WebKit Bugzilla
New
Browse
Log In
×
Sign in with GitHub
or
Remember my login
Create Account
·
Forgot Password
Forgotten password account recovery
RESOLVED WORKSFORME
57487
chrome.dll!WebCore::RenderBlock::findNextLineBreak ReadAV@NULL (bb0085b7cdfcb99eb1362265d1fea9f0)
https://bugs.webkit.org/show_bug.cgi?id=57487
Summary
chrome.dll!WebCore::RenderBlock::findNextLineBreak ReadAV@NULL (bb0085b7cdfcb...
Berend-Jan Wever
Reported
2011-03-30 11:39:55 PDT
Created
attachment 87583
[details]
Repro Chromium:
http://code.google.com/p/chromium/issues/detail?id=77933
Repro: <details><style>:first-line{ -webkit-perspective-origin:3;}</style> webcore\rendering\renderblocklinelayout.cpp: InlineIterator RenderBlock::findNextLineBreak(InlineBidiResolver& resolver, bool firstLine, bool& isLineEmpty, LineBreakIteratorInfo& lineBreakIteratorInfo, bool& previousLineBrokeCleanly, bool& hyphenated, EClear* clear, FloatingObject* lastFloatFromPreviousLine, Vector<RenderBox*>& positionedBoxes) { <snip> RenderStyle* style = t->style(firstLine); if (style->hasTextCombine() && o->isCombineText()) style is NULL, causing a NULL ptr read accessv violation: id: chrome.dll!WebCore::RenderBlock::findNextLineBreak ReadAV@NULL (bb0085b7cdfcb99eb1362265d1fea9f0) description: Attempt to read from unallocated NULL pointer+0x1C in chrome.dll!WebCore::RenderBlock::findNextLineBreak stack: chrome.dll!WebCore::RenderBlock::findNextLineBreak chrome.dll!WebCore::RenderBlock::layoutInlineChildren chrome.dll!WebCore::RenderBlock::layoutBlock chrome.dll!WebCore::RenderBlock::layout chrome.dll!WebCore::RenderBlock::layoutBlockChild chrome.dll!WebCore::RenderBlock::layoutBlockChildren chrome.dll!WebCore::RenderBlock::layoutBlock chrome.dll!WebCore::RenderBlock::layout chrome.dll!WebCore::RenderBlock::layoutBlockChild chrome.dll!WebCore::RenderBlock::layoutBlockChildren chrome.dll!WebCore::RenderBlock::layoutBlock chrome.dll!WebCore::RenderBlock::layout chrome.dll!WebCore::RenderDetails::layout chrome.dll!WebCore::RenderBlock::layoutBlockChild chrome.dll!WebCore::RenderBlock::layoutBlockChildren chrome.dll!WebCore::RenderBlock::layoutBlock chrome.dll!WebCore::RenderBlock::layout chrome.dll!WebCore::RenderBlock::layoutBlockChild chrome.dll!WebCore::RenderBlock::layoutBlockChildren chrome.dll!WebCore::RenderBlock::layoutBlock chrome.dll!WebCore::RenderBlock::layout chrome.dll!WebCore::RenderBlock::layoutBlockChild chrome.dll!WebCore::RenderBlock::layoutBlockChildren chrome.dll!WebCore::RenderBlock::layoutBlock chrome.dll!WebCore::RenderBlock::layout chrome.dll!WebCore::RenderView::layout chrome.dll!WebCore::FrameView::layout chrome.dll!WebCore::FrameView::updateLayoutAndStyleIfNeededRecursive chrome.dll!RenderWidget::DoDeferredUpdate chrome.dll!RenderWidget::CallDoDeferredUpdate chrome.dll!MessageLoop::RunTask chrome.dll!MessageLoop::DoWork chrome.dll!base::MessagePumpDefault::Run chrome.dll!MessageLoop::RunInternal chrome.dll!MessageLoop::Run chrome.dll!RendererMain
Attachments
Repro
(68 bytes, text/html)
2011-03-30 11:39 PDT
,
Berend-Jan Wever
no flags
Details
Patch
(2.53 KB, patch)
2011-04-04 05:58 PDT
,
Emil A Eklund
mitz: review-
Details
Formatted Diff
Diff
Show Obsolete
(1)
View All
Add attachment
proposed patch, testcase, etc.
Emil A Eklund
Comment 1
2011-04-04 05:58:06 PDT
Created
attachment 88052
[details]
Patch
Levi Weintraub
Comment 2
2011-04-04 06:04:07 PDT
Comment on
attachment 88052
[details]
Patch View in context:
https://bugs.webkit.org/attachment.cgi?id=88052&action=review
> Source/WebCore/rendering/RenderObject.cpp:2375 > + return style ? style : m_style.get();
Yup, this was my fix too, but I'd set style to 0 on 2361 to start. We don't need to set it to reference m_style.get() twice.
Levi Weintraub
Comment 3
2011-04-04 06:28:39 PDT
***
Bug 57751
has been marked as a duplicate of this bug. ***
mitz
Comment 4
2011-04-04 08:14:38 PDT
Comment on
attachment 88052
[details]
Patch Whatever is causing this, which is most likely a bug in <details> needs to be fixed.
Emil A Eklund
Comment 5
2011-04-04 08:16:57 PDT
Comment on
attachment 88052
[details]
Patch Good point, I'll see if I can track down the root cause.
Berend-Jan Wever
Comment 6
2011-07-28 01:13:33 PDT
This appears to have been fixed by now.
Note
You need to
log in
before you can comment on or make changes to this bug.
Top of Page
Format For Printing
XML
Clone This Bug