RESOLVED FIXED 74321
Don't crash in StyleAttributeMutationScope if the style declaration's element has been GCed 
https://bugs.webkit.org/show_bug.cgi?id=74321
Summary Don't crash in StyleAttributeMutationScope if the style declaration's element...
Adam Klein
Reported 2011-12-12 12:47:25 PST
Don't crash in StyleAttributeMutationScope if the style declaration's element has been GCed
Attachments
Patch (3.95 KB, patch)
2011-12-12 12:48 PST, Adam Klein 		no flags
DetailsFormatted DiffDiff
Added crbug to ChangeLog (4.01 KB, patch)
2011-12-12 14:23 PST, Adam Klein 		no flags
DetailsFormatted DiffDiff
Add ChangeLog details (4.52 KB, patch)
2011-12-12 14:44 PST, Adam Klein 		no flags
DetailsFormatted DiffDiff
Show Obsolete (2) View All Add attachment proposed patch, testcase, etc.
Adam Klein
Comment 1 2011-12-12 12:48:02 PST
Created attachment 118827 [details] Patch
Adam Klein
Comment 2 2011-12-12 14:23:42 PST
Created attachment 118846 [details] Added crbug to ChangeLog
Ryosuke Niwa
Comment 3 2011-12-12 14:24:43 PST
Comment on attachment 118846 [details] Added crbug to ChangeLog View in context: https://bugs.webkit.org/attachment.cgi?id=118846&action=review > Source/WebCore/ChangeLog:8 > + Initially reported as http://crbug.com/107231. You should describe how the crash was caused and how you fixed. The link to crbug.com usually belongs in Bugzilla, not in the changelog.
Adam Klein
Comment 4 2011-12-12 14:27:40 PST
Initially reported as http://crbug.com/107231
Adam Klein
Comment 5 2011-12-12 14:44:37 PST
Created attachment 118853 [details] Add ChangeLog details
Ryosuke Niwa
Comment 6 2011-12-12 14:49:55 PST
Comment on attachment 118853 [details] Add ChangeLog details View in context: https://bugs.webkit.org/attachment.cgi?id=118853&action=review > Source/WebCore/ChangeLog:18 > + In r101101, Rafael Weinstein added code to CSSMutableStyleDeclaration.cpp > + which depended on isInlineStyleDeclaration returning true iff the > + element it pointed to was non-null (it will be nulled-out if the > + element is garbage collected). > + > + Then, in r101172, Andreas Kling changed the semantics so that > + isInlineStyleDeclaration only described the type of the declaration, > + not the state of the related element. > + > + This change updates Rafael's code with an explicit check that the > + element is still alive. Great! Thanks for adding this description. It makes a huge difference when we're going to look at svn blame in the future.
WebKit Review Bot
Comment 7 2011-12-12 16:48:53 PST
Comment on attachment 118853 [details] Add ChangeLog details Clearing flags on attachment: 118853 Committed r102639: <http://trac.webkit.org/changeset/102639>
WebKit Review Bot
Comment 8 2011-12-12 16:48:58 PST
All reviewed patches have been landed. Closing bug.
Note You need to log in before you can comment on or make changes to this bug.