[Webkit-unassigned] [Bug 121148] New: SHOULD NEVER BE REACHED is touched WebCore::InputType::createStepRange
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Wed Sep 11 01:51:43 PDT 2013
https://bugs.webkit.org/show_bug.cgi?id=121148
Summary: SHOULD NEVER BE REACHED is touched
WebCore::InputType::createStepRange
Product: WebKit
Version: 528+ (Nightly build)
Platform: Unspecified
OS/Version: Unspecified
Status: NEW
Severity: Normal
Priority: P2
Component: Forms
AssignedTo: webkit-unassigned at lists.webkit.org
ReportedBy: reni at webkit.org
Blocks: 116980
The test causes the crash:
<input style="-webkit-appearance:slider-vertical;">
Backtrace:
Program received signal SIGSEGV, Segmentation fault.
0x00007ffff56dafad in WTFCrash () at /home/reni/Data/REPOS/webkit_sec/Source/WTF/wtf/Assertions.cpp:342
342 *(int *)(uintptr_t)0xbbadbeef = 0;
(gdb) bt
#0 0x00007ffff56dafad in WTFCrash () at /home/reni/Data/REPOS/webkit_sec/Source/WTF/wtf/Assertions.cpp:342
#1 0x00007ffff43d0183 in WebCore::InputType::createStepRange (this=0x8c1eb0) at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/html/InputType.cpp:1015
#2 0x00007ffff43ce73a in WebCore::InputType::maximum (this=0x8c1eb0) at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/html/InputType.cpp:307
#3 0x00007ffff4393d7a in WebCore::HTMLInputElement::maximum (this=0x7998c0) at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/html/HTMLInputElement.cpp:333
#4 0x00007ffff4a9e95b in WebCore::RenderThemeQStyle::paintSliderTrack (this=0x7dee70, o=0x8e3bc8, pi=..., r=...)
at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/platform/qt/RenderThemeQStyle.cpp:440
#5 0x00007ffff49bef14 in WebCore::RenderTheme::paint (this=0x7dee70, o=0x8e3bc8, paintInfo=..., r=...)
at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/rendering/RenderTheme.cpp:322
#6 0x00007ffff4870a62 in WebCore::RenderBox::paintBoxDecorations (this=0x8e3bc8, paintInfo=..., paintOffset=...)
at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/rendering/RenderBox.cpp:1184
#7 0x00007ffff481489e in WebCore::RenderBlock::paintObject (this=0x8e3bc8, paintInfo=..., paintOffset=...)
at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/rendering/RenderBlock.cpp:3299
#8 0x00007ffff48126cf in WebCore::RenderBlock::paint (this=0x8e3bc8, paintInfo=..., paintOffset=...)
at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/rendering/RenderBlock.cpp:3019
#9 0x00007ffff49bb168 in WebCore::RenderTextControlSingleLine::paint (this=0x8e3bc8, paintInfo=..., paintOffset=...)
at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/rendering/RenderTextControlSingleLine.cpp:80
#10 0x00007ffff47e3630 in WebCore::InlineBox::paint (this=0x8ecb88, paintInfo=..., paintOffset=...)
at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/rendering/InlineBox.cpp:230
#11 0x00007ffff47ebce3 in WebCore::InlineFlowBox::paint (this=0x8ecbe8, paintInfo=..., paintOffset=..., lineTop=..., lineBottom=...)
at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/rendering/InlineFlowBox.cpp:1170
#12 0x00007ffff49d9938 in WebCore::RootInlineBox::paint (this=0x8ecbe8, paintInfo=..., paintOffset=..., lineTop=..., lineBottom=...)
at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/rendering/RootInlineBox.cpp:212
#13 0x00007ffff49437dd in WebCore::RenderLineBoxList::paint (this=0x7de9e0, renderer=0x7de948, paintInfo=..., paintOffset=...)
at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/rendering/RenderLineBoxList.cpp:262
#14 0x00007ffff4813eff in WebCore::RenderBlock::paintContents (this=0x7de948, paintInfo=..., paintOffset=...)
at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/rendering/RenderBlock.cpp:3206
#15 0x00007ffff4814a48 in WebCore::RenderBlock::paintObject (this=0x7de948, paintInfo=..., paintOffset=...)
