[Webkit-unassigned] [Bug 174360] New: ASSERTION FAILED: !child.selfNeedsLayout() in WebCore::RenderBlockFlow::mustDiscardMarginBeforeForChild
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Tue Jul 11 05:44:28 PDT 2017
https://bugs.webkit.org/show_bug.cgi?id=174360
Bug ID: 174360
Summary: ASSERTION FAILED: !child.selfNeedsLayout() in
WebCore::RenderBlockFlow::mustDiscardMarginBeforeForCh
ild
Product: WebKit
Version: WebKit Local Build
Hardware: Unspecified
OS: Unspecified
Status: NEW
Severity: Normal
Priority: P2
Component: Layout and Rendering
Assignee: webkit-unassigned at lists.webkit.org
Reporter: hodovan at inf.u-szeged.hu
CC: bfulgham at webkit.org, simon.fraser at apple.com,
zalan at apple.com
Created attachment 315099
--> https://bugs.webkit.org/attachment.cgi?id=315099&action=review
Test
Load the attached test with debug WebKitTestRunner:
Checked version: 6700d3c
OS: macOS Sierra (10.12.5)
<style>
p {
margin-bottom:-6!important
}
* {
clear:both
}
</style>
<object align="left"></object>
<p>
<div>
Backtrace:
ASSERTION FAILED: !child.selfNeedsLayout()
WebKit/Source/WebCore/rendering/RenderBlockFlow.cpp(1480) : bool WebCore::RenderBlockFlow::mustDiscardMarginBeforeForChild(const WebCore::RenderBox &) const
1 0x129a0dd11 WTFCrash
2 0x110665f0a WebCore::RenderBlockFlow::mustDiscardMarginBeforeForChild(WebCore::RenderBox const&) const
3 0x1106556b6 WebCore::RenderBlockFlow::clearFloatsIfNeeded(WebCore::RenderBox&, WebCore::RenderBlockFlow::MarginInfo&, WebCore::LayoutUnit, WebCore::LayoutUnit, WebCore::LayoutUnit)
4 0x1106502e0 WebCore::RenderBlockFlow::layoutBlockChild(WebCore::RenderBox&, WebCore::RenderBlockFlow::MarginInfo&, WebCore::LayoutUnit&, WebCore::LayoutUnit&)
5 0x1106469af WebCore::RenderBlockFlow::layoutBlockChildren(bool, WebCore::LayoutUnit&)
6 0x110642b98 WebCore::RenderBlockFlow::layoutBlock(bool, WebCore::LayoutUnit)
7 0x110582df4 WebCore::RenderBlock::layout()
8 0x110650064 WebCore::RenderBlockFlow::layoutBlockChild(WebCore::RenderBox&, WebCore::RenderBlockFlow::MarginInfo&, WebCore::LayoutUnit&, WebCore::LayoutUnit&)
9 0x1106469af WebCore::RenderBlockFlow::layoutBlockChildren(bool, WebCore::LayoutUnit&)
10 0x110642b98 WebCore::RenderBlockFlow::layoutBlock(bool, WebCore::LayoutUnit)
11 0x110582df4 WebCore::RenderBlock::layout()
12 0x110650064 WebCore::RenderBlockFlow::layoutBlockChild(WebCore::RenderBox&, WebCore::RenderBlockFlow::MarginInfo&, WebCore::LayoutUnit&, WebCore::LayoutUnit&)
13 0x1106469af WebCore::RenderBlockFlow::layoutBlockChildren(bool, WebCore::LayoutUnit&)
14 0x110642b98 WebCore::RenderBlockFlow::layoutBlock(bool, WebCore::LayoutUnit)
15 0x110582df4 WebCore::RenderBlock::layout()
16 0x110f8a676 WebCore::RenderView::layoutContent(WebCore::LayoutState const&)
17 0x110f8cd0e WebCore::RenderView::layout()
18 0x10c97f5f8 WebCore::FrameView::layout(bool)
19 0x10bf7f0ff WebCore::Document::implicitClose()
20 0x10c8f8a03 WebCore::FrameLoader::checkCallImplicitClose()
21 0x10c8f8183 WebCore::FrameLoader::checkCompleted()
22 0x10c8f423c WebCore::FrameLoader::finishedParsing()
23 0x10bfb026d WebCore::Document::finishedParsing()
24 0x10cd583e6 WebCore::HTMLConstructionSite::finishedParsing()
25 0x10d06fbb8 WebCore::HTMLTreeBuilder::finished()
26 0x10cdd2c9c WebCore::HTMLDocumentParser::end()
27 0x10cdcd367 WebCore::HTMLDocumentParser::attemptToRunDeferredScriptsAndEnd()
28 0x10cdccf1e WebCore::HTMLDocumentParser::prepareToStopParsing()
29 0x10cdd2dbc WebCore::HTMLDocumentParser::attemptToEnd()
30 0x10cdd2ef8 WebCore::HTMLDocumentParser::finish()
31 0x10c1865a0 WebCore::DocumentWriter::end()
ASAN:DEADLYSIGNAL
=================================================================
