12467 2007-01-29 15:08:06 -0800 REGRESSION: Loading webarchive with empty frame source crashes WebKit ToT 2007-01-31 04:54:08 -0800 1 1 1 Unclassified WebKit WebKit Misc. 420+ Mac OS X 10.4 RESOLVED FIXED HasReduction, InRadar, Regression P1 Normal --- 1 ddkilzer webkit-unassigned jim.correia mjs oldest_to_newest 30806 0 ddkilzer 2007-01-29 15:08:06 -0800 Summary: Loading a webarchive file containing a frame with no source crashes WebKit ToT. Steps to reproduce. 1. Open Safari/WebKit. 2. Open test webarchive. Expected results: Safari/WebKit should not crash. Actual results: Safari/WebKit crashes. Regression: This does not occur on shipping Safari 2.0.4 (419.3) on Mac OS X 10.4.8 (8N1037). Confirmed crash with locally-built debug build of WebKit r19232 with Safari 2.0.4 (419.3) on Mac OS X 10.4.8 (8N1037). Notes: This bug was separate from Bug 12463 after I misunderstood the original issue and happened upon a different bug. Jim Correia filed this Radar bug for this issue (which is probably missing a nil check in the frame loader code per Bug 12463 Comment #6): <rdar://problem/4961915> 30805 1 12762 ddkilzer 2007-01-29 15:14:04 -0800 Created attachment 12762 Test webarchive (will crash ToT!) This is a webarchive of Attachment 12750 from Bug 12463. 30797 2 12763 ddkilzer 2007-01-29 15:14:57 -0800 Created attachment 12763 Stack trace 30777 3 ddkilzer 2007-01-29 16:33:19 -0800 Jim Correia wrote: (In reply to comment #0) > Jim Correia filed this Radar bug for this issue (which is probably missing a > nil check in the frame loader code per Bug 12463 Comment #6): > > <rdar://problem/4961915> Sorry if my brevity introduced confusion. That radar refers to duplicate page elements resultant from Safari archiving the current DOM instead of the data source. It was meant as an explanation for why I am archiving the data source and not the DOM (therefore why this 12463 affects my application and not Safari.) This bug - 12467 - is a wholly separate issue. 30775 4 ddkilzer 2007-01-29 16:36:36 -0800 (In reply to comment #3) > (In reply to comment #0) > > Jim Correia filed this Radar bug for this issue (which is probably missing a > > nil check in the frame loader code per Bug 12463 Comment #6): > > > > <rdar://problem/4961915> > > Sorry if my brevity introduced confusion. That radar refers to duplicate page > elements resultant from Safari archiving the current DOM instead of the data > source. It was meant as an explanation for why I am archiving the data source > and not the DOM (therefore why this 12463 affects my application and not > Safari.) That sounds like Bug 7266. I have a fix for that, but I need to fix Bug 11882 first. 