Bug 36859

Summary: [Qt]QtLauncher crash on page with CSS 3D transform
Product: WebKit Reporter: Saimon <basirat>
Component: WebKit QtAssignee: Noam Rosenthal <noam>
Status: CLOSED FIXED    
Severity: Blocker CC: commit-queue, diegohcg, hausmann, kenneth, noam, ossy, webkit.review.bot
Priority: P1 Keywords: Qt
Version: 528+ (Nightly build)   
Hardware: PC   
OS: All   
URL: http://css-vfx.googlecode.com/svn/trunk/snowstack/snowstack.html
Bug Depends on:    
Bug Blocks: 35784    
Attachments:
Description Flags
Added a null-check to fix the crash
none
oops, wrong upload none

Description Saimon 2010-03-30 15:56:14 PDT
QtLauncher will crash when visit this URL
http://css-vfx.googlecode.com/svn/trunk/snowstack/snowstack.html
Comment 1 Saimon 2010-04-04 09:50:10 PDT
Crash in http://webkit.org/blog-files/3d-transforms/poster-circle.html too
Comment 2 Csaba Osztrogonác 2010-04-04 15:07:21 PDT
backtrace for http://css-vfx.googlecode.com/svn/trunk/snowstack/snowstack.html:

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0x7ffc3a5b76f0 (LWP 19103)]
QGraphicsScene::update (this=0x0, rect=@0x7fffffffac30) at graphicsview/qgraphicsscene.h:297
297     graphicsview/qgraphicsscene.h: No such file or directory.
        in graphicsview/qgraphicsscene.h
(gdb) bt
#0  QGraphicsScene::update (this=0x0, rect=@0x7fffffffac30) at graphicsview/qgraphicsscene.h:297
#1  0x00007ffc3931718e in WebCore::GraphicsLayerQtImpl::flushChanges (this=0x92a4c0, recursive=true, forceUpdateTransform=true)
    at ../../../WebCore/platform/graphics/qt/GraphicsLayerQt.cpp:492
#2  0x00007ffc39317e74 in WebCore::GraphicsLayerQtImpl::flushChanges (this=0xb46050, recursive=true, forceUpdateTransform=true)
    at ../../../WebCore/platform/graphics/qt/GraphicsLayerQt.cpp:614
#3  0x00007ffc39317e74 in WebCore::GraphicsLayerQtImpl::flushChanges (this=0x9291f0, recursive=true, forceUpdateTransform=true)
    at ../../../WebCore/platform/graphics/qt/GraphicsLayerQt.cpp:614
#4  0x00007ffc39318580 in WebCore::GraphicsLayerQt::syncCompositingState (this=0x929020) at ../../../WebCore/platform/graphics/qt/GraphicsLayerQt.cpp:936
#5  0x00007ffc38dd3c48 in WebCore::FrameView::paintContents (this=0x754c20, p=0x7fffffffb7a0, rect=@0x7fffffffb700)
    at ../../../WebCore/page/FrameView.cpp:1865
#6  0x00007ffc3907f749 in QWebFramePrivate::renderRelativeCoords (this=0x753850, context=0x7fffffffb7a0, layer=QWebFrame::AllLayers, clip=@0x7fffffffc008)
    at ../../../WebKit/qt/Api/qwebframe.cpp:493
#7  0x00007ffc3907fad4 in QWebFrame::render (this=0x7364b0, painter=0x7fffffffb7f0, clip=@0x7fffffffc008) at ../../../WebKit/qt/Api/qwebframe.cpp:1223
#8  0x00007ffc39097c36 in QWebView::paintEvent (this=0x788940, ev=0x7fffffffbfe0) at ../../../WebKit/qt/Api/qwebview.cpp:928
#9  0x00007ffc36067971 in QWidget::event (this=0x788940, event=0x7fffffffbfe0) at kernel/qwidget.cpp:8120
#10 0x00007ffc39097f00 in QWebView::event (this=0x788940, e=0x7fffffffbfe0) at ../../../WebKit/qt/Api/qwebview.cpp:832
#11 0x00007ffc36010dfd in QApplicationPrivate::notify_helper (this=0x6d5750, receiver=0x788940, e=0x7fffffffbfe0) at kernel/qapplication.cpp:4242
#12 0x00007ffc360177ba in QApplication::notify (this=0x7fffffffd190, receiver=0x788940, e=0x7fffffffbfe0) at kernel/qapplication.cpp:4125
#13 0x00007ffc35b0089c in QCoreApplication::notifyInternal (this=0x7fffffffd190, receiver=0x788940, event=0x7fffffffbfe0) at kernel/qcoreapplication.cpp:704
#14 0x00007ffc3606fba1 in QWidgetPrivate::drawWidget (this=0x788980, pdev=0x880338, rgn=@0x7fffffffc4c0, offset=@0x7fffffffc4b0,
    flags=<value optimized out>, sharedPainter=0x0, backingStore=0x887fc0) at ../../include/QtCore/../../src/corelib/kernel/qcoreapplication.h:218
