[Webkit-unassigned] [Bug 168444] New: ASSERTION FAILED: isFirstOrLastCellInRow() in WebCore::RenderTableCell::borderAdjoiningTableEnd
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Thu Feb 16 10:38:33 PST 2017
https://bugs.webkit.org/show_bug.cgi?id=168444
Bug ID: 168444
Summary: ASSERTION FAILED: isFirstOrLastCellInRow() in
WebCore::RenderTableCell::borderAdjoiningTableEnd
Classification: Unclassified
Product: WebKit
Version: WebKit Local Build
Hardware: Unspecified
OS: Unspecified
Status: NEW
Severity: Normal
Priority: P2
Component: Layout and Rendering
Assignee: webkit-unassigned at lists.webkit.org
Reporter: hodovan at inf.u-szeged.hu
CC: bfulgham at webkit.org, simon.fraser at apple.com,
zalan at apple.com
Created attachment 301785
--> https://bugs.webkit.org/attachment.cgi?id=301785&action=review
Test
Load the attached test with debug WebKitTestRunner:
Checked version: f7953f1
OS: Darwin-16.4.0-x86_64-i386-64bit
<table rules=none frame=border>
<th></th>
<th colspan="53927142"></th>
<th></th>
</table>
Backtrace:
ASSERTION FAILED: isFirstOrLastCellInRow()
WebKit/Source/WebCore/rendering/RenderTableCell.h(315) : const WebCore::BorderValue &WebCore::RenderTableCell::borderAdjoiningTableEnd() const
1 0x10cbdbe51 WTFCrash
2 0x11717ebbe WebCore::RenderTableCell::borderAdjoiningTableEnd() const
3 0x11717e342 WebCore::RenderTable::calcBorderEnd() const
4 0x117170077 WebCore::RenderTable::recalcBordersInRowDirection()
5 0x11716afe4 WebCore::RenderTable::layout()
6 0x116966be4 WebCore::RenderBlockFlow::layoutBlockChild(WebCore::RenderBox&, WebCore::RenderBlockFlow::MarginInfo&, WebCore::LayoutUnit&, WebCore::LayoutUnit&)
7 0x11695d350 WebCore::RenderBlockFlow::layoutBlockChildren(bool, WebCore::LayoutUnit&)
8 0x116959528 WebCore::RenderBlockFlow::layoutBlock(bool, WebCore::LayoutUnit)
9 0x1168a44f4 WebCore::RenderBlock::layout()
10 0x116966be4 WebCore::RenderBlockFlow::layoutBlockChild(WebCore::RenderBox&, WebCore::RenderBlockFlow::MarginInfo&, WebCore::LayoutUnit&, WebCore::LayoutUnit&)
11 0x11695d350 WebCore::RenderBlockFlow::layoutBlockChildren(bool, WebCore::LayoutUnit&)
12 0x116959528 WebCore::RenderBlockFlow::layoutBlock(bool, WebCore::LayoutUnit)
13 0x1168a44f4 WebCore::RenderBlock::layout()
14 0x116966be4 WebCore::RenderBlockFlow::layoutBlockChild(WebCore::RenderBox&, WebCore::RenderBlockFlow::MarginInfo&, WebCore::LayoutUnit&, WebCore::LayoutUnit&)
15 0x11695d350 WebCore::RenderBlockFlow::layoutBlockChildren(bool, WebCore::LayoutUnit&)
16 0x116959528 WebCore::RenderBlockFlow::layoutBlock(bool, WebCore::LayoutUnit)
17 0x1168a44f4 WebCore::RenderBlock::layout()
18 0x116966be4 WebCore::RenderBlockFlow::layoutBlockChild(WebCore::RenderBox&, WebCore::RenderBlockFlow::MarginInfo&, WebCore::LayoutUnit&, WebCore::LayoutUnit&)
19 0x11695d350 WebCore::RenderBlockFlow::layoutBlockChildren(bool, WebCore::LayoutUnit&)
20 0x116959528 WebCore::RenderBlockFlow::layoutBlock(bool, WebCore::LayoutUnit)
21 0x1168a44f4 WebCore::RenderBlock::layout()
22 0x1172c8f06 WebCore::RenderView::layoutContent(WebCore::LayoutState const&)
23 0x1172cb366 WebCore::RenderView::layout()
24 0x112f98c2f WebCore::FrameView::layout(bool)
25 0x1125b854a WebCore::Document::implicitClose()
26 0x112f02563 WebCore::FrameLoader::checkCallImplicitClose()
27 0x112f01d5c WebCore::FrameLoader::checkCompleted()
28 0x112efdfa7 WebCore::FrameLoader::finishedParsing()
29 0x1125e8a19 WebCore::Document::finishedParsing()
30 0x1132fc786 WebCore::HTMLConstructionSite::finishedParsing()
31 0x1136292a8 WebCore::HTMLTreeBuilder::finished()
ASAN:DEADLYSIGNAL
=================================================================
==3538==ERROR: AddressSanitizer: SEGV on unknown address 0x0000bbadbeef (pc 0x00010cbdbe89 bp 0x7fff5e18cb60 sp 0x7fff5e18cb50 T0)
