WebKit Bugzilla
New
Browse
Log In
×
Sign in with GitHub
or
Remember my login
Create Account
·
Forgot Password
Forgotten password account recovery
RESOLVED FIXED
39042
r59270
causes crashes on some pages
https://bugs.webkit.org/show_bug.cgi?id=39042
Summary
r59270 causes crashes on some pages
Simon Fraser (smfr)
Reported
2010-05-12 21:36:39 PDT
r59270
caused a crash with some internal test content. Crash stack looks like: Thread 0 Crashed: Dispatch queue: com.apple.main-thread 0 ??? 000000000000000000 0 + 0 1 com.apple.WebCore 0x0000000100dada06 WebCore::RenderInline::destroy() + 38 2 com.apple.WebCore 0x0000000100c66a9b WebCore::RenderBlock::destroy() + 43 3 com.apple.WebCore 0x0000000100dada06 WebCore::RenderInline::destroy() + 38 4 com.apple.WebCore 0x0000000100dada06 WebCore::RenderInline::destroy() + 38 5 com.apple.WebCore 0x0000000100c66a9b WebCore::RenderBlock::destroy() + 43 6 com.apple.WebCore 0x0000000100dada06 WebCore::RenderInline::destroy() + 38 7 com.apple.WebCore 0x0000000100dada06 WebCore::RenderInline::destroy() + 38 8 com.apple.WebCore 0x0000000100c66a13 WebCore::Node::detach() + 35 9 com.apple.WebCore 0x0000000100c668cb WebCore::Element::detach() + 107 10 com.apple.WebCore 0x0000000100c6683c WebCore::ContainerNode::detach() + 44 11 com.apple.WebCore 0x0000000100c668cb WebCore::Element::detach() + 107 12 com.apple.WebCore 0x0000000100c6683c WebCore::ContainerNode::detach() + 44 13 com.apple.WebCore 0x0000000100c668cb WebCore::Element::detach() + 107 14 com.apple.WebCore 0x0000000100c6683c WebCore::ContainerNode::detach() + 44 15 com.apple.WebCore 0x0000000100c668cb WebCore::Element::detach() + 107 16 com.apple.WebCore 0x0000000100c6683c WebCore::ContainerNode::detach() + 44 17 com.apple.WebCore 0x0000000100c668cb WebCore::Element::detach() + 107 18 com.apple.WebCore 0x0000000100c6683c WebCore::ContainerNode::detach() + 44 19 com.apple.WebCore 0x0000000100c668cb WebCore::Element::detach() + 107 20 com.apple.WebCore 0x0000000100d9da67 WebCore::ContainerNode::removeChild(WebCore::Node*, int&) + 263 21 com.apple.WebCore 0x0000000100e26633 WebCore::HTMLParser::handleResidualStyleCloseTagAcrossBlocks(WebCore::HTMLStackElem*) + 2115 22 com.apple.WebCore 0x0000000100c80fec WebCore::HTMLParser::popBlock(WebCore::AtomicString const&, bool) + 172 23 com.apple.WebCore 0x0000000100c7aaeb WebCore::HTMLParser::processCloseTag(WebCore::Token*) + 171 24 com.apple.WebCore 0x0000000100c76dbb WebCore::HTMLParser::parseToken(WebCore::Token*) + 779
Attachments
Add attachment
proposed patch, testcase, etc.
Simon Fraser (smfr)
Comment 1
2010-05-12 21:40:40 PDT
irc convo: smfr: but isRenderBlock() is always going to return true there hyatt: oh that's supposed to be isBlockFlow hyatt: no that's not right either hyatt: bah hyatt: ummm crap there may not be a method to express this hyatt: but yeah isRenderBlock is wrong since it applies to subclasses hyatt: like you dont' want to change the state of tables or flexboxes smfr: maybe we should back out (again) hyatt: yeah i think this may require a new method
Simon Fraser (smfr)
Comment 2
2010-05-12 21:42:12 PDT
Rollout via
bug 39044
.
Simon Fraser (smfr)
Comment 3
2010-05-12 21:46:55 PDT
Rollout complete:
http://trac.webkit.org/changeset/59341
Note
You need to
log in
before you can comment on or make changes to this bug.
Top of Page
Format For Printing
XML
Clone This Bug