#15 0x00007ffc36237a1e in QWidgetBackingStore::sync (this=0x887fc0) at painting/qbackingstore.cpp:1281
#16 0x00007ffc360608c0 in QWidgetPrivate::syncBackingStore (this=0x71f980) at kernel/qwidget.cpp:1662
#17 0x00007ffc3606808d in QWidget::event (this=0x720640, event=0x931270) at kernel/qwidget.cpp:8266
#18 0x00007ffc3642345b in QMainWindow::event (this=0x720640, event=0x931270) at widgets/qmainwindow.cpp:1434
#19 0x00007ffc36010dfd in QApplicationPrivate::notify_helper (this=0x6d5750, receiver=0x720640, e=0x931270) at kernel/qapplication.cpp:4242
#20 0x00007ffc360177ba in QApplication::notify (this=0x7fffffffd190, receiver=0x720640, e=0x931270) at kernel/qapplication.cpp:4125
#21 0x00007ffc35b0089c in QCoreApplication::notifyInternal (this=0x7fffffffd190, receiver=0x720640, event=0x931270) at kernel/qcoreapplication.cpp:704
#22 0x00007ffc35b017c4 in QCoreApplicationPrivate::sendPostedEvents (receiver=0x0, event_type=0, data=0x6d58d0)
    at ../../include/QtCore/../../src/corelib/kernel/qcoreapplication.h:215
#23 0x00007ffc35b2b683 in postEventSourceDispatch (s=<value optimized out>) at ../../include/QtCore/../../src/corelib/kernel/qcoreapplication.h:220
#24 0x00007ffc331447ab in g_main_context_dispatch () from /usr/lib/libglib-2.0.so.0
#25 0x00007ffc33147f7d in ?? () from /usr/lib/libglib-2.0.so.0
#26 0x00007ffc3314813b in g_main_context_iteration () from /usr/lib/libglib-2.0.so.0
#27 0x00007ffc35b2b1dc in QEventDispatcherGlib::processEvents (this=0x6d6cb0, flags=<value optimized out>) at kernel/qeventdispatcher_glib.cpp:407
#28 0x00007ffc360bb35f in QGuiEventDispatcherGlib::processEvents (this=0x0, flags=<value optimized out>) at kernel/qguieventdispatcher_glib.cpp:202
#29 0x00007ffc35aff162 in QEventLoop::processEvents (this=<value optimized out>, flags={i = -12288}) at kernel/qeventloop.cpp:149
#30 0x00007ffc35aff534 in QEventLoop::exec (this=0x7fffffffd040, flags={i = -12208}) at kernel/qeventloop.cpp:201
#31 0x00007ffc35b01a46 in QCoreApplication::exec () at kernel/qcoreapplication.cpp:981
#32 0x0000000000424ee3 in launcherMain (app=@0x7fffffffd190) at ../../../../WebKitTools/QtLauncher/main.cpp:1012
#33 0x000000000042d369 in main (argc=2, argv=0x7fffffffd388) at ../../../../WebKitTools/QtLauncher/main.cpp:1196
Comment 3 Csaba Osztrogonác 2010-04-04 15:10:26 PDT
Additionally with DRT both of these URL work correctly.
Comment 4 Diego Gonzalez 2010-04-15 16:40:05 PDT
It seems crashes when accelerated compositing in enabled, as it is now enabled by default it crashes always. I doing some bisects to try to figure out the regression point
Comment 5 Noam Rosenthal 2010-04-15 17:20:29 PDT
I know how to fix this, expect a patch soon.
Comment 6 Noam Rosenthal 2010-04-16 13:24:05 PDT
Created attachment 53555 [details]
Added a null-check to fix the crash
Comment 7 WebKit Review Bot 2010-04-16 13:28:50 PDT
Attachment 53555 [details] did not pass style-queue:

Failed to run "WebKitTools/Scripts/check-webkit-style" exit_code: 1
Total errors found: 0 in 0 files


If any of these errors are false positives, please file a bug against check-webkit-style.
Comment 8 Noam Rosenthal 2010-04-16 13:30:25 PDT
Created attachment 53557 [details]
oops, wrong upload
Comment 9 Antti Koivisto 2010-04-16 13:32:25 PDT
Comment on attachment 53557 [details]
oops, wrong upload

r=me
Comment 10 WebKit Commit Bot 2010-04-16 14:17:08 PDT
Comment on attachment 53557 [details]
oops, wrong upload

Clearing flags on attachment: 53557

Committed r57744: <http://trac.webkit.org/changeset/57744>
Comment 11 WebKit Commit Bot 2010-04-16 14:17:14 PDT
All reviewed patches have been landed.  Closing bug.
Comment 12 Simon Hausmann 2010-04-20 12:03:59 PDT
Revision r57744 cherry-picked into qtwebkit-2.0 with commit ab6549543c9d585129dff1981f3aaa546430407e