[webkit-reviews] review denied: [Bug 88395] Null-pointer crash in InlineFlowBox::computeOverAnnotationAdjustment during rendering/reload race : [Attachment 145948] Patch
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Wed Jun 6 17:02:56 PDT 2012
Tony Chang <tony at chromium.org> has denied dstockwell at chromium.org's request for
review:
Bug 88395: Null-pointer crash in InlineFlowBox::computeOverAnnotationAdjustment
during rendering/reload race
https://bugs.webkit.org/show_bug.cgi?id=88395
Attachment 145948: Patch
https://bugs.webkit.org/attachment.cgi?id=145948&action=review
------- Additional Comments from Tony Chang <tony at chromium.org>
View in context: https://bugs.webkit.org/attachment.cgi?id=145948&action=review
> Source/WebCore/rendering/InlineFlowBox.cpp:1446
> - if (style->textEmphasisMark() != TextEmphasisMarkNone &&
toInlineTextBox(curr)->getEmphasisMarkPosition(style, emphasisMarkPosition) &&
emphasisMarkPosition == TextEmphasisPositionOver) {
> + if (style && style->textEmphasisMark() != TextEmphasisMarkNone
&& toInlineTextBox(curr)->getEmphasisMarkPosition(style, emphasisMarkPosition)
&& emphasisMarkPosition == TextEmphasisPositionOver) {
Do we know why style is null? We should try to figure that out and add the
explanation to the changelog.
> LayoutTests/fast/text/firstline/crash-firstline-detach-reload.html:34
> + location.reload();
We don't want the test to be non-deterministic. You might be able to further
reduce the test case, which might help to understand the crash. I'd be
surprised if everything in the test case is necessary (an embed, a bdo, a
different writing mode, a cursor and old flexbox?)
More information about the webkit-reviews
mailing list