118965 – segfault in RenderLayerCompositor when the iframe's position attribute is changed and it embeds <object>.

Bug 118965 - segfault in RenderLayerCompositor when the iframe's position attribute is changed and it embeds <object>.

Summary: segfault in RenderLayerCompositor when the iframe's position attribute is cha...

Status:	RESOLVED FIXED

Alias:	None

Product:	WebKit
Classification:	Unclassified
Component:	Frames (show other bugs)
Version:	528+ (Nightly build)
Hardware:	Unspecified Unspecified

Importance:	P2 Normal
Assignee:	zalan

URL:	http://highwaymedianew.squarespace.com
Keywords:	InRadar

Depends on:
Blocks:

Reported:	2013-07-22 05:47 PDT by zalan
Modified:	2013-07-22 15:08 PDT (History)
CC List:	9 users (show)

See Also:

Attachments
test reduction (502 bytes, text/html) 2013-07-22 05:48 PDT, zalan	no flags	Details
Patch (5.04 KB, patch) 2013-07-22 12:39 PDT, zalan	no flags	Details \| Formatted Diff \| Diff
Patch (5.03 KB, patch) 2013-07-22 12:41 PDT, zalan	no flags	Details \| Formatted Diff \| Diff
Patch (8.62 KB, patch) 2013-07-22 14:13 PDT, zalan	no flags	Details \| Formatted Diff \| Diff
Show Obsolete (2) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description zalan 2013-07-22 05:47:49 PDT

1. visit http://highwaymedianew.squarespace.com
2. resize window to a small size
3. crash when windows is about 400px wide

Comment 1 zalan 2013-07-22 05:48:11 PDT

<rdar://problem/14403809>

Comment 2 zalan 2013-07-22 05:48:56 PDT

Created attachment 207241 [details]
test reduction

Comment 3 zalan 2013-07-22 12:39:02 PDT

Created attachment 207263 [details]
Patch

Comment 4 zalan 2013-07-22 12:41:39 PDT

Created attachment 207264 [details]
Patch

Comment 5 Simon Fraser (smfr) 2013-07-22 13:03:44 PDT

Comment on attachment 207264 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=207264&action=review

> LayoutTests/fast/frames/resources/plugin.html:1
> +<object type='application/x-shockwave-flash'></object>

You should use the test Netscape plugin, with its drawing mode set to make it composited. We should not require Flash to be installed for layout tests.

Comment 6 zalan 2013-07-22 13:13:10 PDT

(In reply to comment #5)
> (From update of attachment 207264 [details])
> View in context: https://bugs.webkit.org/attachment.cgi?id=207264&action=review
> 
> > LayoutTests/fast/frames/resources/plugin.html:1
> > +<object type='application/x-shockwave-flash'></object>
> 
> You should use the test Netscape plugin, with its drawing mode set to make it composited. We should not require Flash to be installed for layout tests.

Indeed. I was under the impression that it does not actually need the plugin to be installed, but going with the Netscape plugin is anyway a better way of doing it. Thanks!

Comment 7 zalan 2013-07-22 14:13:37 PDT

Created attachment 207278 [details]
Patch

Comment 8 WebKit Commit Bot 2013-07-22 15:08:53 PDT

Comment on attachment 207278 [details]
Patch

Clearing flags on attachment: 207278

Committed r153003: <http://trac.webkit.org/changeset/153003>

Comment 9 WebKit Commit Bot 2013-07-22 15:08:57 PDT

All reviewed patches have been landed.  Closing bug.