[Webkit-unassigned] [Bug 57221] REGRESSION(r81992): Assertion failure: ASSERT(!m_hasBadParent)

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Mon Mar 28 03:13:25 PDT 2011 

https://bugs.webkit.org/show_bug.cgi?id=57221





--- Comment #1 from Yuta Kitamura <yutak at chromium.org>  2011-03-28 03:13:25 PST ---
I found another crash signature. This also happens after r81992. I don't know if this is related to the above.

Can be reproduced at http://casual.hangame.co.jp/chocotto/index.nhn


Program received signal EXC_BAD_ACCESS, Could not access memory.
Reason: KERN_INVALID_ADDRESS at address: 0x00000000fffffffc
0x0000000102034bfd in WTF::deleteAllValues<true, WebCore::RenderBlock::FloatingObject*, WTF::HashTable<WTF::ListHashSetNode<WebCore::RenderBlock::FloatingObject*, 4ul>*, WTF::ListHashSetNode<WebCore::RenderBlock::FloatingObject*, 4ul>*, WTF::IdentityExtractor<WTF::ListHashSetNode<WebCore::RenderBlock::FloatingObject*, 4ul>*>, WTF::ListHashSetNodeHashFunctions<WebCore::RenderBlock::FloatingObject*, 4ul, WebCore::RenderBlock::FloatingObjectHashFunctions>, WTF::HashTraits<WTF::ListHashSetNode<WebCore::RenderBlock::FloatingObject*, 4ul>*>, WTF::HashTraits<WTF::ListHashSetNode<WebCore::RenderBlock::FloatingObject*, 4ul>*> > const> (collection=@0x1157503a0) at ListHashSet.h:695
695                delete (*it)->m_value;
(gdb) bt
#0  0x0000000102034bfd in WTF::deleteAllValues<true, WebCore::RenderBlock::FloatingObject*, WTF::HashTable<WTF::ListHashSetNode<WebCore::RenderBlock::FloatingObject*, 4ul>*, WTF::ListHashSetNode<WebCore::RenderBlock::FloatingObject*, 4ul>*, WTF::IdentityExtractor<WTF::ListHashSetNode<WebCore::RenderBlock::FloatingObject*, 4ul>*>, WTF::ListHashSetNodeHashFunctions<WebCore::RenderBlock::FloatingObject*, 4ul, WebCore::RenderBlock::FloatingObjectHashFunctions>, WTF::HashTraits<WTF::ListHashSetNode<WebCore::RenderBlock::FloatingObject*, 4ul>*>, WTF::HashTraits<WTF::ListHashSetNode<WebCore::RenderBlock::FloatingObject*, 4ul>*> > const> (collection=@0x1157503a0) at ListHashSet.h:695
#1  0x0000000102034c48 in WTF::deleteAllValues<WebCore::RenderBlock::FloatingObject*, 4ul, WebCore::RenderBlock::FloatingObjectHashFunctions> (collection=@0x1157503a0) at ListHashSet.h:701
#2  0x000000010202407b in WebCore::RenderBlock::clearFloats (this=0x115d7e188) at /Users/yutak/WebKit/Source/WebCore/rendering/RenderBlock.cpp:3594
#3  0x0000000102026413 in WebCore::RenderBlock::layoutBlock (this=0x115d7e188, relayoutChildren=false, pageLogicalHeight=0) at /Users/yutak/WebKit/Source/WebCore/rendering/RenderBlock.cpp:1153
#4  0x000000010201e826 in WebCore::RenderBlock::layout (this=0x115d7e188) at /Users/yutak/WebKit/Source/WebCore/rendering/RenderBlock.cpp:1122
#5  0x000000010211d9ef in WebCore::RenderObject::layoutIfNeeded (this=0x115d7e188) at RenderObject.h:527
#6  0x000000010201d2a1 in WebCore::RenderBlock::layoutPositionedObjects (this=0x115d7dae8, relayoutChildren=false) at /Users/yutak/WebKit/Source/WebCore/rendering/RenderBlock.cpp:2179
#7  0x0000000102026b2b in WebCore::RenderBlock::layoutBlock (this=0x115d7dae8, relayoutChildren=false, pageLogicalHeight=0) at /Users/yutak/WebKit/Source/WebCore/rendering/RenderBlock.cpp:1257
