Bug 75227

Summary:

NULL ptr in WebCore::SVGStyledTransformableElement::animatedLocalTransform

Product:

WebKit

Reporter:

Berend-Jan Wever <skylined>

Component:

SVG

Assignee:

Nobody <webkit-unassigned>

Status:

RESOLVED FIXED

Severity:

Normal

CC:

eric, fmalita, koivisto, rwlbuis, webkit.review.bot, zimmermann

Priority:

Version:

528+ (Nightly build)

Hardware:

OS:

Windows Vista

Attachments:

Description	Flags
Repro	none
Patch	none

Berend-Jan Wever

Reported 2011-12-26 05:35:53 PST

Created attachment 120551 [details] Repro Detailed report: https://cluster-fuzz.appspot.com/testcase?key=9278916 Fuzzer: Inferno_layout_test_fuzzer Crash Type: UNKNOWN Crash Address: 0x000000000008 Crash State: - crash stack - WebCore::SVGStyledTransformableElement::animatedLocalTransform non-virtual thunk to WebCore::SVGStyledTransformableElement::animatedLocalTransform WebCore::SVGStyledTransformableElement::localCoordinateSpaceTransform Regressed: https://cluster-fuzz.appspot.com/revisions?range=111368:111501 Minimized Testcase: https://cluster-fuzz.appspot.com/download/AMIfv94N78HYOdgNew_8tUlyw2DHa_r16roIX-dDHZRB4s5Z_OztPlCdCILo0cxvZ_DFCtdPbRt2dr-nx69WUHMIdWymUYglOgEnz93XzDIJfxk0Esp3ZOjfcG9aiU9iCWkxZgTt0wseNEJ4NEb5j_t7NxuxBeXqCw Repro: <script> document.createElementNS("http://www.w3.org/2000/svg","g").getTransformToElement(); </script>

Attachments
Repro (104 bytes, text/html) 2011-12-26 05:35 PST, Berend-Jan Wever	no flags	Details
Patch (3.45 KB, patch) 2012-01-03 09:10 PST, Florin Malita	no flags	Details Formatted Diff Diff
View All Add attachment proposed patch, testcase, etc.

Florin Malita

Comment 1 2012-01-03 09:10:12 PST

Dirk Schulze

Comment 2 2012-01-03 09:43:15 PST

Comment on attachment 120956 [details] Patch LGTM. r=me

WebKit Review Bot

Comment 3 2012-01-03 11:33:42 PST

WebKit Review Bot

Comment 4 2012-01-03 11:33:46 PST

All reviewed patches have been landed. Closing bug.

Note You need to log in before you can comment on or make changes to this bug.