Reading the webkit-changes email for r30444 in GMail crashes ToT: Thread 0 Crashed: 0 com.apple.WebCore 0x02108150 WebCore::RenderBlock::findNextLineBreak(WebCore::BidiIterator&, WebCore::BidiResolver<WebCore::BidiIterator, WebCore::BidiRun>&) + 6074 (bidi.cpp:1703) 1 com.apple.WebCore 0x0210aa1f WebCore::RenderBlock::layoutInlineChildren(bool, int&, int&) + 3079 (bidi.cpp:969) 2 com.apple.WebCore 0x01ef8e7f WebCore::RenderBlock::layoutBlock(bool) + 1319 (RenderBlock.cpp:581) 3 com.apple.WebCore 0x01ee95f6 WebCore::RenderBlock::layout() + 54 (RenderBlock.cpp:494) 4 com.apple.WebCore 0x01ef7e03 WebCore::RenderBlock::layoutBlockChildren(bool, int&) + 1515 (RenderBlock.cpp:1233) 5 com.apple.WebCore 0x01ef8ea1 WebCore::RenderBlock::layoutBlock(bool) + 1353 (RenderBlock.cpp:586) 6 com.apple.WebCore 0x01ee95f6 WebCore::RenderBlock::layout() + 54 (RenderBlock.cpp:494) 7 com.apple.WebCore 0x01ef7e03 WebCore::RenderBlock::layoutBlockChildren(bool, int&) + 1515 (RenderBlock.cpp:1233) 8 com.apple.WebCore 0x01ef8ea1 WebCore::RenderBlock::layoutBlock(bool) + 1353 (RenderBlock.cpp:586) 9 com.apple.WebCore 0x01ee95f6 WebCore::RenderBlock::layout() + 54 (RenderBlock.cpp:494) 10 com.apple.WebCore 0x01ef7e03 WebCore::RenderBlock::layoutBlockChildren(bool, int&) + 1515 (RenderBlock.cpp:1233) 11 com.apple.WebCore 0x01ef8ea1 WebCore::RenderBlock::layoutBlock(bool) + 1353 (RenderBlock.cpp:586) 12 com.apple.WebCore 0x01ee95f6 WebCore::RenderBlock::layout() + 54 (RenderBlock.cpp:494) 13 com.apple.WebCore 0x01ef7e03 WebCore::RenderBlock::layoutBlockChildren(bool, int&) + 1515 (RenderBlock.cpp:1233) 14 com.apple.WebCore 0x01ef8ea1 WebCore::RenderBlock::layoutBlock(bool) + 1353 (RenderBlock.cpp:586) 15 com.apple.WebCore 0x01ee95f6 WebCore::RenderBlock::layout() + 54 (RenderBlock.cpp:494) 16 com.apple.WebCore 0x01ef7e03 WebCore::RenderBlock::layoutBlockChildren(bool, int&) + 1515 (RenderBlock.cpp:1233) 17 com.apple.WebCore 0x01ef8ea1 WebCore::RenderBlock::layoutBlock(bool) + 1353 (RenderBlock.cpp:586) 18 com.apple.WebCore 0x01ee95f6 WebCore::RenderBlock::layout() + 54 (RenderBlock.cpp:494) 19 com.apple.WebCore 0x01ef7e03 WebCore::RenderBlock::layoutBlockChildren(bool, int&) + 1515 (RenderBlock.cpp:1233) 20 com.apple.WebCore 0x01ef8ea1 WebCore::RenderBlock::layoutBlock(bool) + 1353 (RenderBlock.cpp:586) 21 com.apple.WebCore 0x01ee95f6 WebCore::RenderBlock::layout() + 54 (RenderBlock.cpp:494) 22 com.apple.WebCore 0x01ef7e03 WebCore::RenderBlock::layoutBlockChildren(bool, int&) + 1515 (RenderBlock.cpp:1233) 23 com.apple.WebCore 0x01ef8ea1 WebCore::RenderBlock::layoutBlock(bool) + 1353 (RenderBlock.cpp:586) 24 com.apple.WebCore 0x01ee95f6 WebCore::RenderBlock::layout() + 54 (RenderBlock.cpp:494) 25 com.apple.WebCore 0x01ef7e03 WebCore::RenderBlock::layoutBlockChildren(bool, int&) + 1515 (RenderBlock.cpp:1233) 26 com.apple.WebCore 0x01ef8ea1 WebCore::RenderBlock::layoutBlock(bool) + 1353 (RenderBlock.cpp:586) 27 com.apple.WebCore 0x01ee95f6 WebCore::RenderBlock::layout() + 54 (RenderBlock.cpp:494) 