[details]
Patch
Myles C. Maxfield
Comment 5
2017-01-07 15:22:08 PST
(In reply to
comment #3
)
> Created
attachment 297756
[details]
> Test reduction > > We end up processing a fake isolated run. Not sure at which point we are > supposed to get rid of it.
// Note that we do not delete the runs from the resolver. // We're not guaranteed to get any BidiRuns in the previous step. If we don't, we allow the placeholder // itself to be turned into an InlineBox. We can't remove it here without potentially losing track of // the logically last run.
Build Bot
Comment 6
2017-01-07 16:20:26 PST
Comment on
attachment 298286
[details]
Patch
Attachment 298286
[details]
did not pass mac-ews (mac): Output:
http://webkit-queues.webkit.org/results/2851120
New failing tests: fast/text/word-space.html
Build Bot
Comment 7
2017-01-07 16:20:30 PST
Created
attachment 298288
[details]
Archive of layout-test-results from ews102 for mac-elcapitan The attached test failures were seen while running run-webkit-tests on the mac-ews. Bot: ews102 Port: mac-elcapitan Platform: Mac OS X 10.11.6
Build Bot
Comment 8
2017-01-07 16:24:14 PST
Comment on
attachment 298286
[details]
Patch
Attachment 298286
[details]
did not pass mac-wk2-ews (mac-wk2): Output:
http://webkit-queues.webkit.org/results/2851123
New failing tests: fast/text/word-space.html
Build Bot
Comment 9
2017-01-07 16:24:18 PST
Created
attachment 298289
[details]
Archive of layout-test-results from ews104 for mac-elcapitan-wk2 The attached test failures were seen while running run-webkit-tests on the mac-wk2-ews. Bot: ews104 Port: mac-elcapitan-wk2 Platform: Mac OS X 10.11.6
Build Bot
Comment 10
2017-01-07 16:40:20 PST
Comment on
attachment 298286
[details]
Patch
Attachment 298286
[details]
did not pass mac-debug-ews (mac): Output:
http://webkit-queues.webkit.org/results/2851126
New failing tests: fast/text/word-space.html
Build Bot
Comment 11
2017-01-07 16:40:24 PST
Created
attachment 298290
[details]
Archive of layout-test-results from ews116 for mac-elcapitan The attached test failures were seen while running run-webkit-tests on the mac-debug-ews. Bot: ews116 Port: mac-elcapitan Platform: Mac OS X 10.11.6
Myles C. Maxfield
Comment 12
2017-01-09 17:41:30 PST
Created
attachment 298427
[details]
Patch
Said Abou-Hallawa
Comment 13
2017-01-09 18:27:45 PST
Comment on
attachment 298427
[details]
Patch View in context:
https://bugs.webkit.org/attachment.cgi?id=298427&action=review
> Source/WebCore/rendering/RenderBlockLineLayout.cpp:900 > + needsWordSpacing = run->m_stop > 0 && !isSpaceOrNewline(renderText.characterAt(run->m_stop - 1)) && run->m_stop == length;
There is no need to check run->m_stop > 0 since you are checking run->m_stop == length and length > 0 since it is unsigned and it is not zero. I would suggest moving the condition run->m_stop == length at the beginning to prevent calculating run->m_stop - 1 if run->m_stop == 0. needsWordSpacing = run->m_stop == length && !isSpaceOrNewline(renderText.characterAt(run->m_stop - 1));
Myles C. Maxfield
Comment 14
2017-01-10 15:47:05 PST
Created
attachment 298517
[details]
Patch
Ryosuke Niwa
Comment 15
2017-01-10 15:55:32 PST
Comment on
attachment 298517
[details]
Patch View in context:
https://bugs.webkit.org/attachment.cgi?id=298517&action=review
> Source/WebCore/ChangeLog:9 > + In the general case, it is impossible to have an empty BiDi run (because > + we filter them out). However, when using isolates, we invoke extra machinery
This is a big misleading. “general case” usually refers to the most generic scenario, which certainly includes the case where unicode-bidi: isolate is used. It’s probably more accurate to “Ordinarily, we don’t have” or “Usually, we don’t have”. Furthermore, “it is impossible” seems rather too strong of a word to describe a condition that doesn’t hold under certain circumstances.
> Source/WebCore/rendering/RenderBlockLineLayout.cpp:-900 > - ASSERT(run->m_stop > 0);
Why don’t we assert that either run->m_stop > 0 or that the run is created for unicode-bidi instead?
> LayoutTests/fast/text/bidi-isolate-empty-run.html:1 > +<style>
I’d prefer having at least DOCTYPE and body so that we’re testing the strict mode, and not quirks mode.
Myles C. Maxfield
Comment 16
2017-01-10 23:21:22 PST
Created
attachment 298556
[details]
Patch for committing
WebKit Commit Bot
Comment 17
2017-01-11 07:51:13 PST
Comment on
attachment 298556
[details]
Patch for committing Rejecting
attachment 298556
[details]
from commit-queue. Failed to run "['/Volumes/Data/EWS/WebKit/Tools/Scripts/webkit-patch', '--status-host=webkit-queues.webkit.org', '--bot-id=webkit-cq-03', 'validate-changelog', '--check-oops', '--non-interactive', 298556, '--port=mac']" exit_code: 1 cwd: /Volumes/Data/EWS/WebKit ChangeLog entry in LayoutTests/ChangeLog contains OOPS!. Full output:
http://webkit-queues.webkit.org/results/2870057
Myles C. Maxfield
Comment 18
2017-01-11 15:07:27 PST
Committed
r210601
: <
http://trac.webkit.org/changeset/210601
>
Note
You need to
log in
before you can comment on or make changes to this bug.
Top of Page
Format For Printing
XML
Clone This Bug