at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/rendering/RenderBlock.cpp:3323
#16 0x00007ffff48126cf in WebCore::RenderBlock::paint (this=0x7de948, paintInfo=..., paintOffset=...)
at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/rendering/RenderBlock.cpp:3019
#17 0x00007ffff4814407 in WebCore::RenderBlock::paintChild (this=0x782548, child=0x7de948, paintInfo=..., paintOffset=..., paintInfoForChild=...,
usePrintRect=false) at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/rendering/RenderBlock.cpp:3256
#18 0x00007ffff481403d in WebCore::RenderBlock::paintChildren (this=0x782548, paintInfo=..., paintOffset=..., paintInfoForChild=..., usePrintRect=false)
at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/rendering/RenderBlock.cpp:3226
#19 0x00007ffff4813fe1 in WebCore::RenderBlock::paintContents (this=0x782548, paintInfo=..., paintOffset=...)
at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/rendering/RenderBlock.cpp:3219
#20 0x00007ffff4814a48 in WebCore::RenderBlock::paintObject (this=0x782548, paintInfo=..., paintOffset=...)
at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/rendering/RenderBlock.cpp:3323
#21 0x00007ffff48126cf in WebCore::RenderBlock::paint (this=0x782548, paintInfo=..., paintOffset=...)
at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/rendering/RenderBlock.cpp:3019
#22 0x00007ffff4911185 in WebCore::RenderLayer::paintForegroundForFragmentsWithPhase (this=0x7dd2f8, phase=WebCore::PaintPhaseForeground, layerFragments=...,
context=0x7fffffffb930, localPaintingInfo=..., paintBehavior=0, subtreePaintRootForRenderer=0x0)
at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/rendering/RenderLayer.cpp:4175
#23 0x00007ffff4910e8a in WebCore::RenderLayer::paintForegroundForFragments (this=0x7dd2f8, layerFragments=..., context=0x7fffffffb930,
transparencyLayerContext=0x7fffffffb930, transparencyPaintDirtyRect=..., haveTransparency=false, localPaintingInfo=..., paintBehavior=0,
subtreePaintRootForRenderer=0x0, selectionOnly=false, forceBlackText=false)
at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/rendering/RenderLayer.cpp:4151
#24 0x00007ffff490f7b4 in WebCore::RenderLayer::paintLayerContents (this=0x7dd2f8, context=0x7fffffffb930, paintingInfo=..., paintFlags=224)
at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/rendering/RenderLayer.cpp:3882
#25 0x00007ffff490e694 in WebCore::RenderLayer::paintLayerContentsAndReflection (this=0x7dd2f8, context=0x7fffffffb930, paintingInfo=..., paintFlags=224)
at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/rendering/RenderLayer.cpp:3646
#26 0x00007ffff490e589 in WebCore::RenderLayer::paintLayer (this=0x7dd2f8, context=0x7fffffffb930, paintingInfo=..., paintFlags=224)
at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/rendering/RenderLayer.cpp:3628
---Type <return> to continue, or q <return> to quit---
#27 0x00007ffff490fe45 in WebCore::RenderLayer::paintList (this=0x7a79b8, list=0x8ec700, context=0x7fffffffb930, paintingInfo=..., paintFlags=224)
at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/rendering/RenderLayer.cpp:3968
#28 0x00007ffff490f873 in WebCore::RenderLayer::paintLayerContents (this=0x7a79b8, context=0x7fffffffb930, paintingInfo=..., paintFlags=224)
at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/rendering/RenderLayer.cpp:3893
#29 0x00007ffff490e694 in WebCore::RenderLayer::paintLayerContentsAndReflection (this=0x7a79b8, context=0x7fffffffb930, paintingInfo=..., paintFlags=0)
at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/rendering/RenderLayer.cpp:3646
#30 0x00007ffff490e589 in WebCore::RenderLayer::paintLayer (this=0x7a79b8, context=0x7fffffffb930, paintingInfo=..., paintFlags=0)
at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/rendering/RenderLayer.cpp:3628
#31 0x00007ffff490d84c in WebCore::RenderLayer::paint (this=0x7a79b8, context=0x7fffffffb930, damageRect=..., paintBehavior=0, subtreePaintRoot=0x0, region=
0x0, paintFlags=0) at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/rendering/RenderLayer.cpp:3438
#32 0x00007ffff4671fba in WebCore::FrameView::paintContents (this=0x7e1ff0, p=0x7fffffffb930, rect=...)
