[Webkit-unassigned] [Bug 191537] New: Should never be reached failure in WebCore::BidiResolverBase::createBidiRunsForLine

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Sun Nov 11 18:51:56 PST 2018 

https://bugs.webkit.org/show_bug.cgi?id=191537

            Bug ID: 191537
           Summary: Should never be reached failure in
                    WebCore::BidiResolverBase::createBidiRunsForLine
           Product: WebKit
           Version: WebKit Local Build
          Hardware: Macintosh
                OS: macOS 10.14
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: WebCore Misc.
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: hodovan at inf.u-szeged.hu

Created attachment 354524

  --> https://bugs.webkit.org/attachment.cgi?id=354524&action=review

Test

Load the attached test with debug WebKitTestRunner:

JJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJ<s dir><font></font>
TTTTTTTTTTTTTTTTTTTTTTTTTtype="url


Checked revision: 2698c9fc7de
The issue can be reproduced both on Mac and GTK and happens quite often with different test cases.

Backtrace:

SHOULD NEVER BE REACHED
/Users/reni/work/sut/WebKit/Source/WebCore/platform/text/BidiResolver.h(899) : void WebCore::BidiResolverBase<WebCore::InlineIterator, WebCore::BidiRun, WebCore::BidiResolverWithIsolate<WebCore::InlineIterator, WebCore::BidiRun, WebCore::BidiIsolatedRun> >::createBidiRunsForLine(const Iterator &, WebCore::VisualDirectionOverride, bool) [Iterator = WebCore::InlineIterator, Run = WebCore::BidiRun, DerivedClass = WebCore::BidiResolverWithIsolate<WebCore::InlineIterator, WebCore::BidiRun, WebCore::BidiIsolatedRun>]
1   0x43800fd39 WTFCrash
2   0x412b210b0 WTF::Vector<unsigned char, 0ul, WTF::CrashOnOverflow, 16ul>::Vector()
3   0x41b06765b WebCore::BidiResolverBase<WebCore::InlineIterator, WebCore::BidiRun, WebCore::BidiResolverWithIsolate<WebCore::InlineIterator, WebCore::BidiRun, WebCore::BidiIsolatedRun> >::createBidiRunsForLine(WebCore::InlineIterator const&, WebCore::VisualDirectionOverride, bool)
4   0x41af5457f WebCore::constructBidiRunsForSegment(WebCore::BidiResolverWithIsolate<WebCore::InlineIterator, WebCore::BidiRun, WebCore::BidiIsolatedRun>&, WebCore::BidiRunList<WebCore::BidiRun>&, WebCore::InlineIterator const&, WebCore::VisualDirectionOverride, bool)
5   0x41af4e08b WebCore::RenderBlockFlow::layoutRunsAndFloatsInRange(WebCore::LineLayoutState&, WebCore::BidiResolverWithIsolate<WebCore::InlineIterator, WebCore::BidiRun, WebCore::BidiIsolatedRun>&, WebCore::InlineIterator const&, WebCore::BidiStatus const&, unsigned int)
6   0x41af49f7b WebCore::RenderBlockFlow::layoutRunsAndFloats(WebCore::LineLayoutState&, bool)
7   0x41af5aaef WebCore::RenderBlockFlow::layoutLineBoxes(bool, WebCore::LayoutUnit&, WebCore::LayoutUnit&)
8   0x41ae5329a WebCore::RenderBlockFlow::layoutInlineChildren(bool, WebCore::LayoutUnit&, WebCore::LayoutUnit&)
9   0x41ae4f47c WebCore::RenderBlockFlow::layoutBlock(bool, WebCore::LayoutUnit)
10  0x41ade274d WebCore::RenderBlock::layout()
11  0x41ae5d702 WebCore::RenderBlockFlow::layoutBlockChild(WebCore::RenderBox&, WebCore::RenderBlockFlow::MarginInfo&, WebCore::LayoutUnit&, WebCore::LayoutUnit&)
12  0x41ae53ae6 WebCore::RenderBlockFlow::layoutBlockChildren(bool, WebCore::LayoutUnit&)
13  0x41ae4f4f5 WebCore::RenderBlockFlow::layoutBlock(bool, WebCore::LayoutUnit)
14  0x41ade274d WebCore::RenderBlock::layout()
15  0x41ae5d702 WebCore::RenderBlockFlow::layoutBlockChild(WebCore::RenderBox&, WebCore::RenderBlockFlow::MarginInfo&, WebCore::LayoutUnit&, WebCore::LayoutUnit&)
16  0x41ae53ae6 WebCore::RenderBlockFlow::layoutBlockChildren(bool, WebCore::LayoutUnit&)
17  0x41ae4f4f5 WebCore::RenderBlockFlow::layoutBlock(bool, WebCore::LayoutUnit)
18  0x41ade274d WebCore::RenderBlock::layout()
19  0x41b760b5a WebCore::RenderView::layout()
20  0x419bb8593 WebCore::FrameViewLayoutContext::layout()
21  0x4181d098a WebCore::Document::implicitClose()
22  0x4197406b1 WebCore::FrameLoader::checkCallImplicitClose()
23  0x41973f547 WebCore::FrameLoader::checkCompleted()
24  0x41973a114 WebCore::FrameLoader::finishedParsing()
25  0x41820c49b WebCore::Document::finishedParsing()
26  0x419065748 WebCore::HTMLConstructionSite::finishedParsing()
27  0x4190f567f WebCore::HTMLTreeBuilder::finished()
28  0x4190775c3 WebCore::HTMLDocumentParser::end()
29  0x4190716c1 WebCore::HTMLDocumentParser::attemptToRunDeferredScriptsAndEnd()
30  0x419071282 WebCore::HTMLDocumentParser::prepareToStopParsing()
31  0x4190776df WebCore::HTMLDocumentParser::attemptToEnd()

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20181112/aef1b543/attachment-0001.html>

More information about the webkit-unassigned mailing list