m_status.eor != OtherNeutral || m_eor.atEnd() in BidiResolver.h
Reported by
hodovan....@gmail.com,
Feb 9 2017
|
||||
Issue description
Chrome Version: 58.0.3008.0
OS: Ubuntu 16.04.1 LTS, x86_64
What steps will reproduce the problem?
(1) Load the attached test case with debug content_shell:
<style>
p {
-webkit-rtl-ordering : logical;
}
* {
all : unset;
-webkit-rtl-ordering : visual;
unicode-bidi: -webkit-isolate-override;
}
</style>
<p></p>
What is the expected result?
Run the test without any failure.
Backtrace:
[1:1:0208/235640.986093:207131888351:FATAL:BidiResolver.h(445)] Check failed: m_status.eor != OtherNeutral || m_eor.atEnd().
#0 0x7f6cd9f87086 base::debug::StackTrace::StackTrace()
#1 0x7f6cd9f85195 base::debug::StackTrace::StackTrace()
#2 0x7f6cd9fe642d logging::LogMessage::~LogMessage()
#3 0x7f6ccdcc05dc blink::BidiResolver<>::checkDirectionInLowerRaiseEmbeddingLevel()
#4 0x7f6ccdcbedc4 blink::BidiResolver<>::lowerExplicitEmbeddingLevel()
#5 0x7f6ccdcbbe1b blink::BidiResolver<>::commitExplicitEmbedding()
#6 0x7f6ccdcb94f1 blink::notifyObserverEnteredObject<>()
#7 0x7f6ccdcb9359 blink::bidiNextShared<>()
#8 0x7f6ccdcb91b7 blink::bidiNextSkippingEmptyInlines<>()
#9 0x7f6ccdcba9b9 blink::InlineIterator::increment()
#10 0x7f6ccdcbac02 blink::BidiResolver<>::increment()
#11 0x7f6ccdcbc85f blink::BidiResolver<>::createBidiRunsForLine()
#12 0x7f6ccdcb8b78 blink::constructBidiRunsForLine()
#13 0x7f6ccdd517a8 blink::LayoutBlockFlow::layoutRunsAndFloatsInRange()
#14 0x7f6ccdd5091c blink::LayoutBlockFlow::layoutRunsAndFloats()
#15 0x7f6ccdd54816 blink::LayoutBlockFlow::layoutInlineChildren()
#16 0x7f6ccdd2f9b5 blink::LayoutBlockFlow::layoutChildren()
#17 0x7f6ccdd2f342 blink::LayoutBlockFlow::layoutBlock()
#18 0x7f6ccdd1573d blink::LayoutBlock::layout()
#19 0x7f6ccdd30533 blink::LayoutBlockFlow::positionAndLayoutOnceIfNeeded()
#20 0x7f6ccdd307f9 blink::LayoutBlockFlow::layoutBlockChild()
#21 0x7f6ccdd330d0 blink::LayoutBlockFlow::layoutBlockChildren()
#22 0x7f6ccdd2f9dd blink::LayoutBlockFlow::layoutChildren()
#23 0x7f6ccdd2f342 blink::LayoutBlockFlow::layoutBlock()
#24 0x7f6ccdd1573d blink::LayoutBlock::layout()
#25 0x7f6ccde94352 blink::LayoutView::layoutContent()
#26 0x7f6ccde94bf1 blink::LayoutView::layout()
#27 0x7f6ccd6ffd68 blink::layoutFromRootObject()
#28 0x7f6ccd70062d blink::FrameView::performLayout()
#29 0x7f6ccd701659 blink::FrameView::layout()
#30 0x7f6ccd25528a blink::Document::implicitClose()
#31 0x7f6cce03ec43 blink::FrameLoader::checkCompleted()
#32 0x7f6ccd263a50 blink::Document::decrementLoadEventDelayCountAndCheckLoadEvent()
#33 0x7f6ccd349bd8 blink::IncrementLoadEventDelayCount::clearAndCheckLoadEvent()
#34 0x7f6ccd90c90b blink::HTMLStyleElement::dispatchPendingEvent()
#35 0x7f6ccd90e31a _ZN4base8internal13FunctorTraitsIMN5blink16HTMLStyleElementEFvSt10unique_ptrINS2_28IncrementLoadEventDelayCountESt14default_deleteIS5_EEEvE6InvokeIRKNS2_10PersistentIS3_EEJS8_EEEvSA_OT_DpOT0_
