[Webkit-unassigned] [Bug 32172] New: Fix assertion failure in WebCore::RenderBlock::startDelayUpdateScrollInfo

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Fri Dec 4 14:11:24 PST 2009 

https://bugs.webkit.org/show_bug.cgi?id=32172

           Summary: Fix assertion failure in
                    WebCore::RenderBlock::startDelayUpdateScrollInfo
           Product: WebKit
           Version: 528+ (Nightly build)
          Platform: All
        OS/Version: All
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: Layout and Rendering
        AssignedTo: webkit-unassigned at lists.webkit.org
        ReportedBy: agl at chromium.org


startDelayUpdateScrollInfo calls a function that can end up calling
startDelayUpdateScrollInfo again. However, it's static state is inconsistent
when this happens leading to an assertion failure (or probably a memory leak if
assertions are off).

#0  WebCore::RenderBlock::startDelayUpdateScrollInfo ()
    at third_party/WebKit/WebCore/rendering/RenderBlock.cpp:605
#1  0x0000000000f88b9d in WebCore::RenderFlexibleBox::layoutHorizontalBox 
(this=0x2aaab801ea38, 
    relayoutChildren=false) at 
third_party/WebKit/WebCore/rendering/RenderFlexibleBox.cpp:336
#2  0x0000000000f8a0c0 in WebCore::RenderFlexibleBox::layoutBlock 
(this=0x2aaab801ea38, 
    relayoutChildren=false) at 
third_party/WebKit/WebCore/rendering/RenderFlexibleBox.cpp:242
#3  0x0000000000f49b57 in WebCore::RenderBlock::layout (this=0x2aaab801ea38)
    at third_party/WebKit/WebCore/rendering/RenderBlock.cpp:649
#4  0x0000000000f4d881 in WebCore::RenderObject::layoutIfNeeded
(this=0x2aaab801ea38)
    at third_party/WebKit/WebCore/rendering/RenderObject.h:496
#5  0x0000000000f66caf in WebCore::RenderBlock::layoutInlineChildren 
(this=0x2aaab801dc68, 
    relayoutChildren=true, repaintTop=@0x7fffffffbd4c,
repaintBottom=@0x7fffffffbd48)
    at third_party/WebKit/WebCore/rendering/RenderBlockLineLayout.cpp:865
#6  0x0000000000f4a1db in WebCore::RenderBlock::layoutBlock
(this=0x2aaab801dc68, 
relayoutChildren=true)
    at third_party/WebKit/WebCore/rendering/RenderBlock.cpp:723
#7  0x0000000000fa42c7 in WebCore::RenderLayer::updateScrollInfoAfterLayout 
(this=0x2aaab801dd48)
    at third_party/WebKit/WebCore/rendering/RenderLayer.cpp:1872
#8  0x0000000000f4a90a in WebCore::RenderBlock::finishDelayUpdateScrollInfo ()
    at third_party/WebKit/WebCore/rendering/RenderBlock.cpp:623
#9  0x0000000000f89a58 in WebCore::RenderFlexibleBox::layoutHorizontalBox 
(this=0x2aaab801c0a8, 
    relayoutChildren=false) at 
third_party/WebKit/WebCore/rendering/RenderFlexibleBox.cpp:558

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

More information about the webkit-unassigned mailing list