155885 – RenderImage::repaintOrMarkForLayout fails when the renderer is detached.

RESOLVED FIXED 155885

RenderImage::repaintOrMarkForLayout fails when the renderer is detached.

https://bugs.webkit.org/show_bug.cgi?id=155885

Summary RenderImage::repaintOrMarkForLayout fails when the renderer is detached.

zalan

Reported 2016-03-25 08:56:19 PDT

Created attachment 274908 [details] backtrace see stacktrace.

Attachments
backtrace (90.34 KB, text/plain) 2016-03-25 08:56 PDT, zalan	no flags	Details
Patch (10.80 KB, patch) 2016-03-25 15:06 PDT, zalan	no flags	Details Formatted Diff Diff
Patch (10.82 KB, patch) 2016-03-25 15:38 PDT, zalan	zalan: commit-queue-	Details Formatted Diff Diff
Patch (10.85 KB, patch) 2016-03-25 15:41 PDT, zalan	no flags	Details Formatted Diff Diff
Show Obsolete (1) View All Add attachment proposed patch, testcase, etc.

Radar WebKit Bug Importer

Comment 1 2016-03-25 08:58:59 PDT

<rdar://problem/25359164>

zalan

Comment 2 2016-03-25 09:45:37 PDT

related to bug 155109

zalan

Comment 3 2016-03-25 15:06:47 PDT

Created attachment 274945 [details] Patch

Simon Fraser (smfr)

Comment 4 2016-03-25 15:14:59 PDT

Comment on attachment 274945 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=274945&action=review > Source/WebCore/rendering/RenderObject.cpp:716 > if (!is<RenderBlock>(parent)) This should just be a null check.

zalan

Comment 5 2016-03-25 15:38:24 PDT

Created attachment 274948 [details] Patch

zalan

Comment 6 2016-03-25 15:41:55 PDT

Created attachment 274949 [details] Patch

WebKit Commit Bot

Comment 7 2016-03-25 16:45:13 PDT

Comment on attachment 274949 [details] Patch Clearing flags on attachment: 274949 Committed r198701: <http://trac.webkit.org/changeset/198701>

WebKit Commit Bot

Comment 8 2016-03-25 16:45:20 PDT

All reviewed patches have been landed. Closing bug.

Michael Catanzaro

Comment 9 2016-04-06 18:12:18 PDT

FYI I am backporting this to our 2.12.0 package in Fedora. We haven't received many crash reports because we don't have 2.12.0 in any stable release yet, but I've gotten several complaints on Bugzilla and IRC. (Thanks for fixing it so quickly, Zalan.)

Michael Catanzaro

Comment 10 2016-04-06 18:13:28 PDT

Notable complaint is that this crash occurs on Google shortly after searching for anything (although I wasn't able to reproduce that myself).

Note You need to log in before you can comment on or make changes to this bug.

Status RESOLVED

Resolution FIXED

Priority P2

Severity Normal

Classification Unclassified

Version WebKit Nightly Build

Hardware Unspecified

OS Unspecified

Product WebKit

Component Layout and Rendering

Assignee

zalan

Reported

2016-03-25 08:56 PDT

Modified

2016-04-06 18:13 PDT History

CC List

12 users Show

URL

Keywords InRadar

Depends on

Blocks