99587 2012-10-17 05:06:55 -0700 REGRESSION(r131464): Null-pointer crash in StyleResolver::styleForElement 2012-10-18 09:00:39 -0700 1 1 1 Unclassified WebKit CSS 528+ (Nightly build) Unspecified Unspecified RESOLVED FIXED P2 Normal --- 1 dstockwell webkit-unassigned allan.jensen cmarcelo dglazkov macpherson menard tasak webkit.review.bot oldest_to_newest 744165 0 169161 dstockwell 2012-10-17 05:06:55 -0700 Created attachment 169161 Test case ==26072== ERROR: AddressSanitizer crashed on unknown address 0x000000000030 (pc 0x00000066533d sp 0x7fffd83fb500 bp 0x7fffd83fb500 T0) AddressSanitizer can not provide additional info. #0 0x66533c in WTF::RefPtr<WebCore::StyleRareInheritedData>::get() const third_party/WebKit/Source/WTF/wtf/RefPtr.h:58 #1 0xb8df7c in WebCore::RenderStyle::userModify() const third_party/WebKit/Source/WebCore/rendering/style/RenderStyle.h:838 #2 0x1ab07bf in WebCore::StyleResolver::styleForElement(WebCore::Element*, WebCore::RenderStyle*, WebCore::StyleSharingBehavior, WebCore::RuleMatchingBehavior, WebCore::RenderRegion*) third_party/WebKit/Source/WebCore/css/StyleResolver.cpp:1551 #3 0xadba28 in WebCore::Document::styleForElementIgnoringPendingStylesheets(WebCore::Element*) third_party/WebKit/Source/WebCore/dom/Document.cpp:1972 #4 0xb56d24 in WebCore::Element::computedStyle(WebCore::PseudoId) third_party/WebKit/Source/WebCore/dom/Element.cpp:1759 #5 0x148813e in WebCore::HTMLTitleElement::textWithDirection() third_party/WebKit/Source/WebCore/html/HTMLTitleElement.cpp:87 #6 0x1488041 in WebCore::HTMLTitleElement::childrenChanged(bool, WebCore::Node*, WebCore::Node*, int) third_party/WebKit/Source/WebCore/html/HTMLTitleElement.cpp:67 #7 0xab3e3c in WebCore::ContainerNode::parserAppendChild(WTF::PassRefPtr<WebCore::Node>) third_party/WebKit/Source/WebCore/dom/ContainerNode.cpp:627 #8 0x15d0e4b in WebCore::executeTask(WebCore::HTMLConstructionSiteTask&) third_party/WebKit/Source/WebCore/html/parser/HTMLConstructionSite.cpp:83 #9 0x15d4e95 in WebCore::HTMLConstructionSite::insertTextNode(WTF::String