276677 2024-07-16 13:28:50 -0700 [REGRESSION] LocalDOMWindow::getMatchedCSSRules asserts when passed null/empty pseudoElement 2024-07-19 10:26:30 -0700 1 1 1 Unclassified WebKit CSS Safari 18 All All RESOLVED FIXED InRadar P2 Major --- 1 jonathan webkit-unassigned koivisto webkit-bug-importer oldest_to_newest 2046541 0 jonathan 2024-07-16 13:28:50 -0700 In debug builds, calling LocalDOMWindow::getMatchedCSSRules with a null or empty pseudoElement parameter results in an assertion failure in PseudoElementRequest(). In release builds, getMatchedCSSRules incorrectly returns null. This API, while deprecated, is still exposed to Obj-C clients via -[DOMDocument getMatchedCSSRules:pseudoElement:authorOnly:], and our macOS application [1] relies on it working correctly. Our app is currently broken on the macOS Sequoia beta builds due to this bug. It looks like this is the commit that inadvertently caused the issue: https://github.com/WebKit/WebKit/commit/4d69396f11340703fd2c7cffc87e2ed11b26633f In that commit, two changes combined to create the bug: (1) The signature for Resolver::pseudoStyleRulesForElement changed (the pseudoId parameter is now a std::optional<PseudoId> instead of PseudoId) (2) The PseudoElementRequest constructor was modified to assert pseudoId != PseudoId::None When LocalDOMWindow::getMatchedCSSRules is called with an empty pseudoElement parameter, it ends up calling pseudoStyleRulesForElement with PseudoId::None, which triggers the assertion. Proposed Fix: The method getMatchedCSSRules should be changed to call pseudoStyleRulesForElement with std::nullopt instead of PseudoId::None. LocalDOMWindow.cpp:1636: - auto pseudoId = pseudoElementIdentifier ? pseudoElementIdentifier->pseudoId : PseudoId::None; + std::optional<PseudoId> pseudoId; + if (pseudoElementIdentifier) + pseudoId = pseudoElementIdentifier->pseudoId; Thanks, Jonathan [1]: https://directmailmac.com 2046542 1 471896 jonathan 2024-07-16 13:31:11 -0700 Created attachment 471896 Patch to fix LocalDOMWindow::getMatchedCSSRules 2046727 2 jonathan 2024-07-17 07:59:58 -0700 Pull request: https://github.com/WebKit/WebKit/pull/30906 2047005 3 ews-feeder 2024-07-18 07:44:54 -0700 Committed 281088@main (9b380bdb5e47): <https://commits.webkit.org/281088@main> Reviewed commits have been landed. Closing PR #30906 and removing active labels. 2047006 4 webkit-bug-importer 2024-07-18 07:45:18 -0700 <rdar://problem/132009080> 2047213 5 ews-feeder 2024-07-19 10:26:30 -0700 Committed 280938.67@integration/ci/132009080_9b380bdb5e_safari-7619-branch (372659bf557d): <https://commits.webkit.org/280938.67@integration/ci/132009080_9b380bdb5e_safari-7619-branch> Reviewed commits have been landed. Closing PR #1433 and removing active labels. 471896 2024-07-16 13:31:11 -0700 2024-07-16 13:31:11 -0700 Patch to fix LocalDOMWindow::getMatchedCSSRules patch text/plain 755 jonathan LS0tIExvY2FsRE9NV2luZG93Lm9sZC5jcHAJMjAyNC0wNy0xNiAxMzoyOToyNQorKysgTG9jYWxE T01XaW5kb3cuY3BwCTIwMjQtMDctMTYgMTI6Mzg6MjUKQEAgLTE2MzMsOCArMTYzMywxMCBAQAog ICAgIGF1dG8gW3BzZXVkb0VsZW1lbnRJc1BhcnNhYmxlLCBwc2V1ZG9FbGVtZW50SWRlbnRpZmll cl0gPSBDU1NTZWxlY3RvclBhcnNlcjo6cGFyc2VQc2V1ZG9FbGVtZW50KHBzZXVkb0VsZW1lbnQs IHBhcnNlckNvbnRleHQpOwogICAgIGlmICghKHBzZXVkb0VsZW1lbnRJc1BhcnNhYmxlIHx8IChw c2V1ZG9FbGVtZW50SWRlbnRpZmllciAmJiAhcHNldWRvRWxlbWVudElkZW50aWZpZXItPm5hbWVB cmd1bWVudC5pc051bGwoKSkpICYmICFwc2V1ZG9FbGVtZW50LmlzRW1wdHkoKSkKICAgICAgICAg cmV0dXJuIG51bGxwdHI7Ci0gICAgYXV0byBwc2V1ZG9JZCA9IHBzZXVkb0VsZW1lbnRJZGVudGlm aWVyID8gcHNldWRvRWxlbWVudElkZW50aWZpZXItPnBzZXVkb0lkIDogUHNldWRvSWQ6Ok5vbmU7 Ci0KKyAgICBzdGQ6Om9wdGlvbmFsPFBzZXVkb0lkPiBwc2V1ZG9JZDsKKyAgICBpZiAocHNldWRv RWxlbWVudElkZW50aWZpZXIpCisgICAgICAgIHBzZXVkb0lkID0gcHNldWRvRWxlbWVudElkZW50 aWZpZXItPnBzZXVkb0lkOworICAgIAogICAgIFJlZlB0ciBmcmFtZSA9IHRoaXMtPmZyYW1lKCk7 CiAgICAgZnJhbWUtPnByb3RlY3RlZERvY3VtZW50KCktPnN0eWxlU2NvcGUoKS5mbHVzaFBlbmRp bmdVcGRhdGUoKTsKIAo=