Bug 243851

Summary:

ASSERTION FAILED !lastQuote || m_updater.m_builder.hasBrokenContinuation() in WebCore::RenderTreeUpdater::GeneratedContent::updateQuotesUpTo

Product:

WebKit

Reporter:

Renata Hodovan <hodovan>

Component:

Layout and Rendering

Assignee:

Nobody <webkit-unassigned>

Status:

NEW ---

Severity:

Normal

CC:

bfulgham, pgriffis, simon.fraser, webkit-bug-importer, zalan

Priority:

Keywords:

InRadar

Version:

WebKit Local Build

Hardware:

Unspecified

OS:

Unspecified

Bug Depends on:

Bug Blocks:

116980

Attachments:

Description	Flags
Test	none

Description Renata Hodovan 2022-08-11 15:12:58 PDT

WebKit revision: r295779
OS: Linux-5.4.0-122-generic-x86_64-with-glibc2.29
Build command: Tools/Scripts/build-webkit --gtk --debug
SUT: MiniBrowser, WebKitTestRunner
Fuzzer: Grammarinator (https://github.com/renatahodovan/grammarinator)

Test:

<style></style>
<ins>
<q></q>
<q></q>
<style>
* {
  display : contents ;
  container-type : size ;
}
</style>

Backtrace:

