[Webkit-unassigned] [Bug 151591] New: Should never be reached failure in WebCore::RenderFlexibleBox::alignChildren

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Tue Nov 24 10:26:59 PST 2015 

https://bugs.webkit.org/show_bug.cgi?id=151591

            Bug ID: 151591
           Summary: Should never be reached failure in
                    WebCore::RenderFlexibleBox::alignChildren
    Classification: Unclassified
           Product: WebKit
           Version: WebKit Local Build
          Hardware: Unspecified
                OS: Unspecified
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: Layout and Rendering
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: rhodovan.u-szeged at partner.samsung.com
                CC: jfernandez at igalia.com, simon.fraser at apple.com
            Blocks: 116980

Created attachment 266140
  --> https://bugs.webkit.org/attachment.cgi?id=266140&action=review
Test

Load the attached test with debug MiniBrowser:

<style>
 * {
    display: flex;
    -webkit-align-self: end safe;
}
</style>

OS: Ubuntu 15.10 x86_64
Checked build: debug EFL
Checked version: 79922a5


Backtrace:

SHOULD NEVER BE REACHED
../../Source/WebCore/rendering/RenderFlexibleBox.cpp(1346) : void WebCore::RenderFlexibleBox::alignChildren(const WTF::Vector<WebCore::RenderFlexibleBox::LineContext>&)
1   0x7f64d5b8282c WTFCrash
2   0x7f64d49a21e8 WebCore::RenderFlexibleBox::alignChildren(WTF::Vector<WebCore::RenderFlexibleBox::LineContext, 0ul, WTF::CrashOnOverflow, 16ul> const&)
3   0x7f64d499cdba WebCore::RenderFlexibleBox::repositionLogicalHeightDependentFlexItems(WTF::Vector<WebCore::RenderFlexibleBox::LineContext, 0ul, WTF::CrashOnOverflow, 16ul>&)
4   0x7f64d499c8fc WebCore::RenderFlexibleBox::layoutBlock(bool, WebCore::LayoutUnit)
5   0x7f64d48d77c6 WebCore::RenderBlock::layout()
6   0x7f64d48aa8f1 WebCore::RenderElement::layoutIfNeeded()
7   0x7f64d49a0f61 WebCore::RenderFlexibleBox::layoutAndPlaceChildren(WebCore::LayoutUnit&, WTF::Vector<WebCore::RenderBox*, 0ul, WTF::CrashOnOverflow, 16ul> const&, WTF::Vector<WebCore::LayoutUnit, 0ul, WTF::CrashOnOverflow, 16ul> const&, WebCore::LayoutUnit, bool, WTF::Vector<WebCore::RenderFlexibleBox::LineContext, 0ul, WTF::CrashOnOverflow, 16ul>&)
8   0x7f64d499e7c9 WebCore::RenderFlexibleBox::layoutFlexItems(bool, WTF::Vector<WebCore::RenderFlexibleBox::LineContext, 0ul, WTF::CrashOnOverflow, 16ul>&)
9   0x7f64d499c8c4 WebCore::RenderFlexibleBox::layoutBlock(bool, WebCore::LayoutUnit)
10  0x7f64d48d77c6 WebCore::RenderBlock::layout()
11  0x7f64d490694c WebCore::RenderBlockFlow::layoutBlockChild(WebCore::RenderBox&, WebCore::RenderBlockFlow::MarginInfo&, WebCore::LayoutUnit&, WebCore::LayoutUnit&)
12  0x7f64d490648a WebCore::RenderBlockFlow::layoutBlockChildren(bool, WebCore::LayoutUnit&)
13  0x7f64d49058ea WebCore::RenderBlockFlow::layoutBlock(bool, WebCore::LayoutUnit)
14  0x7f64d48d77c6 WebCore::RenderBlock::layout()
15  0x7f64d4aee02f WebCore::RenderView::layoutContent(WebCore::LayoutState const&)
16  0x7f64d4aee727 WebCore::RenderView::layout()
17  0x7f64d46b4346 WebCore::FrameView::layout(bool)
18  0x7f64d4106a83 WebCore::Document::implicitClose()
19  0x7f64d4574e91 WebCore::FrameLoader::checkCallImplicitClose()
20  0x7f64d4574bc1 WebCore::FrameLoader::checkCompleted()
21  0x7f64d4574937 WebCore::FrameLoader::finishedParsing()
22  0x7f64d4110bb4 WebCore::Document::finishedParsing()
23  0x7f64d54aa7ab WebCore::HTMLConstructionSite::finishedParsing()
24  0x7f64d446adb2 WebCore::HTMLTreeBuilder::finished()
25  0x7f64d443b0a8 WebCore::HTMLDocumentParser::end()
26  0x7f64d443b176 WebCore::HTMLDocumentParser::attemptToRunDeferredScriptsAndEnd()
27  0x7f64d4439e6b WebCore::HTMLDocumentParser::prepareToStopParsing()
28  0x7f64d443b1b1 WebCore::HTMLDocumentParser::attemptToEnd()
29  0x7f64d443b261 WebCore::HTMLDocumentParser::finish()
30  0x7f64d4560166 WebCore::DocumentWriter::end()
31  0x7f64d454960a WebCore::DocumentLoader::finishedLoading(double)
Aborted (core dumped)

