Bug 141324 - REGRESSION(r179706): Caused memory corruption on some tests
Summary: REGRESSION(r179706): Caused memory corruption on some tests
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: Layout and Rendering (show other bugs)
Version: 528+ (Nightly build)
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: WebKit Commit Bot
URL:
Keywords:
Depends on:
Blocks: 136544
  Show dependency treegraph
 
Reported: 2015-02-05 22:24 PST by WebKit Commit Bot
Modified: 2015-02-06 10:56 PST (History)
6 users (show)

See Also:

Attachments
ROLLOUT of r179706 (4.07 KB, patch)
2015-02-05 22:24 PST, WebKit Commit Bot 		no flags Details | Formatted Diff | Diff
Patch (3.21 KB, patch)
2015-02-06 00:21 PST, Maciej Stachowiak 		ap: review+
Details | Formatted Diff | Diff
Show Obsolete (1) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description WebKit Commit Bot 2015-02-05 22:24:01 PST 
http://trac.webkit.org/changeset/179706 broke the build:
Caused memory corruption on some tests (Requested by _ap_ on #webkit).

This is an automatic bug report generated by webkitbot. If this bug
report was created because of a flaky test, please file a bug for the flaky
test (if we don't already have one on file) and dup this bug against that bug
so that we can track how often these flaky tests fail.
Comment 1 WebKit Commit Bot 2015-02-05 22:24:31 PST 
Created attachment 246150 [details]
ROLLOUT of r179706

Any committer can land this patch automatically by marking it commit-queue+.  The commit-queue will build and test the patch before landing to ensure that the rollout will be successful.  This process takes approximately 15 minutes.

If you would like to land the rollout faster, you can use the following command:

  webkit-patch land-attachment ATTACHMENT_ID

where ATTACHMENT_ID is the ID of this attachment.
Comment 2 Maciej Stachowiak 2015-02-06 00:21:22 PST 
Created attachment 246152 [details]
Patch
Comment 3 Alexey Proskuryakov 2015-02-06 00:29:13 PST 
Comment on attachment 246152 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=246152&action=review

> Source/WebCore/rendering/RenderLineBoxList.cpp:390
> +        if (auto prevBox = box->prevRootBox())

There are different opinions on this, however I find it much preferable to see which classes I'm dealing with (i.e., I'd write this as RootInlineBox* previousBox = box->prevRootBox()).

> Source/WebCore/rendering/RenderLineBoxList.cpp:392
> +        // FIXME: Always dirty the next line. This is only strictly necessary some of the time, 

This sounds like a command (as if we needed always dirty the next line, but didn't).

> Source/WebCore/rendering/RenderLineBoxList.cpp:394
> +        // but it's hard to safely and completely compute the conditions under which it's safe 
> +        // not to.

I'd omit this, as it doesn't explain what is hard about this, and is thus unhelpful to the reader.
Comment 4 Alexey Proskuryakov 2015-02-06 09:27:50 PST 
Ping?
Comment 5 zalan 2015-02-06 10:14:37 PST 
(In reply to comment #3)
> Comment on attachment 246152 [details]
> Patch
> 
> View in context:
> https://bugs.webkit.org/attachment.cgi?id=246152&action=review
> 
> > Source/WebCore/rendering/RenderLineBoxList.cpp:390
> > +        if (auto prevBox = box->prevRootBox())
> 
> There are different opinions on this, however I find it much preferable to
> see which classes I'm dealing with (i.e., I'd write this as RootInlineBox*
> previousBox = box->prevRootBox()).
I am in favor of not over-using auto, but I think in this case auto is acceptable as the method (prev/nextRootBox()) hints that the return type is a root box.

Hopefully the perf bots will catch if there's any inline layout performance impact of this change.
Comment 6 Maciej Stachowiak 2015-02-06 10:56:52 PST 
Committed r179750: <http://trac.webkit.org/changeset/179750>