at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/page/FrameView.cpp:3564
#33 0x00007ffff3b97e0a in QWebFrameAdapter::renderRelativeCoords (this=0x7a38f0, painter=0x7fffffffba90, layers=255, clip=...)
at /home/reni/Data/REPOS/webkit_sec/Source/WebKit/qt/WebCoreSupport/QWebFrameAdapter.cpp:541
#34 0x00007ffff7baa7a0 in QWebFrame::render (this=0x7e18c0, painter=0x7fffffffba90, layer=..., clip=...)
at /home/reni/Data/REPOS/webkit_sec/Source/WebKit/qt/WidgetApi/qwebframe.cpp:644
#35 0x00007ffff7baa870 in QWebFrame::render (this=0x7e18c0, painter=0x7fffffffba90, clip=...)
at /home/reni/Data/REPOS/webkit_sec/Source/WebKit/qt/WidgetApi/qwebframe.cpp:654
#36 0x00007ffff7bb9492 in QWebView::paintEvent (this=0x7ac910, ev=0x7fffffffc270)
at /home/reni/Data/REPOS/webkit_sec/Source/WebKit/qt/WidgetApi/qwebview.cpp:829
#37 0x00007ffff3064848 in QWidget::event(QEvent*) () from /usr/local/Trolltech/Qt5/Qt-5.0.0-r40/lib/libQt5Widgets.so.5
#38 0x00007ffff7bb923b in QWebView::event (this=0x7ac910, e=0x7fffffffc270) at /home/reni/Data/REPOS/webkit_sec/Source/WebKit/qt/WidgetApi/qwebview.cpp:733
#39 0x00007ffff302ddbc in QApplicationPrivate::notify_helper(QObject*, QEvent*) () from /usr/local/Trolltech/Qt5/Qt-5.0.0-r40/lib/libQt5Widgets.so.5
#40 0x00007ffff3031075 in QApplication::notify(QObject*, QEvent*) () from /usr/local/Trolltech/Qt5/Qt-5.0.0-r40/lib/libQt5Widgets.so.5
#41 0x00007ffff21c1dbe in QCoreApplication::notifyInternal(QObject*, QEvent*) () from /usr/local/Trolltech/Qt5/Qt-5.0.0-r40/lib/libQt5Core.so.5
#42 0x00007ffff3061705 in QWidgetPrivate::drawWidget(QPaintDevice*, QRegion const&, QPoint const&, int, QPainter*, QWidgetBackingStore*) ()
from /usr/local/Trolltech/Qt5/Qt-5.0.0-r40/lib/libQt5Widgets.so.5
#43 0x00007ffff306217b in QWidgetPrivate::paintSiblingsRecursive(QPaintDevice*, QList<QObject*> const&, int, QRegion const&, QPoint const&, int, QPainter*, QWidgetBackingStore*) () from /usr/local/Trolltech/Qt5/Qt-5.0.0-r40/lib/libQt5Widgets.so.5
#44 0x00007ffff3061256 in QWidgetPrivate::drawWidget(QPaintDevice*, QRegion const&, QPoint const&, int, QPainter*, QWidgetBackingStore*) ()
from /usr/local/Trolltech/Qt5/Qt-5.0.0-r40/lib/libQt5Widgets.so.5
#45 0x00007ffff306217b in QWidgetPrivate::paintSiblingsRecursive(QPaintDevice*, QList<QObject*> const&, int, QRegion const&, QPoint const&, int, QPainter*, QWidgetBackingStore*) () from /usr/local/Trolltech/Qt5/Qt-5.0.0-r40/lib/libQt5Widgets.so.5
#46 0x00007ffff3061fd1 in QWidgetPrivate::paintSiblingsRecursive(QPaintDevice*, QList<QObject*> const&, int, QRegion const&, QPoint const&, int, QPainter*, QWidgetBackingStore*) () from /usr/local/Trolltech/Qt5/Qt-5.0.0-r40/lib/libQt5Widgets.so.5
#47 0x00007ffff3061fd1 in QWidgetPrivate::paintSiblingsRecursive(QPaintDevice*, QList<QObject*> const&, int, QRegion const&, QPoint const&, int, QPainter*, QWidgetBackingStore*) () from /usr/local/Trolltech/Qt5/Qt-5.0.0-r40/lib/libQt5Widgets.so.5