const&, WebCore::WhitespaceMode) third_party/WebKit/Source/WebCore/html/parser/HTMLConstructionSite.cpp:385 #10 0x154d2bf in WebCore::HTMLTreeBuilder::processCharacterBuffer(WebCore::HTMLTreeBuilder::ExternalCharacterTokenBuffer&) third_party/WebKit/Source/WebCore/html/parser/HTMLTreeBuilder.cpp:2281 #11 0x154c47e in WebCore::HTMLTreeBuilder::processCharacter(WebCore::AtomicHTMLToken*) third_party/WebKit/Source/WebCore/html/parser/HTMLTreeBuilder.cpp:2154 #12 0x15496d1 in WebCore::HTMLTreeBuilder::constructTreeFromAtomicToken(WebCore::AtomicHTMLToken*) third_party/WebKit/Source/WebCore/html/parser/HTMLTreeBuilder.cpp:389 #13 0x154952c in WebCore::HTMLTreeBuilder::constructTreeFromToken(WebCore::HTMLToken&) third_party/WebKit/Source/WebCore/html/parser/HTMLTreeBuilder.cpp:370 #14 0x150c04e in WebCore::HTMLDocumentParser::pumpTokenizer(WebCore::HTMLDocumentParser::SynchronousMode) third_party/WebKit/Source/WebCore/html/parser/HTMLDocumentParser.cpp:269 #15 0x150d1e9 in WebCore::HTMLDocumentParser::append(WebCore::SegmentedString const&) third_party/WebKit/Source/WebCore/html/parser/HTMLDocumentParser.cpp:361 #16 0x32430eb in WebCore::DecodedDataDocumentParser::flush(WebCore::DocumentWriter*) third_party/WebKit/Source/WebCore/dom/DecodedDataDocumentParser.cpp:60 #17 0x1d1d9ea in WebCore::DocumentWriter::end() third_party/WebKit/Source/WebCore/loader/DocumentWriter.cpp:241 #18 0x1d06714 in WebCore::DocumentLoader::finishedLoading() third_party/WebKit/Source/WebCore/loader/DocumentLoader.cpp:299 #19 0x1d5c02d in WebCore::MainResourceLoader::didFinishLoading(double) third_party/WebKit/Source/WebCore/loader/MainResourceLoader.cpp:525 744973 1 169342 tasak 2012-10-17 22:07:42 -0700 Created attachment 169342 Patch 745149 2 allan.jensen 2012-10-18 04:03:30 -0700 Would it be possible for the summary to be shown later with the end result of the title not inheriting its userModify setting? 