Bug 99350 - REGRESSION (r131238): Repro crash in WebCore::ScrollingStateTree::removeNode(WebCore::ScrollingStateNode*) opening pdf page
Summary: REGRESSION (r131238): Repro crash in WebCore::ScrollingStateTree::removeNode(...
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: Layout and Rendering (show other bugs)
Version: 528+ (Nightly build)
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: Beth Dakin
URL:
Keywords: InRadar, Regression
Depends on:
Blocks:
 
Reported: 2012-10-15 12:27 PDT by Beth Dakin
Modified: 2012-10-15 12:40 PDT (History)
1 user (show)

See Also:


Attachments
Patch (1.96 KB, patch)
2012-10-15 12:34 PDT, Beth Dakin
simon.fraser: review+
Details | Formatted Diff | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Beth Dakin 2012-10-15 12:27:10 PDT
<rdar://problem/12499839>

Correction to steps:
1. on google.com look for a PDF
2. click first pdf link. I don't seem to reproduce when opening pdf link from history list.


Thread 0 Crashed:: Dispatch queue: com.apple.main-thread
0   com.apple.WebCore             	0x00007fffba6b2f3c WebCore::ScrollingStateTree::removeNode(WebCore::ScrollingStateNode*) + 28
1   com.apple.WebCore             	0x00007fffba52334f WebCore::ScrollingCoordinatorMac::detachFromStateTree(unsigned long long) + 63
2   com.apple.WebCore             	0x00007fffba486dda WebCore::RenderLayerBacking::~RenderLayerBacking() + 410
3   com.apple.WebCore             	0x00007fffb9a8c91e WebCore::RenderLayerBacking::~RenderLayerBacking() + 14
4   com.apple.WebCore             	0x00007fffba4795f4 WebCore::RenderLayer::~RenderLayer() + 724
5   com.apple.WebCore             	0x00007fffb99e71fe WebCore::RenderLayer::~RenderLayer() + 14
6   com.apple.WebCore             	0x00007fffb99e71de WebCore::RenderLayer::destroy(WebCore::RenderArena*) + 30
7   com.apple.WebCore             	0x00007fffba4f8651 WebCore::RenderLayerModelObject::destroyLayer() + 33
8   com.apple.WebCore             	0x00007fffba49ee84 WebCore::RenderObject::willBeDestroyed() + 260
9   com.apple.WebCore             	0x00007fffba44e9d4 WebCore::RenderBoxModelObject::willBeDestroyed() + 132
10  com.apple.WebCore             	0x00007fffba4407ee WebCore::RenderBox::willBeDestroyed() + 78
11  com.apple.WebCore             	0x00007fffba41c15e WebCore::RenderBlock::willBeDestroyed() + 382
12  com.apple.WebCore             	0x00007fffb99e5cf2 WebCore::RenderObject::destroy() + 18
13  com.apple.WebCore             	0x00007fffb99e5932 WebCore::Document::detach() + 706
14  com.apple.WebCore             	0x00007fffb9d1d989 WebCore::CachedFrame::destroy() + 201
15  com.apple.WebCore             	0x00007fffb9d1d878 WebCore::CachedPage::destroy() + 24
16  com.apple.WebCore             	0x00007fffb9ac454f WebCore::PageCache::releaseAutoreleasedPagesNow() + 159
17  com.apple.WebCore             	0x00007fffb997463f WebCore::ThreadTimers::sharedTimerFiredInternal() + 159
18  com.apple.WebCore             	0x00007fffba53f83a WebCore::timerFired(__CFRunLoopTimer*, void*) + 58
19  com.apple.CoreFoundation      	0x00007fffb9052974 __CFRUNLOOP_IS_CALLING_OUT_TO_A_TIMER_CALLBACK_FUNCTION__ + 20
20  com.apple.CoreFoundation      	0x00007fffb9052485 __CFRunLoopDoTimer + 1045
21  com.apple.CoreFoundation      	0x00007fffb90384ae __CFRunLoopRun + 1390
22  com.apple.CoreFoundation      	0x00007fffb9037b39 CFRunLoopRunSpecific + 297
23  com.apple.HIToolbox           	0x00007fffb93c48f2 RunCurrentEventLoopInMode + 231
24  com.apple.HIToolbox           	0x00007fffb93c46a2 ReceiveNextEventCommon + 420
25  com.apple.HIToolbox           	0x00007fffb94d5cdc _BlockUntilNextEventMatchingListInModeWithFilter + 65
26  com.apple.AppKit              	0x00007fffbfe8ce54 _DPSNextEvent + 1452
27  com.apple.AppKit              	0x00007fffbfe8c431 -[NSApplication nextEventMatchingMask:untilDate:inMode:dequeue:] + 119
28  com.apple.AppKit              	0x00007fffbfe845ca -[NSApplication run] + 542
29  com.apple.AppKit              	0x00007fffbfe2d356 NSApplicationMain + 911
30  com.apple.XPCService          	0x00007fffbd60b059 _xpc_main + 385
31  libxpc.dylib                  	0x00007fffc0eaefdd xpc_main + 299
32  com.apple.WebKit2             	0x00007fffc0ff7614 WebProcessServiceMain + 35
33  libdyld.dylib                 	0x00007fffb7ffb76d start + 1
Comment 1 Beth Dakin 2012-10-15 12:34:47 PDT
Created attachment 168754 [details]
Patch
Comment 2 Beth Dakin 2012-10-15 12:40:20 PDT
Thanks, Simon! http://trac.webkit.org/changeset/131336