28 com.apple.WebCore 0x01ef9d1f WebCore::RenderObject::layoutIfNeeded() + 41 (RenderObject.h:487) 29 com.apple.WebCore 0x0210a219 WebCore::RenderBlock::layoutInlineChildren(bool, int&, int&) + 1025 (bidi.cpp:876) 30 com.apple.WebCore 0x01ef8e7f WebCore::RenderBlock::layoutBlock(bool) + 1319 (RenderBlock.cpp:581) 31 com.apple.WebCore 0x01f6d145 WebCore::RenderTableCell::layout() + 45 (RenderTableCell.cpp:137) 32 com.apple.WebCore 0x01f71aaf WebCore::RenderTableRow::layout() + 239 (RenderTableRow.cpp:129) 33 com.apple.WebCore 0x01ef9d1f WebCore::RenderObject::layoutIfNeeded() + 41 (RenderObject.h:487) 34 com.apple.WebCore 0x01f0ae32 WebCore::RenderContainer::layout() + 176 (RenderContainer.cpp:497) 35 com.apple.WebCore 0x01f6a4ce WebCore::RenderTable::layout() + 874 (RenderTable.cpp:298) 36 com.apple.WebCore 0x01ef7e03 WebCore::RenderBlock::layoutBlockChildren(bool, int&) + 1515 (RenderBlock.cpp:1233) 37 com.apple.WebCore 0x01ef8ea1 WebCore::RenderBlock::layoutBlock(bool) + 1353 (RenderBlock.cpp:586) 38 com.apple.WebCore 0x01ee95f6 WebCore::RenderBlock::layout() + 54 (RenderBlock.cpp:494) 39 com.apple.WebCore 0x01ef7e03 WebCore::RenderBlock::layoutBlockChildren(bool, int&) + 1515 (RenderBlock.cpp:1233) 40 com.apple.WebCore 0x01ef8ea1 WebCore::RenderBlock::layoutBlock(bool) + 1353 (RenderBlock.cpp:586) 41 com.apple.WebCore 0x01ee95f6 WebCore::RenderBlock::layout() + 54 (RenderBlock.cpp:494) 42 com.apple.WebCore 0x01ef7e03 WebCore::RenderBlock::layoutBlockChildren(bool, int&) + 1515 (RenderBlock.cpp:1233) 43 com.apple.WebCore 0x01ef8ea1 WebCore::RenderBlock::layoutBlock(bool) + 1353 (RenderBlock.cpp:586) 44 com.apple.WebCore 0x01ee95f6 WebCore::RenderBlock::layout() + 54 (RenderBlock.cpp:494) 45 com.apple.WebCore 0x01ef7e03 WebCore::RenderBlock::layoutBlockChildren(bool, int&) + 1515 (RenderBlock.cpp:1233) 46 com.apple.WebCore 0x01ef8ea1 WebCore::RenderBlock::layoutBlock(bool) + 1353 (RenderBlock.cpp:586) 47 com.apple.WebCore 0x01ee95f6 WebCore::RenderBlock::layout() + 54 (RenderBlock.cpp:494) 48 com.apple.WebCore 0x01ef7e03 WebCore::RenderBlock::layoutBlockChildren(bool, int&) + 1515 (RenderBlock.cpp:1233) 49 com.apple.WebCore 0x01ef8ea1 WebCore::RenderBlock::layoutBlock(bool) + 1353 (RenderBlock.cpp:586) 50 com.apple.WebCore 0x01ee95f6 WebCore::RenderBlock::layout() + 54 (RenderBlock.cpp:494) 51 com.apple.WebCore 0x01ef7e03 WebCore::RenderBlock::layoutBlockChildren(bool, int&) + 1515 (RenderBlock.cpp:1233) 52 com.apple.WebCore 0x01ef8ea1 WebCore::RenderBlock::layoutBlock(bool) + 1353 (RenderBlock.cpp:586) 53 com.apple.WebCore 0x01ee95f6 WebCore::RenderBlock::layout() + 54 (RenderBlock.cpp:494) 54 com.apple.WebCore 0x01f92b7e WebCore::RenderView::layout() + 310 (RenderView.cpp:114) 55 com.apple.WebCore 0x01cf087a WebCore::FrameView::layout(bool) + 2160 (FrameView.cpp:471) 56 com.apple.WebCore 0x01f49c87 WebCore::RenderPart::updateWidgetPosition() + 727 (RenderPart.cpp:115) 57 com.apple.WebCore 0x01f93817 WebCore::RenderView::updateWidgetPositions() + 