745297 3 169342 dglazkov 2012-10-18 08:55:24 -0700 Comment on attachment 169342 Patch I am sorry, I should've caught this. 745301 4 169342 webkit.review.bot 2012-10-18 09:00:31 -0700 Comment on attachment 169342 Patch Clearing flags on attachment: 169342 Committed r131758: <http://trac.webkit.org/changeset/131758> 745302 5 webkit.review.bot 2012-10-18 09:00:39 -0700 All reviewed patches have been landed. Closing bug. 169161 2012-10-17 05:06:55 -0700 2012-10-17 05:06:55 -0700 Test case test.html text/html 32 dstockwell PGRhdGFsaXN0Cj4KPHN1bW1hcnkKPgo8dGl0bGUKPgo= 169342 2012-10-17 22:07:42 -0700 2012-10-18 09:00:31 -0700 Patch bug-99587-20121018140628.patch text/plain 4202 tasak U3VidmVyc2lvbiBSZXZpc2lvbjogMTMxNjk4CmRpZmYgLS1naXQgYS9Tb3VyY2UvV2ViQ29yZS9D aGFuZ2VMb2cgYi9Tb3VyY2UvV2ViQ29yZS9DaGFuZ2VMb2cKaW5kZXggMjA5Njc0NDlmMTg3YTM1 YmViZGUwMWY1YzNkMTMyMjliOGJkNzczMy4uZjYyNWM4ODE0OWM1MGMzMjNiMDdmYjA0ZWJlODlm ZmM3MjBiOGFjNiAxMDA2NDQKLS0tIGEvU291cmNlL1dlYkNvcmUvQ2hhbmdlTG9nCisrKyBiL1Nv dXJjZS9XZWJDb3JlL0NoYW5nZUxvZwpAQCAtMSwzICsxLDIzIEBACisyMDEyLTEwLTE3ICBUYWth c2hpIFNha2Ftb3RvICA8dGFzYWtAZ29vZ2xlLmNvbT4KKworICAgICAgICBSRUdSRVNTSU9OKHIx MzE0NjQpOiBOdWxsLXBvaW50ZXIgY3Jhc2ggaW4gU3R5bGVSZXNvbHZlcjo6c3R5bGVGb3JFbGVt ZW50CisgICAgICAgIGh0dHBzOi8vYnVncy53ZWJraXQub3JnL3Nob3dfYnVnLmNnaT9pZD05OTU4 NworCisgICAgICAgIFJldmlld2VkIGJ5IE5PQk9EWSAoT09QUyEpLgorCisgICAgICAgIFNpbmNl IGNvbnRlbnRzIGluIGRhdGFsaXN0IGFyZSBub3Qgc2hvd24sIHN1bW1hcnkgaW4gZGF0YWxpc3Qg aXMgbm90CisgICAgICAgIHNob3duIGVpdGhlci4gU28gdGhlIHN1bW1hcnkgaGFzIG5vIHJlbmRl ciBzdHlsZS4gT24gdGhlIG90aGVyIGhhbmQsCisgICAgICAgIHRoZSBzdW1tYXJ5IGlzIGltcGxl bWVudGVkIGJ5IHNoYWRvdyBET00gYW5kIGl0IGhhcyBzb21lIGluc2VydGlvbgorICAgICAgICBw b2ludC4gSXRzIGNoaWxkLCBlLmcuIHRpdGxlIGluIHRoZSBiZWxvdyB0ZXN0LCBpcyBkaXN0cmli dXRlZC4KKyAgICAgICAgVG8gc29sdmUgdGhlIGNoaWxkJ3MgdXNlci1tb2RpZnksIGxvb2tpbmcg YXQgc2hhZG93IGhvc3QoPXN1bW1hcnkpJ3MKKyAgICAgICAgc3R5bGUgY2F1c2VzIG51bGwtcG9p bnRlciBjcmFzaC4KKworICAgICAgICBUZXN0OiBmYXN0L2RvbS9zaGFkb3cvdXNlci1tb2RpZnkt aW4tZGF0YWxpc3QtY3Jhc2guaHRtbAorCisgICAgICAgICogY3NzL1N0eWxlUmVzb2x2ZXIuY3Bw OgorICAgICAgICAoV2ViQ29yZTo6U3R5bGVSZXNvbHZlcjo6c3R5bGVGb3JFbGVtZW50KToKKyAg ICAgICAgQWRkZWQgYSBjb2RlIHRvIGNoZWNrIHdoZXRoZXIgdGhlIHNoYWRvdyBob3N0IGhhcyBh