30773 5 jim.correia 2007-01-29 16:46:40 -0800 rdar://problem/4424647 also fits in (archives don't work in "offline" mode) I filed that in radar only on 1/27/2006 and it was closed as a duplicate. (I couldn't find an equivalent bug in WebKit Bugzilla, but may have overlooked it.0 30772 6 ddkilzer 2007-01-29 16:51:35 -0800 (In reply to comment #5) > rdar://problem/4424647 also fits in (archives don't work in "offline" mode) > > I filed that in radar only on 1/27/2006 and it was closed as a duplicate. (I > couldn't find an equivalent bug in WebKit Bugzilla, but may have overlooked > it. That's probably because the current implementation misses some resources when it saves the webarchive, most notably anything referred to from CSS. Some relevant bugs: Bug 11839 Bug 11850 Bug 12025 29879 7 ddkilzer 2007-01-31 04:53:14 -0800 <rdar://problem/4963871> 29877 8 ddkilzer 2007-01-31 04:54:08 -0800 Committed by mjs in r19281. 12762 2007-01-29 15:14:04 -0800 2007-01-29 15:14:04 -0800 Test webarchive (will crash ToT!) bug-12463.webarchive application/x-webarchive 838 ddkilzer YnBsaXN0MDDSAQIDDl8QD1dlYk1haW5SZXNvdXJjZV8QE1dlYlN1YmZyYW1lQXJjaGl2ZXPVBAUG BwgJCgsMDV8QE1dlYlJlc291cmNlTUlNRVR5cGVfEA9XZWJSZXNvdXJjZURhdGFfEBtXZWJSZXNv dXJjZVRleHRFbmNvZGluZ05hbWVfEBRXZWJSZXNvdXJjZUZyYW1lTmFtZV5XZWJSZXNvdXJjZVVS TFl0ZXh0L2h0bWxPEQHIPCFET0NUWVBFIEhUTUwgUFVCTElDICItLy9XM0MvL0RURCBIVE1MIDQu MDEgVHJhbnNpdGlvbmFsLy9FTiIgImh0dHA6Ly93d3cudzMub3JnL1RSL2h0bWw0L2xvb3NlLmR0 ZCI+PCFET0NUWVBFIEhUTUwgUFVCTElDICItLy9XM0MvL0RURCBIVE1MIDQuMDEgVHJhbnNpdGlv bmFsLy9FTiIgImh0dHA6Ly93d3cudzMub3JnL1RSL2h0bWw0L2xvb3NlLmR0ZCI+PGh0bWw+PGhl YWQ+Cgk8dGl0bGU+RW1wdHkgaUZyYW1lIGNhdXNlcyBhcmNoaXZlIGV4Y2VwdGlvbjwvdGl0bGU+ CjwvaGVhZD48Ym9keT4KCjxwPgpIZXJlIGxpZXMgYW4gYGlmcmFtZWAgd2l0aCBubyBjb250ZW50 L3NyYzoKPC9wPjxwPgoKPGlmcmFtZSBpZD0iZW1wdHlGcmFtZSIgc3R5bGU9IndpZHRoOiAxMDAl OyBoZWlnaHQ6IDEwMHB4OyBib3JkZXI6IHNvbGlkIDJweCByZWQ7Ij48L2lmcmFtZT4KCgoKPC9w PjwvYm9keT48L2h0bWw+VVVURi04UF8QLmh0dHA6Ly9idWdzLndlYmtpdC5vcmcvYXR0YWNobWVu dC5jZ2k/aWQ9MTI3NTChD9EBENUEBQYHCAkRCxITTxAaPGh0bWw+PGJvZHk+PC9ib2R5PjwvaHRt bD5aZW1wdHlGcmFtZVthYm91dDpibGFuawAIAA0AHwA1AEAAVgBoAIYAnQCsALYCggKIAokCugK8 Ar8CygLnAvIAAAAAAAACAQAAAAAAAAAUAAAAAAAAAAAAAAAAAAAC/g== 12763 2007-01-29 15:14:57 -0800 2007-01-29 15:14:57 -0800 Stack trace bug-12463-stack.txt text/plain 2055 ddkilzer RXhjZXB0aW9uOiAgRVhDX0JBRF9BQ0NFU1MgKDB4MDAwMSkKQ29kZXM6ICAgICAgS0VSTl9QUk9U RUNUSU9OX0ZBSUxVUkUgKDB4MDAwMikgYXQgMHgwMDAwMDAwYwoKVGhyZWFkIDAgQ3Jhc2hlZDoK