87 (RenderView.cpp:446) 58 com.apple.WebCore 0x01cefe1f WebCore::FrameView::performPostLayoutTasks() + 51 (FrameView.cpp:887) 59 com.apple.WebCore 0x01cf0b19 WebCore::FrameView::layout(bool) + 2831 (FrameView.cpp:516) 60 com.apple.WebCore 0x01ccbc8f WebCore::Frame::forceLayout(bool) + 57 (Frame.cpp:1376) 61 com.apple.WebCore 0x020cb252 -[WebCoreFrameBridge forceLayoutAdjustingViewSize:] + 40 (WebCoreFrameBridge.mm:403) 62 com.apple.WebKit 0x001c8cd0 -[WebHTMLView layoutToMinimumPageWidth:maximumPageWidth:adjustingViewSize:] + 234 (WebHTMLView.mm:2664) 63 com.apple.WebKit 0x001c8de0 -[WebHTMLView layout] + 68 (WebHTMLView.mm:2678) 64 com.apple.WebKit 0x001cfc0b -[WebHTMLView(WebInternal) _layoutIfNeeded] + 195 (WebHTMLView.mm:4811) 65 com.apple.WebKit 0x001cfcec -[WebHTMLView(WebInternal) _web_layoutIfNeededRecursive] + 218 (WebHTMLView.mm:4826) 66 com.apple.WebKit 0x001c3d7c -[WebHTMLView(WebPrivate) viewWillDraw] + 94 (WebHTMLView.mm:1063) 67 com.apple.AppKit 0x917c5516 -[NSView viewWillDraw] + 579 68 com.apple.AppKit 0x917c5516 -[NSView viewWillDraw] + 579 69 com.apple.AppKit 0x917c5516 -[NSView viewWillDraw] + 579 70 com.apple.AppKit 0x917c5516 -[NSView viewWillDraw] + 579 71 com.apple.AppKit 0x917c5516 -[NSView viewWillDraw] + 579 72 com.apple.AppKit 0x917c5516 -[NSView viewWillDraw] + 579 73 com.apple.AppKit 0x917c5516 -[NSView viewWillDraw] + 579 74 com.apple.AppKit 0x917c5516 -[NSView viewWillDraw] + 579 75 com.apple.AppKit 0x917c4bf8 -[NSView _sendViewWillDrawInRect:] + 1015 76 com.apple.AppKit 0x91706ec9 -[NSView displayIfNeeded] + 869 77 com.apple.AppKit 0x91706ab9 -[NSWindow displayIfNeeded] + 189 78 com.apple.Safari 0x000233a9 0x1000 + 140201 79 com.apple.AppKit 0x917068e0 _handleWindowNeedsDisplay + 436 80 com.apple.CoreFoundation 0x943ad9c2 __CFRunLoopDoObservers + 466 81 com.apple.CoreFoundation 0x943aed25 CFRunLoopRunSpecific + 853 82 com.apple.CoreFoundation 0x943afd18 CFRunLoopRunInMode + 88 83 com.apple.HIToolbox 0x910986a0 RunCurrentEventLoopInMode + 283 84 com.apple.HIToolbox 0x910984b9 ReceiveNextEventCommon + 374 85 com.apple.HIToolbox 0x9109832d BlockUntilNextEventMatchingListInMode + 106 86 com.apple.AppKit 0x917047d9 _DPSNextEvent + 657 87 com.apple.AppKit 0x9170408e -[NSApplication nextEventMatchingMask:untilDate:inMode:dequeue:] + 128 88 com.apple.Safari 0x0000965e 0x1000 + 34398 89 com.apple.AppKit 0x916fd0c5 -[NSApplication run] + 795 90 com.apple.AppKit 0x916ca30a NSApplicationMain + 574 91 com.apple.Safari 0x00002a76 0x1000 + 6774
Created attachment 19248 [details] Fix
Comment on attachment 19248 [details] Fix r=me
Fixed in <http://trac.webkit.org/projects/webkit/changeset/30454>.
Looks like this never made it into 3.1. :sigh: I just saw a crash in GMail which I think was this bug.
(In reply to comment #4) > Looks like this never made it into 3.1. :sigh: I just saw a crash in GMail > which I think was this bug. This bug was introduced in <http://trac.webkit.org/projects/webkit/changeset/30412> which is not in 3.1 either.