RESOLVED WORKSFORME Bug 82390
Lion bot is hitting SHOULD NEVER BE REACHED in WebCore::valueForLength() on many tests 
https://bugs.webkit.org/show_bug.cgi?id=82390
Summary Lion bot is hitting SHOULD NEVER BE REACHED in WebCore::valueForLength() on ...
Simon Fraser (smfr)
Reported 2012-03-27 15:56:16 PDT
Lots of API tests and layout tests on the snowleopard bot hit: 15:47:38.862 24898 SHOULD NEVER BE REACHED 15:47:38.862 24898 /Volumes/Data/slave/lion-intel-leaks/build/Source/WebCore/css/LengthFunctions.cpp(87) : int WebCore::valueForLength(WebCore::Length, int, WebCore::RenderView *, bool) 15:47:38.863 24898 1 0x1122ae1d1 WebCore::RenderBox::computeLogicalWidthInRegionUsing(WebCore::LogicalWidthType, int, WebCore::RenderBlock const*, WebCore::RenderRegion*, int) 15:47:38.863 24898 2 0x1122ac87e WebCore::RenderBox::computeLogicalWidthInRegion(WebCore::RenderRegion*, int) 15:47:38.863 24898 3 0x1122ac064 WebCore::RenderBox::computeLogicalWidth() 15:47:38.863 24898 4 0x1122373f7 WebCore::RenderBlock::recomputeLogicalWidth() 15:47:38.863 24898 5 0x112237651 WebCore::RenderBlock::layoutBlock(bool, int, WebCore::RenderBlock::BlockLayoutPass) 15:47:38.863 24898 6 0x11223714e WebCore::RenderBlock::layout() 15:47:38.863 24898 7 0x11224268c WebCore::RenderBlock::layoutBlockChild(WebCore::RenderBox*, WebCore::RenderBlock::MarginInfo&, int&, int&) 15:47:38.864 24898 8 0x11223a62c WebCore::RenderBlock::layoutBlockChildren(bool, int&) 15:47:38.864 24898 9 0x112237d1b WebCore::RenderBlock::layoutBlock(bool, int, WebCore::RenderBlock::BlockLayoutPass) 15:47:38.864 24898 10 0x11223714e WebCore::RenderBlock::layout() 15:47:38.864 24898 11 0x1124a3468 WebCore::RenderView::layout() 15:47:38.864 24898 12 0x111734d15 WebCore::FrameView::layout(bool) 15:47:38.864 24898 13 0x111435f56 WebCore::Document::updateLayout() 15:47:38.864 24898 14 0x111436085 WebCore::Document::updateLayoutIgnorePendingStylesheets() 15:47:38.864 24898 15 0x1116b7b00 WebCore::FocusController::advanceFocusInDocumentOrder(WebCore::FocusDirection, WebCore::KeyboardEvent*, bool) 15:47:38.864 24898 16 0x1116b7925 WebCore::FocusController::advanceFocus(WebCore::FocusDirection, WebCore::KeyboardEvent*, bool) 15:47:38.865 24898 17 0x1116b783a WebCore::FocusController::setInitialFocus(WebCore::FocusDirection, WebCore::KeyboardEvent*) 15:47:38.865 24898 18 0x110a18386 -[WebHTMLView becomeFirstResponder] 15:47:38.865 24898 19 0x7fff8d8a9266 -[NSWindow makeFirstResponder:] 15:47:38.865 24898 20 0x7fff8dac0472 -[NSClipView becomeFirstResponder] 15:47:38.865 24898 21 0x7fff8d8a9266 -[NSWindow makeFirstResponder:] 15:47:38.865 24898 22 0x7fff8def4238 -[NSScrollView becomeFirstResponder] 15:47:38.865 24898 23 0x7fff8d8a9266 -[NSWindow makeFirstResponder:] 15:47:38.865 24898 24 0x1109df8d6 -[WebFrameView becomeFirstResponder] 15:47:38.865 24898 25 0x7fff8d8a9266 -[NSWindow makeFirstResponder:] 15:47:38.866 24898 26 0x110ab7716 -[WebView becomeFirstResponder] 15:47:38.866 24898 27 0x7fff8d8a9266 -[NSWindow makeFirstResponder:] 15:47:38.866 24898 28 0x7fff8d90d978 -[NSWindow _selectFirstKeyView] 15:47:38.866 24898 29 0x7fff8d90d5d3 -[NSWindow _setUpFirstResponder] 15:47:38.866 24898 30 0x7fff8d8876c1 -[NSWindow _reallyDoOrderWindow:relativeTo:findKey:forCounter:force:isModal:] 15:47:38.866 24898 31 0x7fff8d887115 -[NSWindow _doOrderWindow:relativeTo:findKey:forCounter:force:isModal:]
Attachments
ProposedPatch (3.41 KB, patch)
2012-03-28 14:12 PDT, Joe Thomas 		simon.fraser: review-
simon.fraser: commit-queue-
DetailsFormatted DiffDiff
Patch-Updated (3.93 KB, patch)
2012-03-28 15:24 PDT, Joe Thomas 		no flags
DetailsFormatted DiffDiff
Show Obsolete (1) View All Add attachment proposed patch, testcase, etc.
