[Webkit-unassigned] [Bug 17313] querySelectorAll() causing crashes when called via dojo.query() wrapper
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Mon Mar 3 04:11:12 PST 2008
http://bugs.webkit.org/show_bug.cgi?id=17313
------- Comment #15 from mrowe at apple.com 2008-03-03 04:11 PDT -------
Created an attachment (id=19493)
--> (http://bugs.webkit.org/attachment.cgi?id=19493&action=view)
Transcript of debugging session from point of bogus write
Points of interest here are that childStyle looks like garbage when interpreted
as a RenderStyle ($3), but looks sane and matches the InlineTextBox at point of
crash when interpreted as an InlineTextBox ($4). The transcript also shows the
instruction that stores 0x1000 into memory, and that the address of the store
corresponds to the offset of the m_nextLine member of an InlineTextBox
instance.
--
Configure bugmail: http://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
More information about the webkit-unassigned
mailing list