82910 2012-04-02 10:38:01 -0700 REGRESSION (109091): Crash when creating a WebArchive of a page with @page style rules 2012-04-02 11:23:40 -0700 1 1 1 Unclassified WebKit CSS 528+ (Nightly build) All All RESOLVED FIXED InRadar P2 Normal --- 1 beidson beidson koivisto macpherson menard webkit.review.bot oldest_to_newest 593585 0 beidson 2012-04-02 10:38:01 -0700 REGRESSION (98963 and 109091): Crash when creating a WebArchive of a page with @page style rules > 1 com.apple.WebCore 0x7fff8efa3a47 WebCore::StylePropertySet::addSubresourceStyleURLs(WTF::ListHashSet<WebCore::KURL, 256ul, WebCore::KURLHash>&, WebCore::CSSStyleSheet*) + 0x17 2 com.apple.WebCore 0x7fff8ea2291b WebCore::CSSStyleSheet::addSubresourceStyleURLs(WTF::ListHashSet<WebCore::KURL, 256ul, WebCore::KURLHash>&) + 0xfb 3 com.apple.WebCore 0x7fff8ea2280e WebCore::HTMLLinkElement::addSubresourceAttributeURLs(WTF::ListHashSet<WebCore::KURL, 256ul, WebCore::KURLHash>&) const + 0xee 4 com.apple.WebCore 0x7fff8eea0fdd WebCore::LegacyWebArchive::create(WTF::String const&, WebCore::Frame*, WTF::Vector<WebCore::Node*, 0ul> const&, WebCore::FrameFilter*) + 0x50d 5 com.apple.WebCore 0x7fff8eea0a69 WebCore::LegacyWebArchive::create(WebCore::Node*, WebCore::FrameFilter*) + 0x219 6 com.apple.WebKit2 0x7fff8cfd50fb WebKit::WebFrame::webArchiveData(bool (*)(OpaqueWKBundleFrame const*, OpaqueWKBundleFrame const*, void*), void*) + 0x3d The cause is code in CSSStyleSheet::addSubresourceStyleURLs that does: if (rule->isStyleRule() || rule->isPageRule()) static_cast<CSSStyleRule*>(rule)->styleRule()->addSubresourceStyleURLs(urls, this); Page rules are casted to CSSStyleRule* which is bogus. Patch coming soon. In radar as <rdar://problem/11020155> 593588 1 135130 beidson 2012-04-02 10:44:38 -0700 Created attachment 135130 Patch v1 - Fix + layout test 593595 2 135130 koivisto 2012-04-02 10:54:45 -0700 Comment on attachment 135130 Patch v1 - Fix + layout test The patch in bug 82728 refactors the code here and also fixed the bug. The test is nice though. 