[Webkit-unassigned] [Bug 115386] New: REGRESSION (r149287?): Assertion failure in fast/frames/flattening/iframe-flattening-crash.html

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Mon Apr 29 16:48:23 PDT 2013 

https://bugs.webkit.org/show_bug.cgi?id=115386

           Summary: REGRESSION (r149287?): Assertion failure in
                    fast/frames/flattening/iframe-flattening-crash.html
           Product: WebKit
           Version: 528+ (Nightly build)
          Platform: Unspecified
        OS/Version: Unspecified
            Status: ASSIGNED
          Keywords: LayoutTestFailure
          Severity: Normal
          Priority: P2
         Component: Frames
        AssignedTo: webkit-unassigned at lists.webkit.org
        ReportedBy: ap at webkit.org
                CC: akling at apple.com


Looks like an assertion started to happen on all WK2 testers reproducibly:

0   com.apple.WebCore                 0x000000010e768a98 WebCore::Document::updateLayout() + 200 (Document.cpp:1881)
1   com.apple.WebCore                 0x000000010e768ad4 WebCore::Document::updateLayout() + 260 (Document.cpp:1888)
2   com.apple.WebCore                 0x000000010e76bf35 WebCore::Document::updateLayoutIgnorePendingStylesheets() + 197 (Document.cpp:1928)
3   com.apple.WebCore                 0x000000010e8c8f37 WebCore::Element::clientWidth() + 39 (Element.cpp:579)
4   com.apple.WebCore                 0x000000010ef8e427 WebCore::jsElementClientWidth(JSC::ExecState*, JSC::JSValue, JSC::PropertyName) + 71 (JSElement.cpp:384)
5   com.apple.JavaScriptCore          0x000000010d253a99 JSC::PropertySlot::getValue(JSC::ExecState*, JSC::PropertyName) const + 249 (PropertySlot.h:76)
6   com.apple.JavaScriptCore          0x000000010d26c312 JSC::JSValue::get(JSC::ExecState*, JSC::PropertyName, JSC::PropertySlot&) const + 242 (JSCJSValueInlines.h:639)
7   com.apple.JavaScriptCore          0x000000010d5c7cd1 llint_slow_path_get_by_id + 241 (LLIntSlowPaths.cpp:910)
8   com.apple.JavaScriptCore          0x000000010d5d1555 llint_op_get_by_id + 122
9   com.apple.JavaScriptCore          0x000000010d4ae4b4 JSC::JITCode::execute(JSC::JSStack*, JSC::ExecState*, JSC::VM*) + 84 (JITCode.h:135)
10  com.apple.JavaScriptCore          0x000000010d4ab224 JSC::Interpreter::executeCall(JSC::ExecState*, JSC::JSObject*, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) + 1620 (Interpreter.cpp:1061)
11  com.apple.JavaScriptCore          0x000000010d2bc7b2 JSC::call(JSC::ExecState*, JSC::JSValue, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) + 306 (CallData.cpp:40)
12  com.apple.WebCore                 0x000000010ee5e682 WebCore::JSMainThreadExecState::call(JSC::ExecState*, JSC::JSValue, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) + 146 (JSMainThreadExecState.h:56)
13  com.apple.WebCore                 0x000000010efb6491 WebCore::JSEventListener::handleEvent(WebCore::ScriptExecutionContext*, WebCore::Event*) + 1217 (JSEventListener.cpp:129)
14  com.apple.WebCore                 0x000000010e9219b2 WebCore::EventTarget::fireEventListeners(WebCore::Event*, WebCore::EventTargetData*, WTF::Vector<WebCore::RegisteredEventListener, 1ul, WTF::CrashOnOverflow>&) + 498 (EventTarget.cpp:259)
15  com.apple.WebCore                 0x000000010e9215cc WebCore::EventTarget::fireEventListeners(WebCore::Event*) + 380 (EventTarget.cpp:204)
16  com.apple.WebCore                 0x000000010e865cf0 WebCore::DOMWindow::dispatchEvent(WTF::PassRefPtr<WebCore::Event>, WTF::PassRefPtr<WebCore::EventTarget>) + 272 (DOMWindow.cpp:1711)
17  com.apple.WebCore                 0x000000010e773ee1 WebCore::Document::dispatchWindowEvent(WTF::PassRefPtr<WebCore::Event>, WTF::PassRefPtr<WebCore::EventTarget>) + 193 (Document.cpp:3656)
18  com.apple.WebCore                 0x000000010e906336 WebCore::EventHandler::dispatchResizeEvent() + 150 (EventHandler.cpp:3790)
19  com.apple.WebCore                 0x000000010ea16614 WebCore::FrameView::dispatchResizeEvent() + 148 (FrameView.cpp:2791)
20  com.apple.WebCore                 0x000000010ea164f6 WebCore::FrameView::setFrameRect(WebCore::IntRect const&) + 678 (FrameView.cpp:500)
21  com.apple.WebCore                 0x000000010f92452d WebCore::RenderWidget::setWidgetGeometry(WebCore::LayoutRect const&) + 381 (RenderWidget.cpp:160)
22  com.apple.WebCore                 0x000000010f924848 WebCore::RenderWidget::updateWidgetGeometry() + 456 (RenderWidget.cpp:180)
23  com.apple.WebCore                 0x000000010f925c33 WebCore::RenderWidget::updateWidgetPosition() + 83 (RenderWidget.cpp:348)
24  com.apple.WebCore                 0x000000010f745250 WebCore::RenderFrameBase::layoutWithFlattening(bool, bool) + 1568 (RenderFrameBase.cpp:98)
25  com.apple.WebCore                 0x000000010f75c555 WebCore::RenderIFrame::layout() + 325 (RenderIFrame.cpp:168)

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

More information about the webkit-unassigned mailing list