[Webkit-unassigned] [Bug 140255] New: Assert should not reaced fail in WebCore::valueForLength

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Thu Jan 8 10:23:54 PST 2015 

https://bugs.webkit.org/show_bug.cgi?id=140255

            Bug ID: 140255
           Summary: Assert should not reaced fail in
                    WebCore::valueForLength
    Classification: Unclassified
           Product: WebKit
           Version: 528+ (Nightly build)
          Hardware: Unspecified
                OS: Unspecified
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: CSS
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: rhodovan.u-szeged at partner.samsung.com
                CC: bjonesbe at adobe.com
            Blocks: 116980

Created attachment 244271
  --> https://bugs.webkit.org/attachment.cgi?id=244271&action=review
Test case

The following test fails on debug WK:

<style>
* {
    position: fixed;
    max-width: -webkit-fit-content;
    -webkit-writing-mode: vertical-rl;
}
</style>

It's probably similar (or the same?) as https://bugs.webkit.org/show_bug.cgi?id=139397.


Backtrace:

SHOULD NEVER BE REACHED
../../Source/WebCore/css/LengthFunctions.cpp(89) : WebCore::LayoutUnit WebCore::valueForLength(const WebCore::Length&, WebCore::LayoutUnit)

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0x7fff98984700 (LWP 8862)]
0x00007fffed92a5c7 in WTFCrash () at ../../Source/WTF/wtf/Assertions.cpp:321
321        *(int *)(uintptr_t)0xbbadbeef = 0;
#0  0x00007fffed92a5c7 in WTFCrash () at ../../Source/WTF/wtf/Assertions.cpp:321
#1  0x00007ffff2ea6f2b in WebCore::valueForLength (length=..., maximumValue=...) at ../../Source/WebCore/css/LengthFunctions.cpp:89
#2  0x00007ffff38d42fc in WebCore::RenderElement::valueForLength (this=0x7ffff7f16cc0, length=..., maximumValue=...) at ../../Source/WebCore/rendering/RenderElement.h:323
#3  0x00007ffff38cd83f in WebCore::RenderBox::computePositionedLogicalHeightUsing (this=0x7ffff7f16cc0, logicalHeightLength=..., containerBlock=0x7ffff7e8e900, containerLogicalHeight=..., bordersPlusPadding=..., logicalHeight=..., logicalTop=..., logicalBottom=..., marginBefore=..., marginAfter=..., computedValues=...) at ../../Source/WebCore/rendering/RenderBox.cpp:3732
#4  0x00007ffff38ccf13 in WebCore::RenderBox::computePositionedLogicalHeight (this=0x7ffff7f16cc0, computedValues=...) at ../../Source/WebCore/rendering/RenderBox.cpp:3636
#5  0x00007ffff38c7b3b in WebCore::RenderBox::computeLogicalHeight (this=0x7ffff7f16cc0, logicalHeight=..., logicalTop=..., computedValues=...) at ../../Source/WebCore/rendering/RenderBox.cpp:2660
#6  0x00007ffff38c79f5 in WebCore::RenderBox::updateLogicalHeight (this=0x7ffff7f16cc0) at ../../Source/WebCore/rendering/RenderBox.cpp:2641
#7  0x00007ffff3899683 in WebCore::RenderBlockFlow::updateLogicalHeight (this=0x7ffff7f16cc0) at ../../Source/WebCore/rendering/RenderBlockFlow.cpp:3118