593604 3 koivisto 2012-04-02 11:07:03 -0700 (In reply to comment #2) > (From update of attachment 135130 [details]) > The patch in bug 82728 refactors the code here and also fixed the bug. The test is nice though. s/fixed/fixes/ 593613 4 beidson 2012-04-02 11:14:46 -0700 Andreas pointed out elsewhere: @page rules used to be style rules prior to <http://trac.webkit.org/changeset/107526>. That's why it worked back then. Of course, it was never necessary to collect sub-resource URLs from them. :/ 593625 5 beidson 2012-04-02 11:23:40 -0700 http://trac.webkit.org/changeset/112913 135130 2012-04-02 10:44:38 -0700 2012-04-02 10:54:45 -0700 Patch v1 - Fix + layout test patch.txt text/plain 4079 beidson ZGlmZiAtLWdpdCBhL0xheW91dFRlc3RzL0NoYW5nZUxvZyBiL0xheW91dFRlc3RzL0NoYW5nZUxv ZwppbmRleCAxODE5YmY4Li5kYWRmMjhiIDEwMDY0NAotLS0gYS9MYXlvdXRUZXN0cy9DaGFuZ2VM b2cKKysrIGIvTGF5b3V0VGVzdHMvQ2hhbmdlTG9nCkBAIC0xLDMgKzEsMTMgQEAKKzIwMTItMDQt MDIgIEJyYWR5IEVpZHNvbiAgPGJlaWRzb25AYXBwbGUuY29tPgorCisgICAgICAgIDxyZGFyOi8v cHJvYmxlbS8xMTAyMDE1NT4gYW5kIGh0dHBzOi8vYnVncy53ZWJraXQub3JnL3Nob3dfYnVnLmNn aT9pZD04MjkxMAorICAgICAgICBSRUdSRVNTSU9OICg5ODk2MyBhbmQgMTA5MDkxKTogIENyYXNo IHdoZW4gY3JlYXRpbmcgYSBXZWJBcmNoaXZlIG9mIGEgcGFnZSB3aXRoIEBwYWdlIHN0eWxlIHJ1 bGVzCisKKyAgICAgICAgUmV2aWV3ZWQgYnkgTk9CT0RZIChPT1BTISkuCisKKyAgICAgICAgKiB3 ZWJhcmNoaXZlL2Nzcy1wYWdlLXJ1bGUtY3Jhc2gtZXhwZWN0ZWQud2ViYXJjaGl2ZTogQWRkZWQu CisgICAgICAgICogd2ViYXJjaGl2ZS9jc3MtcGFnZS1ydWxlLWNyYXNoLmh0bWw6IEFkZGVkLgor CiAyMDEyLTAzLTMwICBDaHJpcyBGbGVpemFjaCAgPGNmbGVpemFjaEBhcHBsZS5jb20+CiAKICAg ICAgICAgQVg6IENyYXNoIGF0IFdlYkNvcmU6OnJlbmRlck9iamVjdENvbnRhaW5zUG9zaXRpb24o V2ViQ29yZTo6UmVuZGVyT2JqZWN0KiwgV2ViQ29yZTo6UG9zaXRpb24gY29uc3QmKQpkaWZmIC0t Z2l0IGEvTGF5b3V0VGVzdHMvd2ViYXJjaGl2ZS9jc3MtcGFnZS1ydWxlLWNyYXNoLWV4cGVjdGVk LndlYmFyY2hpdmUgYi9MYXlvdXRUZXN0cy93ZWJhcmNoaXZlL2Nzcy1wYWdlLXJ1bGUtY3Jhc2gt ZXhwZWN0ZWQud2ViYXJjaGl2ZQpuZXcgZmlsZSBtb2RlIDEwMDY0NAppbmRleCAwMDAwMDAwLi43 NTM1YmU2Ci0tLSAvZGV2L251bGwKKysrIGIvTGF5b3V0VGVzdHMvd2ViYXJjaGl2ZS9jc3MtcGFn ZS1ydWxlLWNyYXNoLWV4cGVjdGVkLndlYmFyY2hpdmUKQEAgLTAsMCArMSw0MCBAQAorPD94bWwg dmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz4KKzwhRE9DVFlQRSBwbGlzdCBQVUJMSUMg Ii0vL0FwcGxlLy9EVEQgUExJU1QgMS4wLy9FTiIgImh0dHA6Ly93d3cuYXBwbGUuY29tL0RURHMv UHJvcGVydHlMaXN0LTEuMC5kdGQiPgorPHBsaXN0IHZlcnNpb249IjEuMCI+Cis8ZGljdD4KKwk8 a2V5PldlYk1haW5SZXNvdXJjZTwva2V5PgorCTxkaWN0PgorCQk8a2V5PldlYlJlc291cmNlRGF0 YTwva2V5PgorCQk8c3RyaW5nPiZsdDtodG1sJmd0OyZsdDtoZWFkJmd0OworJmx0O3NjcmlwdCZn dDsKKworaWYgKHdpbmRvdy5sYXlvdXRUZXN0Q29udHJvbGxlcikKKyAgICBsYXlvdXRUZXN0Q29u dHJvbGxlci5kdW1wRE9NQXNXZWJBcmNoaXZlKCk7CisKKyZsdDsvc2NyaXB0Jmd0OworCismbHQ7 c3R5bGUmZ3Q7CisKK0BwYWdlIHsKKwltYXJnaW46IDJjbTsKK30KKworJmx0Oy9zdHlsZSZndDsK KyZsdDsvaGVhZCZndDsKKworJmx0O2JvZHkmZ3Q7CitUaGlzIHBhZ2UgY29udGFpbnMgYSBAcGFn ZSBzdHlsZSBydWxlLiZsdDticiZndDsKK01ha2luZyBhIFdlYkFyY2hpdmUgb3V0IG9mIGl0IHNo b3VsZCBub3QgY3Jhc2guCisKKyZsdDsvYm9keSZndDsmbHQ7L2h0bWwmZ3Q7PC9zdHJpbmc+CisJ CTxrZXk+V2ViUmVzb3VyY2VGcmFtZU5hbWU8L2tleT4KKwkJPHN0cmluZz48L3N0cmluZz4KKwkJ PGtleT5XZWJSZXNvdXJjZU1JTUVUeXBlPC9rZXk+CisJCTxzdHJpbmc+dGV4dC9odG1sPC9zdHJp bmc+CisJCTxrZXk+V2ViUmVzb3VyY2VUZXh0RW5jb2RpbmdOYW1lPC9rZXk+CisJCTxzdHJpbmc+ VVRGLTg8L3N0cmluZz4KKwkJPGtleT5XZWJSZXNvdXJjZVVSTDwva2V5PgorCQk8c3RyaW5nPmZp bGU6Ly8vTGF5b3V0VGVzdHMvd2ViYXJjaGl2ZS9jc3MtcGFnZS1ydWxlLWNyYXNoLmh0bWw8L3N0 cmluZz4KKwk8L2RpY3Q+Cis8L2RpY3Q+Cis8L3BsaXN0PgpkaWZmIC0tZ2l0IGEvTGF5b3V0VGVz dHMvd2ViYXJjaGl2ZS9jc3MtcGFnZS1ydWxlLWNyYXNoLmh0bWwgYi9MYXlvdXRUZXN0cy93ZWJh cmNoaXZlL2Nzcy1wYWdlLXJ1bGUtY3Jhc2guaHRtbApuZXcgZmlsZSBtb2RlIDEwMDY0NAppbmRl eCAwMDAwMDAwLi42NGUzZGRlCi0tLSAvZGV2L251bGwKKysrIGIvTGF5b3V0VGVzdHMvd2ViYXJj aGl2ZS9jc3MtcGFnZS1ydWxlLWNyYXNoLmh0bWwKQEAgLTAsMCArMSwyMSBAQAorPGhlYWQ+Cis8 c2NyaXB0PgorCitpZiAod2luZG93LmxheW91dFRlc3RDb250cm9sbGVyKQorICAgIGxheW91dFRl c3RDb250cm9sbGVyLmR1bXBET01Bc1dlYkFyY2hpdmUoKTsKKworPC9zY3JpcHQ+CisKKzxzdHls ZT4KKworQHBhZ2UgeworCW1hcmdpbjogMmNtOworfQorCis8L3N0eWxlPgorPC9oZWFkPgorCis8 Ym9keT4KK1RoaXMgcGFnZSBjb250YWlucyBhIEBwYWdlIHN0eWxlIHJ1bGUuPGJyPgorTWFraW5n IGEgV2ViQXJjaGl2ZSBvdXQgb2YgaXQgc2hvdWxkIG5vdCBjcmFzaC4KKzwvYm9keT4KZGlmZiAt LWdpdCBhL1NvdXJjZS9XZWJDb3JlL0NoYW5nZUxvZyBiL1NvdXJjZS9XZWJDb3JlL0NoYW5nZUxv