80833 – [Qt] REGRESSION(r110401): fast/table/table-row-compositing-repaint-crash.html asserts

Bug 80833 - [Qt] REGRESSION(r110401): fast/table/table-row-compositing-repaint-crash.html asserts

Summary: [Qt] REGRESSION(r110401): fast/table/table-row-compositing-repaint-crash.html...

Status:	RESOLVED DUPLICATE of bug 80804

Alias:	None

Product:	WebKit
Classification:	Unclassified
Component:	New Bugs (show other bugs)
Version:	528+ (Nightly build)
Hardware:	All All

Importance:	P1 Critical
Assignee:	Nobody

URL:
Keywords:	Qt, QtTriaged

Depends on:
Blocks:	79666 79668 80641
	Show dependency tree / graph

Reported:	2012-03-12 07:01 PDT by Csaba Osztrogonác
Modified:	2012-03-12 10:41 PDT (History)
CC List:	2 users (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Csaba Osztrogonác 2012-03-12 07:01:51 PDT

After http://trac.webkit.org/changeset/110401 fast/table/table-row-compositing-repaint-crash.html
started to assert on Qt in debug mode. Here is the gdb backtrace:
 
0x00007ffff52556bc in WebCore::RenderTableRow::clippedOverflowRectForRepaint (this=0x588a08, repaintContainer=0x588a08) at ../../../../Source/WebCore/rendering/RenderTableRow.cpp:184
184         ASSERT(parent());
(gdb) bt
#0  0x00007ffff52556bc in WebCore::RenderTableRow::clippedOverflowRectForRepaint (this=0x588a08, repaintContainer=0x588a08) at ../../../../Source/WebCore/rendering/RenderTableRow.cpp:184
#1  0x00007ffff51da475 in WebCore::RenderLayer::computeRepaintRects (this=0x5954e8, offsetFromRoot=0x0) at ../../../../Source/WebCore/rendering/RenderLayer.cpp:441
#2  0x00007ffff51ff7a3 in WebCore::RenderLayerCompositor::updateBacking (this=0x556e50, layer=0x5954e8, shouldRepaint=WebCore::RenderLayerCompositor::CompositingChangeRepaintNow)
    at ../../../../Source/WebCore/rendering/RenderLayerCompositor.cpp:423
#3  0x00007ffff51ffa03 in WebCore::RenderLayerCompositor::updateLayerCompositingState (this=0x556e50, layer=0x5954e8, shouldRepaint=WebCore::RenderLayerCompositor::CompositingChangeRepaintNow)
    at ../../../../Source/WebCore/rendering/RenderLayerCompositor.cpp:482
#4  0x00007ffff51edfd9 in WebCore::RenderLayer::styleChanged (this=0x5954e8, oldStyle=0x0) at ../../../../Source/WebCore/rendering/RenderLayer.cpp:4400
#5  0x00007ffff517af73 in WebCore::RenderBoxModelObject::styleDidChange (this=0x588a08, diff=WebCore::StyleDifferenceEqual, oldStyle=0x0) at ../../../../Source/WebCore/rendering/RenderBoxModelObject.cpp:396
#6  0x00007ffff5161618 in WebCore::RenderBox::styleDidChange (this=0x588a08, diff=WebCore::StyleDifferenceEqual, oldStyle=0x0) at ../../../../Source/WebCore/rendering/RenderBox.cpp:349
#7  0x00007ffff5254bec in WebCore::RenderTableRow::styleDidChange (this=0x588a08, diff=WebCore::StyleDifferenceEqual, oldStyle=0x0) at ../../../../Source/WebCore/rendering/RenderTableRow.cpp:68
#8  0x00007ffff5225a72 in WebCore::RenderObject::setStyle (this=0x588a08, style=...) at ../../../../Source/WebCore/rendering/RenderObject.cpp:1768
#9  0x00007ffff522532d in WebCore::RenderObject::setAnimatableStyle (this=0x588a08, style=...) at ../../../../Source/WebCore/rendering/RenderObject.cpp:1681