Simon Fraser (smfr)
Comment 1 2012-03-27 16:00:14 PDT
Also happening on Lion: http://build.webkit.org/builders/Lion%20Intel%20Leaks/builds/2736/steps/run-api-tests/logs/stdio
Simon Fraser (smfr)
Comment 2 2012-03-27 16:09:50 PDT
I can't reproduce this on SL or Lion. I wonder if it depends on whether a display is connected, or something like that.
Simon Fraser (smfr)
Comment 3 2012-03-27 16:38:15 PDT
I think http://trac.webkit.org/changeset/112301 caused this
Simon Fraser (smfr)
Comment 4 2012-03-27 21:45:00 PDT
Any progress here?
Joe Thomas
Comment 5 2012-03-27 21:47:25 PDT
(In reply to comment #4) > Any progress here? I could not locate the problem yet.
Joe Thomas
Comment 6 2012-03-27 21:50:21 PDT
I reviewed http://trac.webkit.org/changeset/112301 again and could not find anything suspicious at all.
Antti Koivisto
Comment 7 2012-03-28 02:33:27 PDT
Why is it in region layout code? I doubt API tests have any CSS regions.
Antti Koivisto
Comment 8 2012-03-28 07:04:12 PDT
Ah apparently this code runs in all cases with region == 0. It is just really poorly named.
Joe Thomas
Comment 9 2012-03-28 13:04:30 PDT
The assertion happens at line number 91, when length type is Undefined. The stack trace from latest Lion build. 11:57:07.238 64690 /Volumes/Data/slave/lion-intel-leaks/build/Source/WebCore/css/LengthFunctions.cpp(91) : int WebCore::valueForLength(WebCore::Length, int, WebCore::RenderView *, bool) 11:57:07.239 64690 1 0x10345a6e3 WebCore::RenderBox::computeLogicalWidthInRegionUsing(WebCore::LogicalWidthType, int, WebCore::RenderBlock const*, WebCore::RenderRegion*, int) 11:57:07.239 64690 2 0x103458d2e WebCore::RenderBox::computeLogicalWidthInRegion(WebCore::RenderRegion*, int) 11:57:07.239 64690 3 0x103458514 WebCore::RenderBox::computeLogicalWidth() 11:57:07.239 64690 4 0x1033e38a7 WebCore::RenderBlock::recomputeLogicalWidth() 11:57:07.239 64690 5 0x1033e3b01 WebCore::RenderBlock::layoutBlock(bool, int, WebCore::RenderBlock::BlockLayoutPass) 11:57:07.239 64690 6 0x1033e35fe WebCore::RenderBlock::layout() 11:57:07.239 64690 7 0x1033eeb3c WebCore::RenderBlock::layoutBlockChild(WebCore::RenderBox*, WebCore::RenderBlock::MarginInfo&, int&, int&) 11:57:07.239 64690 8 0x1033e6adc WebCore::RenderBlock::layoutBlockChildren(bool, int&) 11:57:07.239 64690 9 0x1033e41cb WebCore::RenderBlock::layoutBlock(bool, int, WebCore::RenderBlock::BlockLayoutPass) 11:57:07.240 64690 10 0x1033e35fe WebCore::RenderBlock::layout() 11:57:07.240 64690 11 0x10364f988 WebCore::RenderView::layout() 11:57:07.240 64690 12 0x1028e1075 WebCore::FrameView::layout(bool) 11:57:07.240 64690 13 0x1025e22a6 