bnkgc3R5bGUgb3Igbm90LgorCiAyMDEyLTEwLTE3ICBQYW4gRGVuZyAgPHBhbi5kZW5nQGludGVs LmNvbT4KIAogICAgICAgICBbVXNlciBUaW1pbmddIGltcGxlbWVudCBtYWluIGludGVyZmFjZSBp biBvZiBVc2VyIFRpbWluZywgYWNjb3JkaW5nIHRvIGh0dHA6Ly93d3cudzMub3JnL1RSLzIwMTIv Q1ItdXNlci10aW1pbmctMjAxMjA3MjYvCmRpZmYgLS1naXQgYS9Tb3VyY2UvV2ViQ29yZS9jc3Mv U3R5bGVSZXNvbHZlci5jcHAgYi9Tb3VyY2UvV2ViQ29yZS9jc3MvU3R5bGVSZXNvbHZlci5jcHAK aW5kZXggMDcyYTBmNzc5MGY0MjQ2MzMxNWY0NTE3YzUwMDJjYzkwNjhmNmE3ZC4uYzc5MzE1NDYw ODgwNWM3NTA2OTM4NDIyODg2MDg1MjFhODYwMTAzYiAxMDA2NDQKLS0tIGEvU291cmNlL1dlYkNv cmUvY3NzL1N0eWxlUmVzb2x2ZXIuY3BwCisrKyBiL1NvdXJjZS9XZWJDb3JlL2Nzcy9TdHlsZVJl c29sdmVyLmNwcApAQCAtMTU0Nyw4ICsxNTQ3LDggQEAgUGFzc1JlZlB0cjxSZW5kZXJTdHlsZT4g U3R5bGVSZXNvbHZlcjo6c3R5bGVGb3JFbGVtZW50KEVsZW1lbnQqIGVsZW1lbnQsIFJlbmRlclMK ICAgICAvLyBiZSBwcm9wYWdhdGVkIGZyb20gc2hhZG93IGhvc3QgdG8gZGlzdHJpYnV0ZWQgbm9k ZS4KICAgICBpZiAobV9kaXN0cmlidXRlZFRvSW5zZXJ0aW9uUG9pbnQpIHsKICAgICAgICAgQVNT RVJUKGVsZW1lbnQtPnBhcmVudEVsZW1lbnQoKSk7Ci0gICAgICAgIEFTU0VSVChlbGVtZW50LT5w YXJlbnRFbGVtZW50KCktPnJlbmRlclN0eWxlKCkpOwotICAgICAgICBtX3N0eWxlLT5zZXRVc2Vy TW9kaWZ5KGVsZW1lbnQtPnBhcmVudEVsZW1lbnQoKS0+cmVuZGVyU3R5bGUoKS0+dXNlck1vZGlm eSgpKTsKKyAgICAgICAgaWYgKFJlbmRlclN0eWxlKiBzdHlsZU9mU2hhZG93SG9zdCA9IGVsZW1l bnQtPnBhcmVudEVsZW1lbnQoKS0+cmVuZGVyU3R5bGUoKSkKKyAgICAgICAgICAgIG1fc3R5bGUt PnNldFVzZXJNb2RpZnkoc3R5bGVPZlNoYWRvd0hvc3QtPnVzZXJNb2RpZnkoKSk7CiAgICAgfQog CiAgICAgaWYgKGVsZW1lbnQtPmlzTGluaygpKSB7CmRpZmYgLS1naXQgYS9MYXlvdXRUZXN0cy9D aGFuZ2VMb2cgYi9MYXlvdXRUZXN0cy9DaGFuZ2VMb2cKaW5kZXggYTJiM2JhOWE0NDEwNjNiNTli NjBlMTgwYjkxMmE3NTViN2I3MjI4OS4uNjQ4MGI3ZjY5NWRiMzE2MWFkYzFlODVmOWFmMDk4Yzdi MjQ1YThiNyAxMDA2NDQKLS0tIGEvTGF5b3V0VGVzdHMvQ2hhbmdlTG9nCisrKyBiL0xheW91dFRl c3RzL0NoYW5nZUxvZwpAQCAtMSwzICsxLDEzIEBACisyMDEyLTEwLTE3ICBUYWthc2hpIFNha2Ft b3RvICA8dGFzYWtAZ29vZ2xlLmNvbT4KKworICAgICAgICBSRUdSRVNTSU9OKHIxMzE0NjQpOiBO dWxsLXBvaW50ZXIgY3Jhc2ggaW4gU3R5bGVSZXNvbHZlcjo6c3R5bGVGb3JFbGVtZW50CisgICAg ICAgIGh0dHBzOi8vYnVncy53ZWJraXQub3JnL3Nob3dfYnVnLmNnaT9pZD05OTU4NworCisgICAg ICAgIFJldmlld2VkIGJ5IE5PQk9EWSAoT09QUyEpLgorCisgICAgICAgICogZmFzdC9kb20vc2hh