[Webkit-unassigned] [Bug 151025] New: ASSERTION FAILED: contentSize >= 0 in WebCore::RenderFlexibleBox::adjustChildSizeForMinAndMax

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Mon Nov 9 07:52:15 PST 2015 

https://bugs.webkit.org/show_bug.cgi?id=151025

            Bug ID: 151025
           Summary: ASSERTION FAILED: contentSize >= 0 in
                    WebCore::RenderFlexibleBox::adjustChildSizeForMinAndMa
                    x
    Classification: Unclassified
           Product: WebKit
           Version: WebKit Local Build
          Hardware: Unspecified
                OS: Unspecified
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: Layout and Rendering
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: rhodovan.u-szeged at partner.samsung.com
                CC: darin at apple.com, svillar at igalia.com
            Blocks: 116980

Created attachment 265052
  --> https://bugs.webkit.org/attachment.cgi?id=265052&action=review
Test

Load the attached test with debug MiniBrowser:

<style>
#id_0 #id_0 {}

* {
    background-attachment: fixed;
    margin-left: -96vmin;
}
* {
    display: flex;
}
</style>


OS: Ubuntu 15.04 x86_64
Checked build: debug EFL
Checked version: 009fb33


Backtrace:

ASSERTION FAILED: contentSize >= 0
../../Source/WebCore/rendering/RenderFlexibleBox.cpp(873) : WebCore::LayoutUnit WebCore::RenderFlexibleBox::adjustChildSizeForMinAndMax(WebCore::RenderBox&, WebCore::LayoutUnit)
1   0x7fe5991ecf97 WTFCrash
2   0x7fe59fba3312 WebCore::RenderFlexibleBox::adjustChildSizeForMinAndMax(WebCore::RenderBox&, WebCore::LayoutUnit)
3   0x7fe59fba3924 WebCore::RenderFlexibleBox::computeNextFlexLine(WTF::Vector<WebCore::RenderBox*, 0ul, WTF::CrashOnOverflow, 16ul>&, WebCore::LayoutUnit&, double&, double&, WebCore::LayoutUnit&, bool&)
4   0x7fe59fba2429 WebCore::RenderFlexibleBox::layoutFlexItems(bool, WTF::Vector<WebCore::RenderFlexibleBox::LineContext, 0ul, WTF::CrashOnOverflow, 16ul>&)
5   0x7fe59fba04f9 WebCore::RenderFlexibleBox::layoutBlock(bool, WebCore::LayoutUnit)
6   0x7fe59fadd10e WebCore::RenderBlock::layout()
7   0x7fe59fb0ba34 WebCore::RenderBlockFlow::layoutBlockChild(WebCore::RenderBox&, WebCore::RenderBlockFlow::MarginInfo&, WebCore::LayoutUnit&, WebCore::LayoutUnit&)
8   0x7fe59fb0b573 WebCore::RenderBlockFlow::layoutBlockChildren(bool, WebCore::LayoutUnit&)
9   0x7fe59fb0a9d7 WebCore::RenderBlockFlow::layoutBlock(bool, WebCore::LayoutUnit)
10  0x7fe59fadd10e WebCore::RenderBlock::layout()
11  0x7fe59fcef7af WebCore::RenderView::layoutContent(WebCore::LayoutState const&)
12  0x7fe59fcefea2 WebCore::RenderView::layout()
13  0x7fe59f8c219b WebCore::FrameView::layout(bool)
14  0x7fe59f3225b8 WebCore::Document::implicitClose()
15  0x7fe59f785b1b WebCore::FrameLoader::checkCallImplicitClose()
16  0x7fe59f785852 WebCore::FrameLoader::checkCompleted()
17  0x7fe59f7855c2 WebCore::FrameLoader::finishedParsing()
18  0x7fe59f32c5e8 WebCore::Document::finishedParsing()
19  0x7fe5a0693799 WebCore::HTMLConstructionSite::finishedParsing()
20  0x7fe59f67f210 WebCore::HTMLTreeBuilder::finished()
21  0x7fe59f64f8b4 WebCore::HTMLDocumentParser::end()
22  0x7fe59f64f98d WebCore::HTMLDocumentParser::attemptToRunDeferredScriptsAndEnd()
23  0x7fe59f64e66f WebCore::HTMLDocumentParser::prepareToStopParsing()
24  0x7fe59f64f9d0 WebCore::HTMLDocumentParser::attemptToEnd()
25  0x7fe59f64fa87 WebCore::HTMLDocumentParser::finish()
26  0x7fe59f7709f6 WebCore::DocumentWriter::end()
27  0x7fe59f75a2cc WebCore::DocumentLoader::finishedLoading(double)
28  0x7fe59f75a02a WebCore::DocumentLoader::notifyFinished(WebCore::CachedResource*)
29  0x7fe59f805437 WebCore::CachedResource::checkNotify()
30  0x7fe59f805546 WebCore::CachedResource::finishLoading(WebCore::SharedBuffer*)
31  0x7fe59f80173a WebCore::CachedRawResource::finishLoading(WebCore::SharedBuffer*)
Aborted (core dumped)

