Bug 51465

Summary: chrome.dll!WebCore::RenderLayer::currentTransform ReadAV@NULL (8968fc97874fa23b6799ff8f09c142e4)
Product: WebKit Reporter: Berend-Jan Wever <skylined>
Component: CSSAssignee: Nobody <webkit-unassigned>
Status: RESOLVED FIXED    
Severity: Normal CC: commit-queue, eric, jchaffraix
Priority: P1    
Version: 528+ (Nightly build)   
Hardware: PC   
OS: Windows Vista   
Attachments:
Description Flags
Repro
none
Proposed fix: check that the RenderBox has a layer before calling layer() on it
none
Trivial patch: add the missing test cases none

Berend-Jan Wever
Reported 2010-12-22 05:41:23 PST
Created attachment 77209 [details] Repro http://code.google.com/p/chromium/issues/detail?id=67785 Repro: <style> * { display: table-column; -webkit-transform-style: preserve-3d; } </style> id: chrome.dll!WebCore::RenderLayer::currentTransform ReadAV@NULL (8968fc97874fa23b6799ff8f09c142e4) description: Attempt to read from unallocated NULL pointer+0xA4 in chrome.dll!WebCore::RenderLayer::currentTransform stack: chrome.dll!WebCore::RenderLayer::currentTransform chrome.dll!WebCore::RenderBox::layoutOverflowRectForPropagation chrome.dll!WebCore::RenderBox::addOverflowFromChild chrome.dll!WebCore::RenderBlock::addOverflowFromBlockChildren chrome.dll!WebCore::RenderBlock::computeOverflow chrome.dll!WebCore::RenderBlock::layoutBlock chrome.dll!WebCore::RenderBlock::layout chrome.dll!WebCore::RenderBlock::layoutBlockChild chrome.dll!WebCore::RenderBlock::layoutBlockChildren chrome.dll!WebCore::RenderBlock::layoutBlock chrome.dll!WebCore::RenderBlock::layout chrome.dll!WebCore::RenderView::layout ...
Attachments
Repro (87 bytes, text/html)
2010-12-22 05:41 PST, Berend-Jan Wever 		no flags
Details
Proposed fix: check that the RenderBox has a layer before calling layer() on it (2.40 KB, patch)
2011-03-20 22:32 PDT, Julien Chaffraix 		no flags
DetailsFormatted DiffDiff
Trivial patch: add the missing test cases (1.91 KB, patch)
2011-03-22 06:33 PDT, Julien Chaffraix 		no flags
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Julien Chaffraix
Comment 1 2011-03-20 22:32:44 PDT
Created attachment 86295 [details] Proposed fix: check that the RenderBox has a layer before calling layer() on it
Eric Seidel (no email)
Comment 2 2011-03-20 23:14:21 PDT
Comment on attachment 86295 [details] Proposed fix: check that the RenderBox has a layer before calling layer() on it ok.
WebKit Commit Bot
Comment 3 2011-03-21 01:20:25 PDT
Comment on attachment 86295 [details] Proposed fix: check that the RenderBox has a layer before calling layer() on it Clearing flags on attachment: 86295 Committed r81574: <http://trac.webkit.org/changeset/81574>
WebKit Commit Bot
Comment 4 2011-03-21 01:20:29 PDT
All reviewed patches have been landed. Closing bug.
Eric Seidel (no email)
Comment 5 2011-03-21 11:03:35 PDT
I knew after I closed my laptop last night that something was wrong with this patch. It's missing the added files! Julien, please add the misisng files.
Julien Chaffraix
Comment 6 2011-03-21 16:54:01 PDT
> Julien, please add the misisng files. Sure I will update a new missing files to this bug tonight.
Julien Chaffraix
Comment 7 2011-03-22 06:33:46 PDT
Created attachment 86456 [details] Trivial patch: add the missing test cases
Eric Seidel (no email)
Comment 8 2011-03-28 21:37:46 PDT
Comment on attachment 86456 [details] Trivial patch: add the missing test cases LGTM. Don't we normally obscure the bug title in the ChangeLog for securityb ugs?
Julien Chaffraix
Comment 9 2011-03-28 22:13:07 PDT
(In reply to comment #8) > (From update of attachment 86456 [details]) > LGTM. Don't we normally obscure the bug title in the ChangeLog for securityb ugs? Not sure about the security bugs' policy. This bug was not marked as such so it won't apply anyway.
WebKit Commit Bot
Comment 10 2011-04-07 20:21:31 PDT
Comment on attachment 86456 [details] Trivial patch: add the missing test cases Clearing flags on attachment: 86456 Committed r83243: <http://trac.webkit.org/changeset/83243>
WebKit Commit Bot
Comment 11 2011-04-07 20:21:37 PDT
All reviewed patches have been landed. Closing bug.
Note You need to log in before you can comment on or make changes to this bug.