21335 – CrashTracer reports many crashes at WebCore::CSSFontSelector::getFontData

Bug 21335 - CrashTracer reports many crashes at WebCore::CSSFontSelector::getFontData

Summary: CrashTracer reports many crashes at WebCore::CSSFontSelector::getFontData

Status:	RESOLVED FIXED

Alias:	None

Product:	WebKit
Classification:	Unclassified
Component:	CSS (show other bugs)
Version:	528+ (Nightly build)
Hardware:	Mac OS X 10.5

Importance:	P2 Normal
Assignee:	Nobody

URL:
Keywords:	InRadar

Depends on:
Blocks:

Reported:	2008-10-03 10:41 PDT by Adele Peterson
Modified:	2008-10-03 11:13 PDT (History)
CC List:	0 users

See Also:

Attachments
patch (1.15 KB, patch) 2008-10-03 10:44 PDT, Adele Peterson	mitz: review+	Details \| Formatted Diff \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Adele Peterson 2008-10-03 10:41:26 PDT

Thread 0 Crashed (i386):
>#0   com.apple.WebCore          0x913367e8  WebCore::Frame::settings() const + 8
  #1   com.apple.WebCore          0x9156827b  WebCore::CSSFontSelector::getFontData(WebCore::FontDescription const&, WebCore::AtomicString const&) + 315
  #2   com.apple.WebCore          0x91568028  WebCore::FontCache::getFontData(WebCore::Font const&, int&, WebCore::FontSelector*) + 184
  #3   com.apple.WebCore          0x9137a3a9  WebCore::FontFallbackList::fontDataAt(WebCore::Font const*, unsigned int) const + 73
  #4   com.apple.WebCore          0x9137a341  WebCore::Font::cachePrimaryFont() const + 33
  #5   com.apple.WebCore          0x914c0a0b  WebCore::PopupMenu::populate() + 1211
  #6   com.apple.WebCore          0x914bfafd  WebCore::PopupMenu::show(WebCore::IntRect const&, WebCore::FrameView*, int) + 29
  #7   com.apple.WebCore          0x914bfa39  WebCore::RenderMenuList::showPopup() + 185
  #8   com.apple.WebCore          0x914bd039  WebCore::HTMLSelectElement::menuListDefaultEventHandler(WebCore::Event*) + 473
  #9   com.apple.WebCore          0x914bce02  WebCore::HTMLSelectElement::defaultEventHandler(WebCore::Event*) + 130
  #10  com.apple.WebCore          0x91375b23  WebCore::EventTarget::dispatchGenericEvent(WebCore::EventTargetNode*, WTF::PassRefPtr<WebCore::Event>, int&, bool) + 707
  #11  com.apple.WebCore          0x9137576f  WebCore::EventTargetNode::dispatchEvent(WTF::PassRefPtr<WebCore::Event>, int&, bool) + 255
  #12  com.apple.WebCore          0x9153303d  WebCore::EventTargetNode::dispatchMouseEvent(WebCore::AtomicString const&, int, int, int, int, int, int, bool, bool, bool, bool, bool, WebCore::Node*, WTF::PassRefPtr<WebCore::Event>) + 509
  #13  com.apple.WebCore          0x91532df5  WebCore::EventTargetNode::dispatchMouseEvent(WebCore::PlatformMouseEvent const&, WebCore::AtomicString const&, int, WebCore::Node*) + 165
  #14  com.apple.WebCore          0x915328f5  WebCore::EventHandler::dispatchMouseEvent(WebCore::AtomicString const&, WebCore::Node*, bool, int, WebCore::PlatformMouseEvent const&, bool) + 101
  #15  com.apple.WebCore          0x914a2647  WebCore::EventHandler::handleMousePressEvent(WebCore::PlatformMouseEvent const&) + 551
  #16  com.apple.WebCore          0x914a2376  WebCore::EventHandler::mouseDown(NSEvent*) + 534
  #17  com.apple.WebKit           0x91217efe  -[WebHTMLView mouseDown:] + 462
  #18  com.apple.AppKit           0x9202fac3  -[NSWindow sendEvent:] + 5381
  #19  com.apple.Safari           0x0002b3c3
  #20  com.apple.AppKit           0x91ffc714  -[NSApplication sendEvent:] + 2780
  #21  com.apple.Safari           0x0002ae48
  #22  com.apple.AppKit           0x91f5a0f9  -[NSApplication run] + 847
  #23  com.apple.AppKit           0x91f2730a  NSApplicationMain + 574
  #24  com.apple.Safari           0x000b9906

Comment 1 Adele Peterson 2008-10-03 10:42:28 PDT

<rdar://problem/6012018>

Comment 2 Adele Peterson 2008-10-03 10:44:06 PDT

Created attachment 24055 [details]
patch

Haven't made a test.  I don't really know what triggers this, but it seems clear we should be nil checking the frame.

Comment 3 Adele Peterson 2008-10-03 10:45:27 PDT

Probably has something to do with a menu being displayed as the frame goes away.

Comment 4 mitz 2008-10-03 10:54:15 PDT

Comment on attachment 24055 [details]
patch

r=me

Comment 5 Adele Peterson 2008-10-03 11:13:59 PDT

Committed revision 37243.