#10 0x00007ffff4ad34b1 in WebCore::NodeRendererFactory::createRenderer (this=0x7fffffffcbd0) at ../../../../Source/WebCore/dom/NodeRenderingContext.cpp:350
#11 0x00007ffff4ad37ce in WebCore::NodeRendererFactory::createRendererIfNeeded (this=0x7fffffffcbd0) at ../../../../Source/WebCore/dom/NodeRenderingContext.cpp:386
#12 0x00007ffff4ab61c6 in WebCore::Node::createRendererIfNeeded (this=0x5996c0) at ../../../../Source/WebCore/dom/Node.cpp:1438
#13 0x00007ffff4a8125e in WebCore::Element::attach (this=0x5996c0) at ../../../../Source/WebCore/dom/Element.cpp:952
#14 0x00007ffff4ce032d in executeTask (task=...) at ../../../../Source/WebCore/html/parser/HTMLConstructionSite.cpp:101
#15 0x00007ffff4ce063c in WebCore::HTMLConstructionSite::executeQueuedTasks (this=0x562ce8) at ../../../../Source/WebCore/html/parser/HTMLConstructionSite.cpp:140
#16 0x00007ffff4d09eb5 in WebCore::HTMLTreeBuilder::constructTreeFromAtomicToken (this=0x562cc0, token=...) at ../../../../Source/WebCore/html/parser/HTMLTreeBuilder.cpp:482
#17 0x00007ffff4d09cba in WebCore::HTMLTreeBuilder::constructTreeFromToken (this=0x562cc0, rawToken=...) at ../../../../Source/WebCore/html/parser/HTMLTreeBuilder.cpp:459
#18 0x00007ffff4ce889d in WebCore::HTMLDocumentParser::pumpTokenizer (this=0x561950, mode=WebCore::HTMLDocumentParser::AllowYield) at ../../../../Source/WebCore/html/parser/HTMLDocumentParser.cpp:278
#19 0x00007ffff4ce8163 in WebCore::HTMLDocumentParser::pumpTokenizerIfPossible (this=0x561950, mode=WebCore::HTMLDocumentParser::AllowYield) at ../../../../Source/WebCore/html/parser/HTMLDocumentParser.cpp:177
#20 0x00007ffff4ce8fbd in WebCore::HTMLDocumentParser::append (this=0x561950, source=...) at ../../../../Source/WebCore/html/parser/HTMLDocumentParser.cpp:370
#21 0x00007ffff4a11810 in WebCore::DecodedDataDocumentParser::appendBytes (this=0x561950, writer=0x4ed730,
    data=0x558f88 "<!DOCTYPE html PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\"\n   \"http://www.w3.org/TR/html4/loose.dtd\">\n\n<html lang=\"en\">\n<head>\n  <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">"..., length=790) at ../../../../Source/WebCore/dom/DecodedDataDocumentParser.cpp:50
#22 0x00007ffff4e93b9e in WebCore::DocumentWriter::addData (this=0x4ed730,
    bytes=0x558f88 "<!DOCTYPE html PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\"\n   \"http://www.w3.org/TR/html4/loose.dtd\">\n\n<html lang=\"en\">\n<head>\n  <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">"..., length=790) at ../../../../Source/WebCore/loader/DocumentWriter.cpp:218
#23 0x00007ffff4e862bb in WebCore::DocumentLoader::commitData (this=0x4ed610,
    bytes=0x558f88 "<!DOCTYPE html PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\"\n   \"http://www.w3.org/TR/html4/loose.dtd\">\n\n<html lang=\"en\">\n<head>\n  <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">"..., length=790) at ../../../../Source/WebCore/loader/DocumentLoader.cpp:327
#24 0x00007ffff463e963 in WebCore::FrameLoaderClientQt::committedLoad (this=0x4c76a0, loader=0x4ed610,
