229820 – [ BigSur arm64 EWS ] ASSERTION FAILED: !needsLayout() ./rendering/RenderView.cpp(305) : virtual void WebCore::RenderView::paint(WebCore::PaintInfo &, const WebCore::LayoutPoint &)

NEW 229820

[ BigSur arm64 EWS ] ASSERTION FAILED: !needsLayout() ./rendering/RenderView.cpp(305) : virtual void WebCore::RenderView::paint(WebCore::PaintInfo &, const WebCore::LayoutPoint &)

https://bugs.webkit.org/show_bug.cgi?id=229820

Summary [ BigSur arm64 EWS ] ASSERTION FAILED: !needsLayout() ./rendering/RenderView....

ayumi_kojima

Reported 2021-09-02 12:03:17 PDT

loader/stateobjects/pushstate-size.html Is flaky crashing on macOS-AppleSilicon-Big-Sur-Debug-WK2-Tests-EWS The crash is not seen in the open source director: https://results.webkit.org/?suite=layout-tests&test=loader/stateobjects/pushstate-size.html The test started being flaky at https://ews-build.webkit.org/#/builders/60/builds/6813 Crash log: ASSERTION FAILED: !needsLayout() ./rendering/RenderView.cpp(305) : virtual void WebCore::RenderView::paint(WebCore::PaintInfo &, const WebCore::LayoutPoint &) 1 0x13981406c WTFCrash 2 0x117e98ff0 JSC::JSValue::isUndefined() const 3 0x11c53a248 WebCore::RenderView::paint(WebCore::PaintInfo&, WebCore::LayoutPoint const&) 4 0x11c3cb678 WebCore::RenderLayer::paintBackgroundForFragments(WTF::Vector<WebCore::LayerFragment, 1ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc> const&, WebCore::GraphicsContext&, WebCore::GraphicsContext&, WebCore::LayoutRect const&, bool, WebCore::RenderLayer::LayerPaintingInfo const&, WTF::OptionSet<WebCore::PaintBehavior>, WebCore::RenderObject*) 5 0x11c3c7fd0 WebCore::RenderLayer::paintLayerContents(WebCore::GraphicsContext&, WebCore::RenderLayer::LayerPaintingInfo const&, WTF::OptionSet<WebCore::RenderLayer::PaintLayerFlag>) 6 0x11c3e8fdc WebCore::RenderLayerBacking::paintIntoLayer(WebCore::GraphicsLayer const*, WebCore::GraphicsContext&, WebCore::IntRect const&, WTF::OptionSet<WebCore::PaintBehavior>, WebCore::EventRegionContext*)::$_24::operator()(WebCore::RenderLayer&, WTF::OptionSet<WebCore::RenderLayer::PaintLayerFlag>) const 7 0x11c3e89e0 WebCore::RenderLayerBacking::paintIntoLayer(WebCore::GraphicsLayer const*, WebCore::GraphicsContext&, WebCore::IntRect const&, WTF::OptionSet<WebCore::PaintBehavior>, WebCore::EventRegionContext*) 8 0x11c3e9cb8 WebCore::RenderLayerBacking::paintContents(WebCore::GraphicsLayer const*, WebCore::GraphicsContext&, WebCore::FloatRect const&, unsigned int) 9 0x11bc8506c WebCore::GraphicsLayer::paintGraphicsLayerContents(WebCore::GraphicsContext&, WebCore::FloatRect const&, unsigned int) 10 0x11bd467b8 WebCore::GraphicsLayerCA::platformCALayerPaintContents(WebCore::PlatformCALayer*, WebCore::GraphicsContext&, WebCore::FloatRect const&, unsigned int) 11 0x1192c2cac WebCore::PlatformCALayer::drawLayerContents(WebCore::GraphicsContext&, WebCore::PlatformCALayer*, WTF::Vector<WebCore::FloatRect, 5ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc>&, unsigned int) 12 0x11bd8c47c WebCore::TileGrid::platformCALayerPaintContents(WebCore::PlatformCALayer*, WebCore::GraphicsContext&, WebCore::FloatRect const&, unsigned int) 13 0x1194eaf78 -[WebSimpleLayer drawInContext:] 14 0x1893ef7ac CABackingStoreUpdate_ 15 0x18944c4b4 invocation function for block in CA::Layer::display_() 16 0x1893eea34 -[CALayer _display] 17 0x1194eacbc -[WebSimpleLayer display] 18 0x1893edb2c CA::Layer::display_if_needed(CA::Transaction*) 19 0x189519b64 CA::Context::commit_transaction(CA::Transaction*, double, double*) 20 0x1893cfab8 CA::Transaction::commit() 21 0x185aa4470 __62+[CATransaction(NSCATransaction) NS_setFlushesWithDisplayLink]_block_invoke 22 0x1861f923c ___NSRunLoopObserverCreateWithHandler_block_invoke 23 0x183139cc8 __CFRUNLOOP_IS_CALLING_OUT_TO_AN_OBSERVER_CALLBACK_FUNCTION__ 24 0x183139b14 __CFRunLoopDoObservers 25 0x18313905c __CFRunLoopRun 26 0x1831385e8 CFRunLoopRunSpecific 27 0x183ee1688 -[NSRunLoop(NSRunLoop) runMode:beforeDate:] 28 0x183f73b70 -[NSRunLoop(NSRunLoop) run] 29 0x182daf768 _xpc_objc_main 30 0x182daef94 xpc_main 31 0x105899730 WebKit::XPCServiceMain(int, char const**) com.apple.WebKit.WebContent.Development terminated (pid 5635) because the process crashed LEAK: 3 WebPageProxy

Attachments
Add attachment proposed patch, testcase, etc.

ayumi_kojima

Comment 1 2021-09-02 12:04:41 PDT

Might be related 229671 since the crash log are very similar (imported/w3c/web-platform-tests/html/rendering/replaced-elements/svg-embedded-sizing/svg-in-img-auto.html)

Radar WebKit Bug Importer

Comment 2 2021-09-02 12:06:06 PDT

<rdar://problem/82687248>

ayumi_kojima

Comment 3 2021-09-02 12:15:29 PDT

Marked test expectations https://trac.webkit.org/changeset/281945/webkit

ayumi_kojima

Comment 4 2021-09-10 16:56:41 PDT

I was not able to reproduce the crash on BigSur AS using run-webkit-tests --iterations 100 --clobber-old-results --exit-after-n-crashes-or-timeouts 1 --force --debug loader/stateobjects/pushstate-size.html

Note You need to log in before you can comment on or make changes to this bug.

Status NEW

Resolution

Priority P2

Severity Normal

Classification Unclassified

Version WebKit Nightly Build

Hardware Mac (Apple Silicon)

OS Unspecified

Product WebKit

Component New Bugs

Assignee

Nobody

Reported

2021-09-02 12:03 PDT

Modified

2021-09-10 16:58 PDT History

CC List

8 users Show

URL

Keywords InRadar

Depends on

Blocks