[Webkit-unassigned] [Bug 111074] New: REGRESSION(r141450): failed ASSERT in FrameView::scheduleRelayout()

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Thu Feb 28 06:27:39 PST 2013 

https://bugs.webkit.org/show_bug.cgi?id=111074

           Summary: REGRESSION(r141450): failed ASSERT in
                    FrameView::scheduleRelayout()
           Product: WebKit
           Version: 528+ (Nightly build)
          Platform: Unspecified
        OS/Version: Unspecified
            Status: UNCONFIRMED
          Severity: Normal
          Priority: P2
         Component: WebCore Misc.
        AssignedTo: webkit-unassigned at lists.webkit.org
        ReportedBy: agarcia at igalia.com
                CC: xan.lopez at gmail.com, cgarcia at igalia.com,
                    jamesr at chromium.org, aelias at chromium.org


I have a crash because of this failed assertion in
FrameView::scheduleRelayout():

ASSERT(m_frame->view() == this)

This seems to have been introduced in r141450, which was the fix for
bug 107922. I cannot reproduce the crash after reverting that patch.

The call to frameView->setUseFixedLayout(useFixedLayout) in
Frame::createView() triggers a call to scheduleRelayout() while m_view
is 0.

Here's the backtrace:

#0  WebCore::FrameView::scheduleRelayout (this=0x80a2d18)
    at /home/berto/devel/code/webkit/Source/WebCore/page/FrameView.cpp:2312
#1  0x7c8ec55a in WebCore::RenderObject::scheduleRelayout (this=0x8233890)
    at /home/berto/devel/code/webkit/Source/WebCore/rendering/RenderObject.cpp:2650
#2  0x7c8e46ce in WebCore::RenderObject::markContainingBlocksForLayout (
    this=0x8233890, scheduleRelayout=true, newRoot=0x0)
    at /home/berto/devel/code/webkit/Source/WebCore/rendering/RenderObject.cpp:709
#3  0x78e2b104 in WebCore::RenderObject::setNeedsLayout (this=0x8233890,
    needsLayout=true, markParents=WebCore::MarkContainingBlockChain)
    at /home/berto/devel/code/webkit/Source/WebCore/rendering/RenderObject.h:1191
#4  0x7c626a1a in WebCore::FrameView::setNeedsLayout (this=0x82b8b88)
    at /home/berto/devel/code/webkit/Source/WebCore/page/FrameView.cpp:2439
#5  0x7c625b5e in WebCore::FrameView::contentsResized (this=0x82b8b88)
    at /home/berto/devel/code/webkit/Source/WebCore/page/FrameView.cpp:2122
#6  0x7c6b02ec in WebCore::ScrollView::setUseFixedLayout (this=0x82b8b88,
    enable=true)
    at /home/berto/devel/code/webkit/Source/WebCore/platform/ScrollView.cpp:324
#7  0x7c61875e in WebCore::Frame::createView (this=0x80a6f38,
    viewportSize=..., backgroundColor=..., transparent=false,
    fixedReportedSize=..., fixedLayoutSize=..., fixedVisibleContentRect=...,
    useFixedLayout=true, horizontalScrollbarMode=WebCore::ScrollbarAlwaysOff,
    horizontalLock=true, verticalScrollbarMode=WebCore::ScrollbarAlwaysOff,
    verticalLock=true)
    at /home/berto/devel/code/webkit/Source/WebCore/page/Frame.cpp:804
...

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

More information about the webkit-unassigned mailing list