Bug 13896

Summary: REGRESSION (NativePopup): Reproducible crasher on Google Coop control panel
Product: WebKit Reporter: Olivier Gutknecht <olivierg>
Component: FormsAssignee: Nobody <webkit-unassigned>
Status: VERIFIED FIXED    
Severity: Normal CC: mitz
Priority: P1 Keywords: HasReduction, Regression
Version: 523.x (Safari 3)   
Hardware: Mac   
OS: OS X 10.4   
URL: http://ol.g.free.fr/tests/coop.html
Attachments:
Description Flags
crash report
none
Reduction (will crash)
none
Do not try to compute style for options and option groups if their parents have no style darin: review+

Olivier Gutknecht
Reported 2007-05-28 04:08:39 PDT
Version: WebKit 522+, r21819 Platform: Mac OS X 10.4.9 8P135 PowerPC System configuration: PowerMac7,3, Dual PowerPC G5, 2 GB, 6800 GT DDL Summary: When accessing the control panel for a Google Coop custom search engine, on the "sites" tab, WebKit crashes in WebCore::FontFallbackList::fontDataAt(WebCore::Font const*, unsigned) const + 28 This is 100% reproducible in my setup. How to reproduce: The extracted HTML source is sufficient to provoke the crash (uploaded at URL). To recreate the setup: - go to http://www.google.com/coop - create a new custom search engine, add a site to search in the list - go to the control panel for the newly created search - click on the "sites" settings link Regression: Does not happen on Safari 2.0.4 (419.3) Does not happen on Gecko/20070309 Firefox/2.0.0.3
Attachments
crash report (25.58 KB, text/plain)
2007-05-28 04:10 PDT, Olivier Gutknecht 		no flags
Details
Reduction (will crash) (85 bytes, text/html)
2007-05-28 05:22 PDT, mitz 		no flags
Details
Do not try to compute style for options and option groups if their parents have no style (31.36 KB, patch)
2007-05-28 06:32 PDT, mitz 		darin: review+
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Olivier Gutknecht
Comment 1 2007-05-28 04:10:11 PDT
Created attachment 14754 [details] crash report Uploaded crash report
mitz
Comment 2 2007-05-28 05:16:34 PDT
ASSERTION FAILED: m_fontList (/WebKit/WebCore/platform/Font.cpp:449 const WebCore::FontData* WebCore::Font::primaryFont() const)
mitz
Comment 3 2007-05-28 05:22:36 PDT
Created attachment 14755 [details] Reduction (will crash)
mitz
Comment 4 2007-05-28 06:32:28 PDT
Created attachment 14757 [details] Do not try to compute style for options and option groups if their parents have no style
Darin Adler
Comment 5 2007-05-28 09:55:20 PDT
Comment on attachment 14757 [details] Do not try to compute style for options and option groups if their parents have no style Why do these classes do the work in attach instead of recalcStyle? r=me
Sam Weinig
Comment 6 2007-05-28 13:25:40 PDT
Landed in r21847.
Olivier Gutknecht
Comment 7 2007-05-29 13:38:29 PDT
Verified it fixes the initial issue with Google Coop (r21854 nightly)
Note You need to log in before you can comment on or make changes to this bug.