#8  0x00007ffff388c177 in WebCore::RenderBlockFlow::layoutBlock (this=0x7ffff7f16cc0, relayoutChildren=false, pageLogicalHeight=...) at ../../Source/WebCore/rendering/RenderBlockFlow.cpp:500
#9  0x00007ffff3861cbf in WebCore::RenderBlock::layout (this=0x7ffff7f16cc0) at ../../Source/WebCore/rendering/RenderBlock.cpp:941
#10 0x00007ffff382aed9 in WebCore::RenderElement::layoutIfNeeded (this=0x7ffff7f16cc0) at ../../Source/WebCore/rendering/RenderElement.h:119
#11 0x00007ffff3863a59 in WebCore::RenderBlock::layoutPositionedObjects (this=0x7ffff7e8e900, relayoutChildren=true, fixedPositionObjectsOnly=false) at ../../Source/WebCore/rendering/RenderBlock.cpp:1372
#12 0x00007ffff388c3b5 in WebCore::RenderBlockFlow::layoutBlock (this=0x7ffff7e8e900, relayoutChildren=true, pageLogicalHeight=...) at ../../Source/WebCore/rendering/RenderBlockFlow.cpp:518
#13 0x00007ffff3861cbf in WebCore::RenderBlock::layout (this=0x7ffff7e8e900) at ../../Source/WebCore/rendering/RenderBlock.cpp:941
#14 0x00007ffff3a5e179 in WebCore::RenderView::layoutContent (this=0x7ffff7e8e900, state=...) at ../../Source/WebCore/rendering/RenderView.cpp:232
#15 0x00007ffff3a5e849 in WebCore::RenderView::layout (this=0x7ffff7e8e900) at ../../Source/WebCore/rendering/RenderView.cpp:357
#16 0x00007ffff35c99b5 in WebCore::FrameView::layout (this=0x7ffff7ed0b00, allowSubtree=true) at ../../Source/WebCore/page/FrameView.cpp:1316
#17 0x00007ffff2f883a7 in WebCore::Document::implicitClose (this=0x7ffff7e8f000) at ../../Source/WebCore/dom/Document.cpp:2464
#18 0x00007ffff347376f in WebCore::FrameLoader::checkCallImplicitClose (this=0x7ffff7f43a98) at ../../Source/WebCore/loader/FrameLoader.cpp:909
#19 0x00007ffff34734db in WebCore::FrameLoader::checkCompleted (this=0x7ffff7f43a98) at ../../Source/WebCore/loader/FrameLoader.cpp:855
#20 0x00007ffff3473244 in WebCore::FrameLoader::finishedParsing (this=0x7ffff7f43a98) at ../../Source/WebCore/loader/FrameLoader.cpp:775
#21 0x00007ffff2f91302 in WebCore::Document::finishedParsing (this=0x7ffff7e8f000) at ../../Source/WebCore/dom/Document.cpp:4597
#22 0x00007ffff32ee375 in WebCore::HTMLConstructionSite::finishedParsing (this=0x7ffff7f3d920) at ../../Source/WebCore/html/parser/HTMLConstructionSite.cpp:404
#23 0x00007ffff332aec0 in WebCore::HTMLTreeBuilder::finished (this=0x7ffff7f3d900) at ../../Source/WebCore/html/parser/HTMLTreeBuilder.cpp:2941
#24 0x00007ffff32f6be6 in WebCore::HTMLDocumentParser::end (this=0x7ffff7ed7100) at ../../Source/WebCore/html/parser/HTMLDocumentParser.cpp:425
#25 0x00007ffff32f6cb4 in WebCore::HTMLDocumentParser::attemptToRunDeferredScriptsAndEnd (this=0x7ffff7ed7100) at ../../Source/WebCore/html/parser/HTMLDocumentParser.cpp:434
#26 0x00007ffff32f5940 in WebCore::HTMLDocumentParser::prepareToStopParsing (this=0x7ffff7ed7100) at ../../Source/WebCore/html/parser/HTMLDocumentParser.cpp:153
#27 0x00007ffff32f6ceb in WebCore::HTMLDocumentParser::attemptToEnd (this=0x7ffff7ed7100) at ../../Source/WebCore/html/parser/HTMLDocumentParser.cpp:446