Program terminated with signal SIGSEGV, Segmentation fault.
#0  0x00007f64d5b82831 in WTFCrash () at ../../Source/WTF/wtf/Assertions.cpp:321
321     *(int *)(uintptr_t)0xbbadbeef = 0;
[Current thread is 1 (Thread 0x7f64d96cfa80 (LWP 8936))]
#0  0x00007f64d5b82831 in WTFCrash () at ../../Source/WTF/wtf/Assertions.cpp:321
#1  0x00007f64d49a21e8 in WebCore::RenderFlexibleBox::alignChildren (this=0x7f64b53cf190, lineContexts=...) at ../../Source/WebCore/rendering/RenderFlexibleBox.cpp:1346
#2  0x00007f64d499cdba in WebCore::RenderFlexibleBox::repositionLogicalHeightDependentFlexItems (this=0x7f64b53cf190, lineContexts=...) at ../../Source/WebCore/rendering/RenderFlexibleBox.cpp:345
#3  0x00007f64d499c8fc in WebCore::RenderFlexibleBox::layoutBlock (this=0x7f64b53cf190, relayoutChildren=true) at ../../Source/WebCore/rendering/RenderFlexibleBox.cpp:278
#4  0x00007f64d48d77c6 in WebCore::RenderBlock::layout (this=0x7f64b53cf190) at ../../Source/WebCore/rendering/RenderBlock.cpp:931
#5  0x00007f64d48aa8f1 in WebCore::RenderElement::layoutIfNeeded (this=0x7f64b53cf190) at ../../Source/WebCore/rendering/RenderElement.h:135
#6  0x00007f64d49a0f61 in WebCore::RenderFlexibleBox::layoutAndPlaceChildren (this=0x7f64b53cf0c8, crossAxisOffset=..., children=..., childSizes=..., availableFreeSpace=..., relayoutChildren=true, lineContexts=...) at ../../Source/WebCore/rendering/RenderFlexibleBox.cpp:1131
#7  0x00007f64d499e7c9 in WebCore::RenderFlexibleBox::layoutFlexItems (this=0x7f64b53cf0c8, relayoutChildren=true, lineContexts=...) at ../../Source/WebCore/rendering/RenderFlexibleBox.cpp:708
#8  0x00007f64d499c8c4 in WebCore::RenderFlexibleBox::layoutBlock (this=0x7f64b53cf0c8, relayoutChildren=true) at ../../Source/WebCore/rendering/RenderFlexibleBox.cpp:275
#9  0x00007f64d48d77c6 in WebCore::RenderBlock::layout (this=0x7f64b53cf0c8) at ../../Source/WebCore/rendering/RenderBlock.cpp:931
#10 0x00007f64d490694c in WebCore::RenderBlockFlow::layoutBlockChild (this=0x7f64b52dd228, child=..., marginInfo=..., previousFloatLogicalBottom=..., maxFloatLogicalBottom=...) at ../../Source/WebCore/rendering/RenderBlockFlow.cpp:709
#11 0x00007f64d490648a in WebCore::RenderBlockFlow::layoutBlockChildren (this=0x7f64b52dd228, relayoutChildren=true, maxFloatLogicalBottom=...) at ../../Source/WebCore/rendering/RenderBlockFlow.cpp:632
#12 0x00007f64d49058ea in WebCore::RenderBlockFlow::layoutBlock (this=0x7f64b52dd228, relayoutChildren=true, pageLogicalHeight=...) at ../../Source/WebCore/rendering/RenderBlockFlow.cpp:485
#13 0x00007f64d48d77c6 in WebCore::RenderBlock::layout (this=0x7f64b52dd228) at ../../Source/WebCore/rendering/RenderBlock.cpp:931
