[Webkit-unassigned] [Bug 151254] New: ASSERTION FAILED: freeSpace >= 0 in WebCore::RenderGrid::computeTrackSizesForDirection

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Fri Nov 13 01:04:12 PST 2015 

https://bugs.webkit.org/show_bug.cgi?id=151254

            Bug ID: 151254
           Summary: ASSERTION FAILED: freeSpace >= 0 in
                    WebCore::RenderGrid::computeTrackSizesForDirection
    Classification: Unclassified
           Product: WebKit
           Version: WebKit Local Build
          Hardware: Unspecified
                OS: Unspecified
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: Layout and Rendering
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: rhodovan.u-szeged at partner.samsung.com
                CC: jfernandez at igalia.com, rego at igalia.com,
                    simon.fraser at apple.com, svillar at igalia.com
            Blocks: 116980

Created attachment 265474
  --> https://bugs.webkit.org/attachment.cgi?id=265474&action=review
Test

Load the attached test with debug MiniBrowser:

<style>
* {
    display: -webkit-grid;
    margin: -7137037pt 5641665960219 -57058in -752576px;
    overflow-y: scroll;
}
</style>


OS: Ubuntu 15.04 x86_64
Checked build: debug EFL
Checked version: 08e34d6


Backtrace:

ASSERTION FAILED: freeSpace >= 0
../../Source/WebCore/rendering/RenderGrid.cpp(317) : void WebCore::RenderGrid::computeTrackSizesForDirection(WebCore::GridTrackSizingDirection, WebCore::RenderGrid::GridSizingData&, WebCore::LayoutUnit)
1   0x7f6f8c9e1a9f WTFCrash
2   0x7f6f933ea82e WebCore::RenderGrid::computeTrackSizesForDirection(WebCore::GridTrackSizingDirection, WebCore::RenderGrid::GridSizingData&, WebCore::LayoutUnit)
3   0x7f6f933eac92 WebCore::RenderGrid::layoutBlock(bool, WebCore::LayoutUnit)
4   0x7f6f93302cf6 WebCore::RenderBlock::layout()
5   0x7f6f932d613f WebCore::RenderElement::layoutIfNeeded()
6   0x7f6f933ed44f WebCore::RenderGrid::logicalContentHeightForChild(WebCore::RenderBox&, WTF::Vector<WebCore::GridTrack, 0ul, WTF::CrashOnOverflow, 16ul>&)
7   0x7f6f933ed82f WebCore::RenderGrid::minContentForChild(WebCore::RenderBox&, WebCore::GridTrackSizingDirection, WTF::Vector<WebCore::GridTrack, 0ul, WTF::CrashOnOverflow, 16ul>&)
8   0x7f6f933ed5cb WebCore::RenderGrid::minSizeForChild(WebCore::RenderBox&, WebCore::GridTrackSizingDirection, WTF::Vector<WebCore::GridTrack, 0ul, WTF::CrashOnOverflow, 16ul>&)
9   0x7f6f933ee1a7 WebCore::RenderGrid::resolveContentBasedTrackSizingFunctionsForNonSpanningItems(WebCore::GridTrackSizingDirection, WebCore::GridSpan const&, WebCore::RenderBox&, WebCore::GridTrack&, WTF::Vector<WebCore::GridTrack, 0ul, WTF::CrashOnOverflow, 16ul>&)
10  0x7f6f933edd12 WebCore::RenderGrid::resolveContentBasedTrackSizingFunctions(WebCore::GridTrackSizingDirection, WebCore::RenderGrid::GridSizingData&)
11  0x7f6f933ebb24 WebCore::RenderGrid::computeUsedBreadthOfGridTracks(WebCore::GridTrackSizingDirection, WebCore::RenderGrid::GridSizingData&, WebCore::LayoutUnit&, WebCore::LayoutUnit&)
12  0x7f6f933eb49c WebCore::RenderGrid::computeIntrinsicLogicalHeight(WebCore::RenderGrid::GridSizingData&)
13  0x7f6f933eacb4 WebCore::RenderGrid::layoutBlock(bool, WebCore::LayoutUnit)
14  0x7f6f93302cf6 WebCore::RenderBlock::layout()
15  0x7f6f9333159c WebCore::RenderBlockFlow::layoutBlockChild(WebCore::RenderBox&, WebCore::RenderBlockFlow::MarginInfo&, WebCore::LayoutUnit&, WebCore::LayoutUnit&)
16  0x7f6f933310db WebCore::RenderBlockFlow::layoutBlockChildren(bool, WebCore::LayoutUnit&)
17  0x7f6f9333053f WebCore::RenderBlockFlow::layoutBlock(bool, WebCore::LayoutUnit)
18  0x7f6f93302cf6 WebCore::RenderBlock::layout()
19  0x7f6f93515cc5 WebCore::RenderView::layoutContent(WebCore::LayoutState const&)
20  0x7f6f935163b8 WebCore::RenderView::layout()
21  0x7f6f930e4640 WebCore::FrameView::layout(bool)
22  0x7f6f92b445a6 WebCore::Document::implicitClose()
23  0x7f6f92fa7cb9 WebCore::FrameLoader::checkCallImplicitClose()
24  0x7f6f92fa79f0 WebCore::FrameLoader::checkCompleted()
25  0x7f6f92fa7760 WebCore::FrameLoader::finishedParsing()
26  0x7f6f92b4e474 WebCore::Document::finishedParsing()
27  0x7f6f93ebc7b7 WebCore::HTMLConstructionSite::finishedParsing()
28  0x7f6f92ea0a62 WebCore::HTMLTreeBuilder::finished()
29  0x7f6f92e71162 WebCore::HTMLDocumentParser::end()
30  0x7f6f92e7123b WebCore::HTMLDocumentParser::attemptToRunDeferredScriptsAndEnd()
31  0x7f6f92e6ff1d WebCore::HTMLDocumentParser::prepareToStopParsing()
Aborted (core dumped)