#36 0x7f6ccd90e06c _ZN4base8internal12InvokeHelperILb0EvE8MakeItSoIRKMN5blink16HTMLStyleElementEFvSt10unique_ptrINS4_28IncrementLoadEventDelayCountESt14default_deleteIS7_EEEJRKNS4_10PersistentIS5_EESA_EEEvOT_DpOT0_
#37 0x7f6ccd90dc10 _ZN4base8internal7InvokerINS0_9BindStateIMN5blink16HTMLStyleElementEFvSt10unique_ptrINS3_28IncrementLoadEventDelayCountESt14default_deleteIS6_EEEJNS3_10PersistentIS4_EEN3WTF13PassedWrapperIS9_EEEEEFvvEE7RunImplIRKSB_RKSt5tupleIJSD_SG_EEJLm0ELm1EEEEvOT_OT0_NS_13IndexSequenceIJXspT1_EEEE
#38 0x7f6ccd90dacd _ZN4base8internal7InvokerINS0_9BindStateIMN5blink16HTMLStyleElementEFvSt10unique_ptrINS3_28IncrementLoadEventDelayCountESt14default_deleteIS6_EEEJNS3_10PersistentIS4_EEN3WTF13PassedWrapperIS9_EEEEEFvvEE3RunEPNS0_13BindStateBaseE
#39 0x7f6cd9f8afdb _ZNO4base8internal8RunMixinINS_8CallbackIFvvELNS0_8CopyModeE0ELNS0_10RepeatModeE0EEEE3RunEv
#40 0x7f6cd9f8abc3 base::debug::TaskAnnotator::RunTask()
#41 0x7f6cd1f4173d blink::scheduler::TaskQueueManager::ProcessTaskFromWorkQueue()
#42 0x7f6cd1f40207 blink::scheduler::TaskQueueManager::DoWork()
#43 0x7f6cd1f547ac _ZN4base8internal13FunctorTraitsIMN5blink9scheduler16TaskQueueManagerEFvbEvE6InvokeIRKNS_7WeakPtrIS4_EEJRKbEEEvS6_OT_DpOT0_
#44 0x7f6cd1f52c22 _ZN4base8internal12InvokeHelperILb1EvE8MakeItSoIRKMN5blink9scheduler16TaskQueueManagerEFvbERKNS_7WeakPtrIS6_EEJRKbEEEvOT_OT0_DpOT1_
#45 0x7f6cd1f4f23a _ZN4base8internal7InvokerINS0_9BindStateIMN5blink9scheduler16TaskQueueManagerEFvbEJNS_7WeakPtrIS5_EEbEEEFvvEE7RunImplIRKS7_RKSt5tupleIJS9_bEEJLm0ELm1EEEEvOT_OT0_NS_13IndexSequenceIJXspT1_EEEE
#46 0x7f6cd1f4ba3a _ZN4base8internal7InvokerINS0_9BindStateIMN5blink9scheduler16TaskQueueManagerEFvbEJNS_7WeakPtrIS5_EEbEEEFvvEE3RunEPNS0_13BindStateBaseE
#47 0x7f6cd9f8afdb _ZNO4base8internal8RunMixinINS_8CallbackIFvvELNS0_8CopyModeE0ELNS0_10RepeatModeE0EEEE3RunEv
#48 0x7f6cd9f8abc3 base::debug::TaskAnnotator::RunTask()
#49 0x7f6cda011dda base::MessageLoop::RunTask()
#50 0x7f6cda011f38 base::MessageLoop::DeferOrRunPendingTask()
#51 0x7f6cda01240b base::MessageLoop::DoWork()
#52 0x7f6cda02c760 base::MessagePumpDefault::Run()
#53 0x7f6cda0119d6 base::MessageLoop::RunHandler()
#54 0x7f6cda0c3b53 base::RunLoop::Run()
#55 0x7f6cde066d57 content::RendererMain()
#56 0x7f6cde4e4854 content::RunZygote()
#57 0x7f6cde4e4af9 content::RunNamedProcessTypeMain()
#58 0x7f6cde4e5d58 content::ContentMainRunnerImpl::Run()
#59 0x7f6cde4e3bf3 content::ContentMain()
#60 0x00000053101f main
#61 0x7f6cc7795830 __libc_start_main
Received signal 6
#0 0x7f6cd9f87086 base::debug::StackTrace::StackTrace()
#1 0x7f6cd9f85195 base::debug::StackTrace::StackTrace()
#2 0x7f6cd9f85f23 base::debug::(anonymous namespace)::StackDumpSignalHandler()
#3 0x7f6ce13e9390 <unknown>
#4 0x7f6cc77aa428 gsignal
#5 0x7f6cc77ac02a abort
#6 0x7f6cd9f8300d base::debug::(anonymous namespace)::DebugBreak()
#7 0x7f6cd9f83026 base::debug::BreakDebugger()
