Bug 107868
| Summary: | REGRESSION(140571): Crash in ScrollingCoordinator::mainThreadScrollingReasons during Frame::createView | ||
|---|---|---|---|
| Product: | WebKit | Reporter: | James Robinson <jamesr> |
| Component: | New Bugs | Assignee: | Nobody <webkit-unassigned> |
| Status: | RESOLVED FIXED | ||
| Severity: | Normal | CC: | andersca, arv, bdakin, simon.fraser, wangxianzhu |
| Priority: | P2 | ||
| Version: | 528+ (Nightly build) | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
James Robinson
Stack Trace:
RELADDR FUNCTION FILE:LINE
009685d6 WebCore::ScrollingCoordinator::mainThreadScrollingReasons() const /out/Release/../../third_party/WebKit/Source/WebCore/page/scrolling/ScrollingCoordinator.cpp:457
v------> WebCore::ScrollingCoordinator::shouldUpdateScrollLayerPositionOnMainThread() const /out/Release/../../third_party/WebKit/Source/WebCore/page/scrolling/ScrollingCoordinator.h:147
0094a443 WebCore::FrameView::isRubberBandInProgress() const /out/Release/../../third_party/WebKit/Source/WebCore/page/FrameView.cpp:1919
v------> WebCore::ScrollView::updateScrollbars(WebCore::IntSize const&) /out/Release/../../third_party/WebKit/Source/WebCore/platform/ScrollView.cpp:615
0076c90d WebCore::ScrollView::updateScrollbars(WebCore::IntSize const&) /out/Release/../../third_party/WebKit/Source/WebCore/platform/ScrollView.cpp:464
0076cbdf WebCore::ScrollView::setFixedLayoutSize(WebCore::IntSize const&) /out/Release/../../third_party/WebKit/Source/WebCore/platform/ScrollView.cpp:279
00949053 WebCore::Frame::createView(WebCore::IntSize const&, WebCore::Color const&, bool, WebCore::IntSize const&, WebCore::IntRect const&, bool, WebCore::ScrollbarMode, bool, WebCore::ScrollbarMode, bool) /out/Release/../../third_party/WebKit/Source/WebCore/page/Frame.cpp:792
004775f9 WebKit::WebFrameImpl::createFrameView() /out/Release/../../third_party/WebKit/Source/WebKit/chromium/src/WebFrameImpl.cpp:2280
00919e2d WebCore::FrameLoader::transitionToCommitted(WTF::PassRefPtr<WebCore::CachedPage>) /out/Release/../../third_party/WebKit/Source/WebCore/loader/FrameLoader.cpp:1864
0091af03 WebCore::FrameLoader::commitProvisionalLoad() /out/Release/../../third_party/WebKit/Source/WebCore/loader/FrameLoader.cpp:1701
00910361 WebCore::DocumentLoader::commitLoad(char const*, int) /out/Release/../../third_party/WebKit/Source/WebCore/loader/DocumentLoader.cpp:310
0091ecf9 WebCore::MainResourceLoader::dataReceived(WebCore::CachedResource*, char const*, int) /out/Release/../../third_party/WebKit/Source/WebCore/loader/MainResourceLoader.cpp:512
0092af2b WebCore::CachedRawResource::data(WTF::PassRefPtr<WebCore::ResourceBuffer>, bool) /out/Release/../../third_party/WebKit/Source/WebCore/loader/cache/CachedRawResource.cpp:70
00924d11 WebCore::SubresourceLoader::sendDataToResource(char const*, int) /out/Release/../../third_party/WebKit/Source/WebCore/loader/SubresourceLoader.cpp:255
v------> WebCore::SubresourceLoader::didReceiveData(char const*, int, long long, bool) /out/Release/../../third_party/WebKit/Source/WebCore/loader/SubresourceLoader.cpp:227
00924ee1 WebCore::SubresourceLoader::didReceiveData(char const*, int, long long, bool) /out/Release/../../third_party/WebKit/Source/WebCore/loader/SubresourceLoader.cpp:215
009233c3 WebCore::ResourceLoader::didReceiveData(WebCore::ResourceHandle*, char const*, int, int) /out/Release/../../third_party/WebKit/Source/WebCore/loader/ResourceLoader.cpp:451
007bc41d WebCore::ResourceHandleInternal::didReceiveData(WebKit::WebURLLoader*, char const*, int, int)
| Attachments | ||
|---|---|---|
| Add attachment proposed patch, testcase, etc. |
James Robinson
WebCore::Frame::createView() does this:
RefPtr<FrameView> frameView;
if (isMainFrame) {
frameView = FrameView::create(this, viewportSize);
frameView->setFixedLayoutSize(fixedLayoutSize);
frameView->setFixedVisibleContentRect(fixedVisibleContentRect);
frameView->setUseFixedLayout(useFixedLayout); // <--- boom!
} else
frameView = FrameView::create(this);
frameView->setScrollbarModes(horizontalScrollbarMode, verticalScrollbarMode, horizontalLock, verticalLock);
setView(frameView);
the view isn't set up
James Robinson
What 'bout this?
diff --git a/Source/WebCore/page/scrolling/ScrollingCoordinator.cpp b/Source/WebCore/page/scrolling/ScrollingCoordinat
index c17cc36..f12c280 100644
--- a/Source/WebCore/page/scrolling/ScrollingCoordinator.cpp
+++ b/Source/WebCore/page/scrolling/ScrollingCoordinator.cpp
@@ -449,6 +449,8 @@ bool ScrollingCoordinator::hasVisibleSlowRepaintViewportConstrainedObjects(Frame
MainThreadScrollingReasons ScrollingCoordinator::mainThreadScrollingReasons() const
{
FrameView* frameView = m_page->mainFrame()->view();
+ if (!frameView)
+ return static_cast<MainThreadScrollingReasons>(0);
MainThreadScrollingReasons mainThreadScrollingReasons = (MainThreadScrollingReasons)0;
?
Beth Dakin
(In reply to comment #2)
> What 'bout this?
>
> diff --git a/Source/WebCore/page/scrolling/ScrollingCoordinator.cpp b/Source/WebCore/page/scrolling/ScrollingCoordinat
> index c17cc36..f12c280 100644
> --- a/Source/WebCore/page/scrolling/ScrollingCoordinator.cpp
> +++ b/Source/WebCore/page/scrolling/ScrollingCoordinator.cpp
> @@ -449,6 +449,8 @@ bool ScrollingCoordinator::hasVisibleSlowRepaintViewportConstrainedObjects(Frame
> MainThreadScrollingReasons ScrollingCoordinator::mainThreadScrollingReasons() const
> {
> FrameView* frameView = m_page->mainFrame()->view();
> + if (!frameView)
> + return static_cast<MainThreadScrollingReasons>(0);
>
> MainThreadScrollingReasons mainThreadScrollingReasons = (MainThreadScrollingReasons)0;
>
>
> ?
I still think it's cray-zay that we can end up calling updateScrollbars() this early on in the construction of a FrameView, but I think this change is okay.
James Robinson
Committed r140732: <http://trac.webkit.org/changeset/140732>
James Robinson
(In reply to comment #3)
>
> I still think it's cray-zay that we can end up calling updateScrollbars() this early on in the construction of a FrameView, but I think this change is okay.
I definitely agree. I don't think there is any reason to call updateScrollbars() unless we're about to do a layout, but perhaps I'm not very creative.