#8  0x000000010201e826 in WebCore::RenderBlock::layout (this=0x115d7dae8) at /Users/yutak/WebKit/Source/WebCore/rendering/RenderBlock.cpp:1122
#9  0x00000001020251cf in WebCore::RenderBlock::layoutBlockChild (this=0x115d2f948, child=0x115d7dae8, marginInfo=@0x7fff5fbfa750, previousFloatLogicalBottom=@0x7fff5fbfa7e4, maxFloatLogicalBottom=@0x7fff5fbfa980) at /Users/yutak/WebKit/Source/WebCore/rendering/RenderBlock.cpp:1963
#10 0x00000001020261e1 in WebCore::RenderBlock::layoutBlockChildren (this=0x115d2f948, relayoutChildren=false, maxFloatLogicalBottom=@0x7fff5fbfa980) at /Users/yutak/WebKit/Source/WebCore/rendering/RenderBlock.cpp:1901
#11 0x0000000102026850 in WebCore::RenderBlock::layoutBlock (this=0x115d2f948, relayoutChildren=false, pageLogicalHeight=0) at /Users/yutak/WebKit/Source/WebCore/rendering/RenderBlock.cpp:1226
#12 0x000000010201e826 in WebCore::RenderBlock::layout (this=0x115d2f948) at /Users/yutak/WebKit/Source/WebCore/rendering/RenderBlock.cpp:1122
#13 0x00000001020251cf in WebCore::RenderBlock::layoutBlockChild (this=0x1096da3f8, child=0x115d2f948, marginInfo=@0x7fff5fbfab50, previousFloatLogicalBottom=@0x7fff5fbfabe4, maxFloatLogicalBottom=@0x7fff5fbfad80) at /Users/yutak/WebKit/Source/WebCore/rendering/RenderBlock.cpp:1963
#14 0x00000001020261e1 in WebCore::RenderBlock::layoutBlockChildren (this=0x1096da3f8, relayoutChildren=false, maxFloatLogicalBottom=@0x7fff5fbfad80) at /Users/yutak/WebKit/Source/WebCore/rendering/RenderBlock.cpp:1901
#15 0x0000000102026850 in WebCore::RenderBlock::layoutBlock (this=0x1096da3f8, relayoutChildren=false, pageLogicalHeight=0) at /Users/yutak/WebKit/Source/WebCore/rendering/RenderBlock.cpp:1226
#16 0x000000010201e826 in WebCore::RenderBlock::layout (this=0x1096da3f8) at /Users/yutak/WebKit/Source/WebCore/rendering/RenderBlock.cpp:1122
#17 0x00000001020251cf in WebCore::RenderBlock::layoutBlockChild (this=0x115d11138, child=0x1096da3f8, marginInfo=@0x7fff5fbfaf50, previousFloatLogicalBottom=@0x7fff5fbfafe4, maxFloatLogicalBottom=@0x7fff5fbfb180) at /Users/yutak/WebKit/Source/WebCore/rendering/RenderBlock.cpp:1963
#18 0x00000001020261e1 in WebCore::RenderBlock::layoutBlockChildren (this=0x115d11138, relayoutChildren=false, maxFloatLogicalBottom=@0x7fff5fbfb180) at /Users/yutak/WebKit/Source/WebCore/rendering/RenderBlock.cpp:1901
#19 0x0000000102026850 in WebCore::RenderBlock::layoutBlock (this=0x115d11138, relayoutChildren=false, pageLogicalHeight=0) at /Users/yutak/WebKit/Source/WebCore/rendering/RenderBlock.cpp:1226
#20 0x000000010201e826 in WebCore::RenderBlock::layout (this=0x115d11138) at /Users/yutak/WebKit/Source/WebCore/rendering/RenderBlock.cpp:1122
#21 0x000000010211d9ef in WebCore::RenderObject::layoutIfNeeded (this=0x115d11138) at RenderObject.h:527
#22 0x0000000102025bdf in WebCore::RenderBlock::insertFloatingObject (this=0x115d3f8a8, o=0x115d11138) at /Users/yutak/WebKit/Source/WebCore/rendering/RenderBlock.cpp:3133
#23 0x0000000102025d4a in WebCore::RenderBlock::handleFloatingChild (this=0x115d3f8a8, child=0x115d11138, marginInfo=@0x7fff5fbfb3c0) at /Users/yutak/WebKit/Source/WebCore/rendering/RenderBlock.cpp:1494