==69024==ERROR: AddressSanitizer: SEGV on unknown address 0x0000bbadbeef (pc 0x000129a0dd49 bp 0x7fff5ce9c3b0 sp 0x7fff5ce9c3a0 T0)
#0 0x129a0dd48 in WTFCrash (WebKit/WebKitBuild/Debug/JavaScriptCore.framework/Versions/A/JavaScriptCore+0x3540d48)
#1 0x110665f09 in WebCore::RenderBlockFlow::mustDiscardMarginBeforeForChild(WebCore::RenderBox const&) const (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x591bf09)
#2 0x1106556b5 in WebCore::RenderBlockFlow::clearFloatsIfNeeded(WebCore::RenderBox&, WebCore::RenderBlockFlow::MarginInfo&, WebCore::LayoutUnit, WebCore::LayoutUnit, WebCore::LayoutUnit) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x590b6b5)
#3 0x1106502df in WebCore::RenderBlockFlow::layoutBlockChild(WebCore::RenderBox&, WebCore::RenderBlockFlow::MarginInfo&, WebCore::LayoutUnit&, WebCore::LayoutUnit&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x59062df)
#4 0x1106469ae in WebCore::RenderBlockFlow::layoutBlockChildren(bool, WebCore::LayoutUnit&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x58fc9ae)
#5 0x110642b97 in WebCore::RenderBlockFlow::layoutBlock(bool, WebCore::LayoutUnit) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x58f8b97)
#6 0x110582df3 in WebCore::RenderBlock::layout() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x5838df3)
#7 0x110650063 in WebCore::RenderBlockFlow::layoutBlockChild(WebCore::RenderBox&, WebCore::RenderBlockFlow::MarginInfo&, WebCore::LayoutUnit&, WebCore::LayoutUnit&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x5906063)
#8 0x1106469ae in WebCore::RenderBlockFlow::layoutBlockChildren(bool, WebCore::LayoutUnit&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x58fc9ae)
#9 0x110642b97 in WebCore::RenderBlockFlow::layoutBlock(bool, WebCore::LayoutUnit) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x58f8b97)
#10 0x110582df3 in WebCore::RenderBlock::layout() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x5838df3)
#11 0x110650063 in WebCore::RenderBlockFlow::layoutBlockChild(WebCore::RenderBox&, WebCore::RenderBlockFlow::MarginInfo&, WebCore::LayoutUnit&, WebCore::LayoutUnit&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x5906063)
#12 0x1106469ae in WebCore::RenderBlockFlow::layoutBlockChildren(bool, WebCore::LayoutUnit&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x58fc9ae)
#13 0x110642b97 in WebCore::RenderBlockFlow::layoutBlock(bool, WebCore::LayoutUnit) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x58f8b97)
#14 0x110582df3 in WebCore::RenderBlock::layout() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x5838df3)
#15 0x110f8a675 in WebCore::RenderView::layoutContent(WebCore::LayoutState const&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x6240675)
#16 0x110f8cd0d in WebCore::RenderView::layout() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x6242d0d)
#17 0x10c97f5f7 in WebCore::FrameView::layout(bool) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x1c355f7)
#18 0x10bf7f0fe in WebCore::Document::implicitClose() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x12350fe)
#19 0x10c8f8a02 in WebCore::FrameLoader::checkCallImplicitClose() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x1baea02)
#20 0x10c8f8182 in WebCore::FrameLoader::checkCompleted() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x1bae182)
#21 0x10c8f423b in WebCore::FrameLoader::finishedParsing() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x1baa23b)
#22 0x10bfb026c in WebCore::Document::finishedParsing() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x126626c)
#23 0x10cd583e5 in WebCore::HTMLConstructionSite::finishedParsing() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x200e3e5)
