RESOLVED CONFIGURATION CHANGED Bug 49022
Assertion reached in RenderBlock::FloatingObject::bottom() 
https://bugs.webkit.org/show_bug.cgi?id=49022
Summary Assertion reached in RenderBlock::FloatingObject::bottom()
zalan
Reported 2010-11-04 14:21:17 PDT
assertion was introduced in http://trac.webkit.org/changeset/69082 backtrace: #0 0xb678bfa9 in WebCore::RenderBlock::FloatingObject::bottom (this=0xa692618) at ../../../WebCore/rendering/RenderBlock.h:391 #1 0xb678c150 in WebCore::RenderBlock::logicalBottomForFloat (this=0xa5d8a44, child=0xa692618) at ../../../WebCore/rendering/RenderBlock.h:413 #2 0xb679ba0e in WebCore::RenderBlock::nextFloatLogicalBottomBelow (this=0xa5d8a44, logicalHeight=0) at ../../../WebCore/rendering/RenderBlock.cpp:3318 #3 0xb67c31a3 in WebCore::RenderBlock::fitBelowFloats (this=0xa5d8a44, widthToFit=3, firstLine=true, availableWidth=@0xbff414f4) at ../../../WebCore/rendering/RenderBlockLineLayout.cpp:1347 #4 0xb67c5588 in WebCore::RenderBlock::findNextLineBreak (this=0xa5d8a44, resolver=..., firstLine=true, isLineEmpty=@0xbff41805, previousLineBrokeCleanly=@0xbff41809, hyphenated=@0xbff41803, clear=0xbff417a4, lastFloatFromPreviousLine=0xa6947a8) at ../../../WebCore/rendering/RenderBlockLineLayout.cpp:1918 #5 0xb67bff8d in WebCore::RenderBlock::layoutInlineChildren (this=0xa5d8a44, relayoutChildren=true, repaintLogicalTop=@0xbff41948, repaintLogicalBottom=@0xbff41944) at ../../../WebCore/rendering/RenderBlockLineLayout.cpp:665 #6 0xb6792426 in WebCore::RenderBlock::layoutBlock (this=0xa5d8a44, relayoutChildren=true, pageHeight=0) at ../../../WebCore/rendering/RenderBlock.cpp:1207 #7 0xb6791e3e in WebCore::RenderBlock::layout (this=0xa5d8a44) at ../../../WebCore/rendering/RenderBlock.cpp:1105 #8 0xb6794e00 in WebCore::RenderBlock::layoutBlockChild (this=0xa5d4ce4, child=0xa5d8a44, marginInfo=..., previousFloatLogicalBottom=@0xbff41b04, maxFloatLogicalBottom=@0xbff41c50) at ../../../WebCore/rendering/RenderBlock.cpp:1877 #9 0xb6794abb in WebCore::RenderBlock::layoutBlockChildren (this=0xa5d4ce4, relayoutChildren=true, maxFloatLogicalBottom=@0xbff41c50) at ../../../WebCore/rendering/RenderBlock.cpp:1815 #10 0xb6792445 in WebCore::RenderBlock::layoutBlock (this=0xa5d4ce4, relayoutChildren=true, pageHeight=0) at ../../../WebCore/rendering/RenderBlock.cpp:1209 #11 0xb6791e3e in WebCore::RenderBlock::layout (this=0xa5d4ce4) at ../../../WebCore/rendering/RenderBlock.cpp:1105 #12 0xb678a29f in WebCore::RenderObject::layoutIfNeeded (this=0xa5d4ce4) at ../../../WebCore/rendering/RenderObject.h:494 #13 0xb6799fcd in WebCore::RenderBlock::insertFloatingObject (this=0xa5d3b74, o=0xa5d4ce4) at ../../../WebCore/rendering/RenderBlock.cpp:2955 #14 0xb679319b in WebCore::RenderBlock::handleFloatingChild (this=0xa5d3b74, child=0xa5d4ce4, marginInfo=...) at ../../../WebCore/rendering/RenderBlock.cpp:1407 #15 0xb67930d6 in WebCore::RenderBlock::handleSpecialChild (this=0xa5d3b74, child=0xa5d4ce4, marginInfo=...) at ../../../WebCore/rendering/RenderBlock.cpp:1390 #16 0xb6794a90 in WebCore::RenderBlock::layoutBlockChildren (this=0xa5d3b74, relayoutChildren=true, maxFloatLogicalBottom=@0xbff41f50) at ../../../WebCore/rendering/RenderBlock.cpp:1811 #17 0xb6792445 in WebCore::RenderBlock::layoutBlock (this=0xa5d3b74, relayoutChildren=true, pageHeight=0) at ../../../WebCore/rendering/RenderBlock.cpp:1209 #18 0xb6791e3e in WebCore::RenderBlock::layout (this=0xa5d3b74) at ../../../WebCore/rendering/RenderBlock.cpp:1105 #19 0xb678a29f in WebCore::RenderObject::layoutIfNeeded (this=0xa5d3b74) at ../../../WebCore/rendering/RenderObject.h:494 #20 0xb6799fcd in WebCore::RenderBlock::insertFloatingObject (this=0xa58dbec, o=0xa5d3b74) at ../../../WebCore/rendering/RenderBlock.cpp:2955 #21 0xb679319b in WebCore::RenderBlock::handleFloatingChild (this=0xa58dbec, child=0xa5d3b74, marginInfo=...) at ../../../WebCore/rendering/RenderBlock.cpp:1407 #22 0xb67930d6 in WebCore::RenderBlock::handleSpecialChild (this=0xa58dbec, child=0xa5d3b74, marginInfo=...) at ../../../WebCore/rendering/RenderBlock.cpp:1390 #23 0xb6794a90 in WebCore::RenderBlock::layoutBlockChildren (this=0xa58dbec, relayoutChildren=true, maxFloatLogicalBottom=@0xbff42250) at ../../../WebCore/rendering/RenderBlock.cpp:1811 #24 0xb6792445 in WebCore::RenderBlock::layoutBlock (this=0xa58dbec, relayoutChildren=true, pageHeight=0) at ../../../WebCore/rendering/RenderBlock.cpp:1209 #25 0xb6791e3e in WebCore::RenderBlock::layout (this=0xa58dbec) at ../../../WebCore/rendering/RenderBlock.cpp:1105 #26 0xb6794e00 in WebCore::RenderBlock::layoutBlockChild (this=0xa364e54, child=0xa58dbec, marginInfo=..., previousFloatLogicalBottom=@0xbff42414, maxFloatLogicalBottom=@0xbff42560) at ../../../WebCore/rendering/RenderBlock.cpp:1877 #27 0xb6794abb in WebCore::RenderBlock::layoutBlockChildren (this=0xa364e54, relayoutChildren=false, maxFloatLogicalBottom=@0xbff42560) at ../../../WebCore/rendering/RenderBlock.cpp:1815 #28 0xb6792445 in WebCore::RenderBlock::layoutBlock (this=0xa364e54, relayoutChildren=false, pageHeight=0) at ../../../WebCore/rendering/RenderBlock.cpp:1209 #29 0xb6791e3e in WebCore::RenderBlock::layout (this=0xa364e54) at ../../../WebCore/rendering/RenderBlock.cpp:1105 #30 0xb6794e00 in WebCore::RenderBlock::layoutBlockChild (this=0xa355b44, child=0xa364e54, marginInfo=..., previousFloatLogicalBottom=@0xbff42724, maxFloatLogicalBottom=@0xbff42870) at ../../../WebCore/rendering/RenderBlock.cpp:1877 #31 0xb6794abb in WebCore::RenderBlock::layoutBlockChildren (this=0xa355b44, relayoutChildren=false, maxFloatLogicalBottom=@0xbff42870) at ../../../WebCore/rendering/RenderBlock.cpp:1815 #32 0xb6792445 in WebCore::RenderBlock::layoutBlock (this=0xa355b44, relayoutChildren=false, pageHeight=0) at ../../../WebCore/rendering/RenderBlock.cpp:1209 #33 0xb6791e3e in WebCore::RenderBlock::layout (this=0xa355b44) at ../../../WebCore/rendering/RenderBlock.cpp:1105 #34 0xb6794e00 in WebCore::RenderBlock::layoutBlockChild (this=0xa28d17c, child=0xa355b44, marginInfo=..., previousFloatLogicalBottom=@0xbff42a34, maxFloatLogicalBottom=@0xbff42b80) at ../../../WebCore/rendering/RenderBlock.cpp:1877 #35 0xb6794abb in WebCore::RenderBlock::layoutBlockChildren (this=0xa28d17c, relayoutChildren=false, maxFloatLogicalBottom=@0xbff42b80) at ../../../WebCore/rendering/RenderBlock.cpp:1815 #36 0xb6792445 in WebCore::RenderBlock::layoutBlock (this=0xa28d17c, relayoutChildren=false, pageHeight=0) at ../../../WebCore/rendering/RenderBlock.cpp:1209 #37 0xb6791e3e in WebCore::RenderBlock::layout (this=0xa28d17c) at ../../../WebCore/rendering/RenderBlock.cpp:1105 #38 0xb6889f0b in WebCore::RenderView::layout (this=0xa28d17c) at ../../../WebCore/rendering/RenderView.cpp:130 #39 0xb6679768 in WebCore::FrameView::layout (this=0xa2658c8, allowSubtree=true) at ../../../WebCore/page/FrameView.cpp:788 #40 0xb667e3d1 in WebCore::FrameView::updateLayoutAndStyleIfNeededRecursive (this=0xa2658c8) at ../../../WebCore/page/FrameView.cpp:2104 #41 0xb6950543 in QWebFramePrivate::renderRelativeCoords (this=0xa289d78, context=0xbff42ef8, layer=QWebFrame::AllLayers, clip=...) at ../../../WebKit/qt/Api/qwebframe.cpp:345 #42 0xb69535ba in QWebFrame::render (this=0xa271b58, painter=0xbff42f38, clip=...) at ../../../WebKit/qt/Api/qwebframe.cpp:1149 #43 0xb696c35d in QWebView::paintEvent (this=0xa10b400, ev=0xbff434b4) at ../../../WebKit/qt/Api/qwebview.cpp:930 #44 0xb45ec606 in QWidget::event (this=0xa10b400, event=0xbff434b4) at kernel/qwidget.cpp:8333 #45 0xb696c120 in QWebView::event (this=0xa10b400, e=0xbff434b4) at ../../../WebKit/qt/Api/qwebview.cpp:834 #46 0xb458e84c in QApplicationPrivate::notify_helper (this=0xa0bcb88, receiver=0xa10b400, e=0xbff434b4) at kernel/qapplication.cpp:4396 #47 0xb4594939 in QApplication::notify (this=0xbff44190, receiver=0xa10b400, e=0xbff434b4) at kernel/qapplication.cpp:4361 #48 0xb42fe8cb in QCoreApplication::notifyInternal (this=0xbff44190, receiver=0xa10b400, event=0xbff434b4) at kernel/qcoreapplication.cpp:732 #49 0xb45f3836 in QCoreApplication::sendSpontaneousEvent (this=0xa24a668, pdev=0xa2913ac, rgn=..., offset=..., flags=<value optimized out>, sharedPainter=0x0, backingStore=0xa291350) at ../../include/QtCore/../../src/corelib/kernel/qcoreapplication.h:218 #50 QWidgetPrivate::drawWidget (this=0xa24a668, pdev=0xa2913ac, rgn=..., offset=..., flags=<value optimized out>, sharedPainter=0x0, backingStore=0xa291350) at kernel/qwidget.cpp:5420 #51 0xb47e1d87 in QWidgetBackingStore::sync (this=0xa291350) at painting/qbackingstore.cpp:1320 #52 0xb45e5ba3 in QWidgetPrivate::syncBackingStore (this=0xa1fb568) at kernel/qwidget.cpp:1805 #53 0xb45ecda6 in QWidget::event (this=0xa1f9ff0, event=0xa312658) at kernel/qwidget.cpp:8480 #54 0xb4a25b87 in QMainWindow::event (this=0xa1f9ff0, event=0xa312658) at widgets/qmainwindow.cpp:1417 #55 0xb458e84c in QApplicationPrivate::notify_helper (this=0xa0bcb88, receiver=0xa1f9ff0, e=0xa312658) at kernel/qapplication.cpp:4396 #56 0xb4594939 in QApplication::notify (this=0xbff44190, receiver=0xa1f9ff0, e=0xa312658) at kernel/qapplication.cpp:4361 #57 0xb42fe8cb in QCoreApplication::notifyInternal (this=0xbff44190, receiver=0xa1f9ff0, event=0xa312658) at kernel/qcoreapplication.cpp:732 #58 0xb4301b2b in QCoreApplication::sendEvent (receiver=0x0, event_type=0, data=0xa0bcc80) at ../../include/QtCore/../../src/corelib/kernel/qcoreapplication.h:215 #59 QCoreApplicationPrivate::sendPostedEvents (receiver=0x0, event_type=0, data=0xa0bcc80) at kernel/qcoreapplication.cpp:1373 #60 0xb4301ced in QCoreApplication::sendPostedEvents (receiver=0x0, event_type=0) at kernel/qcoreapplication.cpp:1266 #61 0xb432d5b4 in QCoreApplication::sendPostedEvents (s=0xa0c2910) at ../../include/QtCore/../../src/corelib/kernel/qcoreapplication.h:220 #62 postEventSourceDispatch (s=0xa0c2910) at kernel/qeventdispatcher_glib.cpp:277 #63 0xb364c5e5 in g_main_context_dispatch () from /lib/libglib-2.0.so.0 #64 0xb36502d8 in ?? () from /lib/libglib-2.0.so.0 -------------------------------------------------------------------------------------------------------------------------------------- I debugged it and what i found was that 1, findNextLineBreak loops through the render objects to find line breaks 2, finds a float box 3, creates a floating object by calling insertFloatingObject() 4, the floating object does not fit the current line, so it does not get positioned (newLine() is supposed to position) 5, still inside the while loop in findNextLineBreak(), next object is a textbox 6, while checking the textbox, fitBelowFloats() gets called, which calls nextFloatLogicalBottomBelow() 7, nextFloatLogicalBottomBelow() loops through the floating object list (m_floatingObjects) and finds the not-yet-positioned floating object, which was added at step #3. 8, asserts RenderBlock::FloatingObject::bottom()
Attachments
somewhat reduced testcase (65.80 KB, application/x-gzip)
2010-11-04 14:37 PDT, zalan 		no flags
Details
View All Add attachment proposed patch, testcase, etc.
zalan
Comment 1 2010-11-04 14:37:50 PDT
Created attachment 72983 [details] somewhat reduced testcase couldn't reduce the page any further
Antti Koivisto
Comment 2 2010-11-05 07:04:44 PDT
Asserts on Safari too.
Caio Marcelo de Oliveira Filho
Comment 3 2011-04-13 09:42:24 PDT
Could reproduce using QtWebKit from trunk r83733 and loading the URL in the bug, but not the reduced test case. I'm investigating.
Ahmad Saleem
Comment 4 2023-07-02 04:13:02 PDT
It does not assert on WebKit ToT (265693@main) using ‘run-minibrowser —debug’, it does not do anything while loading HTML test case from local. I think this might have been resolved since 2011 now and can be closed. Thanks!
Note You need to log in before you can comment on or make changes to this bug.