Program terminated with signal SIGSEGV, Segmentation fault.
#0  0x00007f6f8c9e1aa4 in WTFCrash () at ../../Source/WTF/wtf/Assertions.cpp:321
321     *(int *)(uintptr_t)0xbbadbeef = 0;
#0  0x00007f6f8c9e1aa4 in WTFCrash () at ../../Source/WTF/wtf/Assertions.cpp:321
#1  0x00007f6f933ea82e in WebCore::RenderGrid::computeTrackSizesForDirection (this=0x7f6f6fada6f0, direction=WebCore::ForColumns, sizingData=..., freeSpace=...) at ../../Source/WebCore/rendering/RenderGrid.cpp:317
#2  0x00007f6f933eac92 in WebCore::RenderGrid::layoutBlock (this=0x7f6f6fada6f0, relayoutChildren=false) at ../../Source/WebCore/rendering/RenderGrid.cpp:353
#3  0x00007f6f93302cf6 in WebCore::RenderBlock::layout (this=0x7f6f6fada6f0) at ../../Source/WebCore/rendering/RenderBlock.cpp:931
#4  0x00007f6f932d613f in WebCore::RenderElement::layoutIfNeeded (this=0x7f6f6fada6f0) at ../../Source/WebCore/rendering/RenderElement.h:135
#5  0x00007f6f933ed44f in WebCore::RenderGrid::logicalContentHeightForChild (this=0x7f6f6fada5c8, child=..., columnTracks=...) at ../../Source/WebCore/rendering/RenderGrid.cpp:713
#6  0x00007f6f933ed82f in WebCore::RenderGrid::minContentForChild (this=0x7f6f6fada5c8, child=..., direction=WebCore::ForRows, columnTracks=...) at ../../Source/WebCore/rendering/RenderGrid.cpp:754
#7  0x00007f6f933ed5cb in WebCore::RenderGrid::minSizeForChild (this=0x7f6f6fada5c8, child=..., direction=WebCore::ForRows, columnTracks=...) at ../../Source/WebCore/rendering/RenderGrid.cpp:727
#8  0x00007f6f933ee1a7 in WebCore::RenderGrid::resolveContentBasedTrackSizingFunctionsForNonSpanningItems (this=0x7f6f6fada5c8, direction=WebCore::ForRows, span=..., gridItem=..., track=..., columnTracks=...) at ../../Source/WebCore/rendering/RenderGrid.cpp:864
#9  0x00007f6f933edd12 in WebCore::RenderGrid::resolveContentBasedTrackSizingFunctions (this=0x7f6f6fada5c8, direction=WebCore::ForRows, sizingData=...) at ../../Source/WebCore/rendering/RenderGrid.cpp:827
#10 0x00007f6f933ebb24 in WebCore::RenderGrid::computeUsedBreadthOfGridTracks (this=0x7f6f6fada5c8, direction=WebCore::ForRows, sizingData=..., baseSizesWithoutMaximization=..., growthLimitsWithoutMaximization=...) at ../../Source/WebCore/rendering/RenderGrid.cpp:513
#11 0x00007f6f933eb49c in WebCore::RenderGrid::computeIntrinsicLogicalHeight (this=0x7f6f6fada5c8, sizingData=...) at ../../Source/WebCore/rendering/RenderGrid.cpp:441
#12 0x00007f6f933eacb4 in WebCore::RenderGrid::layoutBlock (this=0x7f6f6fada5c8, relayoutChildren=false) at ../../Source/WebCore/rendering/RenderGrid.cpp:356
#13 0x00007f6f93302cf6 in WebCore::RenderBlock::layout (this=0x7f6f6fada5c8) at ../../Source/WebCore/rendering/RenderBlock.cpp:931
#14 0x00007f6f9333159c in WebCore::RenderBlockFlow::layoutBlockChild (this=0x7f6f6fadd228, child=..., marginInfo=..., previousFloatLogicalBottom=..., maxFloatLogicalBottom=...) at ../../Source/WebCore/rendering/RenderBlockFlow.cpp:709