#48 0x00007ffff3061256 in QWidgetPrivate::drawWidget(QPaintDevice*, QRegion const&, QPoint const&, int, QPainter*, QWidgetBackingStore*) ()
from /usr/local/Trolltech/Qt5/Qt-5.0.0-r40/lib/libQt5Widgets.so.5
#49 0x00007ffff303709f in ?? () from /usr/local/Trolltech/Qt5/Qt-5.0.0-r40/lib/libQt5Widgets.so.5
#50 0x00007ffff3037839 in ?? () from /usr/local/Trolltech/Qt5/Qt-5.0.0-r40/lib/libQt5Widgets.so.5
#51 0x00007ffff3082bc3 in ?? () from /usr/local/Trolltech/Qt5/Qt-5.0.0-r40/lib/libQt5Widgets.so.5
#52 0x00007ffff302ddbc in QApplicationPrivate::notify_helper(QObject*, QEvent*) () from /usr/local/Trolltech/Qt5/Qt-5.0.0-r40/lib/libQt5Widgets.so.5
#53 0x00007ffff3031075 in QApplication::notify(QObject*, QEvent*) () from /usr/local/Trolltech/Qt5/Qt-5.0.0-r40/lib/libQt5Widgets.so.5
#54 0x00007ffff21c1dbe in QCoreApplication::notifyInternal(QObject*, QEvent*) () from /usr/local/Trolltech/Qt5/Qt-5.0.0-r40/lib/libQt5Core.so.5
#55 0x00007ffff26983a7 in QGuiApplicationPrivate::processExposeEvent(QWindowSystemInterfacePrivate::ExposeEvent*) ()
from /usr/local/Trolltech/Qt5/Qt-5.0.0-r40/lib/libQt5Gui.so.5
#56 0x00007ffff269f53d in QGuiApplicationPrivate::processWindowSystemEvent(QWindowSystemInterfacePrivate::WindowSystemEvent*) ()
from /usr/local/Trolltech/Qt5/Qt-5.0.0-r40/lib/libQt5Gui.so.5
#57 0x00007ffff268ea68 in QWindowSystemInterface::sendWindowSystemEventsImplementation(QFlags<QEventLoop::ProcessEventsFlag>) ()
from /usr/local/Trolltech/Qt5/Qt-5.0.0-r40/lib/libQt5Gui.so.5
#58 0x00007fffe80776b0 in ?? () from /usr/local/Trolltech/Qt5/Qt-5.0.0-r40/plugins/platforms/libxcb.so
#59 0x00007fffee34a2d6 in g_main_dispatch (context=0x6632f0) at /build/buildd/glib2.0-2.37.6/./glib/gmain.c:3065
---Type <return> to continue, or q <return> to quit---
#60 g_main_context_dispatch (context=context at entry=0x6632f0) at /build/buildd/glib2.0-2.37.6/./glib/gmain.c:3641
#61 0x00007fffee34a628 in g_main_context_iterate (context=context at entry=0x6632f0, block=block at entry=1, dispatch=dispatch at entry=1, self=<optimized out>)
at /build/buildd/glib2.0-2.37.6/./glib/gmain.c:3712
#62 0x00007fffee34a6cc in g_main_context_iteration (context=0x6632f0, may_block=1) at /build/buildd/glib2.0-2.37.6/./glib/gmain.c:3773
#63 0x00007ffff22094bc in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) ()
from /usr/local/Trolltech/Qt5/Qt-5.0.0-r40/lib/libQt5Core.so.5
#64 0x00007ffff21c0d3b in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/local/Trolltech/Qt5/Qt-5.0.0-r40/lib/libQt5Core.so.5
#65 0x00007ffff21c4120 in QCoreApplication::exec() () from /usr/local/Trolltech/Qt5/Qt-5.0.0-r40/lib/libQt5Core.so.5
#66 0x0000000000421ba0 in launcherMain (app=...) at /home/reni/Data/REPOS/webkit_sec/Tools/QtTestBrowser/qttestbrowser.cpp:49
#67 0x0000000000423680 in main (argc=2, argv=0x7fffffffdb08) at /home/reni/Data/REPOS/webkit_sec/Tools/QtTestBrowser/qttestbrowser.cpp:318
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list