#24 0x0000000102025da6 in WebCore::RenderBlock::handleSpecialChild (this=0x115d3f8a8, child=0x115d11138, marginInfo=@0x7fff5fbfb3c0) at /Users/yutak/WebKit/Source/WebCore/rendering/RenderBlock.cpp:1477
#25 0x00000001020261b8 in WebCore::RenderBlock::layoutBlockChildren (this=0x115d3f8a8, relayoutChildren=false, maxFloatLogicalBottom=@0x7fff5fbfb5f0) at /Users/yutak/WebKit/Source/WebCore/rendering/RenderBlock.cpp:1897
#26 0x0000000102026850 in WebCore::RenderBlock::layoutBlock (this=0x115d3f8a8, relayoutChildren=false, pageLogicalHeight=0) at /Users/yutak/WebKit/Source/WebCore/rendering/RenderBlock.cpp:1226
#27 0x000000010201e826 in WebCore::RenderBlock::layout (this=0x115d3f8a8) at /Users/yutak/WebKit/Source/WebCore/rendering/RenderBlock.cpp:1122
#28 0x00000001020251cf in WebCore::RenderBlock::layoutBlockChild (this=0x115d37fc8, child=0x115d3f8a8, marginInfo=@0x7fff5fbfb7c0, previousFloatLogicalBottom=@0x7fff5fbfb854, maxFloatLogicalBottom=@0x7fff5fbfb9f0) at /Users/yutak/WebKit/Source/WebCore/rendering/RenderBlock.cpp:1963
#29 0x00000001020261e1 in WebCore::RenderBlock::layoutBlockChildren (this=0x115d37fc8, relayoutChildren=false, maxFloatLogicalBottom=@0x7fff5fbfb9f0) at /Users/yutak/WebKit/Source/WebCore/rendering/RenderBlock.cpp:1901
#30 0x0000000102026850 in WebCore::RenderBlock::layoutBlock (this=0x115d37fc8, relayoutChildren=false, pageLogicalHeight=0) at /Users/yutak/WebKit/Source/WebCore/rendering/RenderBlock.cpp:1226
#31 0x000000010201e826 in WebCore::RenderBlock::layout (this=0x115d37fc8) at /Users/yutak/WebKit/Source/WebCore/rendering/RenderBlock.cpp:1122
#32 0x00000001020251cf in WebCore::RenderBlock::layoutBlockChild (this=0x115fce5c8, child=0x115d37fc8, marginInfo=@0x7fff5fbfbbc0, previousFloatLogicalBottom=@0x7fff5fbfbc54, maxFloatLogicalBottom=@0x7fff5fbfbdf0) at /Users/yutak/WebKit/Source/WebCore/rendering/RenderBlock.cpp:1963
#33 0x00000001020261e1 in WebCore::RenderBlock::layoutBlockChildren (this=0x115fce5c8, relayoutChildren=false, maxFloatLogicalBottom=@0x7fff5fbfbdf0) at /Users/yutak/WebKit/Source/WebCore/rendering/RenderBlock.cpp:1901
#34 0x0000000102026850 in WebCore::RenderBlock::layoutBlock (this=0x115fce5c8, relayoutChildren=false, pageLogicalHeight=0) at /Users/yutak/WebKit/Source/WebCore/rendering/RenderBlock.cpp:1226
#35 0x000000010201e826 in WebCore::RenderBlock::layout (this=0x115fce5c8) at /Users/yutak/WebKit/Source/WebCore/rendering/RenderBlock.cpp:1122
#36 0x00000001020251cf in WebCore::RenderBlock::layoutBlockChild (this=0x1078f5e98, child=0x115fce5c8, marginInfo=@0x7fff5fbfbfc0, previousFloatLogicalBottom=@0x7fff5fbfc054, maxFloatLogicalBottom=@0x7fff5fbfc1f0) at /Users/yutak/WebKit/Source/WebCore/rendering/RenderBlock.cpp:1963
#37 0x00000001020261e1 in WebCore::RenderBlock::layoutBlockChildren (this=0x1078f5e98, relayoutChildren=false, maxFloatLogicalBottom=@0x7fff5fbfc1f0) at /Users/yutak/WebKit/Source/WebCore/rendering/RenderBlock.cpp:1901
