[Webkit-unassigned] [Bug 164083] New: ASSERTION FAILED: m_stack.isEmpty() in WebCore::GraphicsContext::~GraphicsContext

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Thu Oct 27 14:41:05 PDT 2016 

https://bugs.webkit.org/show_bug.cgi?id=164083

            Bug ID: 164083
           Summary: ASSERTION FAILED: m_stack.isEmpty() in
                    WebCore::GraphicsContext::~GraphicsContext
    Classification: Unclassified
           Product: WebKit
           Version: WebKit Local Build
          Hardware: Unspecified
                OS: Unspecified
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: WebCore Misc.
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: hodovan at inf.u-szeged.hu

Load the attached test with debug WebKitTestRunner:

Checked version: 2c9fa6e
OS: Darwin-15.6.0-x86_64-i386-64bit

<style>body{background-attachment:fixed</style><style>*{-webkit-box-reflect:below 2 none;mix-blend-mode:soft-light</style><body background=w>

Backtrace:

ASSERTION FAILED: m_stack.isEmpty()
WebKit/Source/WebCore/platform/graphics/GraphicsContext.cpp(341) : WebCore::GraphicsContext::~GraphicsContext()
1   0x10e77d4f1 WTFCrash
2   0x114645715 WebCore::GraphicsContext::~GraphicsContext()
3   0x114645805 WebCore::GraphicsContext::~GraphicsContext()
4   0x1175bd8c3 WebCore::PlatformCALayer::drawLayerContents(CGContext*, WebCore::PlatformCALayer*, WTF::Vector<WebCore::FloatRect, 5ul, WTF::CrashOnOverflow, 16ul>&)
5   0x1194f8ee4 -[WebLayer drawInContext:]
6   0x7fff85a28b19 CABackingStoreUpdate_
7   0x7fff85a27d6d invocation function for block in CA::Layer::display_()
8   0x7fff85a27759 CA::Layer::display_()
9   0x1194f9fa9 -[WebSimpleLayer display]
10  0x7fff85a194a5 CA::Layer::display_if_needed(CA::Transaction*)
11  0x7fff85a18fcd CA::Layer::layout_and_display_if_needed(CA::Transaction*)
12  0x7fff85a184a1 CA::Context::commit_transaction(CA::Transaction*)
13  0x7fff85a180ec CA::Transaction::commit()
14  0x7fff85a23977 CA::Transaction::observer_callback(__CFRunLoopObserver*, unsigned long, void*)
15  0x7fff81c1f067 __CFRUNLOOP_IS_CALLING_OUT_TO_AN_OBSERVER_CALLBACK_FUNCTION__
16  0x7fff81c1efd7 __CFRunLoopDoObservers
17  0x7fff81bfdef8 CFRunLoopRunSpecific
18  0x7fff82fde935 RunCurrentEventLoopInMode
19  0x7fff82fde76f ReceiveNextEventCommon
20  0x7fff82fde5af _BlockUntilNextEventMatchingListInModeWithFilter
21  0x7fff8e643df6 _DPSNextEvent
22  0x7fff8e643226 -[NSApplication _nextEventMatchingEventMask:untilDate:inMode:dequeue:]
23  0x7fff8e637d80 -[NSApplication run]
24  0x7fff8e601368 NSApplicationMain
25  0x7fff92f09194 _xpc_objc_main
26  0x7fff92f07bbe xpc_main
27  0x104ecbf74 main
28  0x7fff8ab8d5ad start
29  0x1
ASAN:DEADLYSIGNAL
=================================================================
==2377==ERROR: AddressSanitizer: SEGV on unknown address 0x0000bbadbeef (pc 0x00010e77d529 bp 0x7fff5ad32f20 sp 0x7fff5ad32f10 T0)
    #0 0x10e77d528 in WTFCrash (WebKit/WebKitBuild/Debug/JavaScriptCore.framework/Versions/A/JavaScriptCore+0x2d01528)
    #1 0x114645714 in WebCore::GraphicsContext::~GraphicsContext() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x1c33714)
    #2 0x114645804 in WebCore::GraphicsContext::~GraphicsContext() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x1c33804)
    #3 0x1175bd8c2 in WebCore::PlatformCALayer::drawLayerContents(CGContext*, WebCore::PlatformCALayer*, WTF::Vector<WebCore::FloatRect, 5ul, WTF::CrashOnOverflow, 16ul>&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x4bab8c2)
    #4 0x1194f8ee3 in -[WebLayer drawInContext:] (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x6ae6ee3)