#8 0x7f6cd9fe67c6 logging::LogMessage::~LogMessage()
#9 0x7f6ccdcc05dc [27129:27129:0208/235642.231575:207133133742:ERROR:fontconfig_util_linux.cc(88)] You are missing /usr/share/fonts/truetype/ttf-punjabi-fonts/lohit_pa.ttf. Try re-running build/install-build-deps.sh. Also see https://chromium.googlesource.com/chromium/src/+/master/docs/layout_tests_linux.md
blink::BidiResolver<>::checkDirectionInLowerRaiseEmbeddingLevel()
#10 0x7f6ccdcbedc4 blink::BidiResolver<>::lowerExplicitEmbeddingLevel()
#11 0x7f6ccdcbbe1b blink::BidiResolver<>::commitExplicitEmbedding()
#12 0x7f6ccdcb94f1 blink::notifyObserverEnteredObject<>()
#13 0x7f6ccdcb9359 blink::bidiNextShared<>()
#14 0x7f6ccdcb91b7 blink::bidiNextSkippingEmptyInlines<>()
#15 0x7f6ccdcba9b9 blink::InlineIterator::increment()
#16 0x7f6ccdcbac02 blink::BidiResolver<>::increment()
#17 0x7f6ccdcbc85f blink::BidiResolver<>::createBidiRunsForLine()
#18 0x7f6ccdcb8b78 blink::constructBidiRunsForLine()
#19 0x7f6ccdd517a8 blink::LayoutBlockFlow::layoutRunsAndFloatsInRange()
#20 0x7f6ccdd5091c blink::LayoutBlockFlow::layoutRunsAndFloats()
#21 0x7f6ccdd54816 blink::LayoutBlockFlow::layoutInlineChildren()
#22 0x7f6ccdd2f9b5 blink::LayoutBlockFlow::layoutChildren()
#23 0x7f6ccdd2f342 blink::LayoutBlockFlow::layoutBlock()
#24 0x7f6ccdd1573d blink::LayoutBlock::layout()
#25 0x7f6ccdd30533 blink::LayoutBlockFlow::positionAndLayoutOnceIfNeeded()
#26 0x7f6ccdd307f9 blink::LayoutBlockFlow::layoutBlockChild()
#27 0x7f6ccdd330d0 blink::LayoutBlockFlow::layoutBlockChildren()
#28 0x7f6ccdd2f9dd blink::LayoutBlockFlow::layoutChildren()
#29 0x7f6ccdd2f342 blink::LayoutBlockFlow::layoutBlock()
#30 0x7f6ccdd1573d blink::LayoutBlock::layout()
#31 0x7f6ccde94352 blink::LayoutView::layoutContent()
#32 0x7f6ccde94bf1 blink::LayoutView::layout()
#33 0x7f6ccd6ffd68 blink::layoutFromRootObject()
#34 0x7f6ccd70062d blink::FrameView::performLayout()
#35 0x7f6ccd701659 blink::FrameView::layout()
#36 0x7f6ccd25528a blink::Document::implicitClose()
#37 0x7f6cce03ec43 blink::FrameLoader::checkCompleted()
#38 0x7f6ccd263a50 blink::Document::decrementLoadEventDelayCountAndCheckLoadEvent()
#39 0x7f6ccd349bd8 blink::IncrementLoadEventDelayCount::clearAndCheckLoadEvent()
#40 0x7f6ccd90c90b blink::HTMLStyleElement::dispatchPendingEvent()
#41 0x7f6ccd90e31a _ZN4base8internal13FunctorTraitsIMN5blink16HTMLStyleElementEFvSt10unique_ptrINS2_28IncrementLoadEventDelayCountESt14default_deleteIS5_EEEvE6InvokeIRKNS2_10PersistentIS3_EEJS8_EEEvSA_OT_DpOT0_
#42 0x7f6ccd90e06c _ZN4base8internal12InvokeHelperILb0EvE8MakeItSoIRKMN5blink16HTMLStyleElementEFvSt10unique_ptrINS4_28IncrementLoadEventDelayCountESt14default_deleteIS7_EEEJRKNS4_10PersistentIS5_EESA_EEEvOT_DpOT0_
#43 0x7f6ccd90dc10 _ZN4base8internal7InvokerINS0_9BindStateIMN5blink16HTMLStyleElementEFvSt10unique_ptrINS3_28IncrementLoadEventDelayCountESt14default_deleteIS6_EEEJNS3_10PersistentIS4_EEN3WTF13PassedWrapperIS9_EEEEEFvvEE7RunImplIRKSB_RKSt5tupleIJSD_SG_EEJLm0ELm1EEEEvOT_OT0_NS_13IndexSequenceIJXspT1_EEEE