WebCore::Document::updateLayout() 11:57:07.240 64690 14 0x1025e23d5 WebCore::Document::updateLayoutIgnorePendingStylesheets() 11:57:07.240 64690 15 0x102863e60 WebCore::FocusController::advanceFocusInDocumentOrder(WebCore::FocusDirection, WebCore::KeyboardEvent*, bool) 11:57:07.240 64690 16 0x102863c85 WebCore::FocusController::advanceFocus(WebCore::FocusDirection, WebCore::KeyboardEvent*, bool) 11:57:07.240 64690 17 0x102863b9a WebCore::FocusController::setInitialFocus(WebCore::FocusDirection, WebCore::KeyboardEvent*) 11:57:07.240 64690 18 0x101bc0366 -[WebHTMLView becomeFirstResponder] 11:57:07.241 64690 19 0x7fff8d8a9266 -[NSWindow makeFirstResponder:] 11:57:07.241 64690 20 0x7fff8dac0472 -[NSClipView becomeFirstResponder] 11:57:07.241 64690 21 0x7fff8d8a9266 -[NSWindow makeFirstResponder:] 11:57:07.241 64690 22 0x7fff8def4238 -[NSScrollView becomeFirstResponder] 11:57:07.241 64690 23 0x7fff8d8a9266 -[NSWindow makeFirstResponder:] 11:57:07.241 64690 24 0x101b878b6 -[WebFrameView becomeFirstResponder] 11:57:07.241 64690 25 0x7fff8d8a9266 -[NSWindow makeFirstResponder:] 11:57:07.242 64690 26 0x101c5f716 -[WebView becomeFirstResponder] 11:57:07.242 64690 27 0x7fff8d8a9266 -[NSWindow makeFirstResponder:] 11:57:07.242 64690 28 0x7fff8d90d978 -[NSWindow _selectFirstKeyView] 11:57:07.242 64690 29 0x7fff8d90d5d3 -[NSWindow _setUpFirstResponder] 11:57:07.242 64690 30 0x7fff8d8876c1 -[NSWindow _reallyDoOrderWindow:relativeTo:findKey:forCounter:force:isModal:] 11:57:07.242 64690 31 0x7fff8d887115 -[NSWindow _doOrderWindow:relativeTo:findKey:forCounter:force:isModal:]
Joe Thomas
Comment 10 2012-03-28 14:12:08 PDT
Created attachment 134394 [details] ProposedPatch
Joe Thomas
Comment 11 2012-03-28 14:14:16 PDT
(In reply to comment #10) > Created an attachment (id=134394) [details] > ProposedPatch Attempt to make Lion bot happy as discussed with Antti in IRC.
Simon Fraser (smfr)
Comment 12 2012-03-28 14:15:35 PDT
Comment on attachment 134394 [details] ProposedPatch View in context: https://bugs.webkit.org/attachment.cgi?id=134394&action=review > Source/WebCore/ChangeLog:8 > + Passing Length structure as const reference. This needs to explain why you think this will solve the problem.
Joe Thomas
Comment 13 2012-03-28 15:24:39 PDT
Created attachment 134421 [details] Patch-Updated Added more description
Simon Fraser (smfr)
Comment 14 2012-03-28 15:30:01 PDT
Comment on attachment 134421 [details] Patch-Updated If the copy constructor is changing the value, we have problems. But let's see what this does.
Luke Macpherson
Comment 15 2012-03-28 16:31:50 PDT
This could be interesting.
