WebKit Bugzilla
New
Browse
Log In
×
Sign in with GitHub
or
Remember my login
Create Account
·
Forgot Password
Forgotten password account recovery
RESOLVED WORKSFORME
127775
ASSERTION FAILED: from.y() <= to.y() in WebCore::RenderMathMLOperator::fillWithExtensionGlyph
https://bugs.webkit.org/show_bug.cgi?id=127775
Summary
ASSERTION FAILED: from.y() <= to.y() in WebCore::RenderMathMLOperator::fillWi...
Martin Hodovan
Reported
2014-01-28 06:45:18 PST
The failing test case: <math xmlns="
http://www.w3.org/1998/Math/MathML
"> <mn style="font-size: 45px">1</mn> <msup> <mo>)</mo> </math> Note: the assert fails only in case of 45px or larger font-size. The error message: ASSERTION FAILED: from.y() <= to.y() /home/martin/Data/WebKit/Source/WebCore/rendering/mathml/RenderMathMLOperator.cpp(320) : void WebCore::RenderMathMLOperator::fillWithExtensionGlyph(WebCore::PaintInfo&, const WebCore::LayoutPoint&, const WebCore::LayoutPoint&) Program received signal SIGSEGV, Segmentation fault. The backtrace: #1 0x00007ffff1381cfe in WebCore::RenderMathMLOperator::fillWithExtensionGlyph (this=0x6b7540, info=..., from=..., to=...) at /home/martin/Data/WebKit/Source/WebCore/rendering/mathml/RenderMathMLOperator.cpp:320 #2 0x00007ffff138296a in WebCore::RenderMathMLOperator::paint (this=0x6b7540, info=..., paintOffset=...) at /home/martin/Data/WebKit/Source/WebCore/rendering/mathml/RenderMathMLOperator.cpp:392 #3 0x00007ffff1185cc9 in WebCore::RenderBlock::paintChild (this=0x968c60, child=..., paintInfo=..., paintOffset=..., paintInfoForChild=..., usePrintRect=false) at /home/martin/Data/WebKit/Source/WebCore/rendering/RenderBlock.cpp:2424 #4 0x00007ffff12356cd in WebCore::RenderFlexibleBox::paintChildren (this=0x968c60, paintInfo=..., paintOffset=..., paintInfoForChild=..., usePrintRect=false) at /home/martin/Data/WebKit/Source/WebCore/rendering/RenderFlexibleBox.cpp:343 #5 0x00007ffff118586c in WebCore::RenderBlock::paintContents (this=0x968c60, paintInfo=..., paintOffset=...) at /home/martin/Data/WebKit/Source/WebCore/rendering/RenderBlock.cpp:2387 #6 0x00007ffff118649f in WebCore::RenderBlock::paintObject (this=0x968c60, paintInfo=..., paintOffset=...) at /home/martin/Data/WebKit/Source/WebCore/rendering/RenderBlock.cpp:2510 #7 0x00007ffff1183f21 in WebCore::RenderBlock::paint (this=0x968c60, paintInfo=..., paintOffset=...) at /home/martin/Data/WebKit/Source/WebCore/rendering/RenderBlock.cpp:2187 #8 0x00007ffff1185cc9 in WebCore::RenderBlock::paintChild (this=0xa548a0, child=..., paintInfo=..., paintOffset=..., paintInfoForChild=..., usePrintRect=false) at /home/martin/Data/WebKit/Source/WebCore/rendering/RenderBlock.cpp:2424 #9 0x00007ffff12356cd in WebCore::RenderFlexibleBox::paintChildren (this=0xa548a0, paintInfo=..., paintOffset=..., paintInfoForChild=..., usePrintRect=false) at /home/martin/Data/WebKit/Source/WebCore/rendering/RenderFlexibleBox.cpp:343 #10 0x00007ffff118586c in WebCore::RenderBlock::paintContents (this=0xa548a0, paintInfo=..., paintOffset=...) at /home/martin/Data/WebKit/Source/WebCore/rendering/RenderBlock.cpp:2387 #11 0x00007ffff118649f in WebCore::RenderBlock::paintObject (this=0xa548a0, paintInfo=..., paintOffset=...) at /home/martin/Data/WebKit/Source/WebCore/rendering/RenderBlock.cpp:2510 #12 0x00007ffff1183f21 in WebCore::RenderBlock::paint (this=0xa548a0, paintInfo=..., paintOffset=...) at /home/martin/Data/WebKit/Source/WebCore/rendering/RenderBlock.cpp:2187 #13 0x00007ffff1185cc9 in WebCore::RenderBlock::paintChild (this=0xa54600, child=..., paintInfo=..., paintOffset=..., paintInfoForChild=..., usePrintRect=false) at /home/martin/Data/WebKit/Source/WebCore/rendering/RenderBlock.cpp:2424 #14 0x00007ffff12356cd in WebCore::RenderFlexibleBox::paintChildren (this=0xa54600, paintInfo=..., paintOffset=..., paintInfoForChild=..., usePrintRect=false) at /home/martin/Data/WebKit/Source/WebCore/rendering/RenderFlexibleBox.cpp:343 #15 0x00007ffff118586c in WebCore::RenderBlock::paintContents (this=0xa54600, paintInfo=..., paintOffset=...) at /home/martin/Data/WebKit/Source/WebCore/rendering/RenderBlock.cpp:2387 #16 0x00007ffff118649f in WebCore::RenderBlock::paintObject (this=0xa54600, paintInfo=..., paintOffset=...) at /home/martin/Data/WebKit/Source/WebCore/rendering/RenderBlock.cpp:2510 #17 0x00007ffff1183f21 in WebCore::RenderBlock::paint (this=0xa54600, paintInfo=..., paintOffset=...) at /home/martin/Data/WebKit/Source/WebCore/rendering/RenderBlock.cpp:2187 #18 0x00007ffff128a625 in WebCore::RenderLayer::paintForegroundForFragmentsWithPhase (this=0xa524a0, phase=WebCore::PaintPhaseForeground, layerFragments=..., context=0x715370, localPaintingInfo=..., paintBehavior=0, subtreePaintRootForRenderer=0x0) at /home/martin/Data/WebKit/Source/WebCore/rendering/RenderLayer.cpp:4477 #19 0x00007ffff128a236 in WebCore::RenderLayer::paintForegroundForFragments (this=0xa524a0, layerFragments=..., context=0x715370, transparencyLayerContext=0x715370, transparencyPaintDirtyRect=..., haveTransparency=false, localPaintingInfo=..., paintBehavior=0, subtreePaintRootForRenderer=0x0, selectionOnly=false, forceBlackText=false) at /home/martin/Data/WebKit/Source/WebCore/rendering/RenderLayer.cpp:4441 #20 0x00007ffff1288b32 in WebCore::RenderLayer::paintLayerContents (this=0xa524a0, context=0x715370, paintingInfo=..., paintFlags=224) at /home/martin/Data/WebKit/Source/WebCore/rendering/RenderLayer.cpp:4162 #21 0x00007ffff1287bca in WebCore::RenderLayer::paintLayerContentsAndReflection (this=0xa524a0, context=0x715370, paintingInfo=..., paintFlags=224) at /home/martin/Data/WebKit/Source/WebCore/rendering/RenderLayer.cpp:3858 #22 0x00007ffff1287a92 in WebCore::RenderLayer::paintLayer (this=0xa524a0, context=0x715370, paintingInfo=..., paintFlags=224) at /home/martin/Data/WebKit/Source/WebCore/rendering/RenderLayer.cpp:3839 #23 0x00007ffff12891bb in WebCore::RenderLayer::paintList (this=0x92b4c0, list=0x7452a0, context=0x715370, paintingInfo=..., paintFlags=224) at /home/martin/Data/WebKit/Source/WebCore/rendering/RenderLayer.cpp:4255 #24 0x00007ffff1288bf5 in WebCore::RenderLayer::paintLayerContents (this=0x92b4c0, context=0x715370, paintingInfo=..., paintFlags=224) at /home/martin/Data/WebKit/Source/WebCore/rendering/RenderLayer.cpp:4173 #25 0x00007ffff1287bca in WebCore::RenderLayer::paintLayerContentsAndReflection (this=0x92b4c0, context=0x715370, paintingInfo=..., paintFlags=0) at /home/martin/Data/WebKit/Source/WebCore/rendering/RenderLayer.cpp:3858 #26 0x00007ffff1287a92 in WebCore::RenderLayer::paintLayer (this=0x92b4c0, context=0x715370, paintingInfo=..., paintFlags=0) at /home/martin/Data/WebKit/Source/WebCore/rendering/RenderLayer.cpp:3839 #27 0x00007ffff1286c4c in WebCore::RenderLayer::paint (this=0x92b4c0, context=0x715370, damageRect=..., paintBehavior=0, subtreePaintRoot=0x0, region=0x0, paintFlags=0) at /home/martin/Data/WebKit/Source/WebCore/rendering/RenderLayer.cpp:3623 #28 0x00007ffff0ee30e4 in WebCore::FrameView::paintContents (this=0x8b67e0, p=0x715370, rect=...) at /home/martin/Data/WebKit/Source/WebCore/page/FrameView.cpp:3497 #29 0x00007ffff0f8b403 in WebCore::ScrollView::paint (this=0x8b67e0, context=0x715370, rect=...) at /home/martin/Data/WebKit/Source/WebCore/platform/ScrollView.cpp:1162 #30 0x00007ffff7b4ca05 in ewk_paint_context_paint (context=0x87f530, view=0x8b67e0, area=0x6b8748) at /home/martin/Data/WebKit/Source/WebKit/efl/ewk/ewk_paint_context.cpp:179 #31 0x00007ffff7b6e0a5 in ewk_view_paint (priv=0x886c90, context=0x87f530, area=0x6b8748) at /home/martin/Data/WebKit/Source/WebKit/efl/ewk/ewk_view.cpp:3019 #32 0x00007ffff7b5629f in _ewk_view_smart_repaints_process (smartData=0x8868a0) at /home/martin/Data/WebKit/Source/WebKit/efl/ewk/ewk_view.cpp:1210 #33 0x00007ffff7b56643 in _ewk_view_smart_calculate (ewkView=0x772710) at /home/martin/Data/WebKit/Source/WebKit/efl/ewk/ewk_view.cpp:1281 #34 0x00007ffff6969124 in evas_call_smarts_calculate (e=0x914e00) at evas_object_smart.c:838 #35 0x00007ffff69926a7 in evas_render_updates_internal (e=0x914e00, make_updates=make_updates@entry=1 '\001', do_draw=do_draw@entry=1 '\001') at evas_render.c:1255 #36 0x00007ffff6994fd9 in evas_render_updates (e=<optimized out>) at evas_render.c:1708 #37 0x00007ffff734adb4 in _ecore_evas_x_render (ee=0x8844c0) at ecore_evas_x.c:288 #38 0x00007ffff7347c31 in _ecore_evas_idle_enter (data=<optimized out>) at ecore_evas.c:59 #39 0x00007ffff756fef9 in _ecore_call_task_cb (data=<optimized out>, func=<optimized out>) at ecore_private.h:267 #40 _ecore_idle_enterer_call () at ecore_idle_enterer.c:168 #41 0x00007ffff75716ab in _ecore_main_loop_iterate_internal (once_only=once_only@entry=0) at ecore_main.c:1848 #42 0x00007ffff7571d57 in ecore_main_loop_begin () at ecore_main.c:956 #43 0x00000000004068e7 in main (argc=2, argv=0x7fffffffde48) at /home/martin/Data/WebKit/Tools/EWebLauncher/main.c:1008
Attachments
Test case
(164 bytes, application/xhtml+xml)
2014-01-28 06:48 PST
,
Martin Hodovan
no flags
Details
View All
Add attachment
proposed patch, testcase, etc.
Martin Hodovan
Comment 1
2014-01-28 06:48:11 PST
Created
attachment 222440
[details]
Test case
Frédéric Wang (:fredw)
Comment 2
2016-06-28 00:24:27 PDT
@Martin: This code has changed a lot recently. Do you still see this ASSERTION?
Brent Fulgham
Comment 3
2016-08-03 14:03:26 PDT
This issue no longer occurs under GuardMalloc or ASAN as of
r204037
. If you believe there is still a bug, please reopen this issue with a revised test case.
Note
You need to
log in
before you can comment on or make changes to this bug.
Top of Page
Format For Printing
XML
Clone This Bug