#44 0x7f6ccd90dacd _ZN4base8internal7InvokerINS0_9BindStateIMN5blink16HTMLStyleElementEFvSt10unique_ptrINS3_28IncrementLoadEventDelayCountESt14default_deleteIS6_EEEJNS3_10PersistentIS4_EEN3WTF13PassedWrapperIS9_EEEEEFvvEE3RunEPNS0_13BindStateBaseE
#45 0x7f6cd9f8afdb _ZNO4base8internal8RunMixinINS_8CallbackIFvvELNS0_8CopyModeE0ELNS0_10RepeatModeE0EEEE3RunEv
#46 0x7f6cd9f8abc3 base::debug::TaskAnnotator::RunTask()
#47 0x7f6cd1f4173d blink::scheduler::TaskQueueManager::ProcessTaskFromWorkQueue()
#48 0x7f6cd1f40207 blink::scheduler::TaskQueueManager::DoWork()
#49 0x7f6cd1f547ac _ZN4base8internal13FunctorTraitsIMN5blink9scheduler16TaskQueueManagerEFvbEvE6InvokeIRKNS_7WeakPtrIS4_EEJRKbEEEvS6_OT_DpOT0_
#50 0x7f6cd1f52c22 _ZN4base8internal12InvokeHelperILb1EvE8MakeItSoIRKMN5blink9scheduler16TaskQueueManagerEFvbERKNS_7WeakPtrIS6_EEJRKbEEEvOT_OT0_DpOT1_
#51 0x7f6cd1f4f23a _ZN4base8internal7InvokerINS0_9BindStateIMN5blink9scheduler16TaskQueueManagerEFvbEJNS_7WeakPtrIS5_EEbEEEFvvEE7RunImplIRKS7_RKSt5tupleIJS9_bEEJLm0ELm1EEEEvOT_OT0_NS_13IndexSequenceIJXspT1_EEEE
#52 0x7f6cd1f4ba3a _ZN4base8internal7InvokerINS0_9BindStateIMN5blink9scheduler16TaskQueueManagerEFvbEJNS_7WeakPtrIS5_EEbEEEFvvEE3RunEPNS0_13BindStateBaseE
#53 0x7f6cd9f8afdb _ZNO4base8internal8RunMixinINS_8CallbackIFvvELNS0_8CopyModeE0ELNS0_10RepeatModeE0EEEE3RunEv
#54 0x7f6cd9f8abc3 base::debug::TaskAnnotator::RunTask()
#55 0x7f6cda011dda base::MessageLoop::RunTask()
#56 0x7f6cda011f38 base::MessageLoop::DeferOrRunPendingTask()
#57 0x7f6cda01240b base::MessageLoop::DoWork()
#58 0x7f6cda02c760 base::MessagePumpDefault::Run()
#59 0x7f6cda0119d6 base::MessageLoop::RunHandler()
#60 0x7f6cda0c3b53 base::RunLoop::Run()
#61 0x7f6cde066d57 content::RendererMain()
r8: 0000000000649820 r9: 0000000000649810 r10: 0000000000000008 r11: 0000000000000202
r12: 000000000000134d r13: 00007ffff71ca168 r14: 0000000000000001 r15: 0000000000000000
di: 0000000000000001 si: 0000000000000001 bp: 00007ffff71c9a90 bx: 000031e70edbd7a0
dx: 0000000000000006 ax: 0000000000000000 cx: 00007f6cc77aa428 sp: 00007ffff71c9958
ip: 00007f6cc77aa428 efl: 0000000000000202 cgf: 0000000000000033 erf: 0000000000000000
trp: 0000000000000000 msk: 0000000000000000 cr2: 0000000000000000
[end of stack trace]
#CRASHED - renderer
,
Feb 14 2017
,
Feb 14 2017
,
Mar 22 2017
@Kojii: Friendly ping! Could you please look into this issue. Thanks!
,
Apr 6 2017
M58 stable is approaching soon, can we have a fix before M59 hits stable.
,
Apr 7 2017
This is P3, debug-only failure, not affecting users, and thus I'm not planning to work on this in near term. Please add comments if there were any indication that this issue is affecting users more than my understanding above. |
||||
►
Sign in to add a comment |
||||
Comment 1 by ajha@chromium.org
, Feb 14 2017Labels: Needs-Triage-M58 OS-Linux