Bug 52279

Summary: WebCore::RenderBlock::updateFirstLetter crashes for anonymous blocks
Product: WebKit Reporter: Yuzo Fujishima <yuzo>
Component: CSSAssignee: Yuzo Fujishima <yuzo>
Status: RESOLVED FIXED    
Severity: Normal CC: commit-queue, tkent
Priority: P2    
Version: 528+ (Nightly build)   
Hardware: PC   
OS: OS X 10.5   
Attachments:
Description Flags
Patch
none
Revised ChangeLog tkent: review+, yuzo: commit-queue+

Yuzo Fujishima
Reported 2011-01-12 00:14:33 PST
See http://code.google.com/p/chromium/issues/detail?id=68268 Open 0.html attached to the bug report.
Attachments
Patch (3.17 KB, patch)
2011-01-12 00:39 PST, Yuzo Fujishima 		no flags
DetailsFormatted DiffDiff
Revised ChangeLog (3.28 KB, patch)
2011-01-13 02:21 PST, Yuzo Fujishima 		tkent: review+
yuzo: commit-queue+
DetailsFormatted DiffDiff
Show Obsolete (1) View All Add attachment proposed patch, testcase, etc.
Yuzo Fujishima
Comment 1 2011-01-12 00:39:40 PST
Created attachment 78662 [details] Patch
Kent Tamura
Comment 2 2011-01-13 01:34:41 PST
Comment on attachment 78662 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=78662&action=review > Source/WebCore/ChangeLog:11 > + weird position and a crash will result for documents containing Could you explain what is "weird position" concretely and why it causes a crash concretely please?
Yuzo Fujishima
Comment 3 2011-01-13 02:21:19 PST
Created attachment 78789 [details] Revised ChangeLog
Yuzo Fujishima
Comment 4 2011-01-13 02:22:33 PST
Thank you for the review. Updated the ChangeLog. Does it look better? (In reply to comment #2) > (From update of attachment 78662 [details]) > View in context: https://bugs.webkit.org/attachment.cgi?id=78662&action=review > > > Source/WebCore/ChangeLog:11 > > + weird position and a crash will result for documents containing > > Could you explain what is "weird position" concretely and why it causes a crash concretely please?
Kent Tamura
Comment 5 2011-01-13 20:11:43 PST
(In reply to comment #4) > Updated the ChangeLog. Does it look better? Does it mean nextObj can be NULL?
Yuzo Fujishima
Comment 6 2011-01-19 16:52:04 PST
Yes, it can be null and then the crash results. (In reply to comment #5) > (In reply to comment #4) > > Updated the ChangeLog. Does it look better? > > Does it mean nextObj can be NULL?
Kent Tamura
Comment 7 2011-01-19 17:24:06 PST
Comment on attachment 78789 [details] Revised ChangeLog ok, I understand.
Yuzo Fujishima
Comment 8 2011-01-19 17:58:42 PST
Comment on attachment 78789 [details] Revised ChangeLog Thank you for the review.
Yuzo Fujishima
Comment 9 2011-01-19 20:20:05 PST
Committed r76201: <http://trac.webkit.org/changeset/76201>
Note You need to log in before you can comment on or make changes to this bug.