#0 0x10cbdbe88 in WTFCrash (WebKit/WebKitBuild/Debug/JavaScriptCore.framework/Versions/A/JavaScriptCore+0x3375e88)
#1 0x11717ebbd in WebCore::RenderTableCell::borderAdjoiningTableEnd() const (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x5ccfbbd)
#2 0x11717e341 in WebCore::RenderTable::calcBorderEnd() const (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x5ccf341)
#3 0x117170076 in WebCore::RenderTable::recalcBordersInRowDirection() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x5cc1076)
#4 0x11716afe3 in WebCore::RenderTable::layout() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x5cbbfe3)
#5 0x116966be3 in WebCore::RenderBlockFlow::layoutBlockChild(WebCore::RenderBox&, WebCore::RenderBlockFlow::MarginInfo&, WebCore::LayoutUnit&, WebCore::LayoutUnit&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x54b7be3)
#6 0x11695d34f in WebCore::RenderBlockFlow::layoutBlockChildren(bool, WebCore::LayoutUnit&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x54ae34f)
#7 0x116959527 in WebCore::RenderBlockFlow::layoutBlock(bool, WebCore::LayoutUnit) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x54aa527)
#8 0x1168a44f3 in WebCore::RenderBlock::layout() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x53f54f3)
#9 0x116966be3 in WebCore::RenderBlockFlow::layoutBlockChild(WebCore::RenderBox&, WebCore::RenderBlockFlow::MarginInfo&, WebCore::LayoutUnit&, WebCore::LayoutUnit&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x54b7be3)
#10 0x11695d34f in WebCore::RenderBlockFlow::layoutBlockChildren(bool, WebCore::LayoutUnit&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x54ae34f)
#11 0x116959527 in WebCore::RenderBlockFlow::layoutBlock(bool, WebCore::LayoutUnit) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x54aa527)
#12 0x1168a44f3 in WebCore::RenderBlock::layout() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x53f54f3)
#13 0x116966be3 in WebCore::RenderBlockFlow::layoutBlockChild(WebCore::RenderBox&, WebCore::RenderBlockFlow::MarginInfo&, WebCore::LayoutUnit&, WebCore::LayoutUnit&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x54b7be3)
#14 0x11695d34f in WebCore::RenderBlockFlow::layoutBlockChildren(bool, WebCore::LayoutUnit&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x54ae34f)
#15 0x116959527 in WebCore::RenderBlockFlow::layoutBlock(bool, WebCore::LayoutUnit) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x54aa527)
#16 0x1168a44f3 in WebCore::RenderBlock::layout() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x53f54f3)
#17 0x116966be3 in WebCore::RenderBlockFlow::layoutBlockChild(WebCore::RenderBox&, WebCore::RenderBlockFlow::MarginInfo&, WebCore::LayoutUnit&, WebCore::LayoutUnit&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x54b7be3)
#18 0x11695d34f in WebCore::RenderBlockFlow::layoutBlockChildren(bool, WebCore::LayoutUnit&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x54ae34f)
#19 0x116959527 in WebCore::RenderBlockFlow::layoutBlock(bool, WebCore::LayoutUnit) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x54aa527)
#20 0x1168a44f3 in WebCore::RenderBlock::layout() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x53f54f3)
#21 0x1172c8f05 in WebCore::RenderView::layoutContent(WebCore::LayoutState const&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x5e19f05)
#22 0x1172cb365 in WebCore::RenderView::layout() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x5e1c365)
#23 0x112f98c2e in WebCore::FrameView::layout(bool) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x1ae9c2e)
#24 0x1125b8549 in WebCore::Document::implicitClose() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x1109549)
#25 0x112f02562 in WebCore::FrameLoader::checkCallImplicitClose() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x1a53562)
