Bug 41028

Summary: WebCore::FrameView::beginDeferredRepaints() Crashing Webkit Frequently
Product: WebKit Reporter: Aaron Smith <beingthexemplary>
Component: Layout and RenderingAssignee: Nobody <webkit-unassigned>
Status: RESOLVED DUPLICATE    
Severity: Normal CC: ap, mitz, simon.fraser
Priority: P1    
Version: 528+ (Nightly build)   
Hardware: Mac   
OS: OS X 10.6   
Attachments:
Description Flags
Crash Reporter Crash File
none
snapshot of what the address bar lookslike none

Aaron Smith
Reported 2010-06-22 19:18:51 PDT
Created attachment 59462 [details] Crash Reporter Crash File This bug started happening two nights ago when I got the latest nightly. I've since updated and got the latest nightly (from last night) and it's still happening so I thought I'd report it. This is actually the first thing I've ever noticed with webkit which is why I wanted to report it. The domain you can browse around on to get the browser to consistently crash is http://www.plentyoffish.com/. It has happened on other domains, but this domain is really consistent with crashing. Also, sorry I changed the priorities and severity. You can change them back to whatever you want. Attached a crash reporter file.
Attachments
Crash Reporter Crash File (39.32 KB, text/plain)
2010-06-22 19:18 PDT, Aaron Smith 		no flags
Details
snapshot of what the address bar lookslike (601.31 KB, image/png)
2010-06-23 18:47 PDT, Aaron Smith 		no flags
Details
View All Add attachment proposed patch, testcase, etc.
mitz
Comment 1 2010-06-23 14:41:14 PDT
Thanks for the bug report! I loaded and reloaded <http://www.plentyoffish.com/> multiple times with a nightly build of r61670 but the crash didn’t happen. Do you see the crash on that page or on an internal page in the website?
Aaron Smith
Comment 2 2010-06-23 18:46:20 PDT
I did some more digging. It's definitely not reproducible in in a consistent pattern. One thing I notice is that every time it crashes, it's like something is happening on the page, that leads up to the crash. On thing that's noticeable is that the status indicator in the address bar (the blue progress loader behind the address in the address bar) never goes away. It'll just sit there for a while, some times it goes up and down. And when the browser does crash, usually the loading bar was in this funky state. The pages i'm on that seem to trigger it the most are "Inbox" and "Snt Message" (only available if you're logged in). I've attached a snapshot of what the address bar does.
Aaron Smith
Comment 3 2010-06-23 18:47:22 PDT
Created attachment 59597 [details] snapshot of what the address bar lookslike
mitz
Comment 4 2010-06-23 19:55:30 PDT
Null-checking m_frame again after calling performPostLayoutTasks() at the beginning of FrameView::layout() will probably fix this crash, but I would like to be able to reproduce it and understand it better first.
Alexey Proskuryakov
Comment 5 2010-06-23 23:14:58 PDT
See also: bug 41120.
Alexey Proskuryakov
Comment 6 2010-06-24 17:05:10 PDT
I've seeing a crash on plentyoffish.com that's caused by bug 41178, and I'm fairly sure it has the same root cause. That bug is now fixed, and the fix will be in the next nightly. I'd really appreciate if you could let us know whether the problem is indeed fixed for you. *** This bug has been marked as a duplicate of bug 41178 ***
Aaron Smith
Comment 7 2010-06-25 19:34:12 PDT
Yes, it's fixed. Nice job and thanks!
Note You need to log in before you can comment on or make changes to this bug.