[Webkit-unassigned] [Bug 167756] New: Nullptr crash under styleForFirstLetter

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Thu Feb 2 14:23:36 PST 2017 

https://bugs.webkit.org/show_bug.cgi?id=167756

            Bug ID: 167756
           Summary: Nullptr crash under styleForFirstLetter
    Classification: Unclassified
           Product: WebKit
           Version: WebKit Nightly Build
          Hardware: Unspecified
                OS: Unspecified
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: Layout and Rendering
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: koivisto at iki.fi
                CC: bfulgham at webkit.org, simon.fraser at apple.com,
                    zalan at apple.com

Thread 0 name:  Dispatch queue: com.apple.main-thread
Thread 0 Crashed ↩:
0   WebCore                           0x1fb5bd26 WebCore::RenderStyle::clone(WebCore::RenderStyle const&) + 0 (Ref.h:142)
1   WebCore                           0x1fabdcda WebCore::styleForFirstLetter(WebCore::RenderElement const&, WebCore::RenderObject const&) + 86 (RenderBlock.cpp:3020)
2   WebCore                           0x1fabe1ac WebCore::RenderBlock::createFirstLetterRenderer(WebCore::RenderElement*, WebCore::RenderText*) + 24 (RenderBlock.cpp:3144)
3   WebCore                           0x1fabe678 WebCore::RenderBlock::updateFirstLetter(WebCore::RenderBlock::RenderTreeMutationIsAllowed) + 96 (RenderBlock.cpp:3296)
4   WebCore                           0x1f173ef8 WebCore::RenderBlock::layout() + 30 (RenderBlock.cpp:1056)
5   WebCore                           0x1fac6fde WebCore::RenderBlockFlow::insertFloatingObject(WebCore::RenderBox&) + 356 (RenderElement.h:129)
6   WebCore                           0x1f9d97f6 WebCore::LineBreaker::skipLeadingWhitespace(WebCore::BidiResolverWithIsolate<WebCore::InlineIterator, WebCore::BidiRun, WebCore::BidiIsolatedRun>&, WebCore::LineInfo&, WebCore::FloatingObject*, WebCore::LineWidth&) + 326 (LineBreaker.cpp:69)
7   WebCore                           0x1f9d9974 WebCore::LineBreaker::nextLineBreak(WebCore::BidiResolverWithIsolate<WebCore::InlineIterator, WebCore::BidiRun, WebCore::BidiIsolatedRun>&, WebCore::LineInfo&, WebCore::LineLayoutState&, WebCore::RenderTextInfo&, WebCore::FloatingObject*, unsigned int, WTF::Vector<WebCore::WordMeasurement, 64ul, WTF::CrashOnOverflow, 16ul>&) + 174 (LineBreaker.cpp:90)
8   WebCore                           0x1fad1fda WebCore::RenderBlockFlow::layoutRunsAndFloatsInRange(WebCore::LineLayoutState&, WebCore::BidiResolverWithIsolate<WebCore::InlineIterator, WebCore::BidiRun, WebCore::BidiIsolatedRun>&, WebCore::InlineIterator const&, WebCore::BidiStatus const&, unsigned int) + 634 (RenderBlockLineLayout.cpp:1371)
9   WebCore                           0x1fad1092 WebCore::RenderBlockFlow::layoutRunsAndFloats(WebCore::LineLayoutState&, bool) + 680 (RenderBlockLineLayout.cpp:1324)
10  WebCore                           0x1fad3fd6 WebCore::RenderBlockFlow::layoutLineBoxes(bool, WebCore::LayoutUnit&, WebCore::LayoutUnit&) + 1298 (RenderBlockLineLayout.cpp:1750)
11  WebCore                           0x1fac5e34 WebCore::RenderBlockFlow::layoutBlock(bool, WebCore::LayoutUnit) + 880 (RenderBlockFlow.cpp:686)
12  WebCore                           0x1f173f06 WebCore::RenderBlock::layout() + 44 (RenderBlock.cpp:1060)

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.webkit.org/pipermail/webkit-unassigned/attachments/20170202/b6b802f3/attachment.html>

More information about the webkit-unassigned mailing list