#26 0x112f01d5b in WebCore::FrameLoader::checkCompleted() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x1a52d5b)
#27 0x112efdfa6 in WebCore::FrameLoader::finishedParsing() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x1a4efa6)
#28 0x1125e8a18 in WebCore::Document::finishedParsing() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x1139a18)
#29 0x1132fc785 in WebCore::HTMLConstructionSite::finishedParsing() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x1e4d785)
#30 0x1136292a7 in WebCore::HTMLTreeBuilder::finished() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x217a2a7)
#31 0x11337631b in WebCore::HTMLDocumentParser::end() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x1ec731b)
#32 0x113370ac6 in WebCore::HTMLDocumentParser::attemptToRunDeferredScriptsAndEnd() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x1ec1ac6)
#33 0x11337067d in WebCore::HTMLDocumentParser::prepareToStopParsing() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x1ec167d)
#34 0x11337643b in WebCore::HTMLDocumentParser::attemptToEnd() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x1ec743b)
#35 0x113376573 in WebCore::HTMLDocumentParser::finish() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x1ec7573)
#36 0x1127b6aff in WebCore::DocumentWriter::end() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x1307aff)
#37 0x1126fdf32 in WebCore::DocumentLoader::finishedLoading(double) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x124ef32)
#38 0x1126fd8da in WebCore::DocumentLoader::notifyFinished(WebCore::CachedResource&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x124e8da)
#39 0x111abb7f3 in WebCore::CachedResource::checkNotify() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x60c7f3)
#40 0x111abbe83 in WebCore::CachedResource::finishLoading(WebCore::SharedBuffer*) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x60ce83)
#41 0x111aada58 in WebCore::CachedRawResource::finishLoading(WebCore::SharedBuffer*) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x5fea58)
#42 0x117cef6e2 in WebCore::SubresourceLoader::didFinishLoading(double) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x68406e2)
#43 0x10601e549 in WebKit::WebResourceLoader::didFinishResourceLoad(double) (WebKit/WebKitBuild/Debug/WebKit.framework/Versions/A/WebKit+0x1d76549)
#44 0x10602e39e in void IPC::callMemberFunctionImpl<WebKit::WebResourceLoader, void (WebKit::WebResourceLoader::*)(double), std::__1::tuple<double>, 0ul>(WebKit::WebResourceLoader*, void (WebKit::WebResourceLoader::*)(double), std::__1::tuple<double>&&, std::__1::integer_sequence<unsigned long, 0ul>) (WebKit/WebKitBuild/Debug/WebKit.framework/Versions/A/WebKit+0x1d8639e)
#45 0x10602e044 in void IPC::callMemberFunction<WebKit::WebResourceLoader, void (WebKit::WebResourceLoader::*)(double), std::__1::tuple<double>, std::__1::integer_sequence<unsigned long, 0ul> >(std::__1::tuple<double>&&, WebKit::WebResourceLoader*, void (WebKit::WebResourceLoader::*)(double)) (WebKit/WebKitBuild/Debug/WebKit.framework/Versions/A/WebKit+0x1d86044)
#46 0x10602b0f0 in void IPC::handleMessage<Messages::WebResourceLoader::DidFinishResourceLoad, WebKit::WebResourceLoader, void (WebKit::WebResourceLoader::*)(double)>(IPC::Decoder&, WebKit::WebResourceLoader*, void (WebKit::WebResourceLoader::*)(double)) (WebKit/WebKitBuild/Debug/WebKit.framework/Versions/A/WebKit+0x1d830f0)
#47 0x10602925a in WebKit::WebResourceLoader::didReceiveWebResourceLoaderMessage(IPC::Connection&, IPC::Decoder&) (WebKit/WebKitBuild/Debug/WebKit.framework/Versions/A/WebKit+0x1d8125a)
#48 0x104b2b859 in WebKit::NetworkProcessConnection::didReceiveMessage(IPC::Connection&, IPC::Decoder&) (WebKit/WebKitBuild/Debug/WebKit.framework/Versions/A/WebKit+0x883859)
