Bug 21335

Summary:

CrashTracer reports many crashes at WebCore::CSSFontSelector::getFontData

Product:

WebKit

Reporter:

Adele Peterson <adele>

Component:

CSS

Assignee:

Nobody <webkit-unassigned>

Status:

RESOLVED FIXED

Severity:

Normal

Keywords:

InRadar

Priority:

Version:

528+ (Nightly build)

Hardware:

Mac

OS:

OS X 10.5

Attachments:

Description	Flags
patch	mitz: review+

Description Adele Peterson 2008-10-03 10:41:26 PDT

Thread 0 Crashed (i386):
>#0   com.apple.WebCore          0x913367e8  WebCore::Frame::settings() const + 8
  #1   com.apple.WebCore          0x9156827b  WebCore::CSSFontSelector::getFontData(WebCore::FontDescription const&, WebCore::AtomicString const&) + 315
  #2   com.apple.WebCore          0x91568028  WebCore::FontCache::getFontData(WebCore::Font const&, int&, WebCore::FontSelector*) + 184
  #3   com.apple.WebCore          0x9137a3a9  WebCore::FontFallbackList::fontDataAt(WebCore::Font const*, unsigned int) const + 73
  #4   com.apple.WebCore          0x9137a341  WebCore::Font::cachePrimaryFont() const + 33
  #5   com.apple.WebCore          0x914c0a0b  WebCore::PopupMenu::populate() + 1211
  #6   com.apple.WebCore          0x914bfafd  WebCore::PopupMenu::show(WebCore::IntRect const&, WebCore::FrameView*, int) + 29
  #7   com.apple.WebCore          0x914bfa39  WebCore::RenderMenuList::showPopup() + 185
  #8   com.apple.WebCore          0x914bd039  WebCore::HTMLSelectElement::menuListDefaultEventHandler(WebCore::Event*) + 473
  #9   com.apple.WebCore          0x914bce02  WebCore::HTMLSelectElement::defaultEventHandler(WebCore::Event*) + 130
  #10  com.apple.WebCore          0x91375b23  WebCore::EventTarget::dispatchGenericEvent(WebCore::EventTargetNode*, WTF::PassRefPtr<WebCore::Event>, int&, bool) + 707
  #11  com.apple.WebCore          0x9137576f  WebCore::EventTargetNode::dispatchEvent(WTF::PassRefPtr<WebCore::Event>, int&, bool) + 255
  #12  com.apple.WebCore          0x9153303d  WebCore::EventTargetNode::dispatchMouseEvent(WebCore::AtomicString const&, int, int, int, int, int, int, bool, bool, bool, bool, bool, WebCore::Node*, WTF::PassRefPtr<WebCore::Event>) + 509
  #13  com.apple.WebCore          0x91532df5  WebCore::EventTargetNode::dispatchMouseEvent(WebCore::PlatformMouseEvent const&, WebCore::AtomicString const&, int, WebCore::Node*) + 165
  #14  com.apple.WebCore          0x915328f5  WebCore::EventHandler::dispatchMouseEvent(WebCore::AtomicString const&, WebCore::Node*, bool, int, WebCore::PlatformMouseEvent const&, bool) + 101
  #15  com.apple.WebCore          0x914a2647  WebCore::EventHandler::handleMousePressEvent(WebCore::PlatformMouseEvent const&) + 551
  #16  com.apple.WebCore          0x914a2376  WebCore::EventHandler::mouseDown(NSEvent*) + 534
  #17  com.apple.WebKit           0x91217efe  -[WebHTMLView mouseDown:] + 462
  #18  com.apple.AppKit           0x9202fac3  -[NSWindow sendEvent:] + 5381
  #19  com.apple.Safari           0x0002b3c3
  #20  com.apple.AppKit           0x91ffc714  -[NSApplication sendEvent:] + 2780
  #21  com.apple.Safari           0x0002ae48
  #22  com.apple.AppKit           0x91f5a0f9  -[NSApplication run] + 847
  #23  com.apple.AppKit           0x91f2730a  NSApplicationMain + 574
  #24  com.apple.Safari           0x000b9906

Comment 1 Adele Peterson 2008-10-03 10:42:28 PDT

<rdar://problem/6012018>

Comment 2 Adele Peterson 2008-10-03 10:44:06 PDT

Created attachment 24055 [details]
patch

Haven't made a test.  I don't really know what triggers this, but it seems clear we should be nil checking the frame.

Comment 3 Adele Peterson 2008-10-03 10:45:27 PDT

Probably has something to do with a menu being displayed as the frame goes away.

Comment 4 mitz 2008-10-03 10:54:15 PDT

Comment on attachment 24055 [details]
patch

r=me

Comment 5 Adele Peterson 2008-10-03 11:13:59 PDT

Committed revision 37243.