Bug 300682
| Summary: | Crash in WebCore::addInvalidElementToAncestorFromInsertionPoint | ||
|---|---|---|---|
| Product: | WebKit | Reporter: | Ryosuke Niwa <rniwa> |
| Component: | New Bugs | Assignee: | Ryosuke Niwa <rniwa> |
| Status: | RESOLVED FIXED | ||
| Severity: | Normal | Keywords: | InRadar |
| Priority: | P2 | ||
| Version: | WebKit Nightly Build | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
Ryosuke Niwa
e.g.
0 WebCore 0x1a8faf194 WTF::RawPtrTraits<WTF::StringImpl>::unwrap(WTF::StringImpl* const&) + 0 [inlined]
1 WebCore 0x1a8faf194 WTF::RefPtr<WTF::StringImpl, WTF::RawPtrTraits<WTF::StringImpl>, WTF::DefaultRefDerefTraits<WTF::StringImpl>>::get() const + 0 [inlined]
2 WebCore 0x1a8faf194 WTF::String::impl() const + 0 [inlined]
3 WebCore 0x1a8faf194 WTF::AtomString::impl() const + 0 [inlined]
4 WebCore 0x1a8faf194 WTF::operator==(WTF::AtomString const&, WTF::AtomString const&) + 0 [inlined]
5 WebCore 0x1a8faf194 WebCore::Element::hasLocalName(WTF::AtomString const&) const + 4 [inlined]
6 WebCore 0x1a8faf194 WebCore::HTMLElement::hasTagName(WebCore::HTMLQualifiedName const&) const + 4 [inlined]
7 WebCore 0x1a8faf194 WebCore::Node::hasTagName(WebCore::HTMLQualifiedName const&) const + 8 [inlined]
8 WebCore 0x1a8faf194 WTF::TypeCastTraits<WebCore::HTMLFieldSetElement const, WebCore::Element const, false>::checkTagName(WebCore::Node const&) + 8 [inlined]
9 WebCore 0x1a8faf194 WTF::TypeCastTraits<WebCore::HTMLFieldSetElement const, WebCore::Element const, false>::isOfType(WebCore::Element const&) + 8 [inlined]
10 WebCore 0x1a8faf194 bool WTF::is<WebCore::HTMLFieldSetElement, WebCore::Element>(WebCore::Element const&) + 8 [inlined]
11 WebCore 0x1a8faf194 std::__1::conditional<std::is_const_v<WebCore::Element>, std::__1::add_const<WebCore::HTMLFieldSetElement>::type, __remove_const(WebCore::HTMLFieldSetElement)>::type* WTF::dynamicDowncast<WebCore::HTMLFieldSetElement, WebCore::Element>(WebCore::Element&) + 8 [inlined]
12 WebCore 0x1a8faf194 WebCore::HTMLFieldSetElement* WebCore::findElementAncestorOfType<WebCore::HTMLFieldSetElement>(WebCore::Node const&) + 28 [inlined]
13 WebCore 0x1a8faf194 WebCore::ElementAncestorRange<WebCore::HTMLFieldSetElement> WebCore::ancestorsOfType<WebCore::HTMLFieldSetElement>(WebCore::Node&) + 28 [inlined]
14 WebCore 0x1a8faf194 WebCore::ElementAncestorRange<WebCore::HTMLFieldSetElement> WebCore::lineageOfType<WebCore::HTMLFieldSetElement>(WebCore::Element&) + 56 [inlined]
15 WebCore 0x1a8faf194 WebCore::addInvalidElementToAncestorFromInsertionPoint(WebCore::HTMLElement const&, WebCore::ContainerNode*) + 96
16 WebCore 0x1a8faefb0 WebCore::ValidatedFormListedElement::updateValidity() + 616
17 WebCore 0x1a8c57eb4 WebCore::RadioButtonGroup::updateValidityForAllButtons() + 244
18 WebCore 0x1a8c582a0 WebCore::RadioButtonGroup::remove(WebCore::HTMLInputElement&) + 852
19 WebCore 0x1a8c58e60 WebCore::RadioButtonGroups::removeButton(WebCore::HTMLInputElement&) + 128
20 WebCore 0x1a8e8f880 WebCore::HTMLInputElement::removeFromRadioButtonGroup() + 4 [inlined]
21 WebCore 0x1a8e8f880 WebCore::HTMLInputElement::willChangeForm() + 4 [inlined]
22 WebCore 0x1a8e8f880 non-virtual thunk to WebCore::HTMLInputElement::willChangeForm() + 264
23 WebCore 0x1a8e2f3e0 WebCore::FormListedElement::formWillBeDestroyed() + 92
24 WebCore 0x1a8fb0d64 WebCore::ValidatedFormListedElement::formWillBeDestroyed() + 36
25 WebCore 0x1a8e6f454 WebCore::HTMLFormElement::~HTMLFormElement() + 264
26 WebCore 0x1a8e6fae4 WebCore::HTMLFormElement::~HTMLFormElement() + 4 [inlined]
<rdar://51548228>
| Attachments | ||
|---|---|---|
| Add attachment proposed patch, testcase, etc. |
Ryosuke Niwa
Pull request: https://github.com/WebKit/WebKit/pull/52285
EWS
Committed 301470@main (985b9fb1a2eb): <https://commits.webkit.org/301470@main>
Reviewed commits have been landed. Closing PR #52285 and removing active labels.