#28 0x00007ffff32f6d99 in WebCore::HTMLDocumentParser::finish (this=0x7ffff7ed7100) at ../../Source/WebCore/html/parser/HTMLDocumentParser.cpp:474
#29 0x00007ffff3463885 in WebCore::DocumentWriter::end (this=0x7ffff7ec3aa0) at ../../Source/WebCore/loader/DocumentWriter.cpp:247
#30 0x00007ffff344f029 in WebCore::DocumentLoader::finishedLoading (this=0x7ffff7ec3a00, finishTime=0) at ../../Source/WebCore/loader/DocumentLoader.cpp:440
#31 0x00007ffff344ed92 in WebCore::DocumentLoader::notifyFinished (this=0x7ffff7ec3a00, resource=0x7ffff7ed0680) at ../../Source/WebCore/loader/DocumentLoader.cpp:374
#32 0x00007ffff3501e1e in WebCore::CachedResource::checkNotify (this=0x7ffff7ed0680) at ../../Source/WebCore/loader/cache/CachedResource.cpp:294
#33 0x00007ffff3501f1c in WebCore::CachedResource::finishLoading (this=0x7ffff7ed0680) at ../../Source/WebCore/loader/cache/CachedResource.cpp:310
#34 0x00007ffff34fe617 in WebCore::CachedRawResource::finishLoading (this=0x7ffff7ed0680, data=0x7ffff7e88570) at ../../Source/WebCore/loader/cache/CachedRawResource.cpp:104
#35 0x00007ffff34b1886 in WebCore::SubresourceLoader::didFinishLoading (this=0x7ffff7ed0200, finishTime=0) at ../../Source/WebCore/loader/SubresourceLoader.cpp:355
#36 0x00007ffff34ad4e7 in WebCore::ResourceLoader::didFinishLoading (this=0x7ffff7ed0200, finishTime=0) at ../../Source/WebCore/loader/ResourceLoader.cpp:506
#37 0x00007ffff3e58c65 in WebCore::readCallback (asyncResult=0x8581e0, data=0x7ffff7ef30e0) at ../../Source/WebCore/platform/network/soup/ResourceHandleSoup.cpp:1295
#38 0x00007fffeb4cc7d6 in async_ready_callback_wrapper (source_object=0x7c8ad0, res=0x8581e0, user_data=user_data at entry=0x7ffff7ef30e0) at ginputstream.c:523
#39 0x00007fffeb4f20d5 in g_task_return_now (task=0x8581e0) at gtask.c:1077
#40 0x00007fffeb4f20f9 in complete_in_idle_cb (task=0x8581e0) at gtask.c:1086
#41 0x00007fffea7319fd in g_main_dispatch (context=0x478300) at gmain.c:3064
#42 g_main_context_dispatch (context=context at entry=0x478300) at gmain.c:3663
#43 0x00007fffea731d68 in g_main_context_iterate (context=0x478300, block=block at entry=1, dispatch=dispatch at entry=1, self=<optimized out>) at gmain.c:3734
#44 0x00007fffea73202a in g_main_loop_run (loop=0x8fd9e0) at gmain.c:3928
#45 0x00007ffff4537450 in WTF::RunLoop::run () at ../../Source/WTF/wtf/gtk/RunLoopGtk.cpp:59
#46 0x00007ffff2a65456 in WebKit::ChildProcessMain<WebKit::WebProcess, WebKit::WebProcessMain> (argc=2, argv=0x7fffffffd968) at ../../Source/WebKit2/Shared/unix/ChildProcessMain.h:61
#47 0x00007ffff2a652bb in WebKit::WebProcessMainUnix (argc=2, argv=0x7fffffffd968) at ../../Source/WebKit2/WebProcess/gtk/WebProcessMainGtk.cpp:70
#48 0x0000000000400891 in main (argc=2, argv=0x7fffffffd968) at ../../Source/WebKit2/WebProcess/EntryPoint/unix/WebProcessMain.cpp:44

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20150108/e841974b/attachment-0002.html>

More information about the webkit-unassigned mailing list