    data=0x558f88 "<!DOCTYPE html PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\"\n   \"http://www.w3.org/TR/html4/loose.dtd\">\n\n<html lang=\"en\">\n<head>\n  <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">"..., length=790) at ../../../Source/WebKit/qt/WebCoreSupport/FrameLoaderClientQt.cpp:911
#25 0x00007ffff4e8614f in WebCore::DocumentLoader::commitLoad (this=0x4ed610,
    data=0x558f88 "<!DOCTYPE html PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\"\n   \"http://www.w3.org/TR/html4/loose.dtd\">\n\n<html lang=\"en\">\n<head>\n  <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">"..., length=790) at ../../../../Source/WebCore/loader/DocumentLoader.cpp:313
#26 0x00007ffff4e8639e in WebCore::DocumentLoader::receivedData (this=0x4ed610,
    data=0x558f88 "<!DOCTYPE html PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\"\n   \"http://www.w3.org/TR/html4/loose.dtd\">\n\n<html lang=\"en\">\n<head>\n  <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">"..., length=790) at ../../../../Source/WebCore/loader/DocumentLoader.cpp:339
#27 0x00007ffff4ebf477 in WebCore::MainResourceLoader::addData (this=0x4ef080,
    data=0x558f88 "<!DOCTYPE html PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\"\n   \"http://www.w3.org/TR/html4/loose.dtd\">\n\n<html lang=\"en\">\n<head>\n  <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">"..., length=790, allAtOnce=false) at ../../../../Source/WebCore/loader/MainResourceLoader.cpp:170
#28 0x00007ffff4ecf4ef in WebCore::ResourceLoader::didReceiveData (this=0x4ef080,
    data=0x558f88 "<!DOCTYPE html PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\"\n   \"http://www.w3.org/TR/html4/loose.dtd\">\n\n<html lang=\"en\">\n<head>\n  <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">"..., length=790, encodedDataLength=-1, allAtOnce=false) at ../../../../Source/WebCore/loader/ResourceLoader.cpp:288
#29 0x00007ffff4ec0dcc in WebCore::MainResourceLoader::didReceiveData (this=0x4ef080,
    data=0x558f88 "<!DOCTYPE html PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\"\n   \"http://www.w3.org/TR/html4/loose.dtd\">\n\n<html lang=\"en\">\n<head>\n  <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">"..., length=790, encodedDataLength=-1, allAtOnce=false) at ../../../../Source/WebCore/loader/MainResourceLoader.cpp:464
#30 0x00007ffff4ecffd0 in WebCore::ResourceLoader::didReceiveData (this=0x4ef080,
    data=0x558f88 "<!DOCTYPE html PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\"\n   \"http://www.w3.org/TR/html4/loose.dtd\">\n\n<html lang=\"en\">\n<head>\n  <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">"..., length=790, encodedDataLength=-1) at ../../../../Source/WebCore/loader/ResourceLoader.cpp:442
#31 0x00007ffff5346191 in WebCore::QNetworkReplyHandler::forwardData (this=0x45c250) at ../../../../Source/WebCore/platform/network/qt/QNetworkReplyHandler.cpp:569
#32 0x00007ffff53428b0 in WebCore::QNetworkReplyHandlerCallQueue::flush (this=0x45c288) at ../../../../Source/WebCore/platform/network/qt/QNetworkReplyHandler.cpp:196
#33 0x00007ffff53425ec in WebCore::QNetworkReplyHandlerCallQueue::unlock (this=0x45c288) at ../../../../Source/WebCore/platform/network/qt/QNetworkReplyHandler.cpp:176