#49 0x104499c1a in IPC::Connection::dispatchMessage(IPC::Decoder&) (WebKit/WebKitBuild/Debug/WebKit.framework/Versions/A/WebKit+0x1f1c1a)
#50 0x10447e244 in IPC::Connection::dispatchMessage(std::__1::unique_ptr<IPC::Decoder, std::__1::default_delete<IPC::Decoder> >) (WebKit/WebKitBuild/Debug/WebKit.framework/Versions/A/WebKit+0x1d6244)
#51 0x10449a905 in IPC::Connection::dispatchOneMessage() (WebKit/WebKitBuild/Debug/WebKit.framework/Versions/A/WebKit+0x1f2905)
#52 0x1044db5ac in IPC::Connection::enqueueIncomingMessage(std::__1::unique_ptr<IPC::Decoder, std::__1::default_delete<IPC::Decoder> >)::$_14::operator()() (WebKit/WebKitBuild/Debug/WebKit.framework/Versions/A/WebKit+0x2335ac)
#53 0x1044db4d8 in WTF::Function<void ()>::CallableWrapper<IPC::Connection::enqueueIncomingMessage(std::__1::unique_ptr<IPC::Decoder, std::__1::default_delete<IPC::Decoder> >)::$_14>::call() (WebKit/WebKitBuild/Debug/WebKit.framework/Versions/A/WebKit+0x2334d8)
#54 0x10cc58d20 in WTF::Function<void ()>::operator()() const (WebKit/WebKitBuild/Debug/JavaScriptCore.framework/Versions/A/JavaScriptCore+0x33f2d20)
#55 0x10cc9e290 in WTF::RunLoop::performWork() (WebKit/WebKitBuild/Debug/JavaScriptCore.framework/Versions/A/JavaScriptCore+0x3438290)
#56 0x10cca2e21 in WTF::RunLoop::performWork(void*) (WebKit/WebKitBuild/Debug/JavaScriptCore.framework/Versions/A/JavaScriptCore+0x343ce21)
#57 0x7fff8f2b3980 in __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ (/System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation+0xa7980)
#58 0x7fff8f294a7c in __CFRunLoopDoSources0 (/System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation+0x88a7c)
#59 0x7fff8f293f75 in __CFRunLoopRun (/System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation+0x87f75)
#60 0x7fff8f293973 in CFRunLoopRunSpecific (/System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation+0x87973)
#61 0x7fff8e81fa5b in RunCurrentEventLoopInMode (/System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/HIToolbox.framework/Versions/A/HIToolbox+0x30a5b)
#62 0x7fff8e81f890 in ReceiveNextEventCommon (/System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/HIToolbox.framework/Versions/A/HIToolbox+0x30890)
#63 0x7fff8e81f6c5 in _BlockUntilNextEventMatchingListInModeWithFilter (/System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/HIToolbox.framework/Versions/A/HIToolbox+0x306c5)
#64 0x7fff8cdc55b3 in _DPSNextEvent (/System/Library/Frameworks/AppKit.framework/Versions/C/AppKit+0x475b3)
#65 0x7fff8d53fd6a in -[NSApplication(NSEvent) _nextEventMatchingEventMask:untilDate:inMode:dequeue:] (/System/Library/Frameworks/AppKit.framework/Versions/C/AppKit+0x7c1d6a)
#66 0x7fff8cdb9f34 in -[NSApplication run] (/System/Library/Frameworks/AppKit.framework/Versions/C/AppKit+0x3bf34)
#67 0x7fff8cd8484f in NSApplicationMain (/System/Library/Frameworks/AppKit.framework/Versions/C/AppKit+0x684f)
#68 0x7fffa4a4f8c6 in _xpc_objc_main (/usr/lib/system/libxpc.dylib+0x108c6)
#69 0x7fffa4a4e2e3 in xpc_main (/usr/lib/system/libxpc.dylib+0xf2e3)
#70 0x101a670a3 in main (WebKit/WebKitBuild/Debug/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent.Development+0x1000020a3)
#71 0x7fffa47eb254 in start (/usr/lib/system/libdyld.dylib+0x5254)
AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV (WebKit/WebKitBuild/Debug/JavaScriptCore.framework/Versions/A/JavaScriptCore+0x3375e88) in WTFCrash
==3538==ABORTING
#CRASHED - com.apple.WebKit.WebContent.Development (pid 3538)
LEAK: 1 WebProcessPool
LEAK: 1 WebPageProxy
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.webkit.org/pipermail/webkit-unassigned/attachments/20170216/945311cf/attachment-0001.html>
More information about the webkit-unassigned
mailing list