Bug 102944

Summary: [CSS Regions] Crash when dispatching regionlayoutupdate
Product: WebKit Reporter: Andrei Bucur <abucur>
Component: WebCore Misc.Assignee: Andrei Bucur <abucur>
Status: RESOLVED FIXED    
Severity: Normal CC: ojan, WebkitBugTracker, webkit.review.bot
Priority: P2 Keywords: AdobeTracked
Version: 528+ (Nightly build)   
Hardware: Unspecified   
OS: Unspecified   
Bug Depends on:    
Bug Blocks: 57312    
Attachments:
Description Flags
Patch
none
Patch none

Description Andrei Bucur 2012-11-21 07:46:10 PST 
Crash when dispatching regionlayoutupdate after the flow moves to the NULL state. It's more obvious in Debug mode because an ASSERTION is hit.
Comment 1 Andrei Bucur 2012-11-21 09:54:37 PST 
Created attachment 175469 [details]
Patch
Comment 2 Andrei Bucur 2012-11-21 10:23:15 PST 
ASSERTION FAILED: m_parentFlowThread
/Users/abucur/NonPerforce/WebKit/Source/WebCore/dom/WebKitNamedFlow.cpp(199) : void WebCore::WebKitNamedFlow::dispatchRegionLayoutUpdateEvent()
1   0x111f53d4c WebCore::WebKitNamedFlow::dispatchRegionLayoutUpdateEvent()
2   0x111975c4e WebCore::RenderNamedFlowThread::regionLayoutUpdateEventTimerFired(WebCore::Timer<WebCore::RenderNamedFlowThread>*)
3   0x111981863 WebCore::Timer<WebCore::RenderNamedFlowThread>::fired()
4   0x111ea9366 WebCore::ThreadTimers::sharedTimerFiredInternal()
5   0x111ea90f9 WebCore::ThreadTimers::sharedTimerFired()
6   0x111bd0ca3 WebCore::timerFired(__CFRunLoopTimer*, void*)
7   0x7fff953134b4 __CFRUNLOOP_IS_CALLING_OUT_TO_A_TIMER_CALLBACK_FUNCTION__
8   0x7fff95312fcd __CFRunLoopDoTimer
9   0x7fff952f87b9 __CFRunLoopRun
10  0x7fff952f7dd2 CFRunLoopRunSpecific
11  0x7fff95571774 RunCurrentEventLoopInMode
12  0x7fff95571512 ReceiveNextEventCommon
13  0x7fff955713a3 BlockUntilNextEventMatchingListInMode
14  0x7fff8e600fa3 _DPSNextEvent
15  0x7fff8e600862 -[NSApplication nextEventMatchingMask:untilDate:inMode:dequeue:]
16  0x7fff8e5f7c03 -[NSApplication run]
17  0x111afbf0c WebCore::RunLoop::run()
18  0x10e6904f9 WebKit::WebProcessMain(WebKit::CommandLine const&)
19  0x10e5846a9 WebKitMain(WebKit::CommandLine const&)
20  0x10e5845b9 WebKitMain
21  0x10e312da2 main
22  0x7fff952587e1 start
23  0xa
Comment 3 Adam Barth 2012-11-21 10:53:15 PST 
Comment on attachment 175469 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=175469&action=review

> LayoutTests/fast/regions/webkit-named-flow-event-crash-expected.txt:1
> +

Its generally a good idea to have the expected file not be blank.
Comment 4 Andrei Bucur 2012-11-22 06:50:07 PST 
Created attachment 175668 [details]
Patch
Comment 5 Andreas Kling 2012-11-27 04:59:05 PST 
Comment on attachment 175668 [details]
Patch

r=me
Comment 6 WebKit Review Bot 2012-11-27 05:50:39 PST 
Comment on attachment 175668 [details]
Patch

Clearing flags on attachment: 175668

Committed r135853: <http://trac.webkit.org/changeset/135853>
Comment 7 WebKit Review Bot 2012-11-27 05:50:42 PST 
All reviewed patches have been landed.  Closing bug.