Program terminated with signal SIGSEGV, Segmentation fault.
#0  0x00007fe5991ecf9c in WTFCrash () at ../../Source/WTF/wtf/Assertions.cpp:321
321     *(int *)(uintptr_t)0xbbadbeef = 0;
#0  0x00007fe5991ecf9c in WTFCrash () at ../../Source/WTF/wtf/Assertions.cpp:321
#1  0x00007fe59fba3312 in WebCore::RenderFlexibleBox::adjustChildSizeForMinAndMax (this=0x7fe5807d0190, child=..., childSize=...) at ../../Source/WebCore/rendering/RenderFlexibleBox.cpp:873
#2  0x00007fe59fba3924 in WebCore::RenderFlexibleBox::computeNextFlexLine (this=0x7fe5807d0190, orderedChildren=..., preferredMainAxisExtent=..., totalFlexGrow=@0x7ffd34804680: 0, totalWeightedFlexShrink=@0x7ffd34804688: 28.40625, minMaxAppliedMainAxisExtent=..., hasInfiniteLineLength=@0x7ffd3480462f: false) at ../../Source/WebCore/rendering/RenderFlexibleBox.cpp:922
#3  0x00007fe59fba2429 in WebCore::RenderFlexibleBox::layoutFlexItems (this=0x7fe5807d0190, relayoutChildren=true, lineContexts=...) at ../../Source/WebCore/rendering/RenderFlexibleBox.cpp:695
#4  0x00007fe59fba04f9 in WebCore::RenderFlexibleBox::layoutBlock (this=0x7fe5807d0190, relayoutChildren=true) at ../../Source/WebCore/rendering/RenderFlexibleBox.cpp:272
#5  0x00007fe59fadd10e in WebCore::RenderBlock::layout (this=0x7fe5807d0190) at ../../Source/WebCore/rendering/RenderBlock.cpp:931
#6  0x00007fe59fb0ba34 in WebCore::RenderBlockFlow::layoutBlockChild (this=0x7fe5806dd228, child=..., marginInfo=..., previousFloatLogicalBottom=..., maxFloatLogicalBottom=...) at ../../Source/WebCore/rendering/RenderBlockFlow.cpp:709
#7  0x00007fe59fb0b573 in WebCore::RenderBlockFlow::layoutBlockChildren (this=0x7fe5806dd228, relayoutChildren=true, maxFloatLogicalBottom=...) at ../../Source/WebCore/rendering/RenderBlockFlow.cpp:632
#8  0x00007fe59fb0a9d7 in WebCore::RenderBlockFlow::layoutBlock (this=0x7fe5806dd228, relayoutChildren=true, pageLogicalHeight=...) at ../../Source/WebCore/rendering/RenderBlockFlow.cpp:485
#9  0x00007fe59fadd10e in WebCore::RenderBlock::layout (this=0x7fe5806dd228) at ../../Source/WebCore/rendering/RenderBlock.cpp:931
#10 0x00007fe59fcef7af in WebCore::RenderView::layoutContent (this=0x7fe5806dd228, state=...) at ../../Source/WebCore/rendering/RenderView.cpp:253
#11 0x00007fe59fcefea2 in WebCore::RenderView::layout (this=0x7fe5806dd228) at ../../Source/WebCore/rendering/RenderView.cpp:378
#12 0x00007fe59f8c219b in WebCore::FrameView::layout (this=0x7fe580425540, allowSubtree=true) at ../../Source/WebCore/page/FrameView.cpp:1414
