In CSSStyleSelector::SelectorChecker::checkOneSelector and checkSelector in WebCore/css/CSSStyleSelector.cpp, there are multiple occurrence of ternary that looks like: RenderStyle* parentStyle = elementStyle ? elementParentStyle : e->parentNode()->renderStyle(); where it should look like: RenderStyle* parentStyle = elementParentStyle ? elementParentStyle : e->parentNode()->renderStyle(); If I'm reading the code correctly, elementStyle and elementParentStyle are either both NULL or both non-NULL so there isn't any visible problem because of this code. However, I think it's worth fixing so I'm going to attach a patch to fix it. Thanks,
Created attachment 56353 [details] Proposed Patch
Actually, I think this was done on purpose. I would add an assertion that elementParentstyle is null iff elementstyle is null, but not change this code, as it is slightly more robust.
Comment on attachment 56353 [details] Proposed Patch You couldn't find any case where this led to a null-dereference? If you could find a case then it would be best to add a test case to demonstrate the problem. r=me
Comment on attachment 56353 [details] Proposed Patch I am sorry. I should have set to r- based on my comment. Please don’t make this change.
(In reply to comment #3) > (From update of attachment 56353 [details]) > You couldn't find any case where this led to a null-dereference? parentStyle appears to be null-checked everywhere.
Thank you Dan and Darin for prompt review. Since the code is intentional according to Dan, I'm just going to close this issue. Thanks,