#15 0x00007f6f933310db in WebCore::RenderBlockFlow::layoutBlockChildren (this=0x7f6f6fadd228, relayoutChildren=true, maxFloatLogicalBottom=...) at ../../Source/WebCore/rendering/RenderBlockFlow.cpp:632
#16 0x00007f6f9333053f in WebCore::RenderBlockFlow::layoutBlock (this=0x7f6f6fadd228, relayoutChildren=true, pageLogicalHeight=...) at ../../Source/WebCore/rendering/RenderBlockFlow.cpp:485
#17 0x00007f6f93302cf6 in WebCore::RenderBlock::layout (this=0x7f6f6fadd228) at ../../Source/WebCore/rendering/RenderBlock.cpp:931
#18 0x00007f6f93515cc5 in WebCore::RenderView::layoutContent (this=0x7f6f6fadd228, state=...) at ../../Source/WebCore/rendering/RenderView.cpp:253
#19 0x00007f6f935163b8 in WebCore::RenderView::layout (this=0x7f6f6fadd228) at ../../Source/WebCore/rendering/RenderView.cpp:378
#20 0x00007f6f930e4640 in WebCore::FrameView::layout (this=0x7f6f6f825540, allowSubtree=true) at ../../Source/WebCore/page/FrameView.cpp:1427
#21 0x00007f6f92b445a6 in WebCore::Document::implicitClose (this=0x7f6f6f826a40) at ../../Source/WebCore/dom/Document.cpp:2704
#22 0x00007f6f92fa7cb9 in WebCore::FrameLoader::checkCallImplicitClose (this=0x7f6f6fae4098) at ../../Source/WebCore/loader/FrameLoader.cpp:861
#23 0x00007f6f92fa79f0 in WebCore::FrameLoader::checkCompleted (this=0x7f6f6fae4098) at ../../Source/WebCore/loader/FrameLoader.cpp:807
#24 0x00007f6f92fa7760 in WebCore::FrameLoader::finishedParsing (this=0x7f6f6fae4098) at ../../Source/WebCore/loader/FrameLoader.cpp:728
#25 0x00007f6f92b4e474 in WebCore::Document::finishedParsing (this=0x7f6f6f826a40) at ../../Source/WebCore/dom/Document.cpp:4897
#26 0x00007f6f93ebc7b7 in WebCore::HTMLConstructionSite::finishedParsing (this=0x7f6f6fafe6e0) at ../../Source/WebCore/html/parser/HTMLConstructionSite.cpp:403
#27 0x00007f6f92ea0a62 in WebCore::HTMLTreeBuilder::finished (this=0x7f6f6fafe6c0) at ../../Source/WebCore/html/parser/HTMLTreeBuilder.cpp:2937
#28 0x00007f6f92e71162 in WebCore::HTMLDocumentParser::end (this=0x7f6f6f82e840) at ../../Source/WebCore/html/parser/HTMLDocumentParser.cpp:393
#29 0x00007f6f92e7123b in WebCore::HTMLDocumentParser::attemptToRunDeferredScriptsAndEnd (this=0x7f6f6f82e840) at ../../Source/WebCore/html/parser/HTMLDocumentParser.cpp:402
#30 0x00007f6f92e6ff1d in WebCore::HTMLDocumentParser::prepareToStopParsing (this=0x7f6f6f82e840) at ../../Source/WebCore/html/parser/HTMLDocumentParser.cpp:132
#31 0x00007f6f92e7127e in WebCore::HTMLDocumentParser::attemptToEnd (this=0x7f6f6f82e840) at ../../Source/WebCore/html/parser/HTMLDocumentParser.cpp:414
#32 0x00007f6f92e71335 in WebCore::HTMLDocumentParser::finish (this=0x7f6f6f82e840) at ../../Source/WebCore/html/parser/HTMLDocumentParser.cpp:442
#33 0x00007f6f92f9324c in WebCore::DocumentWriter::end (this=0x7f6f6f8249e0) at ../../Source/WebCore/loader/DocumentWriter.cpp:247
#34 0x00007f6f92f7cb56 in WebCore::DocumentLoader::finishedLoading (this=0x7f6f6f824940, finishTime=0) at ../../Source/WebCore/loader/DocumentLoader.cpp:437