#13 0x00007fe59f3225b8 in WebCore::Document::implicitClose (this=0x7fe580426a40) at ../../Source/WebCore/dom/Document.cpp:2704
#14 0x00007fe59f785b1b in WebCore::FrameLoader::checkCallImplicitClose (this=0x7fe5806e4098) at ../../Source/WebCore/loader/FrameLoader.cpp:889
#15 0x00007fe59f785852 in WebCore::FrameLoader::checkCompleted (this=0x7fe5806e4098) at ../../Source/WebCore/loader/FrameLoader.cpp:835
#16 0x00007fe59f7855c2 in WebCore::FrameLoader::finishedParsing (this=0x7fe5806e4098) at ../../Source/WebCore/loader/FrameLoader.cpp:756
#17 0x00007fe59f32c5e8 in WebCore::Document::finishedParsing (this=0x7fe580426a40) at ../../Source/WebCore/dom/Document.cpp:4897
#18 0x00007fe5a0693799 in WebCore::HTMLConstructionSite::finishedParsing (this=0x7fe5806fe6e0) at ../../Source/WebCore/html/parser/HTMLConstructionSite.cpp:403
#19 0x00007fe59f67f210 in WebCore::HTMLTreeBuilder::finished (this=0x7fe5806fe6c0) at ../../Source/WebCore/html/parser/HTMLTreeBuilder.cpp:2937
#20 0x00007fe59f64f8b4 in WebCore::HTMLDocumentParser::end (this=0x7fe58042e840) at ../../Source/WebCore/html/parser/HTMLDocumentParser.cpp:393
#21 0x00007fe59f64f98d in WebCore::HTMLDocumentParser::attemptToRunDeferredScriptsAndEnd (this=0x7fe58042e840) at ../../Source/WebCore/html/parser/HTMLDocumentParser.cpp:402
#22 0x00007fe59f64e66f in WebCore::HTMLDocumentParser::prepareToStopParsing (this=0x7fe58042e840) at ../../Source/WebCore/html/parser/HTMLDocumentParser.cpp:132
#23 0x00007fe59f64f9d0 in WebCore::HTMLDocumentParser::attemptToEnd (this=0x7fe58042e840) at ../../Source/WebCore/html/parser/HTMLDocumentParser.cpp:414
#24 0x00007fe59f64fa87 in WebCore::HTMLDocumentParser::finish (this=0x7fe58042e840) at ../../Source/WebCore/html/parser/HTMLDocumentParser.cpp:442
#25 0x00007fe59f7709f6 in WebCore::DocumentWriter::end (this=0x7fe5804249e0) at ../../Source/WebCore/loader/DocumentWriter.cpp:247
#26 0x00007fe59f75a2cc in WebCore::DocumentLoader::finishedLoading (this=0x7fe580424940, finishTime=0) at ../../Source/WebCore/loader/DocumentLoader.cpp:437
#27 0x00007fe59f75a02a in WebCore::DocumentLoader::notifyFinished (this=0x7fe580424940, resource=0x7fe580436000) at ../../Source/WebCore/loader/DocumentLoader.cpp:384
#28 0x00007fe59f805437 in WebCore::CachedResource::checkNotify (this=0x7fe580436000) at ../../Source/WebCore/loader/cache/CachedResource.cpp:297
#29 0x00007fe59f805546 in WebCore::CachedResource::finishLoading (this=0x7fe580436000) at ../../Source/WebCore/loader/cache/CachedResource.cpp:313