    #5 0x7fff85a28b18 in CABackingStoreUpdate_ (/System/Library/Frameworks/QuartzCore.framework/Versions/A/QuartzCore+0x20b18)
    #6 0x7fff85a27d6c in invocation function for block in CA::Layer::display_() (/System/Library/Frameworks/QuartzCore.framework/Versions/A/QuartzCore+0x1fd6c)
    #7 0x7fff85a27758 in CA::Layer::display_() (/System/Library/Frameworks/QuartzCore.framework/Versions/A/QuartzCore+0x1f758)
    #8 0x1194f9fa8 in -[WebSimpleLayer display] (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x6ae7fa8)
    #9 0x7fff85a194a4 in CA::Layer::display_if_needed(CA::Transaction*) (/System/Library/Frameworks/QuartzCore.framework/Versions/A/QuartzCore+0x114a4)
    #10 0x7fff85a18fcc in CA::Layer::layout_and_display_if_needed(CA::Transaction*) (/System/Library/Frameworks/QuartzCore.framework/Versions/A/QuartzCore+0x10fcc)
    #11 0x7fff85a184a0 in CA::Context::commit_transaction(CA::Transaction*) (/System/Library/Frameworks/QuartzCore.framework/Versions/A/QuartzCore+0x104a0)
    #12 0x7fff85a180eb in CA::Transaction::commit() (/System/Library/Frameworks/QuartzCore.framework/Versions/A/QuartzCore+0x100eb)
    #13 0x7fff85a23976 in CA::Transaction::observer_callback(__CFRunLoopObserver*, unsigned long, void*) (/System/Library/Frameworks/QuartzCore.framework/Versions/A/QuartzCore+0x1b976)
    #14 0x7fff81c1f066 in __CFRUNLOOP_IS_CALLING_OUT_TO_AN_OBSERVER_CALLBACK_FUNCTION__ (/System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation+0xaa066)
    #15 0x7fff81c1efd6 in __CFRunLoopDoObservers (/System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation+0xa9fd6)
    #16 0x7fff81bfdef7 in CFRunLoopRunSpecific (/System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation+0x88ef7)
    #17 0x7fff82fde934 in RunCurrentEventLoopInMode (/System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/HIToolbox.framework/Versions/A/HIToolbox+0x30934)
    #18 0x7fff82fde76e in ReceiveNextEventCommon (/System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/HIToolbox.framework/Versions/A/HIToolbox+0x3076e)
    #19 0x7fff82fde5ae in _BlockUntilNextEventMatchingListInModeWithFilter (/System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/HIToolbox.framework/Versions/A/HIToolbox+0x305ae)
    #20 0x7fff8e643df5 in _DPSNextEvent (/System/Library/Frameworks/AppKit.framework/Versions/C/AppKit+0x48df5)
    #21 0x7fff8e643225 in -[NSApplication _nextEventMatchingEventMask:untilDate:inMode:dequeue:] (/System/Library/Frameworks/AppKit.framework/Versions/C/AppKit+0x48225)
    #22 0x7fff8e637d7f in -[NSApplication run] (/System/Library/Frameworks/AppKit.framework/Versions/C/AppKit+0x3cd7f)
    #23 0x7fff8e601367 in NSApplicationMain (/System/Library/Frameworks/AppKit.framework/Versions/C/AppKit+0x6367)
    #24 0x7fff92f09193 in _xpc_objc_main (/usr/lib/system/libxpc.dylib+0x11193)
    #25 0x7fff92f07bbd in xpc_main (/usr/lib/system/libxpc.dylib+0xfbbd)
    #26 0x104ecbf73 in main (WebKit/WebKitBuild/Debug/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent.Development+0x100001f73)
    #27 0x7fff8ab8d5ac in start (/usr/lib/system/libdyld.dylib+0x35ac)
    #28 0x0  (<unknown module>)

AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV (WebKit/WebKitBuild/Debug/JavaScriptCore.framework/Versions/A/JavaScriptCore+0x2d01528) in WTFCrash
==2377==ABORTING
#CRASHED - com.apple.WebKit.WebContent.Development (pid 2377)

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.webkit.org/pipermail/webkit-unassigned/attachments/20161027/949ae9b8/attachment-0001.html>

More information about the webkit-unassigned mailing list