ASSERTION FAILED: !lastQuote || m_updater.m_builder.hasBrokenContinuation()
/app/webkit/Source/WebCore/rendering/updating/RenderTreeUpdaterGeneratedContent.cpp(69) : void WebCore::RenderTreeUpdater::GeneratedContent::updateQuotesUpTo(WebCore::RenderQuote*)
1   0x7fe0898255e1 WTFCrash
2   0x7fe08d018586 /app/webkit/WebKitBuild/Debug/lib/libwebkit2gtk-4.1.so.0(+0xe3f586) [0x7fe08d018586]
3   0x7fe092ad89cd /app/webkit/WebKitBuild/Debug/lib/libwebkit2gtk-4.1.so.0(+0x68ff9cd) [0x7fe092ad89cd]
4   0x7fe092ad93a3 /app/webkit/WebKitBuild/Debug/lib/libwebkit2gtk-4.1.so.0(+0x69003a3) [0x7fe092ad93a3]
5   0x7fe092ad66c7 /app/webkit/WebKitBuild/Debug/lib/libwebkit2gtk-4.1.so.0(+0x68fd6c7) [0x7fe092ad66c7]
6   0x7fe092ad6537 /app/webkit/WebKitBuild/Debug/lib/libwebkit2gtk-4.1.so.0(+0x68fd537) [0x7fe092ad6537]
7   0x7fe092ad635c /app/webkit/WebKitBuild/Debug/lib/libwebkit2gtk-4.1.so.0(+0x68fd35c) [0x7fe092ad635c]
8   0x7fe092ad5c31 /app/webkit/WebKitBuild/Debug/lib/libwebkit2gtk-4.1.so.0(+0x68fcc31) [0x7fe092ad5c31]
9   0x7fe0911e6de9 /app/webkit/WebKitBuild/Debug/lib/libwebkit2gtk-4.1.so.0(+0x500dde9) [0x7fe0911e6de9]
10  0x7fe0911e73e3 /app/webkit/WebKitBuild/Debug/lib/libwebkit2gtk-4.1.so.0(+0x500e3e3) [0x7fe0911e73e3]
11  0x7fe0911e7cdb WebCore::Document::updateStyleIfNeeded()
12  0x7fe0911fc770 /app/webkit/WebKitBuild/Debug/lib/libwebkit2gtk-4.1.so.0(+0x5023770) [0x7fe0911fc770]
13  0x7fe0918bf443 /app/webkit/WebKitBuild/Debug/lib/libwebkit2gtk-4.1.so.0(+0x56e6443) [0x7fe0918bf443]
14  0x7fe0918fcd4c /app/webkit/WebKitBuild/Debug/lib/libwebkit2gtk-4.1.so.0(+0x5723d4c) [0x7fe0918fcd4c]
15  0x7fe0918c406c /app/webkit/WebKitBuild/Debug/lib/libwebkit2gtk-4.1.so.0(+0x56eb06c) [0x7fe0918c406c]
16  0x7fe0918c419c /app/webkit/WebKitBuild/Debug/lib/libwebkit2gtk-4.1.so.0(+0x56eb19c) [0x7fe0918c419c]
17  0x7fe0918c2ab6 /app/webkit/WebKitBuild/Debug/lib/libwebkit2gtk-4.1.so.0(+0x56e9ab6) [0x7fe0918c2ab6]
18  0x7fe0918c41d7 /app/webkit/WebKitBuild/Debug/lib/libwebkit2gtk-4.1.so.0(+0x56eb1d7) [0x7fe0918c41d7]
19  0x7fe0918c4287 /app/webkit/WebKitBuild/Debug/lib/libwebkit2gtk-4.1.so.0(+0x56eb287) [0x7fe0918c4287]
20  0x7fe091cd9f62 WebCore::DocumentWriter::end()
21  0x7fe091cc688b /app/webkit/WebKitBuild/Debug/lib/libwebkit2gtk-4.1.so.0(+0x5aed88b) [0x7fe091cc688b]
22  0x7fe091cc62cf WebCore::DocumentLoader::notifyFinished(WebCore::CachedResource&, WebCore::NetworkLoadMetrics const&)
23  0x7fe091e0ba5f /app/webkit/WebKitBuild/Debug/lib/libwebkit2gtk-4.1.so.0(+0x5c32a5f) [0x7fe091e0ba5f]
24  0x7fe091e0bbc7 /app/webkit/WebKitBuild/Debug/lib/libwebkit2gtk-4.1.so.0(+0x5c32bc7) [0x7fe091e0bbc7]
25  0x7fe091e072dd /app/webkit/WebKitBuild/Debug/lib/libwebkit2gtk-4.1.so.0(+0x5c2e2dd) [0x7fe091e072dd]
26  0x7fe091d9d331 /app/webkit/WebKitBuild/Debug/lib/libwebkit2gtk-4.1.so.0(+0x5bc4331) [0x7fe091d9d331]
27  0x7fe08e60c3c7 /app/webkit/WebKitBuild/Debug/lib/libwebkit2gtk-4.1.so.0(+0x24333c7) [0x7fe08e60c3c7]
28  0x7fe08d622a91 /app/webkit/WebKitBuild/Debug/lib/libwebkit2gtk-4.1.so.0(+0x1449a91) [0x7fe08d622a91]
29  0x7fe08d6217ce /app/webkit/WebKitBuild/Debug/lib/libwebkit2gtk-4.1.so.0(+0x14487ce) [0x7fe08d6217ce]
30  0x7fe08d620ab2 /app/webkit/WebKitBuild/Debug/lib/libwebkit2gtk-4.1.so.0(+0x1447ab2) [0x7fe08d620ab2]
31  0x7fe08d61ffde /app/webkit/WebKitBuild/Debug/lib/libwebkit2gtk-4.1.so.0(+0x1446fde) [0x7fe08d61ffde]
WebKitWebProcess terminated (pid 24) for reason: crash
#CRASHED - WebKitWebProcess (pid 24)
LEAK: 1 WebProcessPool
LEAK: 1 WebPageProxy

Comment 1 Renata Hodovan 2022-08-11 15:12:59 PDT

Created attachment 461548 [details]
Test

Comment 2 Radar WebKit Bug Importer 2022-08-18 15:13:15 PDT

<rdar://problem/98852898>

Comment 3 Patrick Griffis 2023-01-29 12:14:24 PST

I did some investigation and I believe the ASSERT is a false positive. It does trigger any failures with ASAN enabled and the logic reads to me like the ASSERT is only for debugging purposes.

Comment 4 Patrick Griffis 2023-01-29 12:15:10 PST

(In reply to Patrick Griffis from comment #3)
> It does trigger any failures with ASAN enabled

Does not*