WebKit Review Bot
Comment 16 2012-03-28 16:41:59 PDT
Comment on attachment 134421 [details] Patch-Updated Clearing flags on attachment: 134421 Committed r112472: <http://trac.webkit.org/changeset/112472>
WebKit Review Bot
Comment 17 2012-03-28 16:42:04 PDT
All reviewed patches have been landed. Closing bug.
Joe Thomas
Comment 18 2012-03-28 17:20:12 PDT
Re-opening the bug. The patch did not fix the Lion Bot issue. http://build.webkit.org/builders/Lion%20Intel%20Leaks/builds/2788
Simon Fraser (smfr)
Comment 19 2012-03-28 17:33:53 PDT
Here are some line numbers: e.main-thread 0 com.apple.WebCore 0x0000000102ea6152 WebCore::valueForLength(WebCore::Length const&, int, WebCore::RenderView*, bool) + 386 (LengthFunctions.cpp:91) 1 com.apple.WebCore 0x00000001030a8a84 WebCore::RenderBox::computeLogicalWidthInRegionUsing(WebCore::LogicalWidthType, int, WebCore::RenderBlock const*, WebCore::RenderRegion*, int) + 1396 (RenderBox.cpp:1864) 2 com.apple.WebCore 0x00000001030a70da WebCore::RenderBox::computeLogicalWidthInRegion(WebCore::RenderRegion*, int) + 1978 (RenderBox.cpp:1801) 3 com.apple.WebCore 0x00000001030a6914 WebCore::RenderBox::computeLogicalWidth() + 36 (RenderBox.cpp:1742) 4 com.apple.WebCore 0x0000000103031c67 WebCore::RenderBlock::recomputeLogicalWidth() + 71 (RenderBlock.cpp:1445) 5 com.apple.WebCore 0x0000000103031ec1 WebCore::RenderBlock::layoutBlock(bool, int, WebCore::RenderBlock::BlockLayoutPass) + 401 (RenderBlock.cpp:1462) 6 com.apple.WebCore 0x00000001030319be WebCore::RenderBlock::layout() + 94 (RenderBlock.cpp:1414) 7 com.apple.WebCore 0x000000010303cefc WebCore::RenderBlock::layoutBlockChild(WebCore::RenderBox*, WebCore::RenderBlock::MarginInfo&, int&, int&) + 1356 (RenderBlock.cpp:2354) 8 com.apple.WebCore 0x0000000103034e9c WebCore::RenderBlock::layoutBlockChildren(bool, int&) + 1228 (RenderBlock.cpp:2288) 9 com.apple.WebCore 0x000000010303258b WebCore::RenderBlock::layoutBlock(bool, int, WebCore::RenderBlock::BlockLayoutPass) + 2139 (RenderBlock.cpp:1556) 10 com.apple.WebCore 0x00000001030319be WebCore::RenderBlock::layout() + 94 (RenderBlock.cpp:1414) 11 com.apple.WebCore 0x0000000103291e08 WebCore::RenderView::layout() + 1096 (RenderView.cpp:140) 12 com.apple.WebCore 0x000000010252a9b5 WebCore::FrameView::layout(bool) + 3589 (FrameView.cpp:1102) 13 com.apple.WebCore 0x00000001025332e5 WebCore::FrameView::updateLayoutAndStyleIfNeededRecursive() + 101 (FrameView.cpp:3080) 14 com.apple.WebCore 0x000
Simon Fraser (smfr)
Comment 20 2012-03-28 18:27:11 PDT
I forced a clean build on the machine; let's see what that does.
Joe Thomas
Comment 21 2012-03-28 19:54:40 PDT
No assert failure seen in the latest build after cleaning the bot http://build.webkit.org/builders/Lion%20Intel%20Leaks/builds/2792.
Simon Fraser (smfr)
Comment 22 2012-03-28 21:17:29 PDT
Yay! Sorry for the noise, I should have cleaned earlier.
Antti Koivisto
Comment 23 2012-03-29 02:27:13 PDT
\o/ The const Length& change is good in any case.
Note You need to log in before you can comment on or make changes to this bug.