ZG93L3VzZXItbW9kaWZ5LWluLWRhdGFsaXN0LWNyYXNoLWV4cGVjdGVkLnR4dDogQWRkZWQuCisg ICAgICAgICogZmFzdC9kb20vc2hhZG93L3VzZXItbW9kaWZ5LWluLWRhdGFsaXN0LWNyYXNoLmh0 bWw6IEFkZGVkLgorCiAyMDEyLTEwLTE3ICBEaXJrIFByYW5rZSAgPGRwcmFua2VAY2hyb21pdW0u b3JnPgogCiAgICAgICAgIENsb25lIGJhc2VsaW5lcyBmcm9tIHBsYXRmb3JtL21hYyB0byBwbGF0 Zm9ybS9jaHJvbWl1bSBbNyBvZiA3XQpkaWZmIC0tZ2l0IGEvTGF5b3V0VGVzdHMvZmFzdC9kb20v c2hhZG93L3VzZXItbW9kaWZ5LWluLWRhdGFsaXN0LWNyYXNoLWV4cGVjdGVkLnR4dCBiL0xheW91 dFRlc3RzL2Zhc3QvZG9tL3NoYWRvdy91c2VyLW1vZGlmeS1pbi1kYXRhbGlzdC1jcmFzaC1leHBl Y3RlZC50eHQKbmV3IGZpbGUgbW9kZSAxMDA2NDQKaW5kZXggMDAwMDAwMDAwMDAwMDAwMDAwMDAw MDAwMDAwMDAwMDAwMDAwMDAwMC4uOTg5ZDQ4NGY1YjdhYzIwYmMyMTk0YzUxMGRmMWY5N2U5ZDcy MzcxYgotLS0gL2Rldi9udWxsCisrKyBiL0xheW91dFRlc3RzL2Zhc3QvZG9tL3NoYWRvdy91c2Vy LW1vZGlmeS1pbi1kYXRhbGlzdC1jcmFzaC1leHBlY3RlZC50eHQKQEAgLTAsMCArMSwyIEBACitb YnVnIDk5NTg3XSBodHRwczovL2J1Z3Mud2Via2l0Lm9yZy9zaG93X2J1Zy5jZ2k/aWQ9OTk1ODcg bnVsbC1wb2ludGVyIGNyYXNoIGluIFN0eWxlUmVzb2x2ZXI6OnN0eWxlRm9yRWxlbWVudC4gSWYg dGhpcyB0ZXN0IHBhc3Nlcywgbm8gY3Jhc2ggb2NjdXJzIGFuZCAiUEFTUyIgaXMgc2hvd24uCitQ QVNTCmRpZmYgLS1naXQgYS9MYXlvdXRUZXN0cy9mYXN0L2RvbS9zaGFkb3cvdXNlci1tb2RpZnkt aW4tZGF0YWxpc3QtY3Jhc2guaHRtbCBiL0xheW91dFRlc3RzL2Zhc3QvZG9tL3NoYWRvdy91c2Vy LW1vZGlmeS1pbi1kYXRhbGlzdC1jcmFzaC5odG1sCm5ldyBmaWxlIG1vZGUgMTAwNjQ0CmluZGV4 IDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAuLjhhOTUzZGZiYmEwNzFl MTVjODRhMzI1YzQxNTc1ZGFiNzgyZjI0ZDIKLS0tIC9kZXYvbnVsbAorKysgYi9MYXlvdXRUZXN0 cy9mYXN0L2RvbS9zaGFkb3cvdXNlci1tb2RpZnktaW4tZGF0YWxpc3QtY3Jhc2guaHRtbApAQCAt MCwwICsxLDEyIEBACis8c2NyaXB0PgoraWYgKHdpbmRvdy50ZXN0UnVubmVyKQorICAgIHRlc3RS dW5uZXIuZHVtcEFzVGV4dCgpOworPC9zY3JpcHQ+Cis8ZGl2PltidWcgOTk1ODddIDxhIGhyZWY9 Imh0dHBzOi8vYnVncy53ZWJraXQub3JnL3Nob3dfYnVnLmNnaT9pZD05OTU4NyI+CitodHRwczov L2J1Z3Mud2Via2l0Lm9yZy9zaG93X2J1Zy5jZ2k/aWQ9OTk1ODc8L2E+CitudWxsLXBvaW50ZXIg Y3Jhc2ggaW4gU3R5bGVSZXNvbHZlcjo6c3R5bGVGb3JFbGVtZW50LgorSWYgdGhpcyB0ZXN0IHBh c3Nlcywgbm8gY3Jhc2ggb2NjdXJzIGFuZCAiUEFTUyIgaXMgc2hvd24uPC9kaXY+Cis8ZGl2PlBB U1M8L2Rpdj4KKzxkYXRhbGlzdD4KKzxzdW1tYXJ5PgorPHRpdGxlPgo=