#30 0x00007fe59f80173a in WebCore::CachedRawResource::finishLoading (this=0x7fe580436000, data=0x7fe5807bb680) at ../../Source/WebCore/loader/cache/CachedRawResource.cpp:103
#31 0x00007fe59f7ca168 in WebCore::SubresourceLoader::didFinishLoading (this=0x7fe58042fa80, finishTime=0) at ../../Source/WebCore/loader/SubresourceLoader.cpp:372
#32 0x00007fe59f7c4c47 in WebCore::ResourceLoader::didFinishLoading (this=0x7fe58042fa80, finishTime=0) at ../../Source/WebCore/loader/ResourceLoader.cpp:638
#33 0x00007fe59ffb6560 in WebCore::readCallback (asyncResult=0x12f91c0, data=0x7fe5807bd660) at ../../Source/WebCore/platform/network/soup/ResourceHandleSoup.cpp:1341
#34 0x00007fe5957dc5b6 in async_ready_callback_wrapper (source_object=0x12485b0, res=0x12f91c0, user_data=0x7fe5807bd660) at ginputstream.c:523
#35 0x00007fe595802b84 in g_task_return_now (task=0x12f91c0) at gtask.c:1077
#36 0x00007fe595802ba9 in complete_in_idle_cb (task=0x12f91c0) at gtask.c:1086
#37 0x00007fe59523aadd in g_main_dispatch (context=0x12428f0) at gmain.c:3064
#38 g_main_context_dispatch (context=context at entry=0x12428f0) at gmain.c:3663
#39 0x00007fe596ba6e58 in _ecore_glib_select__locked (ecore_timeout=<optimized out>, efds=0x7ffd348057f0, wfds=0x7ffd34805770, rfds=0x7ffd348056f0, ecore_fds=<optimized out>, ctx=<optimized out>) at lib/ecore/ecore_glib.c:172
#40 _ecore_glib_select (ecore_fds=<optimized out>, rfds=0x7ffd348056f0, wfds=0x7ffd34805770, efds=0x7ffd348057f0, ecore_timeout=<optimized out>) at lib/ecore/ecore_glib.c:204
#41 0x00007fe596baa4a4 in _ecore_main_select (timeout=9.532824124368238e-130) at lib/ecore/ecore_main.c:1459
#42 0x00007fe596baaed4 in _ecore_main_loop_iterate_internal (once_only=once_only at entry=0) at lib/ecore/ecore_main.c:1893
#43 0x00007fe596baafc7 in ecore_main_loop_begin () at lib/ecore/ecore_main.c:983
#44 0x00007fe599247e8d in WTF::RunLoop::run () at ../../Source/WTF/wtf/efl/RunLoopEfl.cpp:49
#45 0x00007fe59f0a7e1b in WebKit::ChildProcessMain<WebKit::WebProcess, WebKit::WebProcessMain> (argc=2, argv=0x7ffd34805c28) at ../../Source/WebKit2/Shared/unix/ChildProcessMain.h:61
#46 0x00007fe59f0a7a29 in WebKit::WebProcessMainUnix (argc=2, argv=0x7ffd34805c28) at ../../Source/WebKit2/WebProcess/efl/WebProcessMainEfl.cpp:161
#47 0x00000000004008ea in main (argc=2, argv=0x7ffd34805c28) at ../../Source/WebKit2/WebProcess/EntryPoint/unix/WebProcessMain.cpp:44

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.webkit.org/pipermail/webkit-unassigned/attachments/20151109/1bc54d24/attachment.html>

More information about the webkit-unassigned mailing list