#24 0x10d06fbb7 in WebCore::HTMLTreeBuilder::finished() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x2325bb7)
#25 0x10cdd2c9b in WebCore::HTMLDocumentParser::end() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x2088c9b)
#26 0x10cdcd366 in WebCore::HTMLDocumentParser::attemptToRunDeferredScriptsAndEnd() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x2083366)
#27 0x10cdccf1d in WebCore::HTMLDocumentParser::prepareToStopParsing() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x2082f1d)
#28 0x10cdd2dbb in WebCore::HTMLDocumentParser::attemptToEnd() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x2088dbb)
#29 0x10cdd2ef7 in WebCore::HTMLDocumentParser::finish() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x2088ef7)
#30 0x10c18659f in WebCore::DocumentWriter::end() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x143c59f)
#31 0x10c0d0756 in WebCore::DocumentLoader::finishedLoading() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x1386756)
#32 0x10c0d0152 in WebCore::DocumentLoader::notifyFinished(WebCore::CachedResource&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x1386152)
#33 0x10b3881e3 in WebCore::CachedResource::checkNotify() (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x63e1e3)
#34 0x10b388873 in WebCore::CachedResource::finishLoading(WebCore::SharedBuffer*) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x63e873)
#35 0x10b379301 in WebCore::CachedRawResource::finishLoading(WebCore::SharedBuffer*) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x62f301)
#36 0x1119ad211 in WebCore::SubresourceLoader::didFinishLoading(WebCore::NetworkLoadMetrics const&) (WebKit/WebKitBuild/Debug/WebCore.framework/Versions/A/WebCore+0x6c63211)
#37 0x104ca53fb in WebKit::WebResourceLoader::didFinishResourceLoad(WebCore::NetworkLoadMetrics const&) (WebKit/WebKitBuild/Debug/WebKit.framework/Versions/A/WebKit+0x1f383fb)
#38 0x104cb2149 in void IPC::callMemberFunctionImpl<WebKit::WebResourceLoader, void (WebKit::WebResourceLoader::*)(WebCore::NetworkLoadMetrics const&), std::__1::tuple<WebCore::NetworkLoadMetrics>, 0ul>(WebKit::WebResourceLoader*, void (WebKit::WebResourceLoader::*)(WebCore::NetworkLoadMetrics const&), std::__1::tuple<WebCore::NetworkLoadMetrics>&&, std::__1::integer_sequence<unsigned long, 0ul>) (WebKit/WebKitBuild/Debug/WebKit.framework/Versions/A/WebKit+0x1f45149)
#39 0x104cb1d54 in void IPC::callMemberFunction<WebKit::WebResourceLoader, void (WebKit::WebResourceLoader::*)(WebCore::NetworkLoadMetrics const&), std::__1::tuple<WebCore::NetworkLoadMetrics>, std::__1::integer_sequence<unsigned long, 0ul> >(std::__1::tuple<WebCore::NetworkLoadMetrics>&&, WebKit::WebResourceLoader*, void (WebKit::WebResourceLoader::*)(WebCore::NetworkLoadMetrics const&)) (WebKit/WebKitBuild/Debug/WebKit.framework/Versions/A/WebKit+0x1f44d54)
#40 0x104caedf8 in void IPC::handleMessage<Messages::WebResourceLoader::DidFinishResourceLoad, WebKit::WebResourceLoader, void (WebKit::WebResourceLoader::*)(WebCore::NetworkLoadMetrics const&)>(IPC::Decoder&, WebKit::WebResourceLoader*, void (WebKit::WebResourceLoader::*)(WebCore::NetworkLoadMetrics const&)) (WebKit/WebKitBuild/Debug/WebKit.framework/Versions/A/WebKit+0x1f41df8)
#41 0x104cacfba in WebKit::WebResourceLoader::didReceiveWebResourceLoaderMessage(IPC::Connection&, IPC::Decoder&) (WebKit/WebKitBuild/Debug/WebKit.framework/Versions/A/WebKit+0x1f3ffba)
#42 0x103622fcc in WebKit::NetworkProcessConnection::didReceiveMessage(IPC::Connection&, IPC::Decoder&) (WebKit/WebKitBuild/Debug/WebKit.framework/Versions/A/WebKit+0x8b5fcc)