ZwppbmRleCBiNDkwZDFlLi42ODQ5NmViIDEwMDY0NAotLS0gYS9Tb3VyY2UvV2ViQ29yZS9DaGFu Z2VMb2cKKysrIGIvU291cmNlL1dlYkNvcmUvQ2hhbmdlTG9nCkBAIC0xLDMgKzEsMTYgQEAKKzIw MTItMDQtMDIgIEJyYWR5IEVpZHNvbiAgPGJlaWRzb25AYXBwbGUuY29tPgorCisgICAgICAgIDxy ZGFyOi8vcHJvYmxlbS8xMTAyMDE1NT4gYW5kIGh0dHBzOi8vYnVncy53ZWJraXQub3JnL3Nob3df YnVnLmNnaT9pZD04MjkxMAorICAgICAgICBSRUdSRVNTSU9OICg5ODk2MyBhbmQgMTA5MDkxKTog IENyYXNoIHdoZW4gY3JlYXRpbmcgYSBXZWJBcmNoaXZlIG9mIGEgcGFnZSB3aXRoIEBwYWdlIHN0 eWxlIHJ1bGVzCisKKyAgICAgICAgUmV2aWV3ZWQgYnkgTk9CT0RZIChPT1BTISkuCisKKyAgICAg ICAgVGVzdDogd2ViYXJjaGl2ZS9jc3MtcGFnZS1ydWxlLWNyYXNoLmh0bWwKKworICAgICAgICAq IGNzcy9DU1NTdHlsZVNoZWV0LmNwcDoKKyAgICAgICAgKFdlYkNvcmU6OkNTU1N0eWxlU2hlZXQ6 OmFkZFN1YnJlc291cmNlU3R5bGVVUkxzKTogUGFnZSBydWxlcyBkbyBub3QgKGN1cnJlbnRseSkg aGF2ZSBzdWJyZXNvdXJjZSB1cmxzIHRvIGdldCwKKyAgICAgICAgICBhbmQgYXJlIG5vdCBDU1NT dHlsZVJ1bGVzLgorCiAyMDEyLTAzLTMwICBDaHJpcyBGbGVpemFjaCAgPGNmbGVpemFjaEBhcHBs ZS5jb20+CiAKICAgICAgICAgQVg6IENyYXNoIGF0IFdlYkNvcmU6OnJlbmRlck9iamVjdENvbnRh aW5zUG9zaXRpb24oV2ViQ29yZTo6UmVuZGVyT2JqZWN0KiwgV2ViQ29yZTo6UG9zaXRpb24gY29u c3QmKQpkaWZmIC0tZ2l0IGEvU291cmNlL1dlYkNvcmUvY3NzL0NTU1N0eWxlU2hlZXQuY3BwIGIv U291cmNlL1dlYkNvcmUvY3NzL0NTU1N0eWxlU2hlZXQuY3BwCmluZGV4IDQ2ZWViOTkuLjMyMDBi MTUgMTAwNjQ0Ci0tLSBhL1NvdXJjZS9XZWJDb3JlL2Nzcy9DU1NTdHlsZVNoZWV0LmNwcAorKysg Yi9Tb3VyY2UvV2ViQ29yZS9jc3MvQ1NTU3R5bGVTaGVldC5jcHAKQEAgLTQ2MSw3ICs0NjEsNyBA QCB2b2lkIENTU1N0eWxlU2hlZXQ6OmFkZFN1YnJlc291cmNlU3R5bGVVUkxzKExpc3RIYXNoU2V0 PEtVUkw+JiB1cmxzKQogICAgICAgICAgICAgQ1NTUnVsZSogcnVsZSA9IHN0eWxlU2hlZXQtPm1f Y2hpbGRSdWxlc1tpXS5nZXQoKTsKICAgICAgICAgICAgIGlmIChydWxlLT5pc0ZvbnRGYWNlUnVs ZSgpKQogICAgICAgICAgICAgICAgIHN0YXRpY19jYXN0PENTU0ZvbnRGYWNlUnVsZSo+KHJ1bGUp LT5hZGRTdWJyZXNvdXJjZVN0eWxlVVJMcyh1cmxzKTsKLSAgICAgICAgICAgIGVsc2UgaWYgKHJ1 bGUtPmlzU3R5bGVSdWxlKCkgfHwgcnVsZS0+aXNQYWdlUnVsZSgpKQorICAgICAgICAgICAgZWxz ZSBpZiAocnVsZS0+aXNTdHlsZVJ1bGUoKSkKICAgICAgICAgICAgICAgICBzdGF0aWNfY2FzdDxD U1NTdHlsZVJ1bGUqPihydWxlKS0+c3R5bGVSdWxlKCktPmFkZFN1YnJlc291cmNlU3R5bGVVUkxz KHVybHMsIHRoaXMpOwogICAgICAgICB9CiAgICAgfQo=