WebKit Bugzilla
New
Browse
Log In
×
Sign in with GitHub
or
Remember my login
Create Account
·
Forgot Password
Forgotten password account recovery
RESOLVED FIXED
136149
ASSERTION FAILED: !trackSizes.isEmpty() in WebCore::createGridTrackList
https://bugs.webkit.org/show_bug.cgi?id=136149
Summary
ASSERTION FAILED: !trackSizes.isEmpty() in WebCore::createGridTrackList
Renata Hodovan
Reported
2014-08-22 00:42:06 PDT
Created
attachment 236972
[details]
Test case The failing test case: <!DOCTYPE html> <style> li { -webkit-grid-template-rows: repeat(1, (foo)); } </style> <li></li> Backtrace: ASSERTION FAILED: !trackSizes.isEmpty() /home/reni/data/REPOS/webkit_sec/Source/WebCore/css/StyleResolver.cpp(1975) : bool WebCore::createGridTrackList(WebCore::CSSValue*, WTF::Vector<WebCore::GridTrackSize>&, WebCore::NamedGridLinesMap&, WebCore::OrderedNamedGridLinesMap&, const WebCore::StyleResolver::State&) Program received signal SIGSEGV, Segmentation fault. [Switching to Thread 0x7fff92f3e700 (LWP 25421)] 0x00007ffff560f3f2 in WTFCrash () at /home/reni/data/REPOS/webkit_sec/Source/WTF/wtf/Assertions.cpp:329 329 *(int *)(uintptr_t)0xbbadbeef = 0; #0 0x00007ffff560f3f2 in WTFCrash () at /home/reni/data/REPOS/webkit_sec/Source/WTF/wtf/Assertions.cpp:329 #1 0x00007ffff01ea02b in WebCore::createGridTrackList (value=0x7043b0, trackSizes=..., namedGridLines=..., orderedNamedGridLines=..., state=...) at /home/reni/data/REPOS/webkit_sec/Source/WebCore/css/StyleResolver.cpp:1975 #2 0x00007ffff01edd26 in WebCore::StyleResolver::applyProperty (this=0x70bc60, id=WebCore::CSSPropertyWebkitGridTemplateRows, value=0x7043b0) at /home/reni/data/REPOS/webkit_sec/Source/WebCore/css/StyleResolver.cpp:2718 #3 0x00007ffff01f27df in WebCore::StyleResolver::CascadedProperties::Property::apply (this=0x7fffffffaba0, resolver=...) at /home/reni/data/REPOS/webkit_sec/Source/WebCore/css/StyleResolver.cpp:3935 #4 0x00007ffff01f2954 in WebCore::StyleResolver::applyCascadedProperties (this=0x70bc60, cascade=..., firstProperty=20, lastProperty=422) at /home/reni/data/REPOS/webkit_sec/Source/WebCore/css/StyleResolver.cpp:3965 #5 0x00007ffff01e90ae in WebCore::StyleResolver::applyMatchedProperties (this=0x70bc60, matchResult=..., element=0x6dd1e0, shouldUseMatchedPropertiesCache=WebCore::StyleResolver::UseMatchedPropertiesCache) at /home/reni/data/REPOS/webkit_sec/Source/WebCore/css/StyleResolver.cpp:1734 #6 0x00007ffff01e46ac in WebCore::StyleResolver::styleForElement (this=0x70bc60, element=0x6dd1e0, defaultParent=0x70efb0, sharingBehavior=WebCore::AllowStyleSharing, matchingBehavior=WebCore::MatchAllRules, regionForStyling=0x0) at /home/reni/data/REPOS/webkit_sec/Source/WebCore/css/StyleResolver.cpp:801 #7 0x00007ffff0e625eb in WebCore::Style::styleForElement (element=..., inheritedStyle=...) at /home/reni/data/REPOS/webkit_sec/Source/WebCore/style/StyleResolveTree.cpp:259 #8 0x00007ffff0e627a3 in WebCore::Style::createRendererIfNeeded (element=..., inheritedStyle=..., renderTreePosition=..., resolvedStyle=...) at /home/reni/data/REPOS/webkit_sec/Source/WebCore/style/StyleResolveTree.cpp:285 #9 0x00007ffff0e63e2e in WebCore::Style::attachRenderTree (current=..., inheritedStyle=..., renderTreePosition=..., resolvedStyle=...) at /home/reni/data/REPOS/webkit_sec/Source/WebCore/style/StyleResolveTree.cpp:605 #10 0x00007ffff0e634d0 in WebCore::Style::attachChildren (current=..., inheritedStyle=..., renderTreePosition=...) at /home/reni/data/REPOS/webkit_sec/Source/WebCore/style/StyleResolveTree.cpp:481 #11 0x00007ffff0e63f05 in WebCore::Style::attachRenderTree (current=..., inheritedStyle=..., renderTreePosition=..., resolvedStyle=...) at /home/reni/data/REPOS/webkit_sec/Source/WebCore/style/StyleResolveTree.cpp:619 #12 0x00007ffff0e634d0 in WebCore::Style::attachChildren (current=..., inheritedStyle=..., renderTreePosition=...) at /home/reni/data/REPOS/webkit_sec/Source/WebCore/style/StyleResolveTree.cpp:481 #13 0x00007ffff0e63f05 in WebCore::Style::attachRenderTree (current=..., inheritedStyle=..., renderTreePosition=..., resolvedStyle=...) at /home/reni/data/REPOS/webkit_sec/Source/WebCore/style/StyleResolveTree.cpp:619 #14 0x00007ffff0e6471f in WebCore::Style::resolveLocal (current=..., inheritedStyle=..., renderTreePosition=..., inheritedChange=WebCore::Style::Force) at /home/reni/data/REPOS/webkit_sec/Source/WebCore/style/StyleResolveTree.cpp:745 #15 0x00007ffff0e64ed5 in WebCore::Style::resolveTree (current=..., inheritedStyle=..., renderTreePosition=..., change=WebCore::Style::Force) at /home/reni/data/REPOS/webkit_sec/Source/WebCore/style/StyleResolveTree.cpp:910 #16 0x00007ffff0e65479 in WebCore::Style::resolveTree (document=..., change=WebCore::Style::Force) at /home/reni/data/REPOS/webkit_sec/Source/WebCore/style/StyleResolveTree.cpp:991 #17 0x00007ffff0287eef in WebCore::Document::recalcStyle (this=0x70cb80, change=WebCore::Style::Force) at /home/reni/data/REPOS/webkit_sec/Source/WebCore/dom/Document.cpp:1750 #18 0x00007ffff02881fa in WebCore::Document::updateStyleIfNeeded (this=0x70cb80) at /home/reni/data/REPOS/webkit_sec/Source/WebCore/dom/Document.cpp:1795 #19 0x00007ffff0292f41 in WebCore::Document::finishedParsing (this=0x70cb80) at /home/reni/data/REPOS/webkit_sec/Source/WebCore/dom/Document.cpp:4514 #20 0x00007ffff05eaf4b in WebCore::HTMLConstructionSite::finishedParsing (this=0x6ed7c8) at /home/reni/data/REPOS/webkit_sec/Source/WebCore/html/parser/HTMLConstructionSite.cpp:395 #21 0x00007ffff0628b8d in WebCore::HTMLTreeBuilder::finished (this=0x6ed7b0) at /home/reni/data/REPOS/webkit_sec/Source/WebCore/html/parser/HTMLTreeBuilder.cpp:2997 #22 0x00007ffff05f3a8e in WebCore::HTMLDocumentParser::end (this=0x70c410) at /home/reni/data/REPOS/webkit_sec/Source/WebCore/html/parser/HTMLDocumentParser.cpp:451 #23 0x00007ffff05f3b79 in WebCore::HTMLDocumentParser::attemptToRunDeferredScriptsAndEnd (this=0x70c410) at /home/reni/data/REPOS/webkit_sec/Source/WebCore/html/parser/HTMLDocumentParser.cpp:462 #24 0x00007ffff05f252f in WebCore::HTMLDocumentParser::prepareToStopParsing (this=0x70c410) at /home/reni/data/REPOS/webkit_sec/Source/WebCore/html/parser/HTMLDocumentParser.cpp:165 #25 0x00007ffff05f3bbc in WebCore::HTMLDocumentParser::attemptToEnd (this=0x70c410) at /home/reni/data/REPOS/webkit_sec/Source/WebCore/html/parser/HTMLDocumentParser.cpp:474 #26 0x00007ffff05f3c73 in WebCore::HTMLDocumentParser::finish (this=0x70c410) at /home/reni/data/REPOS/webkit_sec/Source/WebCore/html/parser/HTMLDocumentParser.cpp:502 #27 0x00007ffff0763e8f in WebCore::DocumentWriter::end (this=0x7817a0) at /home/reni/data/REPOS/webkit_sec/Source/WebCore/loader/DocumentWriter.cpp:250 #28 0x00007ffff074c709 in WebCore::DocumentLoader::finishedLoading (this=0x781700, finishTime=0) at /home/reni/data/REPOS/webkit_sec/Source/WebCore/loader/DocumentLoader.cpp:441 #29 0x00007ffff074c472 in WebCore::DocumentLoader::notifyFinished (this=0x781700, resource=0x79c460) at /home/reni/data/REPOS/webkit_sec/Source/WebCore/loader/DocumentLoader.cpp:375 #30 0x00007ffff080a850 in WebCore::CachedResource::checkNotify (this=0x79c460) at /home/reni/data/REPOS/webkit_sec/Source/WebCore/loader/cache/CachedResource.cpp:333 #31 0x00007ffff080a95a in WebCore::CachedResource::finishLoading (this=0x79c460) at /home/reni/data/REPOS/webkit_sec/Source/WebCore/loader/cache/CachedResource.cpp:349 #32 0x00007ffff08072a8 in WebCore::CachedRawResource::finishLoading (this=0x79c460, data=0x73e0c0) at /home/reni/data/REPOS/webkit_sec/Source/WebCore/loader/cache/CachedRawResource.cpp:101 #33 0x00007ffff07b6090 in WebCore::SubresourceLoader::didFinishLoading (this=0x79c9c0, finishTime=0) at /home/reni/data/REPOS/webkit_sec/Source/WebCore/loader/SubresourceLoader.cpp:306 #34 0x00007ffff07b1bdd in WebCore::ResourceLoader::didFinishLoading (this=0x79c9c0, finishTime=0) at /home/reni/data/REPOS/webkit_sec/Source/WebCore/loader/ResourceLoader.cpp:518 #35 0x00007ffff1187bc5 in WebCore::readCallback (asyncResult=0x7a09d0, data=0x79d040) at /home/reni/data/REPOS/webkit_sec/Source/WebCore/platform/network/soup/ResourceHandleSoup.cpp:1302 #36 0x00007fffeb395816 in async_ready_callback_wrapper (source_object=0x6c49b0, res=0x7a09d0, user_data=user_data@entry=0x79d040) at ginputstream.c:523 #37 0x00007fffeb3bb115 in g_task_return_now (task=0x7a09d0) at gtask.c:1077 #38 0x00007fffeb3bb139 in complete_in_idle_cb (task=0x7a09d0) at gtask.c:1086 #39 0x00007fffeadf7a7d in g_main_dispatch (context=0x6bbe80) at gmain.c:3064 #40 g_main_context_dispatch (context=context@entry=0x6bbe80) at gmain.c:3663 #41 0x00007fffec1905e0 in _ecore_glib_select__locked (ecore_timeout=<optimized out>, efds=<optimized out>, wfds=0x7fffffffd5e0, rfds=0x7fffffffd560, ecore_fds=10, ctx=<optimized out>) at lib/ecore/ecore_glib.c:172 #42 _ecore_glib_select (ecore_fds=10, rfds=0x7fffffffd560, wfds=0x7fffffffd5e0, efds=<optimized out>, ecore_timeout=<optimized out>) at lib/ecore/ecore_glib.c:204 #43 0x00007fffec192ff4 in _ecore_main_select (timeout=<optimized out>) at lib/ecore/ecore_main.c:1579 #44 0x00007fffec193995 in _ecore_main_loop_iterate_internal (once_only=once_only@entry=0) at lib/ecore/ecore_main.c:2005 #45 0x00007fffec193a57 in ecore_main_loop_begin () at lib/ecore/ecore_main.c:1042 #46 0x00007ffff7609c87 in WTF::RunLoop::run () at /home/reni/data/REPOS/webkit_sec/Source/WTF/wtf/efl/RunLoopEfl.cpp:51 #47 0x00007ffff7587940 in WebKit::ChildProcessMain<WebKit::WebProcess, WebKit::WebProcessMain> (argc=2, argv=0x7fffffffda88) at /home/reni/data/REPOS/webkit_sec/Source/WebKit2/Shared/unix/ChildProcessMain.h:61 #48 0x00007ffff758771e in WebKit::WebProcessMainUnix (argc=2, argv=0x7fffffffda88) at /home/reni/data/REPOS/webkit_sec/Source/WebKit2/WebProcess/efl/WebProcessMainEfl.cpp:124 #49 0x000000000040084d in main (argc=2, argv=0x7fffffffda88) at /home/reni/data/REPOS/webkit_sec/Source/WebKit2/WebProcess/EntryPoint/unix/WebProcessMain.cpp:32
Attachments
Test case
(104 bytes, text/html)
2014-08-22 00:42 PDT
,
Renata Hodovan
no flags
Details
Patch
(5.75 KB, patch)
2014-08-22 06:23 PDT
,
Sergio Villar Senin
darin
: review+
Details
Formatted Diff
Diff
View All
Add attachment
proposed patch, testcase, etc.
Sergio Villar Senin
Comment 1
2014-08-22 06:23:53 PDT
Created
attachment 236982
[details]
Patch
Darin Adler
Comment 2
2014-08-22 09:08:17 PDT
Comment on
attachment 236982
[details]
Patch View in context:
https://bugs.webkit.org/attachment.cgi?id=236982&action=review
> Source/WebCore/css/CSSParser.cpp:5278 > + bool seenTrackSize = false;
“seen track size” is not good grammar. It would be better to name this “saw track size” or “track size was seen” or something else that’s a grammatically correct predicate.
Sergio Villar Senin
Comment 3
2014-08-25 00:56:55 PDT
Committed
r172904
: <
http://trac.webkit.org/changeset/172904
>
Note
You need to
log in
before you can comment on or make changes to this bug.
Top of Page
Format For Printing
XML
Clone This Bug