This has been seen on the field. Looks like RenderView is null. Don't know how to repro. Thread 0 name: Dispatch queue: com.apple.main-thread Thread 0 Crashed: 0 WebCore 0x3778ff90 WebCore::RenderView::getRetainedWidgets(WTF::Vector<WebCore::RenderWidget*, 0ul>&) (HashTable.h:315) 1 WebCore 0x3778ff20 WebCore::RenderView::updateWidgetPositions() (Vector.h:326) 2 WebCore 0x3779178e WebCore::FrameView::performPostLayoutTasks() (FrameView.cpp:2224) 3 WebCore 0x37771962 WebCore::FrameView::layout(bool) (FrameView.cpp:951) 4 WebCore 0x37915e02 WebCore::RenderFrameBase::layoutWithFlattening(bool, bool) (RenderFrameBase.cpp:50) 5 WebCore 0x3788e98a WebCore::RenderIFrame::layout() (RenderIFrame.cpp:119) 6 WebCore 0x37778330 WebCore::RenderBlock::layoutInlineChildren(bool, int&, int&) (RenderObject.h:573) 7 WebCore 0x37773a1c WebCore::RenderBlock::layoutBlock(bool, int) (RenderBlock.cpp:1269) 8 WebCore 0x37772d3a WebCore::RenderBlock::layout() (RenderBlock.cpp:1167) 9 WebCore 0x37775bd6 WebCore::RenderBlock::layoutBlockChild(WebCore::RenderBox*, WebCore::RenderBlock::MarginInfo&, int&, int&) (RenderBlock.cpp:2009) 10 WebCore 0x377751a8 WebCore::RenderBlock::layoutBlockChildren(bool, int&) (RenderBlock.cpp:1947) 11 WebCore 0x37773a28 WebCore::RenderBlock::layoutBlock(bool, int) (RenderBlock.cpp:1271) 12 WebCore 0x37772d3a WebCore::RenderBlock::layout() (RenderBlock.cpp:1167) 13 WebCore 0x37775bd6 WebCore::RenderBlock::layoutBlockChild(WebCore::RenderBox*, WebCore::RenderBlock::MarginInfo&, int&, int&) (RenderBlock.cpp:2009) 14 WebCore 0x377751a8 WebCore::RenderBlock::layoutBlockChildren(bool, int&) (RenderBlock.cpp:1947) 15 WebCore 0x37773a28 WebCore::RenderBlock::layoutBlock(bool, int) (RenderBlock.cpp:1271) 16 WebCore 0x37772d3a WebCore::RenderBlock::layout() (RenderBlock.cpp:1167) 17 WebCore 0x37775bd6 WebCore::RenderBlock::layoutBlockChild(WebCore::RenderBox*, WebCore::RenderBlock::MarginInfo&, int&, int&) (RenderBlock.cpp:2009) 18 WebCore 0x377751a8 WebCore::RenderBlock::layoutBlockChildren(bool, int&) (RenderBlock.cpp:1947) 19 WebCore 0x37773a28 WebCore::RenderBlock::layoutBlock(bool, int) (RenderBlock.cpp:1271) 20 WebCore 0x37772d3a WebCore::RenderBlock::layout() (RenderBlock.cpp:1167) 21 WebCore 0x37775bd6 WebCore::RenderBlock::layoutBlockChild(WebCore::RenderBox*, WebCore::RenderBlock::MarginInfo&, int&, int&) (RenderBlock.cpp:2009) 22 WebCore 0x377751a8 WebCore::RenderBlock::layoutBlockChildren(bool, int&) (RenderBlock.cpp:1947) 23 WebCore 0x37773a28 WebCore::RenderBlock::layoutBlock(bool, int) (RenderBlock.cpp:1271) 24 WebCore 0x37772d3a WebCore::RenderBlock::layout() (RenderBlock.cpp:1167) 25 WebCore 0x37775bd6 WebCore::RenderBlock::layoutBlockChild(WebCore::RenderBox*, WebCore::RenderBlock::MarginInfo&, int&, int&) (RenderBlock.cpp:2009) 26 WebCore 0x377751a8 WebCore::RenderBlock::layoutBlockChildren(bool, int&) (RenderBlock.cpp:1947) 27 WebCore 0x37773a28 WebCore::RenderBlock::layoutBlock(bool, int) (RenderBlock.cpp:1271) 28 WebCore 0x37772d3a WebCore::RenderBlock::layout() (RenderBlock.cpp:1167) 