RESOLVED FIXED 100455
[Shadow]: removing styles in shadow dom subtree causes crash. 
https://bugs.webkit.org/show_bug.cgi?id=100455
Summary [Shadow]: removing styles in shadow dom subtree causes crash.
Takashi Sakamoto
Reported 2012-10-25 21:32:14 PDT
Created attachment 170806 [details] repro.html The bug 100246, https://bugs.webkit.org/show_bug.cgi?id=100246, has already reported this as "The new test fast/dom/shadow/athost-atrules.html is crashing on our debug bot". If shadow root has more than two styles and the styles are not direct children of the shadow root, removing the styles causes crashing. For example, <#shadow-root> <div> <style>span { color: red; }</style> <span>Hello</span> </div> <div> <style>.world { color: blue; } </style> <span class="world">World</span> </div> </#shadow-root> So when removing <style>s (e.g. do shadowroot.innerHTML="" or something), chrome/DumpRenderTree crashes.
Attachments
repro.html (398 bytes, text/html)
2012-10-25 21:32 PDT, Takashi Sakamoto 		no flags
Details
Patch (7.63 KB, patch)
2012-10-25 23:17 PDT, Takashi Sakamoto 		no flags
DetailsFormatted DiffDiff
Patch (11.25 KB, patch)
2012-10-26 01:09 PDT, Takashi Sakamoto 		no flags
DetailsFormatted DiffDiff
Patch (12.55 KB, patch)
2012-10-26 01:33 PDT, Takashi Sakamoto 		no flags
DetailsFormatted DiffDiff
Patch (10.50 KB, patch)
2012-10-26 02:16 PDT, Takashi Sakamoto 		no flags
DetailsFormatted DiffDiff
Patch (11.03 KB, patch)
2012-10-26 02:57 PDT, Takashi Sakamoto 		no flags
DetailsFormatted DiffDiff
Show Obsolete (4) View All Add attachment proposed patch, testcase, etc.
Takashi Sakamoto
Comment 1 2012-10-25 23:17:11 PDT
Created attachment 170824 [details] Patch
Takashi Sakamoto
Comment 2 2012-10-26 01:09:49 PDT
Created attachment 170843 [details] Patch
Early Warning System Bot
Comment 3 2012-10-26 01:20:26 PDT
Comment on attachment 170843 [details] Patch Attachment 170843 [details] did not pass qt-ews (qt): Output: http://queues.webkit.org/results/14543994
Early Warning System Bot
Comment 4 2012-10-26 01:20:54 PDT
Comment on attachment 170843 [details] Patch Attachment 170843 [details] did not pass qt-wk2-ews (qt): Output: http://queues.webkit.org/results/14564934
Takashi Sakamoto
Comment 5 2012-10-26 01:33:19 PDT
Created attachment 170847 [details] Patch
Build Bot
Comment 6 2012-10-26 02:06:17 PDT
Comment on attachment 170847 [details] Patch Attachment 170847 [details] did not pass win-ews (win): Output: http://queues.webkit.org/results/14572026
Takashi Sakamoto
Comment 7 2012-10-26 02:16:23 PDT
Created attachment 170854 [details] Patch
Takashi Sakamoto
Comment 8 2012-10-26 02:57:45 PDT
Created attachment 170861 [details] Patch
Takashi Sakamoto
Comment 9 2012-10-26 03:58:30 PDT
*** Bug 100246 has been marked as a duplicate of this bug. ***
WebKit Review Bot
Comment 10 2012-10-26 04:43:10 PDT
Comment on attachment 170861 [details] Patch Clearing flags on attachment: 170861 Committed r132621: <http://trac.webkit.org/changeset/132621>
WebKit Review Bot
Comment 11 2012-10-26 04:43:14 PDT
All reviewed patches have been landed. Closing bug.
Note You need to log in before you can comment on or make changes to this bug.