Bug 102944

Summary: [CSS Regions] Crash when dispatching regionlayoutupdate
Product: WebKit Reporter: Andrei Bucur <abucur>
Component: WebCore Misc.Assignee: Andrei Bucur <abucur>
Status: RESOLVED FIXED    
Severity: Normal CC: ojan, WebkitBugTracker, webkit.review.bot
Priority: P2 Keywords: AdobeTracked
Version: 528+ (Nightly build)   
Hardware: Unspecified   
OS: Unspecified   
Bug Depends on:    
Bug Blocks: 57312    
Attachments:
Description Flags
Patch
none
Patch none

Andrei Bucur
Reported 2012-11-21 07:46:10 PST
Crash when dispatching regionlayoutupdate after the flow moves to the NULL state. It's more obvious in Debug mode because an ASSERTION is hit.
Attachments
Patch (5.66 KB, patch)
2012-11-21 09:54 PST, Andrei Bucur 		no flags
DetailsFormatted DiffDiff
Patch (5.94 KB, patch)
2012-11-22 06:50 PST, Andrei Bucur 		no flags
DetailsFormatted DiffDiff
Show Obsolete (1) View All Add attachment proposed patch, testcase, etc.
Andrei Bucur
Comment 1 2012-11-21 09:54:37 PST
Created attachment 175469 [details] Patch
Andrei Bucur
Comment 2 2012-11-21 10:23:15 PST
ASSERTION FAILED: m_parentFlowThread /Users/abucur/NonPerforce/WebKit/Source/WebCore/dom/WebKitNamedFlow.cpp(199) : void WebCore::WebKitNamedFlow::dispatchRegionLayoutUpdateEvent() 1 0x111f53d4c WebCore::WebKitNamedFlow::dispatchRegionLayoutUpdateEvent() 2 0x111975c4e WebCore::RenderNamedFlowThread::regionLayoutUpdateEventTimerFired(WebCore::Timer<WebCore::RenderNamedFlowThread>*) 3 0x111981863 WebCore::Timer<WebCore::RenderNamedFlowThread>::fired() 4 0x111ea9366 WebCore::ThreadTimers::sharedTimerFiredInternal() 5 0x111ea90f9 WebCore::ThreadTimers::sharedTimerFired() 6 0x111bd0ca3 WebCore::timerFired(__CFRunLoopTimer*, void*) 7 0x7fff953134b4 __CFRUNLOOP_IS_CALLING_OUT_TO_A_TIMER_CALLBACK_FUNCTION__ 8 0x7fff95312fcd __CFRunLoopDoTimer 9 0x7fff952f87b9 __CFRunLoopRun 10 0x7fff952f7dd2 CFRunLoopRunSpecific 11 0x7fff95571774 RunCurrentEventLoopInMode 12 0x7fff95571512 ReceiveNextEventCommon 13 0x7fff955713a3 BlockUntilNextEventMatchingListInMode 14 0x7fff8e600fa3 _DPSNextEvent 15 0x7fff8e600862 -[NSApplication nextEventMatchingMask:untilDate:inMode:dequeue:] 16 0x7fff8e5f7c03 -[NSApplication run] 17 0x111afbf0c WebCore::RunLoop::run() 18 0x10e6904f9 WebKit::WebProcessMain(WebKit::CommandLine const&) 19 0x10e5846a9 WebKitMain(WebKit::CommandLine const&) 20 0x10e5845b9 WebKitMain 21 0x10e312da2 main 22 0x7fff952587e1 start 23 0xa
Adam Barth
Comment 3 2012-11-21 10:53:15 PST
Comment on attachment 175469 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=175469&action=review > LayoutTests/fast/regions/webkit-named-flow-event-crash-expected.txt:1 > + Its generally a good idea to have the expected file not be blank.
Andrei Bucur
Comment 4 2012-11-22 06:50:07 PST
Created attachment 175668 [details] Patch
Andreas Kling
Comment 5 2012-11-27 04:59:05 PST
Comment on attachment 175668 [details] Patch r=me
WebKit Review Bot
Comment 6 2012-11-27 05:50:39 PST
Comment on attachment 175668 [details] Patch Clearing flags on attachment: 175668 Committed r135853: <http://trac.webkit.org/changeset/135853>
WebKit Review Bot
Comment 7 2012-11-27 05:50:42 PST
All reviewed patches have been landed. Closing bug.
Note You need to log in before you can comment on or make changes to this bug.