Bug 44629

Summary: Crash when switching to tiled layer when parent is also a tiled layer
Product: WebKit Reporter: Chris Marrin <cmarrin>
Component: Layout and RenderingAssignee: Chris Marrin <cmarrin>
Status: RESOLVED FIXED    
Severity: Normal Keywords: InRadar
Priority: P2    
Version: 528+ (Nightly build)   
Hardware: PC   
OS: Windows 7   
Attachments:
Description Flags
test showing problem
none
Patch with test case simon.fraser: review+

Chris Marrin
Reported 2010-08-25 11:49:03 PDT
There is a case (found with a Bing page) where causing a layer to go from non-tiled to tiled causes a crash when that layer has a tiled layer parent. A test case is forthcoming.
Attachments
test showing problem (1.45 KB, text/html)
2010-08-25 13:29 PDT, Chris Marrin 		no flags
Details
Patch with test case (12.80 KB, patch)
2010-08-25 15:09 PDT, Chris Marrin 		simon.fraser: review+
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Chris Marrin
Comment 1 2010-08-25 13:29:27 PDT
Created attachment 65466 [details] test showing problem
Chris Marrin
Comment 2 2010-08-25 15:09:12 PDT
Created attachment 65479 [details] Patch with test case
Chris Marrin
Comment 3 2010-08-25 15:12:12 PDT
rdar://problem/8223788
Simon Fraser (smfr)
Comment 4 2010-08-25 15:17:03 PDT
Comment on attachment 65479 [details] Patch with test case WebCore/platform/graphics/win/WKCACFLayer.h:65 + ASSERT(CACFLayerGetUserData(layer) != reinterpret_cast<void*>(0xDeadBeef)); I think 0xDeadBeef should be all lower- or uppercase. WebCore/platform/graphics/win/WKCACFLayer.cpp:185 + CACFLayerSetUserData(layer(), reinterpret_cast<void*>(0xDeadBeef)); Only do this in debug builds. Seems like the underlying cause is that we mess with sublayerCount() for tiled layers. It would be nice to find a way to avoid that source of confusion.
Chris Marrin
Comment 5 2010-08-26 10:33:06 PDT
Landed in http://trac.webkit.org/changeset/66050
Note You need to log in before you can comment on or make changes to this bug.