REOPENED 167615
NULL-deref crash in TextTrack::removeCue() 
https://bugs.webkit.org/show_bug.cgi?id=167615
Summary NULL-deref crash in TextTrack::removeCue()
Jer Noble
Reported 2017-01-30 16:47:07 PST
NULL-deref crash in TextTrack::removeCue()
Attachments
Patch (1.93 KB, patch)
2017-01-30 16:50 PST, Jer Noble 		no flags
DetailsFormatted DiffDiff
Patch (5.79 KB, patch)
2017-01-31 14:11 PST, Jer Noble 		eric.carlson: review+
DetailsFormatted DiffDiff
Patch for landing (5.62 KB, patch)
2017-01-31 14:26 PST, Jer Noble 		commit-queue: commit-queue-
DetailsFormatted DiffDiff
Archive of layout-test-results from webkit-cq-01 for mac-elcapitan (882.88 KB, application/zip)
2017-01-31 15:29 PST, WebKit Commit Bot 		no flags
Details
Archive of layout-test-results from ews117 for mac-elcapitan (1.82 MB, application/zip)
2017-01-31 15:44 PST, Build Bot 		no flags
Details
Archive of layout-test-results from ews105 for mac-elcapitan-wk2 (1.09 MB, application/zip)
2017-01-31 15:45 PST, Build Bot 		no flags
Details
Patch for landing (5.64 KB, patch)
2017-02-01 09:57 PST, Jer Noble 		no flags
DetailsFormatted DiffDiff
Show Obsolete (4) View All Add attachment proposed patch, testcase, etc.
Jer Noble
Comment 1 2017-01-30 16:49:26 PST
rdar://problem/30106362
Jer Noble
Comment 2 2017-01-30 16:50:01 PST
Created attachment 300159 [details] Patch
Eric Carlson
Comment 3 2017-01-30 17:02:03 PST
Caused by changes for bug 166635.
WebKit Commit Bot
Comment 4 2017-01-30 18:39:30 PST
Comment on attachment 300159 [details] Patch Clearing flags on attachment: 300159 Committed r211401: <http://trac.webkit.org/changeset/211401>
WebKit Commit Bot
Comment 5 2017-01-30 18:39:35 PST
All reviewed patches have been landed. Closing bug.
Alexey Proskuryakov
Comment 6 2017-01-31 10:30:02 PST
Can this be tested with a regression test?
Jer Noble
Comment 7 2017-01-31 14:10:57 PST
Reopening to attach new patch.
Jer Noble
Comment 8 2017-01-31 14:11:00 PST
Created attachment 300258 [details] Patch
Eric Carlson
Comment 9 2017-01-31 14:21:52 PST
Comment on attachment 300258 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=300258&action=review > LayoutTests/http/tests/media/track-in-band-hls-metadata-crash.html:21 > + > + Nit: extra blank line. > LayoutTests/http/tests/media/track-in-band-hls-metadata-crash.html:22 > + function cuechange() { Nit: brace on the next line (or change the other functions to match this). > LayoutTests/http/tests/media/track-in-band-hls-metadata-crash.html:41 > + <img id=photo> Nit: this element isn't used. > LayoutTests/http/tests/media/track-in-band-hls-metadata-crash.html:42 > + <p>Test for metadata tracks from Apple HLS stream.</p> Nit: might as well update this comment.
Jer Noble
Comment 10 2017-01-31 14:26:12 PST
Created attachment 300259 [details] Patch for landing
WebKit Commit Bot
Comment 11 2017-01-31 15:29:35 PST
Comment on attachment 300259 [details] Patch for landing Rejecting attachment 300259 [details] from commit-queue. New failing tests: http/tests/media/track-in-band-hls-metadata-crash.html Full output: http://webkit-queues.webkit.org/results/2981523
WebKit Commit Bot
Comment 12 2017-01-31 15:29:40 PST
Created attachment 300270 [details] Archive of layout-test-results from webkit-cq-01 for mac-elcapitan The attached test failures were seen while running run-webkit-tests on the commit-queue. Bot: webkit-cq-01 Port: mac-elcapitan Platform: Mac OS X 10.11.6
Build Bot
Comment 13 2017-01-31 15:44:22 PST
Comment on attachment 300259 [details] Patch for landing Attachment 300259 [details] did not pass mac-debug-ews (mac): Output: http://webkit-queues.webkit.org/results/2981541 New failing tests: http/tests/media/track-in-band-hls-metadata-crash.html
Build Bot
Comment 14 2017-01-31 15:44:27 PST
Created attachment 300276 [details] Archive of layout-test-results from ews117 for mac-elcapitan The attached test failures were seen while running run-webkit-tests on the mac-debug-ews. Bot: ews117 Port: mac-elcapitan Platform: Mac OS X 10.11.6
Build Bot
Comment 15 2017-01-31 15:45:12 PST
Comment on attachment 300259 [details] Patch for landing Attachment 300259 [details] did not pass mac-wk2-ews (mac-wk2): Output: http://webkit-queues.webkit.org/results/2981601 New failing tests: http/tests/media/track-in-band-hls-metadata-crash.html
Build Bot
Comment 16 2017-01-31 15:45:17 PST
Created attachment 300277 [details] Archive of layout-test-results from ews105 for mac-elcapitan-wk2 The attached test failures were seen while running run-webkit-tests on the mac-wk2-ews. Bot: ews105 Port: mac-elcapitan-wk2 Platform: Mac OS X 10.11.6
Jer Noble
Comment 17 2017-02-01 09:57:38 PST
Created attachment 300334 [details] Patch for landing
WebKit Commit Bot
Comment 18 2017-02-01 10:23:46 PST
Comment on attachment 300334 [details] Patch for landing Clearing flags on attachment: 300334 Committed r211495: <http://trac.webkit.org/changeset/211495>
Note You need to log in before you can comment on or make changes to this bug.