#14 0x00007f64d4aee02f in WebCore::RenderView::layoutContent (this=0x7f64b52dd228, state=...) at ../../Source/WebCore/rendering/RenderView.cpp:253
#15 0x00007f64d4aee727 in WebCore::RenderView::layout (this=0x7f64b52dd228) at ../../Source/WebCore/rendering/RenderView.cpp:378
#16 0x00007f64d46b4346 in WebCore::FrameView::layout (this=0x7f64b500c000, allowSubtree=true) at ../../Source/WebCore/page/FrameView.cpp:1427
#17 0x00007f64d4106a83 in WebCore::Document::implicitClose (this=0x7f64b501d900) at ../../Source/WebCore/dom/Document.cpp:2704
#18 0x00007f64d4574e91 in WebCore::FrameLoader::checkCallImplicitClose (this=0x7f64b52e4098) at ../../Source/WebCore/loader/FrameLoader.cpp:861
#19 0x00007f64d4574bc1 in WebCore::FrameLoader::checkCompleted (this=0x7f64b52e4098) at ../../Source/WebCore/loader/FrameLoader.cpp:807
#20 0x00007f64d4574937 in WebCore::FrameLoader::finishedParsing (this=0x7f64b52e4098) at ../../Source/WebCore/loader/FrameLoader.cpp:728
#21 0x00007f64d4110bb4 in WebCore::Document::finishedParsing (this=0x7f64b501d900) at ../../Source/WebCore/dom/Document.cpp:4897
#22 0x00007f64d54aa7ab in WebCore::HTMLConstructionSite::finishedParsing (this=0x7f64b52fe6e0) at ../../Source/WebCore/html/parser/HTMLConstructionSite.cpp:403
#23 0x00007f64d446adb2 in WebCore::HTMLTreeBuilder::finished (this=0x7f64b52fe6c0) at ../../Source/WebCore/html/parser/HTMLTreeBuilder.cpp:2937
#24 0x00007f64d443b0a8 in WebCore::HTMLDocumentParser::end (this=0x7f64b5048cc0) at ../../Source/WebCore/html/parser/HTMLDocumentParser.cpp:393
#25 0x00007f64d443b176 in WebCore::HTMLDocumentParser::attemptToRunDeferredScriptsAndEnd (this=0x7f64b5048cc0) at ../../Source/WebCore/html/parser/HTMLDocumentParser.cpp:402
#26 0x00007f64d4439e6b in WebCore::HTMLDocumentParser::prepareToStopParsing (this=0x7f64b5048cc0) at ../../Source/WebCore/html/parser/HTMLDocumentParser.cpp:132
#27 0x00007f64d443b1b1 in WebCore::HTMLDocumentParser::attemptToEnd (this=0x7f64b5048cc0) at ../../Source/WebCore/html/parser/HTMLDocumentParser.cpp:414
#28 0x00007f64d443b261 in WebCore::HTMLDocumentParser::finish (this=0x7f64b5048cc0) at ../../Source/WebCore/html/parser/HTMLDocumentParser.cpp:442
#29 0x00007f64d4560166 in WebCore::DocumentWriter::end (this=0x7f64b502ef20) at ../../Source/WebCore/loader/DocumentWriter.cpp:247
#30 0x00007f64d454960a in WebCore::DocumentLoader::finishedLoading (this=0x7f64b502ee80, finishTime=0) at ../../Source/WebCore/loader/DocumentLoader.cpp:437
#31 0x00007f64d4549364 in WebCore::DocumentLoader::notifyFinished (this=0x7f64b502ee80, resource=0x7f64b50261c0) at ../../Source/WebCore/loader/DocumentLoader.cpp:384
#32 0x00007f64d45f5d0d in WebCore::CachedResource::checkNotify (this=0x7f64b50261c0) at ../../Source/WebCore/loader/cache/CachedResource.cpp:297