MCAgIGNvbS5hcHBsZS5XZWJDb3JlICAgICAgICAgICAgICAJMHgwMTBkYWI5ZiBXZWJDb3JlOjpG cmFtZTo6bG9hZGVyKCkgY29uc3QgKyA5IChGcmFtZS5jcHA6MjMyKQoxICAgY29tLmFwcGxlLldl YkNvcmUgICAgICAgICAgICAgIAkweDAxM2M0MWZkIFdlYkNvcmU6OkRvY3VtZW50TG9hZGVyOjpm aW5pc2hlZExvYWRpbmcoKSArIDY5IChEb2N1bWVudExvYWRlci5jcHA6Mjg5KQoyICAgY29tLmFw cGxlLldlYkNvcmUgICAgICAgICAgICAgIAkweDAxM2JjMWM4IFdlYkNvcmU6OkZyYW1lTG9hZGVy OjpmaW5pc2hlZExvYWRpbmcoKSArIDcyIChGcmFtZUxvYWRlci5jcHA6MjUxNSkKMyAgIGNvbS5h cHBsZS5XZWJDb3JlICAgICAgICAgICAgICAJMHgwMTNjNTkxOSBXZWJDb3JlOjpNYWluUmVzb3Vy Y2VMb2FkZXI6OmRpZEZpbmlzaExvYWRpbmcoKSArIDIxMSAoTWFpblJlc291cmNlTG9hZGVyLmNw cDoyOTkpCjQgICBjb20uYXBwbGUuV2ViQ29yZSAgICAgICAgICAgICAgCTB4MDEzYzZmZjYgV2Vi Q29yZTo6UmVzb3VyY2VMb2FkZXI6OmRpZEZpbmlzaExvYWRpbmcoV2ViQ29yZTo6UmVzb3VyY2VI YW5kbGUqKSArIDI0CjUgICBjb20uYXBwbGUuV2ViQ29yZSAgICAgICAgICAgICAgCTB4MDEzYTYy NjUgLVtXZWJDb3JlUmVzb3VyY2VIYW5kbGVBc0RlbGVnYXRlIGNvbm5lY3Rpb25EaWRGaW5pc2hM b2FkaW5nOl0gKyA3OSAoUmVzb3VyY2VIYW5kbGVNYWMubW06MzY4KQo2ICAgY29tLmFwcGxlLkZv dW5kYXRpb24gICAgICAgICAgIAkweDkyNjVlZTAwIC1bTlNVUkxDb25uZWN0aW9uKE5TVVJMQ29u bmVjdGlvbkludGVybmFsKSBfc2VuZERpZEZpbmlzaExvYWRpbmdDYWxsYmFja10gKyAxNzYKNyAg IGNvbS5hcHBsZS5Gb3VuZGF0aW9uICAgICAgICAgICAJMHg5MjY1Y2VhNSAtW05TVVJMQ29ubmVj dGlvbihOU1VSTENvbm5lY3Rpb25JbnRlcm5hbCkgX3NlbmRDYWxsYmFja3NdICsgNzQ4CjggICBj b20uYXBwbGUuRm91bmRhdGlvbiAgICAgICAgICAgCTB4OTI2NWNiNDEgX3NlbmRDYWxsYmFja3Mg KyAyMDEKOSAgIGNvbS5hcHBsZS5Db3JlRm91bmRhdGlvbiAgICAgICAJMHg5MDgyYWZkMiBDRlJ1 bkxvb3BSdW5TcGVjaWZpYyArIDEyMTMKMTAgIGNvbS5hcHBsZS5Db3JlRm91bmRhdGlvbiAgICAg ICAJMHg5MDgyYWIwZSBDRlJ1bkxvb3BSdW5Jbk1vZGUgKyA2MQoxMSAgY29tLmFwcGxlLkhJVG9v bGJveCAgICAgICAgICAgIAkweDkyZGRhYmVmIFJ1bkN1cnJlbnRFdmVudExvb3BJbk1vZGUgKyAy ODUKMTIgIGNvbS5hcHBsZS5ISVRvb2xib3ggICAgICAgICAgICAJMHg5MmRkYTIzNCBSZWNlaXZl TmV4dEV2ZW50Q29tbW9uICsgMTg0CjEzICBjb20uYXBwbGUuSElUb29sYm94ICAgICAgICAgICAg CTB4OTJkZGExNTQgQmxvY2tVbnRpbE5leHRFdmVudE1hdGNoaW5nTGlzdEluTW9kZSArIDgxCjE0 ICBjb20uYXBwbGUuQXBwS2l0ICAgICAgICAgICAgICAgCTB4OTMyN2Y0NjUgX0RQU05leHRFdmVu dCArIDU3MgoxNSAgY29tLmFwcGxlLkFwcEtpdCAgICAgICAgICAgICAgIAkweDkzMjdmMDU2IC1b TlNBcHBsaWNhdGlvbiBuZXh0RXZlbnRNYXRjaGluZ01hc2s6dW50aWxEYXRlOmluTW9kZTpkZXF1 ZXVlOl0gKyAxMzcKMTYgIGNvbS5hcHBsZS5TYWZhcmkgICAgICAgICAgICAgICAJMHgwMDAwNmNl YSAweDEwMDAgKyAyMzc4NgoxNyAgY29tLmFwcGxlLkFwcEtpdCAgICAgICAgICAgICAgIAkweDkz Mjc4ZGRiIC1bTlNBcHBsaWNhdGlvbiBydW5dICsgNTEyCjE4ICBjb20uYXBwbGUuQXBwS2l0ICAg ICAgICAgICAgICAgCTB4OTMyNmNkMmYgTlNBcHBsaWNhdGlvbk1haW4gKyA1NzMKMTkgIGNvbS5h cHBsZS5TYWZhcmkgICAgICAgICAgICAgICAJMHgwMDA1ZjU0YSAweDEwMDAgKyAzODYzNzgKMjAg IGNvbS5hcHBsZS5TYWZhcmkgICAgICAgICAgICAgICAJMHgwMDA1ZjQ3MSAweDEwMDAgKyAzODYx NjEK