WebKit Bugzilla
New
Browse
Log In
×
Sign in with GitHub
or
Remember my login
Create Account
·
Forgot Password
Forgotten password account recovery
RESOLVED DUPLICATE of
bug 135514
140455
[Win] Crashes due to invalid RenderLayer::m_enclosingPaginationLayer
https://bugs.webkit.org/show_bug.cgi?id=140455
Summary
[Win] Crashes due to invalid RenderLayer::m_enclosingPaginationLayer
Brent Fulgham
Reported
2015-01-14 10:48:33 PST
I have found that a number of layout tests are crashing on Windows in release builds because the RenderLayer's m_enclosingPaginationLayer is invalid. Debugging indicates the following: 1. In RenderLayer::updatePagination(), the RenderLayer sets its m_enclosingPaginationLayer to the result of parent()->enclosingPaginationLayer(IncludeCompositedPaginatedLayers); This is a valid RenderLayer. 2. Later, the RenderLayer we assigned in the first step is deleted during a later stage of layout. 3. RenderLayer::m_enclosingPaginationLayer is not set to nullptr, and becomes a dangling pointer. 4. Later, RenderLayer::hasCompositedLayerInEnclosingPaginationChain() is called, which attempts to call 'isComposited' through the garbage m_enclosingPaginationLayer. The issue seems to be that the destruction of the RenderLayer referenced by m_enclosingPaginationLayer is not communicated back to the RenderLayer holding this pointer, so it doesn't know that the value is invalid.
Attachments
Some dump analysis.
(21.02 KB, application/octet-stream)
2015-01-14 11:53 PST
,
Brent Fulgham
no flags
Details
View All
Add attachment
proposed patch, testcase, etc.
Simon Fraser (smfr)
Comment 1
2015-01-14 10:59:17 PST
Smells like
rdar://problem/17873488
Brent Fulgham
Comment 2
2015-01-14 11:23:54 PST
I wonder if this is only hit in WK1?
Brent Fulgham
Comment 3
2015-01-14 11:28:53 PST
I am seeing this with the test "fast/dynamic/layer-no-longer-paginated.html"
Brent Fulgham
Comment 4
2015-01-14 11:53:03 PST
Created
attachment 244627
[details]
Some dump analysis.
Simon Fraser (smfr)
Comment 5
2015-01-14 12:02:30 PST
This is exactly
rdar://problem/17873488
Brent Fulgham
Comment 6
2015-01-14 13:30:29 PST
*** This bug has been marked as a duplicate of
bug 135514
***
Note
You need to
log in
before you can comment on or make changes to this bug.
Top of Page
Format For Printing
XML
Clone This Bug