#38 0x0000000102026850 in WebCore::RenderBlock::layoutBlock (this=0x1078f5e98, relayoutChildren=false, pageLogicalHeight=0) at /Users/yutak/WebKit/Source/WebCore/rendering/RenderBlock.cpp:1226
#39 0x000000010201e826 in WebCore::RenderBlock::layout (this=0x1078f5e98) at /Users/yutak/WebKit/Source/WebCore/rendering/RenderBlock.cpp:1122
#40 0x00000001020251cf in WebCore::RenderBlock::layoutBlockChild (this=0x115e69b78, child=0x1078f5e98, marginInfo=@0x7fff5fbfc3c0, previousFloatLogicalBottom=@0x7fff5fbfc454, maxFloatLogicalBottom=@0x7fff5fbfc5f0) at /Users/yutak/WebKit/Source/WebCore/rendering/RenderBlock.cpp:1963
#41 0x00000001020261e1 in WebCore::RenderBlock::layoutBlockChildren (this=0x115e69b78, relayoutChildren=false, maxFloatLogicalBottom=@0x7fff5fbfc5f0) at /Users/yutak/WebKit/Source/WebCore/rendering/RenderBlock.cpp:1901
#42 0x0000000102026850 in WebCore::RenderBlock::layoutBlock (this=0x115e69b78, relayoutChildren=false, pageLogicalHeight=0) at /Users/yutak/WebKit/Source/WebCore/rendering/RenderBlock.cpp:1226
#43 0x000000010201e826 in WebCore::RenderBlock::layout (this=0x115e69b78) at /Users/yutak/WebKit/Source/WebCore/rendering/RenderBlock.cpp:1122
#44 0x00000001020251cf in WebCore::RenderBlock::layoutBlockChild (this=0x107aa8368, child=0x115e69b78, marginInfo=@0x7fff5fbfc7c0, previousFloatLogicalBottom=@0x7fff5fbfc854, maxFloatLogicalBottom=@0x7fff5fbfc9f0) at /Users/yutak/WebKit/Source/WebCore/rendering/RenderBlock.cpp:1963
#45 0x00000001020261e1 in WebCore::RenderBlock::layoutBlockChildren (this=0x107aa8368, relayoutChildren=false, maxFloatLogicalBottom=@0x7fff5fbfc9f0) at /Users/yutak/WebKit/Source/WebCore/rendering/RenderBlock.cpp:1901
#46 0x0000000102026850 in WebCore::RenderBlock::layoutBlock (this=0x107aa8368, relayoutChildren=false, pageLogicalHeight=0) at /Users/yutak/WebKit/Source/WebCore/rendering/RenderBlock.cpp:1226
#47 0x000000010201e826 in WebCore::RenderBlock::layout (this=0x107aa8368) at /Users/yutak/WebKit/Source/WebCore/rendering/RenderBlock.cpp:1122
#48 0x0000000102182c6d in WebCore::RenderView::layout (this=0x107aa8368) at /Users/yutak/WebKit/Source/WebCore/rendering/RenderView.cpp:130
#49 0x0000000101a2a9a1 in WebCore::FrameView::layout (this=0x115e942e0, allowSubtree=true) at /Users/yutak/WebKit/Source/WebCore/page/FrameView.cpp:907
#50 0x00000001018616f5 in WebCore::Document::updateLayout (this=0x108393000) at /Users/yutak/WebKit/Source/WebCore/dom/Document.cpp:1613
#51 0x000000010186412e in WebCore::Document::updateLayoutIgnorePendingStylesheets (this=0x108393000) at /Users/yutak/WebKit/Source/WebCore/dom/Document.cpp:1644
#52 0x0000000102378e83 in WebCore::VisiblePosition::canonicalPosition (this=0x7fff5fbfced0, passedPosition=@0x7fff5fbfcf10) at /Users/yutak/WebKit/Source/WebCore/editing/VisiblePosition.cpp:458
#53 0x000000010237a414 in WebCore::VisiblePosition::init (this=0x7fff5fbfced0, position=@0x7fff5fbfcf10, affinity=WebCore::DOWNSTREAM) at /Users/yutak/WebKit/Source/WebCore/editing/VisiblePosition.cpp:55
#54 0x000000010237a4cc in WebCore::VisiblePosition::VisiblePosition (this=0x7fff5fbfced0, pos=@0x7fff5fbfcf10, affinity=WebCore::DOWNSTREAM) at /Users/yutak/WebKit/Source/WebCore/editing/VisiblePosition.cpp:48
