[Webkit-unassigned] [Bug 82402] ASSERT_NOT_REACHED in SelectorChecker::checkOneSelector

Thu Mar 29 15:46:41 PDT 2012

https://bugs.webkit.org/show_bug.cgi?id=82402

Alexey Proskuryakov <ap at webkit.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
            Summary|Crash in                    |ASSERT_NOT_REACHED in
                   |WebKit!WKBackForwardListIte |SelectorChecker::checkOneSe
                   |mGetTypeID+0x3f72a.         |lector
             Status|UNCONFIRMED                 |NEW
                 CC|                            |ap at webkit.org,
                   |                            |jchaffraix at webkit.org,
                   |                            |koivisto at iki.fi,
                   |                            |macpherson at chromium.org
     Ever Confirmed|0                           |1

--- Comment #2 from Alexey Proskuryakov <ap at webkit.org>  2012-03-29 15:46:40 PST ---
With the attached test, I get a null pointer crash in Safari 5.1.5, or an assertion failure in ToT WebKit:

SHOULD NEVER BE REACHED
/Users/ap/Safari/OpenSource/Source/WebCore/css/SelectorChecker.cpp(1166) : bool WebCore::SelectorChecker::checkOneSelector(const WebCore::SelectorChecker::SelectorCheckingContext &, WebCore::PseudoId &) const
1   0x10945d0b3 WebCore::SelectorChecker::checkSelector(WebCore::SelectorChecker::SelectorCheckingContext const&, WebCore::PseudoId&) const
2   0x1083f17e2 WebCore::CSSStyleSelector::checkSelector(WebCore::RuleData const&, WebCore::ContainerNode const*)
3   0x1083d9e51 WebCore::CSSStyleSelector::collectMatchingRulesForList(WTF::Vector<WebCore::RuleData, 0ul> const*, int&, int&, WebCore::CSSStyleSelector::MatchOptions const&)
4   0x1083d9d03 WebCore::CSSStyleSelector::collectMatchingRules(WebCore::RuleSet*, int&, int&, WebCore::CSSStyleSelector::MatchOptions const&)
5   0x1083da7e6 WebCore::CSSStyleSelector::matchAuthorRules(WebCore::CSSStyleSelector::MatchResult&, bool)
6   0x1083dad89 WebCore::CSSStyleSelector::matchAllRules(WebCore::CSSStyleSelector::MatchResult&)
7   0x1083d81f5 WebCore::CSSStyleSelector::styleForElement(WebCore::Element*, WebCore::RenderStyle*, bool, bool, WebCore::RenderRegion*)
8   0x108679d32 WebCore::Element::styleForRenderer()
9   0x108679f39 WebCore::Element::recalcStyle(WebCore::Node::StyleChange)
10  0x10867a6ca WebCore::Element::recalcStyle(WebCore::Node::StyleChange)
11  0x10867a6ca WebCore::Element::recalcStyle(WebCore::Node::StyleChange)
12  0x108499836 WebCore::Document::recalcStyle(WebCore::Node::StyleChange)
13  0x10849a233 WebCore::Document::updateStyleIfNeeded()
14  0x108499f15 WebCore::Document::implicitClose()

The crash in 5.1.5 is possibly same as <rdar://problem/9970343> and/or bug 66291.

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.