#33 0x00007f64d45f5e22 in WebCore::CachedResource::finishLoading (this=0x7f64b50261c0) at ../../Source/WebCore/loader/cache/CachedResource.cpp:313
#34 0x00007f64d45f2044 in WebCore::CachedRawResource::finishLoading (this=0x7f64b50261c0, data=0x7f64b53bf900) at ../../Source/WebCore/loader/cache/CachedRawResource.cpp:103
#35 0x00007f64d45ba1a1 in WebCore::SubresourceLoader::didFinishLoading (this=0x7f64b502fa80, finishTime=0) at ../../Source/WebCore/loader/SubresourceLoader.cpp:372
#36 0x00007f64d45b4be7 in WebCore::ResourceLoader::didFinishLoading (this=0x7f64b502fa80, finishTime=0) at ../../Source/WebCore/loader/ResourceLoader.cpp:638
#37 0x00007f64d4dbeb45 in WebCore::readCallback (asyncResult=0xbab9a0, data=0x7f64b53bd740) at ../../Source/WebCore/platform/network/soup/ResourceHandleSoup.cpp:1341
#38 0x00007f64cc9814e6 in async_ready_callback_wrapper (source_object=0xabf5b0, res=0xbab9a0, user_data=0x7f64b53bd740) at ginputstream.c:523
#39 0x00007f64cc9a7a04 in g_task_return_now (task=0xbab9a0) at gtask.c:1077
#40 0x00007f64cc9a7a29 in complete_in_idle_cb (task=0xbab9a0) at gtask.c:1086
#41 0x00007f64cc3dd72a in g_main_dispatch (context=0xab9700) at gmain.c:3064
#42 g_main_context_dispatch (context=context at entry=0xab9700) at gmain.c:3663
#43 0x00007f64cdd34b50 in _ecore_glib_select__locked (ecore_timeout=<optimized out>, efds=0x7ffce346d7e0, wfds=0x7ffce346d760, rfds=0x7ffce346d6e0, ecore_fds=<optimized out>, ctx=<optimized out>) at lib/ecore/ecore_glib.c:175
#44 _ecore_glib_select (ecore_fds=<optimized out>, rfds=0x7ffce346d6e0, wfds=0x7ffce346d760, efds=0x7ffce346d7e0, ecore_timeout=<optimized out>) at lib/ecore/ecore_glib.c:208
#45 0x00007f64cdd37b8c in _ecore_main_select (timeout=<optimized out>) at lib/ecore/ecore_main.c:1481
#46 0x00007f64cdd38665 in _ecore_main_loop_iterate_internal (once_only=once_only at entry=0) at lib/ecore/ecore_main.c:1913
#47 0x00007f64cdd38827 in ecore_main_loop_begin () at lib/ecore/ecore_main.c:988
#48 0x00007f64d5be0ebb in WTF::RunLoop::run () at ../../Source/WTF/wtf/efl/RunLoopEfl.cpp:49
#49 0x00007f64d3e81f7a in WebKit::ChildProcessMain<WebKit::WebProcess, WebKit::WebProcessMain> (argc=2, argv=0x7ffce346dc48) at ../../Source/WebKit2/Shared/unix/ChildProcessMain.h:61
#50 0x00007f64d3e81b88 in WebKit::WebProcessMainUnix (argc=2, argv=0x7ffce346dc48) at ../../Source/WebKit2/WebProcess/efl/WebProcessMainEfl.cpp:161
#51 0x000000000040089a in main (argc=2, argv=0x7ffce346dc48) at ../../Source/WebKit2/WebProcess/EntryPoint/unix/WebProcessMain.cpp:44

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.webkit.org/pipermail/webkit-unassigned/attachments/20151124/46aa9db6/attachment-0001.html>

More information about the webkit-unassigned mailing list