94365 – Hitting assert in RenderGeometryMap::absoluteRect()

Bug 94365 - Hitting assert in RenderGeometryMap::absoluteRect()

Summary: Hitting assert in RenderGeometryMap::absoluteRect()

Status:	RESOLVED FIXED

Alias:	None

Product:	WebKit
Classification:	Unclassified
Component:	Layout and Rendering (show other bugs)
Version:	528+ (Nightly build)
Hardware:	Unspecified Unspecified

Importance:	P2 Normal
Assignee:	Simon Fraser (smfr)

URL:
Keywords:

Depends on:
Blocks:

Reported:	2012-08-17 11:07 PDT by Andrew Scherkus
Modified:	2012-11-05 18:56 PST (History)
CC List:	2 users (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Andrew Scherkus 2012-08-17 11:07:15 PDT

Originally filed as http://code.google.com/p/chromium/issues/detail?id=142896

When running a test that uses player.html + tulip2.webm from http://src.chromium.org/viewvc/chrome/trunk/src/content/test/data/media/ we occasionally hit the following assert:

ASSERTION FAILED: enclosingIntRect(rendererMappedResult) == enclosingIntRect(FloatQuad(result).boundingBox())
../../third_party/WebKit/Source/WebCore/rendering/RenderGeometryMap.cpp(85) : WebCore::FloatRect WebCore::RenderGeometryMap::absoluteRect(const WebCore::FloatRect &) const
1   0x472c760a WebCore::RenderGeometryMap::absoluteRect(WebCore::FloatRect const&) const
2   0x4731f839 WebCore::RenderLayerCompositor::computeCompositingRequirements(WebCore::RenderLayer*, WebCore::RenderLayer*, WebCore::RenderLayerCompositor::OverlapMap*, WebCore::CompositingState&, bool&, bool&)
3   0x4731fccf WebCore::RenderLayerCompositor::computeCompositingRequirements(WebCore::RenderLayer*, WebCore::RenderLayer*, WebCore::RenderLayerCompositor::OverlapMap*, WebCore::CompositingState&, bool&, bool&)
4   0x4731fccf WebCore::RenderLayerCompositor::computeCompositingRequirements(WebCore::RenderLayer*, WebCore::RenderLayer*, WebCore::RenderLayerCompositor::OverlapMap*, WebCore::CompositingState&, bool&, bool&)
5   0x4731fccf WebCore::RenderLayerCompositor::computeCompositingRequirements(WebCore::RenderLayer*, WebCore::RenderLayer*, WebCore::RenderLayerCompositor::OverlapMap*, WebCore::CompositingState&, bool&, bool&)
6   0x4731f031 WebCore::RenderLayerCompositor::updateCompositingLayers(WebCore::CompositingUpdateType, WebCore::RenderLayer*)
7   0x4803fa7e WebCore::FrameView::updateCompositingLayersAfterStyleChange()
8   0x463c7657 WebCore::Document::recalcStyle(WebCore::Node::StyleChange)
9   0x463c8172 WebCore::Document::updateStyleIfNeeded()
10  0x4804126a WebCore::FrameView::layout(bool)
11  0x4803cc22 WebCore::FrameView::layoutTimerFired(WebCore::Timer<WebCore::FrameView>*)
12  0x48065cb7 WebCore::Timer<WebCore::FrameView>::fired()
13  0x45d4dd73 WebCore::ThreadTimers::sharedTimerFiredInternal()
14  0x45d4daff WebCore::ThreadTimers::sharedTimerFired()
15  0x3fcf1529 webkit_glue::WebKitPlatformSupportImpl::DoTimeout()
16  0x3fcf2f44 base::internal::RunnableAdapter<void (webkit_glue::WebKitPlatformSupportImpl::*)()>::Run(webkit_glue::WebKitPlatformSupportImpl*)
17  0x3fcf2e43 base::internal::InvokeHelper<false, void, base::internal::RunnableAdapter<void (webkit_glue::WebKitPlatformSupportImpl::*)()>, void ()(webkit_glue::WebKitPlatformSupportImpl*)>::MakeItSo(base::internal::RunnableAdapter<void (webkit_glue::WebKitPlatformSupportImpl::*)()>, webkit_glue::WebKitPlatformSupportImpl*)
18  0x3fcf2d83 base::internal::Invoker<1, base::internal::BindState<base::internal::RunnableAdapter<void (webkit_glue::WebKitPlatformSupportImpl::*)()>, void ()(webkit_glue::WebKitPlatformSupportImpl*), void ()(base::internal::UnretainedWrapper<webkit_glue::WebKitPlatformSupportImpl>)>, void ()(webkit_glue::WebKitPlatformSupportImpl*)>::Run(base::internal::BindStateBase*)
19  0x3d827f3b base::Callback<void ()()>::Run() const
20  0x3d99c3d0 base::Timer::RunScheduledTask()
21  0x3d99c5d9 base::BaseTimerTaskInternal::Run()
22  0x3d99cea4 base::internal::RunnableAdapter<void (base::BaseTimerTaskInternal::*)()>::Run(base::BaseTimerTaskInternal*)
23  0x3d99cda3 base::internal::InvokeHelper<false, void, base::internal::RunnableAdapter<void (base::BaseTimerTaskInternal::*)()>, void ()(base::BaseTimerTaskInternal*)>::MakeItSo(base::internal::RunnableAdapter<void (base::BaseTimerTaskInternal::*)()>, base::BaseTimerTaskInternal*)
24  0x3d99ccde base::internal::Invoker<1, base::internal::BindState<base::internal::RunnableAdapter<void (base::BaseTimerTaskInternal::*)()>, void ()(base::BaseTimerTaskInternal*), void ()(base::internal::OwnedWrapper<base::BaseTimerTaskInternal>)>, void ()(base::BaseTimerTaskInternal*)>::Run(base::internal::BindStateBase*)
25  0x3d827f3b base::Callback<void ()()>::Run() const
26  0x3d8b1ce8 MessageLoop::RunTask(base::PendingTask const&)
27  0x3d8b2092 MessageLoop::DeferOrRunPendingTask(base::PendingTask const&)
28  0x3d8b22d2 MessageLoop::DoWork()
29  0x3d8068cb base::MessagePumpCFRunLoopBase::RunWork()
30  0x3d806092 base::MessagePumpCFRunLoopBase::RunWorkSource(void*)
31  0x952fc42b __CFRunLoopDoSources0