#43 0x102f7884a in IPC::Connection::dispatchMessage(IPC::Decoder&) (WebKit/WebKitBuild/Debug/WebKit.framework/Versions/A/WebKit+0x20b84a)
#44 0x102f5cea4 in IPC::Connection::dispatchMessage(std::__1::unique_ptr<IPC::Decoder, std::__1::default_delete<IPC::Decoder> >) (WebKit/WebKitBuild/Debug/WebKit.framework/Versions/A/WebKit+0x1efea4)
#45 0x102f79535 in IPC::Connection::dispatchOneMessage() (WebKit/WebKitBuild/Debug/WebKit.framework/Versions/A/WebKit+0x20c535)
#46 0x102fb813c in IPC::Connection::enqueueIncomingMessage(std::__1::unique_ptr<IPC::Decoder, std::__1::default_delete<IPC::Decoder> >)::$_14::operator()() (WebKit/WebKitBuild/Debug/WebKit.framework/Versions/A/WebKit+0x24b13c)
#47 0x102fb8068 in WTF::Function<void ()>::CallableWrapper<IPC::Connection::enqueueIncomingMessage(std::__1::unique_ptr<IPC::Decoder, std::__1::default_delete<IPC::Decoder> >)::$_14>::call() (WebKit/WebKitBuild/Debug/WebKit.framework/Versions/A/WebKit+0x24b068)
#48 0x129a9a600 in WTF::Function<void ()>::operator()() const (WebKit/WebKitBuild/Debug/JavaScriptCore.framework/Versions/A/JavaScriptCore+0x35cd600)
#49 0x129ae93a0 in WTF::RunLoop::performWork() (WebKit/WebKitBuild/Debug/JavaScriptCore.framework/Versions/A/JavaScriptCore+0x361c3a0)
#50 0x129aea3d1 in WTF::RunLoop::performWork(void*) (WebKit/WebKitBuild/Debug/JavaScriptCore.framework/Versions/A/JavaScriptCore+0x361d3d1)
#51 0x7fffabc81320 in __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ (/System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation+0xa7320)
#52 0x7fffabc6221c in __CFRunLoopDoSources0 (/System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation+0x8821c)
#53 0x7fffabc61715 in __CFRunLoopRun (/System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation+0x87715)
#54 0x7fffabc61113 in CFRunLoopRunSpecific (/System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation+0x87113)
#55 0x7fffab1c2ebb in RunCurrentEventLoopInMode (/System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/HIToolbox.framework/Versions/A/HIToolbox+0x30ebb)
#56 0x7fffab1c2cf0 in ReceiveNextEventCommon (/System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/HIToolbox.framework/Versions/A/HIToolbox+0x30cf0)
#57 0x7fffab1c2b25 in _BlockUntilNextEventMatchingListInModeWithFilter (/System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/HIToolbox.framework/Versions/A/HIToolbox+0x30b25)
#58 0x7fffa975ba53 in _DPSNextEvent (/System/Library/Frameworks/AppKit.framework/Versions/C/AppKit+0x46a53)
#59 0x7fffa9ed77ed in -[NSApplication(NSEvent) _nextEventMatchingEventMask:untilDate:inMode:dequeue:] (/System/Library/Frameworks/AppKit.framework/Versions/C/AppKit+0x7c27ed)
#60 0x7fffa97503da in -[NSApplication run] (/System/Library/Frameworks/AppKit.framework/Versions/C/AppKit+0x3b3da)
#61 0x7fffa971ae0d in NSApplicationMain (/System/Library/Frameworks/AppKit.framework/Versions/C/AppKit+0x5e0d)
#62 0x7fffc16348c6 in _xpc_objc_main (/usr/lib/system/libxpc.dylib+0x108c6)
#63 0x7fffc16332e3 in xpc_main (/usr/lib/system/libxpc.dylib+0xf2e3)
#64 0x102d59f22 in main (WebKit/WebKitBuild/Debug/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent.Development+0x100001f22)
#65 0x7fffc13db234 in start (/usr/lib/system/libdyld.dylib+0x5234)
AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV (WebKit/WebKitBuild/Debug/JavaScriptCore.framework/Versions/A/JavaScriptCore+0x3540d48) in WTFCrash
==69024==ABORTING
#CRASHED - com.apple.WebKit.WebContent.Development (pid 69024)
LEAK: 1 WebProcessPool
LEAK: 1 WebPageProxy
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20170711/1f88938f/attachment-0001.html>
More information about the webkit-unassigned
mailing list