#55 0x000000010220b1e9 in WebCore::SelectionController::updateCaretRect (this=0x107014960) at /Users/yutak/WebKit/Source/WebCore/editing/SelectionController.cpp:1032
#56 0x000000010220b3c8 in WebCore::SelectionController::localCaretRect (this=0x107014960) at /Users/yutak/WebKit/Source/WebCore/editing/SelectionController.cpp:1084
#57 0x000000010220b489 in WebCore::SelectionController::recomputeCaretRect (this=0x107014960) at /Users/yutak/WebKit/Source/WebCore/editing/SelectionController.cpp:1135
#58 0x000000010220b8c3 in WebCore::SelectionController::updateAppearance (this=0x107014960) at /Users/yutak/WebKit/Source/WebCore/editing/SelectionController.cpp:1547
#59 0x0000000101a26d69 in WebCore::FrameView::performPostLayoutTasks (this=0x115e942e0) at /Users/yutak/WebKit/Source/WebCore/page/FrameView.cpp:1911
#60 0x0000000101a2a16e in WebCore::FrameView::layout (this=0x115e942e0, allowSubtree=true) at /Users/yutak/WebKit/Source/WebCore/page/FrameView.cpp:781
#61 0x0000000101a2b16a in WebCore::FrameView::updateLayoutAndStyleIfNeededRecursive (this=0x115e942e0) at /Users/yutak/WebKit/Source/WebCore/page/FrameView.cpp:2372
#62 0x000000010108b619 in -[WebHTMLView(WebInternal) _web_updateLayoutAndStyleIfNeededRecursive] (self=0x107ab0e60, _cmd=0x10117cf3b) at /Users/yutak/WebKit/Source/WebKit/mac/WebView/WebHTMLView.mm:5528
#63 0x0000000101086f6a in -[WebHTMLView(WebPrivate) viewWillDraw] (self=0x107ab0e60, _cmd=0x7fff81c0a6d0) at /Users/yutak/WebKit/Source/WebKit/mac/WebView/WebHTMLView.mm:1371
#64 0x00007fff81503251 in -[NSView viewWillDraw] ()
#65 0x00007fff81503251 in -[NSView viewWillDraw] ()
#66 0x00007fff81503251 in -[NSView viewWillDraw] ()
#67 0x00007fff81503251 in -[NSView viewWillDraw] ()
#68 0x000000010110a550 in -[WebView(WebPrivate) viewWillDraw] (self=0x107816cf0, _cmd=0x7fff81c0a6d0) at /Users/yutak/WebKit/Source/WebKit/mac/WebView/WebView.mm:890
#69 0x00007fff81503251 in -[NSView viewWillDraw] ()
#70 0x00007fff81503251 in -[NSView viewWillDraw] ()
#71 0x00007fff81503251 in -[NSView viewWillDraw] ()
#72 0x00007fff81503251 in -[NSView viewWillDraw] ()
#73 0x00007fff81502802 in -[NSView _sendViewWillDrawInRect:clipRootView:suppressRecursion:] ()
#74 0x00007fff8147dfb9 in -[NSView displayIfNeeded] ()
#75 0x00000001000341c8 in ?? ()
#76 0x00007fff81478ea2 in _handleWindowNeedsDisplay ()
#77 0x00007fff80857077 in __CFRunLoopDoObservers ()
#78 0x00007fff80832ef4 in __CFRunLoopRun ()
#79 0x00007fff8083284f in CFRunLoopRunSpecific ()
#80 0x00007fff888ef91a in RunCurrentEventLoopInMode ()
#81 0x00007fff888ef71f in ReceiveNextEventCommon ()
#82 0x00007fff888ef5d8 in BlockUntilNextEventMatchingListInMode ()
#83 0x00007fff8144e29e in _DPSNextEvent ()
#84 0x00007fff8144dbed in -[NSApplication nextEventMatchingMask:untilDate:inMode:dequeue:] ()
#85 0x0000000100016062 in ?? ()
#86 0x00007fff814138d3 in -[NSApplication run] ()
#87 0x00007fff8140c5f8 in NSApplicationMain ()
#88 0x0000000100009f84 in ?? ()
Current language:  auto; currently c++
(gdb)

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

More information about the webkit-unassigned mailing list