#35 0x00007f6f92f7c8b4 in WebCore::DocumentLoader::notifyFinished (this=0x7f6f6f824940, resource=0x7f6f6f836000) at ../../Source/WebCore/loader/DocumentLoader.cpp:384
#36 0x00007f6f93027953 in WebCore::CachedResource::checkNotify (this=0x7f6f6f836000) at ../../Source/WebCore/loader/cache/CachedResource.cpp:297
#37 0x00007f6f93027a62 in WebCore::CachedResource::finishLoading (this=0x7f6f6f836000) at ../../Source/WebCore/loader/cache/CachedResource.cpp:313
#38 0x00007f6f93023c56 in WebCore::CachedRawResource::finishLoading (this=0x7f6f6f836000, data=0x7f6f6fbbb680) at ../../Source/WebCore/loader/cache/CachedRawResource.cpp:103
#39 0x00007f6f92fec6f2 in WebCore::SubresourceLoader::didFinishLoading (this=0x7f6f6f82fa80, finishTime=0) at ../../Source/WebCore/loader/SubresourceLoader.cpp:372
#40 0x00007f6f92fe71d1 in WebCore::ResourceLoader::didFinishLoading (this=0x7f6f6f82fa80, finishTime=0) at ../../Source/WebCore/loader/ResourceLoader.cpp:638
#41 0x00007f6f937dee84 in WebCore::readCallback (asyncResult=0xf5b1d0, data=0x7f6f6fbbc680) at ../../Source/WebCore/platform/network/soup/ResourceHandleSoup.cpp:1341
#42 0x00007f6f88fcd5a6 in async_ready_callback_wrapper (source_object=0xea19b0, res=0xf5b1d0, user_data=0x7f6f6fbbc680) at ginputstream.c:523
#43 0x00007f6f88ff3b74 in g_task_return_now (task=0xf5b1d0) at gtask.c:1077
#44 0x00007f6f88ff3b99 in complete_in_idle_cb (task=0xf5b1d0) at gtask.c:1086
#45 0x00007f6f88a2badd in g_main_dispatch (context=0xe9bc20) at gmain.c:3064
#46 g_main_context_dispatch (context=context at entry=0xe9bc20) at gmain.c:3663
#47 0x00007f6f8a397e58 in _ecore_glib_select__locked (ecore_timeout=<optimized out>, efds=0x7ffd37427740, wfds=0x7ffd374276c0, rfds=0x7ffd37427640, ecore_fds=<optimized out>, ctx=<optimized out>) at lib/ecore/ecore_glib.c:172
#48 _ecore_glib_select (ecore_fds=<optimized out>, rfds=0x7ffd37427640, wfds=0x7ffd374276c0, efds=0x7ffd37427740, ecore_timeout=<optimized out>) at lib/ecore/ecore_glib.c:204
#49 0x00007f6f8a39b4a4 in _ecore_main_select (timeout=9.532824124368238e-130) at lib/ecore/ecore_main.c:1459
#50 0x00007f6f8a39bed4 in _ecore_main_loop_iterate_internal (once_only=once_only at entry=0) at lib/ecore/ecore_main.c:1893
#51 0x00007f6f8a39bfc7 in ecore_main_loop_begin () at lib/ecore/ecore_main.c:983
#52 0x00007f6f8ca3c995 in WTF::RunLoop::run () at ../../Source/WTF/wtf/efl/RunLoopEfl.cpp:49
#53 0x00007f6f928c8c11 in WebKit::ChildProcessMain<WebKit::WebProcess, WebKit::WebProcessMain> (argc=2, argv=0x7ffd37427b78) at ../../Source/WebKit2/Shared/unix/ChildProcessMain.h:61
#54 0x00007f6f928c881f in WebKit::WebProcessMainUnix (argc=2, argv=0x7ffd37427b78) at ../../Source/WebKit2/WebProcess/efl/WebProcessMainEfl.cpp:161
#55 0x00000000004008ea in main (argc=2, argv=0x7ffd37427b78) at ../../Source/WebKit2/WebProcess/EntryPoint/unix/WebProcessMain.cpp:44

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.webkit.org/pipermail/webkit-unassigned/attachments/20151113/5be51633/attachment-0001.html>

More information about the webkit-unassigned mailing list