#34 0x00007ffff5342949 in ~QueueLocker (this=0x7fffffffd3a0, __in_chrg=<value optimized out>) at ../../../../Source/WebCore/platform/network/qt/QNetworkReplyHandler.cpp:204
#35 0x00007ffff5343cd5 in WebCore::QNetworkReplyWrapper::emitMetaDataChanged (this=0x556620) at ../../../../Source/WebCore/platform/network/qt/QNetworkReplyHandler.cpp:336
#36 0x00007ffff53437c3 in WebCore::QNetworkReplyWrapper::receiveMetaData (this=0x556620) at ../../../../Source/WebCore/platform/network/qt/QNetworkReplyHandler.cpp:281
#37 0x00007ffff53471d3 in WebCore::QNetworkReplyWrapper::qt_static_metacall (_o=0x556620, _c=QMetaObject::InvokeMetaMethod, _id=0, _a=0x7fffffffd670) at ./moc_QNetworkReplyHandler.cpp:131
#38 0x00007fffedf94b76 in QMetaObject::activate(QObject*, QMetaObject const*, int, void**) () from /usr/local/Trolltech/Qt-4.8.0/lib/libQtCore.so.4
#39 0x00007fffedf907fe in QObject::event(QEvent*) () from /usr/local/Trolltech/Qt-4.8.0/lib/libQtCore.so.4
---Type <return> to continue, or q <return> to quit---
#40 0x00007fffee84c19c in QApplicationPrivate::notify_helper(QObject*, QEvent*) () from /usr/local/Trolltech/Qt-4.8.0/lib/libQtGui.so.4
#41 0x00007fffee85306d in QApplication::notify(QObject*, QEvent*) () from /usr/local/Trolltech/Qt-4.8.0/lib/libQtGui.so.4
#42 0x00007fffedf7e0ec in QCoreApplication::notifyInternal(QObject*, QEvent*) () from /usr/local/Trolltech/Qt-4.8.0/lib/libQtCore.so.4
#43 0x00007fffedf82953 in QCoreApplicationPrivate::sendPostedEvents(QObject*, int, QThreadData*) () from /usr/local/Trolltech/Qt-4.8.0/lib/libQtCore.so.4
#44 0x00007fffedfaf623 in ?? () from /usr/local/Trolltech/Qt-4.8.0/lib/libQtCore.so.4
#45 0x00007ffff01ca6f2 in g_main_context_dispatch () from /lib/libglib-2.0.so.0
#46 0x00007ffff01ce568 in ?? () from /lib/libglib-2.0.so.0
#47 0x00007ffff01ce71c in g_main_context_iteration () from /lib/libglib-2.0.so.0
#48 0x00007fffedfaf163 in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/local/Trolltech/Qt-4.8.0/lib/libQtCore.so.4
#49 0x00007fffee8f8a9e in ?? () from /usr/local/Trolltech/Qt-4.8.0/lib/libQtGui.so.4
#50 0x00007fffedf7cca2 in QEventLoop::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/local/Trolltech/Qt-4.8.0/lib/libQtCore.so.4
#51 0x00007fffedf7d114 in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/local/Trolltech/Qt-4.8.0/lib/libQtCore.so.4
#52 0x00007fffedf82d19 in QCoreApplication::exec() () from /usr/local/Trolltech/Qt-4.8.0/lib/libQtCore.so.4
#53 0x000000000042e3c9 in main (argc=2, argv=0x7fffffffe3c8) at /home/oszi/WebKit/Tools/DumpRenderTree/qt/main.cpp:254

Comment 1 Csaba Osztrogonác 2012-03-12 10:21:34 PDT

I skipped it on Qt - http://trac.webkit.org/changeset/110424

Please unskip it with the proper fix.

Comment 2 Shawn Singh 2012-03-12 10:41:38 PDT

(In reply to comment #1)
> I skipped it on Qt - http://trac.webkit.org/changeset/110424
> 
> Please unskip it with the proper fix.

Apologies for breaking this, thanks for the heads up.  We have another bug for fixing it, so i'm marking it as a duplicate.

*** This bug has been marked as a duplicate of bug 80804 ***