...which corresponds to:

 68 FloatRect RenderGeometryMap::absoluteRect(const FloatRect& rect) const
 69 {
 70     FloatRect result;
 71     
 72     if (!hasFixedPositionStep() && !hasTransformStep() && !hasNonUniformStep()) {
 73         result = rect;
 74         result.move(m_accumulatedOffset);
 75     } else {
 76         TransformState transformState(TransformState::ApplyTransformDirection, rect.center(), rect);
 77         mapToAbsolute(transformState);
 78         result = transformState.lastPlanarQuad().boundingBox();
 79     }
 80 
 81 #if !ASSERT_DISABLED
 82     FloatRect rendererMappedResult = m_mapping.last().m_renderer->localToAbsoluteQuad(rect).boundingBox();
 83     // Inspector creates renderers with negative width <https://bugs.webkit.org/show_bug.cgi?id=87194>.
 84     // Taking FloatQuad bounds avoids spurious assertions because of that.
 85     ASSERT(enclosingIntRect(rendererMappedResult) == enclosingIntRect(FloatQuad(result).boundingBox()));
 86 #endif
 87 
 88     return result;
 89 }



smfr: The page is pretty simple -- pretty much a <video> w/ nothing else. Any ideas what might be causing the assert to fire?

Comment 1 Alexey Proskuryakov 2012-08-17 15:34:58 PDT

See also: bug 92464, bug 88128.

Comment 2 Simon Fraser (smfr) 2012-09-21 17:18:51 PDT

Also seen on:
1. Go to http://www.emporiki.gr/cbg/gr/cbg_index.jsp
2. Click on "e.Banking"

Comment 3 Simon Fraser (smfr) 2012-10-08 10:35:41 PDT

From bug 92464:
Steps:
1. Go to http://runkeeper.com/user/apostolou/activity/119872658
2. Click on "minus" button to zoom out Google map.

Comment 4 Simon Fraser (smfr) 2012-11-05 18:56:45 PST

I think I fixed this one in r133544.