29 WebCore 0x378488e0 WebCore::RenderBlock::insertFloatingObject(WebCore::RenderBox*) (RenderObject.h:573) 30 WebCore 0x377a1bf0 WebCore::RenderBlock::LineBreaker::skipLeadingWhitespace(WebCore::BidiResolver<WebCore::InlineIterator, WebCore::BidiRun>&, WebCore::LineInfo const&, WebCore::RenderBlock::FloatingObject*, WebCore::LineWidth&) (RenderBlockLineLayout.cpp:1550) 31 WebCore 0x3779f6ba WebCore::RenderBlock::LineBreaker::nextLineBreak(WebCore::BidiResolver<WebCore::InlineIterator, WebCore::BidiRun>&, WebCore::LineInfo&, std::pair<WebCore::RenderText*, WebCore::LazyLineBreakIterator>&, WebCore::RenderBlock::FloatingObject*) (RenderBlockLineLayout.cpp:1845) 32 WebCore 0x3779e618 WebCore::RenderBlock::layoutRunsAndFloats(WebCore::LineLayoutState&, bool, WTF::Vector<WebCore::RenderBlock::FloatWithRect, 0ul>&) (RenderBlockLineLayout.cpp:948) 33 WebCore 0x37778372 WebCore::RenderBlock::layoutInlineChildren(bool, int&, int&) (RenderBlockLineLayout.cpp:1188) 34 WebCore 0x37773a1c WebCore::RenderBlock::layoutBlock(bool, int) (RenderBlock.cpp:1269) 35 WebCore 0x37772d3a WebCore::RenderBlock::layout() (RenderBlock.cpp:1167) 36 WebCore 0x37775bd6 WebCore::RenderBlock::layoutBlockChild(WebCore::RenderBox*, WebCore::RenderBlock::MarginInfo&, int&, int&) (RenderBlock.cpp:2009) 37 WebCore 0x377751a8 WebCore::RenderBlock::layoutBlockChildren(bool, int&) (RenderBlock.cpp:1947) 38 WebCore 0x37773a28 WebCore::RenderBlock::layoutBlock(bool, int) (RenderBlock.cpp:1271) 39 WebCore 0x37772d3a WebCore::RenderBlock::layout() (RenderBlock.cpp:1167) 40 WebCore 0x37775bd6 WebCore::RenderBlock::layoutBlockChild(WebCore::RenderBox*, WebCore::RenderBlock::MarginInfo&, int&, int&) (RenderBlock.cpp:2009) 41 WebCore 0x377751a8 WebCore::RenderBlock::layoutBlockChildren(bool, int&) (RenderBlock.cpp:1947) 42 WebCore 0x37773a28 WebCore::RenderBlock::layoutBlock(bool, int) (RenderBlock.cpp:1271) 43 WebCore 0x37772d3a WebCore::RenderBlock::layout() (RenderBlock.cpp:1167) 44 WebCore 0x37775bd6 WebCore::RenderBlock::layoutBlockChild(WebCore::RenderBox*, WebCore::RenderBlock::MarginInfo&, int&, int&) (RenderBlock.cpp:2009) 45 WebCore 0x377751a8 WebCore::RenderBlock::layoutBlockChildren(bool, int&) (RenderBlock.cpp:1947) 46 WebCore 0x37773a28 WebCore::RenderBlock::layoutBlock(bool, int) (RenderBlock.cpp:1271) 47 WebCore 0x37772d3a WebCore::RenderBlock::layout() (RenderBlock.cpp:1167) 48 WebCore 0x37772cf8 WebCore::RenderView::layout() (RenderView.cpp:130) 49 WebCore 0x37771ea8 WebCore::FrameView::layout(bool) (FrameView.cpp:1078) 50 WebCore 0x37781326 WebCore::Document::updateLayout() (Document.cpp:1704) 51 WebCore 0x37788666 WebCore::VisibleSelection::toNormalizedRange() const (Node.h:365) 52 WebKit 0x31bb782e -[WebFrame(WebPrivate) selectedDOMRange] (FrameSelection.h:190)
<rdar://problem/10156800>
Created attachment 145536 [details] patch
Comment on attachment 145536 [details] patch LGTM. root->updateWidgetPositions() calls are null checked at other places too.
http://trac.webkit.org/changeset/119378